xref: /netbsd/usr.sbin/lpr/common_source/rmjob.c (revision c4a72b64) 
1 /*	$NetBSD: rmjob.c,v 1.18 2002/07/14 15:27:58 wiz Exp $	*/
2 
3 /*
4  * Copyright (c) 1983, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. All advertising materials mentioning features or use of this software
16  *    must display the following acknowledgement:
17  *	This product includes software developed by the University of
18  *	California, Berkeley and its contributors.
19  * 4. Neither the name of the University nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include <sys/cdefs.h>
37 #ifndef lint
38 #if 0
39 static char sccsid[] = "@(#)rmjob.c	8.2 (Berkeley) 4/28/95";
40 #else
41 __RCSID("$NetBSD: rmjob.c,v 1.18 2002/07/14 15:27:58 wiz Exp $");
42 #endif
43 #endif /* not lint */
44 
45 #include <sys/param.h>
46 
47 #include <signal.h>
48 #include <errno.h>
49 #include <dirent.h>
50 #include <unistd.h>
51 #include <stdlib.h>
52 #include <stdio.h>
53 #include <string.h>
54 #include <ctype.h>
55 #include "lp.h"
56 #include "lp.local.h"
57 #include "pathnames.h"
58 
59 /*
60  * rmjob - remove the specified jobs from the queue.
61  */
62 
63 /*
64  * Stuff for handling lprm specifications
65  */
66 extern char	*user[];		/* users to process */
67 extern int	users;			/* # of users in user array */
68 extern int	requ[];			/* job number of spool entries */
69 extern int	requests;		/* # of spool requests */
70 extern char	*person;		/* name of person doing lprm */
71 
72 static char	root[] = "root";
73 static int	all = 0;		/* eliminate all files (root only) */
74 static int	cur_daemon;		/* daemon's pid */
75 static char	current[40];		/* active control file name */
76 
77 extern uid_t	uid, euid;		/* real and effective user id's */
78 
79 static	void	do_unlink(char *);
80 static	void	alarmer(int);
81 
82 void
83 rmjob(void)
84 {
85 	int i, nitems;
86 	int assasinated = 0;
87 	struct dirent **files;
88 	char *cp;
89 
90 	if ((i = cgetent(&bp, printcapdb, printer)) == -2)
91 		fatal("can't open printer description file");
92 	else if (i == -1)
93 		fatal("unknown printer");
94 	else if (i == -3)
95 		fatal("potential reference loop detected in printcap file");
96 	if (cgetstr(bp, DEFLP, &LP) < 0)
97 		LP = _PATH_DEFDEVLP;
98 	if (cgetstr(bp, "rp", &RP) < 0)
99 		RP = DEFLP;
100 	if (cgetstr(bp, "sd", &SD) < 0)
101 		SD = _PATH_DEFSPOOL;
102 	if (cgetstr(bp,"lo", &LO) < 0)
103 		LO = DEFLOCK;
104 	cgetstr(bp, "rm", &RM);
105 	if ((cp = checkremote()) != NULL)
106 		printf("Warning: %s\n", cp);
107 
108 	/*
109 	 * If the format was `lprm -' and the user isn't the super-user,
110 	 *  then fake things to look like he said `lprm user'.
111 	 */
112 	if (users < 0) {
113 		if (getuid() == 0)
114 			all = 1;	/* all files in local queue */
115 		else {
116 			user[0] = person;
117 			users = 1;
118 		}
119 	}
120 	if (!strcmp(person, "-all")) {
121 		if (from == host)
122 			fatal("The login name \"-all\" is reserved");
123 		all = 1;	/* all those from 'from' */
124 		person = root;
125 	}
126 
127 	seteuid(euid);
128 	if (chdir(SD) < 0)
129 		fatal("cannot chdir to spool directory");
130 	if ((nitems = scandir(".", &files, iscf, NULL)) < 0)
131 		fatal("cannot access spool directory");
132 	seteuid(uid);
133 
134 	if (nitems) {
135 		/*
136 		 * Check for an active printer daemon (in which case we
137 		 *  kill it if it is reading our file) then remove stuff
138 		 *  (after which we have to restart the daemon).
