#include "libbb.h"
-#ifndef CRONTABS
-#define CRONTABS "/var/spool/cron/crontabs"
-#endif
+#define CRONTABS CONFIG_FEATURE_CROND_DIR "/crontabs"
#ifndef CRONUPDATE
#define CRONUPDATE "cron.update"
#endif
-#ifndef PATH_VI
-#define PATH_VI "/bin/vi" /* location of vi */
-#endif
static void change_user(const struct passwd *pas)
{
- setenv("USER", pas->pw_name, 1);
- setenv("HOME", pas->pw_dir, 1);
- setenv("SHELL", DEFAULT_SHELL, 1);
+ xsetenv("USER", pas->pw_name);
+ xsetenv("HOME", pas->pw_dir);
+ xsetenv("SHELL", DEFAULT_SHELL);
/* initgroups, setgid, setuid */
change_identity(pas);
if (!ptr) {
ptr = getenv("EDITOR");
if (!ptr)
- ptr = PATH_VI;
+ ptr = "vi";
}
BB_EXECLP(ptr, ptr, file, NULL);
}
int crontab_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
-int crontab_main(int argc, char **argv)
+int crontab_main(int argc UNUSED_PARAM, char **argv)
{
const struct passwd *pas;
const char *crontab_dir = CRONTABS;
char *new_fname;
char *user_name; /* -u USER */
int fd;
+ int src_fd;
int opt_ler;
- uid_t my_uid;
/* file [opts] Replace crontab from file
* - [opts] Replace crontab from stdin
OPT_ler = OPT_l + OPT_e + OPT_r,
};
- my_uid = getuid();
-
opt_complementary = "?1:dr"; /* max one argument; -d implies -r */
opt_ler = getopt32(argv, "u:c:lerd", &user_name, &crontab_dir);
argv += optind;
- if (my_uid != geteuid()) { /* run by non-root? */
+ if (sanitize_env_if_suid()) { /* Clears dangerous stuff, sets PATH */
+ /* run by non-root? */
if (opt_ler & (OPT_u|OPT_c))
bb_error_msg_and_die("only root can use -c or -u");
- /* Clear dangerous stuff, set PATH */
- sanitize_env_for_suid();
}
if (opt_ler & OPT_u) {
- pas = getpwnam(user_name);
- if (!pas)
- bb_error_msg_and_die("user %s is not known", user_name);
- my_uid = pas->pw_uid;
+ pas = xgetpwnam(user_name);
} else {
- pas = getpwuid(my_uid);
- if (!pas)
- bb_perror_msg_and_die("no user record for UID %u",
- (unsigned)my_uid);
+ pas = xgetpwuid(getuid());
}
#define user_name DONT_USE_ME_BEYOND_THIS_POINT
-#define my_uid DONT_USE_ME_BEYOND_THIS_POINT
/* From now on, keep only -l, -e, -r bits */
opt_ler &= OPT_ler;
bb_show_usage();
/* Read replacement file under user's UID/GID/group vector */
+ src_fd = STDIN_FILENO;
if (!opt_ler) { /* Replace? */
if (!argv[0])
bb_show_usage();
if (NOT_LONE_DASH(argv[0])) {
- fd = open_as_user(pas, argv[0]);
- if (fd < 0)
+ src_fd = open_as_user(pas, argv[0]);
+ if (src_fd < 0)
bb_error_msg_and_die("user %s cannot read %s",
pas->pw_name, argv[0]);
- xmove_fd(fd, STDIN_FILENO);
}
}
case OPT_e: /* Edit */
tmp_fname = xasprintf("%s.%u", crontab_dir, (unsigned)getpid());
- fd = xopen3(tmp_fname, O_RDWR|O_CREAT|O_TRUNC|O_EXCL, 0600);
- xmove_fd(fd, STDIN_FILENO);
+ /* No O_EXCL: we don't want to be stuck if earlier crontabs
+ * were killed, leaving stale temp file behind */
+ src_fd = xopen3(tmp_fname, O_RDWR|O_CREAT|O_TRUNC, 0600);
+ fchown(src_fd, pas->pw_uid, pas->pw_gid);
fd = open(pas->pw_name, O_RDONLY);
if (fd >= 0) {
- bb_copyfd_eof(fd, STDIN_FILENO);
+ bb_copyfd_eof(fd, src_fd);
close(fd);
+ xlseek(src_fd, 0, SEEK_SET);
}
- fchown(STDIN_FILENO, pas->pw_uid, pas->pw_gid);
+ close_on_exec_on(src_fd); /* don't want editor to see this fd */
edit_file(pas, tmp_fname);
- xlseek(STDIN_FILENO, 0, SEEK_SET);
/* fall through */
case 0: /* Replace (no -l, -e, or -r were given) */
new_fname = xasprintf("%s.new", pas->pw_name);
fd = open(new_fname, O_WRONLY|O_CREAT|O_TRUNC|O_APPEND, 0600);
if (fd >= 0) {
- bb_copyfd_eof(STDIN_FILENO, fd);
+ bb_copyfd_eof(src_fd, fd);
close(fd);
xrename(new_fname, pas->pw_name);
} else {
/* Bump notification file. Handle window where crond picks file up
* before we can write our entry out.
*/
- while ((fd = open(CRONUPDATE, O_WRONLY|O_CREAT|O_APPEND)) >= 0) {
+ while ((fd = open(CRONUPDATE, O_WRONLY|O_CREAT|O_APPEND, 0600)) >= 0) {
struct stat st;
fdprintf(fd, "%s\n", pas->pw_name);