Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Feb 2001 00:14:47 -0700
From:      Warner Losh <imp@harmony.village.org>
To:        audit@freebsd.org
Subject:   Removing setgid from dump/restore
Message-ID:  <200102140714.f1E7ElW78463@harmony.village.org>

next in thread | raw e-mail | index | archive | help

OK.  OpenBSD has had this for a long long time.  I've had it in my
tree waiting for wall -g patches to be committed.  Since those are in
the queue now, I'm presenting these again for eventual committing to
FreeBSD.  I expect they might take longer to get through the review
process.

They fix dump/restore to fork wall rather than trying to do it
themselves.  They rely on wall -g operator to send messages only to
group operator.  They also fix MAXPATHLEN usage.

I hope to commit these by the end of the month.

Warner

Index: dump/Makefile
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/Makefile,v
retrieving revision 1.12
diff -u -r1.12 Makefile
--- dump/Makefile	2000/02/24 21:01:49	1.12
+++ dump/Makefile	2000/06/19 06:10:51
@@ -16,10 +16,7 @@
 PROG=	dump
 LINKS=	${BINDIR}/dump ${BINDIR}/rdump
 CFLAGS+=-DRDUMP
-CFLAGS+=-I${.CURDIR}/../../libexec/rlogind
 SRCS=	itime.c main.c optr.c dumprmt.c tape.c traverse.c unctime.c
-BINGRP=	tty
-BINMODE=2555
 MAN8=	dump.8
 MLINKS+=dump.8 rdump.8
 
Index: dump/main.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/main.c,v
retrieving revision 1.22
diff -u -r1.22 main.c
--- dump/main.c	2001/01/28 21:21:37	1.22
+++ dump/main.c	2001/02/14 06:17:16
@@ -285,7 +285,6 @@
 	if (signal(SIGINT, interrupt) == SIG_IGN)
 		signal(SIGINT, SIG_IGN);
 
-	set_operators();	/* /etc/group snarfed */
 	getfstab();		/* /etc/fstab snarfed */
 	/*
 	 *	disk can be either the full special file name,
Index: dump/optr.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/optr.c,v
retrieving revision 1.12
diff -u -r1.12 optr.c
--- dump/optr.c	2001/01/29 09:45:51	1.12
+++ dump/optr.c	2001/02/14 06:23:04
@@ -59,7 +59,6 @@
 
 void	alarmcatch __P((/* int, int */));
 int	datesort __P((const void *, const void *));
-static	void sendmes __P((char *, char *));
 
 /*
  *	Query the operator; This previously-fascist piece of code
@@ -117,7 +116,7 @@
 	return(back);
 }
 
-char lastmsg[100];
+char lastmsg[BUFSIZ];
 
 /*
  *	Alert the console operator, and enable the alarm clock to
@@ -126,6 +125,8 @@
 void
 alarmcatch()
 {
+	int save_errno = errno;
+
 	if (notify == 0) {
 		if (timeout == 0)
 			(void) fprintf(stderr,
@@ -144,6 +145,7 @@
 	signal(SIGALRM, alarmcatch);
 	(void) alarm(120);
 	timeout = 1;
+	errno = save_errno;
 }
 
 /*
@@ -158,131 +160,34 @@
 		dumpabort(0);
 }
 
-/*
- *	The following variables and routines manage alerting
- *	operators to the status of dump.
- *	This works much like wall(1) does.
- */
-struct	group *gp;
-
 /*
- *	Get the names from the group entry "operator" to notify.
+ *	We now use wall(1) to do the actual broadcasting.
  */
 void
-set_operators()
-{
-	if (!notify)		/*not going to notify*/
-		return;
-	gp = getgrnam(OPGRENT);
-	(void) endgrent();
-	if (gp == NULL) {
-		msg("No group entry for %s.\n", OPGRENT);
-		notify = 0;
-		return;
-	}
-}
-
-struct tm *localclock;
-
-/*
- *	We fork a child to do the actual broadcasting, so
- *	that the process control groups are not messed up
- */
-void
 broadcast(message)
 	char	*message;
 {
-	time_t		clock;
-	FILE	*f_utmp;
-	struct	utmp	utmp;
-	char	**np;
-	int	pid, s;
+	FILE *fp;
+	char buf[sizeof(_PATH_WALL) + sizeof(OPGRENT) + 3];
 
