From owner-cvs-src@FreeBSD.ORG  Sun Jun 17 17:42:41 2007
Return-Path: <owner-cvs-src@FreeBSD.ORG>
X-Original-To: cvs-src@FreeBSD.org
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id D8E2616A41F;
	Sun, 17 Jun 2007 17:42:41 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.freebsd.org (Postfix) with ESMTP id ACC2E13C45A;
	Sun, 17 Jun 2007 17:42:41 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 201FD46FE4;
	Sun, 17 Jun 2007 13:42:41 -0400 (EDT)
Date: Sun, 17 Jun 2007 18:42:40 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Yar Tikhiy <yar@FreeBSD.org>
In-Reply-To: <200706171725.l5HHPr2c092609@repoman.freebsd.org>
Message-ID: <20070617184206.C2416@fledge.watson.org>
References: <200706171725.l5HHPr2c092609@repoman.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/etc/pam.d Makefile cron src/usr.sbin/cron/cron
 Makefile cron.8 cron.h database.c do_command.c src/usr.sbin/cron/lib
 Makefile entry.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Jun 2007 17:42:42 -0000


On Sun, 17 Jun 2007, Yar Tikhiy wrote:

>  Add PAM support to cron(8).  Now cron(8) will skip commands scheduled
>  by unavailable accounts, e.g., those locked, expired, not allowed in at
>  the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
>  This applies to personal crontabs only, /etc/crontab is unaffected.
>
>  In other words, now the account management policy will apply to
>  commands scheduled by users via crontab(1) so that a user can no
>  longer use cron(8) to set up a delayed backdoor and run commands
>  during periods when the admin doesn't want him to.

Nice work.  Have you looked at doing something similar for .forward files in 
Sendmail?

Robert N M Watson
Computer Laboratory
University of Cambridge