* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: conf.c,v 1.70 2006-01-11 00:53:20 thib Exp $ */
+ /* $Id: conf.c,v 1.71 2006-05-20 16:27:32 thib Exp $ */
#include "fcron.h"
#endif
if ( strncmp(file_name,"new.", 4) == 0 ) {
- if ( file_stat.st_uid == ROOTUID ) {
- /* file is owned by root : no test needed : set runas to ROOTUID */
- runas = ROOTUID;
+ if ( file_stat.st_uid == rootuid ) {
+ /* file is owned by root : no test needed : set runas to rootuid */
+ runas = rootuid;
}
else {
/* this is a standard user's new fcrontab : set the runas field to
else {
if(!cf->cf_user)
cf->cf_user = strdup2(file_name);
- if ( file_stat.st_uid == ROOTUID ) {
+ if ( file_stat.st_uid == rootuid ) {
/* file is owned by root : either this file has already been parsed
* at least once by fcron, or it is root's fcrontab */
- runas = ROOTUID;
+ runas = rootuid;
}
else {
error("Non-new file %s owned by someone else than root",file_name);
error("Cannot read user's name : file ignored");
goto err;
}
- if ( runas != ROOTUID ) {
+ if ( runas != rootuid ) {
/* we use file owner's name for more security (see above) */
/* free the value obtained by read_strn() (we need to read it anyway
* to set the file ptr to the next thing to read) */
}
/* set runas field if necessary (to improve security) */
- if (runas != ROOTUID) {
+ if (runas != rootuid) {
if (strcmp(cl->cl_runas, runas_str) != 0)
warn("warning: runas(%s) is not owner (%s): overridden.",
cl->cl_runas, runas_str);
/* save the file safely : save it to a temporary name, then rename() it */
/* chown the file to root:root : this file should only be read and
* modified by fcron (not fcrontab) */
- save_file_safe(file, file->cf_user, "fcron", ROOTUID, ROOTGID, now);
+ save_file_safe(file, file->cf_user, "fcron", rootuid, rootgid, now);
if (arg_file != NULL)
/* we have to save only a single file */
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: config.h.in,v 1.56 2006-01-11 00:53:50 thib Exp $ */
+ /* $Id: config.h.in,v 1.57 2006-05-20 16:27:43 thib Exp $ */
/* *********************************************************** */
#undef USE_SETE_ID
/* root uid, gid, name and group */
-#undef ROOTUID
-#undef ROOTGID
#undef ROOTNAME
#undef ROOTGROUP
AC_CONFIG_HEADER(config.h)
AC_PREREQ(2.57)
-vers="3.0.1"
+vers="3.0.2"
vers_quoted="\"$vers\""
AC_DEFINE_UNQUOTED(VERSION, $vers)
AC_DEFINE_UNQUOTED(VERSION_QUOTED, $vers_quoted)
ROOTNAME="$rootname"
AC_SUBST(ROOTNAME)
AC_DEFINE_UNQUOTED(ROOTNAME, "$rootname")
-ROOTUID=$rootuid
-AC_SUBST(ROOTUID)
-AC_DEFINE_UNQUOTED(ROOTUID, $rootuid)
ROOTGROUP="$rootgroup"
AC_SUBST(ROOTGROUP)
AC_DEFINE_UNQUOTED(ROOTGROUP, "$rootgroup")
-ROOTGID=$rootgid
-AC_SUBST(ROOTGID)
-AC_DEFINE_UNQUOTED(ROOTGID, $rootgid)
username="$rootname"
groupname="$rootgroup"
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: convert-fcrontab.c,v 1.20 2006-01-11 00:54:22 thib Exp $ */
+ /* $Id: convert-fcrontab.c,v 1.21 2006-05-20 16:27:46 thib Exp $ */
#include "convert-fcrontab.h"
#include "global.h"
-char rcs_info[] = "$Id: convert-fcrontab.c,v 1.20 2006-01-11 00:54:22 thib Exp $";
+char rcs_info[] = "$Id: convert-fcrontab.c,v 1.21 2006-05-20 16:27:46 thib Exp $";
void info(void);
void usage(void);
char *prog_name = NULL;
char foreground = 1;
pid_t daemon_pid = 0;
+uid_t rootuid = 0;
+gid_t rootgid = 0;
char debug_opt = 0;
char dosyslog = 1;
"Copyright " COPYRIGHT_QUOTED " Thibault Godouet <fcron@free.fr>\n"
"This program is free software distributed WITHOUT ANY WARRANTY.\n"
"See the GNU General Public License for more details.\n"
+ "\n"
+ "WARNING: this program is not supposed to be installed on the "
+ "system. It is only used at installation time to convert the "
+ "the binary fcrontabs in the old format (fcron < 1.1.0, which "
+ "was published in 2001) to the present one."
