[PATCH] find: implement -nouser, -nogroup
Kang-Che Sung
explorer09 at gmail.com
Sun Jan 29 07:56:59 UTC 2023
On Sunday, January 29, 2023, David Leonard <
d+busybox at adaptive-enterprises.com> wrote:
>
> Resending patch for 'find -nouser', 'find -nogroup'. Refreshed bloatcheck
>
> Subject: [PATCH] find: implement -nouser, -nogroup
>
> https://pubs.opengroup.org/onlinepubs/9699919799/utilities/find.html
>
> -nouser
> The primary shall evaluate as true if the file belongs to a user ID
> for which the getpwuid() function defined in the System Interfaces
> volume of POSIX.1-2017 (or equivalent) returns NULL.
>
> -nogroup
> The primary shall evaluate as true if the file belongs to a group ID
> for which the getgrgid() function defined in the System Interfaces
> volume of POSIX.1-2017 (or equivalent) returns NULL.
>
> function old new delta
> parse_params 1811 1845 +34
> func_nouser - 24 +24
> func_nogroup - 24 +24
> static.params 275 292 +17
> .rodata 100767 100775 +8
> packed_usage 34553 34541 -12
>
------------------------------------------------------------------------------
> (add/remove: 2/0 grow/shrink: 3/1 up/down: 107/-12) Total: 95
bytes
> text data bss dec hex filename
> 1064435 16587 1816 1082838 1085d6 busybox_old
> 1064530 16587 1816 1082933 108635 busybox_unstripped
> ---
> findutils/find.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 46 insertions(+)
>
> diff --git a/findutils/find.c b/findutils/find.c
> index 40f66ab2e..2a0a867e3 100644
> --- a/findutils/find.c
> +++ b/findutils/find.c
> @@ -197,6 +197,16 @@
> //config: default y
> //config: depends on FIND
> //config:
> +//config:config FEATURE_FIND_NOUSER
> +//config: bool "Enable -nouser matching"
> +//config: default y
> +//config: depends on FIND
> +//config:
> +//config:config FEATURE_FIND_NOGROUP
> +//config: bool "Enable -nogroup matching"
> +//config: default y
> +//config: depends on FIND
> +//config:
> //config:config FEATURE_FIND_NOT
> //config: bool "Enable the 'not' (!) operator"
> //config: default y
> @@ -373,6 +383,12 @@
> //usage: IF_FEATURE_FIND_GROUP(
> //usage: "\n -group NAME/ID File is owned by given group"
> //usage: )
> +//usage: IF_FEATURE_FIND_NOUSER(
> +//usage: "\n -nouser File is owned by unknown uid"
> +//usage: )
> +//usage: IF_FEATURE_FIND_NOGROUP(
> +//usage: "\n -nogroup File is owned by unknown gid"
> +//usage: )
> //usage: IF_FEATURE_FIND_SIZE(
> //usage: "\n -size N[bck] File size is N
(c:bytes,k:kbytes,b:512 bytes(def.))"
> //usage: "\n +/-N: file size is bigger/smaller
than N"
> @@ -466,6 +482,8 @@ IF_FEATURE_FIND_NEWER( ACTS(newer, time_t
newer_mtime;))
> IF_FEATURE_FIND_INUM( ACTS(inum, ino_t inode_num;))
> IF_FEATURE_FIND_SAMEFILE(ACTS(samefile, ino_t inode_num; dev_t device;))
> IF_FEATURE_FIND_USER( ACTS(user, uid_t uid;))
> +IF_FEATURE_FIND_NOUSER( ACTS(nouser))
> +IF_FEATURE_FIND_NOUSER( ACTS(nogroup))
Typo. (Should be IF_FEATURE_FIND_NOGROUP)
> IF_FEATURE_FIND_SIZE( ACTS(size, char size_char; off_t size;))
> IF_FEATURE_FIND_CONTEXT(ACTS(context, security_context_t context;))
> IF_FEATURE_FIND_PAREN( ACTS(paren, action ***subexpr;))
> @@ -891,6 +909,18 @@ ACTF(group)
> return (statbuf->st_gid == ap->gid);
> }
> #endif
> +#if ENABLE_FEATURE_FIND_NOUSER
> +ACTF(nouser)
> +{
> + return !getpwuid(statbuf->st_uid);
> +}
I think there is a logic hole here.
getpwuid may return a NULL pointer on an error that's not "UID not found in
database".
Although your logic written like this conforms to POSIX, I don't know
whether in practice this would bring in security risk.
> +#endif
> +#if ENABLE_FEATURE_FIND_NOGROUP
> +ACTF(nogroup)
> +{
> + return !getgrgid(statbuf->st_gid);
> +}
Same problem as above (getgrgid may return NULL on an error other than "not
found")
> +#endif
> #if ENABLE_FEATURE_FIND_PRINT0
> ACTF(print0)
> {
> @@ -1144,6 +1174,8 @@ static action*** parse_params(char **argv)
> IF_FEATURE_FIND_QUIT( PARM_quit ,)
> IF_FEATURE_FIND_DELETE( PARM_delete ,)
> IF_FEATURE_FIND_EMPTY( PARM_empty ,)
> + IF_FEATURE_FIND_NOUSER( PARM_nouser ,)
> + IF_FEATURE_FIND_NOGROUP(PARM_nogroup ,)
> IF_FEATURE_FIND_EXEC( PARM_exec ,)
> IF_FEATURE_FIND_EXEC_OK(PARM_ok ,)
> IF_FEATURE_FIND_EXECUTABLE(PARM_executable,)
> @@ -1196,6 +1228,8 @@ static action*** parse_params(char **argv)
> IF_FEATURE_FIND_QUIT( "-quit\0" )
> IF_FEATURE_FIND_DELETE( "-delete\0" )
> IF_FEATURE_FIND_EMPTY( "-empty\0" )
> + IF_FEATURE_FIND_NOUSER( "-nouser\0" )
> + IF_FEATURE_FIND_NOGROUP("-nogroup\0" )
> IF_FEATURE_FIND_EXEC( "-exec\0" )
> IF_FEATURE_FIND_EXEC_OK("-ok\0" )
> IF_FEATURE_FIND_EXECUTABLE("-executable\0")
> @@ -1594,6 +1628,18 @@ static action*** parse_params(char **argv)
> ap->gid = xgroup2gid(arg1);
> }
> #endif
> +#if ENABLE_FEATURE_FIND_NOUSER
> + else if (parm == PARM_nouser) {
> + dbg("%d", __LINE__);
> + (void) ALLOC_ACTION(nouser);
> + }
> +#endif
> +#if ENABLE_FEATURE_FIND_NOGROUP
> + else if (parm == PARM_nogroup) {
> + dbg("%d", __LINE__);
> + (void) ALLOC_ACTION(nogroup);
> + }
> +#endif
> #if ENABLE_FEATURE_FIND_SIZE
> else if (parm == PARM_size) {
> /* -size n[bckw]: file uses n units of space
> --
> 2.34.1
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20230129/d4b8791c/attachment.html>
More information about the busybox
mailing list