1 /* $NetBSD: rmjob.c,v 1.18 2002/07/14 15:27:58 wiz Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 #ifndef lint 38 #if 0 39 static char sccsid[] = "@(#)rmjob.c 8.2 (Berkeley) 4/28/95"; 40 #else 41 __RCSID("$NetBSD: rmjob.c,v 1.18 2002/07/14 15:27:58 wiz Exp $"); 42 #endif 43 #endif /* not lint */ 44 45 #include <sys/param.h> 46 47 #include <signal.h> 48 #include <errno.h> 49 #include <dirent.h> 50 #include <unistd.h> 51 #include <stdlib.h> 52 #include <stdio.h> 53 #include <string.h> 54 #include <ctype.h> 55 #include "lp.h" 56 #include "lp.local.h" 57 #include "pathnames.h" 58 59 /* 60 * rmjob - remove the specified jobs from the queue. 61 */ 62 63 /* 64 * Stuff for handling lprm specifications 65 */ 66 extern char *user[]; /* users to process */ 67 extern int users; /* # of users in user array */ 68 extern int requ[]; /* job number of spool entries */ 69 extern int requests; /* # of spool requests */ 70 extern char *person; /* name of person doing lprm */ 71 72 static char root[] = "root"; 73 static int all = 0; /* eliminate all files (root only) */ 74 static int cur_daemon; /* daemon's pid */ 75 static char current[40]; /* active control file name */ 76 77 extern uid_t uid, euid; /* real and effective user id's */ 78 79 static void do_unlink(char *); 80 static void alarmer(int); 81 82 void 83 rmjob(void) 84 { 85 int i, nitems; 86 int assasinated = 0; 87 struct dirent **files; 88 char *cp; 89 90 if ((i = cgetent(&bp, printcapdb, printer)) == -2) 91 fatal("can't open printer description file"); 92 else if (i == -1) 93 fatal("unknown printer"); 94 else if (i == -3) 95 fatal("potential reference loop detected in printcap file"); 96 if (cgetstr(bp, DEFLP, &LP) < 0) 97 LP = _PATH_DEFDEVLP; 98 if (cgetstr(bp, "rp", &RP) < 0) 99 RP = DEFLP; 100 if (cgetstr(bp, "sd", &SD) < 0) 101 SD = _PATH_DEFSPOOL; 102 if (cgetstr(bp,"lo", &LO) < 0) 103 LO = DEFLOCK; 104 cgetstr(bp, "rm", &RM); 105 if ((cp = checkremote()) != NULL) 106 printf("Warning: %s\n", cp); 107 108 /* 109 * If the format was `lprm -' and the user isn't the super-user, 110 * then fake things to look like he said `lprm user'. 111 */ 112 if (users < 0) { 113 if (getuid() == 0) 114 all = 1; /* all files in local queue */ 115 else { 116 user[0] = person; 117 users = 1; 118 } 119 } 120 if (!strcmp(person, "-all")) { 121 if (from == host) 122 fatal("The login name \"-all\" is reserved"); 123 all = 1; /* all those from 'from' */ 124 person = root; 125 } 126 127 seteuid(euid); 128 if (chdir(SD) < 0) 129 fatal("cannot chdir to spool directory"); 130 if ((nitems = scandir(".", &files, iscf, NULL)) < 0) 131 fatal("cannot access spool directory"); 132 seteuid(uid); 133 134 if (nitems) { 135 /* 136 * Check for an active printer daemon (in which case we 137 * kill it if it is reading our file) then remove stuff 138 * (after which we have to restart the daemon). 139 */ 140 if (lockchk(LO) && chk(current)) { 141 seteuid(euid); 142 assasinated = kill(cur_daemon, SIGINT) == 0; 143 seteuid(uid); 144 if (!assasinated) 145 fatal("cannot kill printer daemon"); 146 } 147 /* 148 * process the files 149 */ 150 for (i = 0; i < nitems; i++) 151 process(files[i]->d_name); 152 } 153 rmremote(); 154 /* 155 * Restart the printer daemon if it was killed 156 */ 157 if (assasinated && !startdaemon(printer)) 158 fatal("cannot restart printer daemon\n"); 159 exit(0); 160 } 161 162 /* 163 * Process a lock file: collect the pid of the active 164 * daemon and the file name of the active spool entry. 165 * Return boolean indicating existence of a lock file. 166 */ 167 int 168 lockchk(char *s) 169 { 170 FILE *fp; 171 int i, n; 172 173 seteuid(euid); 174 if ((fp = fopen(s, "r")) == NULL) { 175 if (errno == EACCES) 176 fatal("can't access lock file"); 177 else 178 return(0); 179 } 180 seteuid(uid); 181 if (!getline(fp)) { 182 (void)fclose(fp); 183 return(0); /* no daemon present */ 184 } 185 cur_daemon = atoi(line); 186 if (kill(cur_daemon, 0) < 0 && errno != EPERM) { 187 (void)fclose(fp); 188 return(0); /* no daemon present */ 189 } 190 for (i = 1; (n = fread(current, sizeof(char), sizeof(current), fp)) <= 0; i++) { 191 if (i > 5) { 192 n = 1; 193 break; 194 } 195 sleep((size_t)i); 196 } 197 current[n-1] = '\0'; 198 (void)fclose(fp); 199 return(1); 200 } 201 202 /* 203 * Process a control file. 204 */ 205 void 206 process(char *file) 207 { 208 FILE *cfp; 209 210 if (!chk(file)) 211 return; 212 seteuid(euid); 213 if ((cfp = fopen(file, "r")) == NULL) 214 