Commit Graph

11 Commits

Author SHA1 Message Date
Enji Cooper
64a0982bee usr.sbin: normalize paths using SRCTOP-relative paths or :H when possible
This simplifies make logic/output

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-04 11:38:03 +00:00
Matteo Riondato
74c824b081 use WARNS?= instead of WARNS=
MFC after:	3 days
2008-11-18 00:59:26 +00:00
Matteo Riondato
66d48cdafe Make usr.sbin/cron/crontab and usr.sbin/cron/lib WARNS=3 clean
Tested with: make universe

MFC after:	3 days
2008-11-10 06:35:30 +00:00
Yaroslav Tykhiy
997c6eefd8 Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
Ruslan Ermilov
a35d88931c For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
Ruslan Ermilov
423e9124d9 Mark all internal libraries with INTERNALLIB. 2002-05-13 11:24:03 +00:00
David E. O'Brien
90e655ea4e Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
Andrey A. Chernov
0435c15004 Log run-time parsing errors now
Use getpwnam before getpwuid since two users with same uids can exists
(affects new login classes code only)

The same fixes as in inetd: by default run `system crontab things' with
daemon login class now, not restrict them to user class breaking
compatibility with old way (so-called nobody limits problem)

Implement user[:group][/login-class] syntax in system crontab
for more flexible control (the same as in inetd)
1997-11-02 17:22:20 +00:00
Paul Traina
72b4ef7179 NOSHARED takes a yes/YES no/NO value, not "true, false, hey mon!".
NOPIC is used to not generate a shared library, not NOSHARED.
Make NOSHARED advisory where appropriate.
Remove bogus NOSHARED (kbdio).
1997-06-29 06:03:42 +00:00
Jordan K. Hubbard
688b53ece4 Prevent installation.
Submitted by:	jkh
1994-08-28 13:05:23 +00:00
Jordan K. Hubbard
84f33dea62 Paul Vixie's cron, version 3.0. Munged into bmake format. If this goes
well, expect our two seperate directories for cron and crontab to go away
shortly.
Submitted by:	jkh
1994-08-27 13:43:04 +00:00