summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--sbin/ping/ping.c3
-rw-r--r--sbin/ping6/ping6.c6
-rw-r--r--usr.bin/at/privs.h20
-rw-r--r--usr.sbin/lpr/common_source/common.c25
-rw-r--r--usr.sbin/lpr/common_source/displayq.c41
-rw-r--r--usr.sbin/lpr/common_source/lp.h11
-rw-r--r--usr.sbin/lpr/common_source/net.c37
-rw-r--r--usr.sbin/lpr/common_source/rmjob.c25
-rw-r--r--usr.sbin/lpr/common_source/startdaemon.c4
-rw-r--r--usr.sbin/lpr/lpc/cmds.c59
-rw-r--r--usr.sbin/lpr/lpc/lpc.c6
-rw-r--r--usr.sbin/lpr/lpc/movejobs.c5
-rw-r--r--usr.sbin/lpr/lpd/printjob.c3
-rw-r--r--usr.sbin/lpr/lpq/lpq.c2
-rw-r--r--usr.sbin/lpr/lpr/lpr.c34
-rw-r--r--usr.sbin/lpr/lprm/lprm.c3
16 files changed, 153 insertions, 131 deletions
diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c
index f8f62d1..85d0348 100644
--- a/sbin/ping/ping.c
+++ b/sbin/ping/ping.c
@@ -255,7 +255,8 @@ main(int argc, char *const *argv)
s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
sockerrno = errno;
- setuid(getuid());
+ if (setuid(getuid()) != 0)
+ err(EX_NOPERM, "setuid() failed");
uid = getuid();
alarmtimeout = df = preload = tos = 0;
diff --git a/sbin/ping6/ping6.c b/sbin/ping6/ping6.c
index 711561e..8c3e16b 100644
--- a/sbin/ping6/ping6.c
+++ b/sbin/ping6/ping6.c
@@ -702,8 +702,10 @@ main(int argc, char *argv[])
}
/* revoke root privilege */
- seteuid(getuid());
- setuid(getuid());
+ if (seteuid(getuid()) != 0)
+ err(1, "seteuid() failed");
+ if (setuid(getuid()) != 0)
+ err(1, "setuid() failed");
if ((options & F_FLOOD) && (options & F_INTERVAL))
errx(1, "-f and -i incompatible options");
diff --git a/usr.bin/at/privs.h b/usr.bin/at/privs.h
index 3f70ce8..297c252 100644
--- a/usr.bin/at/privs.h
+++ b/usr.bin/at/privs.h
@@ -72,8 +72,8 @@ gid_t real_gid, effective_gid;
effective_uid = geteuid(); \
real_gid = getgid(); \
effective_gid = getegid(); \
- seteuid(real_uid); \
- setegid(real_gid); \
+ if (seteuid(real_uid) != 0) err(1, "seteuid failed"); \
+ if (setegid(real_gid) != 0) err(1, "setegid failed"); \
}
#define RELINQUISH_PRIVS_ROOT(a, b) { \
@@ -81,26 +81,26 @@ gid_t real_gid, effective_gid;
effective_uid = geteuid(); \
real_gid = (b); \
effective_gid = getegid(); \
- setegid(real_gid); \
- seteuid(real_uid); \
+ if (setegid(real_gid) != 0) err(1, "setegid failed"); \
+ if (seteuid(real_uid) != 0) err(1, "seteuid failed"); \
}
#define PRIV_START { \
- seteuid(effective_uid); \
- setegid(effective_gid); \
+ if (seteuid(effective_uid) != 0) err(1, "seteuid failed"); \
+ if (setegid(effective_gid) != 0) err(1, "setegid failed"); \
}
#define PRIV_END { \
- setegid(real_gid); \
- seteuid(real_uid); \
+ if (setegid(real_gid) != 0) err(1, "setegid failed"); \
+ if (seteuid(real_uid) != 0) err(1, "seteuid failed"); \
}
#define REDUCE_PRIV(a, b) { \
PRIV_START \
effective_uid = (a); \
effective_gid = (b); \
- setreuid((uid_t)-1, effective_uid); \
- setregid((gid_t)-1, effective_gid); \
+ if (setreuid((uid_t)-1, effective_uid) != 0) err(1, "setreuid failed"); \
