1 /* vi: set sw=4 ts=4: */
3 * run as root, but NOT setuid root
5 * Copyright 1994 Matthew Dillon (dillon@apollo.west.oic.com)
7 * Vladimir Oleynik <dzo@simtreas.ru> (C) 2002
9 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
12 //config: bool "crond"
14 //config: select FEATURE_SYSLOG
16 //config: Crond is a background daemon that parses individual crontab
17 //config: files and executes commands on behalf of the users in question.
18 //config: This is a port of dcron from slackware. It uses files of the
19 //config: format /var/spool/cron/crontabs/<username> files, for example:
20 //config: $ cat /var/spool/cron/crontabs/root
21 //config: # Run daily cron jobs at 4:40 every day:
22 //config: 40 4 * * * /etc/cron/daily > /dev/null 2>&1
24 //config:config FEATURE_CROND_D
25 //config: bool "Support option -d to redirect output to stderr"
26 //config: depends on CROND
29 //config: -d N sets loglevel (0:most verbose) and directs all output to stderr.
31 //config:config FEATURE_CROND_CALL_SENDMAIL
32 //config: bool "Report command output via email (using sendmail)"
34 //config: depends on CROND
36 //config: Command output will be sent to corresponding user via email.
38 //config:config FEATURE_CROND_DIR
39 //config: string "crond spool directory"
40 //config: default "/var/spool/cron"
41 //config: depends on CROND || CRONTAB
43 //config: Location of crond spool.
45 //applet:IF_CROND(APPLET(crond, BB_DIR_USR_SBIN, BB_SUID_DROP))
47 //kbuild:lib-$(CONFIG_CROND) += crond.o
49 //usage:#define crond_trivial_usage
50 //usage: "-fbS -l N " IF_FEATURE_CROND_D("-d N ") "-L LOGFILE -c DIR"
51 //usage:#define crond_full_usage "\n\n"
52 //usage: " -f Foreground"
53 //usage: "\n -b Background (default)"
54 //usage: "\n -S Log to syslog (default)"
55 //usage: "\n -l N Set log level. Most verbose:0, default:8"
56 //usage: IF_FEATURE_CROND_D(
57 //usage: "\n -d N Set log level, log to stderr"
59 //usage: "\n -L FILE Log to FILE"
60 //usage: "\n -c DIR Cron dir. Default:"CONFIG_FEATURE_CROND_DIR"/crontabs"
65 /* glibc frees previous setenv'ed value when we do next setenv()
66 * of the same variable. uclibc does not do this! */
67 #if (defined(__GLIBC__) && !defined(__UCLIBC__)) /* || OTHER_SAFE_LIBC... */
68 # define SETENV_LEAKS 0
70 # define SETENV_LEAKS 1
74 #define CRON_DIR CONFIG_FEATURE_CROND_DIR
75 #define CRONTABS CONFIG_FEATURE_CROND_DIR "/crontabs"
77 # define SENDMAIL "sendmail"
80 # define SENDMAIL_ARGS "-ti"
83 # define CRONUPDATE "cron.update"
86 # define MAXLINES 256 /* max lines in non-root crontabs */
90 typedef struct CronFile {
91 struct CronFile *cf_next;
92 struct CronLine *cf_lines;
94 smallint cf_wants_starting; /* bool: one or more jobs ready */
95 smallint cf_has_running; /* bool: one or more jobs running */
96 smallint cf_deleted; /* marked for deletion (but still has running jobs) */
99 typedef struct CronLine {
100 struct CronLine *cl_next;
101 char *cl_cmd; /* shell command */
102 pid_t cl_pid; /* >0:running, <0:needs to be started in this minute, 0:dormant */
103 #if ENABLE_FEATURE_CROND_CALL_SENDMAIL
104 int cl_empty_mail_size; /* size of mail header only, 0 if no mailfile */
105 char *cl_mailto; /* whom to mail results, may be NULL */
107 /* ordered by size, not in natural order. makes code smaller: */
108 char cl_Dow[7]; /* 0-6, beginning sunday */
109 char cl_Mons[12]; /* 0-11 */
110 char cl_Hrs[24]; /* 0-23 */
111 char cl_Days[32]; /* 1-31 */
112 char cl_Mins[60]; /* 0-59 */
126 OPT_d = (1 << 6) * ENABLE_FEATURE_CROND_D,
130 unsigned log_level; /* = 8; */
131 time_t crontab_dir_mtime;
132 const char *log_filename;
133 const char *crontab_dir_name; /* = CRONTABS; */
134 CronFile *cron_files;
140 #define G (*(struct globals*)&bb_common_bufsiz1)
141 #define INIT_G() do { \
143 G.crontab_dir_name = CRONTABS; \
147 * 0 is the most verbose, default 8.
