7 #include "authcmdlib.h"
9 char CRONLOG[] = "cron";
17 typedef struct Job Job;
18 typedef struct Time Time;
19 typedef struct User User;
21 struct Time{ /* bit masks for each valid time */
30 char *host; /* where ... */
31 Time time; /* when ... */
32 char *cmd; /* and what to execute */
37 Qid lastqid; /* of last read /cron/user/cron */
38 char *name; /* who ... */
39 Job *jobs; /* wants to execute these jobs */
51 void rexec(User*, Job*);
52 void readalljobs(void);
53 Job *readjobs(char*, User*);
55 uvlong gettime(int, int);
63 void *erealloc(void*, ulong);
64 int myauth(int, char*);
65 void createuser(void);
66 int mkcmd(char*, char*, int);
69 int becomeuser(char*);
74 return tm - tm%Minute; /* round down to the minute */
83 return sleep((tm - now)*1000);
88 #pragma varargck argpos clog 1
89 #pragma varargck argpos fatal 1
98 vseprint(msg, msg + sizeof msg, fmt, arg);
100 syslog(0, CRONLOG, msg);
104 fatal(char *fmt, ...)
110 vseprint(msg, msg + sizeof msg, fmt, arg);
119 return create(file, ORDWR, 0600);
130 /* make it a lock file if it wasn't */
133 error("%s vanished: %r", file);
135 dir->qid.type |= QTEXCL;
139 /* reopen in case it wasn't a lock file at last open */
142 for (try = 0; try < 65 && (fd = openlock(file)) < 0; try++)
148 main(int argc, char *argv[])
153 ulong now, last; /* in seconds */
174 initcap(); /* do this early, before cpurc removes it */
178 fatal("can't fork: %r");
186 * it can take a few minutes before the file server notices that
187 * we've rebooted and gives up the lock.
189 lock = mklock("/cron/lock");
191 fatal("cron already running: %r");
198 * the system's notion of time may have jumped forward or
199 * backward an arbitrary amount since the last call to time().
203 * if time has jumped backward, just note it and adapt.
204 * if time has jumped forward more than a day,
205 * just execute one day's jobs.
208 clog("time went backward");
210 } else if (now - last > Day) {
211 clog("time advanced more than a day");
215 for(last = minute(last); last <= now; last += Minute){
216 tm = *localtime(last);
217 t.min = 1ULL << tm.min;
218 t.hour = 1 << tm.hour;
219 t.wday = 1 << tm.wday;
220 t.mday = 1 << tm.mday;
221 t.mon = 1 << (tm.mon + 1);
222 for(i = 0; i < nuser; i++)
223 for(j = users[i].jobs; j; j = j->next)
224 if(j->time.min & t.min
225 && j->time.hour & t.hour
226 && j->time.wday & t.wday
227 && j->time.mday & t.mday
228 && j->time.mon & t.mon)
232 write(lock, "x", 1); /* keep the lock alive */
234 * if we're not at next minute yet, sleep until a second past
235 * (to allow for sleep intervals being approximate),
236 * which synchronises with minute roll-over as a side-effect.
238 sleepuntil(now + Minute + 1);
247 char file[128], *user;
251 snprint(file, sizeof file, "/cron/%s", user);
252 fd = create(file, OREAD, 0755|DMDIR);
254 fatal("couldn't create %s: %r", file);
259 snprint(file, sizeof file, "/cron/%s/cron", user);
260 fd = create(file, OREAD, 0644);
262 fatal("couldn't create %s: %r", file);
277 fd = open("/cron", OREAD);
279 fatal("can't open /cron: %r");
280 while((n = dirread(fd, &d)) > 0){
281 for(i = 0; i < n; i++){
282 if(strcmp(d[i].name, "log") == 0 ||
283 !(d[i].qid.type & QTDIR))
285 if(strcmp(d[i].name, d[i].uid) != 0){
286 syslog(1, CRONLOG, "cron for %s owned by %s",
287 d[i].name, d[i].uid);
290 u = newuser(d[i].name);
291 snprint(file, sizeof file, "/cron/%s/cron", d[i].name);
293 if(du == nil || qidcmp(u->lastqid, du->qid) != 0){
295 u->jobs = readjobs(file, u);
305 * parse user's cron file
306 * other lines: minute hour monthday month weekday host command
309 readjobs(char *file, User *user)
319 b = Bopen(file, OREAD);
325 user->lastqid = d->qid;
327 for(line = 1; savec = Brdline(b, '\n'); line++){
328 savec[Blinelen(b) - 1] = '\0';
329 while(*savec == ' ' || *savec == '\t')
331 if(*savec == '#' || *savec == '\0')
333 if(strlen(savec) > 1024){
334 clog("%s: line %d: line too long", user->name, line);
337 j = emalloc(sizeof *j);
338 j->time.min = gettime(0, 59);
339 if(j->time.min && (j->time.hour = gettime(0, 23))
340 && (j->time.mday = gettime(1, 31))
341 && (j->time.mon = gettime(1, 12))