+ if (setregid((gid_t)-1, effective_gid) != 0) err(1, "setregid failed"); \
PRIV_END \
}
#endif
diff --git a/usr.sbin/lpr/common_source/common.c b/usr.sbin/lpr/common_source/common.c
index c9c276d..ce4a62d 100644
--- a/usr.sbin/lpr/common_source/common.c
+++ b/usr.sbin/lpr/common_source/common.c
@@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <dirent.h>
+#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
@@ -125,14 +126,14 @@ getq(const struct printer *pp, struct jobqueue *(*namelist[]))
DIR *dirp;
int statres;
- seteuid(euid);
+ PRIV_START
if ((dirp = opendir(pp->spool_dir)) == NULL) {
- seteuid(uid);
+ PRIV_END
return (-1);
}
if (fstat(dirfd(dirp), &stbuf) < 0)
goto errdone;
- seteuid(uid);
+ PRIV_END
/*
* Estimate the array size by taking the size of the directory file
@@ -149,9 +150,9 @@ getq(const struct printer *pp, struct jobqueue *(*namelist[]))
while ((d = readdir(dirp)) != NULL) {
if (d->d_name[0] != 'c' || d->d_name[1] != 'f')
continue; /* daemon control files only */
- seteuid(euid);
+ PRIV_START
statres = stat(d->d_name, &stbuf);
- seteuid(uid);
+ PRIV_END
if (statres < 0)
continue; /* Doesn't exist */
entrysz = sizeof(struct jobqueue) - sizeof(q->job_cfname) +
@@ -184,7 +185,7 @@ getq(const struct printer *pp, struct jobqueue *(*namelist[]))
errdone:
closedir(dirp);
- seteuid(uid);
+ PRIV_END
return (-1);
}
@@ -340,10 +341,10 @@ set_qstate(int action, const char *lfname)
* Find what the current access-bits are.
*/
memset(&stbuf, 0, sizeof(stbuf));
- seteuid(euid);
+ PRIV_START
statres = stat(lfname, &stbuf);
errsav = errno;
- seteuid(uid);
+ PRIV_END
if ((statres < 0) && (errsav != ENOENT)) {
printf("\tcannot stat() lock file\n");
return (SQS_STATFAIL);
@@ -402,10 +403,10 @@ set_qstate(int action, const char *lfname)
res = 0;
if (statres >= 0) {
/* The file already exists, so change the access. */
- seteuid(euid);
+ PRIV_START
chres = chmod(lfname, chgbits);
errsav = errno;
- seteuid(uid);
+ PRIV_END
res = SQS_CHGOK;
if (chres < 0)
res = SQS_CHGFAIL;
@@ -424,10 +425,10 @@ set_qstate(int action, const char *lfname)
* all the read/write bits are set as desired.
*/
oldmask = umask(S_IWOTH);
- seteuid(euid);
+ PRIV_START
fd = open(lfname, O_WRONLY|O_CREAT, newbits);
errsav = errno;
- seteuid(uid);
+ PRIV_END
umask(oldmask);
res = SQS_CREFAIL;
if (fd >= 0) {
diff --git a/usr.sbin/lpr/common_source/displayq.c b/usr.sbin/lpr/common_source/displayq.c
index 061b370..b4bd7ce 100644
--- a/usr.sbin/lpr/common_source/displayq.c
+++ b/usr.sbin/lpr/common_source/displayq.c
@@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <dirent.h>
+#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <signal.h>
@@ -90,7 +91,7 @@ static const char *head1 = "Total Size\n";
static void alarmhandler(int _signo);
static void filtered_write(char *_obuffer, int _wlen, FILE *_wstream);
-static void warn(const struct printer *_pp);
+static void daemonwarn(const struct printer *_pp);
/*
* Display the current state of the queue. Format = 1 if long format.
