xref: /netbsd/usr.sbin/lpr/common_source/rmjob.c (revision bf9ec67e) 
1 /*	$NetBSD: rmjob.c,v 1.17 2001/06/25 11:04:52 mrg Exp $	*/
2 
3 /*
4  * Copyright (c) 1983, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. All advertising materials mentioning features or use of this software
16  *    must display the following acknowledgement:
17  *	This product includes software developed by the University of
18  *	California, Berkeley and its contributors.
19  * 4. Neither the name of the University nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include <sys/cdefs.h>
37 #ifndef lint
38 #if 0
39 static char sccsid[] = "@(#)rmjob.c	8.2 (Berkeley) 4/28/95";
40 #else
41 __RCSID("$NetBSD: rmjob.c,v 1.17 2001/06/25 11:04:52 mrg Exp $");
42 #endif
43 #endif /* not lint */
44 
45 #include <sys/param.h>
46 
47 #include <signal.h>
48 #include <errno.h>
49 #include <dirent.h>
50 #include <unistd.h>
51 #include <stdlib.h>
52 #include <stdio.h>
53 #include <string.h>
54 #include <ctype.h>
55 #include "lp.h"
56 #include "lp.local.h"
57 #include "pathnames.h"
58 
59 /*
60  * rmjob - remove the specified jobs from the queue.
61  */
62 
63 /*
64  * Stuff for handling lprm specifications
65  */
66 extern char	*user[];		/* users to process */
67 extern int	users;			/* # of users in user array */
68 extern int	requ[];			/* job number of spool entries */
69 extern int	requests;		/* # of spool requests */
70 extern char	*person;		/* name of person doing lprm */
71 
72 static char	root[] = "root";
73 static int	all = 0;		/* eliminate all files (root only) */
74 static int	cur_daemon;		/* daemon's pid */
75 static char	current[40];		/* active control file name */
76 
77 extern uid_t	uid, euid;		/* real and effective user id's */
78 
79 static	void	do_unlink __P((char *));
80 static	void	alarmer __P((int));
81 
82 void
83 rmjob()
84 {
85 	int i, nitems;
86 	int assasinated = 0;
87 	struct dirent **files;
88 	char *cp;
89 
90 	if ((i = cgetent(&bp, printcapdb, printer)) == -2)
91 		fatal("can't open printer description file");
92 	else if (i == -1)
93 		fatal("unknown printer");
94 	else if (i == -3)
95 		fatal("potential reference loop detected in printcap file");
96 	if (cgetstr(bp, DEFLP, &LP) < 0)
97 		LP = _PATH_DEFDEVLP;
98 	if (cgetstr(bp, "rp", &RP) < 0)
99 		RP = DEFLP;
100 	if (cgetstr(bp, "sd", &SD) < 0)
101 		SD = _PATH_DEFSPOOL;
102 	if (cgetstr(bp,"lo", &LO) < 0)
103 		LO = DEFLOCK;
104 	cgetstr(bp, "rm", &RM);
105 	if ((cp = checkremote()) != NULL)
106 		printf("Warning: %s\n", cp);
107 
108 	/*
109 	 * If the format was `lprm -' and the user isn't the super-user,
110 	 *  then fake things to look like he said `lprm user'.
111 	 */
112 	if (users < 0) {
113 		if (getuid() == 0)
114 			all = 1;	/* all files in local queue */
115 		else {
116 			user[0] = person;
117 			users = 1;
118 		}
119 	}
120 	if (!strcmp(person, "-all")) {
121 		if (from == host)
122 			fatal("The login name \"-all\" is reserved");
123 		all = 1;	/* all those from 'from' */
124 		person = root;
125 	}
126 
127 	seteuid(euid);
128 	if (chdir(SD) < 0)
129 		fatal("cannot chdir to spool directory");
130 	if ((nitems = scandir(".", &files, iscf, NULL)) < 0)
131 		fatal("cannot access spool directory");
132 	seteuid(uid);
133 
134 	if (nitems) {
135 		/*
136 		 * Check for an active printer daemon (in which case we
137 		 *  kill it if it is reading our file) then remove stuff
138 		 *  (after which we have to restart the daemon).
