1 /* $OpenBSD: database.c,v 1.19 2010/12/14 23:31:33 millert Exp $ */ 2 3 /* Copyright 1988,1990,1993,1994 by Paul Vixie 4 * All rights reserved 5 */ 6 7 /* 8 * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") 9 * Copyright (c) 1997,2000 by Internet Software Consortium, Inc. 10 * 11 * Permission to use, copy, modify, and distribute this software for any 12 * purpose with or without fee is hereby granted, provided that the above 13 * copyright notice and this permission notice appear in all copies. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES 16 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 17 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR 18 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 20 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT 21 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 22 */ 23 24 /* vix 26jan87 [RCS has the log] 25 */ 26 27 #include "cron.h" 28 29 #define HASH(a,b) ((a)+(b)) 30 31 static void process_crontab(const char *, const char *, 32 const char *, struct stat *, 33 cron_db *, cron_db *); 34 35 void 36 load_database(cron_db *old_db) { 37 struct stat statbuf, syscron_stat; 38 cron_db new_db; 39 DIR_T *dp; 40 DIR *dir; 41 user *u, *nu; 42 43 Debug(DLOAD, ("[%ld] load_database()\n", (long)getpid())) 44 45 /* before we start loading any data, do a stat on SPOOL_DIR 46 * so that if anything changes as of this moment (i.e., before we've 47 * cached any of the database), we'll see the changes next time. 48 */ 49 if (stat(SPOOL_DIR, &statbuf) < OK) { 50 log_it("CRON", getpid(), "STAT FAILED", SPOOL_DIR); 51 return; 52 } 53 54 /* track system crontab file 55 */ 56 if (stat(SYSCRONTAB, &syscron_stat) < OK) 57 syscron_stat.st_mtime = 0; 58 59 /* if spooldir's mtime has not changed, we don't need to fiddle with 60 * the database. 61 * 62 * Note that old_db->mtime is initialized to 0 in main(), and 63 * so is guaranteed to be different than the stat() mtime the first 64 * time this function is called. 65 */ 66 if (old_db->mtime == HASH(statbuf.st_mtime, syscron_stat.st_mtime)) { 67 Debug(DLOAD, ("[%ld] spool dir mtime unch, no load needed.\n", 68 (long)getpid())) 69 return; 70 } 71 72 /* something's different. make a new database, moving unchanged 73 * elements from the old database, reloading elements that have 74 * actually changed. Whatever is left in the old database when 75 * we're done is chaff -- crontabs that disappeared. 76 */ 77 new_db.mtime = HASH(statbuf.st_mtime, syscron_stat.st_mtime); 78 new_db.head = new_db.tail = NULL; 79 80 if (syscron_stat.st_mtime) { 81 process_crontab(ROOT_USER, NULL, SYSCRONTAB, &syscron_stat, 82 &new_db, old_db); 83 } 84 85 /* we used to keep this dir open all the time, for the sake of 86 * efficiency. however, we need to close it in every fork, and 87 * we fork a lot more often than the mtime of the dir changes. 88 */ 89 if (!(dir = opendir(SPOOL_DIR))) { 90 log_it("CRON", getpid(), "OPENDIR FAILED", SPOOL_DIR); 91 return; 92 } 93 94 while (NULL != (dp = readdir(dir))) { 95 char fname[MAXNAMLEN+1], tabname[MAXNAMLEN]; 96 97 /* avoid file names beginning with ".". this is good 98 * because we would otherwise waste two guaranteed calls 99 * to getpwnam() for . and .., and also because user names 100 * starting with a period are just too nasty to consider. 101 */ 102 if (dp->d_name[0] == '.') 103 continue; 104 105 if (strlcpy(fname, dp->d_name, sizeof fname) >= sizeof fname) 106 continue; /* XXX log? */ 107 108 if (snprintf(tabname, sizeof tabname, "%s/%s", SPOOL_DIR, fname) >= 109 sizeof(tabname)) 110 continue; /* XXX log? */ 111 112 process_crontab(fname, fname, tabname, 113 &statbuf, &new_db, old_db); 114 } 115 closedir(dir); 116 117 /* if we don't do this, then when our children eventually call 118 * getpwnam() in do_command.c's child_process to verify MAILTO=, 119 * they will screw us up (and v-v). 