* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: config.h.in,v 1.35 2001-08-17 19:48:18 thib Exp $ */
+ /* $Id: config.h.in,v 1.36 2001-08-20 20:02:53 thib Exp $ */
/* *********************************************************** */
/* 1 if you want foreground mode by default */
#undef FOREGROUND
+/* Define if we should use sete[ug]id() funcs */
+#undef USE_SETE_ID
+
/* username to run under */
#undef USERNAME
AC_SUBST(ROOTGROUP)
AC_DEFINE_UNQUOTED(ROOTGROUP, "$rootgroup")
-if test \( $seteuid -eq 0 \) -o \( $setegid -eq 0 \) ; then
- username="$rootname"
- groupname="$rootgroup"
-else
+username="$rootname"
+groupname="$rootgroup"
AC_MSG_CHECKING(username to run fcrontab under)
AC_ARG_WITH(username,
yes)
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
username=fcron
- AC_MSG_RESULT(fcron)
- else
- AC_MSG_RESULT(root)
fi
+ AC_MSG_RESULT($username)
;;
*)
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
- username="$withval";
- AC_MSG_RESULT($withval)
+ username="$withval";
+ AC_MSG_RESULT($username)
+ if test "$withval" = "$rootname"; then
+ AC_MSG_WARN([
+
+Beware that running fcrontab setuid root is not very secure. You should use
+another user name if possible.
+])
+ seteuid=0
+ setegid=0
+ fi
else
- AC_MSG_RESULT(root)
- AC_MSG_WARN(username must be root as your system has no seteuid)
+ AC_MSG_RESULT($username)
+ AC_MSG_WARN(username must be $rootname as your system has no seteuid)
fi
;;
esac ],
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
username=fcron
- AC_MSG_RESULT(fcron)
- else
- AC_MSG_RESULT(root)
fi
+ AC_MSG_RESULT($username)
)
AC_MSG_CHECKING(groupname to run fcrontab under)
yes)
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
groupname=fcron
- AC_MSG_RESULT(fcron)
- else
- AC_MSG_RESULT(root)
fi
+ AC_MSG_RESULT($groupname)
;;
*)
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
groupname="$withval";
- AC_MSG_RESULT($withval)
+ AC_MSG_RESULT($groupname)
else
- AC_MSG_RESULT(root)
- AC_MSG_WARN(groupname must be root as your system has no setegid)
+ AC_MSG_RESULT($groupname)
+ AC_MSG_WARN(groupname must be $rootgroup as username is $username)
fi
;;
esac ],
if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
groupname=fcron
- AC_MSG_RESULT(fcron)
- else
- AC_MSG_RESULT(root)
fi
+ AC_MSG_RESULT($groupname)
)
-fi
-
USERNAME="$username"
AC_SUBST(USERNAME)
AC_DEFINE_UNQUOTED(USERNAME, "$username")
AC_SUBST(GROUPNAME)
AC_DEFINE_UNQUOTED(GROUPNAME, "$groupname")
+if test \( $seteuid -eq 1 \) -a \( $setegid -eq 1 \) ; then
+ AC_DEFINE(USE_SETE_ID)
+fi
+
dnl We set exec_prefix to $prefix (also done in Makefile)
exec_prefix=$prefix
BINDIREX=`eval echo $bindir`
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcrontab.c,v 1.46 2001-08-17 19:40:46 thib Exp $ */
+ /* $Id: fcrontab.c,v 1.47 2001-08-20 20:01:43 thib Exp $ */
/*
* The goal of this program is simple : giving a user interface to fcron
#include "fcrontab.h"
-char rcs_info[] = "$Id: fcrontab.c,v 1.46 2001-08-17 19:40:46 thib Exp $";
+char rcs_info[] = "$Id: fcrontab.c,v 1.47 2001-08-20 20:01:43 thib Exp $";
void info(void);
void usage(void);
/* create it as fcrontab_uid (to avoid problem if user's uid changed)
* except for root. Root requires filesystem uid root for security
* reasons */
-#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID)
+#ifdef USE_SETE_ID
if (asuid != 0 && seteuid(fcrontab_uid) != 0)
error_e("seteuid(fcrontab_uid[%d])", fcrontab_uid);
#endif
error_e("copy: dest");
return ERR;
}
-#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID)
+#ifdef USE_SETE_ID
if (asuid != 0 && seteuid(uid) != 0)
die_e("seteuid(uid[%d])", uid);
#endif
error_e("could not remove %s", buf);
}
-#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID)
+#ifdef USE_SETE_ID
if (seteuid(fcrontab_uid) != 0)
error_e("seteuid(fcrontab_uid[%d])", fcrontab_uid);
#endif
need_sig = 1;
-#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID)
+#ifdef USE_SETE_ID
if (seteuid(uid) != 0)
die_e("seteuid(uid[%d])", uid);
#endif
error_e("could not fdopen");
goto exiterr;
}
-#if ! (defined(HAVE_SETEGID) && defined(HAVE_SETEUID))
+#ifndef USE_SETE_ID
if (fchown(file, asuid, asgid) != 0) {
error_e("Could not fchown %s to asuid and asgid", tmp_str);
goto exiterr;
goto exiterr;
}
-#if ! (defined(HAVE_SETEGID) && defined(HAVE_SETEUID))
+#ifndef USE_SETE_ID
/* we have chown the tmp file to user's name : user may have
* linked the tmp file to a file owned by root. In that case, as
* fcrontab is setuid root, user may read some informations he is not
/* interpret command line options */
parseopt(argc, argv);
-#if defined(HAVE_SETEGID) && defined(HAVE_SETEUID)
+#ifdef USE_SETE_ID
{
struct passwd *pass;
if ( ! (pass = getpwnam(USERNAME)) )
projects / fcron / commitdiff