From c7279c05680e0b443dda349af5b567d876a76ba2 Mon Sep 17 00:00:00 2001
From: Lukáš Nykrýn <lnykryn@redhat.com>
Date: Tue, 25 Oct 2011 10:28:34 +0000
Subject: Apply autochanger temp file security fix to examples files
---
diff --git a/bacula/examples/autochangers/chio-bacula b/bacula/examples/autochangers/chio-bacula
index d988b01..e12dc20 100644
--- a/bacula/examples/autochangers/chio-bacula
+++ b/bacula/examples/autochangers/chio-bacula
@@ -29,6 +29,19 @@
# The labels of the virtual barcode reader are located in the BARCODE_FILE
SIMULATE_BARCODE=true
BARCODE_FILE=/usr/local/etc/bacula-barcodes
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
me=$(basename $0)
@@ -119,11 +132,12 @@ case ${COMMAND} in
loaded)
# echo "Request loaded"
- ${MTX} -f ${CHANGER} status -S > /tmp/mtx.$$
+ make_temp_file
+ ${MTX} -f ${CHANGER} status -S > ${TMPFILE}
rtn=$?
- cat /tmp/mtx.$$ | grep "^drive ${DRIVE}: <FULL>" | awk '{print $6+1}' | tr -d ">"
- cat /tmp/mtx.$$ | grep "^drive ${DRIVE}: source: <>" | awk "{print 0}"
- rm -f /tmp/mtx.$$
+ cat ${TMPFILE} | grep "^drive ${DRIVE}: <FULL>" | awk '{print $6+1}' | tr -d ">"
+ cat ${TMPFILE} | grep "^drive ${DRIVE}: source: <>" | awk "{print 0}"
+ rm -f ${TMPFILE}
exit $rtn
;;
diff --git a/bacula/examples/autochangers/chio-changer.Sony-TSL-SA300C b/bacula/examples/autochangers/chio-changer.Sony-TSL-SA300C
index 758e416..6e3505a 100755
--- a/bacula/examples/autochangers/chio-changer.Sony-TSL-SA300C
+++ b/bacula/examples/autochangers/chio-changer.Sony-TSL-SA300C
@@ -34,6 +34,21 @@
SIMULATE_BARCODE=true
BARCODE_FILE=/usr/local/etc/bacula-barcodes
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
+
+
me=$(basename $0)
fullpath_me=$0
@@ -129,14 +144,15 @@ case ${COMMAND} in
loaded)
# echo "Request loaded"
- ${MTX} -f ${CHANGER} status -S > /tmp/mtx.$$
+ make_temp_file
+ ${MTX} -f ${CHANGER} status -S > ${TMPFILE}
rtn=$?
- cat /tmp/mtx.$$ | grep "^slot .: <ACCESS>" | awk '{print $2+1}' | tr -d ":"
- drive=`cat /tmp/mtx.$$ | grep "^drive .: <ACCESS>"`
+ cat ${TMPFILE} | grep "^slot .: <ACCESS>" | awk '{print $2+1}' | tr -d ":"
+ drive=`cat ${TMPFILE}| grep "^drive .: <ACCESS>"`
if [ -n "$drive" ]; then
echo 0
fi
- rm -f /tmp/mtx.$$
+ rm -f ${TMPFILE}
exit $rtn
;;
diff --git a/bacula/examples/autochangers/locking-mtx-changer b/bacula/examples/autochangers/locking-mtx-changer
index c71169a..7884830 100644
--- a/bacula/examples/autochangers/locking-mtx-changer
+++ b/bacula/examples/autochangers/locking-mtx-changer
@@ -35,6 +35,21 @@
MTX=/lysator/bin/mtx
LOCKDIR=/tmp
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
+
+
if test $# -lt 2 ; then
echo "usage: mtx-changer ctl-device command slot archive-device drive"
echo " Insufficient number of arguments arguments given."
@@ -64,14 +79,15 @@ wait_for_drive() {
LOCKFILE="${LOCKDIR}/mtx-changer:`echo $ctl | tr / _'"
changer_lock() {
- echo "$$" >$LOCKFILE.$$
+ make_temp_file lock
+ echo "$$" >${TMPFILE}
- while ! ln -n $LOCKFILE.$$ $LOCKFILE 2>/dev/null; do
+ while ! ln -n ${TMPFILE} $LOCKFILE 2>/dev/null; do
echo "$0: changer lock busy, retrying in 30 seconds..."
sleep 30
done
- rm $LOCKFILE.$$
+ rm ${TMPFILE}
}
changer_unlock() {
@@ -141,11 +157,12 @@ case $cmd in
;;
loaded)
- ${MTX} -f $ctl status >/tmp/mtx.$$
+ make_temp_file
+ ${MTX} -f $ctl status >${TMPFILE}
rtn=$?