148 * For some reason, in fact only 5, 7 and 8 are used.
150 static void crondlog(unsigned level, const char *msg, va_list va)
152 if (level >= G.log_level) {
154 * We are called only for info meesages.
155 * Warnings/errors use plain bb_[p]error_msg's, which
156 * need not touch syslog_level
157 * (they are ok with LOG_ERR default).
159 syslog_level = LOG_INFO;
160 bb_verror_msg(msg, va, /* strerr: */ NULL);
161 syslog_level = LOG_ERR;
165 static void log5(const char *msg, ...)
169 crondlog(4, msg, va);
173 static void log7(const char *msg, ...)
177 crondlog(7, msg, va);
181 static void log8(const char *msg, ...)
185 crondlog(8, msg, va);
190 static const char DowAry[] ALIGN1 =
191 "sun""mon""tue""wed""thu""fri""sat"
194 static const char MonAry[] ALIGN1 =
195 "jan""feb""mar""apr""may""jun""jul""aug""sep""oct""nov""dec"
198 static void ParseField(char *user, char *ary, int modvalue, int off,
199 const char *names, char *ptr)
200 /* 'names' is a pointer to a set of 3-char abbreviations */
206 // this can't happen due to config_read()
213 /* Handle numeric digit or symbol or '*' */
215 n1 = 0; /* everything will be filled */
219 } else if (isdigit(*ptr)) {
222 n1 = strtol(ptr, &endp, 10) + off;
224 n2 = strtol(ptr, &endp, 10) + off;
226 ptr = endp; /* gcc likes temp var for &endp */
231 for (i = 0; names[i]; i += 3) {
232 /* was using strncmp before... */
233 if (strncasecmp(ptr, &names[i], 3) == 0) {
246 /* handle optional range '-' */
250 if (*ptr == '-' && n2 < 0) {
256 * collapse single-value ranges, handle skipmark, and fill
257 * in the character array appropriately.
264 skip = strtol(ptr + 1, &endp, 10);
265 ptr = endp; /* gcc likes temp var for &endp */
269 * fill array, using a failsafe is the easiest way to prevent
278 n1 = (n1 + 1) % modvalue;
281 ary[n1 % modvalue] = 1;
284 if (--failsafe == 0) {
299 bb_error_msg("user %s: parse error at %s", user, base);
303 /* can't use log5 (it inserts newlines), open-coding it */
304 if (G.log_level <= 5 && logmode != LOGMODE_SYSLOG) {
306 for (i = 0; i < modvalue; ++i)
307 fprintf(stderr, "%d", (unsigned char)ary[i]);
308 bb_putchar_stderr('\n');
312 static void FixDayDow(CronLine *line)
318 for (i = 0; i < ARRAY_SIZE(line->cl_Dow); ++i) {
319 if (line->cl_Dow[i] == 0) {
324 for (i = 0; i < ARRAY_SIZE(line->cl_Days); ++i) {
325 if (line->cl_Days[i] == 0) {
330 if (weekUsed != daysUsed) {
332 memset(line->cl_Days, 0, sizeof(line->cl_Days));
334 memset(line->cl_Dow, 0, sizeof(line->cl_Dow));
339 * delete_cronfile() - delete user database
341 * Note: multiple entries for same user may exist if we were unable to
342 * completely delete a database due to running processes.
344 //FIXME: we will start a new job even if the old job is running
345 //if crontab was reloaded: crond thinks that "new" job is different from "old"
346 //even if they are in fact completely the same. Example
349 // 0-59 * * * * long_running_job2
350 //User edits crontab to:
351 // 0-59 * * * * job1_updated
352 // 0-59 * * * * long_running_job2
353 //Bug: crond can now start another long_running_job2 even if old one
355 //OTOH most other versions of cron do not wait for job termination anyway,
356 //they end up with multiple copies of jobs if they don't terminate soon enough.
