1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#!/usr/bin/perl -w
#
# Copyright (c) 1996, 2001, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. The name of the author may not be used to endorse or promote products
# derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
# THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# Prune commented out, bogus, and crufty entries from /etc/skeykeys
# Usage: skeyprune [days]
#
# $OpenBSD: skeyprune.pl,v 1.3 2002/05/16 18:27:34 millert Exp $
#
use POSIX qw(S_ISREG);
use Fcntl qw(:DEFAULT :flock);
# Keep out the stupid
die "Only root may run $0.\n" if $>;
die "Usage: $0 [days]\n" if $#ARGV > 0;
# Pathnames
$skeydir = '/etc/skey';
# Remove entries that haven't been modified in this many days.
$days_old = $ARGV[0] || -1;
# Safe umask
umask(077);
# Current time
$now = time();
# Slurp mode
undef $/;
chdir($skeydir) || die "$0: Can't cd to $skeydir: $!\n";
opendir(SKEYDIR, ".") || die "$0: Can't open $skeydir: $!\n";
while (defined($user = readdir(SKEYDIR))) {
next if $user =~ /^\./;
if (!sysopen(SKEY, $user, 0, O_RDWR | O_NONBLOCK | O_NOFOLLOW)) {
warn "$0: Can't open $user: $!\n";
next;
}
if (!flock(SKEY, LOCK_EX)) {
warn "$0: Can't lock $user: $!\n";
close(SKEY);
next;
}
if (!stat(SKEY)) {
warn "$0: Can't stat $user: $!\n";
close(SKEY);
next;
}
# Sanity checks.
if (!S_ISREG((stat(_))[2])) {
warn "$0: $user is not a regular file\n";
close(SKEY);
next;
}
if (((stat(_))[2] & 07777) != 0600) {
printf STDERR ("%s: Bad mode for %s: 0%o\n", $0, $user,
(stat(_))[2]);
close(SKEY);
next;
}
if ((stat(_))[3] != 1) {
printf STDERR ("%s: Bad link count for %s: %d\n", $0, $user,
(stat(_))[3]);
close(SKEY);
next;
}
# Remove zero size entries
if (-z _) {
unlink($user) || warn "$0: Can't unlink $user: $!\n";
close(SKEY);
next;
}
# Prune out old entries if asked to
if ($days_old > 0) {
$then = (stat(_))[9];
if (($now - $then) / (60 * 60 * 24) - 1 > $days_old) {
unlink($user) || warn "$0: Can't unlink $user: $!\n";
close(SKEY);
next;
}
}
# Read in the entry and check its contents.
$entry = <SKEY>;
if ($entry !~ /^\S+[\r\n]+\S+[\r\n]+\d+[\r\n]+[A-z0-9]+[\r\n]+[a-f0-9]+[\r\n]+$/) {
warn "$0: Invalid entry for $user:\n$entry";
}
close(SKEY);
}
exit(0);
|