- cat /tmp/mtx.$$ | grep "^Data Transfer Element $drive:Full" | awk "{print \$7}"
- cat /tmp/mtx.$$ | grep "^Data Transfer Element $drive:Empty" | awk "{print 0}"
- rm -f /tmp/mtx.$$
+ cat ${TMPFILE} | grep "^Data Transfer Element $drive:Full" | awk "{print \$7}"
+ cat ${TMPFILE} | grep "^Data Transfer Element $drive:Empty" | awk "{print 0}"
+ rm -f ${TMPFILE}
changer_unlock $ctl
exit $rtn
;;
diff --git a/bacula/examples/autochangers/mtx-changer.Adic-Scalar-100 b/bacula/examples/autochangers/mtx-changer.Adic-Scalar-100
index 8c09ba3..3795410 100755
--- a/bacula/examples/autochangers/mtx-changer.Adic-Scalar-100
+++ b/bacula/examples/autochangers/mtx-changer.Adic-Scalar-100
@@ -110,6 +110,21 @@ MTX=/usr/local/sbin/mtx
######################### Functions
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
+
+
@@ -372,17 +387,18 @@ case "$2" in
loaded)
echo "Request loaded, DREW YOU HAVEN'T IMPLEMENTED YET!!!!"
- ${MTX} -f $1 status >/tmp/mtx.$$
+ make_temp_file
+ ${MTX} -f $1 status >${TMPFILE}
rtn=$?
- cat /tmp/mtx.$$ | grep "^Data Transfer Element 0:Full" | awk "{print
+ cat ${TMPFILE} | grep "^Data Transfer Element 0:Full" | awk "{print
\$7}"
- cat /tmp/mtx.$$ | grep "^Data Transfer Element 0:Empty" | awk "{print
+ cat ${TMPFILE} | grep "^Data Transfer Element 0:Empty" | awk "{print
0}"
-# cat /tmp/mtx.$$ | grep "^Data Transfer Element 1:Full" | awk "{print
+# cat ${TMPFILE} | grep "^Data Transfer Element 1:Full" | awk "{print
\$7}"
-# cat /tmp/mtx.$$ | grep "^Data Transfer Element 1:Empty" | awk
+# cat ${TMPFILE} | grep "^Data Transfer Element 1:Empty" | awk
"{print 0}"
- rm -f /tmp/mtx.$$
+ rm -f ${TMPFILE}
echo "mtx-changer returning value: $rtn"
exit $rtn
diff --git a/bacula/examples/autochangers/mtx-changer.Adic-Scalar-24 b/bacula/examples/autochangers/mtx-changer.Adic-Scalar-24
index 70a7409..eec9e56 100755
--- a/bacula/examples/autochangers/mtx-changer.Adic-Scalar-24
+++ b/bacula/examples/autochangers/mtx-changer.Adic-Scalar-24
@@ -29,6 +29,21 @@
MTX=/usr/sbin/mtx
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
+
+
if test $# -lt 2 ; then
echo "usage: mtx-changer ctl-device command slot archive-device drive"
echo " Insufficient number of arguments arguments given."
@@ -102,12 +117,12 @@ case $cmd in
;;
loaded)
- tempfile=`mktemp -t` || exit 33
- ${MTX} -f $ctl status > $tempfile
+ make_temp_file
+ ${MTX} -f $ctl status > ${TMPFILE}
rtn=$?
