search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge commit 'b1e7e97d3b60469b243b3b2e22c7d8cbd11c7c90'
[unleashed.git] / usr / src / cmd / cron / crontab.c
blobb03c0dd32e55b3b79ff797e7d382800e70215203
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
26 /* All Rights Reserved */
27
28
29 #include <sys/types.h>
30 #include <sys/stat.h>
31 #include <sys/types.h>
32 #include <sys/wait.h>
33 #include <errno.h>
34 #include <signal.h>
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <string.h>
38 #include <fcntl.h>
39 #include <ctype.h>
40 #include <pwd.h>
41 #include <unistd.h>
42 #include <locale.h>
43 #include <nl_types.h>
44 #include <langinfo.h>
45 #include <libintl.h>
46 #include <security/pam_appl.h>
47 #include <limits.h>
48 #include "cron.h"
49 #include "getresponse.h"
50
51 #define VIPATH "vi"
52
53 #define TMPFILE "_cron" /* prefix for tmp file */
54 #define CRMODE 0600 /* mode for creating crontabs */
55
56 #define BADCREATE \
57 "can't create your crontab file in the crontab directory."
58 #define BADOPEN "can't open your crontab file."
59 #define BADSHELL \
60 "because your login shell isn't /usr/bin/sh, you can't use cron."
61 #define WARNSHELL "warning: commands will be executed using /usr/bin/sh\n"
62 #define BADUSAGE \
63 "usage:\n" \
64 "\tcrontab [file]\n" \
65 "\tcrontab -e [username]\n" \
66 "\tcrontab -l [username]\n" \
67 "\tcrontab -r [username]"
68 #define INVALIDUSER "you are not a valid user (no entry in /etc/passwd)."
69 #define NOTALLOWED "you are not authorized to use cron. Sorry."
70 #define NOTROOT \
71 "you must be super-user to access another user's crontab file"
72 #define EOLN "unexpected end of line."
73 #define UNEXPECT "unexpected character found in line."
74 #define OUTOFBOUND "number out of bounds."
75 #define ERRSFND "errors detected in input, no crontab file generated."
76 #define ED_ERROR \
77 " The editor indicates that an error occurred while you were\n"\
78 " editing the crontab data - usually a minor typing error.\n\n"
79 #define BADREAD "error reading your crontab file"
80 #define ED_PROMPT \
81 " Edit again, to ensure crontab information is intact? "
82 #define NAMETOOLONG "login name too long"
83 #define BAD_SHELL "Invalid shell specified: %s"
84 #define BAD_HOME "Unable to access directory: %s\t%s\n"
85
86 extern int per_errno;
87
88 int err;
89 int cursor;
90 char *cf;
91 char *tnam;
92 char edtemp[5+13+1];
93 char line[CTLINESIZE];
94 static char login[UNAMESIZE];
95
96 static int next_field(int, int);
97 static void catch(int);
98 static void crabort(char *);
99 static void cerror(char *);
100 static void copycron(FILE *);
101
102 int
103 main(int argc, char **argv)
104 {
105 int c, r;
106 int rflag = 0;
107 int lflag = 0;
108 int eflag = 0;
109 int errflg = 0;
110 char *pp;
111 FILE *fp, *tmpfp;
112 struct stat stbuf;
113 struct passwd *pwp;
114 time_t omodtime;
115 char *editor;
116 uid_t ruid;
117 pid_t pid;
118 int stat_loc;
119 int ret;
120 char real_login[UNAMESIZE];
121 int tmpfd = -1;
122 pam_handle_t *pamh;
123 int pam_error;
124 char *buf;
125 size_t buflen;
126
127 (void) setlocale(LC_ALL, "");
128 #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D */
129 #define TEXT_DOMAIN "SYS_TEST" /* Use this only if it weren't */
130 #endif
131 (void) textdomain(TEXT_DOMAIN);
132
133 if (init_yes() < 0) {
134 (void) fprintf(stderr, gettext(ERR_MSG_INIT_YES),
135 strerror(errno));
136 exit(1);
137 }
138
139 while ((c = getopt(argc, argv, "elr")) != EOF)
140 switch (c) {
141 case 'e':
142 eflag++;
143 break;
144 case 'l':
145 lflag++;
146 break;
147 case 'r':
148 rflag++;
149 break;
150 case '?':
151 errflg++;
152 break;
153 }
154
155 if (eflag + lflag + rflag > 1)
156 errflg++;
157
158 argc -= optind;
159 argv += optind;
160 if (errflg || argc > 1)
