1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 26 /* All Rights Reserved */ 27 28 /* 29 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association. 30 */ 31 32 #include <sys/types.h> 33 #include <sys/stat.h> 34 #include <sys/types.h> 35 #include <sys/wait.h> 36 #include <errno.h> 37 #include <signal.h> 38 #include <stdio.h> 39 #include <stdlib.h> 40 #include <string.h> 41 #include <fcntl.h> 42 #include <ctype.h> 43 #include <pwd.h> 44 #include <unistd.h> 45 #include <locale.h> 46 #include <nl_types.h> 47 #include <langinfo.h> 48 #include <libintl.h> 49 #include <security/pam_appl.h> 50 #include <limits.h> 51 #include <libzoneinfo.h> 52 #include "cron.h" 53 #include "getresponse.h" 54 55 #if defined(XPG4) 56 #define VIPATH "/usr/xpg4/bin/vi" 57 #elif defined(XPG6) 58 #define VIPATH "/usr/xpg6/bin/vi" 59 #else 60 #define _XPG_NOTDEFINED 61 #define VIPATH "vi" 62 #endif 63 64 #define TMPFILE "_cron" /* prefix for tmp file */ 65 #define CRMODE 0600 /* mode for creating crontabs */ 66 67 #define BADCREATE \ 68 "can't create your crontab file in the crontab directory." 69 #define BADOPEN "can't open your crontab file." 70 #define BADSHELL \ 71 "because your login shell isn't /usr/bin/sh, you can't use cron." 72 #define WARNSHELL "warning: commands will be executed using /usr/bin/sh\n" 73 #define BADUSAGE \ 74 "usage:\n" \ 75 "\tcrontab [-u username] [file]\n" \ 76 "\tcrontab [-u username] { -e | -l | -r }\n" \ 77 "\tcrontab { -e | -l | -r } [username]" 78 #define INVALIDUSER "you are not a valid user (no entry in /etc/passwd)." 79 #define NOTALLOWED "you are not authorized to use cron. Sorry." 80 #define NOTROOT \ 81 "you must be super-user to access another user's crontab file" 82 #define AUDITREJECT "The audit context for your shell has not been set." 83 #define EOLN "unexpected end of line." 84 #define UNEXPECT "unexpected character found in line." 85 #define OUTOFBOUND "number out of bounds." 86 #define OVERFLOW "too many elements." 87 #define ERRSFND "errors detected in input, no crontab file generated." 88 #define ED_ERROR \ 89 " The editor indicates that an error occurred while you were\n"\ 90 " editing the crontab data - usually a minor typing error.\n\n" 91 #define BADREAD "error reading your crontab file" 92 #define ED_PROMPT \ 93 " Edit again, to ensure crontab information is intact (%s/%s)?\n"\ 94 " ('%s' will discard edits.)" 95 #define NAMETOOLONG "login name too long" 96 #define BAD_TZ "Timezone unrecognized in: %s" 97 #define BAD_SHELL "Invalid shell specified: %s" 98 #define BAD_HOME "Unable to access directory: %s\t%s\n" 99 100 extern int per_errno; 101 102 extern int audit_crontab_modify(char *, char *, int); 103 extern int audit_crontab_delete(char *, int); 104 extern int audit_crontab_not_allowed(uid_t, char *); 105 106 int err; 107 int cursor; 108 char *cf; 109 char *tnam; 110 char edtemp[5+13+1]; 111 char line[CTLINESIZE]; 112 static char login[UNAMESIZE]; 113 114 static void catch(int); 115 static void crabort(char *); 116 static void cerror(char *); 117 static void copycron(FILE *); 118 119 int 120 main(int argc, char **argv) 121 { 122 int c, r; 123 int rflag = 0; 124 int lflag = 0; 125 int eflag = 0; 126 int errflg = 0; 127 char *pp; 128 FILE *fp, *tmpfp; 129 struct stat stbuf; 130 struct passwd *pwp; 131 time_t omodtime; 132 char *editor; 133 uid_t ruid; 134 pid_t pid; 135 int stat_loc; 136 int ret; 137 char real_login[UNAMESIZE]; 138 char *user = NULL; 139 int tmpfd = -1; 140 pam_handle_t *pamh; 141 int pam_error; 142 char *buf; 143 size_t buflen; 144 145 (void) setlocale(LC_ALL, ""); 146 #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D */ 147 #define TEXT_DOMAIN "SYS_TEST" /* Use this only if it wasn't */ 148 #endif 149 (void) textdomain(TEXT_DOMAIN); 150 151 if (init_yes() < 0) { 152 (void) fprintf(stderr, gettext(ERR_MSG_INIT_YES), 153 strerror(errno)); 154 exit(1); 155 } 156 157 while ((c = getopt(argc, argv, "elru:")) != EOF) { 158 switch (c) { 159 case 'e': 160 eflag++; 161 break; 162 case 'l': 163 lflag++; 164 break; 165 case 'r': 166 rflag++; 167 break; 168 case 'u': 169 user = optarg; 170 break; 171 case '?': 172 errflg++; 173 break; 174 } 175 } 176 177 argc -= optind; 178 argv += optind; 179 180 if (eflag + lflag + rflag > 1) 181 errflg++; 182 183 if ((eflag || lflag || rflag) && argc > 0) { 184 if (user != NULL) 185 errflg++; 186 else 187 user = *argv; 188 } 189 190 if (errflg || argc > 1) 191 crabort(BADUSAGE); 192 193 ruid = getuid(); 194 if ((pwp = getpwuid(ruid)) == NULL) 195 crabort(INVALIDUSER); 196 197 if (strlcpy(real_login, pwp->pw_name, sizeof (real_login)) 198 >= sizeof (real_login)) { 199 crabort(NAMETOOLONG); 200 } 201 202 if (user != NULL) { 203 if ((pwp = getpwnam(user)) == NULL) 204 crabort(INVALIDUSER); 205 206 if (!cron_admin(real_login)) { 207 if (pwp->pw_uid != ruid) 208 crabort(NOTROOT); 209 else 210 pp = getuser(ruid); 211 } else { 212 pp = user; 213 } 214 } else { 215 pp = getuser(ruid); 216 } 217 218 if (pp == NULL) { 219 if (per_errno == 2) 220 crabort(BADSHELL); 221 else 222 crabort(INVALIDUSER); 223 } 224 if (strlcpy(login, pp, sizeof (login)) >= sizeof (login)) 225 crabort(NAMETOOLONG); 226 if (!allowed(login, CRONALLOW, CRONDENY)) 227 crabort(NOTALLOWED); 228 229 /* Do account validation check */ 230 pam_error = pam_start("cron", pp, NULL, &pamh); 231 if (pam_error != PAM_SUCCESS) { 232 crabort((char *)pam_strerror(pamh, pam_error)); 233 } 234 pam_error = pam_acct_mgmt(pamh, PAM_SILENT); 235 if (pam_error != PAM_SUCCESS) { 236 (void) fprintf(stderr, gettext("Warning - Invalid account: " 237 "'%s' not allowed to execute cronjobs\n"), pp); 238 } 239 (void) pam_end(pamh, PAM_SUCCESS); 240 241 242 /* check for