-	if (!notify || gp == NULL)
+	if (!notify)
 		return;
 
-	switch (pid = fork()) {
-	case -1:
+	(void)snprintf(buf, sizeof(buf), "%s -g %s", _PATH_WALL, OPGRENT);
+	if ((fp = popen(buf, "w")) == NULL)
 		return;
-	case 0:
-		break;
-	default:
-		while (wait(&s) != pid)
-			continue;
-		return;
-	}
 
-	clock = time((time_t *)0);
-	localclock = localtime(&clock);
-
-	if ((f_utmp = fopen(_PATH_UTMP, "r")) == NULL) {
-		msg("Cannot open %s: %s\n", _PATH_UTMP, strerror(errno));
-		return;
-	}
-
-	while (!feof(f_utmp)) {
-		if (fread((char *) &utmp, sizeof (struct utmp), 1, f_utmp) != 1)
-			break;
-		if (utmp.ut_name[0] == 0)
-			continue;
-		for (np = gp->gr_mem; *np; np++) {
-			if (strncmp(*np, utmp.ut_name, sizeof(utmp.ut_name)) != 0)
-				continue;
-			/*
-			 *	Do not send messages to operators on dialups
-			 */
-			if (strncmp(utmp.ut_line, DIALUP, strlen(DIALUP)) == 0)
-				continue;
-#ifdef DEBUG
-			msg("Message to %s at %s\n", *np, utmp.ut_line);
-#endif
-			sendmes(utmp.ut_line, message);
-		}
-	}
-	(void) fclose(f_utmp);
-	Exit(0);	/* the wait in this same routine will catch this */
-	/* NOTREACHED */
-}
+	(void) fputs("\a\a\aMessage from the dump program to all operators\n\nDUMP: NEEDS ATTENTION: ", fp);
+	if (lastmsg[0])
+		(void) fputs(lastmsg, fp);
+	if (message[0])
+		(void) fputs(message, fp);
 
-static void
-sendmes(tty, message)
-	char *tty, *message;
-{
-	char t[MAXPATHLEN], buf[BUFSIZ];
-	register char *cp;
-	int lmsg = 1;
-	FILE *f_tty;
-
-	(void) strcpy(t, _PATH_DEV);
-	(void) strncat(t, tty, sizeof t - strlen(_PATH_DEV) - 1);
-
-	if ((f_tty = fopen(t, "w")) != NULL) {
-		setbuf(f_tty, buf);
-		(void) fprintf(f_tty,
-		    "\n\
-\a\a\aMessage from the dump program to all operators at %d:%02d ...\r\n\n\
-DUMP: NEEDS ATTENTION: ",
-		    localclock->tm_hour, localclock->tm_min);
-		for (cp = lastmsg; ; cp++) {
-			if (*cp == '\0') {
-				if (lmsg) {
-					cp = message;
-					if (*cp == '\0')
-						break;
-					lmsg = 0;
-				} else
-					break;
-			}
-			if (*cp == '\n')
-				(void) putc('\r', f_tty);
-			(void) putc(*cp, f_tty);
-		}
-		(void) fclose(f_tty);
-	}
+	(void) pclose(fp);
 }
 
 /*
- *	print out an estimate of the amount of time left to do the dump
+ *	Print out an estimate of the amount of time left to do the dump
  */
 
 time_t	tschedule = 0;
@@ -390,7 +295,7 @@
 {
 	register struct fstab *new;
 