161 crabort(BADUSAGE);
162
163 ruid = getuid();
164 if ((pwp = getpwuid(ruid)) == NULL)
165 crabort(INVALIDUSER);
166
167 if (strlcpy(real_login, pwp->pw_name, sizeof (real_login))
168 >= sizeof (real_login))
169 crabort(NAMETOOLONG);
170
171 if ((eflag || lflag || rflag) && argc == 1) {
172 if ((pwp = getpwnam(*argv)) == NULL)
173 crabort(INVALIDUSER);
174
175 if (!cron_admin(real_login)) {
176 if (pwp->pw_uid != ruid)
177 crabort(NOTROOT);
178 else
179 pp = getuser(ruid);
180 } else
181 pp = *argv++;
182 } else {
183 pp = getuser(ruid);
184 }
185
186 if (pp == NULL) {
187 if (per_errno == 2)
188 crabort(BADSHELL);
189 else
190 crabort(INVALIDUSER);
191 }
192 if (strlcpy(login, pp, sizeof (login)) >= sizeof (login))
193 crabort(NAMETOOLONG);
194 if (!allowed(login, CRONALLOW, CRONDENY))
195 crabort(NOTALLOWED);
196
197 /* Do account validation check */
198 pam_error = pam_start("cron", pp, NULL, &pamh);
199 if (pam_error != PAM_SUCCESS) {
200 crabort((char *)pam_strerror(pamh, pam_error));
201 }
202 pam_error = pam_acct_mgmt(pamh, PAM_SILENT);
203 if (pam_error != PAM_SUCCESS) {
204 (void) fprintf(stderr, gettext("Warning - Invalid account: "
205 "'%s' not allowed to execute cronjobs\n"), pp);
206 }
207 (void) pam_end(pamh, PAM_SUCCESS);
208
209
210 cf = xmalloc(strlen(CRONDIR)+strlen(login)+2);
211 strcat(strcat(strcpy(cf, CRONDIR), "/"), login);
212
213 if (rflag) {
214 r = unlink(cf);
215 cron_sendmsg(DELETE, login, login, CRON);
216 exit(0);
217 }
218 if (lflag) {
219 if ((fp = fopen(cf, "r")) == NULL)
220 crabort(BADOPEN);
221 while (fgets(line, CTLINESIZE, fp) != NULL)
222 fputs(line, stdout);
223 fclose(fp);
224 exit(0);
225 }
226 if (eflag) {
227 if ((fp = fopen(cf, "r")) == NULL) {
228 if (errno != ENOENT)
229 crabort(BADOPEN);
230 }
231 (void) strcpy(edtemp, "/tmp/crontabXXXXXX");
232 tmpfd = mkstemp(edtemp);
233 if (fchown(tmpfd, ruid, -1) == -1) {
234 (void) close(tmpfd);
235 crabort("fchown of temporary file failed");
236 }
237 (void) close(tmpfd);
238 /*
239 * Fork off a child with user's permissions,
240 * to edit the crontab file
241 */
242 if ((pid = fork()) == (pid_t)-1)
243 crabort("fork failed");
244 if (pid == 0) { /* child process */
245 /* give up super-user privileges. */
246 setuid(ruid);
247 if ((tmpfp = fopen(edtemp, "w")) == NULL)
248 crabort("can't create temporary file");
249 if (fp != NULL) {
250 /*
251 * Copy user's crontab file to temporary file.
252 */
253 while (fgets(line, CTLINESIZE, fp) != NULL) {
254 fputs(line, tmpfp);
255 if (ferror(tmpfp)) {
256 fclose(fp);
257 fclose(tmpfp);
258 crabort("write error on"
259 "temporary file");
260 }
261 }
262 if (ferror(fp)) {
263 fclose(fp);
264 fclose(tmpfp);
265 crabort(BADREAD);
266 }
267 fclose(fp);
268 }
269 if (fclose(tmpfp) == EOF)
270 crabort("write error on temporary file");
271 if (stat(edtemp, &stbuf) < 0)
272 crabort("can't stat temporary file");
273 omodtime = stbuf.st_mtime;
274 editor = getenv("EDITOR");
275 if (editor == NULL)
276 editor = VIPATH;
277 buflen = strlen(editor) + strlen(edtemp) + 2;
278 buf = xmalloc(buflen);
279 (void) snprintf(buf, buflen, "%s %s", editor, edtemp);
280
281 sleep(1);
282
283 while (1) {
284 ret = system(buf);
285
286 /* sanity checks */
287 if ((tmpfp = fopen(edtemp, "r")) == NULL)
288 crabort("can't open temporary file");
289 if (fstat(fileno(tmpfp), &stbuf) < 0)
290 crabort("can't stat temporary file");
291 if (stbuf.st_size == 0)
292 crabort("temporary file empty");
293 if (omodtime == stbuf.st_mtime) {
294 (void) unlink(edtemp);
295 fprintf(stderr, gettext(
296 "The crontab file was not"
297 " changed.\n"));
298 exit(1);
299 }
300 if ((ret) && (errno != EINTR)) {
301 /*
302 * Some editors (like 'vi') can return
303 * a non-zero exit status even though
304 * everything is okay. Need to check.
