1 /* $NetBSD: rmjob.c,v 1.17 2001/06/25 11:04:52 mrg Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 #ifndef lint 38 #if 0 39 static char sccsid[] = "@(#)rmjob.c 8.2 (Berkeley) 4/28/95"; 40 #else 41 __RCSID("$NetBSD: rmjob.c,v 1.17 2001/06/25 11:04:52 mrg Exp $"); 42 #endif 43 #endif /* not lint */ 44 45 #include <sys/param.h> 46 47 #include <signal.h> 48 #include <errno.h> 49 #include <dirent.h> 50 #include <unistd.h> 51 #include <stdlib.h> 52 #include <stdio.h> 53 #include <string.h> 54 #include <ctype.h> 55 #include "lp.h" 56 #include "lp.local.h" 57 #include "pathnames.h" 58 59 /* 60 * rmjob - remove the specified jobs from the queue. 61 */ 62 63 /* 64 * Stuff for handling lprm specifications 65 */ 66 extern char *user[]; /* users to process */ 67 extern int users; /* # of users in user array */ 68 extern int requ[]; /* job number of spool entries */ 69 extern int requests; /* # of spool requests */ 70 extern char *person; /* name of person doing lprm */ 71 72 static char root[] = "root"; 73 static int all = 0; /* eliminate all files (root only) */ 74 static int cur_daemon; /* daemon's pid */ 75 static char current[40]; /* active control file name */ 76 77 extern uid_t uid, euid; /* real and effective user id's */ 78 79 static void do_unlink __P((char *)); 80 static void alarmer __P((int)); 81 82 void 83 rmjob() 84 { 85 int i, nitems; 86 int assasinated = 0; 87 struct dirent **files; 88 char *cp; 89 90 if ((i = cgetent(&bp, printcapdb, printer)) == -2) 91 fatal("can't open printer description file"); 92 else if (i == -1) 93 fatal("unknown printer"); 94 else if (i == -3) 95 fatal("potential reference loop detected in printcap file"); 96 if (cgetstr(bp, DEFLP, &LP) < 0) 97 LP = _PATH_DEFDEVLP; 98 if (cgetstr(bp, "rp", &RP) < 0) 99 RP = DEFLP; 100 if (cgetstr(bp, "sd", &SD) < 0) 101 SD = _PATH_DEFSPOOL; 102 if (cgetstr(bp,"lo", &LO) < 0) 103 LO = DEFLOCK; 104 cgetstr(bp, "rm", &RM); 105 if ((cp = checkremote()) != NULL) 106 printf("Warning: %s\n", cp); 107 108 /* 109 * If the format was `lprm -' and the user isn't the super-user, 110 * then fake things to look like he said `lprm user'. 111 */ 112 if (users < 0) { 113 if (getuid() == 0) 114 all = 1; /* all files in local queue */ 115 else { 116 user[0] = person; 117 users = 1; 118 } 119 } 120 if (!strcmp(person, "-all")) { 121 if (from == host) 122 fatal("The login name \"-all\" is reserved"); 123 all = 1; /* all those from 'from' */ 124 person = root; 125 } 126 127 seteuid(euid); 128 if (chdir(SD) < 0) 129 fatal("cannot chdir to spool directory"); 130 if ((nitems = scandir(".", &files, iscf, NULL)) < 0) 131 fatal("cannot access spool directory"); 132 seteuid(uid); 133 134 if (nitems) { 135 /* 136 * Check for an active printer daemon (in which case we 137 * kill it if it is reading our file) then remove stuff 138 * (after which we have to restart the daemon). 139 */ 140 if (lockchk(LO) && chk(current)) { 141 seteuid(euid); 142 assasinated = kill(cur_daemon, SIGINT) == 0; 143 seteuid(uid); 144 if (!assasinated) 145 fatal("cannot kill printer daemon"); 146 } 147 /* 148 * process the files 149 */ 150 for (i = 0; i < nitems; i++) 151 process(files[i]->d_name); 152 } 153 rmremote(); 154 /* 155 * Restart the printer daemon if it was killed 156 */ 157 if (assasinated && !startdaemon(printer)) 158 fatal("cannot restart printer daemon\n"); 159 exit(0); 160 } 161 162 /* 163 * Process a lock file: collect the pid of the active 164 * daemon and the file name of the active spool entry. 165 * Return boolean indicating existence of a lock file. 166 */ 167 int 168 lockchk(s) 169 char *s; 170 { 171 FILE *fp; 172 int i, n; 173 174 seteuid(euid); 175 if ((fp = fopen(s, "r")) == NULL) { 176 if (errno == EACCES) 177 fatal("can't access lock file"); 178 else 179 return(0); 180 } 181 seteuid(uid); 182 if (!getline(fp)) { 183 (void)fclose(fp); 184 return(0); /* no daemon present */ 185 } 186 cur_daemon = atoi(line); 187 if (kill(cur_daemon, 0) < 0 && errno != EPERM) { 188 (void)fclose(fp); 189 return(0); /* no daemon present */ 190 } 191 for (i = 1; (n = fread(current, sizeof(char), sizeof(current), fp)) <= 0; i++) { 192 if (i > 5) { 193 n = 1; 194 break; 195 } 196 sleep((size_t)i); 197 } 198 current[n-1] = '\0'; 199 (void)fclose(fp); 200 return(1); 201 } 202 203 /* 204 * Process a control file. 205 */ 206 void 207 process(file) 208 char *file; 209 { 210 FILE *cfp; 211 212 if (!chk(file)) 213 return; 214 seteuid(euid); 215 if ((cfp = fopen(file, "r")) == NULL) 216 fatal("cannot