Hello Jon > Hi again > > So my 'blinder' project is moving along. I got (almost) everything in > working order. I still need to do a couple of things before I start > cleaning up, and move everything into the 'proper' fhs-locations. But > none of that is really all that complicated. > There is one obstacle remaining, however, that I *am* going to need help > with. > > Using the weblet and some cgi-scripts I can now generate a crontab which > includes the original content, and has some entries added that will call > the programs to open/close my blinds at designated times. > > For a number of reasons I decided to generate this file in a temporary > location, as opposed to try and edit /etc/crontab on the fly. It works, > and reliably generates the file as it should look. > > My problem at this stage is getting the generated file inserted into the > system. Because of the (very sensible) fact that cgi-scripts may not > write to crontab, and setting suid on the script doesn't work either, > I'm kind of stumped on how to achieve this. 1. As you are not afraid for security problems you could solve this rather easy by changeing the user running the sh-httpd to root. change the www stream tcp nowait sh-httpd /usr/sbin/tcpd /usr/sbin/sh-httpd to www stream tcp nowait root .................... and restart inetd
..................... 2. second possibility create a cron job that looks for an alternative crontab at regular intervals and insert this alternative one in the main crontab. ----------------------------------------- 3. make a small c-script that reads your alternative file, and writes it to crontab. This file can be owned by root. suid 4755 execute this file from a special page or option in cgi-bin ...................................................... > Questions: > Is there a sensible way to let a cgi-script update crontab? Without > opening ridiculous security issues, like hacking sh-httpd to let cgi > execute outside of cgi-bin... > > Does cron allow for 'sourcing' of additional files from /etc/crontab? > (Like adding a: . /path/to/sh-httpd/writeable/file to /etc/crontab) look above > > Can I have cron look at a (different) crontab that is writeable by > sh-httpd? yes see above > Most of the programming that I've already done is probably full of > security issues, as it is, but I don't worry too much about that (yet), as the > whole thing is well shielded from the Net. Evenso, I'd rather avoid > having to open up the system even further. > > If anyone is curious, there's a dummy version of the form that I built > at http://bund.dk/~jon/blinder somewhere. And the function that's my > problem is with the "Commit Changes"-button... Never mind the colors/layout, > though, "I'm *not* a web-programmer" ;-P > > I know this is borderline [OT], but I figure this list is my best bet at > getting some useful tips on this. Sorry if I'm being a nuisance, but > well... > > TIA > > Jon Clausen regards Eric Wolzak member of the Bering crew. _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
