diff options
| author |   millert <millert@openbsd.org> | 2015-11-15 23:24:24 +0000 |
|---|---|---|
| committer | millert <millert@openbsd.org> | 2015-11-15 23:24:24 +0000 |
| commit | b8c5c73d23eeed993a1fea57b489844f2561bef0 (patch) | |
| tree | 57c15335c39753ccc81bb2cc4b5cb38fbfd17758 | |
| parent | pledge "stdio rpath wpath cpath fattr getpw flock id proc exec" at the (diff) | |
| download | wireguard-openbsd-b8c5c73d23eeed993a1fea57b489844f2561bef0.tar.xz wireguard-openbsd-b8c5c73d23eeed993a1fea57b489844f2561bef0.zip | |
Clean up the remaining uses of stderr and perror() and use warn/err
and/or syslog depending on whether stderr is hooked up at the time.
Also remove closelog() which is not needed since we are headed for exec.
OK guenther@
| -rw-r--r-- | usr.sbin/cron/atrun.c | 90 | ||||
| -rw-r--r-- | usr.sbin/cron/cron.c | 21 | ||||
| -rw-r--r-- | usr.sbin/cron/do_command.c | 109 | ||||
| -rw-r--r-- | usr.sbin/cron/popen.c | 10 | ||||
| -rw-r--r-- | usr.sbin/cron/user.c | 6 |
5 files changed, 128 insertions, 108 deletions
diff --git a/usr.sbin/cron/atrun.c b/usr.sbin/cron/atrun.c index 1ab65985151..8e29b877130 100644 --- a/usr.sbin/cron/atrun.c +++ b/usr.sbin/cron/atrun.c @@ -1,4 +1,4 @@ -/* $OpenBSD: atrun.c,v 1.40 2015/11/14 13:09:14 millert Exp $ */ +/* $OpenBSD: atrun.c,v 1.41 2015/11/15 23:24:24 millert Exp $ */ /* * Copyright (c) 2002-2003 Todd C. Miller <Todd.Miller@courtesan.com> @@ -29,6 +29,7 @@ #include <bsd_auth.h> #include <ctype.h> #include <dirent.h> +#include <err.h> #include <errno.h> #include <fcntl.h> #include <limits.h> @@ -226,6 +227,8 @@ run_job(atjob *job, char *atfile) { struct stat sb; struct passwd *pw; + login_cap_t *lc; + auth_session_t *as; pid_t pid; long nuid, ngid; FILE *fp; @@ -388,12 +391,9 @@ run_job(atjob *job, char *atfile) /* Write log message now that we have our real pid. */ syslog(LOG_INFO, "(%s) ATJOB (%s)", pw->pw_name, atfile); - /* Close syslog file */ - closelog(); - /* Connect grandchild's stdin to the at job file. */ if (lseek(fd, 0, SEEK_SET) < 0) { - perror("lseek"); + syslog(LOG_ERR, "(CRON) LSEEK (%m)"); _exit(EXIT_FAILURE); } if (fd != STDIN_FILENO) { @@ -411,41 +411,50 @@ run_job(atjob *job, char *atfile) (void) setsid(); - { - login_cap_t *lc; - auth_session_t *as; - if ((lc = login_getclass(pw->pw_class)) == NULL) { - fprintf(stderr, - "Cannot get login class for %s\n", - pw->pw_name); - _exit(EXIT_FAILURE); + /* + * From this point on, anything written to stderr will be + * mailed to the user as output. + */ - } + /* Setup execution environment as per login.conf */ + if ((lc = login_getclass(pw->pw_class)) == NULL) { + warnx("unable to get login class for %s", + pw->pw_name); + syslog(LOG_ERR, "(CRON) CAN'T GET LOGIN CLASS (%s)", + pw->pw_name); + _exit(EXIT_FAILURE); - if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETALL)) { - fprintf(stderr, - "setusercontext failed for %s\n", - pw->pw_name); - _exit(EXIT_FAILURE); - } - as = auth_open(); - if (as == NULL || auth_setpwd(as, pw) != 0) { - fprintf(stderr, "can't malloc\n"); - _exit(EXIT_FAILURE); - } - if (auth_approval(as, lc, pw->pw_name, "cron") <= 0) { - fprintf(stderr, "approval failed for %s\n", - pw->pw_name); - _exit(EXIT_FAILURE); - } - auth_close(as); - login_close(lc); + } + if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETALL)) { + warn("setusercontext failed for %s", pw->pw_name); + syslog(LOG_ERR, "(%s) SETUSERCONTEXT FAILED (%m)", + pw->pw_name); + _exit(EXIT_FAILURE); } - /* If this is a low priority job, nice ourself. */ - if (job->queue > 'b') - (void)setpriority(PRIO_PROCESS, 0, job->queue - 'b'); + /* Run any approval scripts. */ + as = auth_open(); + if (as == NULL || auth_setpwd(as, pw) != 0) { + warn("auth_setpwd"); + syslog(LOG_ERR, "(%s) AUTH_SETPWD FAILED (%m)", + pw->pw_name); + _exit(EXIT_FAILURE); + } + if (auth_approval(as, lc, pw->pw_name, "cron") <= 0) { + warnx("approval failed for %s", pw->pw_name); + syslog(LOG_ERR, "(%s) APPROVAL FAILED (cron)", + pw->pw_name); + _exit(EXIT_FAILURE); + } + auth_close(as); + login_close(lc); + /* If this is a low priority job, nice ourself. */ + if (job->queue > 'b') { + if (setpriority(PRIO_PROCESS, 0, job->queue - 'b') != 0) + syslog(LOG_ERR, "(%s) CAN'T NICE (%m)", + pw->pw_name); + } (void) signal(SIGPIPE, SIG_DFL); @@ -458,7 +467,9 @@ run_job(atjob *job, char *atfile) nargv[1] = NULL; nenvp[0] = NULL; if (execve(_PATH_BSHELL, nargv, nenvp) != 0) { - perror("execve: " _PATH_BSHELL); + warn("unable to execute %s", _PATH_BSHELL); + syslog(LOG_ERR, "(%s) CAN'T EXEC (%s: %m)", pw->pw_name, + _PATH_BSHELL); _exit(EXIT_FAILURE); } break; @@ -473,7 +484,7 @@ run_job(atjob *job, char *atfile) /* Read piped output (if any) from the at job. */ if ((fp = fdopen(output_pipe[READ_PIPE], "r")) == NULL) { - perror("fdopen"); + syslog(LOG_ERR, "(%s) FDOPEN (%m)", pw->pw_name); (void) _exit(EXIT_FAILURE); } nread = fread(buf, 1, sizeof(buf), fp); @@ -489,11 +500,12 @@ run_job(atjob *job, char *atfile) strlcpy(hostname, "unknown", sizeof(hostname)); if (snprintf(mailcmd, sizeof mailcmd, MAILFMT, MAILARG) >= sizeof mailcmd) { - fprintf(stderr, "mailcmd too long\n"); + syslog(LOG_ERR, "(%s) ERROR (mailcmd too long)", + pw->pw_name); (void) _exit(EXIT_FAILURE); } if (!(mail = cron_popen(mailcmd, "w", pw, &mailpid))) { - perror(mailcmd); + syslog(LOG_ERR, "(%s) POPEN (%s)", pw->pw_name, mailcmd); (void) _exit(EXIT_FAILURE); } fprintf(mail, "From: %s (Atrun Service)\n", pw->pw_name); diff --git a/usr.sbin/cron/cron.c b/usr.sbin/cron/cron.c index 31cb72c8233..ab36fdaefa9 100644 --- a/usr.sbin/cron/cron.c +++ b/usr.sbin/cron/cron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cron.c,v 1.72 2015/11/14 13:11:32 millert Exp $ */ +/* $OpenBSD: cron.c,v 1.73 2015/11/15 23:24:24 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") @@ -24,6 +24,7 @@ #include <sys/wait.h> #include <bitstring.h> +#include <err.h> #include <errno.h> #include <grp.h> #include <locale.h> @@ -100,6 +101,7 @@ main(int argc, char *argv[]) if (pledge("stdio rpath wpath cpath fattr getpw unix id dns proc exec", NULL) == -1) { + warn("pledge"); syslog(LOG_ERR, "(CRON) PLEDGE (%m)"); exit(EXIT_FAILURE); } @@ -107,6 +109,7 @@ main(int argc, char *argv[]) cronSock = open_socket(); if (putenv("PATH="_PATH_DEFPATH) < 0) { + warn("putenv"); syslog(LOG_ERR, "(CRON) DEATH (%m)"); exit(EXIT_FAILURE); } @@ -424,22 +427,21 @@ open_socket(void) sock = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); if (sock == -1) { - fprintf(stderr, "%s: can't create socket: %s\n", - __progname, strerror(errno)); + warn("socket"); syslog(LOG_ERR, "(CRON) DEATH (can't create socket)"); exit(EXIT_FAILURE); } bzero(&s_un, sizeof(s_un)); if (strlcpy(s_un.sun_path, _PATH_CRON_SOCK, sizeof(s_un.sun_path)) >= sizeof(s_un.sun_path)) { - fprintf(stderr, "%s: path too long\n", _PATH_CRON_SOCK); + warnc(ENAMETOOLONG, _PATH_CRON_SOCK); syslog(LOG_ERR, "(CRON) DEATH (socket path too long)"); exit(EXIT_FAILURE); } s_un.sun_family = AF_UNIX; if (connect(sock, (struct sockaddr *)&s_un, sizeof(s_un)) == 0) { - fprintf(stderr, "%s: already running\n", __progname); + warnx("already running"); syslog(LOG_ERR, "(CRON) DEATH (already running)"); exit(EXIT_FAILURE); } @@ -450,14 +452,12 @@ open_socket(void) rc = bind(sock, (struct sockaddr *)&s_un, sizeof(s_un)); umask(omask); if (rc != 0) { - fprintf(stderr, "%s: can't bind socket: %s\n", - __progname, strerror(errno)); + warn("bind"); syslog(LOG_ERR, "(CRON) DEATH (can't bind socket)"); exit(EXIT_FAILURE); } if (listen(sock, SOMAXCONN)) { - fprintf(stderr, "%s: can't listen on socket: %s\n", - __progname, strerror(errno)); + warn("listen"); syslog(LOG_ERR, "(CRON) DEATH (can't listen on socket)"); exit(EXIT_FAILURE); } @@ -513,8 +513,7 @@ parse_args(int argc, char *argv[]) batch_maxload = strtod(optarg, &ep); if (*ep != '\0' || ep == optarg || errno == ERANGE || batch_maxload < 0) { - fprintf(stderr, "Illegal load average: %s\n", - optarg); + warnx("illegal load average: %s", optarg); usage(); } break; diff --git a/usr.sbin/cron/do_command.c b/usr.sbin/cron/do_command.c index cc7424611cf..1d5a0158c8e 100644 --- a/usr.sbin/cron/do_command.c +++ b/usr.sbin/cron/do_command.c @@ -1,4 +1,4 @@ -/* $OpenBSD: do_command.c,v 1.54 2015/11/14 13:09:14 millert Exp $ */ +/* $OpenBSD: do_command.c,v 1.55 2015/11/15 23:24:24 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") @@ -23,6 +23,7 @@ #include <bitstring.h> /* for structs.h */ #include <bsd_auth.h> #include <ctype.h> +#include <err.h> #include <errno.h> #include <fcntl.h> #include <limits.h> @@ -76,8 +77,11 @@ child_process(entry *e, user *u) { FILE *in; int stdin_pipe[2], stdout_pipe[2]; - char *input_data, *usernm; + char **p, *input_data, *usernm; + auth_session_t *as; + login_cap_t *lc; int children = 0; + extern char **environ; /* mark ourselves as different to PS command watchers */ setproctitle("running job"); @@ -156,10 +160,6 @@ child_process(entry *e, user *u) } } - /* that's the last thing we'll log. close the log files. - */ - closelog(); - /* get new pgrp, void tty, etc. */ (void) setsid(); @@ -186,51 +186,50 @@ child_process(entry *e, user *u) } dup2(STDOUT_FILENO, STDERR_FILENO); - /* set our directory, uid and gid. Set gid first, since once - * we set uid, we've lost root privileges. + /* + * From this point on, anything written to stderr will be + * mailed to the user as output. */ - { - auth_session_t *as; - login_cap_t *lc; - char **p; - extern char **environ; - - /* XXX - should just pass in a login_cap_t * */ - if ((lc = login_getclass(e->pwd->pw_class)) == NULL) { - fprintf(stderr, - "unable to get login class for %s\n", - e->pwd->pw_name); - _exit(EXIT_FAILURE); - } - if (setusercontext(lc, e->pwd, e->pwd->pw_uid, LOGIN_SETALL) < 0) { - fprintf(stderr, - "setusercontext failed for %s\n", - e->pwd->pw_name); - _exit(EXIT_FAILURE); - } - as = auth_open(); - if (as == NULL || auth_setpwd(as, e->pwd) != 0) { - fprintf(stderr, "can't malloc\n"); - _exit(EXIT_FAILURE); - } - if (auth_approval(as, lc, usernm, "cron") <= 0) { - fprintf(stderr, "approval failed for %s\n", - e->pwd->pw_name); - _exit(EXIT_FAILURE); - } - auth_close(as); - login_close(lc); - /* If no PATH specified in crontab file but - * we just added one via login.conf, add it to - * the crontab environment. - */ - if (env_get("PATH", e->envp) == NULL && environ != NULL) { - for (p = environ; *p; p++) { - if (strncmp(*p, "PATH=", 5) == 0) { - e->envp = env_set(e->envp, *p); - break; - } + /* XXX - should just pass in a login_cap_t * */ + if ((lc = login_getclass(e->pwd->pw_class)) == NULL) { + warnx("unable to get login class for %s", + e->pwd->pw_name); + syslog(LOG_ERR, "(CRON) CAN'T GET LOGIN CLASS (%s)", + e->pwd->pw_name); + _exit(EXIT_FAILURE); + } + if (setusercontext(lc, e->pwd, e->pwd->pw_uid, LOGIN_SETALL) < 0) { + warn("setusercontext failed for %s", e->pwd->pw_name); + syslog(LOG_ERR, "(%s) SETUSERCONTEXT FAILED (%m)", + e->pwd->pw_name); + _exit(EXIT_FAILURE); + } + as = auth_open(); + if (as == NULL || auth_setpwd(as, e->pwd) != 0) { + warn("auth_setpwd"); + syslog(LOG_ERR, "(%s) AUTH_SETPWD FAILED (%m)", + e->pwd->pw_name); + _exit(EXIT_FAILURE); + } + if (auth_approval(as, lc, usernm, "cron") <= 0) { + warnx("approval failed for %s", e->pwd->pw_name); + syslog(LOG_ERR, "(%s) APPROVAL FAILED (cron)", + e->pwd->pw_name); + _exit(EXIT_FAILURE); + } + auth_close(as); + login_close(lc); + + /* If no PATH specified in crontab file but + * we just added one via login.conf, add it to + * the crontab environment. + */ + if (env_get("PATH", e->envp) == NULL && environ != NULL) { + for (p = environ; *p; p++) { + if (strncmp(*p, "PATH=", 5) == 0) { + e->envp = env_set(e->envp, *p); + break; } } } @@ -245,8 +244,9 @@ child_process(entry *e, user *u) char *shell = env_get("SHELL", e->envp); execle(shell, shell, "-c", e->cmd, (char *)NULL, e->envp); - fprintf(stderr, "execle: couldn't exec `%s'\n", shell); - perror("execle"); + warn("unable to execute %s", shell); + syslog(LOG_ERR, "(%s) CAN'T EXEC (%s: %m)", + e->pwd->pw_name, shell); _exit(EXIT_FAILURE); } break; @@ -372,12 +372,15 @@ child_process(entry *e, user *u) gethostname(hostname, sizeof(hostname)); if (snprintf(mailcmd, sizeof mailcmd, MAILFMT, MAILARG) >= sizeof mailcmd) { - fprintf(stderr, "mailcmd too long\n"); + syslog(LOG_ERR, + "(%s) ERROR (mailcmd too long)", + e->pwd->pw_name); (void) _exit(EXIT_FAILURE); } if (!(mail = cron_popen(mailcmd, "w", e->pwd, &mailpid))) { - perror(mailcmd); + syslog(LOG_ERR, "(%s) POPEN (%s)", + e->pwd->pw_name, mailcmd); (void) _exit(EXIT_FAILURE); } fprintf(mail, "From: root (Cron Daemon)\n"); diff --git a/usr.sbin/cron/popen.c b/usr.sbin/cron/popen.c index eb449673729..f156095d837 100644 --- a/usr.sbin/cron/popen.c +++ b/usr.sbin/cron/popen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: popen.c,v 1.29 2015/11/04 20:28:17 millert Exp $ */ +/* $OpenBSD: popen.c,v 1.30 2015/11/15 23:24:24 millert Exp $ */ /* * Copyright (c) 1988, 1993, 1994 @@ -41,6 +41,7 @@ #include <sys/wait.h> #include <bitstring.h> /* for structs.h */ +#include <err.h> #include <errno.h> #include <login_cap.h> #include <pwd.h> @@ -48,6 +49,7 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <syslog.h> #include <unistd.h> #include <time.h> /* for structs.h */ @@ -91,8 +93,10 @@ cron_popen(char *program, char *type, struct passwd *pw, pid_t *pidptr) case 0: /* child */ if (pw) { if (setusercontext(0, pw, pw->pw_uid, LOGIN_SETALL) < 0) { - fprintf(stderr, - "setusercontext failed for %s\n", + syslog(LOG_ERR, + "(%s) SETUSERCONTEXT FAILED (%m)", + pw->pw_name); + warn("setusercontext failed for %s", pw->pw_name); _exit(EXIT_FAILURE); } diff --git a/usr.sbin/cron/user.c b/usr.sbin/cron/user.c index 2b896a32e3e..7e5d64a2040 100644 --- a/usr.sbin/cron/user.c +++ b/usr.sbin/cron/user.c @@ -1,4 +1,4 @@ -/* $OpenBSD: user.c,v 1.17 2015/11/09 01:12:27 millert Exp $ */ +/* $OpenBSD: user.c,v 1.18 2015/11/15 23:24:24 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") @@ -22,9 +22,11 @@ #include <bitstring.h> /* for structs.h */ #include <ctype.h> #include <errno.h> +#include <pwd.h> #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <syslog.h> #include <time.h> /* for structs.h */ #include "macros.h" @@ -55,7 +57,7 @@ load_user(int crontab_fd, struct passwd *pw, const char *name) char **envp, **tenvp; if (!(file = fdopen(crontab_fd, "r"))) { - perror("fdopen on crontab_fd in load_user"); + syslog(LOG_ERR, "(%s) FDOPEN (%m)", pw->pw_name); return (NULL); } |