unaudited shell */ 243 if (audit_crontab_not_allowed(ruid, pp)) 244 crabort(AUDITREJECT); 245 246 cf = xmalloc(strlen(CRONDIR)+strlen(login)+2); 247 strcat(strcat(strcpy(cf, CRONDIR), "/"), login); 248 249 if (rflag) { 250 r = unlink(cf); 251 cron_sendmsg(DELETE, login, login, CRON); 252 audit_crontab_delete(cf, r); 253 exit(0); 254 } 255 if (lflag) { 256 if ((fp = fopen(cf, "r")) == NULL) 257 crabort(BADOPEN); 258 while (fgets(line, CTLINESIZE, fp) != NULL) 259 fputs(line, stdout); 260 fclose(fp); 261 exit(0); 262 } 263 if (eflag) { 264 if ((fp = fopen(cf, "r")) == NULL) { 265 if (errno != ENOENT) 266 crabort(BADOPEN); 267 } 268 (void) strcpy(edtemp, "/tmp/crontabXXXXXX"); 269 tmpfd = mkstemp(edtemp); 270 if (fchown(tmpfd, ruid, -1) == -1) { 271 (void) close(tmpfd); 272 crabort("fchown of temporary file failed"); 273 } 274 (void) close(tmpfd); 275 /* 276 * Fork off a child with user's permissions, 277 * to edit the crontab file 278 */ 279 if ((pid = fork()) == (pid_t)-1) 280 crabort("fork failed"); 281 if (pid == 0) { /* child process */ 282 /* give up super-user privileges. */ 283 setuid(ruid); 284 if ((tmpfp = fopen(edtemp, "w")) == NULL) 285 crabort("can't create temporary file"); 286 if (fp != NULL) { 287 /* 288 * Copy user's crontab file to temporary file. 289 */ 290 while (fgets(line, CTLINESIZE, fp) != NULL) { 291 fputs(line, tmpfp); 292 if (ferror(tmpfp)) { 293 fclose(fp); 294 fclose(tmpfp); 295 crabort("write error on" 296 "temporary file"); 297 } 298 } 299 if (ferror(fp)) { 300 fclose(fp); 301 fclose(tmpfp); 302 crabort(BADREAD); 303 } 304 fclose(fp); 305 } 306 if (fclose(tmpfp) == EOF) 307 crabort("write error on temporary file"); 308 if (stat(edtemp, &stbuf) < 0) 309 crabort("can't stat temporary file"); 310 omodtime = stbuf.st_mtime; 311 #ifdef _XPG_NOTDEFINED 312 editor = getenv("VISUAL"); 313 if (editor == NULL) { 314 #endif 315 editor = getenv("EDITOR"); 316 if (editor == NULL) 317 editor = VIPATH; 318 #ifdef _XPG_NOTDEFINED 319 } 320 #endif 321 buflen = strlen(editor) + strlen(edtemp) + 2; 322 buf = xmalloc(buflen); 323 (void) snprintf(buf, buflen, "%s %s", editor, edtemp); 324 325 sleep(1); 326 327 while (1) { 328 ret = system(buf); 329 330 /* sanity checks */ 331 if ((tmpfp = fopen(edtemp, "r")) == NULL) 332 crabort("can't open temporary file"); 333 if (fstat(fileno(tmpfp), &stbuf) < 0) 334 crabort("can't stat temporary file"); 335 if (stbuf.st_size == 0) 336 crabort("temporary file empty"); 337 if (omodtime == stbuf.st_mtime) { 338 (void) unlink(edtemp); 339 fprintf(stderr, gettext( 340 "The crontab file was not" 341 " changed.\n")); 342 exit(1); 343 } 344 if ((ret) && (errno != EINTR)) { 345 /* 346 * Some editors (like 'vi') can return 347 * a non-zero exit status even though 348 * everything is okay. Need to check. 