Commit Graph

161 Commits

Author SHA1 Message Date
Christian Brueffer
0d83258df3 List /var/cron/tabs in FILES and add descriptions for the other entries.
PR:		145912
Submitted by:	Julian H. Stacey <jhs@berklix.com>
Obtained from:	OpenBSD
MFC after:	1 week
2010-05-14 01:25:30 +00:00
Ed Schouten
71ccf09269 The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00
Attilio Rao
7a7043c787 Avoid sshd, cron, syslogd and inetd to be killed under high-pressure swap
environments.
Please note that this can't be done while such processes run in jails.

Note: in future it would be interesting to find a way to do that
selectively for any desired proccess (choosen by user himself), probabilly
via a ptrace interface or whatever.

Obtained from:	Sandvine Incorporated
Reviewed by:	emaste, arch@
Sponsored by:	Sandvine Incorporated
MFC:		1 month
2009-11-25 15:12:24 +00:00
Sergey Skvortsov
637fd955fe Fix typo.
Approved by:	ru
2008-12-01 17:39:34 +00:00
Matteo Riondato
c082b52c72 remove a pointless prototype and static-fy the corresponding function
MFC after:	3 days
2008-11-18 01:19:25 +00:00
Matteo Riondato
74c824b081 use WARNS?= instead of WARNS=
MFC after:	3 days
2008-11-18 00:59:26 +00:00
Matteo Riondato
90f43da7ad Be more precise and use sizeof(tn)
Pointed out by: glewis@

MFC after:	3 days
2008-11-18 00:39:50 +00:00
Matteo Riondato
d9e5bb5c20 Use WARNS?= instead of WARNS=
MFC after:	3 days
2008-11-18 00:12:15 +00:00
Matteo Riondato
66d48cdafe Make usr.sbin/cron/crontab and usr.sbin/cron/lib WARNS=3 clean
Tested with: make universe

MFC after:	3 days
2008-11-10 06:35:30 +00:00
Matteo Riondato
37f1755cab Revert to previous revision.
I should not commit anything at 3.50 AM.
In addition to danfe's comments, I got others.
I'll work on a better version of the patch.
2008-11-09 09:01:09 +00:00
Matteo Riondato
8037791bf7 Don't leave files in /var/cront/tabs when interrupted
PR:		17363
MFC after:	3 days
2008-11-09 07:34:11 +00:00
Matteo Riondato
2b9f079ca2 Be paranoid and use snprintf
PR:		bin/122137
Submitted by:	Steven Kreuzer <skreuzer@exit2shell.com>
MFC after:	3 days
2008-11-09 06:44:53 +00:00
Matteo Riondato
c11807aca2 Be paranoid and zero out passwd
PR:	122070
Submitted by:	Steven Kreuzer <skreuzer@exit2shell.com>
Reminded by:    gnn@
MFC after:	3 days
2008-11-06 04:53:02 +00:00
Dmitry Morozovsky
1168e5f13b Fix empty mailto (-m "") handling: somehow I missed all checks but the first,
hence output would be written to the wrong filehandle.

Submitted by:	reg
Approved by:	yar (implicit)
MFC after:	ASAP
Pointy hat to:	marck
2008-08-01 08:01:33 +00:00
Dmitry Morozovsky
b75634d238 Add -m option to cron(8), overriding default mail recipient for cron mails,
unless explicitly provided by MAILTO= line in crontab.  This feature can be
useful in massive hosting environment, where most users do not care about
autogenerated mails.

Setting recipient to null string disables default mails at all.

Approved by:	yar
MFC after:	4 weeks
2008-06-29 16:56:18 +00:00
Kevin Lo
784bddbc5b Cleanup of userland __P use 2007-11-07 10:53:41 +00:00
Ruslan Ermilov
0376869747 Fixed static linkage (build with -DNO_SHARED).
Approved by:	re (kensmith)
2007-10-01 18:17:24 +00:00
Yaroslav Tykhiy
997c6eefd8 Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
Will Andrews
2ba44ac557 Fix a bug where HOME was not allowed to be overridden by an user's crontab
as crontab(5) states it can be.  This is supported by all vixie-cron derived
implementations; not sure why FreeBSD was any different.

PR:		bin/106442
MFC after:	2 weeks
2007-03-08 07:00:42 +00:00
Brian Somers
cf2603700e Behave as documented when reading fields saying "X/Y" where X != *
rather than mis-parsing them as "X".

MFC after: 1 day
2006-09-26 18:06:09 +00:00
Ruslan Ermilov
405a44d326 Use a #define to refer to /etc/crontab. 2006-09-03 17:52:19 +00:00
Stefan Farfeleder
531c70a642 Don't use "implicit int". Move the opening { of the functions to the next
line while there.
2006-07-20 09:11:08 +00:00
Maxim Konovalov
708f27a157 o Finally learn how to spell "privileges".
English trainer:	ceri
2006-06-11 21:13:49 +00:00
Maxim Konovalov
b608e56d62 o Spell "privledges" correctly. Re-style comment. 2006-06-11 20:17:18 +00:00
Maxim Konovalov
bb0aa1a544 o Better be safe than sorry: check return code from setuid(2),
setgid(2), setlogin(2) and initgroups(3).  In theory they could
fail for root with some third party mac(4) policies.