);
exit(EXIT_OK);
"convert-fcrontab -V\n"
"convert-fcrontab user\n"
" Update the fcrontab of \"user\" to fit the new binary format.\n"
+ "\n"
+ "WARNING: this program is not supposed to be installed on the "
+ "system. It is only used at installation time to convert the "
+ "the binary fcrontabs in the old format (fcron < 1.1.0, which "
+ "was published in 2001) to the present one."
);
exit(EXIT_ERR);
extern int optind, opterr, optopt;
char *user_to_update = NULL;
+ rootuid = get_user_uid_safe(ROOTNAME);
+ rootgid = get_group_gid_safe(ROOTGROUP);
+
if ( strrchr(argv[0], '/') == NULL) prog_name = argv[0];
else prog_name = strrchr(argv[0], '/') + 1;
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: convert-fcrontab.h,v 1.3 2006-01-11 00:54:25 thib Exp $ */
+ /* $Id: convert-fcrontab.h,v 1.4 2006-05-20 16:27:51 thib Exp $ */
#ifndef __CONVERT_FCRONTAB_H__
#define __CONVERT_FCRONTAB_H__
/* We create a .h (even if empty !) because we have a generic rule
in Makefile to create .o files which needs the corresponding .h to exist. */
+#include "global.h"
+
+extern uid_t rootuid;
+extern gid_t rootgid;
+
#endif /* __CONVERT_FCRONTAB_H__ */
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcron.c,v 1.77 2006-02-05 20:59:08 thib Exp $ */
+ /* $Id: fcron.c,v 1.78 2006-05-20 16:27:10 thib Exp $ */
#include "fcron.h"
#include "socket.h"
#endif
-char rcs_info[] = "$Id: fcron.c,v 1.77 2006-02-05 20:59:08 thib Exp $";
+char rcs_info[] = "$Id: fcron.c,v 1.78 2006-05-20 16:27:10 thib Exp $";
void main_loop(void);
void check_signal(void);
char *prog_name = NULL;
char *orig_tz_envvar = NULL;
+/* uid/gid of user/group root
+ * (we don't use the static UID or GID as we ask for user and group names
+ * in the configure script) */
+uid_t rootuid = 0;
+gid_t rootgid = 0;
+
/* have we got a signal ? */
char sig_conf = 0; /* is 1 when we got a SIGHUP, 2 for a SIGUSR1 */
char sig_chld = 0; /* is 1 when we got a SIGCHLD */
/* create a new spool dir for fcron : set correctly its mode and owner */
{
int dir_fd = -1;
- struct passwd *pass = NULL;
- struct group *grp = NULL;
struct stat st;
+ uid_t useruid = get_user_uid_safe(USERNAME);
+ gid_t usergid = get_group_gid_safe(GROUPNAME);
if ( mkdir(dir, 0) != 0 && errno != EEXIST )
die_e("Cannot create dir %s", dir);
die("%s exists and is not a directory", dir);
}
- if ( (pass = getpwnam(USERNAME)) == NULL )
- die_e("Cannot getpwnam(%s)", USERNAME);
-
- if ( (grp = getgrnam(GROUPNAME)) == NULL )
- die_e("Cannot getgrnam(%s)", GROUPNAME);
-
- if ( fchown(dir_fd, pass->pw_uid, grp->gr_gid) != 0 ) {
+ if ( fchown(dir_fd, useruid, usergid) != 0 ) {
close(dir_fd);
die_e("Cannot fchown dir %s to %s:%s", dir, USERNAME, GROUPNAME);
}
main(int argc, char **argv)
{
+ rootuid = get_user_uid_safe(ROOTNAME);
+ rootgid = get_group_gid_safe(ROOTGROUP);
+
/* we set it to 022 in order to get a pidfile readable by fcrontab
* (will be set to 066 later) */
saved_umask = umask(022);
{
uid_t daemon_uid;
- if ( (daemon_uid = getuid()) != ROOTUID )
+ if ( (daemon_uid = getuid()) != rootuid )
die("Fcron must be executed as root");
}
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcron.h,v 1.33 2006-01-11 00:53:01 thib Exp $ */
