1. CHAPTER 6. SYSTEM DATA FILES AND INFORMATION System Programming 本份投影片大量參考熊博安教授的系統程式投影片 羅習五 國立中正大學資訊工程學系 shiwulo@cs.ccu.edu.twshiwulo@cs.ccu.edu.twClass: EA-001 (05)2720411 ext. 33116Office: EA-517

2. Introduction System Files: password file: /etc/passwd group file: /etc/group A portable interface for application programs to access these system files Time and date functions Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 2

3. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 3 Password File ASCII text: /etc/passwd passwd structure in

4. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 4 Password File 3 more fields in FreeBSD 5.2.1 and Mac OS X 10.3 user access class: char *pw_class next time to change password: time_t pw_change account expiration time: time_t pw_expire

5. Mac OS X OS X is based upon the Mach kernel. Certain parts from FreeBSD's and NetBSD's implementation of Unix were incorporated in NeXTSTEP, the core of Mac OS X. Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 5

6. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 6 Password File root: superuser, UID=0 root:x:0:0:root:/root:/bin/bash device account, no login allowed squid:x:23:23::/var/spool/squid:/dev/null guest, no priviledges nobody:x:65534:65534:Nobody:/home/bin/sh normal user account sar:x:205:105:Stephen Rago:/home/sar:/bin/bash

7. /bin/false 這裡比較需要注意的是，有一個 shell 可以用來替代成讓帳 號無法登入的指令！那就是 /bin/false 這個東西！這也可以 用來製作純 pop 郵件帳號者的資料呢！ Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 7

8. passwd on Mac OS X nobody:*:-2:-2:Unprivileged User:/var/empty:/usr/bin/false root:*:0:0:System Administrator:/var/root:/bin/sh daemon:*:1:1:System Services:/var/root:/usr/bin/false Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 8

9. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 9 Password File Comment field: Steve Rago, SF 5-121, 555-1111, 555-2222 Name, Office, Phone Numbers, etc. vipw command edits password file serializes changes to password file

10. man vipw VIPW(8) BSD System Manager's Manual VIPW(8) NAME vipw -- edit the password file SYNOPSIS vipw DESCRIPTION Vipw edits the password file after setting the appropriate locks, and does any necessary processing after the password file is unlocked. If the password file is already locked for editing by another user, vipw will ask you to try again later. The default editor for vipw is vi(1). Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 10

11. Functions to fetch entries #include struct passwd *getpwuid(uid_t uid); struct passwd *getpwnam(const char *name); Return: pointer to passwd structure if OK, NULL on error Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 11

12. The getpwuid function is used by the ls (1) program to map the numerical user ID contained in an i-node into a user’s login name. The getpwnam function is used by the login (1) program when we enter our login name. Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 12

13. Go through passwd file #include struct passwd *getpwent(void); Returns: pointer if OK, NULL on error/EOF void setpwent(void); //rewinds files void endpwent(void); //closes files Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 13

14. Fig. 6.2: Implement getpwnam 1. #include 2. #include 3. #include 4. struct passwd * 5. getpwnam(const char *name) 6. { 7. struct passwd *ptr; 8. 9. setpwent(); 10. while ( (ptr = getpwent()) != NULL) { 11. if (strcmp(name, ptr->pw_name) == 0) 12. break;/* found a match */ 13. } 14. endpwent(); 15. return(ptr);/* ptr is NULL if no match found */ 16. } Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 14

15. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 15 Shadow Passwords Encrypted passwords  /etc/shadow or /etc/master.passwd Shadow is readable only by root /etc/passwd is world-readable Cannot access encrypted passwd data for guessing the real passwords!

16. Shadow Passwords Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 16 Descriptionstruct spwd member user login namechar *sp_namp encrypted passwordchar *sp_pwdp days since Epoch of last password change int sp_lstchg days until change allowedint sp_min days before change requiredint sp_max days warning for expirationint sp_warn days before account inactiveint sp_inact days since Epoch when account expires int sp_expire reservedunsigned int sp_flag

17. Shadow Passwords Linux 2.4.22 and Solaris 9 Separate set of functions to access shadow passwords #include struct spwd *getspnam(const char *name); struct spwd *getspent(void); Return: pointer if OK, NULL on error void setspent(void); void endspent(void); Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 17

18. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 18 Group File ASCII text: /etc/group group structure in

19. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 19 Lookup group entry #include struct group *getgrgid(gid_t gid); struct group *getgrnam(const char *name); Return: pointer if OK, NULL on error

20. Search group file #include struct group *getgrent(void); /* read next entry */ Returns: pointer if OK, NULL on error/EOF void setgrent(void); /* rewind group file */ void endgrent(void); /* close group file */ Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 20

21. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 21 Supplementary Group IDs POSIX.1 requirement A user could belong to a group with GID in password file, and A user could at the same time belong to up to 16 additional supplementary groups No need to change groups using newgrp() as we did before

