我们从Python开源项目中,提取了以下43个代码示例,用于说明如何使用grp.getgrall()。
def __init__(self, username): ConchUser.__init__(self) self.username = username self.pwdData = pwd.getpwnam(self.username) l = [self.pwdData[3]] for groupname, password, gid, userlist in grp.getgrall(): if username in userlist: l.append(gid) self.otherGroups = l self.listeners = {} # dict mapping (interface, port) -> listener self.channelLookup.update( {"session": session.SSHSession, "direct-tcpip": forwarding.openConnectForwardingClient}) self.subsystemLookup.update( {"sftp": filetransfer.FileTransferServer})
def add_group(gname, gid=""): """ Adds a group to /etc/group. Returns "" on success or the output if addgroup failed. """ # It's not an error if the group already exists grps = grp.getgrall() for g in grps: if g.gr_name == gname: return "" cmdline = ["addgroup", gname] if gid != "": cmdline.extend(["--gid", gid]) return run_command(cmdline)
def __init__(self, username): ConchUser.__init__(self) self.username = username self.pwdData = pwd.getpwnam(self.username) l = [self.pwdData[3]] for groupname, password, gid, userlist in grp.getgrall(): if username in userlist: l.append(gid) self.otherGroups = l self.listeners = {} # Dict mapping (interface, port) -> listener self.channelLookup.update( {b"session": session.SSHSession, b"direct-tcpip": forwarding.openConnectForwardingClient}) self.subsystemLookup.update( {b"sftp": filetransfer.FileTransferServer})
def _getgroups(uid): """ Return the primary and supplementary groups for the given UID. @type uid: C{int} """ result = [] pwent = pwd.getpwuid(uid) result.append(pwent.pw_gid) for grent in grp.getgrall(): if pwent.pw_name in grent.gr_mem: result.append(grent.gr_gid) return result
def set_user(username): if username is None: return import pwd import grp try: pwrec = pwd.getpwnam(username) except KeyError: logging.error('user not found: %s' % username) raise user = pwrec[0] uid = pwrec[2] gid = pwrec[3] cur_uid = os.getuid() if uid == cur_uid: return if cur_uid != 0: logging.error('can not set user as nonroot user') # will raise later # inspired by supervisor if hasattr(os, 'setgroups'): groups = [grprec[2] for grprec in grp.getgrall() if user in grprec[3]] groups.insert(0, gid) os.setgroups(groups) os.setgid(gid) os.setuid(uid)
def initgroups(uid, primaryGid): """Initializes the group access list. This is done by reading the group database /etc/group and using all groups of which C{uid} is a member. The additional group C{primaryGid} is also added to the list. If the given user is a member of more than C{NGROUPS}, arbitrary groups will be silently discarded to bring the number below that limit. """ try: # Try to get the maximum number of groups max_groups = os.sysconf("SC_NGROUPS_MAX") except: # No predefined limit max_groups = 0 username = pwd.getpwuid(uid)[0] l = [] if primaryGid is not None: l.append(primaryGid) for groupname, password, gid, userlist in grp.getgrall(): if username in userlist: l.append(gid) if len(l) == max_groups: break # No more groups, ignore any more try: _setgroups_until_success(l) except OSError, e: # We might be able to remove this code now that we # don't try to setgid/setuid even when not asked to. if e.errno == errno.EPERM: for g in getgroups(): if g not in l: raise else: raise
def _getgroups(uid): """Return the primary and supplementary groups for the given UID. @type uid: C{int} """ result = [] pwent = pwd.getpwuid(uid) result.append(pwent.pw_gid) for grent in grp.getgrall(): if pwent.pw_name in grent.gr_mem: result.append(grent.gr_gid) return result
def user_group_membership(self, exclude_primary=True): ''' Return a list of groups the user belongs to ''' groups = [] info = self.get_pwd_info() for group in grp.getgrall(): if self.name in group.gr_mem: # Exclude the user's primary group by default if not exclude_primary: groups.append(group[0]) else: if info[3] != group.gr_gid: groups.append(group[0]) return groups
