summaryrefslogtreecommitdiffstats
path: root/usr.sbin/cron
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/cron')
-rw-r--r--usr.sbin/cron/client.c20
-rw-r--r--usr.sbin/cron/common.c3
-rw-r--r--usr.sbin/cron/cron.c9
-rw-r--r--usr.sbin/cron/pathnames.h6
4 files changed, 23 insertions, 15 deletions
diff --git a/usr.sbin/cron/client.c b/usr.sbin/cron/client.c
index 1786af35dc2..4ef6a2f4c9e 100644
--- a/usr.sbin/cron/client.c
+++ b/usr.sbin/cron/client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: client.c,v 1.6 2015/11/11 17:05:23 millert Exp $ */
+/* $OpenBSD: client.c,v 1.7 2015/11/12 13:42:42 millert Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
@@ -19,9 +19,12 @@
#include <sys/types.h>
#include <sys/socket.h>
+#include <sys/stat.h>
#include <sys/un.h>
#include <bitstring.h> /* for structs.h */
+#include <err.h>
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -92,13 +95,17 @@ void
poke_daemon(const char *spool_dir, unsigned char cookie)
{
int sock = -1;
+ const char *cronsock = CRONSOCK;
+ struct stat sb;
struct sockaddr_un s_un;
+ if (stat(cronsock, &sb) != 0)
+ cronsock = CRONSOCK_OLD; /* backwards compatibility */
+
bzero(&s_un, sizeof(s_un));
- if (snprintf(s_un.sun_path, sizeof s_un.sun_path, "%s/%s",
- CRON_SPOOL, CRONSOCK) >= sizeof(s_un.sun_path)) {
- fprintf(stderr, "%s: %s/%s: path too long\n",
- __progname, CRON_SPOOL, CRONSOCK);
+ if (strlcpy(s_un.sun_path, cronsock, sizeof(s_un.sun_path)) >=
+ sizeof(s_un.sun_path)) {
+ warnc(ENAMETOOLONG, "%s", cronsock);
return;
}
s_un.sun_family = AF_UNIX;
@@ -106,8 +113,7 @@ poke_daemon(const char *spool_dir, unsigned char cookie)
connect(sock, (struct sockaddr *)&s_un, sizeof(s_un)) == 0)
send(sock, &cookie, 1, MSG_NOSIGNAL);
else
- fprintf(stderr, "%s: warning, cron does not appear to be "
- "running.\n", __progname);
+ warnx("warning, cron does not appear to be running");
if (sock >= 0)
close(sock);
}
diff --git a/usr.sbin/cron/common.c b/usr.sbin/cron/common.c
index a5869e87cce..381d309a660 100644
--- a/usr.sbin/cron/common.c
+++ b/usr.sbin/cron/common.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: common.c,v 1.4 2015/11/11 17:02:22 millert Exp $ */
+/* $OpenBSD: common.c,v 1.5 2015/11/12 13:42:42 millert Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
@@ -112,6 +112,7 @@ set_cron_cwd(void)
exit(EXIT_FAILURE);
}
if (grp != NULL) {
+ setegid(grp->gr_gid);
if (sb.st_gid != grp->gr_gid)
chown(AT_SPOOL, -1, grp->gr_gid);
if ((sb.st_mode & ALLPERMS) != 01770)
diff --git a/usr.sbin/cron/cron.c b/usr.sbin/cron/cron.c
index 2d35c85aa1b..00e80f722bc 100644
--- a/usr.sbin/cron/cron.c
+++ b/usr.sbin/cron/cron.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cron.c,v 1.68 2015/11/11 17:19:22 millert Exp $ */
+/* $OpenBSD: cron.c,v 1.69 2015/11/12 13:42:42 millert Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
@@ -431,9 +431,9 @@ open_socket(void)
exit(EXIT_FAILURE);
}
bzero(&s_un, sizeof(s_un));
- if (snprintf(s_un.sun_path, sizeof(s_un.sun_path), "%s/%s",
- CRON_SPOOL, CRONSOCK) >= sizeof(s_un.sun_path)) {
- fprintf(stderr, "%s/%s: path too long\n", CRON_SPOOL, CRONSOCK);
+ if (strlcpy(s_un.sun_path, CRONSOCK, sizeof(s_un.sun_path))
+ >= sizeof(s_un.sun_path)) {
+ fprintf(stderr, "%s: path too long\n", CRONSOCK);
log_it("CRON", "DEATH", "path too long");
exit(EXIT_FAILURE);
}
@@ -463,6 +463,7 @@ open_socket(void)
exit(EXIT_FAILURE);
}
chmod(s_un.sun_path, 0660);
+ chown(s_un.sun_path, -1, getegid());
return(sock);
}
diff --git a/usr.sbin/cron/pathnames.h b/usr.sbin/cron/pathnames.h
index 736558c576a..99d3a7efec1 100644
--- a/usr.sbin/cron/pathnames.h
+++ b/usr.sbin/cron/pathnames.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pathnames.h,v 1.20 2015/11/09 16:00:39 millert Exp $ */
+/* $OpenBSD: pathnames.h,v 1.21 2015/11/12 13:42:42 millert Exp $ */
/* Copyright 1993,1994 by Paul Vixie
* Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
@@ -50,9 +50,9 @@
/* CRONSOCK is the name of the socket used by at and
* crontab to poke cron to re-read the at and cron
* spool files while cron is asleep.
- * It lives in the spool directory.
*/
-#define CRONSOCK ".sock"
+#define CRONSOCK "/var/run/cron.sock"
+#define CRONSOCK_OLD CRON_SPOOL "/.sock"
/* cron allow/deny file. At least cron.deny must
* exist for ordinary users to run crontab.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.