1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
From: Christian Kastner <ckk@kvr.at>
Date: Fri, 15 Jan 2016 21:59:57 +0100
Subject: Improve denied user warning
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Produce a different error message when root invokes -u for a user who was
denied cron access, and don't log a message.
Contributed by Javier Fernández-Sanguino Peña <jfs@debian.org>.
Bug-Debian: https://bugs.debian.org/505288
Forwarded: no
Last-Update: 2016-01-15
---
crontab.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/crontab.c b/crontab.c
index d31abe8..992d175 100644
--- a/crontab.c
+++ b/crontab.c
@@ -110,11 +110,19 @@ main(argc, argv)
set_cron_uid();
set_cron_cwd();
if (!allowed(User)) {
- fprintf(stderr,
- "You (%s) are not allowed to use this program (%s)\n",
- User, ProgramName);
- fprintf(stderr, "See crontab(1) for more information\n");
- log_it(RealUser, Pid, "AUTH", "crontab command not allowed");
+ if (getuid() != 0) {
+ fprintf(stderr,
+ "You (%s) are not allowed to use this program (%s)\n",
+ User, ProgramName);
+ fprintf(stderr, "See crontab(1) for more information\n");
+ log_it(RealUser, Pid, "AUTH", "crontab command not allowed");
+ } else {
+ /* If the user is not allowed but root is running the
+ * program warn but do not log */
+ fprintf(stderr,
+ "The user %s cannot use this program (%s)\n",
+ User, ProgramName);
+ }
exit(ERROR_EXIT);
}
exitstatus = OK_EXIT;
|