+ /* $Id: fcron.h,v 1.34 2006-05-20 16:27:20 thib Exp $ */
#ifndef __FCRON_H__
#define __FCRON_H__
extern char *orig_tz_envvar;
extern mode_t saved_umask;
extern char *prog_name;
+extern uid_t rootuid;
+extern gid_t rootgid;
extern char sig_hup;
extern struct cf_t *file_base;
extern struct job_t *queue_base;
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcrondyn.c,v 1.14 2006-01-11 00:48:33 thib Exp $ */
+ /* $Id: fcrondyn.c,v 1.15 2006-05-20 16:26:17 thib Exp $ */
/* fcrondyn : interact dynamically with running fcron process :
* - list jobs, with their status, next time of execution, etc
#include "allow.h"
#include "read_string.h"
-char rcs_info[] = "$Id: fcrondyn.c,v 1.14 2006-01-11 00:48:33 thib Exp $";
+char rcs_info[] = "$Id: fcrondyn.c,v 1.15 2006-05-20 16:26:17 thib Exp $";
void info(void);
void usage(void);
char dosyslog = 1;
pid_t daemon_pid = 0;
+/* uid/gid of user/group root
+ * (we don't use the static UID or GID as we ask for user and group names
+ * in the configure script) */
+uid_t rootuid = 0;
+gid_t rootgid = 0;
+
/* misc */
char *user_str;
uid_t user_uid;
}
/* use default value : currently, works only with CUR_USER */
- if ( user_uid == ROOTUID ) {
+ if ( user_uid == rootuid ) {
/* default for root = all */
int_buf = ALL;
Write_cmd( int_buf );
case NICE_VALUE:
/* after strtol(), cmd_str will be updated (first non-number char) */
if ( (int_buf = strtol(cmd_str, &cmd_str, 10)) > 20
- || (int_buf < 0 && getuid() != ROOTUID) || int_buf < -20
+ || (int_buf < 0 && getuid() != rootuid) || int_buf < -20
|| (! isspace( (int) *cmd_str) && *cmd_str != '\0') ) {
fprintf(stderr, "Error : invalid nice value.\n");
return INVALID_ARG;
int fd = (-1);
struct passwd *pass = NULL;
+ rootuid = get_user_uid_safe(ROOTNAME);
+ rootgid = get_group_gid_safe(ROOTGROUP);
+
if ( strrchr(argv[0], '/') == NULL) prog_name = argv[0];
else prog_name = strrchr(argv[0], '/') + 1;
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcrondyn.h,v 1.5 2006-01-11 00:49:26 thib Exp $ */
+ /* $Id: fcrondyn.h,v 1.6 2006-05-20 16:26:34 thib Exp $ */
#ifndef __FCRONDYN_H__
#define __FCRONDYN_H__
extern char debug_opt;
extern char dosyslog;
extern pid_t daemon_pid;
-
+extern uid_t rootuid;
+extern gid_t rootgid;
/* types def */
#define MAX_NUM_OPT 4
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcronsighup.c,v 1.9 2006-01-11 00:40:16 thib Exp $ */
+ /* $Id: fcronsighup.c,v 1.10 2006-05-20 16:22:37 thib Exp $ */
#include "fcronsighup.h"
#include "global.h"
#include "allow.h"
-char rcs_info[] = "$Id: fcronsighup.c,v 1.9 2006-01-11 00:40:16 thib Exp $";
+char rcs_info[] = "$Id: fcronsighup.c,v 1.10 2006-05-20 16:22:37 thib Exp $";
void usage(void);
void sig_daemon(void);
uid_t uid = 0;
uid_t fcrontab_uid = 0;
-
+uid_t rootuid = 0;
+gid_t rootgid = 0;
#ifdef DEBUG
char debug_opt = 1; /* set to 1 if we are in debug mode */
* some bad users to block daemon by sending it SIGHUP all the time */
{
/* we don't need to make root wait */
- if (uid != ROOTUID) {
+ if (uid != rootuid) {
time_t t = 0;
int sl = 0;
FILE *fp = NULL;
foreground = 1;
#ifdef USE_SETE_ID
- if (seteuid(ROOTUID) != 0)
- error_e("seteuid(ROOTUID)");
+ if (seteuid(rootuid) != 0)
+ error_e("seteuid(rootuid)");
#endif /* USE_SETE_ID */