-	new = (struct fstab *)malloc(sizeof (*fs));
+	new = (struct fstab *)malloc(sizeof(*fs));
 	if (new == NULL ||
 	    (new->fs_file = strdup(fs->fs_file)) == NULL ||
 	    (new->fs_type = strdup(fs->fs_type)) == NULL ||
@@ -425,7 +330,7 @@
 		    strcmp(fs->fs_type, FSTAB_RQ))
 			continue;
 		fs = allocfsent(fs);
-		if ((pf = (struct pfstab *)malloc(sizeof (*pf))) == NULL)
+		if ((pf = (struct pfstab *)malloc(sizeof(*pf))) == NULL)
 			quit("%s\n", strerror(errno));
 		pf->pf_fstab = fs;
 		SLIST_INSERT_HEAD(&table, pf, pf_list);
Index: dump/pathnames.h
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/pathnames.h,v
retrieving revision 1.5
diff -u -r1.5 pathnames.h
--- dump/pathnames.h	1998/09/22 10:05:17	1.5
+++ dump/pathnames.h	2000/06/19 05:54:17
@@ -40,3 +40,4 @@
 #define	_PATH_DUMPDATES	"/etc/dumpdates"
 #define	_PATH_LOCK	"/tmp/dumplockXXXXXX"
 #define	_PATH_RMT	"/etc/rmt"		/* path on remote host */
+#define _PATH_WALL	"/usr/bin/wall"
Index: restore/Makefile
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/Makefile,v
retrieving revision 1.13
diff -u -r1.13 Makefile
--- restore/Makefile	2000/02/24 21:01:54	1.13
+++ restore/Makefile	2000/06/19 06:11:37
@@ -4,11 +4,8 @@
 PROG=	restore
 LINKS=	${BINDIR}/restore ${BINDIR}/rrestore
 CFLAGS+=-DRRESTORE
-CFLAGS+=-I${.CURDIR}/../../libexec/rlogind
 SRCS=	main.c interactive.c restore.c dirs.c symtab.c tape.c utilities.c \
 	dumprmt.c
-BINGRP=	tty
-BINMODE=2555
 MAN8=	restore.8
 MLINKS+=restore.8 rrestore.8
 .PATH:	${.CURDIR}/../dump
Index: restore/dirs.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/dirs.c,v
retrieving revision 1.16
diff -u -r1.16 dirs.c
--- restore/dirs.c	2000/10/10 01:49:47	1.16
+++ restore/dirs.c	2000/11/12 06:07:33
@@ -230,7 +230,7 @@
 	register struct direct *dp;
 	int namelen;
 	long bpt;
-	char locname[MAXPATHLEN + 1];
+	char locname[MAXPATHLEN];
 
 	itp = inotablookup(ino);
 	if (itp == NULL) {
Index: restore/interactive.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/interactive.c,v
retrieving revision 1.9
diff -u -r1.9 interactive.c
--- restore/interactive.c	2000/12/12 12:04:01	1.9
+++ restore/interactive.c	2000/12/16 06:25:03
@@ -505,7 +505,7 @@
 	struct afile single;
 	RST_DIR *dirp;
 	int entries, len, namelen;
-	char locname[MAXPATHLEN + 1];
+	char locname[MAXPATHLEN];
 
 	dp = pathsearch(name);
 	if (dp == NULL || (!dflag && TSTINO(dp->d_ino, dumpmap) == 0) ||
@@ -536,8 +536,8 @@
 		fprintf(stderr, "%s:\n", name);
 		entries = 0;
 		listp = list;
-		(void) strncpy(locname, name, MAXPATHLEN);
-		(void) strncat(locname, "/", MAXPATHLEN);
+		(void) strlcpy(locname, name, MAXPATHLEN);
+		(void) strlcat(locname, "/", MAXPATHLEN);
 		namelen = strlen(locname);
 		while ((dp = rst_readdir(dirp))) {
 			if (dp == NULL)
Index: restore/tape.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/tape.c,v
retrieving revision 1.21
diff -u -r1.21 tape.c
--- restore/tape.c	2000/12/12 12:04:02	1.21
+++ restore/tape.c	2000/12/16 06:25:03
@@ -82,7 +82,7 @@
 
 static int	ofile;
 static char	*map;
-static char	lnkbuf[MAXPATHLEN + 1];
+static char	lnkbuf[MAXPATHLEN];
 static int	pathlen;
 
 int		oldinofmt;	/* old inode format conversion required */
@@ -770,7 +770,7 @@
 {
 
 	pathlen += size;
-	if (pathlen > MAXPATHLEN) {
+	if (pathlen >= MAXPATHLEN) {
 		fprintf(stderr, "symbolic link name: %s->%s%s; too long %d\n",
 		    curfile.name, lnkbuf, buf, pathlen);
 		done(1);


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102140714.f1E7ElW78463>