Date: Wed, 14 Feb 2001 00:14:47 -0700 From: Warner Losh <imp@harmony.village.org> To: audit@freebsd.org Subject: Removing setgid from dump/restore Message-ID: <200102140714.f1E7ElW78463@harmony.village.org>
next in thread | raw e-mail | index | archive | help
OK. OpenBSD has had this for a long long time. I've had it in my
tree waiting for wall -g patches to be committed. Since those are in
the queue now, I'm presenting these again for eventual committing to
FreeBSD. I expect they might take longer to get through the review
process.
They fix dump/restore to fork wall rather than trying to do it
themselves. They rely on wall -g operator to send messages only to
group operator. They also fix MAXPATHLEN usage.
I hope to commit these by the end of the month.
Warner
Index: dump/Makefile
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/Makefile,v
retrieving revision 1.12
diff -u -r1.12 Makefile
--- dump/Makefile 2000/02/24 21:01:49 1.12
+++ dump/Makefile 2000/06/19 06:10:51
@@ -16,10 +16,7 @@
PROG= dump
LINKS= ${BINDIR}/dump ${BINDIR}/rdump
CFLAGS+=-DRDUMP
-CFLAGS+=-I${.CURDIR}/../../libexec/rlogind
SRCS= itime.c main.c optr.c dumprmt.c tape.c traverse.c unctime.c
-BINGRP= tty
-BINMODE=2555
MAN8= dump.8
MLINKS+=dump.8 rdump.8
Index: dump/main.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/main.c,v
retrieving revision 1.22
diff -u -r1.22 main.c
--- dump/main.c 2001/01/28 21:21:37 1.22
+++ dump/main.c 2001/02/14 06:17:16
@@ -285,7 +285,6 @@
if (signal(SIGINT, interrupt) == SIG_IGN)
signal(SIGINT, SIG_IGN);
- set_operators(); /* /etc/group snarfed */
getfstab(); /* /etc/fstab snarfed */
/*
* disk can be either the full special file name,
Index: dump/optr.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/optr.c,v
retrieving revision 1.12
diff -u -r1.12 optr.c
--- dump/optr.c 2001/01/29 09:45:51 1.12
+++ dump/optr.c 2001/02/14 06:23:04
@@ -59,7 +59,6 @@
void alarmcatch __P((/* int, int */));
int datesort __P((const void *, const void *));
-static void sendmes __P((char *, char *));
/*
* Query the operator; This previously-fascist piece of code
@@ -117,7 +116,7 @@
return(back);
}
-char lastmsg[100];
+char lastmsg[BUFSIZ];
/*
* Alert the console operator, and enable the alarm clock to
@@ -126,6 +125,8 @@
void
alarmcatch()
{
+ int save_errno = errno;
+
if (notify == 0) {
if (timeout == 0)
(void) fprintf(stderr,
@@ -144,6 +145,7 @@
signal(SIGALRM, alarmcatch);
(void) alarm(120);
timeout = 1;
+ errno = save_errno;
}
/*
@@ -158,131 +160,34 @@
dumpabort(0);
}
-/*
- * The following variables and routines manage alerting
- * operators to the status of dump.
- * This works much like wall(1) does.
- */
-struct group *gp;
-
/*
- * Get the names from the group entry "operator" to notify.
+ * We now use wall(1) to do the actual broadcasting.
