1 /* vi: set sw=4 ts=4: */
5 * usually setuid root, -c option only works if getuid() == geteuid()
7 * Copyright 1994 Matthew Dillon (dillon@apollo.west.oic.com)
8 * Vladimir Oleynik <dzo@simtreas.ru> (C) 2002
10 * Licensed under the GPL v2 or later, see the file LICENSE in this tarball.
16 #define CRONTABS "/var/spool/cron/crontabs"
19 #define CRONUPDATE "cron.update"
22 static void change_user(const struct passwd *pas)
24 setenv("USER", pas->pw_name, 1);
25 setenv("HOME", pas->pw_dir, 1);
26 setenv("SHELL", DEFAULT_SHELL, 1);
28 /* initgroups, setgid, setuid */
31 if (chdir(pas->pw_dir) < 0) {
32 bb_perror_msg("chdir(%s) by %s failed",
33 pas->pw_dir, pas->pw_name);
38 static void edit_file(const struct passwd *pas, const char *file)
43 if (pid < 0) /* failure */
44 bb_perror_msg_and_die("vfork");
45 if (pid) { /* parent */
50 /* CHILD - change user and run editor */
52 ptr = getenv("VISUAL");
54 ptr = getenv("EDITOR");
59 BB_EXECLP(ptr, ptr, file, NULL);
60 bb_perror_msg_and_die("exec %s", ptr);
63 static int open_as_user(const struct passwd *pas, const char *file)
69 if (pid < 0) /* ERROR */
70 bb_perror_msg_and_die("vfork");
71 if (pid) { /* PARENT */
72 if (wait4pid(pid) == 0) {
73 /* exitcode 0: child says it can read */
74 return open(file, O_RDONLY);
80 /* initgroups, setgid, setuid */
82 /* We just try to read one byte. If it works, file is readable
83 * under this user. We signal that by exiting with 0. */
84 _exit(safe_read(xopen(file, O_RDONLY), &c, 1) < 0);
87 int crontab_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
88 int crontab_main(int argc UNUSED_PARAM, char **argv)
90 const struct passwd *pas;
91 const char *crontab_dir = CRONTABS;
94 char *user_name; /* -u USER */
98 /* file [opts] Replace crontab from file
99 * - [opts] Replace crontab from stdin
101 * -c dir Crontab directory
102 * -l List crontab for user
103 * -e Edit crontab for user
104 * -r Delete crontab for user
105 * bbox also supports -d == -r, but most other crontab
106 * implementations do not. Deprecated.
114 OPT_ler = OPT_l + OPT_e + OPT_r,
117 opt_complementary = "?1:dr"; /* max one argument; -d implies -r */
118 opt_ler = getopt32(argv, "u:c:lerd", &user_name, &crontab_dir);
121 if (sanitize_env_if_suid()) { /* Clears dangerous stuff, sets PATH */
122 /* run by non-root? */
123 if (opt_ler & (OPT_u|OPT_c))
124 bb_error_msg_and_die("only root can use -c or -u");
127 if (opt_ler & OPT_u) {
128 pas = getpwnam(user_name);
130 bb_error_msg_and_die("user %s is not known", user_name);
133 uid_t my_uid = getuid();
134 pas = getpwuid(my_uid);
136 bb_perror_msg_and_die("unknown uid %d", (int)my_uid);
139 #define user_name DONT_USE_ME_BEYOND_THIS_POINT
141 /* From now on, keep only -l, -e, -r bits */
143 if ((opt_ler - 1) & opt_ler) /* more than one bit set? */
146 /* Read replacement file under user's UID/GID/group vector */
147 if (!opt_ler) { /* Replace? */
150 if (NOT_LONE_DASH(argv[0])) {
151 fd = open_as_user(pas, argv[0]);
153 bb_error_msg_and_die("user %s cannot read %s",
154 pas->pw_name, argv[0]);
155 xmove_fd(fd, STDIN_FILENO);
159 /* cd to our crontab directory */
164 /* Handle requested operation */
167 default: /* case OPT_r: Delete */
168 unlink(pas->pw_name);
171 case OPT_l: /* List */
173 char *args[2] = { pas->pw_name, NULL };
176 * the rest go play with cron update file */
179 case OPT_e: /* Edit */
180 tmp_fname = xasprintf("%s.%u", crontab_dir, (unsigned)getpid());
181 /* No O_EXCL: we don't want to be stuck if earlier crontabs
182 * were killed, leaving stale temp file behind */
183 fd = xopen3(tmp_fname, O_RDWR|O_CREAT|O_TRUNC, 0600);
184 xmove_fd(fd, STDIN_FILENO);
185 fchown(STDIN_FILENO, pas->pw_uid, pas->pw_gid);
186 fd = open(pas->pw_name, O_RDONLY);
188 bb_copyfd_eof(fd, STDIN_FILENO);
191 edit_file(pas, tmp_fname);
192 xlseek(STDIN_FILENO, 0, SEEK_SET);
195 case 0: /* Replace (no -l, -e, or -r were given) */
196 new_fname = xasprintf("%s.new", pas->pw_name);
197 fd = open(new_fname, O_WRONLY|O_CREAT|O_TRUNC|O_APPEND, 0600);
199 bb_copyfd_eof(STDIN_FILENO, fd);
201 xrename(new_fname, pas->pw_name);
203 bb_error_msg("cannot create %s/%s",
204 crontab_dir, new_fname);
213 /* Bump notification file. Handle window where crond picks file up
214 * before we can write our entry out.
216 while ((fd = open(CRONUPDATE, O_WRONLY|O_CREAT|O_APPEND, 0600)) >= 0) {
219 fdprintf(fd, "%s\n", pas->pw_name);
220 if (fstat(fd, &st) != 0 || st.st_nlink != 0) {
225 * file was deleted, maybe crond missed our notification */
230 bb_error_msg("cannot append to %s/%s",
231 crontab_dir, CRONUPDATE);