Missing user and group information for domain users #129
Description
Indicate project
libsysflow
Describe the bug
The user name is not reported for domain users.
To reproduce
Steps to reproduce the behavior (on a Ubuntu 22):
- Setup LDAP (used local IP as LDAP server name): https://ubuntu.com/server/docs/install-and-configure-ldap
- Enable TLS (required by SSSD): https://ubuntu.com/server/docs/ldap-and-transport-layer-security-tls
- Setup SSSD with LDAP: https://ubuntu.com/server/docs/how-to-set-up-sssd-with-ldap
- Login with newly created LDAP user and run commands (e.g. whoami, ls)
Expected behavior
Events are reported with the correct user name and group, like
Environment (please complete the following information):
- OS: Ubuntu 22.04, 5.15.0-69-generic
- SysFlow version: 0.6.3
Additional context
getpwuid and getgrgid standard C functions might be used to retrieve user/group information from uid/gid:
- https://pubs.opengroup.org/onlinepubs/009604499/functions/getpwuid.html
- https://pubs.opengroup.org/onlinepubs/009604499/functions/getgrgid.html
Should fix also related issue: Missing user and group information #109
Files
****************************************************************
Header: Exporter , IP , File name
Process: PID 103194 Creation Time, 1713946076546863602, Exe /usr/bin/whoami, Exe Args , User Name <NA>, Group Name <NA>, TTY 1
Proc Evt: TID 103194, OpFlags 2, Ret 0
****************************************************************
****************************************************************
Header: Exporter , IP , File name
Process: PID 103195 Creation Time, 1713946077821078567, Exe /usr/bin/ls, Exe Args --color=auto, User Name <NA>, Group Name <NA>, TTY 1
Proc Evt: TID 103195, OpFlags 2, Ret 0
****************************************************************