357 static void delete_cronfile(const char *userName)
359 CronFile **pfile = &G.cron_files;
362 while ((file = *pfile) != NULL) {
363 if (strcmp(userName, file->cf_username) == 0) {
364 CronLine **pline = &file->cf_lines;
367 file->cf_has_running = 0;
368 file->cf_deleted = 1;
370 while ((line = *pline) != NULL) {
371 if (line->cl_pid > 0) {
372 file->cf_has_running = 1;
373 pline = &line->cl_next;
375 *pline = line->cl_next;
380 if (file->cf_has_running == 0) {
381 *pfile = file->cf_next;
382 free(file->cf_username);
387 pfile = &file->cf_next;
391 static void load_crontab(const char *fileName)
393 struct parser_t *parser;
397 #if ENABLE_FEATURE_CROND_CALL_SENDMAIL
401 delete_cronfile(fileName);
403 if (!getpwnam(fileName)) {
404 log7("ignoring file '%s' (no such user)", fileName);
408 parser = config_open(fileName);
412 maxLines = (strcmp(fileName, "root") == 0) ? 65535 : MAXLINES;
414 if (fstat(fileno(parser->fp), &sbuf) == 0 && sbuf.st_uid == DAEMON_UID) {
415 CronFile *file = xzalloc(sizeof(CronFile));
419 file->cf_username = xstrdup(fileName);
420 pline = &file->cf_lines;
426 bb_error_msg("user %s: too many lines", fileName);
430 n = config_read(parser, tokens, 6, 1, "# \t", PARSE_NORMAL | PARSE_KEEP_COPY);
434 log5("user:%s entry:%s", fileName, parser->data);
436 /* check if line is setting MAILTO= */
437 if (0 == strncmp(tokens[0], "MAILTO=", 7)) {
438 #if ENABLE_FEATURE_CROND_CALL_SENDMAIL
440 mailTo = (tokens[0][7]) ? xstrdup(&tokens[0][7]) : NULL;
441 #endif /* otherwise just ignore such lines */
444 //TODO: handle SHELL=, HOME= too? "man crontab" says:
447 //where the spaces around the equal-sign (=) are optional, and any subsequent
448 //non-leading spaces in value will be part of the value assigned to name.
449 //The value string may be placed in quotes (single or double, but matching)
450 //to preserve leading or trailing blanks.
452 //Several environment variables are set up automatically by the cron(8) daemon.
453 //SHELL is set to /bin/sh, and LOGNAME and HOME are set from the /etc/passwd
454 //line of the crontab's owner. HOME and SHELL may be overridden by settings
455 //in the crontab; LOGNAME may not.
456 /* check if a minimum of tokens is specified */
459 *pline = line = xzalloc(sizeof(*line));
460 /* parse date ranges */
461 ParseField(file->cf_username, line->cl_Mins, 60, 0, NULL, tokens[0]);
462 ParseField(file->cf_username, line->cl_Hrs, 24, 0, NULL, tokens[1]);
463 ParseField(file->cf_username, line->cl_Days, 32, 0, NULL, tokens[2]);
464 ParseField(file->cf_username, line->cl_Mons, 12, -1, MonAry, tokens[3]);
465 ParseField(file->cf_username, line->cl_Dow, 7, 0, DowAry, tokens[4]);
467 * fix days and dow - if one is not "*" and the other
468 * is "*", the other is set to 0, and vise-versa
471 #if ENABLE_FEATURE_CROND_CALL_SENDMAIL
472 /* copy mailto (can be NULL) */
473 line->cl_mailto = xstrdup(mailTo);
476 line->cl_cmd = xstrdup(tokens[5]);
477 log5(" command:%s", tokens[5]);
478 pline = &line->cl_next;
479 //bb_error_msg("M[%s]F[%s][%s][%s][%s][%s][%s]", mailTo, tokens[0], tokens[1], tokens[2], tokens[3], tokens[4], tokens[5]);
483 file->cf_next = G.cron_files;
486 config_close(parser);
489 static void process_cron_update_file(void)
494 fi = fopen_for_read(CRONUPDATE);
497 while (fgets(buf, sizeof(buf), fi) != NULL) {
498 /* use first word only */
499 skip_non_whitespace(buf)[0] = '\0';
506 static void rescan_crontab_dir(void)
510 /* Delete all files until we only have ones with running jobs (or none) */
512 for (file = G.cron_files; file; file = file->cf_next) {
513 if (!file->cf_deleted) {
514 delete_cronfile(file->cf_username);
519 /* Remove cron update file */
521 /* Re-chdir, in case directory was renamed & deleted */
522 xchdir(G.crontab_dir_name);
524 /* Scan directory and add associated users */
526 DIR *dir = opendir(".");
529 /* xopendir exists, but "can't open '.'" is not informative */
531 bb_error_msg_and_die("can't open '%s'", G.crontab_dir_name);
532 while ((den = readdir(dir)) != NULL) {
533 if (strchr(den->d_name, '.') != NULL) {
536 load_crontab(den->d_name);
543 /* We set environment *before* vfork (because we want to use vfork),
544 * so we cannot use setenv() - repeated calls to setenv() may leak memory!
