Index: head/usr.sbin/cron/cron/cron.h =================================================================== --- head/usr.sbin/cron/cron/cron.h (revision 352667) +++ head/usr.sbin/cron/cron/cron.h (revision 352668) @@ -1,316 +1,318 @@ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved * * Distribute freely, except: don't remove my name from the source or * documentation (don't take credit for my work), mark your changes (don't * get me blamed for your possible bugs), don't alter or remove this * notice. May be sold if buildable source is provided to buyer. No * warrantee of any kind, express or implied, is included with this * software; use at your own risk, responsibility for damages (if any) to * anyone resulting from the use of this software rests entirely with the * user. * * Send bug reports, bug fixes, enhancements, requests, flames, etc., and * I'll try to keep a version up to date. I can be reached as follows: * Paul Vixie uunet!decwrl!vixie!paul */ /* cron.h - header for vixie's cron * * $FreeBSD$ * * vix 14nov88 [rest of log is in RCS] * vix 14jan87 [0 or 7 can be sunday; thanks, mwm@berkeley] * vix 30dec86 [written] */ /* reorder these #include's at your peril */ #include #include #include "compat.h" #include #include #include #include #include #include #include #include #include #include #include "pathnames.h" #include "config.h" #include "externs.h" /* these are really immutable, and are * defined for symbolic convenience only * TRUE, FALSE, and ERR must be distinct * ERR must be < OK. */ #define TRUE 1 #define FALSE 0 /* system calls return this on success */ #define OK 0 /* or this on error */ #define ERR (-1) /* turn this on to get '-x' code */ #ifndef DEBUGGING #define DEBUGGING FALSE #endif #define READ_PIPE 0 /* which end of a pipe pair do you read? */ #define WRITE_PIPE 1 /* or write to? */ #define STDIN 0 /* what is stdin's file descriptor? */ #define STDOUT 1 /* stdout's? */ #define STDERR 2 /* stderr's? */ #define ERROR_EXIT 1 /* exit() with this will scare the shell */ #define OK_EXIT 0 /* exit() with this is considered 'normal' */ #define MAX_FNAME 100 /* max length of internally generated fn */ #define MAX_COMMAND 1000 /* max length of internally generated cmd */ #define MAX_ENVSTR 1000 /* max length of envvar=value\0 strings */ #define MAX_TEMPSTR 100 /* obvious */ #define ROOT_UID 0 /* don't change this, it really must be root */ #define ROOT_USER "root" /* ditto */ #define SYS_NAME "*system*" /* magic owner name for system crontab */ /* NOTE: these correspond to DebugFlagNames, * defined below. */ #define DEXT 0x0001 /* extend flag for other debug masks */ #define DSCH 0x0002 /* scheduling debug mask */ #define DPROC 0x0004 /* process control debug mask */ #define DPARS 0x0008 /* parsing debug mask */ #define DLOAD 0x0010 /* database loading debug mask */ #define DMISC 0x0020 /* misc debug mask */ #define DTEST 0x0040 /* test mode: don't execute any commands */ #define DBIT 0x0080 /* bit twiddling shown (long) */ #define CRON_TAB(u) "%s/%s", SPOOL_DIR, u #define REG register #define PPC_NULL ((char **)NULL) #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 256 #endif #define Skip_Blanks(c, f) \ while (c == '\t' || c == ' ') \ c = get_char(f); #define Skip_Nonblanks(c, f) \ while (c!='\t' && c!=' ' && c!='\n' && c != EOF) \ c = get_char(f); #define Skip_Line(c, f) \ do {c = get_char(f);} while (c != '\n' && c != EOF); #if DEBUGGING # define Debug(mask, message) \ if ( (DebugFlags & (mask) ) == (mask) ) \ printf message; #else /* !DEBUGGING */ # define Debug(mask, message) \ ; #endif /* DEBUGGING */ #define MkLower(ch) (isupper(ch) ? tolower(ch) : ch) #define MkUpper(ch) (islower(ch) ? toupper(ch) : ch) #define Set_LineNum(ln) {Debug(DPARS|DEXT,("linenum=%d\n",ln)); \ LineNumber = ln; \ } #define FIRST_SECOND 0 #define LAST_SECOND 59 #define SECOND_COUNT (LAST_SECOND - FIRST_SECOND + 1) #define FIRST_MINUTE 0 #define LAST_MINUTE 59 #define MINUTE_COUNT (LAST_MINUTE - FIRST_MINUTE + 1) #define FIRST_HOUR 0 #define LAST_HOUR 23 #define HOUR_COUNT (LAST_HOUR - FIRST_HOUR + 1) #define FIRST_DOM 1 #define LAST_DOM 31 #define DOM_COUNT (LAST_DOM - FIRST_DOM + 1) #define FIRST_MONTH 1 #define LAST_MONTH 12 #define MONTH_COUNT (LAST_MONTH - FIRST_MONTH + 1) /* note on DOW: 0 and 7 are both Sunday, for compatibility reasons. */ #define FIRST_DOW 0 #define LAST_DOW 7 #define DOW_COUNT (LAST_DOW - FIRST_DOW + 1) #ifdef LOGIN_CAP /* see init.c */ #define RESOURCE_RC "daemon" #endif /* each user's crontab will be held as a list of * the following structure. * * These are the cron commands. */ typedef struct _entry { struct _entry *next; uid_t uid; gid_t gid; #ifdef LOGIN_CAP char *class; #endif char **envp; char *cmd; union { struct { bitstr_t bit_decl(second, SECOND_COUNT); bitstr_t bit_decl(minute, MINUTE_COUNT); bitstr_t bit_decl(hour, HOUR_COUNT); bitstr_t bit_decl(dom, DOM_COUNT); bitstr_t bit_decl(month, MONTH_COUNT); bitstr_t bit_decl(dow, DOW_COUNT); }; struct { time_t lastexit; time_t interval; pid_t child; }; }; int flags; #define DOM_STAR 0x01 #define DOW_STAR 0x02 #define WHEN_REBOOT 0x04 #define RUN_AT 0x08 #define NOT_UNTIL 0x10 #define SEC_RES 0x20 #define INTERVAL 0x40 +#define DONT_LOG 0x80 +#define MAIL_WHEN_ERR 0x100 time_t lastrun; } entry; /* the crontab database will be a list of the * following structure, one element per user * plus one for the system. * * These are the crontabs. */ typedef struct _user { struct _user *next, *prev; /* links */ char *name; time_t mtime; /* last modtime of crontab */ entry *crontab; /* this person's crontab */ } user; typedef struct _cron_db { user *head, *tail; /* links */ time_t mtime; /* last modtime on spooldir */ } cron_db; void set_cron_uid(void), set_cron_cwd(void), load_database(cron_db *), open_logfile(void), sigpipe_func(void), job_add(entry *, user *), do_command(entry *, user *), link_user(cron_db *, user *), unlink_user(cron_db *, user *), free_user(user *), env_free(char **), unget_char(int, FILE *), free_entry(entry *), skip_comments(FILE *), log_it(char *, int, char *, const char *), log_close(void); int job_runqueue(void), set_debug_flags(char *), get_char(FILE *), get_string(char *, int, FILE *, char *), swap_uids(void), swap_uids_back(void), load_env(char *, FILE *), cron_pclose(FILE *), strcmp_until(char *, char *, int), allowed(char *), strdtb(char *); char *env_get(char *, char **), *arpadate(time_t *), *mkprints(unsigned char *, unsigned int), *first_word(char *, char *), **env_init(void), **env_copy(char **), **env_set(char **, char *); user *load_user(int, struct passwd *, char *), *find_user(cron_db *, char *); entry *load_entry(FILE *, void (*)(char *), struct passwd *, char **); -FILE *cron_popen(char *, char *, entry *); +FILE *cron_popen(char *, char *, entry *, PID_T *); /* in the C tradition, we only create * variables for the main program, just * extern them elsewhere. */ #ifdef MAIN_PROGRAM # if !defined(LINT) && !defined(lint) char *copyright[] = { "@(#) Copyright 1988,1989,1990,1993,1994 by Paul Vixie", "@(#) All rights reserved" }; # endif char *MonthNames[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec", NULL }; char *DowNames[] = { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun", NULL }; char *ProgramName, *defmailto; int LineNumber; unsigned Jitter, RootJitter; time_t TargetTime; # if DEBUGGING int DebugFlags; char *DebugFlagNames[] = { /* sync with #defines */ "ext", "sch", "proc", "pars", "load", "misc", "test", "bit", NULL /* NULL must be last element */ }; # endif /* DEBUGGING */ #else /*MAIN_PROGRAM*/ extern char *copyright[], *MonthNames[], *DowNames[], *ProgramName, *defmailto; extern int LineNumber; extern unsigned Jitter, RootJitter; extern time_t TargetTime; extern struct pidfh *pfh; # if DEBUGGING extern int DebugFlags; extern char *DebugFlagNames[]; # endif /* DEBUGGING */ #endif /*MAIN_PROGRAM*/ Index: head/usr.sbin/cron/cron/do_command.c =================================================================== --- head/usr.sbin/cron/cron/do_command.c (revision 352667) +++ head/usr.sbin/cron/cron/do_command.c (revision 352668) @@ -1,638 +1,665 @@ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved * * Distribute freely, except: don't remove my name from the source or * documentation (don't take credit for my work), mark your changes (don't * get me blamed for your possible bugs), don't alter or remove this * notice. May be sold if buildable source is provided to buyer. No * warrantee of any kind, express or implied, is included with this * software; use at your own risk, responsibility for damages (if any) to * anyone resulting from the use of this software rests entirely with the * user. * * Send bug reports, bug fixes, enhancements, requests, flames, etc., and * I'll try to keep a version up to date. I can be reached as follows: * Paul Vixie uunet!decwrl!vixie!paul */ #if !defined(lint) && !defined(LINT) static const char rcsid[] = "$FreeBSD$"; #endif #include "cron.h" #include #if defined(sequent) # include #endif #if defined(SYSLOG) # include #endif #if defined(LOGIN_CAP) # include #endif #ifdef PAM # include # include #endif static void child_process(entry *, user *), do_univ(user *); +static WAIT_T wait_on_child(PID_T, const char *); void do_command(e, u) entry *e; user *u; { pid_t pid; Debug(DPROC, ("[%d] do_command(%s, (%s,%d,%d))\n", getpid(), e->cmd, u->name, e->uid, e->gid)) /* fork to become asynchronous -- parent process is done immediately, * and continues to run the normal cron code, which means return to * tick(). the child and grandchild don't leave this function, alive. * * vfork() is unsuitable, since we have much to do, and the parent * needs to be able to run off and fork other processes. */ switch ((pid = fork())) { case -1: log_it("CRON",getpid(),"error","can't fork"); if (e->flags & INTERVAL) e->lastexit = time(NULL); break; case 0: /* child process */ pidfile_close(pfh); child_process(e, u); Debug(DPROC, ("[%d] child process done, exiting\n", getpid())) _exit(OK_EXIT); break; default: /* parent process */ Debug(DPROC, ("[%d] main process forked child #%d, " "returning to work\n", getpid(), pid)) if (e->flags & INTERVAL) { e->lastexit = 0; e->child = pid; } break; } Debug(DPROC, ("[%d] main process returning to work\n", getpid())) } static void child_process(e, u) entry *e; user *u; { int stdin_pipe[2], stdout_pipe[2]; register char *input_data; char *usernm, *mailto, *mailfrom; - int children = 0; + PID_T jobpid, stdinjob, mailpid; + register FILE *mail; + register int bytes = 1; + int status = 0; # if defined(LOGIN_CAP) struct passwd *pwd; login_cap_t *lc; # endif Debug(DPROC, ("[%d] child_process('%s')\n", getpid(), e->cmd)) /* mark ourselves as different to PS command watchers by upshifting * our program name. This has no effect on some kernels. */ setproctitle("running job"); /* discover some useful and important environment settings */ usernm = env_get("LOGNAME", e->envp); mailto = env_get("MAILTO", e->envp); mailfrom = env_get("MAILFROM", e->envp); #ifdef PAM /* use PAM to see if the user's account is available, * i.e., not locked or expired or whatever. skip this * for system tasks from /etc/crontab -- they can run * as any user. */ if (strcmp(u->name, SYS_NAME)) { /* not equal */ pam_handle_t *pamh = NULL; int pam_err; struct pam_conv pamc = { .conv = openpam_nullconv, .appdata_ptr = NULL }; Debug(DPROC, ("[%d] checking account with PAM\n", getpid())) /* u->name keeps crontab owner name while LOGNAME is the name * of user to run command on behalf of. they should be the * same for a task from a per-user crontab. */ if (strcmp(u->name, usernm)) { log_it(usernm, getpid(), "username ambiguity", u->name); exit(ERROR_EXIT); } pam_err = pam_start("cron", usernm, &pamc, &pamh); if (pam_err != PAM_SUCCESS) { log_it("CRON", getpid(), "error", "can't start PAM"); exit(ERROR_EXIT); } pam_err = pam_acct_mgmt(pamh, PAM_SILENT); /* Expired password shouldn't prevent the job from running. */ if (pam_err != PAM_SUCCESS && pam_err != PAM_NEW_AUTHTOK_REQD) { log_it(usernm, getpid(), "USER", "account unavailable"); exit(ERROR_EXIT); } pam_end(pamh, pam_err); } #endif #ifdef USE_SIGCHLD /* our parent is watching for our death by catching SIGCHLD. we * do not care to watch for our children's deaths this way -- we * use wait() explicitly. so we have to disable the signal (which * was inherited from the parent). */ (void) signal(SIGCHLD, SIG_DFL); #else /* on system-V systems, we are ignoring SIGCLD. we have to stop * ignoring it now or the wait() in cron_pclose() won't work. * because of this, we have to wait() for our children here, as well. */ (void) signal(SIGCLD, SIG_DFL); #endif /*BSD*/ /* create some pipes to talk to our future child */ if (pipe(stdin_pipe) != 0 || pipe(stdout_pipe) != 0) { log_it("CRON", getpid(), "error", "can't pipe"); exit(ERROR_EXIT); } /* since we are a forked process, we can diddle the command string * we were passed -- nobody else is going to use it again, right? * * if a % is present in the command, previous characters are the * command, and subsequent characters are the additional input to * the command. Subsequent %'s will be transformed into newlines, * but that happens later. * * If there are escaped %'s, remove the escape character. */ /*local*/{ register int escaped = FALSE; register int ch; register char *p; for (input_data = p = e->cmd; (ch = *input_data); input_data++, p++) { if (p != input_data) *p = ch; if (escaped) { if (ch == '%' || ch == '\\') *--p = ch; escaped = FALSE; continue; } if (ch == '\\') { escaped = TRUE; continue; } if (ch == '%') { *input_data++ = '\0'; break; } } *p = '\0'; } /* fork again, this time so we can exec the user's command. */ - switch (vfork()) { + switch (jobpid = vfork()) { case -1: log_it("CRON",getpid(),"error","can't vfork"); exit(ERROR_EXIT); /*NOTREACHED*/ case 0: Debug(DPROC, ("[%d] grandchild process Vfork()'ed\n", getpid())) if (e->uid == ROOT_UID) Jitter = RootJitter; if (Jitter != 0) { srandom(getpid()); sleep(random() % Jitter); } /* write a log message. we've waited this long to do it * because it was not until now that we knew the PID that * the actual user command shell was going to get and the * PID is part of the log message. */ - /*local*/{ + if ((e->flags & DONT_LOG) == 0) { char *x = mkprints((u_char *)e->cmd, strlen(e->cmd)); log_it(usernm, getpid(), "CMD", x); free(x); } /* that's the last thing we'll log. close the log files. */ #ifdef SYSLOG