if ( kill(daemon_pid, SIGHUP) != 0)
int
main(int argc, char **argv)
{
- struct passwd *pass;
+ struct passwd *pass = NULL;
+
+ rootuid = get_user_uid_safe(ROOTNAME);
+ rootgid = get_group_gid_safe(ROOTGROUP);
if (strrchr(argv[0],'/')==NULL) prog_name = argv[0];
else prog_name = strrchr(argv[0],'/')+1;
- if ( ! (pass = getpwnam(USERNAME)) )
- die("user \"%s\" is not in passwd file. Aborting.", USERNAME);
- fcrontab_uid = pass->pw_uid;
+ fcrontab_uid = get_user_uid_safe(USERNAME);
#ifdef USE_SETE_ID
/* get user's permissions */
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcronsighup.h,v 1.3 2006-01-11 00:40:46 thib Exp $ */
+ /* $Id: fcronsighup.h,v 1.4 2006-05-20 16:23:28 thib Exp $ */
#ifndef __FCRONSIGHUP_H__
#define __FCRONSIGHUP_H__
/* We create a .h (even if empty !) because we have a generic rule
in Makefile to create .o files which needs the corresponding .h to exist. */
+#include "global.h"
+
+extern uid_t rootuid;
+extern gid_t rootgid;
+
#endif /* __FCRONSIGHUP_H__ */
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcrontab.c,v 1.68 2006-01-11 00:49:33 thib Exp $ */
+ /* $Id: fcrontab.c,v 1.69 2006-05-20 16:26:37 thib Exp $ */
/*
* The goal of this program is simple : giving a user interface to fcron
#include "temp_file.h"
#include "read_string.h"
-char rcs_info[] = "$Id: fcrontab.c,v 1.68 2006-01-11 00:49:33 thib Exp $";
+char rcs_info[] = "$Id: fcrontab.c,v 1.69 2006-05-20 16:26:37 thib Exp $";
void info(void);
void usage(void);
char debug_opt = 0; /* set to 1 if we are in debug mode */
#endif
+/* uid/gid of users/groups
+ * (we don't use the static UID or GID as we ask for user and group names
+ * in the configure script) */
char *user = NULL;
char *runas = NULL;
uid_t uid = 0;
gid_t asgid = 0;
uid_t fcrontab_uid = 0;
gid_t fcrontab_gid = 0;
+uid_t rootuid = 0;
+gid_t rootgid = 0;
char need_sig = 0; /* do we need to signal fcron daemon */
* except for root. Root requires filesystem uid root for security
* reasons */
#ifdef USE_SETE_ID
- if (asuid == ROOTUID) {
- if (seteuid(ROOTUID) != 0)
- die_e("seteuid(ROOTUID) : old source file kept");
+ if (asuid == rootuid) {
+ if (seteuid(rootuid) != 0)
+ die_e("seteuid(rootuid) : old source file kept");
}
else {
if (seteuid(fcrontab_uid) != 0)
}
#ifdef USE_SETE_ID
- if (asuid != ROOTUID && seteuid(uid) != 0)
+ if (asuid != rootuid && seteuid(uid) != 0)
die_e("seteuid(uid[%d]) : old source file kept", uid);
#endif
- if (asuid == ROOTUID ) {
+ if (asuid == rootuid ) {
if ( fchmod(to_fd, S_IWUSR | S_IRUSR) != 0 ) {
error_e("Could not fchmod %s to 600", tmp_filename_str);
goto exiterr;
}
- if ( fchown(to_fd, ROOTUID, fcrontab_gid) != 0 ) {
+ if ( fchown(to_fd, rootuid, fcrontab_gid) != 0 ) {
error_e("Could not fchown %s to root", tmp_filename_str);
goto exiterr;
}
if ( errno != EEXIST )
error_e("Can't create file %s", buf);
}
- else if ( asuid == ROOTUID && fchown(fd, ROOTUID, fcrontab_gid) != 0 )
+ else if ( asuid == rootuid && fchown(fd, rootuid, fcrontab_gid) != 0 )
error_e("Could not fchown %s to root", buf);
close(fd);
switch ( pid = fork() ) {
case 0:
/* child */
- if ( uid != ROOTUID ) {
+ if ( uid != rootuid ) {
if (setgid(asgid) < 0) {
error_e("setgid(asgid)");
goto exiterr;
close(fd);
