package user

import "github.com/tredoe/osutil/user"

Package user provides access to UNIX users database in local files.

You must have enough privileges to access to databases in shadowed files '/etc/shadow' and '/etc/gshadow'. This usually means have to be root. Note: those files are backed-up before of be modified.

In testing, to print the configuration read from the system, there is to use "-v" flag.

Index

Constants 

const (
	G_NAME groupField = 1 << iota
	G_PASSWD
	G_GID
	G_MEMBER

	G_ALL
)

Field names for group database. 

const (
	GS_NAME gshadowField = 1 << iota
	GS_PASSWD
	GS_ADMIN
	GS_MEMBER

	GS_ALL
)

Field names for shadowed group database. 

const (
	S_NAME shadowField = 1 << iota
	S_PASSWD
	S_CHANGED
	S_MIN
	S_MAX
	S_WARN
	S_INACTIVE
	S_EXPIRE
	S_FLAG

	S_ALL
)

Field names for shadowed password database. 

const (
	U_NAME userField = 1 << iota
	U_PASSWD
	U_UID
	U_GID
	U_GECOS
	U_DIR
	U_SHELL

	U_ALL // To get lines without searching into a field.
)

Field names for user database.

Variables 

var (
	ErrUserExist  = errors.New("user already exists")
	ErrGroupExist = errors.New("group already exists")
)
var DO_BACKUP = true

DO_BACKUP does a backup before of modify the original files. 

var ErrNoMembers = errors.New("no members to remove")
var ErrShadowPasswd = errors.New("no found user with shadowed passwd")

Functions

func AddGroup 

func AddGroup(name string, members ...string) (gid int, err error)

AddGroup adds a group.

func AddSystemGroup 

func AddSystemGroup(name string, members ...string) (gid int, err error)

AddSystemGroup adds a system group.

func AddSystemUser 

func AddSystemUser(name, homeDir string, gid int) (uid int, err error)

AddSystemUser adds a system user to both user and shadow files.

func AddUser 

func AddUser(name string, gid int) (uid int, err error)

AddUser adds an user to both user and shadow files.

func AddUsersToGroup 

func AddUsersToGroup(name string, members ...string) error

AddUsersToGroup adds the members to a group.

func ChGPasswd 

func ChGPasswd(group string, key []byte) error

ChGPasswd updates group passwd. The passwd must be supplied in clear-text.

func ChPasswd 

func ChPasswd(user string, key []byte) error

ChPasswd updates passwd. The passwd must be supplied in clear-text.

func DelGroup 

func DelGroup(name string) (err error)

DelGroup removes a group from the system.

func DelUser 

func DelUser(name string) (err error)

DelUser removes an user from the system.

func DelUsersInGroup 

func DelUsersInGroup(name string, members ...string) error

DelUsersInGroup removes the specific members from a group.

func GetUsername 

func GetUsername() string

GetUsername returns the user name from the password database for the actual process. It panics whther there is an error at searching the UID.

func GetUsernameFromEnv 

func GetUsernameFromEnv() string

GetUsernameFromEnv returns the user name from the environment variable for the actual process.

func Getgroups 

func Getgroups() []int

Getgroups returns a list of the numeric ids of groups that the caller belongs to.

func GetgroupsName 

func GetgroupsName() []string

GetgroupsName returns a list of the groups that the caller belongs to.

func IsExist 

func IsExist(err error) bool

IsExist returns whether the error is known to report that an user or group already exists. It is satisfied by ErrUserExist and ErrGroupExist.

func LockUser 

func LockUser(name string) error

LockUser locks the passwd of the given user.

func NextGID 

func NextGID() (int, error)

NextGID returns the next free group id to use.

func NextSystemGID 

func NextSystemGID() (int, error)

NextSystemGID returns the next free system group id to use.

func NextSystemUID 

func NextSystemUID() (int, error)

NextSystemUID returns the next free system user id to use.

func NextUID 

func NextUID() (int, error)

NextUID returns the next free user id to use.

func SetCrypter 

func SetCrypter(c crypt.Crypt)

SetCrypter sets the crypt function to can hash the passwords. The type "crypt.Crypt" comes from package "github.com/tredoe/osutil/user/crypt".

func UnlockUser 

func UnlockUser(name string) error

UnlockUser unlocks the passwd of the given user.

Types

type EmptyMemberError 

type EmptyMemberError string

EmptyMemberError reports an empty member.

func (EmptyMemberError) Error 

func (e EmptyMemberError) Error() string

type GShadow 

type GShadow struct {
	// Group name. (Unique)
	//
	// It must be a valid group name, which exist on the system.
	Name string

	// Group administrator list
	//
	// It must be a comma-separated list of user names.
	//
	// Administrators can change the password or the members of the group.
	// Administrators also have the same permissions as the members (see below).
	AdminList []string

	// Group member list
	//
	// It must be a comma-separated list of user names.
	//
	// Members can access the group without being prompted for a password.
	// You should use the same list of users as in /etc/group.
	UserList []string
	// contains filtered or unexported fields
}

A GShadow represents the format of the shadowed information for a group account.

func LookupGShadow 

func LookupGShadow(name string) (*GShadow, error)

LookupGShadow looks up a shadowed group by name.

func LookupInGShadow 

func LookupInGShadow(field gshadowField, value string, n int) ([]*GShadow, error)

LookupInGShadow looks up a shadowed group by the given values.