open %s", file); 217 seteuid(uid); 218 while (getline(cfp)) { 219 switch (line[0]) { 220 case 'U': /* unlink associated files */ 221 if (strchr(line+1, '/') || strncmp(line+1, "df", 2)) 222 break; 223 do_unlink(line+1); 224 } 225 } 226 (void)fclose(cfp); 227 do_unlink(file); 228 } 229 230 static void 231 do_unlink(file) 232 char *file; 233 { 234 int ret; 235 236 if (from != host) 237 printf("%s: ", host); 238 seteuid(euid); 239 ret = unlink(file); 240 seteuid(uid); 241 printf(ret ? "cannot dequeue %s\n" : "%s dequeued\n", file); 242 } 243 244 /* 245 * Do the dirty work in checking 246 */ 247 int 248 chk(file) 249 char *file; 250 { 251 int *r, n; 252 char **u, *cp; 253 FILE *cfp; 254 255 /* 256 * Check for valid cf file name (mostly checking current). 257 */ 258 if (strlen(file) < 7 || file[0] != 'c' || file[1] != 'f') 259 return(0); 260 261 if (all && (from == host || !strcmp(from, file+6))) 262 return(1); 263 264 /* 265 * get the owner's name from the control file. 266 */ 267 seteuid(euid); 268 if ((cfp = fopen(file, "r")) == NULL) 269 return(0); 270 seteuid(uid); 271 while (getline(cfp)) { 272 if (line[0] == 'P') 273 break; 274 } 275 (void)fclose(cfp); 276 if (line[0] != 'P') 277 return(0); 278 279 if (users == 0 && requests == 0) 280 return(!strcmp(file, current) && isowner(line+1, file)); 281 /* 282 * Check the request list 283 */ 284 for (n = 0, cp = file+3; isdigit(*cp); ) 285 n = n * 10 + (*cp++ - '0'); 286 for (r = requ; r < &requ[requests]; r++) 287 if (*r == n && isowner(line+1, file)) 288 return(1); 289 /* 290 * Check to see if it's in the user list 291 */ 292 for (u = user; u < &user[users]; u++) 293 if (!strcmp(*u, line+1) && isowner(line+1, file)) 294 return(1); 295 return(0); 296 } 297 298 /* 299 * If root is removing a file on the local machine, allow it. 300 * If root is removing a file from a remote machine, only allow 301 * files sent from the remote machine to be removed. 302 * Normal users can only remove the file from where it was sent. 303 */ 304 int 305 isowner(owner, file) 306 char *owner, *file; 307 { 308 if (!strcmp(person, root) && (from == host || !strcmp(from, file+6))) 309 return(1); 310 if (!strcmp(person, owner) && !strcmp(from, file+6)) 311 return(1); 312 if (from != host) 313 printf("%s: ", host); 314 printf("%s: Permission denied\n", file); 315 return(0); 316 } 317 318 /* 319 * Check to see if we are sending files to a remote machine. If we are, 320 * then try removing files on the remote machine. 321 */ 322 void 323 rmremote() 324 { 325 char *cp, *s; 326 int i, rem; 327 size_t len; 328 329 if (!remote) 330 return; /* not sending to a remote machine */ 331 332 /* 333 * Flush stdout so the user can see what has been deleted 334 * while we wait (possibly) for the connection. 335 */ 336 fflush(stdout); 337 338 /* \5 RP space all */ 339 len = 1 + strlen(RP) + 1 + strlen(all ? "-all" : person); 340 for (i = 0; i < users; i++) { 341 len += strlen(user[i]) + 1; 342 } 343 for (i = 0; i < requests; i++) { 344 len += snprintf(line, sizeof(line), " %d", requ[i]); 345 } 346 /* newline nul */ 347 len += 2; 348 if (len > sizeof(line)) 349 s = malloc(len); 350 else 351 s = line; 352 cp = s; 353 354 cp += snprintf(s, len, "\5%s %s", RP, all ? "-all" : person); 355 for (i = 0; i < users; i++) { 356 *cp++ = ' '; 357 strncpy(cp, user[i], len - (cp - s) - 2); 358 cp += strlen(cp); 359 } 360 for (i = 0; i < requests; i++) { 361 (void)snprintf(cp, len - (cp - s) - 1, " %d", requ[i]); 362 cp += strlen(cp); 363 } 364 cp[0] = '\n'; 365 cp[1] = '\0'; 366 367 rem = getport(RM, 0); 368 if (rem < 0) { 369 if (from != host) 370 printf("%s: ", host); 371 printf("connection to %s is down\n", RM); 372 } else { 373 struct sigaction osa, nsa; 374 375 if (write(rem, s, len) != len) 376 fatal("Lost connection"); 377 if (len > sizeof(line)) 378 (void)free(s); 379 nsa.sa_handler = alarmer; 380 sigemptyset(&nsa.sa_mask); 381 sigaddset(&nsa.sa_mask, SIGALRM); 382 nsa.sa_flags = 0; 383 (void)sigaction(SIGALRM, &nsa, &osa); 384 alarm(wait_time); 385 while ((i = read(rem, line, sizeof(line))) > 0) { 386 (void)fwrite(line, 1, (size_t)i, stdout); 387 alarm(wait_time); 388 } 389 alarm(0); 390 (void)sigaction(SIGALRM, &osa, NULL); 391 (void)close(rem); 392 } 393 } 394 395 static void 396 alarmer(s) 397 int s; 398 { 399 /* nothing */ 400 } 401 402 /* 403 * Return 1 if the filename begins with 'cf' 404 */ 405 int 406 iscf(d) 407 const struct dirent *d; 408 { 409 return(d->d_name[0] == 'c' && d->d_name[1] == 'f'); 410 } 411