139 		 */
140 		if (lockchk(LO) && chk(current)) {
141 			seteuid(euid);
142 			assasinated = kill(cur_daemon, SIGINT) == 0;
143 			seteuid(uid);
144 			if (!assasinated)
145 				fatal("cannot kill printer daemon");
146 		}
147 		/*
148 		 * process the files
149 		 */
150 		for (i = 0; i < nitems; i++)
151 			process(files[i]->d_name);
152 	}
153 	rmremote();
154 	/*
155 	 * Restart the printer daemon if it was killed
156 	 */
157 	if (assasinated && !startdaemon(printer))
158 		fatal("cannot restart printer daemon\n");
159 	exit(0);
160 }
161 
162 /*
163  * Process a lock file: collect the pid of the active
164  *  daemon and the file name of the active spool entry.
165  * Return boolean indicating existence of a lock file.
166  */
167 int
168 lockchk(s)
169 	char *s;
170 {
171 	FILE *fp;
172 	int i, n;
173 
174 	seteuid(euid);
175 	if ((fp = fopen(s, "r")) == NULL) {
176 		if (errno == EACCES)
177 			fatal("can't access lock file");
178 		else
179 			return(0);
180 	}
181 	seteuid(uid);
182 	if (!getline(fp)) {
183 		(void)fclose(fp);
184 		return(0);		/* no daemon present */
185 	}
186 	cur_daemon = atoi(line);
187 	if (kill(cur_daemon, 0) < 0 && errno != EPERM) {
188 		(void)fclose(fp);
189 		return(0);		/* no daemon present */
190 	}
191 	for (i = 1; (n = fread(current, sizeof(char), sizeof(current), fp)) <= 0; i++) {
192 		if (i > 5) {
193 			n = 1;
194 			break;
195 		}
196 		sleep((size_t)i);
197 	}
198 	current[n-1] = '\0';
199 	(void)fclose(fp);
200 	return(1);
201 }
202 
203 /*
204  * Process a control file.
205  */
206 void
207 process(file)
208 	char *file;
209 {
210 	FILE *cfp;
211 
212 	if (!chk(file))
213 		return;
214 	seteuid(euid);
215 	if ((cfp = fopen(file, "r")) == NULL)
216 		fatal("cannot open %s", file);
217 	seteuid(uid);
218 	while (getline(cfp)) {
219 		switch (line[0]) {
220 		case 'U':  /* unlink associated files */
221 			if (strchr(line+1, '/') || strncmp(line+1, "df", 2))
222 				break;
223 			do_unlink(line+1);
224 		}
225 	}
226 	(void)fclose(cfp);
227 	do_unlink(file);
228 }
229 
230 static void
231 do_unlink(file)
232 	char *file;
233 {
234 	int	ret;
235 
236 	if (from != host)
237 		printf("%s: ", host);
238 	seteuid(euid);
239 	ret = unlink(file);
240 	seteuid(uid);
241 	printf(ret ? "cannot dequeue %s\n" : "%s dequeued\n", file);
242 }
243 
244 /*
245  * Do the dirty work in checking
246  */
247 int
248 chk(file)
249 	char *file;
250 {
251 	int *r, n;
252 	char **u, *cp;
253 	FILE *cfp;
254 
255 	/*
256 	 * Check for valid cf file name (mostly checking current).
257 	 */
258 	if (strlen(file) < 7 || file[0] != 'c' || file[1] != 'f')
259 		return(0);
260 
261 	if (all && (from == host || !strcmp(from, file+6)))
262 		return(1);
263 
264 	/*
265 	 * get the owner's name from the control file.
266 	 */
267 	seteuid(euid);
268 	if ((cfp = fopen(file, "r")) == NULL)
269 		return(0);
270 	seteuid(uid);
271 	while (getline(cfp)) {
272 		if (line[0] == 'P')
273 			break;
274 	}
275 	(void)fclose(cfp);
276 	if (line[0] != 'P')
277 		return(0);
278 
279 	if (users == 0 && requests == 0)
280 		return(!strcmp(file, current) && isowner(line+1, file));
281 	/*
282 	 * Check the request list
283 	 */
284 	for (n = 0, cp = file+3; isdigit(*cp); )
285 		n = n * 10 + (*cp++ - '0');
286 	for (r = requ; r < &requ[requests]; r++)
287 		if (*r == n && isowner(line+1, file))
288 			return(1);
289 	/*
290 	 * Check to see if it's in the user list
291 	 */
292 	for (u = user; u < &user[users]; u++)
293 		if (!strcmp(*u, line+1) && isowner(line+1, file))
294 			return(1);
295 	return(0);
296 }
297 
298 /*
299  * If root is removing a file on the local machine, allow it.