def read_users_from_passwd(dirname="/etc"): """ Reads users from /etc/passwd, /etc/shadow (if it has access) and /etc/group """ pwds = pwd.getpwall() spwds = spwd.getspall() sn = {} for s in spwds: sn[s.sp_nam] = s users = {} for p in pwds: if p.pw_uid >= UID_MIN and p.pw_uid <= UID_MAX: if p.pw_name in sn: s = sn[p.pw_name] else: #print " * I couldn't find user %s in shadow file. Are you \ #root?" % p.pw_name s = spwd.struct_spwd(["", "x", "", "", "", "", "", "", ""]) rname, office, wphone, hphone = (p.pw_gecos + ",,,").split(",")[:4] u = User(p.pw_name, p.pw_uid, rname, office, wphone, hphone, p.pw_dir, p.pw_shell, [], s.sp_min, s.sp_max, s.sp_warn, s.sp_inact, s.sp_expire, s.sp_pwd, "") if u.inact == -1: u.inact = '' if u.expire == -1: u.expire = '' users[u.name] = u grps = grp.getgrall() for g in grps: for gu in g.gr_mem: if gu in users: users[gu].groups.append(g.gr_name) return sorted_users(users)
def _drop_priv(self): if os.getuid() != 0: return groups = list(set([ g.gr_gid for g in grp.getgrall() if self.pw.pw_name in g.gr_mem ] + [ self.pw.pw_gid])) os.setgroups(groups) os.setresgid(self.pw.pw_gid, self.pw.pw_gid, self.pw.pw_gid) os.setresuid(self.pw.pw_uid, self.pw.pw_uid, self.pw.pw_uid)
def setUp(self): if POSIX: import pwd import grp users = pwd.getpwall() groups = grp.getgrall() self.all_uids = set([x.pw_uid for x in users]) self.all_usernames = set([x.pw_name for x in users]) self.all_gids = set([x.gr_gid for x in groups])
def from_local_shell(): username = os.getlogin() groups = [] for group in grp.getgrall(): if username in group.gr_mem: groups.append(group.gr_name) return JanusContext(username, groups, 'shell')
def check_write_permissions(user, path): """ Returns `True` if the given *user* has write permissions to *path*. *user* can be a UID (int) or a username (string). """ import pwd, grp, stat # Get the user's complete passwd record if isinstance(user, int): user = pwd.getpwuid(user) else: user = pwd.getpwnam(user) if user.pw_uid == 0: return True # Assume root can write to everything (NFS notwithstanding) groups = [] # A combination of user's primary GID and supplemental groups for group in grp.getgrall(): if user.pw_name in group.gr_mem: groups.append(group.gr_gid) if group.gr_gid == user.pw_gid: groups.append(group.gr_gid) st = os.stat(path) other_write = bool(st.st_mode & stat.S_IWOTH) if other_write: return True # Read/write world! owner_write = bool(st.st_mode & stat.S_IWUSR) if st.st_uid == user.pw_uid and owner_write: return True # User can write to their own file group_write = bool(st.st_mode & stat.S_IWGRP) if st.st_gid in groups and group_write: return True # User belongs to a group that can write to the file return False
def _username2supgids(self): d = collections.defaultdict(list) for g in grp.getgrall(): for u in g.gr_mem: d[u].append(g.gr_gid) return d
def deescalate_sudo(): uid = os.environ.get('SUDO_UID') gid = os.environ.get('SUDO_GID') if uid and gid: uid = int(uid) gid = int(gid) # username = pwd.getpwuid(uid).pw_name # groups = [g.gr_gid for g in grp.getgrall() if username in g.gr_mem] os.setgroups([]) # for now loose supplementary groups os.setregid(int(gid), int(gid)) os.setreuid(int(uid), int(uid))
def check(bot, msg): """Print information about an OCF user.""" user = msg.match.group(1).strip() attrs = search.user_attrs(user) if attrs is not None: groups = [grp.getgrgid(attrs['gidNumber']).gr_name] groups.extend(sorted( group.gr_name for group in grp.getgrall() if user in group.gr_mem )) groups = [ '{}{}\x0f'.format(GROUP_COLOR_MAPPING.get(group, ''), group) for group in groups ] if 'creationTime' in attrs: created = attrs['creationTime'].strftime('%Y-%m-%d') else: created = 'unknown' msg.respond( '{user} ({uid}) | {name} | created {created} | groups: {groups}'.format( user=user, uid=attrs['uidNumber'], name=attrs['cn'][0], created=created, groups=', '.join(groups), ), ping=False, ) else: msg.respond('{} does not exist'.format(user), ping=False)
