-Make the /etc/authpf/authpf.conf config file required.

-Change authpf to install setuid by default, and exit with a tattling
syslog message if a user runs it without a config file present.
-Change man page to reflect this.

3 files changed, 29 insertions, 12 deletions

diff --git a/usr.sbin/authpf/Makefile b/usr.sbin/authpf/Makefile
index d99167a52d1..76100aa916a 100644
--- a/usr.sbin/authpf/Makefile
+++ b/usr.sbin/authpf/Makefile
@@ -1,7 +1,9 @@
-#	$OpenBSD: Makefile,v 1.1 2002/04/01 17:43:42 beck Exp $
+#	$OpenBSD: Makefile,v 1.2 2002/04/01 18:26:04 beck Exp $
 
 PROG=	authpf
 MAN=	authpf.8
+BINOWN= root
+BINMODE= 4555
 SRCS=	authpf.c parse.y pfctl_parser.c
 CFLAGS+= -I${.CURDIR}/../../sbin/pfctl -Wall -Werror
 .PATH:  ${.CURDIR}/../../sbin/pfctl
diff --git a/usr.sbin/authpf/authpf.8 b/usr.sbin/authpf/authpf.8
index f3e49281665..62c655c3b8a 100644
--- a/usr.sbin/authpf/authpf.8
+++ b/usr.sbin/authpf/authpf.8
@@ -1,4 +1,4 @@
-\" $OpenBSD: authpf.8,v 1.1 2002/04/01 17:43:42 beck Exp $
+\" $OpenBSD: authpf.8,v 1.2 2002/04/01 18:26:04 beck Exp $
 .\"
 .\" Copyright (c) 2002 Bob Beck (beck@openbsd.org>.  All rights reserved.
 .\"
@@ -116,8 +116,10 @@ file is optional.
 .Sh OPTIONS
 Options are controlled by the 
 .Pa /etc/authpf/authpf.conf
-file. This file is optional, is not needed unless the default behavior
-needs to be changed. The file consists of pairs of the form
+file. This file is required to be present and readable for
+.Nm
+to run. It may be empty if the default behavior does
+not need to be changed. The file consists of pairs of the form
 .Li name=value
 one per line. Currently, the allowed values are as follows:
 .Bl -tag -width Ds
@@ -217,14 +219,20 @@ or
 facilities.
 .Pp
 .Nm
-must be setuid-root in order to modify the packet filter and translation
-rules, though it is not installed with the setuid bit turned on. After
-considering the effect
+modifies the packet filter and address translation rules, and because
+of this it needs to be configured carefully. After considering the effect
+.Nm
+may have on the main packet filter rules, the system administrator may
+enable 
 .Nm
-may have on the main packet filter rules, the system administrator may run
-the following command to enable
+by creating an appropriate
+.Pa /etc/authpf/authpf.conf
+file. Should someone attempt to run
 .Nm
-: "chmod +s /usr/sbin/authpf" .
+when the 
+.Pa /etc/authpf/authpf.conf
+file does not exist, the attempt will be logged to 
+.Xr syslog 8
 .Sh EXAMPLES
 \fBControl Files\fP - To illustrate the user-specific access control
 mechanisms, let us consider a typical user named bob. Normally, as long as
diff --git a/usr.sbin/authpf/authpf.c b/usr.sbin/authpf/authpf.c
index f065343f1a2..f14677742cc 100644
--- a/usr.sbin/authpf/authpf.c
+++ b/usr.sbin/authpf/authpf.c
@@ -295,8 +295,15 @@ read_config(void)
 	FILE *f;
 
 	f = fopen(configfile, "r");
-	if (f == NULL)
-		return; /* fail silently, run with defaults */
+	if (f == NULL) {
+		if (errno == ENOTDIR || errno == ENOENT)
+			/* if the config file is not present, refuse to run */
+			syslog(LOG_INFO, "run by uid %d but no %s file exits",
+			    getuid(), configfile);
+		else 
+			syslog(LOG_INFO, "can't open %s (%m)", configfile);
+		exit(EX_CONFIG);
+	}
 
 	do {
 		char **ap, *pair[4], *cp, *tp;