@@ -119,24 +120,24 @@ displayq(struct printer *pp, int format)
* Print out local queue
* Find all the control files in the spooling directory
*/
- seteuid(euid);
+ PRIV_START
if (chdir(pp->spool_dir) < 0)
fatal(pp, "cannot chdir to spooling directory: %s",
strerror(errno));
- seteuid(uid);
+ PRIV_END
if ((nitems = getq(pp, &queue)) < 0)
fatal(pp, "cannot examine spooling area\n");
- seteuid(euid);
+ PRIV_START
ret = stat(pp->lock_file, &statb);
- seteuid(uid);
+ PRIV_END
if (ret >= 0) {
if (statb.st_mode & LFM_PRINT_DIS) {
if (pp->remote)
printf("%s: ", local_host);
printf("Warning: %s is down: ", pp->printer);
- seteuid(euid);
+ PRIV_START
fd = open(pp->status_file, O_RDONLY|O_SHLOCK);
- seteuid(uid);
+ PRIV_END
if (fd >= 0) {
while ((i = read(fd, line, sizeof(line))) > 0)
(void) fwrite(line, 1, i, stdout);
@@ -153,11 +154,11 @@ displayq(struct printer *pp, int format)
}
if (nitems) {
- seteuid(euid);
+ PRIV_START
fp = fopen(pp->lock_file, "r");
- seteuid(uid);
+ PRIV_END
if (fp == NULL)
- warn(pp);
+ daemonwarn(pp);
else {
/* get daemon pid */
cp = current;
@@ -171,12 +172,12 @@ displayq(struct printer *pp, int format)
if (i <= 0) {
ret = -1;
} else {
- seteuid(euid);
+ PRIV_START
ret = kill(i, 0);
- seteuid(uid);
+ PRIV_END
}
if (ret < 0) {
- warn(pp);
+ daemonwarn(pp);
} else {
/* read current file name */
cp = current;
@@ -191,9 +192,9 @@ displayq(struct printer *pp, int format)
*/
if (pp->remote)
printf("%s: ", local_host);
- seteuid(euid);
+ PRIV_START
fd = open(pp->status_file, O_RDONLY|O_SHLOCK);
- seteuid(uid);
+ PRIV_END
if (fd >= 0) {
while ((i = read(fd, line,
sizeof(line))) > 0)
@@ -360,7 +361,7 @@ check_next:
* Print a warning message if there is no daemon present.
*/
static void
-warn(const struct printer *pp)
+daemonwarn(const struct printer *pp)
{
if (pp->remote)
printf("%s: ", local_host);
@@ -391,10 +392,10 @@ inform(const struct printer *pp, char *cf)
* There's a chance the control file has gone away
* in the meantime; if this is the case just keep going
*/
- seteuid(euid);
+ PRIV_START
if ((cfp = fopen(cf, "r")) == NULL)
return;
- seteuid(uid);
+ PRIV_END
if (rank < 0)
rank = 0;
@@ -578,10 +579,10 @@ dump(const char *nfile, const char *datafile, int copies)
}
first = 0;
- seteuid(euid);
+ PRIV_START
if (*datafile && !stat(datafile, &lbuf))
totsize += copies * lbuf.st_size;
- seteuid(uid);
+ PRIV_END
}
/*
diff --git a/usr.sbin/lpr/common_source/lp.h b/usr.sbin/lpr/common_source/lp.h
index b7ebff6..ab7ce2e 100644
--- a/usr.sbin/lpr/common_source/lp.h
+++ b/usr.sbin/lpr/common_source/lp.h
@@ -249,6 +249,17 @@ typedef enum { TR_SENDING, TR_RECVING, TR_PRINTING } tr_sendrecv;
#define CMD_SHOWQ_LONG '\4'
#define CMD_RMJOB '\5'
+/*
+ * seteuid() macros.
+*/
+#define PRIV_START { \
+ if (seteuid(uid) != 0) err(1, "seteuid failed"); \
+}
+#define PRIV_END { \
+ if (seteuid(euid) != 0) err(1, "seteuid failed"); \
+}
+
+
#include "lp.cdefs.h" /* A cross-platform version of <sys/cdefs.h> */
__BEGIN_DECLS
diff --git a/usr.sbin/lpr/common_source/net.c b/usr.sbin/lpr/common_source/net.c
index 2a1e0c8..0ac816a 100644
--- a/usr.sbin/lpr/common_source/net.c
+++ b/usr.sbin/lpr/common_source/net.c
@@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$");
#include <netdb.h>
#include <dirent.h> /* required for lp.h, not used here */
+#include <err.h>
#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
@@ -91,7 +92,7 @@ getport(const struct printer *pp, const char *rhost, int rport)
{
struct addrinfo hints, *res, *ai;
int s, timo = 1, lport = IPPORT_RESERVED - 1;
- int err, refused = 0;
+ int error, refused = 0;
/*
* Get the host address and port number to connect to.
