1 files changed, 34 insertions, 32 deletions
diff --git a/usr.sbin/cron/do_command.c b/usr.sbin/cron/do_command.c
index e1d278e85fc..17e3943df05 100644
--- a/usr.sbin/cron/do_command.c
+++ b/usr.sbin/cron/do_command.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: do_command.c,v 1.18 2002/07/12 18:35:24 millert Exp $	*/
+/*	$OpenBSD: do_command.c,v 1.19 2002/07/15 19:13:29 millert Exp $	*/
 /* Copyright 1988,1990,1993,1994 by Paul Vixie
  * All rights reserved
  */
@@ -21,19 +21,18 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char const rcsid[] = "$OpenBSD: do_command.c,v 1.18 2002/07/12 18:35:24 millert Exp $";
+static char const rcsid[] = "$OpenBSD: do_command.c,v 1.19 2002/07/15 19:13:29 millert Exp $";
 #endif
 
 #include "cron.h"
 
 static void		child_process(entry *, user *);
-static int		safe_p(const char *, const char *);
 
 void
 do_command(entry *e, user *u) {
 	Debug(DPROC, ("[%ld] do_command(%s, (%s,%lu,%lu))\n",
 		      (long)getpid(), e->cmd, u->name,
-		      (u_long)e->uid, (u_long)e->gid))
+		      (u_long)e->pwd->pw_uid, (u_long)e->pwd->pw_gid))
 
 	/* fork to become asynchronous -- parent process is done immediately,
 	 * and continues to run the normal cron code, which means return to
@@ -84,7 +83,7 @@ child_process(entry *e, user *u) {
 
 	/* discover some useful and important environment settings
 	 */
-	usernm = env_get("LOGNAME", e->envp);
+	usernm = e->pwd->pw_name;
 	mailto = env_get("MAILTO", e->envp);
 
 	/* our parent is watching for our death by catching SIGCHLD.  we
@@ -104,10 +103,9 @@ child_process(entry *e, user *u) {
 	 *
 	 * if a % is present in the command, previous characters are the
 	 * command, and subsequent characters are the additional input to
-	 * the command.  Subsequent %'s will be transformed into newlines,
+	 * the command.  An escaped % will have the escape character stripped
+	 * from it.  Subsequent %'s will be transformed into newlines,
 	 * but that happens later.
-	 *
-	 * If there are escaped %'s, remove the escape character.
 	 */
 	/*local*/{
 		int escaped = FALSE;
@@ -141,11 +139,11 @@ child_process(entry *e, user *u) {
 	 */
 	switch (fork()) {
 	case -1:
-		log_it("CRON", getpid(), "error", "can't vfork");
+		log_it("CRON", getpid(), "error", "can't fork");
 		exit(ERROR_EXIT);
 		/*NOTREACHED*/
 	case 0:
-		Debug(DPROC, ("[%ld] grandchild process Vfork()'ed\n",
+		Debug(DPROC, ("[%ld] grandchild process fork()'ed\n",
 			      (long)getpid()))
 
 		/* write a log message.  we've waited this long to do it
@@ -197,45 +195,49 @@ child_process(entry *e, user *u) {
 		 */
 #ifdef LOGIN_CAP
 		{
-			struct passwd *pwd;
-			char *ep, *np;
+			login_cap_t *lc;
+			char **p;
+			extern char **environ;
 
 			/* XXX - should just pass in a login_cap_t * */
-			pwd = getpwuid(e->uid);
-			if (pwd == NULL) {
-				fprintf(stderr, "getpwuid: couldn't get entry for %u\n", e->uid);
+			if ((lc = login_getclass(e->pwd->pw_class)) == NULL) {
+				fprintf(stderr,
+				    "unable to get login class for %s\n",
+				    e->pwd->pw_name);
 				_exit(ERROR_EXIT);
 			}
-			if (setusercontext(0, pwd, e->uid, LOGIN_SETALL) < 0) {
-				fprintf(stderr, "setusercontext failed for %u\n", e->uid);
+			if (setusercontext(lc, e->pwd, e->pwd->pw_uid, LOGIN_SETALL) < 0) {
+				fprintf(stderr, "setusercontext failed for %s\n", e->pwd->pw_name);
 				_exit(ERROR_EXIT);
 			}
 #ifdef BSD_AUTH
-			if (auth_approval(0, 0, pwd->pw_name, "cron") <= 0) {
-				fprintf(stderr, "approval failed for %u\n", e->uid);
+			/* XXX - stash pwd with auth_setpwd to avoid lookup */
+			if (auth_approval(0, lc, usernm, "cron") <= 0) {
+				fprintf(stderr, "approval failed for %s\n",
+				    e->pwd->pw_name);
 				_exit(ERROR_EXIT);
 			}
 #endif /* BSD_AUTH */
+			login_close(lc);
+
 			/* If no PATH specified in crontab file but
 			 * we just added one via login.conf, add it to
 			 * the crontab environment.
 			 */
-			if (env_get("PATH", e->envp) == NULL &&
-			    (ep = getenv("PATH"))) {
-				np = malloc(strlen(ep) + 6);
-				if (np) {
-					strcpy(np, "PATH=");
-					strcat(np, ep);
-					e->envp = env_set(e->envp, np);
+			if (env_get("PATH", e->envp) == NULL && environ != NULL) {
+				for (p = environ; *p; p++) {
+					if (strncmp(*p, "PATH=", 5) == 0) {
+						e->envp = env_set(e->envp, *p);
+						break;
+					}
 				}
 			}
-			
 		}
 #else
-		setgid(e->gid);
-		initgroups(env_get("LOGNAME", e->envp), e->gid);
+		setgid(e->pwd->pw_gid);
+		initgroups(usernm, e->pwd->pw_gid);
 		setlogin(usernm);
-		setuid(e->uid);		/* we aren't root after this... */
+		setuid(e->pw->pw_uid);	/* we aren't root after this... */
 
 #endif /* LOGIN_CAP */
 		chdir(env_get("HOME", e->envp));
@@ -402,7 +404,7 @@ child_process(entry *e, user *u) {
 					fprintf(stderr, "mailcmd too long\n");
 					(void) _exit(ERROR_EXIT);
 				}
-				if (!(mail = cron_popen(mailcmd, "w", e))) {
+				if (!(mail = cron_popen(mailcmd, "w", e->pwd))) {
 					perror(mailcmd);
 					(void) _exit(ERROR_EXIT);
 				}
@@ -499,7 +501,7 @@ child_process(entry *e, user *u) {
 	}
 }
 
-static int
+int
 safe_p(const char *usernm, const char *s) {
 	static const char safe_delim[] = "@!:%-.,";     /* conservative! */
 	const char *t;