fatal("cannot open %s", file); 215 seteuid(uid); 216 while (getline(cfp)) { 217 switch (line[0]) { 218 case 'U': /* unlink associated files */ 219 if (strchr(line+1, '/') || strncmp(line+1, "df", 2)) 220 break; 221 do_unlink(line+1); 222 } 223 } 224 (void)fclose(cfp); 225 do_unlink(file); 226 } 227 228 static void 229 do_unlink(char *file) 230 { 231 int ret; 232 233 if (from != host) 234 printf("%s: ", host); 235 seteuid(euid); 236 ret = unlink(file); 237 seteuid(uid); 238 printf(ret ? "cannot dequeue %s\n" : "%s dequeued\n", file); 239 } 240 241 /* 242 * Do the dirty work in checking 243 */ 244 int 245 chk(char *file) 246 { 247 int *r, n; 248 char **u, *cp; 249 FILE *cfp; 250 251 /* 252 * Check for valid cf file name (mostly checking current). 253 */ 254 if (strlen(file) < 7 || file[0] != 'c' || file[1] != 'f') 255 return(0); 256 257 if (all && (from == host || !strcmp(from, file+6))) 258 return(1); 259 260 /* 261 * get the owner's name from the control file. 262 */ 263 seteuid(euid); 264 if ((cfp = fopen(file, "r")) == NULL) 265 return(0); 266 seteuid(uid); 267 while (getline(cfp)) { 268 if (line[0] == 'P') 269 break; 270 } 271 (void)fclose(cfp); 272 if (line[0] != 'P') 273 return(0); 274 275 if (users == 0 && requests == 0) 276 return(!strcmp(file, current) && isowner(line+1, file)); 277 /* 278 * Check the request list 279 */ 280 for (n = 0, cp = file+3; isdigit(*cp); ) 281 n = n * 10 + (*cp++ - '0'); 282 for (r = requ; r < &requ[requests]; r++) 283 if (*r == n && isowner(line+1, file)) 284 return(1); 285 /* 286 * Check to see if it's in the user list 287 */ 288 for (u = user; u < &user[users]; u++) 289 if (!strcmp(*u, line+1) && isowner(line+1, file)) 290 return(1); 291 return(0); 292 } 293 294 /* 295 * If root is removing a file on the local machine, allow it. 296 * If root is removing a file from a remote machine, only allow 297 * files sent from the remote machine to be removed. 298 * Normal users can only remove the file from where it was sent. 299 */ 300 int 301 isowner(char *owner, char *file) 302 { 303 if (!strcmp(person, root) && (from == host || !strcmp(from, file+6))) 304 return(1); 305 if (!strcmp(person, owner) && !strcmp(from, file+6)) 306 return(1); 307 if (from != host) 308 printf("%s: ", host); 309 printf("%s: Permission denied\n", file); 310 return(0); 311 } 312 313 /* 314 * Check to see if we are sending files to a remote machine. If we are, 315 * then try removing files on the remote machine. 316 */ 317 void 318 rmremote(void) 319 { 320 char *cp, *s; 321 int i, rem; 322 size_t len; 323 324 if (!remote) 325 return; /* not sending to a remote machine */ 326 327 /* 328 * Flush stdout so the user can see what has been deleted 329 * while we wait (possibly) for the connection. 330 */ 331 fflush(stdout); 332 333 /* \5 RP space all */ 334 len = 1 + strlen(RP) + 1 + strlen(all ? "-all" : person); 335 for (i = 0; i < users; i++) { 336 len += strlen(user[i]) + 1; 337 } 338 for (i = 0; i < requests; i++) { 339 len += snprintf(line, sizeof(line), " %d", requ[i]); 340 } 341 /* newline nul */ 342 len += 2; 343 if (len > sizeof(line)) 344 s = malloc(len); 345 else 346 s = line; 347 cp = s; 348 349 cp += snprintf(s, len, "\5%s %s", RP, all ? "-all" : person); 350 for (i = 0; i < users; i++) { 351 *cp++ = ' '; 352 strncpy(cp, user[i], len - (cp - s) - 2); 353 cp += strlen(cp); 354 } 355 for (i = 0; i < requests; i++) { 356 (void)snprintf(cp, len - (cp - s) - 1, " %d", requ[i]); 357 cp += strlen(cp); 358 } 359 cp[0] = '\n'; 360 cp[1] = '\0'; 361 362 rem = getport(RM, 0); 363 if (rem < 0) { 364 if (from != host) 365 printf("%s: ", host); 366 printf("connection to %s is down\n", RM); 367 } else { 368 struct sigaction osa, nsa; 369 370 if (write(rem, s, len) != len) 371 fatal("Lost connection"); 372 if (len > sizeof(line)) 373 (void)free(s); 374 nsa.sa_handler = alarmer; 375 sigemptyset(&nsa.sa_mask); 376 sigaddset(&nsa.sa_mask, SIGALRM); 377 nsa.sa_flags = 0; 378 (void)sigaction(SIGALRM, &nsa, &osa); 379 alarm(wait_time); 380 while ((i = read(rem, line, sizeof(line))) > 0) { 381 (void)fwrite(line, 1, (size_t)i, stdout); 382 alarm(wait_time); 383 } 384 alarm(0); 385 (void)sigaction(SIGALRM, &osa, NULL); 386 (void)close(rem); 387 } 388 } 389 390 static void 391 alarmer(int s) 392 { 393 /* nothing */ 394 } 395 396 /* 397 * Return 1 if the filename begins with 'cf' 398 */ 399 int 400 iscf(const struct dirent *d) 401 { 402 return(d->d_name[0] == 'c' && d->d_name[1] == 'f'); 403 } 404