300  * If root is removing a file from a remote machine, only allow
301  * files sent from the remote machine to be removed.
302  * Normal users can only remove the file from where it was sent.
303  */
304 int
305 isowner(owner, file)
306 	char *owner, *file;
307 {
308 	if (!strcmp(person, root) && (from == host || !strcmp(from, file+6)))
309 		return(1);
310 	if (!strcmp(person, owner) && !strcmp(from, file+6))
311 		return(1);
312 	if (from != host)
313 		printf("%s: ", host);
314 	printf("%s: Permission denied\n", file);
315 	return(0);
316 }
317 
318 /*
319  * Check to see if we are sending files to a remote machine. If we are,
320  * then try removing files on the remote machine.
321  */
322 void
323 rmremote()
324 {
325 	char *cp, *s;
326 	int i, rem;
327 	size_t len;
328 
329 	if (!remote)
330 		return;	/* not sending to a remote machine */
331 
332 	/*
333 	 * Flush stdout so the user can see what has been deleted
334 	 * while we wait (possibly) for the connection.
335 	 */
336 	fflush(stdout);
337 
338 	/* \5 RP space all */
339 	len = 1 + strlen(RP) + 1 + strlen(all ? "-all" : person);
340 	for (i = 0; i < users; i++) {
341 		len += strlen(user[i]) + 1;
342 	}
343 	for (i = 0; i < requests; i++) {
344 		len += snprintf(line, sizeof(line), " %d", requ[i]);
345 	}
346 	/* newline nul */
347 	len += 2;
348 	if (len > sizeof(line))
349 		s = malloc(len);
350 	else
351 		s = line;
352 	cp = s;
353 
354 	cp += snprintf(s, len, "\5%s %s", RP, all ? "-all" : person);
355 	for (i = 0; i < users; i++) {
356 		*cp++ = ' ';
357 		strncpy(cp, user[i], len - (cp - s) - 2);
358 		cp += strlen(cp);
359 	}
360 	for (i = 0; i < requests; i++) {
361 		(void)snprintf(cp, len - (cp - s) - 1, " %d", requ[i]);
362 		cp += strlen(cp);
363 	}
364 	cp[0] = '\n';
365 	cp[1] = '\0';
366 
367 	rem = getport(RM, 0);
368 	if (rem < 0) {
369 		if (from != host)
370 			printf("%s: ", host);
371 		printf("connection to %s is down\n", RM);
372 	} else {
373 		struct sigaction osa, nsa;
374 
375 		if (write(rem, s, len) != len)
376 			fatal("Lost connection");
377 		if (len > sizeof(line))
378 			(void)free(s);
379 		nsa.sa_handler = alarmer;
380 		sigemptyset(&nsa.sa_mask);
381 		sigaddset(&nsa.sa_mask, SIGALRM);
382 		nsa.sa_flags = 0;
383 		(void)sigaction(SIGALRM, &nsa, &osa);
384 		alarm(wait_time);
385 		while ((i = read(rem, line, sizeof(line))) > 0) {
386 			(void)fwrite(line, 1, (size_t)i, stdout);
387 			alarm(wait_time);
388 		}
389 		alarm(0);
390 		(void)sigaction(SIGALRM, &osa, NULL);
391 		(void)close(rem);
392 	}
393 }
394 
395 static void
396 alarmer(s)
397 	int s;
398 {
399 	/* nothing */
400 }
401 
402 /*
403  * Return 1 if the filename begins with 'cf'
404  */
405 int
406 iscf(d)
407 	const struct dirent *d;
408 {
409 	return(d->d_name[0] == 'c' && d->d_name[1] == 'f');
410 }
411