139 		 */
140 		if (lockchk(LO) && chk(current)) {
141 			seteuid(euid);
142 			assasinated = kill(cur_daemon, SIGINT) == 0;
143 			seteuid(uid);
144 			if (!assasinated)
145 				fatal("cannot kill printer daemon");
146 		}
147 		/*
148 		 * process the files
149 		 */
150 		for (i = 0; i < nitems; i++)
151 			process(files[i]->d_name);
152 	}
153 	rmremote();
154 	/*
155 	 * Restart the printer daemon if it was killed
156 	 */
157 	if (assasinated && !startdaemon(printer))
158 		fatal("cannot restart printer daemon\n");
159 	exit(0);
160 }
161 
162 /*
163  * Process a lock file: collect the pid of the active
164  *  daemon and the file name of the active spool entry.
165  * Return boolean indicating existence of a lock file.
166  */
167 int
168 lockchk(char *s)
169 {
170 	FILE *fp;
171 	int i, n;
172 
173 	seteuid(euid);
174 	if ((fp = fopen(s, "r")) == NULL) {
175 		if (errno == EACCES)
176 			fatal("can't access lock file");
177 		else
178 			return(0);
179 	}
180 	seteuid(uid);
181 	if (!getline(fp)) {
182 		(void)fclose(fp);
183 		return(0);		/* no daemon present */
184 	}
185 	cur_daemon = atoi(line);
186 	if (kill(cur_daemon, 0) < 0 && errno != EPERM) {
187 		(void)fclose(fp);
188 		return(0);		/* no daemon present */
189 	}
190 	for (i = 1; (n = fread(current, sizeof(char), sizeof(current), fp)) <= 0; i++) {
191 		if (i > 5) {
192 			n = 1;
193 			break;
194 		}
195 		sleep((size_t)i);
196 	}
197 	current[n-1] = '\0';
198 	(void)fclose(fp);
199 	return(1);
200 }
201 
202 /*
203  * Process a control file.
204  */
205 void
206 process(char *file)
207 {
208 	FILE *cfp;
209 
210 	if (!chk(file))
211 		return;
212 	seteuid(euid);
213 	if ((cfp = fopen(file, "r")) == NULL)
214 		fatal("cannot open %s", file);
215 	seteuid(uid);
216 	while (getline(cfp)) {
217 		switch (line[0]) {
218 		case 'U':  /* unlink associated files */
219 			if (strchr(line+1, '/') || strncmp(line+1, "df", 2))
220 				break;
221 			do_unlink(line+1);
222 		}
223 	}
224 	(void)fclose(cfp);
225 	do_unlink(file);
226 }
227 
228 static void
229 do_unlink(char *file)
230 {
231 	int	ret;
232 
233 	if (from != host)
234 		printf("%s: ", host);
235 	seteuid(euid);
236 	ret = unlink(file);
237 	seteuid(uid);
238 	printf(ret ? "cannot dequeue %s\n" : "%s dequeued\n", file);
239 }
240 
241 /*
242  * Do the dirty work in checking
243  */
244 int
245 chk(char *file)
246 {
247 	int *r, n;
248 	char **u, *cp;
249 	FILE *cfp;
250 
251 	/*
252 	 * Check for valid cf file name (mostly checking current).
253 	 */
254 	if (strlen(file) < 7 || file[0] != 'c' || file[1] != 'f')
255 		return(0);
256 
257 	if (all && (from == host || !strcmp(from, file+6)))
258 		return(1);
259 
260 	/*
261 	 * get the owner's name from the control file.
262 	 */
263 	seteuid(euid);
264 	if ((cfp = fopen(file, "r")) == NULL)
265 		return(0);
266 	seteuid(uid);
267 	while (getline(cfp)) {
268 		if (line[0] == 'P')
269 			break;
270 	}
271 	(void)fclose(cfp);
272 	if (line[0] != 'P')
273 		return(0);
274 
275 	if (users == 0 && requests == 0)
276 		return(!strcmp(file, current) && isowner(line+1, file));
277 	/*
278 	 * Check the request list
279 	 */
280 	for (n = 0, cp = file+3; isdigit(*cp); )
281 		n = n * 10 + (*cp++ - '0');
282 	for (r = requ; r < &requ[requests]; r++)
283 		if (*r == n && isowner(line+1, file))
284 			return(1);
285 	/*
286 	 * Check to see if it's in the user list
287 	 */
288 	for (u = user; u < &user[users]; u++)
289 		if (!strcmp(*u, line+1) && isowner(line+1, file))
290 			return(1);
291 	return(0);
292 }
293 
294 /*
295  * If root is removing a file on the local machine, allow it.
