1 /* $NetBSD: at.c,v 1.7 1997/10/18 12:23:37 lukem Exp $ */ 2 3 /* 4 * at.c : Put file into atrun queue 5 * Copyright (C) 1993 Thomas Koenig 6 * 7 * Atrun & Atq modifications 8 * Copyright (C) 1993 David Parsons 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. The name of the author(s) may not be used to endorse or promote 17 * products derived from this software without specific prior written 18 * permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #define _USE_BSD 1 33 34 /* System Headers */ 35 #include <sys/types.h> 36 #include <sys/stat.h> 37 #include <sys/wait.h> 38 #include <ctype.h> 39 #include <dirent.h> 40 #include <errno.h> 41 #include <fcntl.h> 42 #include <pwd.h> 43 #include <signal.h> 44 #include <stddef.h> 45 #include <stdio.h> 46 #include <stdlib.h> 47 #include <string.h> 48 #include <time.h> 49 #include <unistd.h> 50 51 /* Local headers */ 52 #include "at.h" 53 #include "panic.h" 54 #include "parsetime.h" 55 #include "pathnames.h" 56 #define MAIN 57 #include "privs.h" 58 59 /* Macros */ 60 #define ALARMC 10 /* Number of seconds to wait for timeout */ 61 62 #define SIZE 255 63 #define TIMESIZE 50 64 65 /* File scope variables */ 66 #ifndef lint 67 __RCSID("$NetBSD: at.c,v 1.7 1997/10/18 12:23:37 lukem Exp $"); 68 #endif 69 70 char *no_export[] = 71 { 72 "TERM", "TERMCAP", "DISPLAY", "_" 73 }; 74 static send_mail = 0; 75 76 /* External variables */ 77 extern char **environ; 78 int fcreated; 79 char *namep; 80 char atfile[FILENAME_MAX]; 81 82 char *atinput = (char *) 0; /* where to get input from */ 83 char atqueue = 0; /* which queue to examine for jobs (atq) */ 84 char atverify = 0; /* verify time instead of queuing job */ 85 86 /* Function declarations */ 87 static void alarmc __P((int signo)); 88 static char *cwdname __P((void)); 89 static void delete_jobs __P((int, char **)); 90 static void list_jobs __P((void)); 91 static void sigc __P((int signo)); 92 static void writefile __P((time_t runtimer, char queue)); 93 int main __P((int, char **)); 94 95 /* Signal catching functions */ 96 97 static void 98 sigc(signo) 99 int signo; 100 { 101 /* If the user presses ^C, remove the spool file and exit 102 */ 103 if (fcreated) { 104 PRIV_START 105 unlink(atfile); 106 PRIV_END 107 } 108 109 exit(EXIT_FAILURE); 110 } 111 112 static void 113 alarmc(signo) 114 int signo; 115 { 116 /* Time out after some seconds 117 */ 118 panic("File locking timed out"); 119 } 120 121 /* Local functions */ 122 123 static char * 124 cwdname() 125 { 126 /* Read in the current directory; the name will be overwritten on 127 * subsequent calls. 128 */ 129 static char *ptr = NULL; 130 static size_t size = SIZE; 131 132 if (ptr == NULL) 133 ptr = (char *) malloc(size); 134 135 while (1) { 136 if (ptr == NULL) 137 panic("Out of memory"); 138 139 if (getcwd(ptr, size - 1) != NULL) 140 return ptr; 141 142 if (errno != ERANGE) 143 perr("Cannot get directory"); 144 145 free(ptr); 146 size += SIZE; 147 ptr = (char *) malloc(size); 148 } 149 } 150 151 static void 152 writefile(runtimer, queue) 153 time_t runtimer; 154 char queue; 155 { 156 /* 157 * This does most of the work if at or batch are invoked for 158 * writing a job. 159 */ 160 int i; 161 char *ap, *ppos, *mailname; 162 struct passwd *pass_entry; 163 struct stat statbuf; 164 int fdes, lockdes, fd2; 165 FILE *fp, *fpin; 166 struct sigaction act; 167 char **atenv; 168 int ch; 169 mode_t cmask; 170 struct flock lock; 171 172 /* 173 * Install the signal handler for SIGINT; terminate after removing the 174 * spool file if necessary 175 */ 176 act.sa_handler = sigc; 177 sigemptyset(&(act.sa_mask)); 178 act.sa_flags = 0; 179 180 sigaction(SIGINT, &act, NULL); 181 182 (void)strncpy(atfile, _PATH_ATJOBS, sizeof(atfile) - 1); 183 ppos = atfile + strlen(_PATH_ATJOBS); 184 185 /* 186 * Loop over all possible file names for running something at this 187 * particular time, see if a file is there; the first empty slot at 188 * any particular time is used. Lock the file _PATH_LOCKFILE first 189 * to make sure we're alone when doing this. 190 */ 191 192 PRIV_START 193 194 if ((lockdes = open(_PATH_LOCKFILE, O_WRONLY | O_CREAT, 0600)) < 0) 195 perr2("Cannot open lockfile ", _PATH_LOCKFILE); 196 197 lock.l_type = F_WRLCK; 198 lock.l_whence = SEEK_SET; 199 lock.l_start = 0; 200 lock.l_len = 0; 201 202 act.sa_handler = alarmc; 203 sigemptyset(&(act.sa_mask)); 204 act.sa_flags = 0; 205 206 /* 207 * Set an alarm so a timeout occurs after ALARMC seconds, in case 208 * something is seriously broken. 209 */ 210 sigaction(SIGALRM, &act, NULL); 211 alarm(ALARMC); 212 fcntl(lockdes, F_SETLKW, &lock); 213 alarm(0); 214 215 for (i = 0; i < AT_MAXJOBS; i++) { 216 (void)snprintf(ppos, sizeof(atfile) - strlen(_PATH_ATJOBS), 217 "%c%8lx.%3x", queue, (unsigned long) (runtimer / 60), i); 218 for (ap = ppos; *ap != '\0'; ap++) 219 if (*ap == ' ') 220 *ap = '0'; 221 222 if (stat(atfile, &statbuf) != 0) { 223 if (errno == ENOENT) 224 break; 225 else 226 perr2("Cannot access ", _PATH_ATJOBS); 227 } 228 } /* for */ 229 230 if (i >= AT_MAXJOBS) 231 panic("Too many jobs already"); 232 233 /* 234 * Create the file. The x bit is only going to be set after it has 235 * been completely written out, to make sure it is not executed in 236 * the meantime. To make sure they do not get deleted, turn off 237 * their r bit. Yes, this is a kluge. 238 */ 239 cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR); 240 if ((fdes = creat(atfile, O_WRONLY)) == -1) 241 perr("Cannot create atjob file"); 242 243 if ((fd2 = dup(fdes)) < 0) 244 perr("Error in dup() of job file"); 245 246 if (fchown(fd2, real_uid, -1) != 0) 247 perr("Cannot give away file"); 248 249 PRIV_END 250 251 /* 252 * We no longer need suid root; now we just need to be able to 253 * write to the directory, if necessary. 254 */ 255 256 REDUCE_PRIV(effective_uid); 257 258 /* 259 * We've successfully created the file; let's set the flag so it 260 * gets removed in case of an interrupt or error. 261 */ 262 fcreated = 1; 263 264 /* Now we can release the lock, so other people can access it */ 265 lock.l_type = F_UNLCK; 266 lock.l_whence = SEEK_SET; 267 lock.l_start = 0; 268 lock.l_len = 0; 269 fcntl(lockdes, F_SETLKW, &lock); 270 close(lockdes); 271 272 if ((fp = fdopen(fdes, "w")) == NULL) 273 panic("Cannot reopen atjob file"); 274 275 /* 276 * Get the userid to mail to, first by trying getlogin(), which 277 * reads /etc/utmp, then from LOGNAME, finally from getpwuid(). 