120 */ 121 endpwent(); 122 123 /* whatever's left in the old database is now junk. 124 */ 125 Debug(DLOAD, ("unlinking old database:\n")) 126 for (u = old_db->head; u != NULL; u = nu) { 127 Debug(DLOAD, ("\t%s\n", u->name)) 128 nu = u->next; 129 unlink_user(old_db, u); 130 free_user(u); 131 } 132 133 /* overwrite the database control block with the new one. 134 */ 135 *old_db = new_db; 136 Debug(DLOAD, ("load_database is done\n")) 137 } 138 139 void 140 link_user(cron_db *db, user *u) { 141 if (db->head == NULL) 142 db->head = u; 143 if (db->tail) 144 db->tail->next = u; 145 u->prev = db->tail; 146 u->next = NULL; 147 db->tail = u; 148 } 149 150 void 151 unlink_user(cron_db *db, user *u) { 152 if (u->prev == NULL) 153 db->head = u->next; 154 else 155 u->prev->next = u->next; 156 157 if (u->next == NULL) 158 db->tail = u->prev; 159 else 160 u->next->prev = u->prev; 161 } 162 163 user * 164 find_user(cron_db *db, const char *name) { 165 user *u; 166 167 for (u = db->head; u != NULL; u = u->next) 168 if (strcmp(u->name, name) == 0) 169 break; 170 return (u); 171 } 172 173 static void 174 process_crontab(const char *uname, const char *fname, const char *tabname, 175 struct stat *statbuf, cron_db *new_db, cron_db *old_db) 176 { 177 struct passwd *pw = NULL; 178 int crontab_fd = OK - 1; 179 user *u; 180 181 if (fname == NULL) { 182 /* must be set to something for logging purposes. 183 */ 184 fname = "*system*"; 185 } else if ((pw = getpwnam(uname)) == NULL) { 186 /* file doesn't have a user in passwd file. 187 */ 188 log_it(fname, getpid(), "ORPHAN", "no passwd entry"); 189 goto next_crontab; 190 } 191 192 if ((crontab_fd = open(tabname, O_RDONLY|O_NONBLOCK|O_NOFOLLOW, 0)) < OK) { 193 /* crontab not accessible? 194 */ 195 log_it(fname, getpid(), "CAN'T OPEN", tabname); 196 goto next_crontab; 197 } 198 199 if (fstat(crontab_fd, statbuf) < OK) { 200 log_it(fname, getpid(), "FSTAT FAILED", tabname); 201 goto next_crontab; 202 } 203 if (!S_ISREG(statbuf->st_mode)) { 204 log_it(fname, getpid(), "NOT REGULAR", tabname); 205 goto next_crontab; 206 } 207 if ((statbuf->st_mode & 07577) != 0400) { 208 /* Looser permissions on system crontab. */ 209 if (pw != NULL || (statbuf->st_mode & 022) != 0) { 210 log_it(fname, getpid(), "BAD FILE MODE", tabname); 211 goto next_crontab; 212 } 213 } 214 if (statbuf->st_uid != ROOT_UID && (pw == NULL || 215 statbuf->st_uid != pw->pw_uid || strcmp(uname, pw->pw_name) != 0)) { 216 log_it(fname, getpid(), "WRONG FILE OWNER", tabname); 217 goto next_crontab; 218 } 219 if (pw != NULL && statbuf->st_nlink != 1) { 220 log_it(fname, getpid(), "BAD LINK COUNT", tabname); 221 goto next_crontab; 222 } 223 224 Debug(DLOAD, ("\t%s:", fname)) 225 u = find_user(old_db, fname); 226 if (u != NULL) { 227 /* if crontab has not changed since we last read it 228 * in, then we can just use our existing entry. 229 */ 230 if (u->mtime == statbuf->st_mtime) { 231 Debug(DLOAD, (" [no change, using old data]")) 232 unlink_user(old_db, u); 233 link_user(new_db, u); 234 goto next_crontab; 235 } 236 237 /* before we fall through to the code that will reload 238 * the user, let's deallocate and unlink the user in 239 * the old database. This is more a point of memory 240 * efficiency than anything else, since all leftover 241 * users will be deleted from the old database when 242 * we finish with the crontab... 243 */ 244 Debug(DLOAD, (" [delete old data]")) 245 unlink_user(old_db, u); 246 free_user(u); 247 log_it(fname, getpid(), "RELOAD", tabname); 248 } 249 u = load_user(crontab_fd, pw, fname); 250 if (u != NULL) { 251 u->mtime = statbuf->st_mtime; 252 link_user(new_db, u); 253 } 254 255 next_crontab: 256 if (crontab_fd >= OK) { 257 Debug(DLOAD, (" [done]\n")) 258 close(crontab_fd); 259 } 260 } 261