GNU bug report logs -
#15421
RFE: 'id +NNN' for getting group data from a uid rather than username
Previous Next
Reported by: Eric Blake <eblake <at> redhat.com>
Date: Thu, 19 Sep 2013 19:14:01 UTC
Severity: normal
Done: Pádraig Brady <P <at> draigBrady.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 15421 in the body.
You can then email your comments to 15421 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Thu, 19 Sep 2013 19:14:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Eric Blake <eblake <at> redhat.com>
:
New bug report received and forwarded. Copy sent to
bug-coreutils <at> gnu.org
.
(Thu, 19 Sep 2013 19:14:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
I just created a local user named "0" (don't ask), and noticed that
although we can do things like "chown +0:+0 file" to FORCE a file to be
owned by uid 0 (rather than the uid of my unfortunate "0" username),
it's a bit harder to learn details about a uid hidden by a poor username.
$ id 0
uid=14987(0) gid=14987(0) groups=14987(0)
$ id +0
id: +0: no such user
Of course, everyone "knows" that uid 0 is named "root", but this
question applies to any other unfortunate uid/name collision.
Therefore, I propose that we support 'id +0' as the way to say 'give me
the details about uid 0, no matter if username 0 also happens to exist'.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Thu, 19 Sep 2013 19:25:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 15421 <at> debbugs.gnu.org (full text, mbox):
On 09/19/2013 08:13 PM, Eric Blake wrote:
> I just created a local user named "0" (don't ask), and noticed that
> although we can do things like "chown +0:+0 file" to FORCE a file to be
> owned by uid 0 (rather than the uid of my unfortunate "0" username),
> it's a bit harder to learn details about a uid hidden by a poor username.
>
> $ id 0
> uid=14987(0) gid=14987(0) groups=14987(0)
> $ id +0
> id: +0: no such user
>
> Of course, everyone "knows" that uid 0 is named "root", but this
> question applies to any other unfortunate uid/name collision.
> Therefore, I propose that we support 'id +0' as the way to say 'give me
> the details about uid 0, no matter if username 0 also happens to exist'.
Yep that makes sense.
I see also that FreeBSD does this too.
I'll do that tonight.
cheers,
Pádraig.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Thu, 19 Sep 2013 19:36:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 15421 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On 09/19/2013 01:24 PM, Pádraig Brady wrote:
> On 09/19/2013 08:13 PM, Eric Blake wrote:
>> I just created a local user named "0" (don't ask), and noticed that
>> although we can do things like "chown +0:+0 file" to FORCE a file to be
>> owned by uid 0 (rather than the uid of my unfortunate "0" username),
>> it's a bit harder to learn details about a uid hidden by a poor username.
>>
>> $ id 0
>> uid=14987(0) gid=14987(0) groups=14987(0)
>> $ id +0
>> id: +0: no such user
$ id 14987
id: 14987: no such user
>>
>> Of course, everyone "knows" that uid 0 is named "root", but this
>> question applies to any other unfortunate uid/name collision.
>> Therefore, I propose that we support 'id +0' as the way to say 'give me
>> the details about uid 0, no matter if username 0 also happens to exist'.
>
> Yep that makes sense.
> I see also that FreeBSD does this too.
> I'll do that tonight.
For that matter, should 'id 0' behave like 'chown 0 file', where it
tries a username lookup first, and falls back to a uid parse? That is,
the '+0' form is useful for forcing a uid lookup, but I _like_ the
usability aspect of doing a name lookup by default with a fallback to
uid lookup, rather than requiring that id operate on name only.
In other words, I suspect we should be reusing some common code between
chown, id, and any other program that takes user identities as input, so
that in the common case of no name/uid collisions, typing a plain number
is still useful for its uid aspect without having to type a prepended +
just to force a uid lookup.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Thu, 19 Sep 2013 19:40:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 15421 <at> debbugs.gnu.org (full text, mbox):
On 09/19/2013 08:35 PM, Eric Blake wrote:
> On 09/19/2013 01:24 PM, Pádraig Brady wrote:
>> On 09/19/2013 08:13 PM, Eric Blake wrote:
>>> I just created a local user named "0" (don't ask), and noticed that
>>> although we can do things like "chown +0:+0 file" to FORCE a file to be
>>> owned by uid 0 (rather than the uid of my unfortunate "0" username),
>>> it's a bit harder to learn details about a uid hidden by a poor username.