305 */
306 fprintf(stderr, gettext(ED_ERROR));
307 fflush(stderr);
308 if (isatty(fileno(stdin))) {
309 /* Interactive */
310 fprintf(stdout,
311 gettext(ED_PROMPT));
312 fflush(stdout);
313
314 if (yes()) {
315 /* Edit again */
316 continue;
317 } else {
318 /* Dump changes */
319 (void) unlink(edtemp);
320 exit(1);
321 }
322 } else {
323 /*
324 * Non-interactive, dump changes
325 */
326 (void) unlink(edtemp);
327 exit(1);
328 }
329 }
330 exit(0);
331 } /* while (1) */
332 }
333
334 /* fix for 1125555 - ignore common signals while waiting */
335 (void) signal(SIGINT, SIG_IGN);
336 (void) signal(SIGHUP, SIG_IGN);
337 (void) signal(SIGQUIT, SIG_IGN);
338 (void) signal(SIGTERM, SIG_IGN);
339 wait(&stat_loc);
340 if ((stat_loc & 0xFF00) != 0)
341 exit(1);
342
343 /*
344 * unlink edtemp as 'ruid'. The file contents will be held
345 * since we open the file descriptor 'tmpfp' before calling
346 * unlink.
347 */
348 if (((ret = seteuid(ruid)) < 0) ||
349 ((tmpfp = fopen(edtemp, "r")) == NULL) ||
350 (unlink(edtemp) == -1)) {
351 fprintf(stderr, "crontab: %s: %s\n",
352 edtemp, errmsg(errno));
353 if ((ret < 0) || (tmpfp == NULL))
354 (void) unlink(edtemp);
355 exit(1);
356 } else
357 seteuid(0);
358
359 copycron(tmpfp);
360 } else {
361 if (argc == 0)
362 copycron(stdin);
363 else if (seteuid(getuid()) != 0 || (fp = fopen(argv[0], "r"))
364 == NULL)
365 crabort(BADOPEN);
366 else {
367 seteuid(0);
368 copycron(fp);
369 }
370 }
371 cron_sendmsg(ADD, login, login, CRON);
372 /*
373 * if (per_errno == 2)
374 * fprintf(stderr, gettext(WARNSHELL));
375 */
376 return (0);
377 }
378
379 static void
380 copycron(fp)
381 FILE *fp;
382 {
383 FILE *tfp;
384 char pid[6], *tnam_end;
385 int t;
386 char buf[LINE_MAX];
387
388 sprintf(pid, "%-5d", getpid());
389 tnam = xmalloc(strlen(CRONDIR)+strlen(TMPFILE)+7);
390 strcat(strcat(strcat(strcpy(tnam, CRONDIR), "/"), TMPFILE), pid);
391 /* cut trailing blanks */
392 tnam_end = strchr(tnam, ' ');
393 if (tnam_end != NULL)
394 *tnam_end = 0;
395 /* catch SIGINT, SIGHUP, SIGQUIT signals */
396 if (signal(SIGINT, catch) == SIG_IGN)
397 signal(SIGINT, SIG_IGN);
398 if (signal(SIGHUP, catch) == SIG_IGN) signal(SIGHUP, SIG_IGN);
399 if (signal(SIGQUIT, catch) == SIG_IGN) signal(SIGQUIT, SIG_IGN);
400 if (signal(SIGTERM, catch) == SIG_IGN) signal(SIGTERM, SIG_IGN);
401 if ((t = creat(tnam, CRMODE)) == -1) crabort(BADCREATE);
402 if ((tfp = fdopen(t, "w")) == NULL) {
403 unlink(tnam);
404 crabort(BADCREATE);
405 }
406 err = 0; /* if errors found, err set to 1 */
407 while (fgets(line, CTLINESIZE, fp) != NULL) {
408 cursor = 0;
409 while (line[cursor] == ' ' || line[cursor] == '\t')
410 cursor++;
411 /* fix for 1039689 - treat blank line like a comment */
412 if (line[cursor] == '#' || line[cursor] == '\n')
413 goto cont;
414
415 if (strncmp(&line[cursor], ENV_TZ, strlen(ENV_TZ)) == 0) {
416 char *x;
417
418 strncpy(buf, &line[cursor + strlen(ENV_TZ)],
419 sizeof (buf));
420 if ((x = strchr(buf, '\n')) != NULL)
421 *x = '\0';
422
423 goto cont;
424 } else if (strncmp(&line[cursor], ENV_SHELL,
425 strlen(ENV_SHELL)) == 0) {
426 char *x;
427
