1 /* $NetBSD: popen.c,v 1.6 2018/06/14 22:04:28 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software written by Ken Arnold and 8 * published in UNIX Review, Vol. 6, No. 8. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 * 35 */ 36 37 /* this came out of the ftpd sources; it's been modified to avoid the 38 * globbing stuff since we don't need it. also execvp instead of execv. 39 */ 40 41 #include <sys/cdefs.h> 42 #ifndef lint 43 #if 0 44 static sccsid[] = "@(#)popen.c 8.3 (Berkeley) 4/6/94"; 45 static char rcsid[] = "Id: popen.c,v 1.6 2003/02/16 04:40:01 vixie Exp"; 46 #else 47 __RCSID("$NetBSD: popen.c,v 1.6 2018/06/14 22:04:28 christos Exp $"); 48 #endif 49 #endif /* not lint */ 50 51 #include "cron.h" 52 53 #define MAX_ARGV 100 54 #define MAX_GARGV 1000 55 56 /* 57 * Special version of popen which avoids call to shell. This ensures noone 58 * may create a pipe to a hidden program as a side effect of a list or dir 59 * command. 60 */ 61 static PID_T *pids; 62 63 FILE * 64 cron_popen(char *program, const char *type, struct passwd *pw) { 65 char *cp; 66 FILE *iop; 67 int argc, pdes[2]; 68 PID_T pid; 69 char *argv[MAX_ARGV]; 70 71 if ((*type != 'r' && *type != 'w') || type[1] != '\0') 72 return (NULL); 73 74 if (!pids) { 75 size_t len; 76 long fds; 77 if ((fds = sysconf(_SC_OPEN_MAX)) <= 0) 78 return (NULL); 79 len = (size_t)fds * sizeof(*pids); 80 if ((pids = malloc(len)) == NULL) 81 return (NULL); 82 (void)memset(pids, 0, len); 83 } 84 if (pipe(pdes) < 0) 85 return (NULL); 86 87 /* break up string into pieces */ 88 for (argc = 0, cp = program; argc < MAX_ARGV - 1; cp = NULL) 89 if (!(argv[argc++] = strtok(cp, " \t\n"))) 90 break; 91 argv[MAX_ARGV-1] = NULL; 92 93 switch (pid = vfork()) { 94 case -1: /* error */ 95 (void)close(pdes[0]); 96 (void)close(pdes[1]); 97 return (NULL); 98 /* NOTREACHED */ 99 case 0: /* child */ 100 if (pw) { 101 if (setsid() == -1) 102 warn("setsid() failed for %s", pw->pw_name); 103 #ifdef LOGIN_CAP 104 if (setusercontext(0, pw, pw->pw_uid, LOGIN_SETALL) < 0) 105 { 106 warn("setusercontext() failed for %s", 107 pw->pw_name); 108 _exit(ERROR_EXIT); 109 } 110 #else 111 if (setgid(pw->pw_gid) < 0 || 112 initgroups(pw->pw_name, pw->pw_gid) < 0) { 113 warn("unable to set groups for %s", 114 pw->pw_name); 115 _exit(ERROR_EXIT); 116 } 117 #if (defined(BSD)) && (BSD >= 199103) 118 if (setlogin(pw->pw_name) < 0) { 119 warn("setlogin() failed for %s", 120 pw->pw_name); 121 _exit(ERROR_EXIT); 122 } 123 #endif /* BSD */ 124 #ifdef USE_PAM 125 if (!cron_pam_setcred()) 126 _exit(1); 127 cron_pam_child_close(); 128 #endif 129 if (setuid(pw->pw_uid)) { 130 warn("unable to set uid for %s", pw->pw_name); 131 _exit(ERROR_EXIT); 132 } 133 #endif /* LOGIN_CAP */ 134 } 135 if (*type == 'r') { 136 if (pdes[1] != STDOUT) { 137 (void)dup2(pdes[1], STDOUT); 138 (void)close(pdes[1]); 139 } 140 (void)dup2(STDOUT, STDERR); /* stderr too! */ 141 (void)close(pdes[0]); 142 } else { 143 if (pdes[0] != STDIN) { 144 (void)dup2(pdes[0], STDIN); 145 (void)close(pdes[0]); 146 } 147 (void)close(pdes[1]); 148 } 149 (void)execvp(argv[0], argv); 150 _exit(ERROR_EXIT); 151 } 152 153 /* parent; assume fdopen can't fail... */ 154 if (*type == 'r') { 155 iop = fdopen(pdes[0], type); 156 (void)close(pdes[1]); 157 } else { 158 iop = fdopen(pdes[1], type); 159 (void)close(pdes[0]); 160 } 161 pids[fileno(iop)] = pid; 162 163 return (iop); 164 } 165 166 static int 167 cron_finalize(FILE *iop, int sig) { 168 int fdes; 169 PID_T pid; 170 WAIT_T status; 171 sigset_t sset, osset; 172 173 /* 174 * pclose returns -1 if stream is not associated with a 175 * `popened' command, or, if already `pclosed'. 176 */ 177 if (pids == 0 || pids[fdes = fileno(iop)] == 0) 178 return (-1); 179 180 if (sig) { 181 if (kill(pids[fdes], sig) == -1) 182 return -1; 183 } else { 184 (void)fclose(iop); 185 } 186 (void)sigemptyset(&sset); 187 (void)sigaddset(&sset, SIGINT); 188 (void)sigaddset(&sset, SIGQUIT); 189 (void)sigaddset(&sset, SIGHUP); 190 (void)sigprocmask(SIG_BLOCK, &sset, &osset); 191 while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR) 192 continue; 193 (void)sigprocmask(SIG_SETMASK, &osset, NULL); 194 if (sig) 195 (void)fclose(iop); 196 pids[fdes] = 0; 197 if (pid < 0) 198 return pid; 199 if (WIFEXITED(status)) 200 return WEXITSTATUS(status); 201 else 202 return WTERMSIG(status); 203 } 204 205 int 206 cron_pclose(FILE *iop) { 207 return cron_finalize(iop, 0); 208 } 209 210 int 211 cron_pabort(FILE *iop) { 212 int e = cron_finalize(iop, SIGKILL); 213 return e == SIGKILL ? 0 : e; 214 } 215