545 * Using putenv(), and freeing memory after unsetenv() won't leak */
546 static void safe_setenv(char **pvar_val, const char *var, const char *val)
548 char *var_val = *pvar_val;
551 bb_unsetenv_and_free(var_val);
553 *pvar_val = xasprintf("%s=%s", var, val);
558 static void set_env_vars(struct passwd *pas)
561 safe_setenv(&G.env_var_user, "USER", pas->pw_name);
562 safe_setenv(&G.env_var_home, "HOME", pas->pw_dir);
563 /* if we want to set user's shell instead: */
564 /*safe_setenv(G.env_var_shell, "SHELL", pas->pw_shell);*/
566 xsetenv("USER", pas->pw_name);
567 xsetenv("HOME", pas->pw_dir);
569 /* currently, we use constant one: */
570 /*setenv("SHELL", DEFAULT_SHELL, 1); - done earlier */
573 static void change_user(struct passwd *pas)
575 /* careful: we're after vfork! */
576 change_identity(pas); /* - initgroups, setgid, setuid */
577 if (chdir(pas->pw_dir) < 0) {
578 bb_error_msg("can't change directory to '%s'", pas->pw_dir);
583 // TODO: sendmail should be _run-time_ option, not compile-time!
584 #if ENABLE_FEATURE_CROND_CALL_SENDMAIL
587 fork_job(const char *user, int mailFd,
589 const char *shell_cmd /* if NULL, we run sendmail */
595 /* prepare things before vfork */
596 pas = getpwnam(user);
598 bb_error_msg("can't get uid for %s", user);
603 sv_logmode = logmode;
607 /* initgroups, setgid, setuid, and chdir to home or CRON_DIR */
609 log5("child running %s", prog);
611 xmove_fd(mailFd, shell_cmd ? 1 : 0);
614 /* crond 3.0pl1-100 puts tasks in separate process groups */
616 execlp(prog, prog, (shell_cmd ? "-c" : SENDMAIL_ARGS), shell_cmd, (char *) NULL);
618 * I want this error message on stderr too,
619 * even if other messages go only to syslog:
621 logmode |= LOGMODE_STDIO;
622 bb_error_msg_and_die("can't execute '%s' for user %s", prog, user);
624 logmode = sv_logmode;
627 bb_perror_msg("vfork");
630 } /* else: PARENT, FORK SUCCESS */
633 * Close the mail file descriptor.. we can't just leave it open in
634 * a structure, closing it later, because we might run out of descriptors
642 static void start_one_job(const char *user, CronLine *line)
648 line->cl_empty_mail_size = 0;
650 if (line->cl_mailto) {
651 /* Open mail file (owner is root so nobody can screw with it) */
652 snprintf(mailFile, sizeof(mailFile), "%s/cron.%s.%d", CRON_DIR, user, getpid());
653 mailFd = open(mailFile, O_CREAT | O_TRUNC | O_WRONLY | O_EXCL | O_APPEND, 0600);
656 fdprintf(mailFd, "To: %s\nSubject: cron: %s\n\n", line->cl_mailto,
658 line->cl_empty_mail_size = lseek(mailFd, 0, SEEK_CUR);
660 bb_error_msg("can't create mail file %s for user %s, "
661 "discarding output", mailFile, user);
665 line->cl_pid = fork_job(user, mailFd, DEFAULT_SHELL, line->cl_cmd);
667 if (line->cl_pid <= 0) {
670 /* rename mail-file based on pid of process */
671 char *mailFile2 = xasprintf("%s/cron.%s.%d", CRON_DIR, user, (int)line->cl_pid);
672 rename(mailFile, mailFile2); // TODO: xrename?