349 */ 350 fprintf(stderr, gettext(ED_ERROR)); 351 fflush(stderr); 352 if (isatty(fileno(stdin))) { 353 /* Interactive */ 354 fprintf(stdout, 355 gettext(ED_PROMPT), 356 yesstr, nostr, nostr); 357 fflush(stdout); 358 359 if (yes()) { 360 /* Edit again */ 361 continue; 362 } else { 363 /* Dump changes */ 364 (void) unlink(edtemp); 365 exit(1); 366 } 367 } else { 368 /* 369 * Non-interactive, dump changes 370 */ 371 (void) unlink(edtemp); 372 exit(1); 373 } 374 } 375 exit(0); 376 } /* while (1) */ 377 } 378 379 /* fix for 1125555 - ignore common signals while waiting */ 380 (void) signal(SIGINT, SIG_IGN); 381 (void) signal(SIGHUP, SIG_IGN); 382 (void) signal(SIGQUIT, SIG_IGN); 383 (void) signal(SIGTERM, SIG_IGN); 384 wait(&stat_loc); 385 if ((stat_loc & 0xFF00) != 0) 386 exit(1); 387 388 /* 389 * unlink edtemp as 'ruid'. The file contents will be held 390 * since we open the file descriptor 'tmpfp' before calling 391 * unlink. 392 */ 393 if (((ret = seteuid(ruid)) < 0) || 394 ((tmpfp = fopen(edtemp, "r")) == NULL) || 395 (unlink(edtemp) == -1)) { 396 fprintf(stderr, "crontab: %s: %s\n", 397 edtemp, errmsg(errno)); 398 if ((ret < 0) || (tmpfp == NULL)) 399 (void) unlink(edtemp); 400 exit(1); 401 } else 402 seteuid(0); 403 404 copycron(tmpfp); 405 } else { 406 if (argc == 0) 407 copycron(stdin); 408 else if (seteuid(getuid()) != 0 || (fp = fopen(argv[0], "r")) 409 == NULL) 410 crabort(BADOPEN); 411 else { 412 seteuid(0); 413 copycron(fp); 414 } 415 } 416 cron_sendmsg(ADD, login, login, CRON); 417 /* 418 * if (per_errno == 2) 419 * fprintf(stderr, gettext(WARNSHELL)); 420 */ 421 return (0); 422 } 423 424 static void 425 copycron(FILE *fp) 426 { 427 FILE *tfp; 428 char pid[6], *tnam_end; 429 int t; 430 char buf[LINE_MAX]; 431 cferror_t cferr; 432 433 sprintf(pid, "%-5d", getpid()); 434 tnam = xmalloc(strlen(CRONDIR)+strlen(TMPFILE)+7); 435 strcat(strcat(strcat(strcpy(tnam, CRONDIR), "/"), TMPFILE), pid); 436 /* cut trailing blanks */ 437 tnam_end = strchr(tnam, ' '); 438 if (tnam_end != NULL) 439 *tnam_end = 0; 440 /* catch SIGINT, SIGHUP, SIGQUIT signals */ 441 if (signal(SIGINT, catch) == SIG_IGN) 442 signal(SIGINT, SIG_IGN); 443 if (signal(SIGHUP, catch) == SIG_IGN) signal(SIGHUP, SIG_IGN); 444 if (signal(SIGQUIT, catch) == SIG_IGN) signal(SIGQUIT, SIG_IGN); 445 if (signal(SIGTERM, catch) == SIG_IGN) signal(SIGTERM, SIG_IGN); 446 if ((t = creat(tnam, CRMODE)) == -1) crabort(BADCREATE); 447 if ((tfp = fdopen(t, "w")) == NULL) { 448 unlink(tnam); 449 crabort(BADCREATE); 450 } 451 err = 0; /* if errors found, err set to 1 */ 452 while (fgets(line, CTLINESIZE, fp) != NULL) { 453 cursor = 0; 454 while (line[cursor] == ' ' || line[cursor] == '\t') 455 cursor++; 456 /* fix for 1039689 - treat blank line like a comment */ 457 if (line[cursor] == '#' || line[cursor] == '\n') 458 goto cont; 459 460 if (strncmp(&line[cursor], ENV_TZ, strlen(ENV_TZ)) == 0) { 461 char *x; 462 