17c478bdstevel@tonic-gate/*
27c478bdstevel@tonic-gate * CDDL HEADER START
37c478bdstevel@tonic-gate *
47c478bdstevel@tonic-gate * The contents of this file are subject to the terms of the
5d1419d5Nobutomo Nakano * Common Development and Distribution License (the "License").
6d1419d5Nobutomo Nakano * You may not use this file except in compliance with the License.
77c478bdstevel@tonic-gate *
87c478bdstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bdstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bdstevel@tonic-gate * See the License for the specific language governing permissions
117c478bdstevel@tonic-gate * and limitations under the License.
127c478bdstevel@tonic-gate *
137c478bdstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bdstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bdstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bdstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bdstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bdstevel@tonic-gate *
197c478bdstevel@tonic-gate * CDDL HEADER END
207c478bdstevel@tonic-gate */
217c478bdstevel@tonic-gate/*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
227c478bdstevel@tonic-gate/*	  All Rights Reserved  	*/
237c478bdstevel@tonic-gate
247c478bdstevel@tonic-gate/*
25d1419d5Nobutomo Nakano * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
26d1419d5Nobutomo Nakano * Use is subject to license terms.
277c478bdstevel@tonic-gate */
287c478bdstevel@tonic-gate
297c478bdstevel@tonic-gate#include <sys/types.h>
307c478bdstevel@tonic-gate#include <sys/stat.h>
317c478bdstevel@tonic-gate#include <stdio.h>
327c478bdstevel@tonic-gate#include <string.h>
337c478bdstevel@tonic-gate#include <ctype.h>
347c478bdstevel@tonic-gate#include <pwd.h>
35d1419d5Nobutomo Nakano#include <auth_attr.h>
36d1419d5Nobutomo Nakano#include <auth_list.h>
37d1419d5Nobutomo Nakano
387c478bdstevel@tonic-gate#include "cron.h"
397c478bdstevel@tonic-gate
407c478bdstevel@tonic-gatestruct stat globstat;
417c478bdstevel@tonic-gate#define	exists(file)	(stat(file, &globstat) == 0)
427c478bdstevel@tonic-gate#define	ROOT	"root"
437c478bdstevel@tonic-gate
447c478bdstevel@tonic-gateint per_errno;	/* status info from getuser */
457c478bdstevel@tonic-gatestatic int within(char *, char *);
467c478bdstevel@tonic-gate
477c478bdstevel@tonic-gate
487c478bdstevel@tonic-gatechar *
497c478bdstevel@tonic-gategetuser(uid)
507c478bdstevel@tonic-gateuid_t uid;
517c478bdstevel@tonic-gate{
527c478bdstevel@tonic-gate	struct passwd *nptr;
537c478bdstevel@tonic-gate
547c478bdstevel@tonic-gate	if ((nptr = getpwuid(uid)) == NULL) {
557c478bdstevel@tonic-gate		per_errno = 1;
567c478bdstevel@tonic-gate		return (NULL);
577c478bdstevel@tonic-gate	}
587c478bdstevel@tonic-gate	if ((strcmp(nptr->pw_shell, SHELL) != 0) &&
597c478bdstevel@tonic-gate	    (strcmp(nptr->pw_shell, "") != 0)) {
607c478bdstevel@tonic-gate		per_errno = 2;
617c478bdstevel@tonic-gate		/*
627c478bdstevel@tonic-gate		 * return NULL if you want crontab and at to abort
637c478bdstevel@tonic-gate		 * when the users login shell is not /usr/bin/sh otherwise
647c478bdstevel@tonic-gate		 * return pw_name
657c478bdstevel@tonic-gate		 */
667c478bdstevel@tonic-gate		return (nptr->pw_name);
677c478bdstevel@tonic-gate	}
687c478bdstevel@tonic-gate	return (nptr->pw_name);
697c478bdstevel@tonic-gate}
707c478bdstevel@tonic-gate
717c478bdstevel@tonic-gateint
727c478bdstevel@tonic-gateallowed(user, allow, deny)
737c478bdstevel@tonic-gatechar *user, *allow, *deny;
747c478bdstevel@tonic-gate{
757c478bdstevel@tonic-gate	if (exists(allow)) {
767c478bdstevel@tonic-gate		if (within(user, allow)) {
777c478bdstevel@tonic-gate			return (1);
787c478bdstevel@tonic-gate		} else {
797c478bdstevel@tonic-gate			return (0);
807c478bdstevel@tonic-gate		}
817c478bdstevel@tonic-gate	} else if (exists(deny)) {
827c478bdstevel@tonic-gate		if (within(user, deny)) {
837c478bdstevel@tonic-gate			return (0);
847c478bdstevel@tonic-gate		} else {
857c478bdstevel@tonic-gate			return (1);
867c478bdstevel@tonic-gate		}
877c478bdstevel@tonic-gate	} else if (chkauthattr(CRONUSER_AUTH, user)) {
887c478bdstevel@tonic-gate		return (1);
897c478bdstevel@tonic-gate	} else {
907c478bdstevel@tonic-gate		return (0);
917c478bdstevel@tonic-gate	}
927c478bdstevel@tonic-gate}
937c478bdstevel@tonic-gate
947c478bdstevel@tonic-gatestatic int
957c478bdstevel@tonic-gatewithin(username, filename)
967c478bdstevel@tonic-gatechar *username, *filename;
977c478bdstevel@tonic-gate{
987c478bdstevel@tonic-gate	char line[UNAMESIZE];
997c478bdstevel@tonic-gate	FILE *cap;
1007c478bdstevel@tonic-gate	int i;
1017c478bdstevel@tonic-gate
1027c478bdstevel@tonic-gate	if ((cap = fopen(filename, "r")) == NULL)
1037c478bdstevel@tonic-gate		return (0);
1047c478bdstevel@tonic-gate	while (fgets(line, UNAMESIZE, cap) != NULL) {
1057c478bdstevel@tonic-gate		for (i = 0; line[i] != '\0'; i++) {
1067c478bdstevel@tonic-gate			if (isspace(line[i])) {
1077c478bdstevel@tonic-gate				line[i] = '\0';
1087c478bdstevel@tonic-gate				break; }
1097c478bdstevel@tonic-gate		}
1107c478bdstevel@tonic-gate		if (strcmp(line, username) == 0) {
1117c478bdstevel@tonic-gate			fclose(cap);
1127c478bdstevel@tonic-gate			return (1);
1137c478bdstevel@tonic-gate		}
1147c478bdstevel@tonic-gate	}
1157c478bdstevel@tonic-gate	fclose(cap);
1167c478bdstevel@tonic-gate	return (0);
1177c478bdstevel@tonic-gate}
118d1419d5Nobutomo Nakano
119d1419d5Nobutomo Nakanoint
120d1419d5Nobutomo Nakanocron_admin(const char *name)
121d1419d5Nobutomo Nakano{
122d1419d5Nobutomo Nakano	return (chkauthattr(CRONADMIN_AUTH, name));
123d1419d5Nobutomo Nakano}
124