7 extern const char **environ;
10 #define ZONES "jankratochvil.net","dyn.jankratochvil.net"
12 #define SETUID 0 /* user UID */
13 #define SETGID 0 /* group GID */
14 #define PERMITTED_ENV_LIST "PWD"
15 #define EXEC_PATHNAME "/usr/sbin/rndc"
16 #define EXEC_ARGV(zone) "/usr/sbin/rndc","reload",(zone),NULL
19 #ifndef G_GNUC_NORETURN
20 #if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ > 4)
21 #define G_GNUC_NORETURN __attribute__((noreturn))
23 #define G_GNUC_NORETURN
24 #endif /* !__GNUC__ */
25 #endif /* !G_GNUC_NORETURN */
27 #define EXITLOG(msg...) do {\
28 openlog("ndc-reload-short",LOG_PID,LOG_DAEMON); \
29 syslog(LOG_CRIT,msg); \
34 #define LENGTH(x) (sizeof((x))/sizeof(*(x)))
36 #define FUNCCHK(funcname,args...) do { \
37 if (errno=0,funcname(args)) \
38 funcfail( #funcname "()" ); \
41 static void funcfail(const char *funcname) G_GNUC_NORETURN;
42 static void funcfail(const char *funcname)
44 EXITLOG("Unable to %s: %s",funcname,strerror(errno));
47 int main(int argc,char **argv)
50 const char *allowed[]={ PERMITTED_ENV_LIST };
51 const char **allp,**envp;
53 const char *zones_allowed[]={ ZONES };
58 for (allp=zones_allowed;allp<zones_allowed+LENGTH(zones_allowed);allp++)
59 if (!strcmp(*allp,argv[1]))
61 if (allp>=zones_allowed+LENGTH(zones_allowed))
62 funcfail("zone rejected");
65 for (envp=environ;*envp;envp++) {
68 if ((s=strchr(dup,'='))) *s='\0';
69 for (allp=allowed;allp<allowed+LENGTH(allowed);allp++)
70 if (!strcmp(dup,*allp)) goto ok;
72 EXITLOG("Unable to clean environment for 'ndc': %s",*envp);
77 FUNCCHK(setenv,"PATH","/usr/bin",1);
79 FUNCCHK(setgid,SETGID);
80 FUNCCHK(setuid,SETUID);
81 errno=0,execl(EXEC_PATHNAME,EXEC_ARGV(argv[1]));