diff options
Diffstat (limited to 'dm')
| -rw-r--r-- | dm/Makefile | 18 | ||||
| -rw-r--r-- | dm/dm.8 | 106 | ||||
| -rw-r--r-- | dm/dm.c | 335 | ||||
| -rw-r--r-- | dm/dm.conf.5 | 114 | ||||
| -rw-r--r-- | dm/pathnames.h | 37 |
5 files changed, 610 insertions, 0 deletions
diff --git a/dm/Makefile b/dm/Makefile new file mode 100644 index 0000000..7514eb8 --- /dev/null +++ b/dm/Makefile @@ -0,0 +1,18 @@ +# $NetBSD: Makefile,v 1.11 2002/09/18 03:23:00 lukem Exp $ +# @(#)Makefile 8.1 (Berkeley) 5/31/93 + +.include <bsd.own.mk> + +# -DLOG log games +PROG= dm +# 20150209 bkw: removed utmpentry.c reference +SRCS= dm.c +MAN= dm.8 dm.conf.5 +# shouldn't be necessary; just in case. +BINGRP= games +BINMODE=2555 + +.PATH.c: ${NETBSDSRCDIR}/usr.bin/who +CPPFLAGS+=-I${NETBSDSRCDIR}/usr.bin/who -DSUPPORT_UTMPX -DSUPPORT_UTMP + +.include <bsd.prog.mk> @@ -0,0 +1,106 @@ +.\" $NetBSD: dm.8,v 1.9 2003/08/07 09:37:11 agc Exp $ +.\" +.\" Copyright (c) 1987, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)dm.8 8.1 (Berkeley) 5/31/93 +.\" +.Dd May 31, 1993 +.Dt DM 8 +.Os +.Sh NAME +.Nm dm +.Nd dungeon master +.Sh SYNOPSIS +.Nm ln +.Fl s Cm dm Ar game +.Sh DESCRIPTION +.Nm +is a program used to regulate game playing. +.Nm +expects to be invoked with the name of a game that a user wishes to play. +This is done by creating symbolic links to +.Nm , +in the directory +.Pa /usr/games +for all of the regulated games. +The actual binaries for these games should be placed in a +.Dq hidden +directory, +.Pa /usr/games/hide , +that may only be accessed by the +.Nm +program. +.Nm +determines if the requested game is available and, if so, runs it. +The file +.Pa /etc/dm.conf +controls the conditions under which games may be run. +.Pp +The file +.Pa /etc/nogames +may be used to +.Dq turn off +game playing. +If the file exists, no game playing is allowed; the contents of the file +will be displayed to any user requesting a game. +.Sh FILES +.Bl -tag -width /var/log/games.log -compact +.It Pa /etc/dm.conf +configuration file +.It Pa /etc/nogames +turns off game playing +.It Pa /usr/games/hide +directory of ``real'' binaries +.It Pa /var/log/games.log +game logging file +.El +.Sh SEE ALSO +.Xr dm.conf 5 +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.3 tahoe . +.Sh SECURITY CONSIDERATIONS +Two issues result from +.Nm +running the games setgid +.Dq games . +First, all games that allow users to run +.Ux +commands should carefully +set both the real and effective group ids immediately before executing +those commands. +Probably more important is that +.Nm +never be setgid anything but +.Dq games +so that compromising a game will result only in +the user's ability to play games at will. +Secondly, games which previously had no reason to run setgid and which +accessed user files may have to be modified. @@ -0,0 +1,335 @@ +/* $NetBSD: dm.c,v 1.29 2009/08/27 00:22:28 dholland Exp $ */ + +/* + * Copyright (c) 1987, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +#ifndef lint +__COPYRIGHT("@(#) Copyright (c) 1987, 1993\ + The Regents of the University of California. All rights reserved."); +#endif /* not lint */ + +#ifndef lint +#if 0 +static char sccsid[] = "@(#)dm.c 8.1 (Berkeley) 5/31/93"; +#else +__RCSID("$NetBSD: dm.c,v 1.29 2009/08/27 00:22:28 dholland Exp $"); +#endif +#endif /* not lint */ + +#include <sys/param.h> +#include <sys/file.h> +#include <sys/time.h> +#include <sys/resource.h> + +#include <err.h> +#include <ctype.h> +#include <errno.h> +#include <pwd.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <time.h> +#include <unistd.h> + +#include <utmp.h> /* 20150209 bkw: see users() */ +#include "pathnames.h" + +static time_t now; /* current time value */ +static int priority = 0; /* priority game runs at */ +static char *game, /* requested game */ + *gametty; /* from tty? */ + +static void c_day(const char *, const char *, const char *); +static void c_game(const char *, const char *, const char *, const char *); +static void c_tty(const char *); +static const char *hour(int); +static double load(void); +static void nogamefile(void); +static void play(char **) __dead; +static void read_config(void); +static int users(void); + +#ifdef