1.\" Copyright (c) 1989, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" @(#)getlogin.2 8.1 (Berkeley) 6/9/93 29.\" $FreeBSD: src/lib/libc/sys/getlogin.2,v 1.14.2.6 2001/12/14 18:34:00 ru Exp $ 30.\" 31.Dd December 1, 2019 32.Dt GETLOGIN 2 33.Os 34.Sh NAME 35.Nm getlogin , 36.Nm getlogin_r , 37.Nm setlogin 38.Nd get/set login name 39.Sh LIBRARY 40.Lb libc 41.Sh SYNOPSIS 42.In unistd.h 43.Ft char * 44.Fn getlogin void 45.In sys/param.h 46.Ft int 47.Fn getlogin_r "char *name" "size_t len" 48.Ft int 49.Fn setlogin "const char *name" 50.Sh DESCRIPTION 51The 52.Fn getlogin 53routine 54returns the login name of the user associated with the current session, 55as previously set by 56.Fn setlogin . 57The name is normally associated with a login shell 58at the time a session is created, 59and is inherited by all processes descended from the login shell. 60(This is true even if some of those processes assume another user ID, 61for example when 62.Xr su 1 63is used). 64.Pp 65.Fn getlogin_r 66provides the same service as 67.Fn getlogin 68except the caller must provide the buffer 69.Fa name 70with length 71.Fa len 72bytes 73to hold the result. The buffer should be at least 74.Dv MAXLOGNAME 75bytes in length. 76.Pp 77.Fn Setlogin 78sets the login name of the user associated with the current session to 79.Fa name . 80This call is restricted to the super-user, and 81is normally used only when a new session is being created on behalf 82of the named user 83(for example, at login time, or when a remote shell is invoked). 84.Pp 85.Em NOTE : 86There is only one login name per session. 87.Pp 88It is 89.Em CRITICALLY 90important to ensure that 91.Fn setlogin 92is only ever called after the process has taken adequate steps to ensure 93that it is detached from its parent's session. 94Making a 95.Fn setsid 96system call is the 97.Em ONLY 98way to do this. The 99.Fn daemon 100library call calls 101.Fn setsid 102which is an ideal way of detaching from a controlling terminal and 103forking into the background. 104.Pp 105In particular, doing a 106.Fn ioctl ttyfd TIOCNOTTY ...\& 107or 108.Fn setpgrp ...\& 109is 110.Em NOT 111sufficient. 112.Pp 113Once a parent process does a 114.Fn setsid 115call, it is acceptable for some child of that process to then do a 116.Fn setlogin 117even though it is not the session leader, but beware that ALL processes 118in the session will change their login name at the same time, even the 119parent. 120.Pp 121This is not the same as the traditional 122.Ux 123behavior of inheriting privilege. 124.Pp 125Since the 126.Fn setlogin 127system call is restricted to the super-user, it is assumed that (like 128all other privileged programs) the programmer has taken adequate 129precautions to prevent security violations. 130.Sh RETURN VALUES 131If a call to 132.Fn getlogin 133succeeds, it returns a pointer to a null-terminated string in a static buffer, 134or 135.Dv NULL 136if the name has not been set. 137.Fn getlogin_r 138returns zero if successful, or the error number upon failure. 139.Pp 140.Rv -std setlogin 141.Sh ERRORS 142The following errors may be returned by these calls: 143.Bl -tag -width Er 144.It Bq Er EFAULT 145The 146.Fa name 147parameter gave an 148invalid address. 149.It Bq Er EINVAL 150The 151.Fa name 152parameter 153pointed to a string that was too long. 154Login names are limited to 155.Dv MAXLOGNAME 156(from 157.In sys/param.h ) 158characters, currently 17 including null. 159.It Bq Er EPERM 160The caller tried to set the login name and was not the super-user. 161.It Bq Er ERANGE 162The size of the buffer is smaller than the result to be returned. 163.El 164.Sh SEE ALSO 165.Xr setsid 2 , 166.Xr daemon 3 167.Sh STANDARDS 168.Fn getlogin 169and 170.Fn getlogin_r 171conform to 172.St -p1003.1-96 . 173.Sh HISTORY 174The 175.Fn getlogin 176function first appeared in 177.Bx 4.4 . 178The return value of 179.Fn getlogin_r 180was changed from earlier versions of 181.Fx 182to be conformant with 183.St -p1003.1-96 . 184.Sh BUGS 185In earlier versions of the system, 186.Fn getlogin 187failed unless the process was associated with a login terminal. 188The current implementation (using 189.Fn setlogin ) 190allows getlogin to succeed even when the process has no controlling terminal. 191In earlier versions of the system, the value returned by 192.Fn getlogin 193could not be trusted without checking the user ID. 194Portable programs should probably still make this check. 195