>>>
>>> $ id 0
>>> uid=14987(0) gid=14987(0) groups=14987(0)
>>> $ id +0
>>> id: +0: no such user
>
> $ id 14987
> id: 14987: no such user
>
>>>
>>> Of course, everyone "knows" that uid 0 is named "root", but this
>>> question applies to any other unfortunate uid/name collision.
>>> Therefore, I propose that we support 'id +0' as the way to say 'give me
>>> the details about uid 0, no matter if username 0 also happens to exist'.
>>
>> Yep that makes sense.
>> I see also that FreeBSD does this too.
>> I'll do that tonight.
>
> For that matter, should 'id 0' behave like 'chown 0 file', where it
> tries a username lookup first, and falls back to a uid parse? That is,
> the '+0' form is useful for forcing a uid lookup, but I _like_ the
> usability aspect of doing a name lookup by default with a fallback to
> uid lookup, rather than requiring that id operate on name only.
>
> In other words, I suspect we should be reusing some common code between
> chown, id, and any other program that takes user identities as input, so
> that in the common case of no name/uid collisions, typing a plain number
> is still useful for its uid aspect without having to type a prepended +
> just to force a uid lookup.
Yes exactly.
We'd need to do that for compat anyway.
cheers,
Pádraig.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Thu, 19 Sep 2013 19:42:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 15421 <at> debbugs.gnu.org (full text, mbox):
On Thu, Sep 19, 2013 at 12:13 PM, Eric Blake <eblake <at> redhat.com> wrote:
> I just created a local user named "0" (don't ask), and noticed that
> although we can do things like "chown +0:+0 file" to FORCE a file to be
> owned by uid 0 (rather than the uid of my unfortunate "0" username),
> it's a bit harder to learn details about a uid hidden by a poor username.
>
> $ id 0
> uid=14987(0) gid=14987(0) groups=14987(0)
> $ id +0
> id: +0: no such user
>
> Of course, everyone "knows" that uid 0 is named "root", but this
> question applies to any other unfortunate uid/name collision.
> Therefore, I propose that we support 'id +0' as the way to say 'give me
> the details about uid 0, no matter if username 0 also happens to exist'.
Makes sense, and like the chown "feature", it should be safe.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Thu, 19 Sep 2013 23:02:01 GMT)
Full text and
rfc822 format available.
Message #20 received at 15421 <at> debbugs.gnu.org (full text, mbox):
Eric Blake wrote:
> > Eric Blake wrote:
> >> I just created a local user named "0" (don't ask), and noticed that
I see nothing wrong with that. Or a user named "42" either.
> >> although we can do things like "chown +0:+0 file" to FORCE a file to be
> >> owned by uid 0 (rather than the uid of my unfortunate "0" username),
> >> it's a bit harder to learn details about a uid hidden by a poor username.
How is "root" hidden by having a user "0" created?
To be clear I have no objection about the proposed functionality. I
am just pedantically objecting that having a numeric name hides
anything.
> >> $ id 0
> >> uid=14987(0) gid=14987(0) groups=14987(0)
> >> $ id +0
> >> id: +0: no such user
>
> $ id 14987
> id: 14987: no such user
Exactly. User "0" does not hide "root". This is just orthogonal
functionality that had not previously existed.
$ id root
uid=0(root) gid=0(root) groups=0(root)
$ id 0
id: 0: no such user
There is however 'getent'.
$ getent passwd 0
root:x:0:0:root:/root:/bin/bash
$ getent passwd 0 | awk -F: '{print$1}'
root
> >> Of course, everyone "knows" that uid 0 is named "root", but this
It is a convention that if changed would cause endless needless
problems. Renaming "root" to say "superuser" (or "admin") should work
okay in principle. Except that we would find endless scripts that
look for "root" instead of uid==0 and it just isn't worth the trouble
to break the convention of using the user named "root".