*/
void
-set_operators()
-{
- if (!notify) /*not going to notify*/
- return;
- gp = getgrnam(OPGRENT);
- (void) endgrent();
- if (gp == NULL) {
- msg("No group entry for %s.\n", OPGRENT);
- notify = 0;
- return;
- }
-}
-
-struct tm *localclock;
-
-/*
- * We fork a child to do the actual broadcasting, so
- * that the process control groups are not messed up
- */
-void
broadcast(message)
char *message;
{
- time_t clock;
- FILE *f_utmp;
- struct utmp utmp;
- char **np;
- int pid, s;
+ FILE *fp;
+ char buf[sizeof(_PATH_WALL) + sizeof(OPGRENT) + 3];
- if (!notify || gp == NULL)
+ if (!notify)
return;
- switch (pid = fork()) {
- case -1:
+ (void)snprintf(buf, sizeof(buf), "%s -g %s", _PATH_WALL, OPGRENT);
+ if ((fp = popen(buf, "w")) == NULL)
return;
- case 0:
- break;
- default:
- while (wait(&s) != pid)
- continue;
- return;
- }
- clock = time((time_t *)0);
- localclock = localtime(&clock);
-
- if ((f_utmp = fopen(_PATH_UTMP, "r")) == NULL) {
- msg("Cannot open %s: %s\n", _PATH_UTMP, strerror(errno));
- return;
- }
-
- while (!feof(f_utmp)) {
- if (fread((char *) &utmp, sizeof (struct utmp), 1, f_utmp) != 1)
- break;
- if (utmp.ut_name[0] == 0)
- continue;
- for (np = gp->gr_mem; *np; np++) {
- if (strncmp(*np, utmp.ut_name, sizeof(utmp.ut_name)) != 0)
- continue;
- /*
- * Do not send messages to operators on dialups
- */
- if (strncmp(utmp.ut_line, DIALUP, strlen(DIALUP)) == 0)
- continue;
-#ifdef DEBUG
- msg("Message to %s at %s\n", *np, utmp.ut_line);
-#endif
- sendmes(utmp.ut_line, message);
- }
- }
- (void) fclose(f_utmp);
- Exit(0); /* the wait in this same routine will catch this */
- /* NOTREACHED */
-}
+ (void) fputs("\a\a\aMessage from the dump program to all operators\n\nDUMP: NEEDS ATTENTION: ", fp);
+ if (lastmsg[0])
+ (void) fputs(lastmsg, fp);
+ if (message[0])
+ (void) fputs(message, fp);
-static void
-sendmes(tty, message)
- char *tty, *message;
-{
- char t[MAXPATHLEN], buf[BUFSIZ];
- register char *cp;
- int lmsg = 1;
- FILE *f_tty;
-
- (void) strcpy(t, _PATH_DEV);
- (void) strncat(t, tty, sizeof t - strlen(_PATH_DEV) - 1);
-
- if ((f_tty = fopen(t, "w")) != NULL) {
- setbuf(f_tty, buf);
- (void) fprintf(f_tty,
- "\n\
-\a\a\aMessage from the dump program to all operators at %d:%02d ...\r\n\n\
-DUMP: NEEDS ATTENTION: ",
- localclock->tm_hour, localclock->tm_min);
- for (cp = lastmsg; ; cp++) {
- if (*cp == '\0') {
- if (lmsg) {
- cp = message;
- if (*cp == '\0')
- break;
- lmsg = 0;
- } else
- break;
- }
- if (*cp == '\n')
- (void) putc('\r', f_tty);
- (void) putc(*cp, f_tty);
- }
- (void) fclose(f_tty);
- }
+ (void) pclose(fp);
}
/*
- * print out an estimate of the amount of time left to do the dump
+ * Print out an estimate of the amount of time left to do the dump
*/
time_t tschedule = 0;
@@ -390,7 +295,7 @@
{
register struct fstab *new;
- new = (struct fstab *)malloc(sizeof (*fs));
+ new = (struct fstab *)malloc(sizeof(*fs));
if (new == NULL ||
(new->fs_file = strdup(fs->fs_file)) == NULL ||
(new->fs_type = strdup(fs->fs_type)) == NULL ||
@@ -425,7 +330,7 @@
strcmp(fs->fs_type, FSTAB_RQ))
continue;
fs = allocfsent(fs);