LOG +static void logfile(void); +#endif + +int +main(int argc __attribute__((unused)), char *argv[]) +{ + char *cp; + + nogamefile(); + game = (cp = strrchr(*argv, '/')) ? ++cp : *argv; + + if (!strcmp(game, "dm")) + exit(0); + + gametty = ttyname(0); + unsetenv("TZ"); + (void)time(&now); + read_config(); +#ifdef LOG + logfile(); +#endif + play(argv); + /*NOTREACHED*/ + return (0); +} + +/* + * play -- + * play the game + */ +static void +play(char **args) +{ + char pbuf[MAXPATHLEN]; + + snprintf(pbuf, sizeof(pbuf), "%s%s", _PATH_HIDE, game); + if (priority > 0) /* < 0 requires root */ + (void)setpriority(PRIO_PROCESS, 0, priority); + execv(pbuf, args); + err(1, "%s", pbuf); +} + +/* + * read_config -- + * read through config file, looking for key words. + */ +static void +read_config(void) +{ + FILE *cfp; + char lbuf[BUFSIZ], f1[40], f2[40], f3[40], f4[40], f5[40]; + + if (!(cfp = fopen(_PATH_CONFIG, "r"))) + return; + while (fgets(lbuf, sizeof(lbuf), cfp)) + switch (*lbuf) { + case 'b': /* badtty */ + if (sscanf(lbuf, "%39s%39s", f1, f2) != 2 || + strcasecmp(f1, "badtty")) + break; + c_tty(f2); + break; + case 'g': /* game */ + if (sscanf(lbuf, "%39s%39s%39s%39s%39s", + f1, f2, f3, f4, f5) != 5 || strcasecmp(f1, "game")) + break; + c_game(f2, f3, f4, f5); + break; + case 't': /* time */ + if (sscanf(lbuf, "%39s%39s%39s%39s", f1, f2, f3, f4) != 4 || + strcasecmp(f1, "time")) + break; + c_day(f2, f3, f4); + } + (void)fclose(cfp); +} + +/* + * c_day -- + * if day is today, see if okay to play + */ +static void +c_day(const char *s_day, const char *s_start, const char *s_stop) +{ + static const char *const days[] = { + "sunday", "monday", "tuesday", "wednesday", + "thursday", "friday", "saturday", + }; + static struct tm *ct; + int start, stop; + + if (!ct) + ct = localtime(&now); + if (strcasecmp(s_day, days[ct->tm_wday])) + return; + if (!isdigit((unsigned char)*s_start) || + !isdigit((unsigned char)*s_stop)) + return; + start = atoi(s_start); + stop = atoi(s_stop); + if (ct->tm_hour >= start && ct->tm_hour < stop) { + if (start == 0 && stop == 24) + errx(0, "Sorry, games are not available today."); + else + errx(0, "Sorry, games are not available from %s to %s today.", + hour(start), hour(stop)); + } +} + +/* + * c_tty -- + * decide if this tty can be used for games. + */ +static void +c_tty(const char *tty) +{ + static int first = 1; + static char *p_tty; + + if (first) { + p_tty = strrchr(gametty, '/'); + first = 0; + } + + if (!strcmp(gametty, tty) || (p_tty && !strcmp(p_tty, tty))) + errx(1, "Sorry, you may not play games on %s.", gametty); +} + +/* + * c_game -- + * see if game can be played now. + */ +static void +c_game(const char *s_game, const char *s_load, const char *s_users, + const char *s_priority) +{ + static int found; + + if (found) + return; + if (strcmp(game, s_game) && strcasecmp("default", s_game)) + return; + ++found; + if (isdigit((unsigned char)*s_load) && atoi(s_load) < load()) + errx(0, "Sorry, the load average is too high right now."); + if (isdigit((unsigned char)*s_users) && atoi(s_users) <= users()) + errx(0, "Sorry, there are too many users logged on right now."); + if (isdigit((unsigned char)*s_priority)) + priority = atoi(s_priority); +} + +/* + * load -- + * return 15 minute load average + */ +static double +load(void) +{ + double avenrun[3]; + + if (getloadavg(avenrun, sizeof(avenrun)/sizeof(avenrun[0])) < 0) + err(1, "getloadavg() failed"); + return (avenrun[2]); +} + +/* + * users -- + * return current number of users + * todo: check idle time; if idle more than X minutes, don't + * count them. + * 20150209 bkw: replaced BSD original with dm.c users() from + * Linux port of bsd-games-2.13 + */ +static int +users() +{ + + int nusers, utmp; + struct utmp buf; + + if ((utmp = open(_PATH_UTMP, O_RDONLY, 0)) < 0) + err(1, "%s", _PATH_UTMP); + for (nusers = 0; read(utmp, (char *)&buf, sizeof(struct utmp)) > 0;) + if (buf.ut_name[0] != '\0') + ++nusers; + return (nusers); +} + +static void +nogamefile(void) +{ + int fd, n; + char buf[BUFSIZ]; + + if ((fd = open(_PATH_NOGAMES, O_RDONLY, 0)) >= 0) { +#define MESG "Sorry, no games right now.