@@ -102,10 +103,10 @@ getport(const struct printer *pp, const char *rhost, int rport)
hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = 0;
- err = getaddrinfo(rhost, (rport == 0 ? "printer" : NULL),
+ error = getaddrinfo(rhost, (rport == 0 ? "printer" : NULL),
&hints, &res);
- if (err)
- fatal(pp, "%s\n", gai_strerror(err));
+ if (error)
+ fatal(pp, "%s\n", gai_strerror(error));
if (rport != 0)
((struct sockaddr_in *) res->ai_addr)->sin_port = htons(rport);
@@ -114,9 +115,9 @@ getport(const struct printer *pp, const char *rhost, int rport)
*/
ai = res;
retry:
- seteuid(euid);
+ PRIV_START
s = rresvport_af(&lport, ai->ai_family);
- seteuid(uid);
+ PRIV_END
if (s < 0) {
if (errno != EAGAIN) {
if (ai->ai_next) {
@@ -135,9 +136,9 @@ retry:
return(-1);
}
if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0) {
- err = errno;
+ error = errno;
(void) close(s);
- errno = err;
+ errno = error;
/*
* This used to decrement lport, but the current semantics
* of rresvport do not provide such a function (in fact,
@@ -184,8 +185,8 @@ checkremote(struct printer *pp)
{
char lclhost[MAXHOSTNAMELEN];
struct addrinfo hints, *local_res, *remote_res, *lr, *rr;
- char *err;
- int ncommonaddrs, error;
+ char *error;
+ int ncommonaddrs, errno;
char h1[NI_MAXHOST], h2[NI_MAXHOST];
if (!pp->rp_matches_local) { /* Remote printer doesn't match local */
@@ -205,11 +206,11 @@ checkremote(struct printer *pp)
hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
- if ((error = getaddrinfo(lclhost, NULL, &hints, &local_res)) != 0) {
- asprintf(&err, "unable to get official name "
+ if ((errno = getaddrinfo(lclhost, NULL, &hints, &local_res)) != 0) {
+ asprintf(&error, "unable to get official name "
"for local machine %s: %s",
- lclhost, gai_strerror(error));
- return err;
+ lclhost, gai_strerror(errno));
+ return error;
}
/* get the official name of RM */
@@ -217,13 +218,13 @@ checkremote(struct printer *pp)
hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
- if ((error = getaddrinfo(pp->remote_host, NULL,
+ if ((errno = getaddrinfo(pp->remote_host, NULL,
&hints, &remote_res)) != 0) {
- asprintf(&err, "unable to get address list for "
+ asprintf(&error, "unable to get address list for "
"remote machine %s: %s",
- pp->remote_host, gai_strerror(error));
+ pp->remote_host, gai_strerror(errno));
freeaddrinfo(local_res);
- return err;
+ return error;
}
ncommonaddrs = 0;
diff --git a/usr.sbin/lpr/common_source/rmjob.c b/usr.sbin/lpr/common_source/rmjob.c
index 912a48f..d0327a2 100644
--- a/usr.sbin/lpr/common_source/rmjob.c
+++ b/usr.sbin/lpr/common_source/rmjob.c
@@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <dirent.h>
+#include <err.h>
#include <errno.h>
#include <signal.h>
#include <stdio.h>
@@ -110,12 +111,12 @@ rmjob(const char *printer)
person = root;
}
- seteuid(euid);
+ PRIV_START
if (chdir(pp->spool_dir) < 0)
fatal(pp, "cannot chdir to spool directory");
if ((nitems = scandir(".", &files, iscf, NULL)) < 0)
fatal(pp, "cannot access spool directory");
- seteuid(uid);
+ PRIV_END
if (nitems) {
/*
@@ -124,9 +125,9 @@ rmjob(const char *printer)
* (after which we have to restart the daemon).
