contrib/tcp_wrappers/shell_cmd.c

2aef6930SMark Murray /*
2aef6930SMark Murray  * shell_cmd() takes a shell command after %<character> substitutions. The
2aef6930SMark Murray  * command is executed by a /bin/sh child process, with standard input,
2aef6930SMark Murray  * standard output and standard error connected to /dev/null.
2aef6930SMark Murray  *
2aef6930SMark Murray  * Diagnostics are reported through syslog(3).
2aef6930SMark Murray  *
2aef6930SMark Murray  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
2aef6930SMark Murray  */
2aef6930SMark Murray
2aef6930SMark Murray#ifndef lint
2aef6930SMark Murraystatic char sccsid[] = "@(#) shell_cmd.c 1.5 94/12/28 17:42:44";
2aef6930SMark Murray#endif
2aef6930SMark Murray
2aef6930SMark Murray/* System libraries. */
2aef6930SMark Murray
2aef6930SMark Murray#include <sys/types.h>
2aef6930SMark Murray#include <sys/param.h>
46bcf11dSSean Bruno#include <sys/wait.h>
2aef6930SMark Murray#include <signal.h>
2aef6930SMark Murray#include <stdio.h>
2aef6930SMark Murray#include <syslog.h>
2aef6930SMark Murray#include <string.h>
46bcf11dSSean Bruno#include <unistd.h>
46bcf11dSSean Bruno#include <fcntl.h>
2aef6930SMark Murray
2aef6930SMark Murrayextern void exit();
2aef6930SMark Murray
2aef6930SMark Murray/* Local stuff. */
2aef6930SMark Murray
2aef6930SMark Murray#include "tcpd.h"
2aef6930SMark Murray
2aef6930SMark Murray/* Forward declarations. */
2aef6930SMark Murray
068ad27dSBrooks Davisstatic void do_child(char *command);
2aef6930SMark Murray
2aef6930SMark Murray/* shell_cmd - execute shell command */
2aef6930SMark Murray
*14f102eaSEd Mastevoid    shell_cmd(char *command)
2aef6930SMark Murray{
2aef6930SMark Murray    int     child_pid;
2aef6930SMark Murray    int     wait_pid;
2aef6930SMark Murray
2aef6930SMark Murray    /*
2aef6930SMark Murray     * Most of the work is done within the child process, to minimize the
2aef6930SMark Murray     * risk of damage to the parent.
2aef6930SMark Murray     */
2aef6930SMark Murray
2aef6930SMark Murray    switch (child_pid = fork()) {
2aef6930SMark Murray    case -1:					/* error */
2aef6930SMark Murray	tcpd_warn("cannot fork: %m");
2aef6930SMark Murray	break;
2aef6930SMark Murray    case 00:					/* child */
2aef6930SMark Murray	do_child(command);
2aef6930SMark Murray	/* NOTREACHED */
2aef6930SMark Murray    default:					/* parent */
2aef6930SMark Murray	while ((wait_pid = wait((int *) 0)) != -1 && wait_pid != child_pid)
2aef6930SMark Murray	     /* void */ ;
2aef6930SMark Murray    }
2aef6930SMark Murray}
2aef6930SMark Murray
2aef6930SMark Murray/* do_child - exec command with { stdin, stdout, stderr } to /dev/null */
2aef6930SMark Murray
068ad27dSBrooks Davisstatic void do_child(char *command)
2aef6930SMark Murray{
2aef6930SMark Murray    char   *error;
2aef6930SMark Murray    int     tmp_fd;
2aef6930SMark Murray
2aef6930SMark Murray    /*
2aef6930SMark Murray     * Systems with POSIX sessions may send a SIGHUP to grandchildren if the
2aef6930SMark Murray     * child exits first. This is sick, sessions were invented for terminals.
2aef6930SMark Murray     */
2aef6930SMark Murray
2aef6930SMark Murray    signal(SIGHUP, SIG_IGN);
2aef6930SMark Murray
2aef6930SMark Murray    /* Set up new stdin, stdout, stderr, and exec the shell command. */
2aef6930SMark Murray
2aef6930SMark Murray    for (tmp_fd = 0; tmp_fd < 3; tmp_fd++)
2aef6930SMark Murray	(void) close(tmp_fd);
2aef6930SMark Murray    if (open("/dev/null", 2) != 0) {
2aef6930SMark Murray	error = "open /dev/null: %m";
2aef6930SMark Murray    } else if (dup(0) != 1 || dup(0) != 2) {
2aef6930SMark Murray	error = "dup: %m";
2aef6930SMark Murray    } else {
2aef6930SMark Murray	(void) execl("/bin/sh", "sh", "-c", command, (char *) 0);
2aef6930SMark Murray	error = "execl /bin/sh: %m";
2aef6930SMark Murray    }
2aef6930SMark Murray
2aef6930SMark Murray    /* Something went wrong. We MUST terminate the child process. */
2aef6930SMark Murray
2aef6930SMark Murray    tcpd_warn(error);
2aef6930SMark Murray    _exit(0);
2aef6930SMark Murray}