The count determines the number of fields to return: 

n > 0: at most n fields
n == 0: the result is nil (zero fields)
n < 0: all fields

func NewGShadow 

func NewGShadow(username string, members ...string) *GShadow

NewGShadow returns a new GShadow.

func (*GShadow) Add 

func (gs *GShadow) Add(key []byte) (err error)

Add adds a new shadowed group. If the key is not nil, generates a hashed password.

It is created a backup before of modify the original file.

func (*GShadow) Passwd 

func (gs *GShadow) Passwd(key []byte)

Passwd sets a hashed passwd for the actual group. The passwd must be supplied in clear-text.

func (*GShadow) String 

func (gs *GShadow) String() string

type Group 

type Group struct {
	// Group name. (Unique)
	Name string

	// The numeric group ID. (Unique)
	GID int

	// User list
	//
	// A list of the usernames that are members of this group, separated by commas.
	UserList []string
	// contains filtered or unexported fields
}

A Group represents the format of a group on the system.

func LookupGID 

func LookupGID(gid int) (*Group, error)

LookupGID looks up a group by group ID.

func LookupGroup 

func LookupGroup(name string) (*Group, error)

LookupGroup looks up a group by name.

func LookupInGroup 

func LookupInGroup(field groupField, value interface{}, n int) ([]*Group, error)

LookupInGroup looks up a group by the given values.

The count determines the number of fields to return: 

n > 0: at most n fields
n == 0: the result is nil (zero fields)
n < 0: all fields

func NewGroup 

func NewGroup(name string, members ...string) *Group

NewGroup returns a new Group.

func NewSystemGroup 

func NewSystemGroup(name string, members ...string) *Group

NewSystemGroup adds a system group.

func (*Group) Add 

func (g *Group) Add() (gid int, err error)

Add adds a new group. Whether GID is < 0, it will choose the first id available in the range set in the system configuration.

func (*Group) IsOfSystem 

func (g *Group) IsOfSystem() bool

IsOfSystem indicates whether it is a system group.

func (*Group) String 

func (g *Group) String() string

type HomeError 

type HomeError string

A HomeError reports an error at adding an account with invalid home directory.

func (HomeError) Error 

func (e HomeError) Error() string

type IdRangeError 

type IdRangeError struct {
	LastId   int
	IsSystem bool
	IsUser   bool
}

IdRangeError records an error during the search for a free id to use.

func (*IdRangeError) Error 

func (e *IdRangeError) Error() string

type IdUsedError 

type IdUsedError int

IdUsedError reports the presence of an identifier already used.

func (IdUsedError) Error 

func (e IdUsedError) Error() string

type NoFoundError 

type NoFoundError struct {
	// contains filtered or unexported fields
}

A NoFoundError reports the absence of a value.

func (NoFoundError) Error 

func (e NoFoundError) Error() string

type RequiredError 

type RequiredError string

A RequiredError reports the name of a required field.

func (RequiredError) Error 

func (e RequiredError) Error() string

type Shadow 

type Shadow struct {
	// Login name. (Unique)
	//
	// It must be a valid account name, which exist on the system.
	Name string

	// Minimum password age
	//
	// The minimum password age is the number of days the user will have to wait
	// before he will be allowed to change her password again.
	//
	// An empty field and value 0 mean that there are no minimum password age.
	Min int

	// Maximum password age
	//
	// The maximum password age is the number of days after which the user will
	// have to change her password.
	//
	// After this number of days is elapsed, the password may still be valid.
	// The user should be asked to change her password the next time he will
	// log in.
	//
	// An empty field means that there are no maximum password age, no password
	// warning period, and no password inactivity period (see below).
	//
	// If the maximum password age is lower than the minimum password age, the
	// user cannot change her password.
	Max int

	// Password warning period
	//
	// The number of days before a password is going to expire (see the maximum
	// password age above) during which the user should be warned.
	//
	// An empty field and value 0 mean that there are no password warning period.
	Warn int

	// Password inactivity period
	//
	// The number of days after a password has expired (see the maximum password
	// age above) during which the password should still be accepted (and the
	// user should update her password during the next login).
	//
	// After expiration of the password and this expiration period is elapsed,
	// no login is possible using the current user's password.
	// The user should contact her administrator.
	//
	// An empty field means that there are no enforcement of an inactivity period.
	Inactive int
	// contains filtered or unexported fields
}

A Shadow represents the format of the information for a system's account and optional aging information.