*/
if (lockchk(pp, pp->lock_file) && chk(current)) {
- seteuid(euid);
+ PRIV_START
assassinated = kill(cur_daemon, SIGINT) == 0;
- seteuid(uid);
+ PRIV_END
if (!assassinated)
fatal(pp, "cannot kill printer daemon");
}
@@ -156,14 +157,14 @@ lockchk(struct printer *pp, char *slockf)
register FILE *fp;
register int i, n;
- seteuid(euid);
+ PRIV_START
if ((fp = fopen(slockf, "r")) == NULL) {
if (errno == EACCES)
fatal(pp, "%s: %s", slockf, strerror(errno));
else
return(0);
}
- seteuid(uid);
+ PRIV_END
if (!getline(fp)) {
(void) fclose(fp);
return(0); /* no daemon present */
@@ -195,10 +196,10 @@ process(const struct printer *pp, char *file)
if (!chk(file))
return;
- seteuid(euid);
+ PRIV_START
if ((cfp = fopen(file, "r")) == NULL)
fatal(pp, "cannot open %s", file);
- seteuid(uid);
+ PRIV_END
while (getline(cfp)) {
switch (line[0]) {
case 'U': /* unlink associated files */
@@ -218,9 +219,9 @@ do_unlink(char *file)
if (from_host != local_host)
printf("%s: ", local_host);
- seteuid(euid);
+ PRIV_START
ret = unlink(file);
- seteuid(uid);
+ PRIV_END
printf(ret ? "cannot dequeue %s\n" : "%s dequeued\n", file);
}
@@ -248,10 +249,10 @@ chk(char *file)
/*
* get the owner's name from the control file.
*/
- seteuid(euid);
+ PRIV_START
if ((cfp = fopen(file, "r")) == NULL)
return(0);
- seteuid(uid);
+ PRIV_END
while (getline(cfp)) {
if (line[0] == 'P')
break;
diff --git a/usr.sbin/lpr/common_source/startdaemon.c b/usr.sbin/lpr/common_source/startdaemon.c
index b175d79..a1398bb 100644
--- a/usr.sbin/lpr/common_source/startdaemon.c
+++ b/usr.sbin/lpr/common_source/startdaemon.c
@@ -74,9 +74,9 @@ startdaemon(const struct printer *pp)
#ifndef SUN_LEN
#define SUN_LEN(unp) (strlen((unp)->sun_path) + 2)
#endif
- seteuid(euid);
+ PRIV_START
connectres = connect(s, (struct sockaddr *)&un, SUN_LEN(&un));
- seteuid(uid);
+ PRIV_END
if (connectres < 0) {
warn("Unable to connect to %s", _PATH_SOCKETNAME);
warnx("Check to see if the master 'lpd' process is running.");
diff --git a/usr.sbin/lpr/lpc/cmds.c b/usr.sbin/lpr/lpc/cmds.c
index 44516d8..f960f7c 100644
--- a/usr.sbin/lpr/lpc/cmds.c
+++ b/usr.sbin/lpr/lpc/cmds.c
@@ -54,6 +54,7 @@ __FBSDID("$FreeBSD$");
#include <signal.h>
#include <fcntl.h>
+#include <err.h>
#include <errno.h>
#include <dirent.h>
#include <unistd.h>
@@ -288,10 +289,10 @@ kill_qtask(const char *lf)
pid_t pid;
int errsav, killres, lockres, res;
- seteuid(euid);
+ PRIV_START
fp = fopen(lf, "r");
errsav = errno;
- seteuid(uid);
+ PRIV_END
res = KQT_NODAEMON;
if (fp == NULL) {
/*
@@ -329,10 +330,10 @@ kill_qtask(const char *lf)
goto killdone;
}
- seteuid(uid);
+ PRIV_END
killres = kill(pid, SIGTERM);
errsav = errno;
- seteuid(uid);
+ PRIV_END
if (killres == 0) {
res = KQT_KILLOK;
printf("\tdaemon (pid %d) killed\n", pid);
@@ -376,9 +377,9 @@ upstat(struct printer *pp, const char *msg, int notifyuser)
status_file_name(pp, statfile, sizeof statfile);
umask(0);
- seteuid(euid);
+ PRIV_START
fd = open(statfile, O_WRONLY|O_CREAT|O_EXLOCK, STAT_FILE_MODE);
- seteuid(uid);
+ PRIV_END
if (fd < 0) {
printf("\tcannot create status file: %s\n", strerror(errno));
return;
@@ -683,9 +684,9 @@ clean_q(struct printer *pp)
linerem = sizeof(line) - (lp - line);
cln_foundcore = 0;
- seteuid(euid);
+ PRIV_START
nitems = scandir(pp->spool_dir, &queue, doselect, sortq);
- seteuid(uid);
+ PRIV_END
if (nitems < 0) {
if (!didhead) {
printf("%s:\n", pp->printer);
@@ -795,9 +796,9 @@ unlinkf(char *name)
* that case, we need to check the last-mod time of the symlink, and
* not the file that the symlink is pointed at.
