]> granicus.if.org Git - cronie/commitdiff
With NFS homes can't be job executed, because root can't access
authorMarcela Mašláňová <mmaslano@redhat.com>
Wed, 13 Jan 2010 12:54:43 +0000 (13:54 +0100)
committerMarcela Mašláňová <mmaslano@redhat.com>
Wed, 13 Jan 2010 12:54:43 +0000 (13:54 +0100)
this directory.

src/do_command.c
src/funcs.h
src/security.c

index e1572e52c523ab940077533656971d64d7de083f..c6ff0d7c62ffbae8ad066797dadbce0ca91eb60d 100644 (file)
@@ -156,9 +156,9 @@ static void child_process(entry * e, user * u) {
         /*NOTREACHED*/ case 0:
                Debug(DPROC, ("[%ld] grandchild process fork()'ed\n", (long) getpid()))
 
-                       if (cron_change_user_permanently(e->pwd) < 0)
+               if (cron_change_user_permanently(e->pwd, env_get("HOME", jobenv)) < 0)
                        _exit(ERROR_EXIT);
-
+               
                /* write a log message.  we've waited this long to do it
                 * because it was not until now that we knew the PID that
                 * the actual user command shell was going to get and the
@@ -272,7 +272,7 @@ static void child_process(entry * e, user * u) {
                         * are part of its reference count now.
                         */
                        close(stdout_pipe[READ_PIPE]);
-               if (cron_change_user_permanently(e->pwd) < 0)
+               if (cron_change_user_permanently(e->pwd, env_get("HOME", jobenv)) < 0)
                        _exit(ERROR_EXIT);
                /* translation:
                 *  \% -> %
index 32d90c222b22510e1a1a8ce143b6467e88523acf..fabd0b27a28f49bcb9f413d549ab9facc1b67362 100644 (file)
@@ -93,9 +93,9 @@ int cron_open_security_session( struct passwd *pw );
 
 void cron_close_security_session( void );
 
-int cron_change_user( struct passwd *pw, char *homedir );
+int cron_change_user( struct passwd *pw );
 
-int cron_change_user_permanently( struct passwd *pw );
+int cron_change_user_permanently( struct passwd *pw, char *homedir );
 
 int get_security_context(const char *name, 
                         int crontab_fd, 
index 5a2cdfabd78ca0904fe58b1c4fdff9a421a5187c..c3b1463c9baddf7020b325f4719f4018ce43c285 100644 (file)
@@ -120,7 +120,7 @@ int cron_set_job_security_context(entry * e, user * u, char ***jobenv) {
        }
 #endif
 
-       if (cron_change_user(e->pwd, env_get("HOME", *jobenv)) != 0) {
+       if (cron_change_user(e->pwd) != 0) {
                log_it(e->pwd->pw_name, getpid(), "ERROR", "failed to change user", 0);
                return -1;
        }
@@ -189,7 +189,7 @@ void cron_close_pam(void) {
 #endif
 }
 
-int cron_change_user(struct passwd *pw, char *homedir) {
+int cron_change_user(struct passwd *pw) {
        pid_t pid = getpid();
        /* set our directory, uid and gid.  Set gid first, since once
         * we set uid, we've lost root privledges.
@@ -209,18 +209,19 @@ int cron_change_user(struct passwd *pw, char *homedir) {
                return -1;
        }
 
-       if (chdir(homedir) == -1) {
-               log_it("CRON", pid, "ERROR chdir failed", homedir, errno);
-               return -1;
-       }
        return 0;
 }
 
-int cron_change_user_permanently(struct passwd *pw) {
+int cron_change_user_permanently(struct passwd *pw, char *homedir) {
        if (setreuid(pw->pw_uid, pw->pw_uid) != 0) {
                log_it("CRON", getpid(), "ERROR", "setreuid failed", errno);
                return -1;
        }
+       if (chdir(homedir) == -1) {
+               log_it("CRON", getpid(), "ERROR chdir failed", homedir, errno);
+               return -1;
+       }
+
        return 0;
 }