278 */ 279 mailname = getlogin(); 280 if (mailname == NULL) 281 mailname = getenv("LOGNAME"); 282 283 if ((mailname == NULL) || (mailname[0] == '\0') 284 || (strlen(mailname) > 8)) { 285 pass_entry = getpwuid(getuid()); 286 if (pass_entry != NULL) 287 mailname = pass_entry->pw_name; 288 } 289 290 if (atinput != (char *) NULL) { 291 fpin = freopen(atinput, "r", stdin); 292 if (fpin == NULL) 293 perr("Cannot open input file"); 294 } 295 fprintf(fp, "#! /bin/sh\n# mail %8s %d\n", mailname, send_mail); 296 297 /* Write out the umask at the time of invocation */ 298 fprintf(fp, "umask %lo\n", (unsigned long) cmask); 299 300 /* 301 * Write out the environment. Anything that may look like a special 302 * character to the shell is quoted, except for \n, which is done 303 * with a pair of "'s. Dont't export the no_export list (such as 304 * TERM or DISPLAY) because we don't want these. 305 */ 306 for (atenv = environ; *atenv != NULL; atenv++) { 307 int export = 1; 308 char *eqp; 309 310 eqp = strchr(*atenv, '='); 311 if (ap == NULL) 312 eqp = *atenv; 313 else { 314 int i; 315 316 for (i = 0;i < sizeof(no_export) / 317 sizeof(no_export[0]); i++) { 318 export = export 319 && (strncmp(*atenv, no_export[i], 320 (size_t) (eqp - *atenv)) != 0); 321 } 322 eqp++; 323 } 324 325 if (export) { 326 fwrite(*atenv, sizeof(char), eqp - *atenv, fp); 327 for (ap = eqp; *ap != '\0'; ap++) { 328 if (*ap == '\n') 329 fprintf(fp, "\"\n\""); 330 else { 331 if (!isalnum(*ap)) 332 fputc('\\', fp); 333 334 fputc(*ap, fp); 335 } 336 } 337 fputs("; export ", fp); 338 fwrite(*atenv, sizeof(char), eqp - *atenv - 1, fp); 339 fputc('\n', fp); 340 341 } 342 } 343 /* 344 * Cd to the directory at the time and write out all the commands 345 * the user supplies from stdin. 346 */ 347 fprintf(fp, "cd %s\n", cwdname()); 348 349 while ((ch = getchar()) != EOF) 350 fputc(ch, fp); 351 352 fprintf(fp, "\n"); 353 if (ferror(fp)) 354 panic("Output error"); 355 356 if (ferror(stdin)) 357 panic("Input error"); 358 359 fclose(fp); 360 361 /* 362 * Set the x bit so that we're ready to start executing 363 */ 364 if (fchmod(fd2, S_IRUSR | S_IWUSR | S_IXUSR) < 0) 365 perr("Cannot give away file"); 366 367 close(fd2); 368 fprintf(stderr, "Job %s will be executed using /bin/sh\n", ppos); 369 } 370 371 static void 372 list_jobs() 373 { 374 /* 375 * List all a user's jobs in the queue, by looping through 376 * _PATH_ATJOBS, or everybody's if we are root 377 */ 378 struct passwd *pw; 379 DIR *spool; 380 struct dirent *dirent; 381 struct stat buf; 382 struct tm runtime; 383 unsigned long ctm; 384 char queue; 385 time_t runtimer; 386 char timestr[TIMESIZE]; 387 int first = 1; 388 389 PRIV_START 390 391 if (chdir(_PATH_ATJOBS) != 0) 392 perr2("Cannot change to ", _PATH_ATJOBS); 393 394 if ((spool = opendir(".")) == NULL) 395 perr2("Cannot open ", _PATH_ATJOBS); 396 397 /* Loop over every file in the directory */ 398 while ((dirent = readdir(spool)) != NULL) { 399 if (stat(dirent->d_name, &buf) != 0) 400 perr2("Cannot stat in ", _PATH_ATJOBS); 401 402 /* 403 * See it's a regular file and has its x bit turned on and 404 * is the user's 405 */ 406 if (!S_ISREG(buf.st_mode) 407 || ((buf.st_uid != real_uid) && !