*/
- seteuid(euid);
+ PRIV_START
res = lstat(name, &stbuf);
- seteuid(uid);
+ PRIV_END
if (res < 0) {
printf("\terror return from stat(%s):\n", name);
printf("\t %s\n", strerror(errno));
@@ -819,9 +820,9 @@ unlinkf(char *name)
* symlink before unlink-ing the file itself
*/
if (S_ISLNK(stbuf.st_mode)) {
- seteuid(euid);
+ PRIV_START
res = readlink(name, linkbuf, sizeof(linkbuf));
- seteuid(uid);
+ PRIV_END
if (res < 0) {
printf("\terror return from readlink(%s):\n", name);
printf("\t %s\n", strerror(errno));
@@ -841,9 +842,9 @@ unlinkf(char *name)
printf("\t (which is a symlink to %s)\n", linkbuf);
}
} else {
- seteuid(euid);
+ PRIV_START
res = unlink(name);
- seteuid(uid);
+ PRIV_END
if (res < 0)
printf("\tcannot remove %s (!)\n", name);
else
@@ -983,9 +984,9 @@ restart_q(struct printer *pp)
/* make sure the queue is set to print jobs */
setres = set_qstate(SQS_STARTP, lf);
- seteuid(euid);
+ PRIV_START
startok = startdaemon(pp);
- seteuid(uid);
+ PRIV_END
if (!startok)
printf("\tcouldn't restart daemon\n");
else
@@ -1049,14 +1050,14 @@ start_q(struct printer *pp)
setres = set_qstate(SQS_STARTP, lf);
- seteuid(euid);
+ PRIV_START
startok = startdaemon(pp);
- seteuid(uid);
+ PRIV_END
if (!startok)
printf("\tcouldn't start daemon\n");
else
printf("\tdaemon started\n");
- seteuid(uid);
+ PRIV_END
}
/*
@@ -1178,12 +1179,12 @@ topq(int argc, char *argv[])
}
printf("%s:\n", pp->printer);
- seteuid(euid);
+ PRIV_START
if (chdir(pp->spool_dir) < 0) {
printf("\tcannot chdir to %s\n", pp->spool_dir);
goto out;
}
- seteuid(uid);
+ PRIV_END
nitems = getq(pp, &queue);
if (nitems == 0)
return;
@@ -1207,12 +1208,12 @@ topq(int argc, char *argv[])
* Turn on the public execute bit of the lock file to
* get lpd to rebuild the queue after the current job.
*/
- seteuid(euid);
+ PRIV_START
if (changed && stat(pp->lock_file, &stbuf) >= 0)
(void) chmod(pp->lock_file, stbuf.st_mode | LFM_RESET_QUE);
out:
- seteuid(uid);
+ PRIV_END
}
/*
@@ -1227,9 +1228,9 @@ touch(struct jobqueue *jq)
tvp[0].tv_sec = tvp[1].tv_sec = --mtime;
tvp[0].tv_usec = tvp[1].tv_usec = 0;
- seteuid(euid);
+ PRIV_START
ret = utimes(jq->job_cfname, tvp);
- seteuid(uid);
+ PRIV_END
return (ret);
}
@@ -1286,9 +1287,9 @@ doarg(char *job)
* Process item consisting of owner's name (example: henry).