\n\n" + (void)write(2, MESG, sizeof(MESG) - 1); + while ((n = read(fd, buf, sizeof(buf))) > 0) + (void)write(2, buf, n); + exit(1); + } +} + +/* + * hour -- + * print out the hour in human form + */ +static const char * +hour(int h) +{ + static const char *const hours[] = { + "midnight", "1am", "2am", "3am", "4am", "5am", + "6am", "7am", "8am", "9am", "10am", "11am", + "noon", "1pm", "2pm", "3pm", "4pm", "5pm", + "6pm", "7pm", "8pm", "9pm", "10pm", "11pm", "midnight" }; + + if (h < 0 || h > 24) + return ("BAD TIME"); + else + return (hours[h]); +} + +#ifdef LOG +/* + * logfile -- + * log play of game + */ +static void +logfile(void) +{ + struct passwd *pw; + FILE *lp; + uid_t uid; + int lock_cnt; + + if (lp = fopen(_PATH_LOG, "a")) { + for (lock_cnt = 0;; ++lock_cnt) { + if (!flock(fileno(lp), LOCK_EX)) + break; + if (lock_cnt == 4) { + warnx("log lock"); + (void)fclose(lp); + return; + } + sleep(1); + } + if (pw = getpwuid(uid = getuid())) + fputs(pw->pw_name, lp); + else + fprintf(lp, "%u", uid); + fprintf(lp, "\t%s\t%s\t%s", game, gametty, ctime(&now)); + (void)flock(fileno(lp), LOCK_UN); + (void)fclose(lp); + } +} +#endif /* LOG */ diff --git a/dm/dm.conf.5 b/dm/dm.conf.5 new file mode 100644 index 0000000..b7933ce --- /dev/null +++ b/dm/dm.conf.5 @@ -0,0 +1,114 @@ +.\" $NetBSD: dm.conf.5,v 1.8 2003/08/07 09:37:11 agc Exp $ +.\" +.\" Copyright (c) 1988, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)dm.conf.5 8.1 (Berkeley) 5/31/93 +.\" +.Dd May 31, 1993 +.Dt DM.CONF 5 +.Os +.Sh NAME +.Nm dm.conf +.Nd dungeon master configuration file +.Sh DESCRIPTION +The +.Nm +file is the configuration file for the +.Xr dm 8 +program. +It consists of lines beginning with one of three keywords, +.Em badtty , +.Em game , +and +.Em time . +All other lines are ignored. +.Pp +Any tty listed after the keyword +.Em badtty +may not have games played on it. +Entries consist of two white-space separated fields: the string +.Em badtty +and the ttyname as returned by +.Xr ttyname 3 . +For example, to keep the uucp dialout, +.Dq tty19 , +from being used for games, the entry would be: +.Bd -literal -offset indent +badtty /dev/tty19 +.Ed +.Pp +Any day/hour combination listed after the keyword +.Em time +will disallow games during those hours. +Entries consist of four white-space separated fields: the string +.Em time , +the unabbreviated day of the week and the beginning and ending time +of a period of the day when games may not be played. +The time fields are in a 0 based, 24-hour clock. +For example, the following entry allows games playing before 8AM +and after 5PM on Mondays: +.Bd -literal -offset indent +time Monday 8 17 +.Ed +.Pp +Any game listed after the keyword +.Em game +will set parameters for a specific game. +Entries consist of five white-space separated fields: the keyword +.Em game , +the name of a game, the highest system load average at which the +game may be played, the maximum users allowed if the game is to be +played, and the priority at which the game is to be run. +Any of these fields may start with a non-numeric character, resulting +in no game limitation or priority based on that field. +.Pp +The game +.Em default +controls the settings for any game not otherwise listed, and must be the last +.Em game +entry in the file. +Priorities may not be negative. +For example, the following entries limits the game +.Dq hack +to running only when the system has 10 or less users and a load average of 5 +or less; all other games may be run any time the system has 15 or less users. +.Bd -literal -offset indent +game hack 5 10 * +game default * 15 * +.Ed +.Sh FILES +.Bl -tag -width /etc/dm.conf -compact +.It Pa /etc/dm.conf +The +.Xr dm 8 +configuration file. +.El +.Sh SEE ALSO +.Xr setpriority 2 , +.Xr ttyname 3 , +.Xr dm 8 diff --git a/dm/pathnames.h b/dm/pathnames.h new file mode 100644 index 0000000..9acdc5c --- /dev/null +++ b/dm/pathnames.h @@ -0,0 +1,37 @@ +/* $NetBSD: pathnames.h,v 1.4 2003/08/07 09:37:12 agc Exp $ */ + +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)pathnames.h 8.1 (Berkeley) 5/31/93 + */ + +#define _PATH_CONFIG "/etc/dm.conf" +#define _PATH_HIDE "/usr/games/hide/" +#define _PATH_LOG "/var/log/games.log" +#define _PATH_NOGAMES "/etc/nogames" |