diff options
author | davidn <davidn@FreeBSD.org> | 1997-01-20 15:31:33 +0000 |
---|---|---|
committer | davidn <davidn@FreeBSD.org> | 1997-01-20 15:31:33 +0000 |
commit | f4e00f119e525cafebeeb7ae9b0f6ff642f951e4 (patch) | |
tree | 791753da7da49f4e5788d8e7c7020eba15588a12 /usr.sbin/cron | |
parent | 4f7f8be8ac52985f3938c72203cfb77575bbcb4b (diff) | |
download | FreeBSD-src-f4e00f119e525cafebeeb7ae9b0f6ff642f951e4.zip FreeBSD-src-f4e00f119e525cafebeeb7ae9b0f6ff642f951e4.tar.gz |
Make cron login class savvy.
Use setusercontext() rather than setuid()/setgid()/setlogin()/initgroups()
which is all handled. Login environment is NOT set by this call as crontab
provides its own means of doing so.
Diffstat (limited to 'usr.sbin/cron')
-rw-r--r-- | usr.sbin/cron/cron/Makefile | 2 | ||||
-rw-r--r-- | usr.sbin/cron/cron/do_command.c | 15 |
2 files changed, 17 insertions, 0 deletions
diff --git a/usr.sbin/cron/cron/Makefile b/usr.sbin/cron/cron/Makefile index 27d2a3a..a81be73 100644 --- a/usr.sbin/cron/cron/Makefile +++ b/usr.sbin/cron/cron/Makefile @@ -4,6 +4,8 @@ PROG= cron SRCS= cron.c database.c do_command.c job.c user.c popen.c MAN8= cron.8 +CFLAGS+=-DLOGIN_CAP + .if exists(${.OBJDIR}/../lib) LDDESTDIR+= -L${.OBJDIR}/../lib DPADD+= ${.OBJDIR}/../lib/libcron.a diff --git a/usr.sbin/cron/cron/do_command.c b/usr.sbin/cron/cron/do_command.c index 736fe89..3898705 100644 --- a/usr.sbin/cron/cron/do_command.c +++ b/usr.sbin/cron/cron/do_command.c @@ -28,6 +28,9 @@ static char rcsid[] = "$FreeBSD$"; #if defined(SYSLOG) # include <syslog.h> #endif +#if defined(LOGIN_CAP) +# include <login_cap.h> +#endif static void child_process __P((entry *, user *)), @@ -77,6 +80,10 @@ child_process(e, u) register char *input_data; char *usernm, *mailto; int children = 0; +# if defined(LOGIN_CAP) + struct passwd *pwd = getpwuid(e->uid); + login_cap_t *lc = login_getclass(pwd); +# endif Debug(DPROC, ("[%d] child_process('%s')\n", getpid(), e->cmd)) @@ -212,6 +219,13 @@ child_process(e, u) */ do_univ(u); +# if defined(LOGIN_CAP) + /* Set user's entire context, but skip the environment + * as cron provides a separate interface for this + */ + setusercontext(lc, pwd, e->uid, LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETENV)); + login_close(lc); +# else /* set our directory, uid and gid. Set gid first, since once * we set uid, we've lost root privledges. */ @@ -221,6 +235,7 @@ child_process(e, u) # endif setlogin(usernm); setuid(e->uid); /* we aren't root after this... */ +#endif chdir(env_get("HOME", e->envp)); /* exec the command. |