*/
for (qq = queue + nitems; --qq >= queue; ) {
- seteuid(euid);
+ PRIV_START
fp = fopen((*qq)->job_cfname, "r");
- seteuid(uid);
+ PRIV_END
if (fp == NULL)
continue;
while (getline(fp) > 0)
@@ -1319,9 +1320,9 @@ up_q(struct printer *pp)
setres = set_qstate(SQS_ENABLEQ+SQS_STARTP, lf);
- seteuid(euid);
+ PRIV_START
startok = startdaemon(pp);
- seteuid(uid);
+ PRIV_END
if (!startok)
printf("\tcouldn't start daemon\n");
else
diff --git a/usr.sbin/lpr/lpc/lpc.c b/usr.sbin/lpr/lpc/lpc.c
index f9fb920..cc58bd9 100644
--- a/usr.sbin/lpr/lpc/lpc.c
+++ b/usr.sbin/lpr/lpc/lpc.c
@@ -93,7 +93,7 @@ main(int argc, char *argv[])
euid = geteuid();
uid = getuid();
- seteuid(uid);
+ PRIV_END
progname = argv[0];
openlog("lpd", 0, LOG_LPR);
@@ -405,9 +405,9 @@ setup_myprinter(char *pwanted, struct printer *pp, int sump_opts)
printf("%s:\n", pp->printer);
if (sump_opts & SUMP_CHDIR_SD) {
- seteuid(euid);
+ PRIV_START
cdres = chdir(pp->spool_dir);
- seteuid(uid);
+ PRIV_END
if (cdres < 0) {
printf("\tcannot chdir to %s\n", pp->spool_dir);
free_printer(pp);
diff --git a/usr.sbin/lpr/lpc/movejobs.c b/usr.sbin/lpr/lpc/movejobs.c
index 60c9b38..c349601 100644
--- a/usr.sbin/lpr/lpc/movejobs.c
+++ b/usr.sbin/lpr/lpc/movejobs.c
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <dirent.h> /* just for MAXNAMLEN, for job_cfname in lp.h! */
+#include <err.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -147,9 +148,9 @@ touch_jqe(void *myinfo, struct jobqueue *jq, struct jobspec *jspec)
touch_info = myinfo;
tvp[0].tv_sec = tvp[1].tv_sec = ++touch_info->newtime;
tvp[0].tv_usec = tvp[1].tv_usec = 0;
- seteuid(euid);
+ PRIV_START
ret = utimes(jq->job_cfname, tvp);
- seteuid(uid);
+ PRIV_END
if (ret == 0) {
if (jspec->matcheduser)
diff --git a/usr.sbin/lpr/lpd/printjob.c b/usr.sbin/lpr/lpd/printjob.c
index 6130054..9771498 100644
--- a/usr.sbin/lpr/lpd/printjob.c
+++ b/usr.sbin/lpr/lpd/printjob.c
@@ -61,6 +61,7 @@ __FBSDID("$FreeBSD$");
#include <syslog.h>
#include <fcntl.h>
#include <dirent.h>
+#include <err.h>
#include <errno.h>
#include <inttypes.h>
#include <stdio.h>
@@ -173,7 +174,7 @@ printjob(struct printer *pp)
pp->log_file);
(void) open(_PATH_DEVNULL, O_WRONLY);
}
- setgid(getegid());
+ if(setgid(getegid()) != 0) err(1, "setgid() failed");
printpid = getpid(); /* for use with lprm */
setpgrp(0, printpid);
diff --git a/usr.sbin/lpr/lpq/lpq.c b/usr.sbin/lpr/lpq/lpq.c
index 33082e5..f39c81b 100644
--- a/usr.sbin/lpr/lpq/lpq.c
+++ b/usr.sbin/lpr/lpq/lpq.c
@@ -88,7 +88,7 @@ main(int argc, char **argv)
printer = NULL;
euid = geteuid();
uid = getuid();
- seteuid(uid);
+ PRIV_END
progname = *argv;
if (gethostname(local_host, sizeof(local_host)))
err(1, "gethostname");
diff --git a/usr.sbin/lpr/lpr/lpr.c b/usr.sbin/lpr/lpr/lpr.c
index af7c807..394ccb0 100644
--- a/usr.sbin/lpr/lpr/lpr.c
+++ b/usr.sbin/lpr/lpr/lpr.c
@@ -145,7 +145,7 @@ main(int argc, char *argv[])
printer = NULL;
euid = geteuid();
uid = getuid();
- seteuid(uid);
+ PRIV_END
if (signal(SIGHUP, SIG_IGN) != SIG_IGN)
signal(SIGHUP, cleanup);
if (signal(SIGINT, SIG_IGN) != SIG_IGN)
@@ -326,10 +326,10 @@ main(int argc, char *argv[])
*/
mktemps(pp);
tfd = nfile(tfname);
- seteuid(euid);
+ PRIV_START
(void) fchown(tfd, pp->daemon_user, -1);
/* owned by daemon for protection */
- seteuid(uid);
+ PRIV_END
card('H', local_host);
card('P', lpr_username);
card('C', class);
@@ -415,7 +415,7 @@ main(int argc, char *argv[])
* can be very significant when running services like
* samba, pcnfs, CAP, et al.
*/
- seteuid(euid);
+ PRIV_START
didlink = 0;
/*
* There are several things to check to avoid any
@@ -453,11 +453,11 @@ main(int argc, char *argv[])
* safe. Otherwise, abandon the move and fall back
* to the (usual) copy method.
