From owner-freebsd-security Tue Nov 21 13:16:22 2000 Delivered-To: freebsd-security@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.13]) by hub.freebsd.org (Postfix) with SMTP id 21FFC37B479 for ; Tue, 21 Nov 2000 13:16:16 -0800 (PST) Received: (qmail 33166 invoked by uid 1000); 21 Nov 2000 18:48:36 -0000 Date: Tue, 21 Nov 2000 20:48:36 +0200 From: Peter Pentchev To: mike.sellenschuetter@bankofamerica.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: rmuser Message-ID: <20001121204836.F9661@ringworld.oblivion.bg> Mail-Followup-To: mike.sellenschuetter@bankofamerica.com, freebsd-security@FreeBSD.ORG References: <8625699E.0061FCDC.00@dalnsd40.bankofamerica.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <8625699E.0061FCDC.00@dalnsd40.bankofamerica.com>; from mike.sellenschuetter@bankofamerica.com on Tue, Nov 21, 2000 at 11:50:19AM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Nov 21, 2000 at 11:50:19AM -0600, mike.sellenschuetter@bankofamerica.com wrote: > I apologize if this is not the right mailing list for this question. We are > running a small system which contains around 50 servers and workstations running > FreeBSD 2.2.6 (we are upgrading to 4.1 after the Christmas holidays), and we > have discovered that rmuser is not removing a user's at jobs. After removing a > user with rmuser, atq still shows the job in the queue, but with "???" as the > owner. I looked at the rmuser Perl script, and below is the "remove_at_jobs" > subroutine from this script. > [snip] > > The problem appears to be with the "system('/usr/bin/atrm', $i);" command. $i > is a filename, and the atrm command wants a job number, not a file name. Does > anyone know if this problem is fixed in 4.1? Hi Mike, Basically what you need to do if you have filenames is parse the filenames - at least on 4.2-STABLE they contain the queue ID and the job number. However, if you would resort to using atrm either way, I think it might be a better solution to use atq, too - this way you do not have to depend on the job filenames changing silently underneath your feet (they *are* internal structures). Attached is a Perl script, adapted from what I've been using for some time, that calls atq once, parses its output to find the jobs belonging to that particular user, and then calls atrm exactly once, passing it all the jobs to be deleted. Hope that helps :) G'luck, Peter -- If you think this sentence is confusing, then change one pig. #!/usr/bin/perl -wT use strict; my($path_atq, $path_atrm) = ("/usr/bin/atq", "/usr/bin/atrm"); remove_at_jobs("roam"); exit 0; sub invoke_atq { local *PIPE; my($user) = (shift || ""); my(@at) = (); my($pid, $line); return @at if ($user eq ""); if (!defined($pid = open(PIPE, "-|"))) { die("creating pipe to atq: $!\n"); } elsif ($pid == 0) { exec($path_atq, $user); } while(defined($_ = )) { chomp; if (/^\d\d:\d\d:\d\d\s+\d\d\/\d\d\/\d\d\s+(\S+)\s+\S+\s+(\d+)$/) { push(@at, $2) if ($1 eq $user); } } return @at; } sub invoke_atrm { local *ATRM; my($user) = (shift || ""); my(@jobs) = @_; my($pid); my($txt) = ""; return "Invalid arguments" if (($user eq "") || ($#jobs == -1)); if (!defined($pid = open(ATRM, "-|"))) { die("creating pipe to atrm: $!\n"); } elsif ($pid == 0) { exec($path_atrm, $user, @jobs); } # atrm only leaks some output on error.. while(defined($_ = )) { $txt .= $_; } return $txt; } sub remove_at_jobs { my($user) = (shift || ""); my(@at, $atrm); return 1 if ($user eq ""); @at = invoke_atq($user); return 0 if ($#at == -1); # No jobs for that user $atrm = invoke_atrm($user, @at); if ($atrm ne "") { print "$atrm\n"; return 1; } return 0; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message