From c4f3d9e46eadb5808e885063991be6d8146e9890 Mon Sep 17 00:00:00 2001 From: Thibault Godouet Date: Sun, 23 Dec 2001 22:03:08 +0000 Subject: [PATCH] we now use ROOTUID and ROOTGID instead of hard-coded "0" --- conf.c | 20 ++++++++++---------- config.h.in | 12 +++++++----- configure.in | 46 ++++++++++++++++++++++++++++++---------------- fcron.c | 10 +++++----- fcronsighup.c | 10 +++++----- fcrontab.c | 34 +++++++++++++++++----------------- fileconf.c | 10 +++++----- subs.c | 6 +++--- 8 files changed, 82 insertions(+), 66 deletions(-) diff --git a/conf.c b/conf.c index d0e18f9..7d95e21 100644 --- a/conf.c +++ b/conf.c @@ -2,7 +2,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,7 +22,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: conf.c,v 1.51 2001-09-12 13:45:54 thib Exp $ */ + /* $Id: conf.c,v 1.52 2001-12-23 22:04:51 thib Exp $ */ #include "fcron.h" @@ -442,9 +442,9 @@ read_file(const char *file_name, CF *cf) } if ( strncmp(file_name,"new.", 4) == 0 ) { - if ( file_stat.st_uid == 0 ) - /* file is owned by root : no test needed : set runas to 0 */ - runas = 0; + if ( file_stat.st_uid == ROOTUID ) + /* file is owned by root : no test needed : set runas to ROOTUID */ + runas = ROOTUID; else { /* this is a standard user's new fcrontab : set the runas field to * the owner of the file */ @@ -457,10 +457,10 @@ read_file(const char *file_name, CF *cf) } } else { - if ( file_stat.st_uid == 0 ) + if ( file_stat.st_uid == ROOTUID ) /* file is owned by root : either this file has already been parsed * at least once by fcron, either it is the root's fcrontab */ - runas = 0; + runas = ROOTUID; else { error("Non-new file %s owned by someone else than root",file_name); goto err; @@ -492,7 +492,7 @@ read_file(const char *file_name, CF *cf) error("Cannot read user's name : file ignored"); goto err; } - if ( runas != 0 ) { + if ( runas != ROOTUID ) { /* we use file owner's name for more security (see above) */ /* free the value obtained by read_strn() (we need to read it anyway * to set the file ptr to the next thing to read) */ @@ -688,7 +688,7 @@ add_line_to_file(CL *cl, CF *cf, uid_t runas, char *runas_str, time_t t_save) } /* set runas field if necessary (to improve security) */ - if (runas > 0) { + if (runas != ROOTUID) { if (strcmp(cl->cl_runas, runas_str) != 0) warn("warning: runas(%s) is not owner (%s): overridden.", cl->cl_runas, runas_str); @@ -1009,7 +1009,7 @@ save_file(CF *arg_file) /* chown the file to root:root : this file should only be read and * modified by fcron (not fcrontab) */ - if (fchown(fileno(f), 0, 0) != 0) + if (fchown(fileno(f), ROOTUID, ROOTGID) != 0) error_e("Could not fchown \"%s\"", file->cf_user); /* save file : */ diff --git a/config.h.in b/config.h.in index f61abbd..db8f04d 100644 --- a/config.h.in +++ b/config.h.in @@ -1,7 +1,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,7 +21,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: config.h.in,v 1.37 2001-09-12 13:50:09 thib Exp $ */ + /* $Id: config.h.in,v 1.38 2001-12-23 22:05:03 thib Exp $ */ /* *********************************************************** */ @@ -160,10 +160,12 @@ /* Define if we should use sete[ug]id() funcs */ #undef USE_SETE_ID -/* username to run under */ -#undef USERNAME +/* root uid and gid */ +#undef ROOTUID +#undef ROOTGID -/* groupname to run under */ +/* user and group name to run under */ +#undef USERNAME #undef GROUPNAME /* Define to empty if the keyword does not work. */ diff --git a/configure.in b/configure.in index f45d243..335972b 100644 --- a/configure.in +++ b/configure.in @@ -481,27 +481,30 @@ AC_ARG_WITH(rootname, AC_MSG_ERROR(Need rootname.) ;; yes) - if cat /etc/passwd | grep "^root:" > /dev/null; then + if LINE=`cat /etc/passwd | grep "^root:"`; then rootname=root - AC_MSG_RESULT($rootname) + rootuid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootname uid: $rootuid) else AC_MSG_ERROR([ Cannot determine root's username: try option --with-rootname=USERNAME]) fi ;; *) - if cat /etc/passwd | grep "^$withval:" > /dev/null ; then + if LINE=`cat /etc/passwd | grep "^$withval:"`; then rootname=$withval - AC_MSG_RESULT($rootname) + rootuid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootname uid: $rootuid) else AC_MSG_ERROR([ Invalid root's username : not in /etc/passwd]) fi ;; esac ], - if cat /etc/passwd | grep "^root:" > /dev/null ; then + if LINE=`cat /etc/passwd | grep "^root:"`; then rootname=root - AC_MSG_RESULT($rootname) + rootuid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootname uid: $rootuid) else AC_MSG_ERROR([ Cannot determine root's username: try option --with-rootname=USERNAME]) @@ -516,33 +519,38 @@ AC_ARG_WITH(rootgroup, AC_MSG_ERROR(Need rootgroup.) ;; yes) - if cat /etc/group | grep "^root:" > /dev/null ; then + if LINE=`cat /etc/group | grep "^root:"`; then rootgroup=root - AC_MSG_RESULT($rootgroup) - elif cat /etc/group | grep "^wheel:" > /dev/null ; then + rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootgroup gid: $rootgid) + elif LINE=`cat /etc/group | grep "^wheel:"`; then rootgroup=wheel - AC_MSG_RESULT($rootgroup) + rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootgroup gid: $rootgid) else AC_MSG_ERROR([ Cannot determine root's groupname: try option --with-rootgroup=GROUPNAME]) fi ;; *) - if cat /etc/group | grep "^$withval:" > /dev/null ; then + if LINE=`cat /etc/group | grep "^$withval:"`; then rootgroup=$withval - AC_MSG_RESULT($rootgroup) + rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootgroup gid: $rootgid) else AC_MSG_ERROR([ Invalid root's groupname : not in /etc/group]) fi ;; esac ], - if cat /etc/group | grep "^root:" > /dev/null ; then + if LINE=`cat /etc/group | grep "^root:"`; then rootgroup=root - AC_MSG_RESULT($rootgroup) - elif cat /etc/group | grep "^wheel:" > /dev/null ; then + rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootgroup gid: $rootgid) + elif LINE=`cat /etc/group | grep "^wheel:"`; then rootgroup=wheel - AC_MSG_RESULT($rootgroup) + rootgid=`echo $LINE | awk 'BEGIN {FS= ":" } {print $3}'` + AC_MSG_RESULT($rootgroup gid: $rootgid) else AC_MSG_ERROR([ Cannot determine root's groupname: try option --with-rootgroup=GROUPNAME]) @@ -552,9 +560,15 @@ Cannot determine root's groupname: try option --with-rootgroup=GROUPNAME]) ROOTNAME="$rootname" AC_SUBST(ROOTNAME) AC_DEFINE_UNQUOTED(ROOTNAME, "$rootname") +ROOTUID=$rootuid +AC_SUBST(ROOTUID) +AC_DEFINE_UNQUOTED(ROOTUID, $rootuid) ROOTGROUP="$rootgroup" AC_SUBST(ROOTGROUP) AC_DEFINE_UNQUOTED(ROOTGROUP, "$rootgroup") +ROOTGID=$rootgid +AC_SUBST(ROOTGID) +AC_DEFINE_UNQUOTED(ROOTGID, $rootgid) username="$rootname" groupname="$rootgroup" diff --git a/fcron.c b/fcron.c index c2c93c0..4f243d2 100644 --- a/fcron.c +++ b/fcron.c @@ -1,7 +1,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,7 +21,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: fcron.c,v 1.56 2001-09-12 13:44:50 thib Exp $ */ + /* $Id: fcron.c,v 1.57 2001-12-23 22:04:37 thib Exp $ */ #include "fcron.h" @@ -29,7 +29,7 @@ #include "conf.h" #include "job.h" -char rcs_info[] = "$Id: fcron.c,v 1.56 2001-09-12 13:44:50 thib Exp $"; +char rcs_info[] = "$Id: fcron.c,v 1.57 2001-12-23 22:04:37 thib Exp $"; void main_loop(void); void check_signal(void); @@ -112,7 +112,7 @@ info(void) { fprintf(stderr, "fcron " VERSION_QUOTED " - periodic command scheduler\n" - "Copyright 2000-2001 Thibault Godouet \n" + "Copyright 2000-2002 Thibault Godouet \n" "This program is free software distributed WITHOUT ANY WARRANTY.