For some reason, the old login class code didn't seem to be working here.

I suspect it was because the child exec code's parent was doing the initial lookups, then forking, then doing other things (possibly trashing the static data in the getpw*() buffer), then attempting to dereference *pwd and *lc. Also, no error checking appeared to be done - I've allowed it to fall back to the old "become user" code on critical failure rather than risk running a user's cron jobs as root.
1997-03-14 13:48:04 +00:00 · 1997-03-14 13:48:04 +00:00 · 8e1c208b61
commit 8e1c208b61
parent 4cbeeb4a53
1 changed files with 25 additions and 14 deletions
--- a/usr.sbin/cron/cron/do_command.c
+++ b/usr.sbin/cron/cron/do_command.c
@ -16,7 +16,7 @@
 */

 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id$";
+static char rcsid[] = "$Id: do_command.c,v 1.10 1997/02/22 16:04:43 peter Exp $";
 #endif


@ -81,8 +81,8 @@ child_process(e, u)
 	char		*usernm, *mailto;
 	int		children = 0;
 # if defined(LOGIN_CAP)
-	struct passwd	*pwd = getpwuid(e->uid);
-	login_cap_t	*lc = login_getclass(pwd);
+	struct passwd	*pwd;
+	login_cap_t	*lc;
 # endif

 	Debug(DPROC, ("[%d] child_process('%s')\n", getpid(), e->cmd))
@ -223,18 +223,29 @@ child_process(e, u)
 		/* Set user's entire context, but skip the environment
 		 * as cron provides a separate interface for this
 		 */
-		setusercontext(lc, pwd, e->uid, LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETENV));
-		login_close(lc);
-# else
-		/* set our directory, uid and gid.  Set gid first, since once
-		 * we set uid, we've lost root privledges.
-		 */
-		setgid(e->gid);
-# if defined(BSD)
-		initgroups(env_get("LOGNAME", e->envp), e->gid);
+		pwd = getpwuid(e->uid);
+		if (pwd)
+			lc = login_getclass(pwd);
+		else
+			lc = NULL;
+		if (lc && pwd) {
+			setusercontext(lc, pwd, e->uid,
+				LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETENV));
+			login_close(lc);
+		} else {
+			/* fall back to the old method */
 # endif
-		setlogin(usernm);
-		setuid(e->uid);		/* we aren't root after this... */
+			/* set our directory, uid and gid.  Set gid first,
+			 * since once we set uid, we've lost root privledges.
+			 */
+			setgid(e->gid);
+# if defined(BSD)
+			initgroups(env_get("LOGNAME", e->envp), e->gid);
+# endif
+			setlogin(usernm);
+			setuid(e->uid);		/* we aren't root after this..*/
+#if defined(LOGIN_CAP)
+		}
 #endif
 		chdir(env_get("HOME", e->envp));