1b89321a5SAndrey A. Chernov /* 2b89321a5SAndrey A. Chernov * perm.c - check user permission for at(1) 3b89321a5SAndrey A. Chernov * Copyright (C) 1994 Thomas Koenig 4b89321a5SAndrey A. Chernov * 5b89321a5SAndrey A. Chernov * Redistribution and use in source and binary forms, with or without 6b89321a5SAndrey A. Chernov * modification, are permitted provided that the following conditions 7b89321a5SAndrey A. Chernov * are met: 8b89321a5SAndrey A. Chernov * 1. Redistributions of source code must retain the above copyright 9b89321a5SAndrey A. Chernov * notice, this list of conditions and the following disclaimer. 10b89321a5SAndrey A. Chernov * 2. The name of the author(s) may not be used to endorse or promote 11b89321a5SAndrey A. Chernov * products derived from this software without specific prior written 12b89321a5SAndrey A. Chernov * permission. 13b89321a5SAndrey A. Chernov * 14b89321a5SAndrey A. Chernov * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 15b89321a5SAndrey A. Chernov * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16b89321a5SAndrey A. Chernov * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17ddcf8022SAndrey A. Chernov * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 18b89321a5SAndrey A. Chernov * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19b89321a5SAndrey A. Chernov * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20b89321a5SAndrey A. Chernov * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21b89321a5SAndrey A. Chernov * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22b89321a5SAndrey A. Chernov * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23b89321a5SAndrey A. Chernov * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24b89321a5SAndrey A. Chernov */ 25b89321a5SAndrey A. Chernov 2651e2220cSMark Murray #include <sys/cdefs.h> 2751e2220cSMark Murray 2851e2220cSMark Murray __FBSDID("$FreeBSD$"); 2981c8c7a4SPhilippe Charnier 30b89321a5SAndrey A. Chernov /* System Headers */ 31b89321a5SAndrey A. Chernov 32b89321a5SAndrey A. Chernov #include <sys/types.h> 3381c8c7a4SPhilippe Charnier #include <err.h> 34b89321a5SAndrey A. Chernov #include <errno.h> 35b89321a5SAndrey A. Chernov #include <pwd.h> 36b89321a5SAndrey A. Chernov #include <stddef.h> 37b89321a5SAndrey A. Chernov #include <stdio.h> 38b89321a5SAndrey A. Chernov #include <stdlib.h> 39b89321a5SAndrey A. Chernov #include <string.h> 40b89321a5SAndrey A. Chernov #include <unistd.h> 41b89321a5SAndrey A. Chernov 42b89321a5SAndrey A. Chernov /* Local headers */ 43b89321a5SAndrey A. Chernov 44b89321a5SAndrey A. Chernov #include "at.h" 453ce6c357SMark Murray #include "perm.h" 463ce6c357SMark Murray #include "privs.h" 47b89321a5SAndrey A. Chernov 48b89321a5SAndrey A. Chernov /* Macros */ 49b89321a5SAndrey A. Chernov 50b89321a5SAndrey A. Chernov #define MAXUSERID 10 51b89321a5SAndrey A. Chernov 52b89321a5SAndrey A. Chernov /* Structures and unions */ 53b89321a5SAndrey A. Chernov 54b89321a5SAndrey A. Chernov /* Function declarations */ 55b89321a5SAndrey A. Chernov 56b89321a5SAndrey A. Chernov static int check_for_user(FILE *fp,const char *name); 57b89321a5SAndrey A. Chernov 58b89321a5SAndrey A. Chernov /* Local functions */ 59b89321a5SAndrey A. Chernov 60b89321a5SAndrey A. Chernov static int check_for_user(FILE *fp,const char *name) 61b89321a5SAndrey A. Chernov { 62b89321a5SAndrey A. Chernov char *buffer; 63b89321a5SAndrey A. Chernov size_t len; 64b89321a5SAndrey A. Chernov int found = 0; 65b89321a5SAndrey A. Chernov 66b89321a5SAndrey A. Chernov len = strlen(name); 67a9be9be8SDavid E. O'Brien if ((buffer = malloc(len+2)) == NULL) 68a9be9be8SDavid E. O'Brien errx(EXIT_FAILURE, "virtual memory exhausted"); 69b89321a5SAndrey A. Chernov 70b89321a5SAndrey A. Chernov while(fgets(buffer, len+2, fp) != NULL) 71b89321a5SAndrey A. Chernov { 72b89321a5SAndrey A. Chernov if ((strncmp(name, buffer, len) == 0) && 73b89321a5SAndrey A. Chernov (buffer[len] == '\n')) 74b89321a5SAndrey A. Chernov { 75b89321a5SAndrey A. Chernov found = 1; 76b89321a5SAndrey A. Chernov break; 77b89321a5SAndrey A. Chernov } 78b89321a5SAndrey A. Chernov } 79b89321a5SAndrey A. Chernov fclose(fp); 80b89321a5SAndrey A. Chernov free(buffer); 81b89321a5SAndrey A. Chernov return found; 82b89321a5SAndrey A. Chernov } 83b89321a5SAndrey A. Chernov /* Global functions */ 843ce6c357SMark Murray int check_permission(void) 85b89321a5SAndrey A. Chernov { 86b89321a5SAndrey A. Chernov FILE *fp; 87b89321a5SAndrey A. Chernov uid_t uid = geteuid(); 88b89321a5SAndrey A. Chernov struct passwd *pentry; 89b89321a5SAndrey A. Chernov 90b89321a5SAndrey A. Chernov if (uid==0) 91b89321a5SAndrey A. Chernov return 1; 92b89321a5SAndrey A. Chernov 93b89321a5SAndrey A. Chernov if ((pentry = getpwuid(uid)) == NULL) 9481c8c7a4SPhilippe Charnier err(EXIT_FAILURE, "cannot access user database"); 95b89321a5SAndrey A. Chernov 96b89321a5SAndrey A. Chernov PRIV_START 97b89321a5SAndrey A. Chernov 98b89321a5SAndrey A. Chernov fp=fopen(PERM_PATH "at.allow","r"); 99b89321a5SAndrey A. Chernov 100b89321a5SAndrey A. Chernov PRIV_END 101b89321a5SAndrey A. Chernov 102b89321a5SAndrey A. Chernov if (fp != NULL) 103b89321a5SAndrey A. Chernov { 104b89321a5SAndrey A. Chernov return check_for_user(fp, pentry->pw_name); 105b89321a5SAndrey A. Chernov } 1064d294cadSBill Fumerola else if (errno == ENOENT) 107b89321a5SAndrey A. Chernov { 108b89321a5SAndrey A. Chernov 109b89321a5SAndrey A. Chernov PRIV_START 110b89321a5SAndrey A. Chernov 111b89321a5SAndrey A. Chernov fp=fopen(PERM_PATH "at.deny", "r"); 112b89321a5SAndrey A. Chernov 113b89321a5SAndrey A. Chernov PRIV_END 114b89321a5SAndrey A. Chernov 115b89321a5SAndrey A. Chernov if (fp != NULL) 116b89321a5SAndrey A. Chernov { 117b89321a5SAndrey A. Chernov return !check_for_user(fp, pentry->pw_name); 118b89321a5SAndrey A. Chernov } 1194d294cadSBill Fumerola else if (errno != ENOENT) 12081c8c7a4SPhilippe Charnier warn("at.deny"); 121b89321a5SAndrey A. Chernov } 1224d294cadSBill Fumerola else 12381c8c7a4SPhilippe Charnier warn("at.allow"); 124b89321a5SAndrey A. Chernov return 0; 125b89321a5SAndrey A. Chernov } 126