goto exiterr;
}
- if ( fchown(fd, ROOTUID, ROOTGID) != 0 || fchmod(fd, S_IRUSR|S_IWUSR) != 0 ){
+ if ( fchown(fd, rootuid, rootgid) != 0 || fchmod(fd, S_IRUSR|S_IWUSR) != 0 ){
fprintf(stderr, "Can't chown or chmod %s.\n", tmp_str);
close(fd);
goto exiterr;
usage(); break;
case 'u':
- if (uid != ROOTUID) {
+ if (uid != rootuid) {
fprintf(stderr, "must be privileged to use -u\n");
xexit(EXIT_ERR);
}
else
usage();
- if (uid != ROOTUID) {
+ if (uid != rootuid) {
fprintf(stderr, "must be privileged to use -u\n");
xexit(EXIT_ERR);
}
if ( list_opt + rm_opt + edit_opt + reinstall_opt == 0 )
file_opt = optind;
else {
- if (uid != ROOTUID) {
+ if (uid != rootuid) {
fprintf(stderr, "must be privileged to use [user|-u user]\n");
xexit(EXIT_ERR);
}
#ifdef SYSFCRONTAB
if ( strcmp(user, SYSFCRONTAB) == 0 ) {
is_sysfcrontab = 1;
- asuid = ROOTUID;
- asgid = ROOTGID;
+ asuid = rootuid;
+ asgid = rootgid;
}
else
#endif /* def SYSFCRONTAB */
#endif
struct passwd *pass;
+ rootuid = get_user_uid_safe(ROOTNAME);
+ rootgid = get_group_gid_safe(ROOTGROUP);
+
memset(buf, 0, sizeof(buf));
memset(file, 0, sizeof(file));
#else /* USE_SETE_ID */
- if (setuid(ROOTUID) != 0 )
- die_e("Could not change uid to ROOTUID");
- if (setgid(ROOTGID) != 0)
- die_e("Could not change gid to ROOTGID");
+ if (setuid(rootuid) != 0 )
+ die_e("Could not change uid to rootuid");
+ if (setgid(rootgid) != 0)
+ die_e("Could not change gid to rootgid");
/* change directory */
if (chdir(fcrontabs) != 0) {
error_e("Could not chdir to %s", fcrontabs);
/* this program is seteuid : we set default permission mode
* to 640 for a normal user, 600 for root, for security reasons */
- if ( asuid == ROOTUID )
+ if ( asuid == rootuid )
umask(066); /* octal : '0' + number in octal notation */
else
umask(026);
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fcrontab.h,v 1.19 2006-01-11 00:51:17 thib Exp $ */
+ /* $Id: fcrontab.h,v 1.20 2006-05-20 16:26:58 thib Exp $ */
#ifndef __FCRONTAB_H__
#define __FCRONTAB_H__
extern uid_t asuid;
extern uid_t fcrontab_uid;
extern gid_t fcrontab_gid;
+extern uid_t rootuid;
+extern gid_t rootgid;
#endif /* __FCRONTAB_H__ */
* `LICENSE' that comes with the fcron source distribution.
*/
- /* $Id: fileconf.c,v 1.76 2006-01-11 00:53:05 thib Exp $ */
+ /* $Id: fileconf.c,v 1.77 2006-05-20 16:27:23 thib Exp $ */
#include "fcrontab.h"
if ( debug_opt )
fprintf(stderr, "FILE %s\n", file_name);
- if (strcmp(runas, "root") == 0)
+ if (strcmp(runas, ROOTNAME) == 0)
max_entries = 65535;
/* max_lines acts here as a security counter to avoid endless loop. */
return NULL;
if ( negative == 1 ) {
- if (getuid() != ROOTUID) {
+ if (getuid() != rootuid) {
fprintf(stderr, "must be privileged to use a negative argument "
"with nice: set to 0\n");
need_correction = 1;
}
else if(strcmp(opt_name, "runas") == 0) {
- if (getuid() != ROOTUID) {
+ if (getuid() != rootuid) {
fprintf(stderr, "must be privileged to use option runas: "
"skipping option\n");
need_correction = 1;
ptr = ptr + indx; /* move ptr to the next word */
Skip_blanks(ptr);
- if (getuid() != ROOTUID) {
+ if (getuid() != rootuid) {
fprintf(stderr, "must be privileged to run as another user : "
"ignoring\n");
} else {
projects / fcron / commitdiff