Retrieves multiple group attributes in the group database.
Security Library (libc.a)
#include <usersec.h>
int getgroupattrs (Group, Attributes, Count)
char * Group;
dbattr_t * Attributes;
int Count
The getgroupattrs subroutine accesses group information. Because of its greater granularity and extensibility, use it instead of the getgrent routines.
The getgroupattrs subroutine reads one or more attributes from the group database. If the database is not already open, this subroutine does an implicit open for reading. A call to the getgroupattrs subroutine with an Attributes parameter of null and Count parameter of 0 for every new group verifies that the group exists.
Use the setuserdb and enduserdb subroutines to open and close the group database. Failure to explicitly open and close the group database can result in loss of memory and performance.
Item | Description |
---|---|
Group | Specifies the name of the group for which the attributes are to be read. |
Attributes | A pointer to an array of 0 or more elements of type dbattr_t. The list of group attributes is defined in the usersec.h header file. |
Count | The number of array elements in Attributes. A Count parameter of 0 can be used to determine if the group exists. |
Files accessed:
Item | Description |
---|---|
Mode | File |
rw | /etc/group |
rw | /etc/security/group |
If Group exists, the getgroupattrs subroutine returns 0. Otherwise, a value of -1 is returned and the errno global variable is set to indicate the error. Each element in the Attributes array must be examined on a successful call to getgroupattrs to determine if the Attributes array entry was successfully retrieved.
The getgroupattrs subroutine returns an error that indicates that the group does or does not exist. Additional errors can indicate an error querying the information databases for the requested attributes.
Item | Description |
---|---|
EINVAL | The Count parameter is less than zero. |
EINVAL | The Attributes parameter is null and the Count parameter is greater than 0. |
ENOENT | The specified Group parameter does not exist. |
EIO | Failed to access the remote group database. |
If the getgroupattrs subroutine fails to query an attribute, one or more of the following errors is returned in the attr_flag field of the corresponding Attributes element:
Item | Description |
---|---|
EACCES | The user does not have access to the attribute specified in the attr_name field. |
EINVAL | The attr_type field in the Attributes entry contains an invalid type. |
EINVAL | The attr_un field in the Attributes entry does not point to a valid buffer or to valid data for this type of attribute. Limited testing is possible and all errors might not be detected. |
ENOATTR | The attr_name field in the Attributes entry specifies an attribute that is not defined for this user or group. |
ENOMEM | Memory could not be allocated to store the return value. |
The following sample test program displays the output to a call to getgroupattrs. In this example, the system has a user named foo.
attribute name : id
attribute flag : 0
attribute domain : files
attribute value : 204
attribute name : admin
attribute flag : 0
attribute domain : files
attribute value : 0
attribute name : adms
attribute flag : 0
attribute domain : files
attribute value :
attribute name : registry
attribute flag : 0
attribute domain :
attribute value : compat
*/
#include <stdio.h>
#include <usersec.h>
#define NATTR 4
#define GROUPNAME "bar"
char * ConvertToComma(char *); /* Convert from SEC_LIST to SEC_CHAR with
'\0' replaced with ',' */
main() {
dbattr_t attributes[NATTR];
int i;
int rc;
memset (&attributes, 0, sizeof(attributes));
/*
* Fill in the attributes array with "id", "expires" and
* "SYSTEM" attributes.
*/
attributes[0].attr_name = S_ID;
attributes[0].attr_type = SEC_INT;;
attributes[1].attr_name = S_ADMIN;
attributes[1].attr_type = SEC_BOOL;
attributes[2].attr_name = S_ADMS;
attributes[2].attr_type = SEC_LIST;
attributes[3].attr_name = S_REGISTRY;
attributes[3].attr_type = SEC_CHAR;
/*
* Make a call to getuserattrs.
*/
setuserdb(S_READ);
rc = getgroupattrs(GROUPNAME, attributes, NATTR);
enduserdb();
if (rc) {
printf("getgroupattrsattrs failed ....\n");
exit(-1);
}
for (i = 0; i < NATTR; i++) {
printf("attribute name : %s \n", attributes[i].attr_name);
printf("attribute flag : %d \n", attributes[i].attr_flag);
if (attributes[i].attr_flag) {
/*
* No attribute value. Continue.
*/
printf("\n");
continue;
}
/*
* We have a value.
*/
printf("attribute domain : %s \n", attributes[i].attr_domain);
printf("attribute value : ");
switch (attributes[i].attr_type)
{
case SEC_CHAR:
if (attributes[i].attr_char) {
printf("%s\n", attributes[i].attr_char);
free(attributes[i].attr_char);
}
break;
case SEC_LIST:
if (attributes[i].attr_char) {
printf("%s\n", ConvertToComma(
attributes[i].attr_char));
free(attributes[i].attr_char);
}
break;
case SEC_INT:
case SEC_BOOL:
printf("%d\n", attributes[i].attr_int);
break;
default:
break;
}
printf("\n");
}
exit(0);
}
/*
* ConvertToComme:
* replaces NULLs in str with commas.
*/
char *
ConvertToComma(char *str)
{
char *s = str;
if (! str || ! *str)
return(s);
for (; *str; str++) {
while(*(++str));
*str = ',';
}
*(str-1) = 0;
return(s);
}
attribute name : id
attribute flag : 0
attribute domain : files
attribute value : 204
attribute name : admin
attribute flag : 0
attribute domain : files
attribute value : 0
attribute name : adms
attribute flag : 0
attribute domain : files
attribute value :
attribute name : registry
attribute flag : 0
attribute domain :
attribute value : compat
Item | Description |
---|---|
/etc/group | Contains group IDs. |