osquery-1/osquery/tables/system/linux/users.cpp

// Copyright 2004-present Facebook. All Rights Reserved.

#include <set>
#include <mutex>
#include <vector>
#include <string>

#include <boost/lexical_cast.hpp>

#include "osquery/core.h"
#include "osquery/database.h"

#include <pwd.h>

namespace osquery {
namespace tables {

std::mutex pwdEnumerationMutex;

QueryData genUsers() {
  std::lock_guard<std::mutex> lock(pwdEnumerationMutex);
  QueryData results;
  struct passwd *pwd = nullptr;
  std::set<long> users_in;

  while ((pwd = getpwent()) != NULL) {
    if (std::find(users_in.begin(), users_in.end(), pwd->pw_uid) == users_in.end()) {
      Row r;
      r["uid"] = boost::lexical_cast<std::string>(pwd->pw_uid);
      r["gid"] = boost::lexical_cast<std::string>(pwd->pw_gid);
      r["username"] = std::string(pwd->pw_name);
      r["description"] = std::string(pwd->pw_gecos);
      r["directory"] = std::string(pwd->pw_dir);
      r["shell"] = std::string(pwd->pw_shell);
      results.push_back(r);
      users_in.insert(pwd->pw_uid);
    }
  }
  endpwent();
  users_in.clear();

  return results;
}
}
}
Adding vtable for users 2014-10-09 19:50:34 +00:00			`// Copyright 2004-present Facebook. All Rights Reserved.`

Making sure we do not add duplicated users 2014-10-10 01:55:25 +00:00			`#include <set>`
Adding groups vtable and refactoring users 2014-10-10 22:09:14 +00:00			`#include <mutex>`
Adding vtable for users 2014-10-09 19:50:34 +00:00			`#include <vector>`
			`#include <string>`

			`#include <boost/lexical_cast.hpp>`

			`#include "osquery/core.h"`
			`#include "osquery/database.h"`

OMG memory leaks 2014-10-10 01:08:18 +00:00			`#include <pwd.h>`

Adding vtable for users 2014-10-09 19:50:34 +00:00			`namespace osquery {`
			`namespace tables {`

Adding groups vtable and refactoring users 2014-10-10 22:09:14 +00:00			`std::mutex pwdEnumerationMutex;`

Adding vtable for users 2014-10-09 19:50:34 +00:00			`QueryData genUsers() {`
Adding groups vtable and refactoring users 2014-10-10 22:09:14 +00:00			`std::lock_guard<std::mutex> lock(pwdEnumerationMutex);`
Adding vtable for users 2014-10-09 19:50:34 +00:00			`QueryData results;`
OMG memory leaks 2014-10-10 01:08:18 +00:00			`struct passwd *pwd = nullptr;`
Making sure we do not add duplicated users 2014-10-10 01:55:25 +00:00			`std::set<long> users_in;`

Adding vtable for users 2014-10-09 19:50:34 +00:00			`while ((pwd = getpwent()) != NULL) {`
Making sure we do not add duplicated users 2014-10-10 01:55:25 +00:00			`if (std::find(users_in.begin(), users_in.end(), pwd->pw_uid) == users_in.end()) {`
			`Row r;`
			`r["uid"] = boost::lexical_cast<std::string>(pwd->pw_uid);`
			`r["gid"] = boost::lexical_cast<std::string>(pwd->pw_gid);`
			`r["username"] = std::string(pwd->pw_name);`
			`r["description"] = std::string(pwd->pw_gecos);`
			`r["directory"] = std::string(pwd->pw_dir);`
			`r["shell"] = std::string(pwd->pw_shell);`
			`results.push_back(r);`
			`users_in.insert(pwd->pw_uid);`
			`}`
Adding vtable for users 2014-10-09 19:50:34 +00:00			`}`
			`endpwent();`
Making sure we do not add duplicated users 2014-10-10 01:55:25 +00:00			`users_in.clear();`
Adding vtable for users 2014-10-09 19:50:34 +00:00
			`return results;`
			`}`
			`}`
			`}`