\n" "See the GNU General Public License for more details.\n" ); @@ -460,7 +460,7 @@ main(int argc, char **argv) { uid_t daemon_uid; - if ( (daemon_uid = getuid()) != 0 ) + if ( (daemon_uid = getuid()) != ROOTUID ) die("Fcron must be executed as root"); } diff --git a/fcronsighup.c b/fcronsighup.c index 2416b98..da2f096 100644 --- a/fcronsighup.c +++ b/fcronsighup.c @@ -1,7 +1,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,7 +21,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: fcronsighup.c,v 1.2 2001-07-09 11:49:11 thib Exp $ */ + /* $Id: fcronsighup.c,v 1.3 2001-12-23 22:03:08 thib Exp $ */ #include "global.h" @@ -30,7 +30,7 @@ #include "subs.h" #include "allow.h" -char rcs_info[] = "$Id: fcronsighup.c,v 1.2 2001-07-09 11:49:11 thib Exp $"; +char rcs_info[] = "$Id: fcronsighup.c,v 1.3 2001-12-23 22:03:08 thib Exp $"; void usage(void); void sig_daemon(void); @@ -59,7 +59,7 @@ usage(void) { fprintf(stderr, "fcronsighup "VERSION_QUOTED" - make fcron update its fcrontabs\n" - "Copyright 2000-2001 Thibault Godouet \n" + "Copyright 2000-2002 Thibault Godouet \n" "This program is free software distributed WITHOUT ANY WARRANTY.\n" "See the GNU General Public License for more details.\n" "\n" @@ -100,7 +100,7 @@ sig_daemon(void) * some bad users to block daemon by sending it SIGHUP all the time */ { /* we don't need to make root wait */ - if (uid != 0) { + if (uid != ROOTUID) { time_t t = 0; int sl = 0; FILE *fp = NULL; diff --git a/fcrontab.c b/fcrontab.c index 53dc222..6454425 100644 --- a/fcrontab.c +++ b/fcrontab.c @@ -2,7 +2,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,7 +22,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: fcrontab.c,v 1.52 2001-11-04 18:58:17 thib Exp $ */ + /* $Id: fcrontab.c,v 1.53 2001-12-23 22:04:10 thib Exp $ */ /* * The goal of this program is simple : giving a user interface to fcron @@ -45,7 +45,7 @@ #include "allow.h" #include "fileconf.h" -char rcs_info[] = "$Id: fcrontab.c,v 1.52 2001-11-04 18:58:17 thib Exp $"; +char rcs_info[] = "$Id: fcrontab.c,v 1.53 2001-12-23 22:04:10 thib Exp $"; void info(void); void usage(void); @@ -101,7 +101,7 @@ info(void) { fprintf(stderr, "fcrontab " VERSION_QUOTED " - user interface to daemon fcron\n" - "Copyright 2000-2001 Thibault Godouet \n" + "Copyright 2000-2002 Thibault Godouet \n" "This program is free software distributed WITHOUT ANY WARRANTY.\n" "See the GNU General Public License for more details.\n" ); @@ -186,7 +186,7 @@ copy(char *orig, char *dest) * except for root. Root requires filesystem uid root for security * reasons */ #ifdef USE_SETE_ID - if (asuid != 0 && seteuid(fcrontab_uid) != 0) + if (asuid != ROOTUID && seteuid(fcrontab_uid) != 0) error_e("seteuid(fcrontab_uid[%d])", fcrontab_uid); #endif if ((to = fopen(dest, "w")) == NULL) { @@ -194,13 +194,13 @@ copy(char *orig, char *dest) return ERR; } #ifdef USE_SETE_ID - if (asuid != 0 && seteuid(uid) != 0) + if (asuid != ROOTUID && seteuid(uid) != 0) die_e("seteuid(uid[%d])", uid); #endif - if (asuid == 0 ) { + if (asuid == ROOTUID ) { if ( fchmod(fileno(to), S_IWUSR | S_IRUSR) != 0 ) error_e("Could not fchmod %s to 600", dest); - if ( fchown(fileno(to), 0, fcrontab_gid) != 0 ) + if ( fchown(fileno(to), ROOTUID, fcrontab_gid) != 0 ) error_e("Could not fchown %s to root", dest); } @@ -418,7 +418,7 @@ edit_file(char *buf) switch ( pid = fork() ) { case 0: /* child */ - if ( uid != 0 ) { + if ( uid != ROOTUID ) { if (setgid(asgid) < 0) { error_e("setgid(asgid)"); goto exiterr; @@ -469,7 +469,7 @@ edit_file(char *buf) close(fd); goto exiterr; } - if ( fchown(fd, 0, 0) != 0 || fchmod(fd, S_IRUSR|S_IWUSR) != 0 ) { + if ( fchown(fd, ROOTUID, ROOGID) != 0 || fchmod(fd, S_IRUSR|S_IWUSR) != 0 ) { fprintf(stderr, "Can't chown or chmod %s.