428 strncpy(buf, &line[cursor + strlen(ENV_SHELL)],
429 sizeof (buf));
430 if ((x = strchr(buf, '\n')) != NULL)
431 *x = '\0';
432
433 if (isvalid_shell(buf)) {
434 goto cont;
435 } else {
436 err = 1;
437 fprintf(stderr, BAD_SHELL, &line[cursor]);
438 continue;
439 }
440 } else if (strncmp(&line[cursor], ENV_HOME,
441 strlen(ENV_HOME)) == 0) {
442 char *x;
443
444 strncpy(buf, &line[cursor + strlen(ENV_HOME)],
445 sizeof (buf));
446 if ((x = strchr(buf, '\n')) != NULL)
447 *x = '\0';
448 if (chdir(buf) == 0) {
449 goto cont;
450 } else {
451 err = 1;
452 fprintf(stderr, BAD_HOME, &line[cursor],
453 strerror(errno));
454 continue;
455 }
456 }
457
458 if (next_field(0, 59)) continue;
459 if (next_field(0, 23)) continue;
460 if (next_field(1, 31)) continue;
461 if (next_field(1, 12)) continue;
462 if (next_field(0, 06)) continue;
463 if (line[++cursor] == '\0') {
464 cerror(EOLN);
465 continue;
466 }
467 cont:
468 if (fputs(line, tfp) == EOF) {
469 unlink(tnam);
470 crabort(BADCREATE);
471 }
472 }
473 fclose(fp);
474 fclose(tfp);
475
476 if (!err) {
477 /* make file tfp the new crontab */
478 unlink(cf);
479 if (link(tnam, cf) == -1) {
480 unlink(tnam);
481 crabort(BADCREATE);
482 }
483 } else {
484 crabort(ERRSFND);
485 }
486 unlink(tnam);
487 }
488
489 static int
490 next_field(lower, upper)
491 int lower, upper;
492 {
493 int num, num2;
494
495 while ((line[cursor] == ' ') || (line[cursor] == '\t')) cursor++;
496 if (line[cursor] == '\0') {
497 cerror(EOLN);
498 return (1);
499 }
500 if (line[cursor] == '*') {
501 cursor++;
502 if ((line[cursor] != ' ') && (line[cursor] != '\t')) {
503 cerror(UNEXPECT);
504 return (1);
505 }
506 return (0);
507 }
508 while (TRUE) {
509 if (!isdigit(line[cursor])) {
510 cerror(UNEXPECT);
511 return (1);
512 }
513 num = 0;
514 do {
515 num = num*10 + (line[cursor]-'0');
516 } while (isdigit(line[++cursor]));
517 if ((num < lower) || (num > upper)) {
518 cerror(OUTOFBOUND);
519 return (1);
520 }
521 if (line[cursor] == '-') {
522 if (!isdigit(line[++cursor])) {
523 cerror(UNEXPECT);
524 return (1);
525 }
526 num2 = 0;
527 do {
528 num2 = num2*10 + (line[cursor]-'0');
529 } while (isdigit(line[++cursor]));
530 if ((num2 < lower) || (num2 > upper)) {
531 cerror(OUTOFBOUND);
532 return (1);
533 }
534 }
535 if ((line[cursor] == ' ') || (line[cursor] == '\t')) break;
536 if (line[cursor] == '\0') {
537 cerror(EOLN);
538 return (1);
539 }
540 if (line[cursor++] != ',') {
541 cerror(UNEXPECT);
542 return (1);
543 }
544 }
545 return (0);
546 }
547
548 static void
549 cerror(msg)
550 char *msg;
551 {
552 fprintf(stderr, gettext("%scrontab: error on previous line; %s\n"),
553 line, msg);
554 err = 1;
555 }
556
557
558 static void
559 catch(int x)
560 {
561 unlink(tnam);
562 exit(1);
563 }
564
565 static void
566 crabort(msg)
567 char *msg;
568 {
569 int sverrno;
570
571 if (strcmp(edtemp, "") != 0) {
572 sverrno = errno;
573 (void) unlink(edtemp);
574 errno = sverrno;
575 }
576 if (tnam != NULL) {
577 sverrno = errno;
578 (void) unlink(tnam);
579 errno = sverrno;
580 }
581 fprintf(stderr, "crontab: %s\n", gettext(msg));
582 exit(1);
583 }
Unleashed OS