679 * process_finished_job - called when job terminates and when mail terminates
681 static void process_finished_job(const char *user, CronLine *line)
694 if (line->cl_empty_mail_size <= 0) {
695 /* End of job and no mail file, or end of sendmail job */
700 * End of primary job - check for mail file.
701 * If size has changed and the file is still valid, we send it.
703 snprintf(mailFile, sizeof(mailFile), "%s/cron.%s.%d", CRON_DIR, user, (int)pid);
704 mailFd = open(mailFile, O_RDONLY);
710 if (fstat(mailFd, &sbuf) < 0
711 || sbuf.st_uid != DAEMON_UID
712 || sbuf.st_nlink != 0
713 || sbuf.st_size == line->cl_empty_mail_size
714 || !S_ISREG(sbuf.st_mode)
719 line->cl_empty_mail_size = 0;
720 /* if (line->cl_mailto) - always true if cl_empty_mail_size was nonzero */
721 line->cl_pid = fork_job(user, mailFd, SENDMAIL, NULL);
724 #else /* !ENABLE_FEATURE_CROND_CALL_SENDMAIL */
726 static void start_one_job(const char *user, CronLine *line)
731 pas = getpwnam(user);
733 bb_error_msg("can't get uid for %s", user);
737 /* Prepare things before vfork */
740 /* Fork as the user in question and run program */
744 /* initgroups, setgid, setuid, and chdir to home or CRON_DIR */
746 log5("child running %s", DEFAULT_SHELL);
747 /* crond 3.0pl1-100 puts tasks in separate process groups */
749 execl(DEFAULT_SHELL, DEFAULT_SHELL, "-c", line->cl_cmd, (char *) NULL);
750 bb_error_msg_and_die("can't execute '%s' for user %s", DEFAULT_SHELL, user);
753 bb_perror_msg("vfork");
760 #define process_finished_job(user, line) ((line)->cl_pid = 0)
762 #endif /* !ENABLE_FEATURE_CROND_CALL_SENDMAIL */
765 * Determine which jobs need to be run. Under normal conditions, the
766 * period is about a minute (one scan). Worst case it will be one
769 static void flag_starting_jobs(time_t t1, time_t t2)
773 /* Find jobs > t1 and <= t2 */
775 for (t = t1 - t1 % 60; t <= t2; t += 60) {
784 for (file = G.cron_files; file; file = file->cf_next) {
785 log5("file %s:", file->cf_username);
786 if (file->cf_deleted)
788 for (line = file->cf_lines; line; line = line->cl_next) {
789 log5(" line %s", line->cl_cmd);
790 if (line->cl_Mins[ptm->tm_min]
791 && line->cl_Hrs[ptm->tm_hour]
792 && (line->cl_Days[ptm->tm_mday] || line->cl_Dow[ptm->tm_wday])
793 && line->cl_Mons[ptm->tm_mon]
796 (int)line->cl_pid, line->cl_cmd);
797 if (line->cl_pid > 0) {
798 log8("user %s: process already running: %s",
799 file->cf_username, line->cl_cmd);
800 } else if (line->cl_pid == 0) {
802 file->cf_wants_starting = 1;
810 static void start_jobs(void)
815 for (file = G.cron_files; file; file = file->cf_next) {
816 if (!file->cf_wants_starting)
819 file->cf_wants_starting = 0;
820 for (line = file->cf_lines; line; line = line->cl_next) {
822 if (line->cl_pid >= 0)
825 start_one_job(file->cf_username, line);
827 log8("USER %s pid %3d cmd %s",
828 file->cf_username, (int)pid, line->cl_cmd);
830 file->cf_wants_starting = 1;
833 file->cf_has_running = 1;
840 * Check for job completion, return number of jobs still running after
843 static int check_completions(void)
847 int num_still_running = 0;
849 for (file = G.cron_files; file; file = file->cf_next) {
850 if (!file->cf_has_running)
853 file->cf_has_running = 0;
854 for (line = file->cf_lines; line; line = line->cl_next) {
857 if (line->cl_pid <= 0)
860 r = waitpid(line->cl_pid, NULL, WNOHANG);
861 if (r < 0 || r == line->cl_pid) {
862 process_finished_job(file->cf_username, line);
863 if (line->cl_pid == 0) {
864 /* sendmail was not started for it */
867 /* else: sendmail was started, job is still running, fall thru */
869 /* else: r == 0: "process is still running" */
870 file->cf_has_running = 1;
872 //FIXME: if !file->cf_has_running && file->deleted: delete it!
