Index: usr.sbin/cron/cron/database.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/cron/cron/database.c,v retrieving revision 1.8 diff -u -r1.8 database.c --- usr.sbin/cron/cron/database.c 28 Aug 1999 01:15:50 -0000 1.8 +++ usr.sbin/cron/cron/database.c 20 Sep 2005 13:46:13 -0000 @@ -34,7 +34,7 @@ static void process_crontab __P((char *, char *, char *, - struct stat *, + struct stat *, struct stat *, cron_db *, cron_db *)); @@ -43,6 +43,7 @@ cron_db *old_db; { DIR *dir; + struct stat passwd_stat; struct stat statbuf; struct stat syscron_stat; DIR_T *dp; @@ -65,6 +66,11 @@ if (stat(SYSCRONTAB, &syscron_stat) < OK) syscron_stat.st_mtime = 0; + /* track system's shadow password file + */ + if (stat(PASSWD_FILE, &passwd_stat) < OK) + passwd_stat.st_mtime = 0; + /* if spooldir's mtime has not changed, we don't need to fiddle with * the database. * @@ -72,7 +78,8 @@ * so is guaranteed to be different than the stat() mtime the first * time this function is called. */ - if (old_db->mtime == TMAX(statbuf.st_mtime, syscron_stat.st_mtime)) { + if (old_db->mtime == TMAX(statbuf.st_mtime, syscron_stat.st_mtime) && + old_db->mtime == passwd_stat.st_mtime) { Debug(DLOAD, ("[%d] spool dir mtime unch, no load needed.\n", getpid())) return; @@ -84,11 +91,12 @@ * we're done is chaff -- crontabs that disappeared. */ new_db.mtime = TMAX(statbuf.st_mtime, syscron_stat.st_mtime); + new_db.mtime = TMAX(passwd_stat.st_mtime, new_db.mtime); new_db.head = new_db.tail = NULL; if (syscron_stat.st_mtime) { process_crontab("root", "*system*", - SYSCRONTAB, &syscron_stat, + SYSCRONTAB, &syscron_stat, &passwd_stat, &new_db, old_db); } @@ -118,7 +126,7 @@ (void) snprintf(tabname, sizeof tabname, CRON_TAB(fname)); process_crontab(fname, fname, tabname, - &statbuf, &new_db, old_db); + &statbuf, &passwd_stat, &new_db, old_db); } closedir(dir); @@ -193,11 +201,12 @@ static void -process_crontab(uname, fname, tabname, statbuf, new_db, old_db) +process_crontab(uname, fname, tabname, statbuf, pwstatbuf, new_db, old_db) char *uname; char *fname; char *tabname; struct stat *statbuf; + struct stat *pwstatbuf; cron_db *new_db; cron_db *old_db; { @@ -230,7 +239,8 @@ /* if crontab has not changed since we last read it * in, then we can just use our existing entry. */ - if (u->mtime == statbuf->st_mtime) { + if (u->mtime == statbuf->st_mtime && + u->mtime == pwstatbuf->st_mtime) { Debug(DLOAD, (" [no change, using old data]")) unlink_user(old_db, u); link_user(new_db, u); Index: usr.sbin/cron/cron/pathnames.h =================================================================== RCS file: /home/ncvs/src/usr.sbin/cron/cron/pathnames.h,v retrieving revision 1.5 diff -u -r1.5 pathnames.h --- usr.sbin/cron/cron/pathnames.h 28 Aug 1999 01:15:50 -0000 1.5 +++ usr.sbin/cron/cron/pathnames.h 20 Sep 2005 13:09:28 -0000 @@ -51,6 +51,14 @@ #define DENY_FILE "deny" /*-*/ /*#define LOG_FILE "log"*/ /*-*/ + /* File containing encrypted passwords + */ +#define PASSWD_FILE "/etc/master.passwd" + + /* String indicating that an account is locked + */ +#define LOCKED_PASSWD_STRING "*LOCKED*" + /* where should the daemon stick its PID? */ #ifdef _PATH_VARRUN Index: usr.sbin/cron/lib/entry.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/cron/lib/entry.c,v retrieving revision 1.16 diff -u -r1.16 entry.c --- usr.sbin/cron/lib/entry.c 14 Feb 2005 14:09:21 -0000 1.16 +++ usr.sbin/cron/lib/entry.c 20 Sep 2005 14:36:16 -0000 @@ -328,6 +328,12 @@ goto eof; } + if (strncmp(pw->pw_passwd, LOCKED_PASSWD_STRING, + sizeof(LOCKED_PASSWD_STRING)) == 0) { + ecode = e_username; + goto eof; + } + e->uid = pw->pw_uid; e->gid = pw->pw_gid;