> >> question applies to any other unfortunate uid/name collision.
> >> Therefore, I propose that we support 'id +0' as the way to say 'give me
> >> the details about uid 0, no matter if username 0 also happens to exist'.
It is okay with me if additional functionality is added to use numbers
directly. I have no objection. For chown there is direct utility. I
haven't run across a case where I needed it in id. I would have used
getent if there were. But I don't see any problem with adding the
direct use of id number functionality to id.
> For that matter, should 'id 0' behave like 'chown 0 file', where it
> tries a username lookup first, and falls back to a uid parse? That is,
> the '+0' form is useful for forcing a uid lookup, but I _like_ the
> usability aspect of doing a name lookup by default with a fallback to
> uid lookup, rather than requiring that id operate on name only.
At first glance I see no backward compatibility issues.
Bob
Reply sent
to
Pádraig Brady <P <at> draigBrady.com>
:
You have taken responsibility.
(Fri, 20 Sep 2013 12:02:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Eric Blake <eblake <at> redhat.com>
:
bug acknowledged by developer.
(Fri, 20 Sep 2013 12:02:03 GMT)
Full text and
rfc822 format available.
Message #25 received at 15421-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On 09/19/2013 08:24 PM, Pádraig Brady wrote:
> On 09/19/2013 08:13 PM, Eric Blake wrote:
>> I just created a local user named "0" (don't ask), and noticed that
>> although we can do things like "chown +0:+0 file" to FORCE a file to be
>> owned by uid 0 (rather than the uid of my unfortunate "0" username),
>> it's a bit harder to learn details about a uid hidden by a poor username.
>>
>> $ id 0
>> uid=14987(0) gid=14987(0) groups=14987(0)
>> $ id +0
>> id: +0: no such user
>>
>> Of course, everyone "knows" that uid 0 is named "root", but this
>> question applies to any other unfortunate uid/name collision.
>> Therefore, I propose that we support 'id +0' as the way to say 'give me
>> the details about uid 0, no matter if username 0 also happens to exist'.
>
> Yep that makes sense.
> I see also that FreeBSD does this too.
The attached should address this, in combination with:
http://lists.gnu.org/archive/html/bug-gnulib/2013-09/msg00043.html
thanks,
Pádraig.
[id-uid.patch (text/x-patch, attachment)]
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Fri, 20 Sep 2013 13:26:03 GMT)
Full text and
rfc822 format available.
Message #28 received at 15421-done <at> debbugs.gnu.org (full text, mbox):
> On September 20, 2013 at 2:01 PM Pádraig Brady <P <at> draigBrady.com> wrote:
> The attached should address this, in combination with:
> http://lists.gnu.org/archive/html/bug-gnulib/2013-09/msg00043.html
The patch looks good.
Minor nit: maybe pw_name should be IF_LINT(free())d ... which
would require to remove the const qualifier on pw_name.
Thanks & have a nice day,
Berny
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#15421
; Package
coreutils
.
(Fri, 20 Sep 2013 13:47:02 GMT)
Full text and
rfc822 format available.
Message #31 received at 15421 <at> debbugs.gnu.org (full text, mbox):
On 09/20/2013 02:24 PM, Bernhard Voelker wrote:
>> On September 20, 2013 at 2:01 PM Pádraig Brady <P <at> draigBrady.com> wrote:
>> The attached should address this, in combination with:
>> http://lists.gnu.org/archive/html/bug-gnulib/2013-09/msg00043.html
>
> The patch looks good.
> Minor nit: maybe pw_name should be IF_LINT(free())d ... which
> would require to remove the const qualifier on pw_name.
Excellent, Done.
That gets rid of a valgrind "definitely lost" warning.
thanks,
Pádraig.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Sat, 19 Oct 2013 11:24:03 GMT)
Full text and
rfc822 format available.
This bug report was last modified 10 years and 201 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.