Home | History | Annotate | Line # | Download | only in dist
      1 /*	$NetBSD: popen.c,v 1.6 2018/06/14 22:04:28 christos Exp $	*/
      2 
      3 /*
      4  * Copyright (c) 1988, 1993, 1994
      5  *	The Regents of the University of California.  All rights reserved.
      6  *
      7  * This code is derived from software written by Ken Arnold and
      8  * published in UNIX Review, Vol. 6, No. 8.
      9  *
     10  * Redistribution and use in source and binary forms, with or without
     11  * modification, are permitted provided that the following conditions
     12  * are met:
     13  * 1. Redistributions of source code must retain the above copyright
     14  *    notice, this list of conditions and the following disclaimer.
     15  * 2. Redistributions in binary form must reproduce the above copyright
     16  *    notice, this list of conditions and the following disclaimer in the
     17  *    documentation and/or other materials provided with the distribution.
     18  * 3. All advertising materials mentioning features or use of this software
     19  *    must display the following acknowledgement:
     20  *	This product includes software developed by the University of
     21  *	California, Berkeley and its contributors.
     22  *
     23  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     33  * SUCH DAMAGE.
     34  *
     35  */
     36 
     37 /* this came out of the ftpd sources; it's been modified to avoid the
     38  * globbing stuff since we don't need it.  also execvp instead of execv.
     39  */
     40 
     41 #include <sys/cdefs.h>
     42 #ifndef lint
     43 #if 0
     44 static sccsid[] = "@(#)popen.c	8.3 (Berkeley) 4/6/94";
     45 static char rcsid[] = "Id: popen.c,v 1.6 2003/02/16 04:40:01 vixie Exp";
     46 #else
     47 __RCSID("$NetBSD: popen.c,v 1.6 2018/06/14 22:04:28 christos Exp $");
     48 #endif
     49 #endif /* not lint */
     50 
     51 #include "cron.h"
     52 
     53 #define MAX_ARGV	100
     54 #define MAX_GARGV	1000
     55 
     56 /*
     57  * Special version of popen which avoids call to shell.  This ensures noone
     58  * may create a pipe to a hidden program as a side effect of a list or dir
     59  * command.
     60  */
     61 static PID_T *pids;
     62 
     63 FILE *
     64 cron_popen(char *program, const char *type, struct passwd *pw) {
     65 	char *cp;
     66 	FILE *iop;
     67 	int argc, pdes[2];
     68 	PID_T pid;
     69 	char *argv[MAX_ARGV];
     70 
     71 	if ((*type != 'r' && *type != 'w') || type[1] != '\0')
     72 		return (NULL);
     73 
     74 	if (!pids) {
     75 		size_t len;
     76 		long fds;
     77 		if ((fds = sysconf(_SC_OPEN_MAX)) <= 0)
     78 			return (NULL);
     79 		len = (size_t)fds * sizeof(*pids);
     80 		if ((pids = malloc(len)) == NULL)
     81 			return (NULL);
     82 		(void)memset(pids, 0, len);
     83 	}
     84 	if (pipe(pdes) < 0)
     85 		return (NULL);
     86 
     87 	/* break up string into pieces */
     88 	for (argc = 0, cp = program; argc < MAX_ARGV - 1; cp = NULL)
     89 		if (!(argv[argc++] = strtok(cp, " \t\n")))
     90 			break;
     91 	argv[MAX_ARGV-1] = NULL;
     92 
     93 	switch (pid = vfork()) {
     94 	case -1:			/* error */
     95 		(void)close(pdes[0]);
     96 		(void)close(pdes[1]);
     97 		return (NULL);
     98 		/* NOTREACHED */
     99 	case 0:				/* child */
