Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
cancel
Showing results for 
Search instead for 
Did you mean: 

C API for removing a user

SOLVED
Go to solution
Helen Gao
Occasional Contributor

C API for removing a user

Dear all,

Is there a C API for removing a user?

Thanks.
4 REPLIES
A. Clay Stephenson
Acclaimed Contributor
Solution

Re: C API for removing a user

Hi:

By far the easiest method is to call the userdel command via system. e.g.

char *the_user;
int status;
char s_cmd[256];

(void) sprintf(s_cmd,"userdel -r %s",the_user);
cc = system(userdel);

Clay
If it ain't broke, I can fix that.
Eric Ladner
Trusted Contributor

Re: C API for removing a user

I would put an absolute path on that userdel for security purposes.

You might want to consider protecting that from buffer overflows too.
Helen Gao
Occasional Contributor

Re: C API for removing a user

Thanks, guys.

>>You might want to consider protecting that >>from buffer overflows too.

Eric, could you give me more detail on this?




A. Clay Stephenson
Acclaimed Contributor

Re: C API for removing a user

Hi:

All is is saying is that my baby example was not very robust.

char *the_user;
int status;
char s_cmd[256];

(void) sprintf(s_cmd,"userdel -r s",the_user);
cc = system(userdel);

The problem is that is is conceivable (though very unlikely) that the length of the command might exceed the size of s_cmd [256] characters - a buffer overflow.

# ----------------------------------------
The nit-picky though really not need method:

#define CMD "/sbin/userdel -r "

extern int errno;

int remove_user(char *the_user)
{
int cc = 0;

if (the_user != NULL)
{
int len = 4; /* cushion */
char *s_cmd = NULL;

len += (int) strlen(the_user);
len += (int) strlen(CMD);
s_cmd = (char *) malloc(size_t) len);
if (s_cmd != NULL)
{
(void) sprintf(s_cmd,
"%s %s",CMD,the_user);
cc = system(s_cmd);
free ((void *) s_cmd));
}
else cc = (errno != 0) ? errno : -2;
}
else cc = -1;
return(cc);
} /* remove_user */

-----------------------------------------

cc = remove_user("clay");

Barring any typo's that should be a fully robust version. In real life, as long as you make sure that the length of the user name is no more than ~220 the baby example will be perfectly robust.


Regards, Clay
If it ain't broke, I can fix that.