\n", tmp_str); close(fd); goto exiterr; @@ -807,7 +807,7 @@ parseopt(int argc, char *argv[]) usage(); break; case 'u': - if (getuid() != 0) { + if (getuid() != ROOTUID) { fprintf(stderr, "must be privileged to use -u\n"); xexit(EXIT_ERR); } @@ -889,7 +889,7 @@ parseopt(int argc, char *argv[]) else usage(); - if (getuid() != 0) { + if (getuid() != ROOTUID) { fprintf(stderr, "must be privileged to use -u\n"); xexit(EXIT_ERR); } @@ -899,7 +899,7 @@ parseopt(int argc, char *argv[]) if ( list_opt + rm_opt + edit_opt + reinstall_opt == 0 ) file_opt = optind; else { - if (getuid() != 0) { + if (getuid() != ROOTUID) { fprintf(stderr, "must be privileged to use [user|-u user]\n"); xexit(EXIT_ERR); } @@ -1011,10 +1011,10 @@ main(int argc, char **argv) #else /* USE_SETE_ID */ - if (setuid(0) != 0 ) - die_e("Could not change uid to 0"); - if (setgid(0) != 0) - die_e("Could not change gid to 0"); + if (setuid(ROOTUID) != 0 ) + die_e("Could not change uid to ROOTUID"); + if (setgid(ROOTGID) != 0) + die_e("Could not change gid to ROOTGID"); /* change directory */ if (chdir(fcrontabs) != 0) { error_e("Could not chdir to %s", fcrontabs); diff --git a/fileconf.c b/fileconf.c index f7bf75f..3e949a4 100644 --- a/fileconf.c +++ b/fileconf.c @@ -2,7 +2,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,7 +22,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: fileconf.c,v 1.54 2001-12-23 12:20:46 thib Exp $ */ + /* $Id: fileconf.c,v 1.55 2001-12-23 22:04:44 thib Exp $ */ #include "fcrontab.h" @@ -378,7 +378,7 @@ get_nice(char *ptr, int *nice) return NULL; if ( negative == 1 ) { - if (getuid() != 0) { + if (getuid() != ROOTUID) { fprintf(stderr, "must be privileged to use a negative argument " "with nice: set to 0\n"); need_correction = 1; @@ -894,7 +894,7 @@ read_opt(char *ptr, CL *cl) } else if(strcmp(opt_name, "runas") == 0) { - if (getuid() != 0) { + if (getuid() != ROOTUID) { fprintf(stderr, "must be privileged to use option runas: " "skipping option\n"); need_correction = 1; @@ -1026,7 +1026,7 @@ check_username(char *ptr, CF *cf, CL *cl) ptr = ptr + indx; /* move ptr to the next word */ Skip_blanks(ptr); - if (getuid() != 0) { + if (getuid() != ROOTUID) { fprintf(stderr, "must be privileged to run as another user : " "ignoring\n"); } else { diff --git a/subs.c b/subs.c index 2fca3ba..630eacf 100644 --- a/subs.c +++ b/subs.c @@ -2,7 +2,7 @@ /* * FCRON - periodic command scheduler * - * Copyright 2000-2001 Thibault Godouet + * Copyright 2000-2002 Thibault Godouet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,7 +22,7 @@ * `LICENSE' that comes with the fcron source distribution. */ - /* $Id: subs.c,v 1.15 2001-08-17 19:50:08 thib Exp $ */ + /* $Id: subs.c,v 1.16 2001-12-23 22:05:20 thib Exp $ */ #include "global.h" #include "subs.h" @@ -183,7 +183,7 @@ read_conf(void) } /* check if the file is secure : owned and writable only by root */ - if ( fstat(fileno(f), &st) != 0 || st.st_uid != 0 + if ( fstat(fileno(f), &st) != 0 || st.st_uid != ROOTUID || st.st_mode & S_IWGRP || st.st_mode & S_IWOTH ) { error("Conf file (%s) must be owned by root and (no more than) 644 : " "ignored", fcronconf); -- 2.47.3