    100 		if (pw) {
    101 			if (setsid() == -1)
    102 				warn("setsid() failed for %s", pw->pw_name);
    103 #ifdef LOGIN_CAP
    104 			if (setusercontext(0, pw, pw->pw_uid, LOGIN_SETALL) < 0)
    105 			{
    106 				warn("setusercontext() failed for %s",
    107 				    pw->pw_name);
    108 				_exit(ERROR_EXIT);
    109 			}
    110 #else
    111 			if (setgid(pw->pw_gid) < 0 ||
    112 			    initgroups(pw->pw_name, pw->pw_gid) < 0) {
    113 				warn("unable to set groups for %s",
    114 				    pw->pw_name);
    115 				_exit(ERROR_EXIT);
    116 			}
    117 #if (defined(BSD)) && (BSD >= 199103)
    118 			if (setlogin(pw->pw_name) < 0) {
    119 				warn("setlogin() failed for %s",
    120 				    pw->pw_name);
    121 				_exit(ERROR_EXIT);
    122 			}
    123 #endif /* BSD */
    124 #ifdef USE_PAM
    125 			if (!cron_pam_setcred())
    126 				_exit(1);
    127 			cron_pam_child_close();
    128 #endif
    129 			if (setuid(pw->pw_uid)) {
    130 				warn("unable to set uid for %s", pw->pw_name);
    131 				_exit(ERROR_EXIT);
    132 			}
    133 #endif /* LOGIN_CAP */
    134 		}
    135 		if (*type == 'r') {
    136 			if (pdes[1] != STDOUT) {
    137 				(void)dup2(pdes[1], STDOUT);
    138 				(void)close(pdes[1]);
    139 			}
    140 			(void)dup2(STDOUT, STDERR);	/* stderr too! */
    141 			(void)close(pdes[0]);
    142 		} else {
    143 			if (pdes[0] != STDIN) {
    144 				(void)dup2(pdes[0], STDIN);
    145 				(void)close(pdes[0]);
    146 			}
    147 			(void)close(pdes[1]);
    148 		}
    149 		(void)execvp(argv[0], argv);
    150 		_exit(ERROR_EXIT);
    151 	}
    152 
    153 	/* parent; assume fdopen can't fail...  */
    154 	if (*type == 'r') {
    155 		iop = fdopen(pdes[0], type);
    156 		(void)close(pdes[1]);
    157 	} else {
    158 		iop = fdopen(pdes[1], type);
    159 		(void)close(pdes[0]);
    160 	}
    161 	pids[fileno(iop)] = pid;
    162 
    163 	return (iop);
    164 }
    165 
    166 static int
    167 cron_finalize(FILE *iop, int sig) {
    168 	int fdes;
    169 	PID_T pid;
    170 	WAIT_T status;
    171 	sigset_t sset, osset;
    172 
    173 	/*
    174 	 * pclose returns -1 if stream is not associated with a
    175 	 * `popened' command, or, if already `pclosed'.
    176 	 */
    177 	if (pids == 0 || pids[fdes = fileno(iop)] == 0)
    178 		return (-1);
    179 
    180 	if (sig) {
    181 		if (kill(pids[fdes], sig) == -1)
    182 			return -1;
    183 	} else {
    184 		(void)fclose(iop);
    185 	}
    186 	(void)sigemptyset(&sset);
    187 	(void)sigaddset(&sset, SIGINT);
    188 	(void)sigaddset(&sset, SIGQUIT);
    189 	(void)sigaddset(&sset, SIGHUP);
    190 	(void)sigprocmask(SIG_BLOCK, &sset, &osset);
    191 	while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR)
    192 		continue;
    193 	(void)sigprocmask(SIG_SETMASK, &osset, NULL);
    194 	if (sig)
    195 		(void)fclose(iop);
    196 	pids[fdes] = 0;
    197 	if (pid < 0)
    198 		return pid;
    199 	if (WIFEXITED(status))
    200 		return WEXITSTATUS(status);
    201 	else
    202 		return WTERMSIG(status);
    203 }
    204 
    205 int
    206 cron_pclose(FILE *iop) {
    207 	return cron_finalize(iop, 0);
    208 }
    209 
    210 int
    211 cron_pabort(FILE *iop) {
    212 	int e = cron_finalize(iop, SIGKILL);
    213 	return e == SIGKILL ? 0 : e;
    214 }
    215