873 //otherwise deleted entries will stay forever, right?
874 num_still_running += file->cf_has_running;
876 return num_still_running;
879 static void reopen_logfile_to_stderr(void)
881 if (G.log_filename) {
882 int logfd = open_or_warn(G.log_filename, O_WRONLY | O_CREAT | O_APPEND);
884 xmove_fd(logfd, STDERR_FILENO);
888 int crond_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
889 int crond_main(int argc UNUSED_PARAM, char **argv)
898 /* "-b after -f is ignored", and so on for every pair a-b */
899 opt_complementary = "f-b:b-f:S-L:L-S" IF_FEATURE_CROND_D(":d-l")
900 /* -l and -d have numeric param */
901 ":l+" IF_FEATURE_CROND_D(":d+");
902 opts = getopt32(argv, "l:L:fbSc:" IF_FEATURE_CROND_D("d:"),
903 &G.log_level, &G.log_filename, &G.crontab_dir_name
904 IF_FEATURE_CROND_D(,&G.log_level));
905 /* both -d N and -l N set the same variable: G.log_level */
907 if (!(opts & OPT_f)) {
908 /* close stdin, stdout, stderr.
909 * close unused descriptors - don't need them. */
910 bb_daemonize_or_rexec(DAEMON_CLOSE_EXTRA_FDS, argv);
913 if (!(opts & OPT_d) && G.log_filename == NULL) {
914 /* logging to syslog */
915 openlog(applet_name, LOG_CONS | LOG_PID, LOG_CRON);
916 logmode = LOGMODE_SYSLOG;
919 reopen_logfile_to_stderr();
921 xchdir(G.crontab_dir_name);
922 //signal(SIGHUP, SIG_IGN); /* ? original crond dies on HUP... */
923 xsetenv("SHELL", DEFAULT_SHELL); /* once, for all future children */
924 log8("crond (busybox "BB_VER") started, log level %d", G.log_level);
925 rescan_crontab_dir();
926 write_pidfile(CONFIG_PID_FILE_PATH "/crond.pid");
937 /* Synchronize to 1 minute, minimum 1 second */
939 sleep(sleep_time - (time(NULL) % sleep_time));
941 dt = (long)t2 - (long)t1;
943 reopen_logfile_to_stderr();
946 * The file 'cron.update' is checked to determine new cron
947 * jobs. The directory is rescanned once an hour to deal
950 * Check for time jump. Disparities over an hour either way
951 * result in resynchronization. A negative disparity
952 * less than an hour causes us to effectively sleep until we
953 * match the original time (i.e. no re-execution of jobs that
954 * have just been run). A positive disparity less than
955 * an hour causes intermediate jobs to be run, but only once
958 * When running jobs, the inequality used is greater but not
959 * equal to t1, and less then or equal to t2.
961 if (stat(G.crontab_dir_name, &sbuf) != 0)
962 sbuf.st_mtime = 0; /* force update (once) if dir was deleted */
963 if (G.crontab_dir_mtime != sbuf.st_mtime) {
964 G.crontab_dir_mtime = sbuf.st_mtime;
969 rescan_crontab_dir();
971 process_cron_update_file();
972 log5("wakeup dt=%ld", dt);
973 if (dt < -60 * 60 || dt > 60 * 60) {
974 bb_error_msg("time disparity of %ld minutes detected", dt / 60);
975 /* and we do not run any jobs in this case */
977 /* Usual case: time advances forward, as expected */
978 flag_starting_jobs(t1, t2);
981 if (check_completions() > 0) {
982 /* some jobs are still running */
986 /* else: time jumped back, do not run any jobs */
989 return 0; /* not reached */