Return to skeyprune.pl CVS log

Up to [local] / src / usr.bin / skey

Annotation of src/usr.bin/skey/skeyprune.pl, Revision 1.6

1.2       millert     1: #!/usr/bin/perl -w
1.1       millert     2: #
1.3       millert     3: # Copyright (c) 1996, 2001, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
1.2       millert     4: #
1.4       millert     5: # Permission to use, copy, modify, and distribute this software for any
                      6: # purpose with or without fee is hereby granted, provided that the above
                      7: # copyright notice and this permission notice appear in all copies.
1.2       millert     8: #
1.5       millert     9: # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
                     10: # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
                     11: # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
                     12: # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
                     13: # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
                     14: # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
                     15: # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
                     16: #
                     17: # Sponsored in part by the Defense Advanced Research Projects
                     18: # Agency (DARPA) and Air Force Research Laboratory, Air Force
                     19: # Materiel Command, USAF, under agreement number F39502-99-1-0512.
1.2       millert    20: #
                     21: # Prune commented out, bogus, and crufty entries from /etc/skeykeys
1.6     ! sobrado    22: # usage: skeyprune [days]
1.1       millert    23: #
1.6     ! sobrado    24: # $OpenBSD: skeyprune.pl,v 1.5 2003/06/17 21:56:26 millert Exp $
1.2       millert    25: #
1.1       millert    26:
1.3       millert    27: use POSIX qw(S_ISREG);
1.2       millert    28: use Fcntl qw(:DEFAULT :flock);
1.1       millert    29:
                     30: # Keep out the stupid
                     31: die "Only root may run $0.\n" if $>;
1.6     ! sobrado    32: die "usage: $0 [days]\n" if $#ARGV > 0;
1.1       millert    33:
                     34: # Pathnames
1.3       millert    35: $skeydir = '/etc/skey';
1.1       millert    36:
                     37: # Remove entries that haven't been modified in this many days.
                     38: $days_old = $ARGV[0] || -1;
                     39:
1.2       millert    40: # Safe umask
                     41: umask(077);
                     42:
1.3       millert    43: # Current time
                     44: $now = time();
                     45:
                     46: # Slurp mode
                     47: undef $/;
                     48:
                     49: chdir($skeydir) || die "$0: Can't cd to $skeydir: $!\n";
                     50: opendir(SKEYDIR, ".") || die "$0: Can't open $skeydir: $!\n";
                     51: while (defined($user = readdir(SKEYDIR))) {
                     52:        next if $user =~ /^\./;
                     53:        if (!sysopen(SKEY, $user, 0, O_RDWR | O_NONBLOCK | O_NOFOLLOW)) {
                     54:            warn "$0: Can't open $user: $!\n";
                     55:            next;
                     56:        }
                     57:        if (!flock(SKEY, LOCK_EX)) {
                     58:                warn "$0: Can't lock $user: $!\n";
                     59:                close(SKEY);
                     60:                next;
                     61:        }
                     62:
                     63:        if (!stat(SKEY)) {
                     64:                warn "$0: Can't stat $user: $!\n";
                     65:                close(SKEY);
                     66:                next;
                     67:        }
                     68:
                     69:        # Sanity checks.
                     70:        if (!S_ISREG((stat(_))[2])) {
                     71:                warn "$0: $user is not a regular file\n";
                     72:                close(SKEY);
                     73:                next;
                     74:        }
                     75:        if (((stat(_))[2] & 07777) != 0600) {
                     76:                printf STDERR ("%s: Bad mode for %s: 0%o\n", $0, $user,
                     77:                    (stat(_))[2]);
                     78:                close(SKEY);
                     79:                next;
                     80:        }
                     81:        if ((stat(_))[3] != 1) {
                     82:                printf STDERR ("%s: Bad link count for %s: %d\n", $0, $user,
                     83:                    (stat(_))[3]);
                     84:                close(SKEY);
                     85:                next;
                     86:        }
                     87:
                     88:        # Remove zero size entries
                     89:        if (-z _) {
                     90:                unlink($user) || warn "$0: Can't unlink $user: $!\n";
                     91:                close(SKEY);
                     92:                next;
                     93:        }
1.2       millert    94:
1.3       millert    95:        # Prune out old entries if asked to
                     96:        if ($days_old > 0) {
                     97:                $then = (stat(_))[9];
                     98:                if (($now - $then) / (60 * 60 * 24) - 1 > $days_old) {
                     99:                        unlink($user) || warn "$0: Can't unlink $user: $!\n";
                    100:                        close(SKEY);
                    101:                        next;
1.2       millert   102:                }
1.3       millert   103:        }
1.2       millert   104:
1.3       millert   105:        # Read in the entry and check its contents.
                    106:        $entry = <SKEY>;
                    107:        if ($entry !~ /^\S+[\r\n]+\S+[\r\n]+\d+[\r\n]+[A-z0-9]+[\r\n]+[a-f0-9]+[\r\n]+$/) {
                    108:                warn "$0: Invalid entry for $user:\n$entry";
1.1       millert   109:        }
                    110:
1.3       millert   111:        close(SKEY);
1.2       millert   112: }
1.1       millert   113: exit(0);