463 strncpy(buf, &line[cursor + strlen(ENV_TZ)], 464 sizeof (buf)); 465 if ((x = strchr(buf, '\n')) != NULL) 466 *x = '\0'; 467 468 if (isvalid_tz(buf, NULL, _VTZ_ALL)) { 469 goto cont; 470 } else { 471 err = 1; 472 fprintf(stderr, BAD_TZ, &line[cursor]); 473 continue; 474 } 475 } else if (strncmp(&line[cursor], ENV_SHELL, 476 strlen(ENV_SHELL)) == 0) { 477 char *x; 478 479 strncpy(buf, &line[cursor + strlen(ENV_SHELL)], 480 sizeof (buf)); 481 if ((x = strchr(buf, '\n')) != NULL) 482 *x = '\0'; 483 484 if (isvalid_shell(buf)) { 485 goto cont; 486 } else { 487 err = 1; 488 fprintf(stderr, BAD_SHELL, &line[cursor]); 489 continue; 490 } 491 } else if (strncmp(&line[cursor], ENV_HOME, 492 strlen(ENV_HOME)) == 0) { 493 char *x; 494 495 strncpy(buf, &line[cursor + strlen(ENV_HOME)], 496 sizeof (buf)); 497 if ((x = strchr(buf, '\n')) != NULL) 498 *x = '\0'; 499 if (chdir(buf) == 0) { 500 goto cont; 501 } else { 502 err = 1; 503 fprintf(stderr, BAD_HOME, &line[cursor], 504 strerror(errno)); 505 continue; 506 } 507 } 508 509 if ((cferr = next_field(0, 59, line, &cursor, NULL)) != CFOK || 510 (cferr = next_field(0, 23, line, &cursor, NULL)) != CFOK || 511 (cferr = next_field(1, 31, line, &cursor, NULL)) != CFOK || 512 (cferr = next_field(1, 12, line, &cursor, NULL)) != CFOK || 513 (cferr = next_field(0, 6, line, &cursor, NULL)) != CFOK) { 514 switch (cferr) { 515 case CFEOLN: 516 cerror(EOLN); 517 break; 518 case CFUNEXPECT: 519 cerror(UNEXPECT); 520 break; 521 case CFOUTOFBOUND: 522 cerror(OUTOFBOUND); 523 break; 524 case CFEOVERFLOW: 525 cerror(OVERFLOW); 526 break; 527 case CFENOMEM: 528 (void) fprintf(stderr, "Out of memory\n"); 529 exit(55); 530 break; 531 default: 532 break; 533 } 534 continue; 535 } 536 537 if (line[++cursor] == '\0') { 538 cerror(EOLN); 539 continue; 540 } 541 cont: 542 if (fputs(line, tfp) == EOF) { 543 unlink(tnam); 544 crabort(BADCREATE); 545 } 546 } 547 fclose(fp); 548 fclose(tfp); 549 550 /* audit differences between old and new crontabs */ 551 audit_crontab_modify(cf, tnam, err); 552 553 if (!err) { 554 /* make file tfp the new crontab */ 555 unlink(cf); 556 if (link(tnam, cf) == -1) { 557 unlink(tnam); 558 crabort(BADCREATE); 559 } 560 } else { 561 crabort(ERRSFND); 562 } 563 unlink(tnam); 564 } 565 566 static void 567 cerror(char *msg) 568 { 569 fprintf(stderr, gettext("%scrontab: error on previous line; %s\n"), 570 line, msg); 571 err = 1; 572 } 573 574 575 static void 576 catch(int x) 577 { 578 unlink(tnam); 579 exit(1); 580 } 581 582 static void 583 crabort(char *msg) 584 { 585 int sverrno; 586 587 if (strcmp(edtemp, "") != 0) { 588 sverrno = errno; 589 (void) unlink(edtemp); 590 errno = sverrno; 591 } 592 if (tnam != NULL) { 593 sverrno = errno; 594 (void) unlink(tnam); 595 errno = sverrno; 596 } 597 fprintf(stderr, "crontab: %s\n", gettext(msg)); 598 exit(1); 599 } 600