mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-17 10:26:15 +00:00
1d1d4a4727
current version of FreeBSD, this isn't guarenteed by the API. Custom security modules, or future implementations of the setuid and setgid may fail. PR: bin/172289 PR: bin/172290 PR: bin/172291 Submittud by: Erik Cederstrand <erik@cederstrand.dk> Discussed by: freebsd-security Approved by: cperciva MFC after: 1 week
163 lines
4.4 KiB
C
163 lines
4.4 KiB
C
/*
|
|
* Copyright (c) 1983, 1993
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef lint
|
|
static const char copyright[] =
|
|
"@(#) Copyright (c) 1983, 1993\n\
|
|
The Regents of the University of California. All rights reserved.\n";
|
|
#endif /* not lint */
|
|
|
|
#if 0
|
|
#ifndef lint
|
|
static char sccsid[] = "@(#)lprm.c 8.1 (Berkeley) 6/6/93";
|
|
#endif /* not lint */
|
|
#endif
|
|
|
|
#include "lp.cdefs.h" /* A cross-platform version of <sys/cdefs.h> */
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
/*
|
|
* lprm - remove the current user's spool entry
|
|
*
|
|
* lprm [-] [[job #] [user] ...]
|
|
*
|
|
* Using information in the lock file, lprm will kill the
|
|
* currently active daemon (if necessary), remove the associated files,
|
|
* and startup a new daemon. Priviledged users may remove anyone's spool
|
|
* entries, otherwise one can only remove their own.
|
|
*/
|
|
|
|
#include <sys/param.h>
|
|
|
|
#include <syslog.h>
|
|
#include <dirent.h>
|
|
#include <err.h>
|
|
#include <pwd.h>
|
|
#include <unistd.h>
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <ctype.h>
|
|
#include "lp.h"
|
|
#include "lp.local.h"
|
|
|
|
/*
|
|
* Stuff for handling job specifications
|
|
*/
|
|
char *person; /* name of person doing lprm */
|
|
int requ[MAXREQUESTS]; /* job number of spool entries */
|
|
int requests; /* # of spool requests */
|
|
char *user[MAXUSERS]; /* users to process */
|
|
int users; /* # of users in user array */
|
|
uid_t uid, euid; /* real and effective user id's */
|
|
|
|
static char luser[16]; /* buffer for person */
|
|
|
|
int main(int argc, char *_argv[]);
|
|
static void usage(void);
|
|
|
|
int
|
|
main(int argc, char *argv[])
|
|
{
|
|
char *arg;
|
|
const char *printer;
|
|
struct passwd *p;
|
|
static char root[] = "root";
|
|
|
|
printer = NULL;
|
|
uid = getuid();
|
|
euid = geteuid();
|
|
PRIV_END /* be safe */
|
|
progname = argv[0];
|
|
gethostname(local_host, sizeof(local_host));
|
|
openlog("lpd", 0, LOG_LPR);
|
|
|
|
/*
|
|
* Bogus code later checks for string equality between
|
|
* `person' and "root", so if we are root, better make sure
|
|
* that code will succeed.
|
|
*/
|
|
if (getuid() == 0) {
|
|
person = root;
|
|
} else if ((person = getlogin()) == NULL) {
|
|
if ((p = getpwuid(getuid())) == NULL)
|
|
fatal(0, "Who are you?");
|
|
if (strlen(p->pw_name) >= sizeof(luser))
|
|
fatal(0, "Your name is too long");
|
|
strcpy(luser, p->pw_name);
|
|
person = luser;
|
|
}
|
|
while (--argc) {
|
|
if ((arg = *++argv)[0] == '-')
|
|
switch (arg[1]) {
|
|
case 'P':
|
|
if (arg[2])
|
|
printer = &arg[2];
|
|
else if (argc > 1) {
|
|
argc--;
|
|
printer = *++argv;
|
|
}
|
|
break;
|
|
case '\0':
|
|
if (!users) {
|
|
users = -1;
|
|
break;
|
|
}
|
|
default:
|
|
usage();
|
|
}
|
|
else {
|
|
if (users < 0)
|
|
usage();
|
|
if (isdigit(arg[0])) {
|
|
if (requests >= MAXREQUESTS)
|
|
fatal(0, "Too many requests");
|
|
requ[requests++] = atoi(arg);
|
|
} else {
|
|
if (users >= MAXUSERS)
|
|
fatal(0, "Too many users");
|
|
user[users++] = arg;
|
|
}
|
|
}
|
|
}
|
|
if (printer == NULL && (printer = getenv("PRINTER")) == NULL)
|
|
printer = DEFLP;
|
|
|
|
rmjob(printer);
|
|
exit(0);
|
|
}
|
|
|
|
static void
|
|
usage(void)
|
|
{
|
|
fprintf(stderr, "usage: lprm [-] [-Pprinter] [[job #] [user] ...]\n");
|
|
exit(2);
|
|
}
|