The fields "changed" and "expire" deal with days from Jan 1, 1970; but since package "time" deals with seconds, there is to divide it between the seconds that a day has (24*60*60) which is done by functions "setChange" and "SetExpire".

To simulate an empty field in numeric fields, it is used a negative value.

func LookupInShadow 

func LookupInShadow(field shadowField, value interface{}, n int) ([]*Shadow, error)

LookupInShadow looks up a shadowed password by the given values.

The count determines the number of fields to return: 

n > 0: at most n fields
n == 0: the result is nil (zero fields)
n < 0: all fields

func LookupShadow 

func LookupShadow(name string) (*Shadow, error)

LookupShadow looks for the entry for the given user name.

func NewShadow 

func NewShadow(username string) *Shadow

NewShadow returns a structure Shadow with fields "Min", "Max" and "Warn" got from the system configuration, and enabling the features of password aging.

func (*Shadow) Add 

func (s *Shadow) Add(key []byte) (err error)

Add adds a new shadowed user. If the key is not nil, generates a hashed password.

It is created a backup before of modify the original file.

func (*Shadow) DisableAging 

func (s *Shadow) DisableAging()

DisableAging disables the features of password aging.

func (*Shadow) EnableAging 

func (s *Shadow) EnableAging()

EnableAging enables the features of password aging.

func (*Shadow) Passwd 

func (s *Shadow) Passwd(key []byte)

Passwd sets a hashed passwd for the actual user. The passwd must be supplied in clear-text.

func (*Shadow) SetChangePasswd 

func (s *Shadow) SetChangePasswd()

SetChangePasswd sets the account for that the user change her pasword the next time he will log in the system.

func (*Shadow) SetExpire 

func (s *Shadow) SetExpire(t *time.Time)

SetExpire sets the date of expiration of the account.

func (*Shadow) String 

func (s *Shadow) String() string

type User 

type User struct {
	// Login name. (Unique)
	Name string

	// Numerical user ID. (Unique)
	UID int

	// Numerical group ID
	GID int

	// User name or comment field
	//
	// The comment field is used by various system utilities, such as "finger(1)".
	Gecos string

	// User home directory
	//
	// The home directory field provides the name of the initial working
	// directory. The login program uses this information to set the value of
	// the $HOME environmental variable.
	Dir string

	// Optional user command interpreter
	//
	// The command interpreter field provides the name of the user's command
	// language interpreter, or the name of the initial program to execute.
	// The login program uses this information to set the value of the "$SHELL"
	// environmental variable. If this field is empty, it defaults to the value
	// "/bin/sh".
	Shell string
	// contains filtered or unexported fields
}

An User represents an user account.

func LookupInUser 

func LookupInUser(field userField, value interface{}, n int) ([]*User, error)

LookupInUser looks up an user by the given values.

The count determines the number of fields to return: 

n > 0: at most n fields
n == 0: the result is nil (zero fields)
n < 0: all fields

func LookupUID 

func LookupUID(uid int) (*User, error)

LookupUID looks up an user by user ID.

func LookupUser 

func LookupUser(name string) (*User, error)

LookupUser looks up an user by name.

func NewSystemUser 

func NewSystemUser(name, homeDir string, gid int) *User

NewSystemUser returns a new system user.

func NewUser 

func NewUser(name string, gid int) *User

NewUser returns a new User with both fields "Dir" and "Shell" got from the system configuration.

func (*User) Add 

func (u *User) Add() (uid int, err error)

Add adds a new user. Whether UID is < 0, it will choose the first id available in the range set in the system configuration.

func (*User) IsOfSystem 

func (u *User) IsOfSystem() bool

IsOfSystem indicates whether it is a system user.

func (*User) String 

func (u *User) String() string

Source Files

config_linux.go crypt.go dbfile.go doc.go error.go file.go group.go gshadow.go id.go shadow.go user.go util.go

Directories

PathSynopsis
user/cryptPackage crypt provides interface for password crypt functions and collects common constants.
user/crypt/apr1_cryptPackage apr1_crypt implements the standard Unix MD5-crypt algorithm created by Poul-Henning Kamp for FreeBSD, and modified by the Apache project.
user/crypt/commonPackage common contains routines used by multiple password hashing algorithms.
user/crypt/md5_cryptPackage md5_crypt implements the standard Unix MD5-crypt algorithm created by Poul-Henning Kamp for FreeBSD.
user/crypt/sha256_cryptPackage sha256_crypt implements Ulrich Drepper's SHA256-crypt password hashing algorithm.
user/crypt/sha512_cryptPackage sha512_crypt implements Ulrich Drepper's SHA512-crypt password hashing algorithm.
Version
v1.5.0 (latest)
Published
Jun 4, 2024
Platform
linux/amd64
Imports
20 packages
Last checked
1 day ago

Tools for package owners.