22. Supplementary Group IDs #include int getgroups(int gidsetsize, gid_t grouplist[]); Returns: #supp GIDs if OK, -1 on error #include /* on Linux */ #include /*on FreeBSD, Mac OS X, Solaris*/ int setgroups(int ngroups, const gid_t grouplist[]); #include /* on Linux, Solaris */ #include /*on FreeBSD, Mac OS X */ int initgroups(const char *username, gid_t basegid); Both return: 0 if OK, -1 on error Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 22

23. Supplementary Group IDs getgroups Fills grouplist with gidsetsize group IDs setgroups set supplementary GID for calling process initgroups reads entire group file ( getgrent, setgrent, endgrent ) calls setgroups to initialize supplementary GIDs basegid (from password file) is also included called by login Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 23

24. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 24 Implementation Differences InfoFreeBSD 5.2.1 Linux 2.4.22 Mac OS X 10.3 Solaris 9 Account Info /etc/passwd netinfo/etc/passwd Encrypted Password /etc/master. passwd /etc/shadownetinfo/etc/shadow Hashed Password Files? Yes /etc/pwd.db /etc/spwd.db No Group Info/etc/group netinfo/etc/group

25. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 25 Other Data Files (Fig. 6.6) Similar routines to access the data files: get, set, end

26. Login Accounting utmp: currently logged-in users wtmp: all logins and logouts struct utmp { char ut_line[8]; /* tty line */ char ut_name[8]; /* login name */ long ut_time; /* secs since Epoch */ }; Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 26

27. System Identification 1.#include 2.int uname(struct utsname *name); Returns: non-neg value if OK, -1 on error 3.struct utsname { 4. char sysname[]; /* name of OS */ 5. char nodename[]; /* name of node */ 6. char release[]; /* OS release */ 7. char version[]; /* OS version */ 8. char machine[]; /* name of hardware type */ 9.}; Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 27

28. uname UNAME(1) BSD General Commands Manual UNAME(1) NAME uname -- Print operating system name SYNOPSIS uname [-amnprsv] DESCRIPTION The uname utility writes symbols representing one or more system charac- teristics to the standard output. The following options are available: -a Behave as though all of the options -mnrsv were specified. -m print the machine hardware name. -n print the nodename (the nodename may be a name that the system is Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 28

29. System Identification 1.#include 2.int gethostname(char *name, int namelen); Returns: 0 if OK, -1 on error Null-terminated name if enough space POSIX.1: HOST_NAME_MAX Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 29

30. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 30 Time and Date Routines #seconds since Epoch: 00:00:00 1970/1/1, UTC Different from other OS: keeping time in UTC, instead of local time automatic time conversions E.g.: daylight saving time keeping time and date as a single quantity

31. time & gettimeofday functions 1.#include 2.time_t time(time_t *calptr); Returns: value of time if OK, -1 on error time is stored in calptr if not NULL 1.#include 2.int gettimeofday(struct timeval *restrict tp, void *restrict tzp); Returns: 0 always Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 31 struct timeval { time_t tv_sec; /* sec */ long tv_usec; /*microsec*/ };

32. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 32 Time functions Affected by TZ env var: localtime, mktime, ctime, strftime

33. Broken down time 1.struct tm { 2.int tm_sec; /* secs after the minute: [0-60] */ 3.int tm_min; /* minutes after the hour: [0-59] */ 4.int tm_hour; /* hours after midnight: [0-23] */ 5.int tm_mday; /* day of month: [1-31] */ 6.int tm_mon; /* month of year: [0-11] */ 7.int tm_year; /* years since 1990 */ 8.int tm_wday; /* days since Sunday: [0-6] */ 9.int tm_yday; /* days since Jan 1: [0-365] */ 10.int tm_isdst; /* daylight saving time flag: 0 */ 11.}; Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 33

34. Time functions 1.#include 2.struct tm *gmtime(const time_t *calptr); 3.struct tm *localtime(const time_t *calptr); Return: pointer to broken-down time 1.time_t mktime(struct tm *tmptr); Returns: calendar time if OK, -1 on error Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 34

35. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 35 Time functions date: Tue Jan 14 17:49:03 1992\n\0 totally 26-bytes 1.char *asctime(const struct tm *tmptr); 2.char *ctime(const time_t *calptr); Return: pointer to string

36. Time function 1.size_t strftime(char *buf, size_t maxsize, const char *format, const struct tm *tmptr); Returns: #char stored in buf if room, else 0 Time value from tmptr is formatted according to format and stored in buf of size maxsize, if there is enough room, otherwise 0 is returned. Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 36

37. Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 37 Conversion Specifiers for Time Formats in strftime()

38. Time Zone (TZ env var) Functions affected by TZ: localtime(), mktime(), ctime(), strftime() E.g.: TZ=EST5EDT Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 38 Lookup Time Zone Abbreviations: http://www.timeanddate.com/library/abbreviations/timezones/ About Daylight Saving Time (DST) (in Chinese) http://ccbearyeh.blogspot.com/2007/03/daylight-saving-time.html