Submitted by:	Kostik Belousov
MFC after:	1 month
2006-06-01 15:03:06 +00:00
Brooks Davis
9896de5a67 /etc/crontab is similar enough to parse as correct if you run
"crontab /etc/crontab", but not the same format due to the who field.
Add some limited anti-foot-shooting support and refuse to load
/etc/crontab as someone's crontab.  Users wishing shoot their foot in
this manner may copy /etc/crontab elsewhere. :)

MFC After:	1 week
2006-01-10 05:56:32 +00:00
Pawel Jakub Dawidek
8b28aef238 Pidfiles should be created with permission preventing users from opening
them for reading. When user can open file for reading, he can also
flock(2) it, which can lead to confusions.

Pointed out by:	green
2005-09-16 11:24:28 +00:00
Pawel Jakub Dawidek
78735592f5 Use pidfile(3) in cron(8).
Note, that when cron(8) cannot create pidfile, it'll exit. I didn't
changed this behaviour, but its better to ignore errors other than
EEXIST, so daemon can be started on systems where /var/ file system
doesn't support locking (like NFS without rpc.lockd(8)).
2005-08-24 17:51:36 +00:00
Christian Brueffer
48193882ad Mention the default value of PATH and that it may be overridden.
Submitted by:	Roman Divacky
MFC after:	3 days
2005-07-31 13:41:23 +00:00
Dag-Erling Smørgrav
ee66677a7a Remove kludges intended to support src trees with partial obj trees.
Discussed with:	ru
2005-06-10 06:12:53 +00:00
Xin LI
d159401da0 Fix parsing of '0' and non-alphanumerics in steps. Previously, an
entry having stepping value of zero can cause crontab to hang there,
and if the main crontab is being changed in this way, then cron(8)
will keep spining.

Obtained from:	OpenBSD [src/usr.sbin/cron/entry.c,v 1.17]
PR:		68683 (my own, but forgot to commit it...)
MFC After:	1 week
2005-02-14 14:09:21 +00:00
Ruslan Ermilov
36a142c455 Expand contractions. 2005-02-13 23:45:54 +00:00
Ruslan Ermilov
0227791b40 Expand *n't contractions. 2005-02-13 22:25:33 +00:00
Stefan Farfeleder
93931378d9 Properly initialise the variable `deny'. 2005-02-09 13:02:43 +00:00
Ruslan Ermilov
59a3c79da6 Sort sections. 2005-01-18 20:02:45 +00:00
Ruslan Ermilov
dee651eb15 Introduce the PRECIOUSPROG knob in bsd.prog.mk, similar
to PRECIOUSLIB from bsd.lib.mk.  The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.

Reviewed by:	oliver
2004-11-03 18:01:21 +00:00
Ruslan Ermilov
a35d88931c For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
Diomidis Spinellis
0cd2e3abe5 Ensure that edits that do not span a clock tick are not lost.
PR:	bin/22612
MT5:	4 weeks
MT4:	2 weeks
2004-09-14 19:01:19 +00:00
Diomidis Spinellis
9a2ef7d172 Refactoring: move two similar code blocks into a seprate function. 2004-09-13 21:04:30 +00:00
Diomidis Spinellis
08e019a888 Fix for the following behavior:
$ crontab -e
[Add an entry with an error in the crontab file.]
crontab: errors in crontab file, can't install
Do you want to retry the same edit? yes
[Exit the editor without any changes.]
crontab: no changes made to crontab
[Entry is lost.]

Now crontab will loop until the error is fixed, or the
user answers no.
2004-09-13 18:39:04 +00:00
Ruslan Ermilov
07bfccd71e Mechanically kill hard sentence breaks. 2004-07-02 23:13:00 +00:00
Ruslan Ermilov
31a06a8e6c Trim whitespace at EOL. 2004-06-04 19:24:21 +00:00
Ruslan Ermilov
b18b186e57 Markup nits. 2004-06-04 19:23:12 +00:00
Yaroslav Tykhiy
f5896baf9c Add two new options to cron(8), -J and -j. They allow to specify
the maximum amount of time jitter for root and other users, respectively.
Before starting a job, cron(8) will sleep a random number of seconds,
from 0 to the amount specified.  This can help to smooth down load spikes
when a lot of jobs are to start at the beginning of a particular minute
(e.g., the first minute of an hour.)

PR:		bin/66474
Submitted by:	Dmitry Morozovsky <marck <@> rinet.ru>
2004-05-16 19:29:33 +00:00
Tom Rhodes
aaa66740bf Eliminate hard sentence breaks.
General markup fixes (use the .Dq macro).
2004-03-04 19:12:27 +00:00
Tom Rhodes
8030199c71 Discuss the 'MAILTO' option.
PR:		58783
Submitted by:	Marc Silver <marcs@draenor.org>
2004-01-12 20:20:29 +00:00
Hartmut Brandt
b9ff618c3a Mention the fact that our crontab is not fully POSIX.2 conform, because
it doesn't allow the dangerous variant of calling it without any
argument.
2003-10-24 13:02:39 +00:00
Mike Silbersack
9be756b54b Fix a coredump that would occur when fdopen was unable to
return a valid fd.

PR:		49096
Submitted by:	demon
MFC after:	3 days
2003-06-19 20:04:51 +00:00
Thomas Quinot
6ced08bfa6 Allow inner whitespace in the right-hand side of an environment variable
assignment even if it is not quoted (as advertised by the man page).
This fixes a regression wrt RELENG_4 introduced in rev. 1.11.

Problem noted and patch tested by:	CHOI Junho <cjh@kr.FreeBSD.org>
Reviewed by:		roberto
2003-02-10 11:20:58 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00