- cat $tempfile | grep "^Data Transfer Element $drive:Full" | awk '{print $7}'
- cat $tempfile | grep "^Data Transfer Element $drive:Empty" | awk '{print 0}'
- rm -f $tempfile
+ cat ${TMPFILE} | grep "^Data Transfer Element $drive:Full" | awk '{print $7}'
+ cat ${TMPFILE} | grep "^Data Transfer Element $drive:Empty" | awk '{print 0}'
+ rm -f ${TMPFILE}
exit $rtn
;;
diff --git a/bacula/examples/autochangers/mtx-changer.StorageTek-HPA4853 b/bacula/examples/autochangers/mtx-changer.StorageTek-HPA4853
index d2eacf9..25428db 100755
--- a/bacula/examples/autochangers/mtx-changer.StorageTek-HPA4853
+++ b/bacula/examples/autochangers/mtx-changer.StorageTek-HPA4853
@@ -10,6 +10,23 @@
#TAPEDRIVE0 holds the device/name of your 1st and only DLT drive (Bacula supports only 1 drive currently)
#
#Read TAPEDRIVE from command line parameters
+
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
+
+
+
if [ -z "$4" ] ; then
TAPEDRIVE0=/dev/st0
else
@@ -51,10 +68,11 @@ case "$2" in
#
#Check if you want to fool me
if [ $MTXCHVERBOSE -eq 1 ] ; then echo "mtx-changer: Checking if drive is loaded before we unload. I Request loaded" ; fi
- mtx -f $1 status >/tmp/mtx.$$
+ make_temp_file
+ mtx -f $1 status >${TMPFILE}
rm -f /tmp/mtxloaded
- cat /tmp/mtx.$$ | grep "^Data Transfer Element 0:Full" | awk "{print \$7}" > /tmp/mtxloaded
- rm -f /tmp/mtx.$$
+ cat ${TMPFILE} | grep "^Data Transfer Element 0:Full" | awk "{print \$7}" > /tmp/mtxloaded
+ rm -f ${TMPFILE}
read LOADEDVOL </tmp/mtxloaded
if [ -z "$LOADEDVOL" ] ; then
LOADEDVOL=0
@@ -71,10 +89,11 @@ case "$2" in
load)
#Let's check if drive is loaded before we load it
if [ $MTXCHVERBOSE -eq 1 ] ; then echo "mtx-changer: Checking if drive is loaded before we load. I Request loaded" ; fi
- mtx -f $1 status >/tmp/mtx.$$
+ make_temp_file
+ mtx -f $1 status >${TMPFILE}
rm -f /tmp/mtxloaded
- cat /tmp/mtx.$$ | grep "^Data Transfer Element 0:Full" | awk "{print \$7}" > /tmp/mtxloaded
- rm -f /tmp/mtx.$$
+ cat ${TMPFILE}| grep "^Data Transfer Element 0:Full" | awk "{print \$7}" > /tmp/mtxloaded
+ rm -f ${TMPFILE}
read LOADEDVOL </tmp/mtxloaded
if [ -z "$LOADEDVOL" ] ; then
LOADEDVOL=0
@@ -124,10 +143,11 @@ case "$2" in
loaded)
if [ $MTXCHVERBOSE -eq 1 ] ; then echo "mtx-changer: Request loaded" ; fi
- mtx -f $1 status >/tmp/mtx.$$
- cat /tmp/mtx.$$ | grep "^Data Transfer Element 0:Full" | awk "{print \$7}"
- cat /tmp/mtx.$$ | grep "^Data Transfer Element 0:Empty" | awk "{print 0}"
- rm -f /tmp/mtx.$$
+ make_temp_file
+ mtx -f $1 status >${TMPFILE}
+ cat ${TMPFILE} | grep "^Data Transfer Element 0:Full" | awk "{print \$7}"
+ cat ${TMPFILE} | grep "^Data Transfer Element 0:Empty" | awk "{print 0}"
+ rm -f ${TMPFILE}
;;
slots)
diff --git a/bacula/examples/autochangers/solaris-mtx-changer b/bacula/examples/autochangers/solaris-mtx-changer
index 6f68595..30bce53 100755
--- a/bacula/examples/autochangers/solaris-mtx-changer
+++ b/bacula/examples/autochangers/solaris-mtx-changer
@@ -34,6 +34,22 @@ export PATH="/usr/local/bin:/usr/sfw/bin:/usr/xpg4/bin:/usr/bin"
MTX=mtx
+TMPDIR=/tmp
+
+make_temp_file()
+{
+ TMPFILE=`mktemp ${TMPDIR}/mtx$1.XXXXXXXXXX 2> /dev/null`
+ if test $? -ne 0 || test x${TMPFILE} = x; then
+ TMPFILE="${TMPDIR}/mtx$1.$$"
+ if test -f ${TMPFILE}; then
+ echo "ERROR: Temp file security problem on: ${TMPFILE}"
+ exit 1
+ fi
+ fi
+}
+
+
+
#
# The purpose of this function to wait a maximum
@@ -142,11 +158,12 @@ case $cmd in
;;
loaded)
- ${MTX} -f $ctl status >/tmp/mtx.$$
+ make_temp_file
+ ${MTX} -f $ctl status >${TMPFILE}
rtn=$?
- cat /tmp/mtx.$$ | grep "^Data Transfer Element $drive:Full" | awk "{print \$7}"
- cat /tmp/mtx.$$ | grep "^Data Transfer Element $drive:Empty" | awk "{print 0}"
- rm -f /tmp/mtx.$$
+ cat ${TMPFILE} | grep "^Data Transfer Element $drive:Full" | awk "{print \$7}"
+ cat ${TMPFILE} | grep "^Data Transfer Element $drive:Empty" | awk "{print 0}"
+ rm -f ${TMPFILE}
exit $rtn
;;
--
cgit v0.8.3.4
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
d7ee511874c36c6f8822afb16939afcd
>
files
>
12