296  * If root is removing a file from a remote machine, only allow
297  * files sent from the remote machine to be removed.
298  * Normal users can only remove the file from where it was sent.
299  */
300 int
301 isowner(char *owner, char *file)
302 {
303 	if (!strcmp(person, root) && (from == host || !strcmp(from, file+6)))
304 		return(1);
305 	if (!strcmp(person, owner) && !strcmp(from, file+6))
306 		return(1);
307 	if (from != host)
308 		printf("%s: ", host);
309 	printf("%s: Permission denied\n", file);
310 	return(0);
311 }
312 
313 /*
314  * Check to see if we are sending files to a remote machine. If we are,
315  * then try removing files on the remote machine.
316  */
317 void
318 rmremote(void)
319 {
320 	char *cp, *s;
321 	int i, rem;
322 	size_t len;
323 
324 	if (!remote)
325 		return;	/* not sending to a remote machine */
326 
327 	/*
328 	 * Flush stdout so the user can see what has been deleted
329 	 * while we wait (possibly) for the connection.
330 	 */
331 	fflush(stdout);
332 
333 	/* \5 RP space all */
334 	len = 1 + strlen(RP) + 1 + strlen(all ? "-all" : person);
335 	for (i = 0; i < users; i++) {
336 		len += strlen(user[i]) + 1;
337 	}
338 	for (i = 0; i < requests; i++) {
339 		len += snprintf(line, sizeof(line), " %d", requ[i]);
340 	}
341 	/* newline nul */
342 	len += 2;
343 	if (len > sizeof(line))
344 		s = malloc(len);
345 	else
346 		s = line;
347 	cp = s;
348 
349 	cp += snprintf(s, len, "\5%s %s", RP, all ? "-all" : person);
350 	for (i = 0; i < users; i++) {
351 		*cp++ = ' ';
352 		strncpy(cp, user[i], len - (cp - s) - 2);
353 		cp += strlen(cp);
354 	}
355 	for (i = 0; i < requests; i++) {
356 		(void)snprintf(cp, len - (cp - s) - 1, " %d", requ[i]);
357 		cp += strlen(cp);
358 	}
359 	cp[0] = '\n';
360 	cp[1] = '\0';
361 
362 	rem = getport(RM, 0);
363 	if (rem < 0) {
364 		if (from != host)
365 			printf("%s: ", host);
366 		printf("connection to %s is down\n", RM);
367 	} else {
368 		struct sigaction osa, nsa;
369 
370 		if (write(rem, s, len) != len)
371 			fatal("Lost connection");
372 		if (len > sizeof(line))
373 			(void)free(s);
374 		nsa.sa_handler = alarmer;
375 		sigemptyset(&nsa.sa_mask);
376 		sigaddset(&nsa.sa_mask, SIGALRM);
377 		nsa.sa_flags = 0;
378 		(void)sigaction(SIGALRM, &nsa, &osa);
379 		alarm(wait_time);
380 		while ((i = read(rem, line, sizeof(line))) > 0) {
381 			(void)fwrite(line, 1, (size_t)i, stdout);
382 			alarm(wait_time);
383 		}
384 		alarm(0);
385 		(void)sigaction(SIGALRM, &osa, NULL);
386 		(void)close(rem);
387 	}
388 }
389 
390 static void
391 alarmer(int s)
392 {
393 	/* nothing */
394 }
395 
396 /*
397  * Return 1 if the filename begins with 'cf'
398  */
399 int
400 iscf(const struct dirent *d)
401 {
402 	return(d->d_name[0] == 'c' && d->d_name[1] == 'f');
403 }
404