dnl ---------------------------------------------------------------------
dnl Users and groups ...
+AC_MSG_CHECKING(run non-privileged)
+AC_ARG_WITH(run-non-privileged,
+[ --run-non-privileged=[yes|no] Run fcron without root's rights (see FAQ !)],
+[ case "$withval" in
+ no)
+ AC_MSG_RESULT(no)
+ ;;
+ yes)
+ AC_MSG_RESULT(yes)
+ AC_MSG_WARN([
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+WARNING :
+ This option allows a non privileged user to run fcron. When used,
+ fcron does not change its rights before running a job (i.e.,
+ if joe runs fcron, every job will run as joe).
+ It means that SHOULD NOT RUN FCRON AS A PRIVILEGED USER WHEN COMPILED
+ WITH THIS OPTION or you'll have a serious security hole.
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+])
+ AC_DEFINE(RUN_NON_PRIVILEGED)
+ RUN_NON_PRIVILEGED=1
+ AC_SUBST(RUN_NON_PRIVILEGED)
+ ;;
+ *)
+ AC_MSG_ERROR(Invalid argument : please use 'yes' or 'no'.)
+ ;;
+ esac],
+ AC_MSG_RESULT(no)
+)
+
+
AC_MSG_CHECKING(root's username)
AC_ARG_WITH(rootname,
[ --with-rootname=USERNAME Root's username (default root) ],
AC_MSG_ERROR(Need rootname.)
;;
yes)
- if LINE=`cat /etc/passwd | grep "^root:"`; then
+ if rootuid=`script/has_usrgrp.pl -user root -printuid`; then
rootname=root
- rootuid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootname uid: $rootuid)
else
AC_MSG_ERROR([
fi
;;
*)
- if LINE=`cat /etc/passwd | grep "^$withval:"`; then
+ if rootuid=`script/has_usrgrp.pl -user $withval -printuid`; then
rootname=$withval
- rootuid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootname uid: $rootuid)
else
AC_MSG_ERROR([
-Invalid root's username : not in /etc/passwd])
+Invalid root's username : cannot find it using getpwnam()])
fi
;;
esac ],
- if LINE=`cat /etc/passwd | grep "^root:"`; then
+ if rootuid=`script/has_usrgrp.pl -user root -printuid`; then
rootname=root
- rootuid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootname uid: $rootuid)
else
AC_MSG_ERROR([
AC_MSG_ERROR(Need rootgroup.)
;;
yes)
- if LINE=`cat /etc/group | grep "^root:"`; then
+ if rootgid=`script/has_usrgrp.pl -group root -printgid`; then
rootgroup=root
- rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootgroup gid: $rootgid)
- elif LINE=`cat /etc/group | grep "^wheel:"`; then
+ elif rootgid=`script/has_usrgrp.pl -group wheel -printgid`; then
rootgroup=wheel
- rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootgroup gid: $rootgid)
else
AC_MSG_ERROR([
fi
;;
*)
- if LINE=`cat /etc/group | grep "^$withval:"`; then
+ if rootgid=`script/has_usrgrp.pl -group $withval -printgid`; then
rootgroup=$withval
- rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootgroup gid: $rootgid)
else
AC_MSG_ERROR([
-Invalid root's groupname : not in /etc/group])
+Invalid root's groupname : cannot find it using getgrnam()])
fi
;;
esac ],
- if LINE=`cat /etc/group | grep "^root:"`; then
+ if rootgid=`script/has_usrgrp.pl -group root -printgid`; then
rootgroup=root
- rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootgroup gid: $rootgid)
- elif LINE=`cat /etc/group | grep "^wheel:"`; then
+ elif rootgid=`script/has_usrgrp.pl -group wheel -printgid`; then
rootgroup=wheel
- rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'`
AC_MSG_RESULT($rootgroup gid: $rootgid)
else
AC_MSG_ERROR([
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
username="$withval";
AC_MSG_RESULT($username)
- if test "$withval" = "$rootname"; then
+ if test "$withval" = "$rootname" && test "$RUN_NON_PRIVILEGED" != "1"; then
AC_MSG_WARN([
Beware that running fcrontab setuid root is not very secure. You should use
projects / fcron / commitdiff