closelog(); #endif /* get new pgrp, void tty, etc. */ (void) setsid(); /* close the pipe ends that we won't use. this doesn't affect * the parent, who has to read and write them; it keeps the * kernel from recording us as a potential client TWICE -- * which would keep it from sending SIGPIPE in otherwise * appropriate circumstances. */ close(stdin_pipe[WRITE_PIPE]); close(stdout_pipe[READ_PIPE]); /* grandchild process. make std{in,out} be the ends of * pipes opened by our daddy; make stderr go to stdout. */ close(STDIN); dup2(stdin_pipe[READ_PIPE], STDIN); close(STDOUT); dup2(stdout_pipe[WRITE_PIPE], STDOUT); close(STDERR); dup2(STDOUT, STDERR); /* close the pipes we just dup'ed. The resources will remain. */ close(stdin_pipe[READ_PIPE]); close(stdout_pipe[WRITE_PIPE]); /* set our login universe. Do this in the grandchild * so that the child can invoke /usr/lib/sendmail * without surprises. */ do_univ(u); # if defined(LOGIN_CAP) /* Set user's entire context, but skip the environment * as cron provides a separate interface for this */ if ((pwd = getpwnam(usernm)) == NULL) pwd = getpwuid(e->uid); lc = NULL; if (pwd != NULL) { pwd->pw_gid = e->gid; if (e->class != NULL) lc = login_getclass(e->class); } if (pwd && setusercontext(lc, pwd, e->uid, LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETENV)) == 0) (void) endpwent(); else { /* fall back to the old method */ (void) endpwent(); # endif /* set our directory, uid and gid. Set gid first, * since once we set uid, we've lost root privileges. */ if (setgid(e->gid) != 0) { log_it(usernm, getpid(), "error", "setgid failed"); exit(ERROR_EXIT); } # if defined(BSD) if (initgroups(usernm, e->gid) != 0) { log_it(usernm, getpid(), "error", "initgroups failed"); exit(ERROR_EXIT); } # endif if (setlogin(usernm) != 0) { log_it(usernm, getpid(), "error", "setlogin failed"); exit(ERROR_EXIT); } if (setuid(e->uid) != 0) { log_it(usernm, getpid(), "error", "setuid failed"); exit(ERROR_EXIT); } /* we aren't root after this..*/ #if defined(LOGIN_CAP) } if (lc != NULL) login_close(lc); #endif chdir(env_get("HOME", e->envp)); /* exec the command. */ { char *shell = env_get("SHELL", e->envp); # if DEBUGGING if (DebugFlags & DTEST) { fprintf(stderr, "debug DTEST is on, not exec'ing command.\n"); fprintf(stderr, "\tcmd='%s' shell='%s'\n", e->cmd, shell); _exit(OK_EXIT); } # endif /*DEBUGGING*/ execle(shell, shell, "-c", e->cmd, (char *)NULL, e->envp); warn("execle: couldn't exec `%s'", shell); _exit(ERROR_EXIT); } break; default: /* parent process */ break; } - children++; - /* middle process, child of original cron, parent of process running * the user's command. */ Debug(DPROC, ("[%d] child continues, closing pipes\n", getpid())) /* close the ends of the pipe that will only be referenced in the * grandchild process... */ close(stdin_pipe[READ_PIPE]); close(stdout_pipe[WRITE_PIPE]); /* * write, to the pipe connected to child's stdin, any input specified * after a % in the crontab entry. while we copy, convert any * additional %'s to newlines. when done, if some characters were * written and the last one wasn't a newline, write a newline. * * Note that if the input data won't fit into one pipe buffer (2K * or 4K on most BSD systems), and the child doesn't read its stdin, * we would block here. thus we must fork again. */ - if (*input_data && fork() == 0) { + if (*input_data && (stdinjob = fork()) == 0) { register FILE *out = fdopen(stdin_pipe[WRITE_PIPE], "w"); register int need_newline = FALSE; register int escaped = FALSE; register int ch; if (out == NULL) { warn("fdopen failed in child2"); _exit(ERROR_EXIT); } Debug(DPROC, ("[%d] child2 sending data to grandchild\n", getpid())) /* close the pipe we don't use, since we inherited it and * are part of its reference count now. */ close(stdout_pipe[READ_PIPE]); /* translation: * \% -> % * % -> \n * \x -> \x for all x != % */ while ((ch = *input_data++)) { if (escaped) { if (ch != '%') putc('\\', out); } else { if (ch == '%') ch = '\n'; } if (!(escaped = (ch == '\\'))) { putc(ch, out); need_newline = (ch != '\n'); } } if (escaped) putc('\\', out); if (need_newline) putc('\n', out); /* close the pipe, causing an EOF condition. fclose causes * stdin_pipe[WRITE_PIPE] to be closed, too. */ fclose(out); Debug(DPROC, ("[%d] child2 done sending to grandchild\n", getpid())) exit(0); } /* close the pipe to the grandkiddie's stdin, since its wicked uncle * ernie back there has it open and will close it when he's done. */ close(stdin_pipe[WRITE_PIPE]); - children++; - /* * read output from the grandchild. it's stderr has been redirected to * it's stdout, which has been redirected to our pipe. if there is any * output, we'll be mailing it to the user whose crontab this is... * when the grandchild exits, we'll get EOF. */ Debug(DPROC, ("[%d] child reading output from grandchild\n", getpid())) /*local*/{ register FILE *in = fdopen(stdout_pipe[READ_PIPE], "r"); register int ch; if (in == NULL) { warn("fdopen failed in child"); _exit(ERROR_EXIT); } ch = getc(in); if (ch != EOF) { - register FILE *mail; - register int bytes = 1; - int status = 0; - Debug(DPROC|DEXT, ("[%d] got data (%x:%c) from grandchild\n", getpid(), ch, ch)) /* get name of recipient. this is MAILTO if set to a * valid local username; USER otherwise. */ if (mailto == NULL) { /* MAILTO not present, set to USER, * unless globally overriden. */ if (defmailto) mailto = defmailto; else mailto = usernm; } if (mailto && *mailto == '\0') mailto = NULL; /* if we are supposed to be mailing, MAILTO will * be non-NULL. only in this case should we set * up the mail command and subjects and stuff... */ if (mailto) { register char **env; auto char mailcmd[MAX_COMMAND]; auto char hostname[MAXHOSTNAMELEN]; if (gethostname(hostname, MAXHOSTNAMELEN) == -1) hostname[0] = '\0'; hostname[sizeof(hostname) - 1] = '\0'; (void) snprintf(mailcmd, sizeof(mailcmd), MAILARGS, MAILCMD); - if (!(mail = cron_popen(mailcmd, "w", e))) { + if (!(mail = cron_popen(mailcmd, "w", e, &mailpid))) { warn("%s", MAILCMD); (void) _exit(ERROR_EXIT); } if (mailfrom == NULL || *mailfrom == '\0') fprintf(mail, "From: Cron Daemon <%s@%s>\n", usernm, hostname); else fprintf(mail, "From: Cron Daemon <%s>\n", mailfrom); fprintf(mail, "To: %s\n", mailto); fprintf(mail, "Subject: Cron <%s@%s> %s\n", usernm, first_word(hostname, "."), e->cmd); # if defined(MAIL_DATE) fprintf(mail, "Date: %s\n", arpadate(&TargetTime)); # endif /* MAIL_DATE */ for (env = e->envp; *env; env++) fprintf(mail, "X-Cron-Env: <%s>\n", *env); fprintf(mail, "\n"); /* this was the first char from the pipe */ putc(ch, mail); } /* we have to read the input pipe no matter whether * we mail or not, but obviously we only write to * mail pipe if we ARE mailing. */ while (EOF != (ch = getc(in))) { bytes++; if (mailto) putc(ch, mail); } + } + /*if data from grandchild*/ - /* only close pipe if we opened it -- i.e., we're - * mailing... - */ + Debug(DPROC, ("[%d] got EOF from grandchild\n", getpid())) - if (mailto) { - Debug(DPROC, ("[%d] closing pipe to mail\n", - getpid())) - /* Note: the pclose will probably see - * the termination of the grandchild - * in addition to the mail process, since - * it (the grandchild) is likely to exit - * after closing its stdout. - */ - status = cron_pclose(mail); - } + /* also closes stdout_pipe[READ_PIPE] */ + fclose(in); + } + /* wait for children to die. + */ + if (jobpid > 0) { + WAIT_T waiter; + + waiter = wait_on_child(jobpid, "grandchild command job"); + + /* If everything went well, and -n was set, _and_ we have mail, + * we won't be mailing... so shoot the messenger! + */ + if (WIFEXITED(waiter) && WEXITSTATUS(waiter) == 0 + && (e->flags & MAIL_WHEN_ERR) == MAIL_WHEN_ERR + && mailto) { + Debug(DPROC, ("[%d] %s executed successfully, mail suppressed\n", + getpid(), "grandchild command job")) + kill(mailpid, SIGKILL); + (void)fclose(mail); + mailto = NULL; + } + + + /* only close pipe if we opened it -- i.e., we're + * mailing... + */ + + if (mailto) { + Debug(DPROC, ("[%d] closing pipe to mail\n", + getpid())) + /* Note: the pclose will probably see + * the termination of the grandchild + * in addition to the mail process, since + * it (the grandchild) is likely to exit + * after closing its stdout. + */ + status = cron_pclose(mail); + /* if there was output and we could not mail it, * log the facts so the poor user can figure out * what's going on. */ - if (mailto && status) { + if (status) { char buf[MAX_TEMPSTR]; snprintf(buf, sizeof(buf), "mailed %d byte%s of output but got status 0x%04x\n", bytes, (bytes==1)?"":"s", status); log_it(usernm, getpid(), "MAIL", buf); } + } + } - } /*if data from grandchild*/ + if (*input_data && stdinjob > 0) + wait_on_child(stdinjob, "grandchild stdinjob"); +} - Debug(DPROC, ("[%d] got EOF from grandchild\n", getpid())) +static WAIT_T +wait_on_child(PID_T childpid, const char *name) { + WAIT_T waiter; + PID_T pid; - fclose(in); /* also closes stdout_pipe[READ_PIPE] */ - } + Debug(DPROC, ("[%d] waiting for %s (%d) to finish\n", + getpid(), name, childpid)) - /* wait for children to die. - */ - for (; children > 0; children--) - { - WAIT_T waiter; - PID_T pid; +#ifdef POSIX + while ((pid = waitpid(childpid, &waiter, 0)) < 0 && errno == EINTR) +#else + while ((pid = wait4(childpid, &waiter, 0, NULL)) < 0 && errno == EINTR) +#endif + ; - Debug(DPROC, ("[%d] waiting for grandchild #%d to finish\n", - getpid(), children)) - pid = wait(&waiter); - if (pid < OK) { - Debug(DPROC, ("[%d] no more grandchildren--mail written?\n", - getpid())) - break; - } - Debug(DPROC, ("[%d] grandchild #%d finished, status=%04x", - getpid(), pid, WEXITSTATUS(waiter))) - if (WIFSIGNALED(waiter) && WCOREDUMP(waiter)) - Debug(DPROC, (", dumped core")) - Debug(DPROC, ("\n")) - } + if (pid < OK) + return waiter; + + Debug(DPROC, ("[%d] %s (%d) finished, status=%04x", + getpid(), name, pid, WEXITSTATUS(waiter))) + if (WIFSIGNALED(waiter) && WCOREDUMP(waiter)) + Debug(DPROC, (", dumped core")) + Debug(DPROC, ("\n")) + + return waiter; } static void do_univ(u) user *u; { #if defined(sequent) /* Dynix (Sequent) hack to put the user associated with * the passed user structure into the ATT universe if * necessary. We have to dig the gecos info out of * the user's password entry to see if the magic * "universe(att)" string is present. */ struct passwd *p; char *s; int i; p = getpwuid(u->uid); (void) endpwent(); if (p == NULL) return; s = p->pw_gecos; for (i = 0; i < 4; i++) { if ((s = strchr(s, ',')) == NULL) return; s++; } if (strcmp(s, "universe(att)")) return; (void) universe(U_ATT); #endif } Index: head/usr.sbin/cron/cron/popen.c =================================================================== --- head/usr.sbin/cron/cron/popen.c (revision 352667) +++ head/usr.sbin/cron/cron/popen.c (revision 352668) @@ -1,246 +1,250 @@ /* * Copyright (c) 1988 The Regents of the University of California. * All rights reserved. * * This code is derived from software written by Ken Arnold and * published in UNIX Review, Vol. 6, No. 8. * * Redistribution and use in source and binary forms are permitted * provided that the above copyright notice and this paragraph are * duplicated in all such forms and that any documentation, * advertising materials, and other materials related to such * distribution and use acknowledge that the software was developed * by the University of California, Berkeley. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * */ /* this came out of the ftpd sources; it's been modified to avoid the * globbing stuff since we don't need it. also execvp instead of execv. */ #ifndef lint #if 0 static char sccsid[] = "@(#)popen.c 5.7 (Berkeley) 2/14/89"; #endif static const char rcsid[] = "$FreeBSD$"; #endif /* not lint */ #include "cron.h" #include #include #include #if defined(SYSLOG) # include #endif #if defined(LOGIN_CAP) # include #endif #define MAX_ARGS 100 #define WANT_GLOBBING 0 /* * Special version of popen which avoids call to shell. This insures no one * may create a pipe to a hidden program as a side effect of a list or dir * command. */ static PID_T *pids; static int fds; FILE * -cron_popen(program, type, e) +cron_popen(program, type, e, pidptr) char *program, *type; entry *e; + PID_T *pidptr; { register char *cp; FILE *iop; int argc, pdes[2]; PID_T pid; char *usernm; char *argv[MAX_ARGS + 1]; # if defined(LOGIN_CAP) struct passwd *pwd; login_cap_t *lc; # endif #if WANT_GLOBBING char **pop, *vv[2]; int gargc; char *gargv[1000]; extern char **glob(), **copyblk(); #endif if ((*type != 'r' && *type != 'w') || type[1]) return(NULL); if (!pids) { if ((fds = getdtablesize()) <= 0) return(NULL); if (!(pids = calloc(fds, sizeof(PID_T)))) return(NULL); } if (pipe(pdes) < 0) return(NULL); /* break up string into pieces */ for (argc = 0, cp = program; argc < MAX_ARGS; cp = NULL) if (!(argv[argc++] = strtok(cp, " \t\n"))) break; argv[MAX_ARGS] = NULL; #if WANT_GLOBBING /* glob each piece */ gargv[0] = argv[0]; for (gargc = argc = 1; argv[argc]; argc++) { if (!(pop = glob(argv[argc]))) { /* globbing failed */ vv[0] = argv[argc]; vv[1] = NULL; pop = copyblk(vv); } argv[argc] = (char *)pop; /* save to free later */ while (*pop && gargc < 1000) gargv[gargc++] = *pop++; } gargv[gargc] = NULL; #endif iop = NULL; switch(pid = vfork()) { case -1: /* error */ (void)close(pdes[0]); (void)close(pdes[1]); goto pfree; /* NOTREACHED */ case 0: /* child */ if (e != NULL) { #ifdef SYSLOG closelog(); #endif /* get new pgrp, void tty, etc. */ (void) setsid(); } if (*type == 'r') { /* Do not share our parent's stdin */ (void)close(0); (void)open(_PATH_DEVNULL, O_RDWR); if (pdes[1] != 1) { dup2(pdes[1], 1); dup2(pdes[1], 2); /* stderr, too! */ (void)close(pdes[1]); } (void)close(pdes[0]); } else { if (pdes[0] != 0) { dup2(pdes[0], 0); (void)close(pdes[0]); } /* Hack: stdout gets revoked */ (void)close(1); (void)open(_PATH_DEVNULL, O_RDWR); (void)close(2); (void)open(_PATH_DEVNULL, O_RDWR); (void)close(pdes[1]); } if (e != NULL) { /* Set user's entire context, but skip the environment * as cron provides a separate interface for this */ usernm = env_get("LOGNAME", e->envp); # if defined(LOGIN_CAP) if ((pwd = getpwnam(usernm)) == NULL) pwd = getpwuid(e->uid); lc = NULL; if (pwd != NULL) { pwd->pw_gid = e->gid; if (e->class != NULL) lc = login_getclass(e->class); } if (pwd && setusercontext(lc, pwd, e->uid, LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETENV)) == 0) (void) endpwent(); else { /* fall back to the old method */ (void) endpwent(); # endif /* * Set our directory, uid and gid. Set gid * first since once we set uid, we've lost * root privileges. */ if (setgid(e->gid) != 0) _exit(ERROR_EXIT); # if defined(BSD) if (initgroups(usernm, e->gid) != 0) _exit(ERROR_EXIT); # endif if (setlogin(usernm) != 0) _exit(ERROR_EXIT); if (setuid(e->uid) != 0) _exit(ERROR_EXIT); /* we aren't root after this..