In the unix package, in System.Posix.User, we have the following functions [1]:

* getLoginName (getlogin)

* getUserEntryForID (getpwuid_r)

* getGroupEntryForID (getgrgid_r)

* getUserEntryForName (getpwnam_r)

* getGroupEntryForName (getgrnam_r)

They have signature `IO String`, and use `throwErrnoIfNull` to call the c functions listed in parenthesis.

## Proposal

Change the signature of the functions listed above to `IO (Maybe String)`.

The new semantics would be:

* If the c function returns a NULL pointer with errno set to ENOENT, meaning the given user or group could not be found, the result is Nothing.

* If another error occured, an error is thrown (no change).

* Otherwise the result is Just "result".

## Motivation

At least `getlogin` and `getgrgid` are unreliable on Linux. It is possible for them to return NULL pointers [2] even when the user is logged in and has an associated user entry in /etc/passwd and group entry in /etc/group.

Examples:

* when `getLoginName` is called using a terminal emulator that doesn't write login records to /var/run/utmp, or inside screen/tmux, `getlogin` tends to return NULL pointers [3].

* `getGroupEntryForID` can throw a NULL pointer exception inside chroots or other environments where the information in /etc/groups is not to be considered reliable [4].

Since we can, let's give the above Haskell functions a type safe(r) api.

If the proposal gets rejected, I will just add a warning message to the docstrings of the functions in question and permanently disable their tests from the unix testsuite, since this is currently causing problems [5,6].

## Links