(real_uid == 0)) 408 || !(S_IXUSR & buf.st_mode || atverify)) 409 continue; 410 411 if (sscanf(dirent->d_name, "%c%8lx", &queue, &ctm) != 2) 412 continue; 413 414 if (atqueue && (queue != atqueue)) 415 continue; 416 417 runtimer = 60 * (time_t) ctm; 418 runtime = *localtime(&runtimer); 419 strftime(timestr, TIMESIZE, "%X %x", &runtime); 420 if (first) { 421 printf("Date\t\t\tOwner\tQueue\tJob#\n"); 422 first = 0; 423 } 424 pw = getpwuid(buf.st_uid); 425 426 printf("%s\t%s\t%c%s\t%s\n", 427 timestr, 428 pw ? pw->pw_name : "???", 429 queue, 430 (S_IXUSR & buf.st_mode) ? "" : "(done)", 431 dirent->d_name); 432 } 433 PRIV_END 434 } 435 436 static void 437 delete_jobs(argc, argv) 438 int argc; 439 char **argv; 440 { 441 /* Delete every argument (job - ID) given */ 442 int i; 443 struct stat buf; 444 445 PRIV_START 446 447 if (chdir(_PATH_ATJOBS) != 0) 448 perr2("Cannot change to ", _PATH_ATJOBS); 449 450 for (i = optind; i < argc; i++) { 451 if (stat(argv[i], &buf) != 0) 452 perr(argv[i]); 453 if ((buf.st_uid != real_uid) && !(real_uid == 0)) { 454 fprintf(stderr, "%s: Not owner\n", argv[i]); 455 exit(EXIT_FAILURE); 456 } 457 if (unlink(argv[i]) != 0) 458 perr(argv[i]); 459 } 460 PRIV_END 461 } /* delete_jobs */ 462 463 /* Global functions */ 464 465 int 466 main(argc, argv) 467 int argc; 468 char **argv; 469 { 470 int c; 471 char queue = 'a'; 472 char *pgm; 473 474 enum { 475 ATQ, ATRM, AT, BATCH 476 }; /* what program we want to run */ 477 int program = AT; /* our default program */ 478 char *options = "q:f:mv"; /* default options for at */ 479 time_t timer; 480 481 RELINQUISH_PRIVS 482 483 /* Eat any leading paths */ 484 if ((pgm = strrchr(argv[0], '/')) == NULL) 485 pgm = argv[0]; 486 else 487 pgm++; 488 489 namep = pgm; 490 491 /* find out what this program is supposed to do */ 492 if (strcmp(pgm, "atq") == 0) { 493 program = ATQ; 494 options = "q:v"; 495 } else if (strcmp(pgm, "atrm") == 0) { 496 program = ATRM; 497 options = ""; 498 } else if (strcmp(pgm, "batch") == 0) { 499 program = BATCH; 500 options = "f:mv"; 501 } 502 503 /* process whatever options we can process */ 504 opterr = 1; 505 while ((c = getopt(argc, argv, options)) != -1) 506 switch (c) { 507 case 'v': /* verify time settings */ 508 atverify = 1; 509 break; 510 511 case 'm': /* send mail when job is complete */ 512 send_mail = 1; 513 break; 514 515 case 'f': 516 atinput = optarg; 517 break; 518 519 case 'q': /* specify queue */ 520 if (strlen(optarg) > 1) 521 usage(); 522 523 atqueue = queue = *optarg; 524 if ((!islower(queue)) || (queue > 'l')) 525 usage(); 526 break; 527 528 default: 529 usage(); 530 break; 531 } 532 /* end of options eating */ 533 534 /* select our program */ 535 switch (program) { 536 case ATQ: 537 list_jobs(); 538 break; 539 540 case ATRM: 541 delete_jobs(argc, argv); 542 break; 543 544 case AT: 545 timer = parsetime(argc, argv); 546 if (atverify) { 547 struct tm *tm = localtime(&timer); 548 549 fprintf(stderr, "%s\n", asctime(tm)); 550 } 551 writefile(timer, queue); 552 break; 553 554 case BATCH: 555 writefile(time(NULL), 'b'); 556 break; 557 558 default: 559 panic("Internal error"); 560 break; 561 } 562 exit(EXIT_SUCCESS); 563 } 564