*/ #if defined(LOGIN_CAP) } if (lc != NULL) login_close(lc); #endif chdir(env_get("HOME", e->envp)); } #if WANT_GLOBBING execvp(gargv[0], gargv); #else execvp(argv[0], argv); #endif _exit(1); } /* parent; assume fdopen can't fail... */ if (*type == 'r') { iop = fdopen(pdes[0], type); (void)close(pdes[1]); } else { iop = fdopen(pdes[1], type); (void)close(pdes[0]); } pids[fileno(iop)] = pid; pfree: #if WANT_GLOBBING for (argc = 1; argv[argc] != NULL; argc++) { /* blkfree((char **)argv[argc]); */ free((char *)argv[argc]); } #endif + + *pidptr = pid; + return(iop); } int cron_pclose(iop) FILE *iop; { register int fdes; int omask; WAIT_T stat_loc; PID_T pid; /* * pclose returns -1 if stream is not associated with a * `popened' command, or, if already `pclosed'. */ if (pids == 0 || pids[fdes = fileno(iop)] == 0) return(-1); (void)fclose(iop); omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGHUP)); while ((pid = wait(&stat_loc)) != pids[fdes] && pid != -1) ; (void)sigsetmask(omask); pids[fdes] = 0; return (pid == -1 ? -1 : WEXITSTATUS(stat_loc)); } Index: head/usr.sbin/cron/crontab/crontab.5 =================================================================== --- head/usr.sbin/cron/crontab/crontab.5 (revision 352667) +++ head/usr.sbin/cron/crontab/crontab.5 (revision 352668) @@ -1,343 +1,373 @@ .\"/* Copyright 1988,1990,1993,1994 by Paul Vixie .\" * All rights reserved .\" * .\" * Distribute freely, except: don't remove my name from the source or .\" * documentation (don't take credit for my work), mark your changes (don't .\" * get me blamed for your possible bugs), don't alter or remove this .\" * notice. May be sold if buildable source is provided to buyer. No .\" * warrantee of any kind, express or implied, is included with this .\" * software; use at your own risk, responsibility for damages (if any) to .\" * anyone resulting from the use of this software rests entirely with the .\" * user. .\" * .\" * Send bug reports, bug fixes, enhancements, requests, flames, etc., and .\" * I'll try to keep a version up to date. I can be reached as follows: .\" * Paul Vixie uunet!decwrl!vixie!paul .\" */ .\" .\" $FreeBSD$ .\" -.Dd April 19, 2019 +.Dd September 24, 2019 .Dt CRONTAB 5 .Os .Sh NAME .Nm crontab .Nd tables for driving cron .Sh DESCRIPTION A .Nm file contains instructions to the .Xr cron 8 daemon of the general form: ``run this command at this time on this date''. Each user has their own crontab, and commands in any given crontab will be executed as the user who owns the crontab. Uucp and News will usually have their own crontabs, eliminating the need for explicitly running .Xr su 1 as part of a cron command. .Pp Blank lines and leading spaces and tabs are ignored. Lines whose first non-space character is a pound-sign (#) are comments, and are ignored. Note that comments are not allowed on the same line as cron commands, since they will be taken to be part of the command. Similarly, comments are not allowed on the same line as environment variable settings. .Pp An active line in a crontab will be either an environment setting or a cron command. An environment setting is of the form, .Bd -literal name = value .Ed .Pp where the spaces around the equal-sign (=) are optional, and any subsequent non-leading spaces in .Em value will be part of the value assigned to .Em name . The .Em value string may be placed in quotes (single or double, but matching) to preserve leading or trailing blanks. The .Em name string may also be placed in quote (single or double, but matching) to preserve leading, trailing or inner blanks. .Pp Several environment variables are set up automatically by the .Xr cron 8 daemon. .Ev SHELL is set to .Pa /bin/sh , .Ev PATH is set to .Pa /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin , and .Ev LOGNAME and .Ev HOME are set from the .Pa /etc/passwd line of the crontab's owner. .Ev HOME , .Ev PATH and .Ev SHELL may be overridden by settings in the crontab; .Ev LOGNAME may not. .Pp (Another note: the .Ev LOGNAME variable is sometimes called .Ev USER on .Bx systems... On these systems, .Ev USER will be set also). .Pp In addition to .Ev LOGNAME , .Ev HOME , .Ev PATH , and .Ev SHELL , .Xr cron 8 will look at .Ev MAILTO if it has any reason to send mail as a result of running commands in ``this'' crontab. If .Ev MAILTO is defined (and non-empty), mail is sent to the user so named. If .Ev MAILFROM is defined (and non-empty), its value will be used as the from address. .Ev MAILTO may also be used to direct mail to multiple recipients by separating recipient users with a comma. If .Ev MAILTO is defined but empty (MAILTO=""), no mail will be sent. Otherwise mail is sent to the owner of the crontab. This option is useful if you decide on .Pa /bin/mail instead of .Pa /usr/lib/sendmail as your mailer when you install cron -- .Pa /bin/mail does not do aliasing, and UUCP usually does not read its mail. .Pp The format of a cron command is very much the V7 standard, with a number of upward-compatible extensions. Each line has five time and date fields, followed by a user name (with optional ``:'' and ``/'' suffixes) if this is the system crontab file, followed by a command. Commands are executed by .Xr cron 8 when the minute, hour, and month of year fields match the current time, .Em and when at least one of the two day fields (day of month, or day of week) matches the current time (see ``Note'' below). .Xr cron 8 examines cron entries once every minute. The time and date fields are: .Bd -literal -offset indent field allowed values ----- -------------- minute 0-59 hour 0-23 day of month 1-31 month 1-12 (or names, see below) day of week 0-7 (0 or 7 is Sun, or use names) .Ed .Pp A field may be an asterisk (*), which always stands for ``first\-last''. .Pp Ranges of numbers are allowed. Ranges are two numbers separated with a hyphen. The specified range is inclusive. For example, 8-11 for an ``hours'' entry specifies execution at hours 8, 9, 10 and 11. .Pp Lists are allowed. A list is a set of numbers (or ranges) separated by commas. Examples: ``1,2,5,9'', ``0-4,8-12''. .Pp Step values can be used in conjunction with ranges. Following a range with ``/'' specifies skips of the number's value through the range. For example, ``0-23/2'' can be used in the hours field to specify command execution every other hour (the alternative in the V7 standard is ``0,2,4,6,8,10,12,14,16,18,20,22''). Steps are also permitted after an asterisk, so if you want to say ``every two hours'', just use ``*/2''. .Pp Names can also be used for the ``month'' and ``day of week'' fields. Use the first three letters of the particular day or month (case does not matter). Ranges or lists of names are not allowed. .Pp The ``sixth'' field (the rest of the line) specifies the command to be run. +One or more command options may precede the command to modify processing +behavior. The entire command portion of the line, up to a newline or % character, will be executed by .Pa /bin/sh or by the shell specified in the .Ev SHELL variable of the cronfile. Percent-signs (%) in the command, unless escaped with backslash (\\), will be changed into newline characters, and all data after the first % will be sent to the command as standard input. .Pp +The following command options can be supplied: +.Bl -tag -width Ds +.It Fl n +No mail is sent after a successful run. +The execution output will only be mailed if the command exits with a non-zero +exit code. +The +.Fl n +option is an attempt to cure potentially copious volumes of mail coming from +.Xr cron 8 . +.It Fl q +Execution will not be logged. +.El +.sp +Duplicate options are not allowed. +.Pp Note: The day of a command's execution can be specified by two fields \(em day of month, and day of week. If both fields are restricted (ie, are not *), the command will be run when .Em either field matches the current time. For example, ``30 4 1,15 * 5'' would cause a command to be run at 4:30 am on the 1st and 15th of each month, plus every Friday. .Pp Instead of the first five fields, a line may start with .Sq @ symbol followed either by one of eight special strings or by a numeric value. The recognized special strings are: .Bd -literal -offset indent string meaning ------ ------- @reboot Run once, at startup of cron. @yearly Run once a year, "0 0 1 1 *". @annually (same as @yearly) @monthly Run once a month, "0 0 1 * *". @weekly Run once a week, "0 0 * * 0". @daily Run once a day, "0 0 * * *". @midnight (same as @daily) @hourly Run once an hour, "0 * * * *". @every_minute Run once a minute, "*/1 * * * *". @every_second Run once a second. .Ed .Pp The .Sq @ symbol followed by a numeric value has a special notion of running a job that many seconds after completion of the previous invocation of the job. Unlike regular syntax, it guarantees not to overlap two or more invocations of the same job during normal cron execution. Note, however, that overlap may occur if the job is running when the file containing the job is modified and subsequently reloaded. The first run is scheduled for the specified number of seconds after cron is started or the crontab entry is reloaded. .Sh EXAMPLE CRON FILE .Bd -literal # use /bin/sh to run commands, overriding the default set by cron SHELL=/bin/sh # mail any output to `paul', no matter whose crontab this is MAILTO=paul # # run five minutes after midnight, every day 5 0 * * * $HOME/bin/daily.job >> $HOME/tmp/out 2>&1 # run at 2:15pm on the first of every month -- output mailed to paul 15 14 1 * * $HOME/bin/monthly # run at 10 pm on weekdays, annoy Joe 0 22 * * 1-5 mail -s "It's 10pm" joe%Joe,%%Where are your kids?% 23 0-23/2 * * * echo "run 23 minutes after midn, 2am, 4am ..., everyday" 5 4 * * sun echo "run at 5 after 4 every sunday" # run at 5 minutes intervals, no matter how long it takes @300 svnlite up /usr/src +# run every minute, suppress logging +* * * * * -q date +# run every minute, only send mail if ping fails +* * * * * -n ping -c 1 freebsd.org .Ed .Sh SEE ALSO .Xr crontab 1 , .Xr cron 8 .Sh EXTENSIONS When specifying day of week, both day 0 and day 7 will be considered Sunday. .Bx and .Tn ATT seem to disagree about this. .Pp Lists and ranges are allowed to co-exist in the same field. "1-3,7-9" would be rejected by .Tn ATT or .Bx cron -- they want to see "1-3" or "7,8,9" ONLY. .Pp Ranges can include "steps", so "1-9/2" is the same as "1,3,5,7,9". .Pp Names of months or days of the week can be specified by name. .Pp Environment variables can be set in the crontab. In .Bx or .Tn ATT , the environment handed to child processes is basically the one from .Pa /etc/rc . .Pp Command output is mailed to the crontab owner .No ( Bx cannot do this), can be mailed to a person other than the crontab owner (SysV cannot do this), or the feature can be turned off and no mail will be sent at all (SysV cannot do this either). .Pp All of the .Sq @ directives that can appear in place of the first five fields are extensions. +.Pp +Command processing can be modified using command options. +The +.Sq -q +option suppresses logging. +The +.Sq -n +option does not mail on successful run. .Sh AUTHORS .An Paul Vixie Aq Mt paul@vix.com .Sh BUGS If you are in one of the 70-odd countries that observe Daylight Savings Time, jobs scheduled during the rollback or advance may be affected if .Xr cron 8 is not started with the .Fl s flag. In general, it is not a good idea to schedule jobs during this period if .Xr cron 8 is not started with the .Fl s flag, which is enabled by default. See .Xr cron 8 for more details. .Pp For US timezones (except parts of AZ and HI) the time shift occurs at 2AM local time. For others, the output of the .Xr zdump 8 program's verbose .Fl ( v ) option can be used to determine the moment of time shift. Index: head/usr.sbin/cron/lib/entry.c =================================================================== --- head/usr.sbin/cron/lib/entry.c (revision 352667) +++ head/usr.sbin/cron/lib/entry.c (revision 352668) @@ -1,677 +1,726 @@ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved * * Distribute freely, except: don't remove my name from the source or * documentation (don't take credit for my work), mark your changes (don't * get me blamed for your possible bugs), don't alter or remove this * notice. May be sold if buildable source is provided to buyer. No * warrantee of any kind, express or implied, is included with this * software; use at your own risk, responsibility for damages (if any) to * anyone resulting from the use of this software rests entirely with the * user. * * Send bug reports, bug fixes, enhancements, requests, flames, etc., and * I'll try to keep a version up to date. I can be reached as follows: * Paul Vixie uunet!decwrl!vixie!paul */ #if !defined(lint) && !defined(LINT) static const char rcsid[] = "$FreeBSD$"; #endif /* vix 26jan87 [RCS'd; rest of log is in RCS file] * vix 01jan87 [added line-level error recovery] * vix 31dec86 [added /step to the from-to range, per bob@acornrc] * vix 30dec86 [written] */ #include "cron.h" #include #ifdef LOGIN_CAP #include #endif typedef enum ecode { e_none, e_minute, e_hour, e_dom, e_month, e_dow, - e_cmd, e_timespec, e_username, e_group, e_mem + e_cmd, e_timespec, e_username, e_group, e_option, + e_mem #ifdef LOGIN_CAP , e_class #endif } ecode_e; static char get_list(bitstr_t *, int, int, char *[], int, FILE *), get_range(bitstr_t *, int, int, char *[], int, FILE *), get_number(int *, int, char *[], int, FILE *); static int set_element(bitstr_t *, int, int, int); static char *ecodes[] = { "no error", "bad minute", "bad hour", "bad day-of-month", "bad month", "bad day-of-week", "bad command", "bad time specifier", "bad username", "bad group name", + "bad option", "out of memory", #ifdef LOGIN_CAP "bad class name", #endif }; void free_entry(e) entry *e; { #ifdef LOGIN_CAP if (e->class != NULL) free(e->class); #endif if (e->cmd != NULL) free(e->cmd); if (e->envp != NULL) env_free(e->envp); free(e); } /* return NULL if eof or syntax error occurs; * otherwise return a pointer to a new entry. */ entry * load_entry(file, error_func, pw, envp) FILE *file; void (*error_func)(char *); struct passwd *pw; char **envp; { /* this function reads one crontab entry -- the next -- from a file. * it skips any leading blank lines, ignores comments, and returns * EOF if for any reason the entry can't be read and parsed. * * the entry is also parsed here. * * syntax: * user crontab: * minutes hours doms months dows cmd\n * system crontab (/etc/crontab): * minutes hours doms months dows USERNAME cmd\n */ ecode_e ecode = e_none; entry *e; int ch; char cmd[MAX_COMMAND]; char envstr[MAX_ENVSTR]; char **prev_env; Debug(DPARS, ("load_entry()...about to eat comments\n")) skip_comments(file); ch = get_char(file); if (ch == EOF) return NULL; /* ch is now the first useful character of a useful line. * it may be an @special or it may be the first character * of a list of minutes. */ e = (entry *) calloc(sizeof(entry), sizeof(char)); if (e == NULL) { warn("load_entry: calloc failed"); return NULL; } if (ch == '@') { long interval; char *endptr; /* all of these should be flagged and load-limited; i.e., * instead of @hourly meaning "0 * * * *" it should mean * "close to the front of every hour but not 'til the * system load is low". Problems are: how do you know * what "low" means? (save me from /etc/cron.conf!) and: * how to guarantee low variance (how low is low?), which * means how to we run roughly every hour -- seems like * we need to keep a history or let the first hour set * the schedule, which means we aren't load-limited * anymore. too much for my overloaded brain. (vix, jan90) * HINT */ Debug(DPARS, ("load_entry()...about to test shortcuts\n")) ch = get_string(cmd, MAX_COMMAND, file, " \t\n"); if (!strcmp("reboot", cmd)) { Debug(DPARS, ("load_entry()...reboot shortcut\n")) e->flags |= WHEN_REBOOT; } else if (!strcmp("yearly", cmd) || !strcmp("annually", cmd)){ Debug(DPARS, ("load_entry()...yearly shortcut\n")) bit_set(e->second, 0); bit_set(e->minute, 0); bit_set(e->hour, 0); bit_set(e->dom, 0); bit_set(e->month, 0); bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1)); e->flags |= DOW_STAR; } else if (!strcmp("monthly", cmd)) { Debug(DPARS, ("load_entry()...monthly shortcut\n")) bit_set(e->second, 0); bit_set(e->minute, 0); bit_set(e->hour, 0); bit_set(e->dom, 0); bit_nset(e->month, 0, (LAST_MONTH-FIRST_MONTH+1)); bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1)); e->flags |= DOW_STAR; } else if (!strcmp("weekly", cmd)) { Debug(DPARS, ("load_entry()...weekly shortcut\n")) bit_set(e->second, 0); bit_set(e->minute, 0); bit_set(e->hour, 0); bit_nset(e->dom, 0, (LAST_DOM-FIRST_DOM+1)); e->flags |= DOM_STAR; bit_nset(e->month, 0, (LAST_MONTH-FIRST_MONTH+1)); bit_set(e->dow, 0); } else if (!strcmp("daily", cmd) || !strcmp("midnight", cmd)) { Debug(DPARS, ("load_entry()...daily shortcut\n")) bit_set(e->second, 0); bit_set(e->minute, 0); bit_set(e->hour, 0); bit_nset(e->dom, 0, (LAST_DOM-FIRST_DOM+1)); bit_nset(e->month, 0, (LAST_MONTH-FIRST_MONTH+1)); bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1)); } else if (!strcmp("hourly", cmd)) { Debug(DPARS, ("load_entry()...hourly shortcut\n")) bit_set(e->second, 0); bit_set(e->minute, 0); bit_nset(e->hour, 0, (LAST_HOUR-FIRST_HOUR+1)); bit_nset(e->dom, 0, (LAST_DOM-FIRST_DOM+1)); bit_nset(e->month, 0, (LAST_MONTH-FIRST_MONTH+1)); bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1)); } else if (!strcmp("every_minute", cmd)) { Debug(DPARS, ("load_entry()...every_minute shortcut\n")) bit_set(e->second, 0); bit_nset(e->minute, 0, (LAST_MINUTE-FIRST_MINUTE+1)); bit_nset(e->hour, 0, (LAST_HOUR-FIRST_HOUR+1)); bit_nset(e->dom, 0, (LAST_DOM-FIRST_DOM+1)); bit_nset(e->month, 0, (LAST_MONTH-FIRST_MONTH+1)); bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1)); } else if (!strcmp("every_second", cmd)) { Debug(DPARS, ("load_entry()...every_second shortcut\n")) e->flags |= SEC_RES; bit_nset(e->second, 0, (LAST_SECOND-FIRST_SECOND+1)); bit_nset(e->minute, 0, (LAST_MINUTE-FIRST_MINUTE+1)); bit_nset(e->hour, 0, (LAST_HOUR-FIRST_HOUR+1)); bit_nset(e->dom, 0, (LAST_DOM-FIRST_DOM+1)); bit_nset(e->month, 0, (LAST_MONTH-FIRST_MONTH+1)); bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1)); } else if (*cmd != '\0' && (interval = strtol(cmd, &endptr, 10)) > 0 && *endptr == '\0') { Debug(DPARS, ("load_entry()... %ld seconds " "since last run\n", interval)) e->interval = interval; e->flags = INTERVAL; } else { ecode = e_timespec; goto eof; } /* Advance past whitespace between shortcut and * username/command. */ Skip_Blanks(ch, file); if (ch == EOF) { ecode = e_cmd; goto eof; } } else { Debug(DPARS, ("load_entry()...about to parse numerics\n")) bit_set(e->second, 0); ch = get_list(e->minute, FIRST_MINUTE, LAST_MINUTE, PPC_NULL, ch, file); if (ch == EOF) { ecode = e_minute; goto eof; } /* hours */ ch = get_list(e->hour, FIRST_HOUR, LAST_HOUR, PPC_NULL, ch, file); if (ch == EOF) { ecode = e_hour; goto eof; } /* DOM (days of month) */ if (ch == '*') e->flags |= DOM_STAR; ch = get_list(e->dom, FIRST_DOM, LAST_DOM, PPC_NULL, ch, file); if (ch == EOF) { ecode = e_dom; goto eof; } /* month */ ch = get_list(e->month, FIRST_MONTH, LAST_MONTH, MonthNames, ch, file); if (ch == EOF) { ecode = e_month; goto eof; } /* DOW (days of week) */ if (ch == '*') e->flags |= DOW_STAR; ch = get_list(e->dow, FIRST_DOW, LAST_DOW, DowNames, ch, file); if (ch == EOF) { ecode = e_dow; goto eof; } } /* make sundays equivalent */ if (bit_test(e->dow, 0) || bit_test(e->dow, 7)) { bit_set(e->dow, 0); bit_set(e->dow, 7); } /* ch is the first character of a command, or a username */ unget_char(ch, file); if (!pw) { char *username = cmd; /* temp buffer */ char *s; struct group *grp; #ifdef LOGIN_CAP login_cap_t *lc; #endif Debug(DPARS, ("load_entry()...about to parse username\n")) ch = get_string(username, MAX_COMMAND, file, " \t"); Debug(DPARS, ("load_entry()...got %s\n",username)) if (ch == EOF) { ecode = e_cmd; goto eof; } #ifdef LOGIN_CAP if ((s = strrchr(username, '/')) != NULL) { *s = '\0'; e->class = strdup(s + 1); if (e->class == NULL) warn("strdup(\"%s\")", s + 1); } else { e->class = strdup(RESOURCE_RC); if (e->class == NULL) warn("strdup(\"%s\")", RESOURCE_RC); } if (e->class == NULL) { ecode = e_mem; goto eof; } if ((lc = login_getclass(e->class)) == NULL) { ecode = e_class; goto eof; } login_close(lc); #endif grp = NULL; if ((s = strrchr(username, ':')) != NULL) { *s = '\0'; if ((grp = getgrnam(s + 1)) == NULL) { ecode = e_group; goto eof; } } pw = getpwnam(username); if (pw == NULL) { ecode = e_username; goto eof; } if (grp != NULL) pw->pw_gid = grp->gr_gid; Debug(DPARS, ("load_entry()...uid %d, gid %d\n",pw->pw_uid,pw->pw_gid)) #ifdef LOGIN_CAP Debug(DPARS, ("load_entry()...class %s\n",e->class)) #endif } #ifndef PAM /* PAM takes care of account expiration by itself */ if (pw->pw_expire && time(NULL) >= pw->pw_expire) { ecode = e_username; goto eof; } #endif /* !PAM */ e->uid = pw->pw_uid; e->gid = pw->pw_gid; /* copy and fix up environment. some variables are just defaults and * others are overrides. */ e->envp = env_copy(envp); if (e->envp == NULL) { warn("env_copy"); ecode = e_mem; goto eof; } if (!env_get("SHELL", e->envp)) { prev_env = e->envp; sprintf(envstr, "SHELL=%s", _PATH_BSHELL); e->envp = env_set(e->envp, envstr); if (e->envp == NULL) { warn("env_set(%s)", envstr); env_free(prev_env); ecode = e_mem; goto eof; } } if (!env_get("HOME", e->envp)) { prev_env = e->envp; sprintf(envstr, "HOME=%s", pw->pw_dir); e->envp = env_set(e->envp, envstr); if (e->envp == NULL) { warn("env_set(%s)", envstr); env_free(prev_env); ecode = e_mem; goto eof; } } if (!env_get("PATH", e->envp)) { prev_env = e->envp; sprintf(envstr, "PATH=%s", _PATH_DEFPATH); e->envp = env_set(e->envp, envstr); if (e->envp == NULL) { warn("env_set(%s)", envstr); env_free(prev_env); ecode = e_mem; goto eof; } } prev_env = e->envp; sprintf(envstr, "%s=%s", "LOGNAME", pw->pw_name); e->envp = env_set(e->envp, envstr); if (e->envp == NULL) { warn("env_set(%s)", envstr); env_free(prev_env); ecode = e_mem; goto eof; } #if defined(BSD) prev_env = e->envp; sprintf(envstr, "%s=%s", "USER", pw->pw_name); e->envp = env_set(e->envp, envstr); if (e->envp == NULL) { warn("env_set(%s)", envstr); env_free(prev_env); ecode = e_mem; goto eof; } #endif + + Debug(DPARS, ("load_entry()...checking for command options\n")) + + ch = get_char(file); + + while (ch == '-') { + Debug(DPARS|DEXT, ("load_entry()...expecting option\n")) + switch (ch = get_char(file)) { + case 'n': + Debug(DPARS|DEXT, ("load_entry()...got MAIL_WHEN_ERR ('n') option\n")) + /* only allow the user to set the option once */ + if ((e->flags & MAIL_WHEN_ERR) == MAIL_WHEN_ERR) { + Debug(DPARS|DEXT, ("load_entry()...duplicate MAIL_WHEN_ERR ('n') option\n")) + ecode = e_option; + goto eof; + } + e->flags |= MAIL_WHEN_ERR; + break; + case 'q': + Debug(DPARS|DEXT, ("load_entry()...got DONT_LOG ('q') option\n")) + /* only allow the user to set the option once */ + if ((e->flags & DONT_LOG) == DONT_LOG) { + Debug(DPARS|DEXT, ("load_entry()...duplicate DONT_LOG ('q') option\n")) + ecode = e_option; + goto eof; + } + e->flags |= DONT_LOG; + break; + default: + Debug(DPARS|DEXT, ("load_entry()...invalid option '%c'\n", ch)) + ecode = e_option; + goto eof; + } + ch = get_char(file); + if (ch!='\t' && ch!=' ') { + ecode = e_option; + goto eof; + } + + Skip_Blanks(ch, file) + if (ch == EOF || ch == '\n') { + ecode = e_cmd; + goto eof; + } + } + + unget_char(ch, file); Debug(DPARS, ("load_entry()...about to parse command\n")) /* Everything up to the next \n or EOF is part of the command... * too bad we don't know in advance how long it will be, since we * need to malloc a string for it... so, we limit it to MAX_COMMAND. * XXX - should use realloc(). */ ch = get_string(cmd, MAX_COMMAND, file, "\n"); /* a file without a \n before the EOF is rude, so we'll complain... */ if (ch == EOF) { ecode = e_cmd; goto eof; } /* got the command in the 'cmd' string; save it in *e. */ e->cmd = strdup(cmd); if (e->cmd == NULL) { warn("strdup(\"%s\")", cmd); ecode = e_mem; goto eof; } Debug(DPARS, ("load_entry()...returning successfully\n")) /* success, fini, return pointer to the entry we just created... */ return e; eof: free_entry(e); if (ecode != e_none && error_func) (*error_func)(ecodes[(int)ecode]); while (ch != EOF && ch != '\n') ch = get_char(file); return NULL; } static char get_list(bits, low, high, names, ch, file) bitstr_t *bits; /* one bit per flag, default=FALSE */ int low, high; /* bounds, impl. offset for bitstr */ char *names[]; /* NULL or *[] of names for these elements */ int ch; /* current character being processed */ FILE *file; /* file being read */ { register int done; /* we know that we point to a non-blank character here; * must do a Skip_Blanks before we exit, so that the * next call (or the code that picks up the cmd) can * assume the same thing. */ Debug(DPARS|DEXT, ("get_list()...entered\n")) /* list = range {"," range} */ /* clear the bit string, since the default is 'off'. */ bit_nclear(bits, 0, (high-low+1)); /* process all ranges */ done = FALSE; while (!done) { ch = get_range(bits, low, high, names, ch, file); if (ch == ',') ch = get_char(file); else done = TRUE; } /* exiting. skip to some blanks, then skip over the blanks. */ Skip_Nonblanks(ch, file) Skip_Blanks(ch, file) Debug(DPARS|DEXT, ("get_list()...exiting w/ %02x\n", ch)) return ch; } static char get_range(bits, low, high, names, ch, file) bitstr_t *bits; /* one bit per flag, default=FALSE */ int low, high; /* bounds, impl. offset for bitstr */ char *names[]; /* NULL or names of elements */ int ch; /* current character being processed */ FILE *file; /* file being read */ { /* range = number | number "-" number [ "/" number ] */ register int i; auto int num1, num2, num3; Debug(DPARS|DEXT, ("get_range()...entering, exit won't show\n")) if (ch == '*') { /* '*' means "first-last" but can still be modified by /step */ num1 = low; num2 = high; ch = get_char(file); if (ch == EOF) return EOF; } else { if (EOF == (ch = get_number(&num1, low, names, ch, file))) return EOF; if (ch == '/') num2 = high; else if (ch != '-') { /* not a range, it's a single number. */ if (EOF == set_element(bits, low, high, num1)) return EOF; return ch; } else { /* eat the dash */ ch = get_char(file); if (ch == EOF) return EOF; /* get the number following the dash */ ch = get_number(&num2, low, names, ch, file); if (ch == EOF) return EOF; } } /* check for step size */ if (ch == '/') { /* eat the slash */ ch = get_char(file); if (ch == EOF) return EOF; /* get the step size -- note: we don't pass the * names here, because the number is not an * element id, it's a step size. 'low' is * sent as a 0 since there is no offset either. */ ch = get_number(&num3, 0, PPC_NULL, ch, file); if (ch == EOF || num3 == 0) return EOF; } else { /* no step. default==1. */ num3 = 1; } /* range. set all elements from num1 to num2, stepping * by num3. (the step is a downward-compatible extension * proposed conceptually by bob@acornrc, syntactically * designed then implmented by paul vixie). */ for (i = num1; i <= num2; i += num3) if (EOF == set_element(bits, low, high, i)) return EOF; return ch; } static char get_number(numptr, low, names, ch, file) int *numptr; /* where does the result go? */ int low; /* offset applied to result if symbolic enum used */ char *names[]; /* symbolic names, if any, for enums */ int ch; /* current character */ FILE *file; /* source */ { char temp[MAX_TEMPSTR], *pc; int len, i, all_digits; /* collect alphanumerics into our fixed-size temp array */ pc = temp; len = 0; all_digits = TRUE; while (isalnum(ch)) { if (++len >= MAX_TEMPSTR) return EOF; *pc++ = ch; if (!isdigit(ch)) all_digits = FALSE; ch = get_char(file); } *pc = '\0'; if (len == 0) return (EOF); /* try to find the name in the name list */ if (names) { for (i = 0; names[i] != NULL; i++) { Debug(DPARS|DEXT, ("get_num, compare(%s,%s)\n", names[i], temp)) if (!strcasecmp(names[i], temp)) { *numptr = i+low; return ch; } } } /* no name list specified, or there is one and our string isn't * in it. either way: if it's all digits, use its magnitude. * otherwise, it's an error. */ if (all_digits) { *numptr = atoi(temp); return ch; } return EOF; } static int set_element(bits, low, high, number) bitstr_t *bits; /* one bit per flag, default=FALSE */ int low; int high; int number; { Debug(DPARS|DEXT, ("set_element(?,%d,%d,%d)\n", low, high, number)) if (number < low || number > high) return EOF; bit_set(bits, (number-low)); return OK; }