342 && (j->time.wday = gettime(0, 6))
343 && getname(&j->host)){
344 j->cmd = emalloc(strlen(savec) + 1);
345 strcpy(j->cmd, savec);
349 clog("%s: line %d: syntax error", user->name, line);
364 for(i = 0; i < nuser; i++){
365 print("user %s\n", users[i].name);
366 for(j = users[i].jobs; j; j = j->next)
367 if(!mkcmd(j->cmd, buf, sizeof buf))
368 print("\tbad job %s on host %s\n",
371 print("\tjob %s on host %s\n", buf, j->host);
380 for(i = 0; i < nuser; i++)
381 if(strcmp(users[i].name, name) == 0)
383 if(nuser == maxuser){
385 users = erealloc(users, maxuser * sizeof *users);
387 memset(&users[nuser], 0, sizeof(users[nuser]));
388 users[nuser].name = strdup(name);
389 users[nuser].jobs = 0;
390 users[nuser].lastqid.type = QTFILE;
391 users[nuser].lastqid.path = ~0LL;
392 users[nuser].lastqid.vers = ~0L;
393 return &users[nuser++];
410 getname(char **namep)
417 while(*savec == ' ' || *savec == '\t')
419 for(p = buf; (c = *savec) && c != ' ' && c != '\t'; p++){
420 if(p >= buf+sizeof buf -1)
425 *namep = strdup(buf);
427 clog("internal error: strdup failure");
430 while(*savec == ' ' || *savec == '\t')
436 * return the next time range (as a bit vector) in the file:
440 * | number '-' number
442 * a return of zero means a syntax error was discovered
445 gettime(int min, int max)
449 if(gettok(min, max) == '*')
455 if(gettok(0, 0) == '-'){
456 if(gettok(lexval, max) != '1')
459 for( ; m <= e; m <<= 1)
465 if(gettok(min, max) != '1')
479 gettok(int min, int max)
486 while((c = *savec) == ' ' || c == '\t')
489 case '0': case '1': case '2': case '3': case '4':
490 case '5': case '6': case '7': case '8': case '9':
491 lexval = strtoul(savec, &savec, 10);
492 if(lexval < min || lexval > max)
495 case '*': case '-': case ',':
504 * convert command to run properly on the remote machine
505 * need to escape the quotes so they don't get stripped
508 mkcmd(char *cmd, char *buf, int len)
513 n = sizeof "exec rc -c '" -1;
516 strcpy(buf, "exec rc -c '");
517 while(p = utfrune(cmd, L'\'')){
522 strncpy(&buf[n], cmd, m);
528 if(n + m + sizeof "'</dev/null>/dev/null>[2=1]" >= len)
530 strcpy(&buf[n], cmd);
531 strcpy(&buf[n+m], "'</dev/null>/dev/null>[2=1]");
536 rexec(User *user, Job *j)
540 switch(rfork(RFPROC|RFNOWAIT|RFNAMEG|RFENVG|RFFDG)){
544 clog("can't fork a job for %s: %r\n", user->name);
549 if(!mkcmd(j->cmd, buf, sizeof buf)){
550 clog("internal error: cmd buffer overflow");
554 if(becomeuser(user->name) < 0){
555 clog("%s: can't change uid for %s on %s: %r",
556 user->name, j->cmd, j->host);
560 clog("%s: ran '%s' on %s", user->name, j->cmd, j->host);
565 open("/dev/null", OREAD);
566 open("/dev/null", OWRITE);
567 open("/dev/null", OWRITE);
569 if(strcmp(j->host, "local") == 0){
570 putenv("service", "rx");
571 execl("/bin/rc", "rc", "-lc", buf, nil);
573 execl("/bin/rx", "rx", j->host, buf, nil);
576 clog("%s: exec failed for %s on %s: %r", user->name, j->cmd, j->host);
585 if(p = mallocz(n, 1))
587 fatal("out of memory");
592 erealloc(void *p, ulong n)
594 if(p = realloc(p, n))
596 fatal("out of memory");
603 fprint(2, "usage: cron [-c]\n");
610 /* might be useful to know if a > b, but not for cron */
611 return(a.path != b.path || a.vers != b.vers);
615 * keep caphash fd open since opens of it could be disabled
617 static int caphashfd;
622 caphashfd = open("#¤/caphash", OCEXEC|OWRITE);
624 fprint(2, "%s: opening #¤/caphash: %r\n", argv0);
628 * create a change uid capability
631 mkcap(char *from, char *to)
636 int nfrom, nto, ncap;
637 uchar hash[SHA1dlen];
642 /* create the capability */
644 nfrom = strlen(from);
645 ncap = nfrom + 1 + nto + 1 + sizeof(rand)*3 + 1;
647 snprint(cap, ncap, "%s@%s", from, to);
648 genrandom(rand, sizeof(rand));
649 key = cap+nfrom+1+nto+1;
650 enc64(key, sizeof(rand)*3, rand, sizeof(rand));
652 /* hash the capability */
653 hmac_sha1((uchar*)cap, strlen(cap), (uchar*)key, strlen(key), hash, nil);
655 /* give the kernel the hash */
657 if(write(caphashfd, hash, SHA1dlen) < 0){
670 fd = open("#¤/capuse", OWRITE);
673 rv = write(fd, cap, strlen(cap));
679 becomeuser(char *new)
684 cap = mkcap(getuser(), new);