- if ((pf = (struct pfstab *)malloc(sizeof (*pf))) == NULL)
+ if ((pf = (struct pfstab *)malloc(sizeof(*pf))) == NULL)
quit("%s\n", strerror(errno));
pf->pf_fstab = fs;
SLIST_INSERT_HEAD(&table, pf, pf_list);
Index: dump/pathnames.h
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/dump/pathnames.h,v
retrieving revision 1.5
diff -u -r1.5 pathnames.h
--- dump/pathnames.h 1998/09/22 10:05:17 1.5
+++ dump/pathnames.h 2000/06/19 05:54:17
@@ -40,3 +40,4 @@
#define _PATH_DUMPDATES "/etc/dumpdates"
#define _PATH_LOCK "/tmp/dumplockXXXXXX"
#define _PATH_RMT "/etc/rmt" /* path on remote host */
+#define _PATH_WALL "/usr/bin/wall"
Index: restore/Makefile
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/Makefile,v
retrieving revision 1.13
diff -u -r1.13 Makefile
--- restore/Makefile 2000/02/24 21:01:54 1.13
+++ restore/Makefile 2000/06/19 06:11:37
@@ -4,11 +4,8 @@
PROG= restore
LINKS= ${BINDIR}/restore ${BINDIR}/rrestore
CFLAGS+=-DRRESTORE
-CFLAGS+=-I${.CURDIR}/../../libexec/rlogind
SRCS= main.c interactive.c restore.c dirs.c symtab.c tape.c utilities.c \
dumprmt.c
-BINGRP= tty
-BINMODE=2555
MAN8= restore.8
MLINKS+=restore.8 rrestore.8
.PATH: ${.CURDIR}/../dump
Index: restore/dirs.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/dirs.c,v
retrieving revision 1.16
diff -u -r1.16 dirs.c
--- restore/dirs.c 2000/10/10 01:49:47 1.16
+++ restore/dirs.c 2000/11/12 06:07:33
@@ -230,7 +230,7 @@
register struct direct *dp;
int namelen;
long bpt;
- char locname[MAXPATHLEN + 1];
+ char locname[MAXPATHLEN];
itp = inotablookup(ino);
if (itp == NULL) {
Index: restore/interactive.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/interactive.c,v
retrieving revision 1.9
diff -u -r1.9 interactive.c
--- restore/interactive.c 2000/12/12 12:04:01 1.9
+++ restore/interactive.c 2000/12/16 06:25:03
@@ -505,7 +505,7 @@
struct afile single;
RST_DIR *dirp;
int entries, len, namelen;
- char locname[MAXPATHLEN + 1];
+ char locname[MAXPATHLEN];
dp = pathsearch(name);
if (dp == NULL || (!dflag && TSTINO(dp->d_ino, dumpmap) == 0) ||
@@ -536,8 +536,8 @@
fprintf(stderr, "%s:\n", name);
entries = 0;
listp = list;
- (void) strncpy(locname, name, MAXPATHLEN);
- (void) strncat(locname, "/", MAXPATHLEN);
+ (void) strlcpy(locname, name, MAXPATHLEN);
+ (void) strlcat(locname, "/", MAXPATHLEN);
namelen = strlen(locname);
while ((dp = rst_readdir(dirp))) {
if (dp == NULL)
Index: restore/tape.c
===================================================================
RCS file: /home/imp/FreeBSD/CVS/src/sbin/restore/tape.c,v
retrieving revision 1.21
diff -u -r1.21 tape.c
--- restore/tape.c 2000/12/12 12:04:02 1.21
+++ restore/tape.c 2000/12/16 06:25:03
@@ -82,7 +82,7 @@
static int ofile;
static char *map;
-static char lnkbuf[MAXPATHLEN + 1];
+static char lnkbuf[MAXPATHLEN];
static int pathlen;
int oldinofmt; /* old inode format conversion required */
@@ -770,7 +770,7 @@
{
pathlen += size;
- if (pathlen > MAXPATHLEN) {
+ if (pathlen >= MAXPATHLEN) {
fprintf(stderr, "symbolic link name: %s->%s%s; too long %d\n",
curfile.name, lnkbuf, buf, pathlen);
done(1);
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102140714.f1E7ElW78463>