def _get_user_groups(user_name): """ Get a list of groups for the user ``user_name``. """ groups = [g.gr_name for g in grp.getgrall() if user_name in g.gr_mem] gid = pwd.getpwnam(user_name).pw_gid groups.append(grp.getgrgid(gid).gr_name) return groups
def getgrouplist(name, gid): return [grp.getgrnam(gr.gr_name).gr_gid for gr in grp.getgrall() if name in gr.gr_mem]
def get_group_list(user=None, include_default=True): ''' Returns a list of all of the system group names of which the user is a member. ''' if HAS_GRP is False or HAS_PWD is False: # We don't work on platforms that don't have grp and pwd # Just return an empty list return [] group_names = None ugroups = set() if not isinstance(user, six.string_types): raise Exception if hasattr(os, 'getgrouplist'): # Try os.getgrouplist, available in python >= 3.3 log.trace('Trying os.getgrouplist for \'{0}\''.format(user)) try: group_names = [ grp.getgrgid(grpid).gr_name for grpid in os.getgrouplist(user, pwd.getpwnam(user).pw_gid) ] except Exception: pass else: # Try pysss.getgrouplist log.trace('Trying pysss.getgrouplist for \'{0}\''.format(user)) try: import pysss # pylint: disable=import-error group_names = list(pysss.getgrouplist(user)) except Exception: pass if group_names is None: # Fall back to generic code # Include the user's default group to behave like # os.getgrouplist() and pysss.getgrouplist() do log.trace('Trying generic group list for \'{0}\''.format(user)) group_names = [g.gr_name for g in grp.getgrall() if user in g.gr_mem] try: default_group = grp.getgrgid(pwd.getpwnam(user).pw_gid).gr_name if default_group not in group_names: group_names.append(default_group) except KeyError: # If for some reason the user does not have a default group pass ugroups.update(group_names) if include_default is False: # Historically, saltstack code for getting group lists did not # include the default group. Some things may only want # supplemental groups, so include_default=False omits the users # default group. try: default_group = grp.getgrgid(pwd.getpwnam(user).pw_gid).gr_name ugroups.remove(default_group) except KeyError: # If for some reason the user does not have a default group pass log.trace('Group list for user \'{0}\': \'{1}\''.format(user, sorted(ugroups))) return sorted(ugroups)
def switchuser(username): """ Switch user the process is running as. This method will only work if is are running as root. Arguments: ``username'' is the username of the user we want to run as. Returns/raises: If switch is a success, returns True. If user is unknown and we're still running as root, raises UserNotFoundError. If failing to switch, raises SwitchUserError. """ # Get UID/GID we're running as olduid = os.getuid() oldgid = os.getgid() try: # Try to get information about the given username _name, _passwd, uid, gid, _gecos, _dir, _shell = pwd.getpwnam(username) except KeyError: raise UserNotFoundError(username) else: if olduid != uid: try: # Set primary group os.setgid(gid) # Set non-primary groups gids = [] for (_name, _passwd, gid, members) in grp.getgrall(): if username in members: gids.append(gid) if len(gids) > 0: os.setgroups(gids) # Set user id os.setuid(uid) except OSError: # Failed changing uid/gid _logger.debug("Failed chaning uid/gid from %d/%d to %d/%d.", olduid, oldgid, uid, gid) raise SwitchUserError(olduid, oldgid, uid, gid) else: # Switch successful _logger.debug("uid/gid changed from %d/%d to %d/%d.", olduid, oldgid, uid, gid) return True else: # Already running as the given user _logger.debug("Running as uid/gid %d/%d.", olduid, oldgid) return True