*/
- seteuid(uid);
+ PRIV_END
ret = access(dfname, R_OK);
if (ret == 0)
ret = unlink(arg);
- seteuid(euid);
+ PRIV_START
if (ret != 0)
goto nohardlink;
/*
@@ -467,7 +467,7 @@ main(int argc, char *argv[])
*/
chown(dfname, pp->daemon_user, getegid());
chmod(dfname, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
- seteuid(uid);
+ PRIV_END
if (format == 'p')
card('T', title ? title : arg);
for (i = 0; i < ncopies; i++)
@@ -479,7 +479,7 @@ main(int argc, char *argv[])
nohardlink:
if (didlink)
unlink(dfname);
- seteuid(uid); /* restore old uid */
+ PRIV_END /* restore old uid */
} /* end: if (f) */
if ((i = open(arg, O_RDONLY)) < 0) {
@@ -498,7 +498,7 @@ main(int argc, char *argv[])
/*
* Touch the control file to fix position in the queue.
*/
- seteuid(euid);
+ PRIV_START
if ((tfd = open(tfname, O_RDWR)) >= 0) {
char touch_c;
@@ -518,7 +518,7 @@ main(int argc, char *argv[])
cleanup(0);
}
unlink(tfname);
- seteuid(uid);
+ PRIV_END
if (qflag) /* just q things up */
exit(0);
if (!startdaemon(pp))
@@ -604,9 +604,9 @@ linked(const char *file)
strncat(buf, file, sizeof(buf) - strlen(buf) - 1);
file = buf;
}
- seteuid(euid);
+ PRIV_START
ret = symlink(file, dfname);
- seteuid(uid);
+ PRIV_END
return(ret ? NULL : file);
}
@@ -638,7 +638,7 @@ nfile(char *n)
register int f;
int oldumask = umask(0); /* should block signals */
- seteuid(euid);
+ PRIV_START
f = open(n, O_WRONLY | O_EXCL | O_CREAT, FILMOD);
(void) umask(oldumask);
if (f < 0) {
@@ -649,7 +649,7 @@ nfile(char *n)
printf("%s: cannot chown %s\n", progname, n);
cleanup(0); /* cleanup does exit */
}
- seteuid(uid);
+ PRIV_END
if (++n[inchar] > 'z') {
if (++n[inchar-2] == 't') {
printf("too many files - break up the job\n");
@@ -674,7 +674,7 @@ cleanup(int signo __unused)
signal(SIGQUIT, SIG_IGN);
signal(SIGTERM, SIG_IGN);
i = inchar;
- seteuid(euid);
+ PRIV_START
if (tfname)
do
unlink(tfname);
@@ -846,7 +846,7 @@ mktemps(const struct printer *pp)
char buf[BUFSIZ];
(void) snprintf(buf, sizeof(buf), "%s/.seq", pp->spool_dir);
- seteuid(euid);
+ PRIV_START
if ((fd = open(buf, O_RDWR|O_CREAT, 0664)) < 0) {
printf("%s: cannot create %s\n", progname, buf);
exit(1);
@@ -855,7 +855,7 @@ mktemps(const struct printer *pp)
printf("%s: cannot lock %s\n", progname, buf);
exit(1);
}
- seteuid(uid);
+ PRIV_END
n = 0;
if ((len = read(fd, buf, sizeof(buf))) > 0) {
for (cp = buf; len--; ) {
diff --git a/usr.sbin/lpr/lprm/lprm.c b/usr.sbin/lpr/lprm/lprm.c
index 741a8fa..35d8814 100644
--- a/usr.sbin/lpr/lprm/lprm.c
+++ b/usr.sbin/lpr/lprm/lprm.c
@@ -58,6 +58,7 @@ __FBSDID("$FreeBSD$");
#include <syslog.h>
#include <dirent.h>
+#include <err.h>
#include <pwd.h>
#include <unistd.h>
#include <stdlib.h>
@@ -93,7 +94,7 @@ main(int argc, char *argv[])
printer = NULL;
uid = getuid();
euid = geteuid();
- seteuid(uid); /* be safe */
+ PRIV_END /* be safe */
progname = argv[0];
gethostname(local_host, sizeof(local_host));
openlog("lpd", 0, LOG_LPR);
OpenPOWER on IntegriCloud