Commit ba798a7f authored by Franco Fichtner's avatar Franco Fichtner

globals: changing the laws of UNIX is bad (1/many)

/tmp is unlikely to change.  If, however you decide to change
it to somewhere else the likelihood of someone else hardcoding
/tmp just to annoy you is so high that it simply makes no sense
to keep any softcoding in this regard.  More batches coming, but
since the usage is so widespread, I'll push it bit by bit.
parent 4b01b9d3
......@@ -103,9 +103,9 @@ if (function_exists("display_error_form") && !isset($config['system']['webgui'][
// If the HTTP_REFERER is something other than ourselves then disallow.
if(function_exists("display_error_form") && !isset($config['system']['webgui']['nohttpreferercheck'])) {
if($_SERVER['HTTP_REFERER']) {
if(file_exists("{$g['tmp_path']}/setupwizard_lastreferrer")) {
if($_SERVER['HTTP_REFERER'] == file_get_contents("{$g['tmp_path']}/setupwizard_lastreferrer")) {
unlink("{$g['tmp_path']}/setupwizard_lastreferrer");
if(file_exists('/tmp/setupwizard_lastreferrer')) {
if($_SERVER['HTTP_REFERER'] == file_get_contents('/tmp/setupwizard_lastreferrer')) {
unlink('/tmp/setupwizard_lastreferrer');
header("Refresh: 1; url=index.php");
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">";
echo "<html><head><title>" . gettext("Redirecting...") . "</title></head><body>" . gettext("Redirecting to the dashboard...") . "</body></html>";
......
......@@ -150,9 +150,9 @@ function display_login_form()
isset($_SESSION['Login_Error']) ? $login_error = $_SESSION['Login_Error'] : $login_error = gettext("unknown reason");
printf("showajaxmessage('" . gettext("Invalid login (%s).") . "')", $login_error);
}
if (file_exists("{$g['tmp_path']}/webconfigurator.lock")) {
if (file_exists('/tmp/webconfigurator.lock')) {
// TODO: add the IP from the user who did lock the device
$whom = file_get_contents("{$g['tmp_path']}/webconfigurator.lock");
$whom = file_get_contents('/tmp/webconfigurator.lock');
printf("showajaxmessage('" . gettext("This device is currently being maintained by: %s.") . "');", $whom);
}
}
......
......@@ -405,7 +405,7 @@ EODD;
echo gettext(" done!") . "\n";
touch("{$g['tmp_path']}/assign_complete");
touch('/tmp/assign_complete');
}
}
......
<?php
/*
Copyritgh (C) 2014 Deciso B.V.
Copyright (C) Scott Ullrich
Copyright (C) 2009 Jim Pingle <myfirstname>@<mylastname>.org
Copyright (C) 2009 Jim Pingle
All rights reserved.
Redistribution and use in source and binary forms, with or without
......@@ -286,10 +287,11 @@ function find_rule_by_number($rulenum, $type="block") {
if ($type == "rdr")
$_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | /usr/bin/egrep " . escapeshellarg("^@{$rulenum}"), $buffer);
else {
if (file_exists("{$g['tmp_path']}/rules.debug"))
$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer);
else
$_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer);
if (file_exists('/tmp/rules.debug')) {
$_gb = exec('/sbin/pfctl -vvPnf /tmp/rules.debug 2>/dev/null | /usr/bin/egrep ' . escapeshellarg($lookup_pattern), $buffer);
} else {
$_gb = exec('/sbin/pfctl -vvPsr | /usr/bin/egrep ' . escapeshellarg($lookup_pattern), $buffer);
}
}
if (is_array($buffer))
return $buffer[0];
......@@ -313,10 +315,11 @@ function buffer_rules_load() {
}
}
unset($buffer, $_gb);
if (file_exists("{$g['tmp_path']}/rules.debug"))
$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]' | /usr/bin/egrep -v '^@[0-9]+\([0-9]+\)[[:space:]](nat|rdr|binat|no|scrub)'", $buffer);
else
if (file_exists('/tmp/rules.debug')) {
$_gb = exec("/sbin/pfctl -vvPnf /tmp/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]' | /usr/bin/egrep -v '^@[0-9]+\([0-9]+\)[[:space:]](nat|rdr|binat|no|scrub)'", $buffer);
} else {
$_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]'", $buffer);
}
if (is_array($buffer)) {
foreach ($buffer as $line) {
......
<?php
/*
Copyright (C) 2008 Bill Marquette, Seth Mos
Copyright (C) 2010 Ermal Luçi
......@@ -24,11 +25,8 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
pfSense_BUILDER_BINARIES: /sbin/route /usr/local/sbin/apinger
pfSense_MODULE: routing
*/
require_once("config.inc");
require_once("rrd.inc");
......@@ -339,11 +337,8 @@ EOD;
@file_put_contents("{$g['varetc_path']}/apinger.conf", $apingerconfig);
unset($apingerconfig);
if (is_dir("{$g['tmp_path']}"))
chmod("{$g['tmp_path']}", 01777);
if (!is_dir("{$g['vardb_path']}/rrd"))
mkdir("{$g['vardb_path']}/rrd", 0775);
@chmod('/tmp', 01777);
@mkdir("{$g['vardb_path']}/rrd", 0775);
@chown("{$g['vardb_path']}/rrd", "nobody");
/* Restart apinger process */
......@@ -698,13 +693,13 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive
if ($found_defaultv4 == 0 || $found_defaultv6 == 0) {
foreach ($gateways_arr as &$gateway) {
if (($gateway['friendlyiface'] == "wan") && ($found_defaultv4 == 0) && (!isset($gateway['ipprotocol']) || ($gateway['ipprotocol'] == "inet"))) {
if (file_exists("{$g['tmp_path']}/{$gateway['interface']}_defaultgw")) {
if (file_exists("/tmp/{$gateway['interface']}_defaultgw")) {
$gateway['defaultgw'] = true;
$found_defaultv4 = 1;
}
}
if (($gateway['friendlyiface'] == "wan") && ($found_defaultv6 == 0) && ($gateway['ipprotocol'] == "inet6")) {
if (file_exists("{$g['tmp_path']}/{$gateway['interface']}_defaultgwv6")) {
if (file_exists("/tmp/{$gateway['interface']}_defaultgwv6")) {
$gateway['defaultgw'] = true;
$found_defaultv6 = 1;
}
......@@ -975,11 +970,11 @@ function get_interface_gateway($interface, &$dynamic = false) {
// for dynamic interfaces we handle them through the $interface_router file.
if (!is_ipaddrv4($gw) && !is_ipaddrv4($gwcfg['ipaddr'])) {
$realif = get_real_interface($interface);
if (file_exists("{$g['tmp_path']}/{$realif}_router")) {
$gw = trim(file_get_contents("{$g['tmp_path']}/{$realif}_router"), " \n");
if (file_exists("/tmp/{$realif}_router")) {
$gw = trim(file_get_contents("/tmp/{$realif}_router"), " \n");
$dynamic = true;
}
if (file_exists("{$g['tmp_path']}/{$realif}_defaultgw"))
if (file_exists("/tmp/{$realif}_defaultgw"))
$dynamic = "default";
}
......@@ -1005,11 +1000,11 @@ function get_interface_gateway_v6($interface, &$dynamic = false) {
// for dynamic interfaces we handle them through the $interface_router file.
if (!is_ipaddrv6($gw) && !is_ipaddrv6($gwcfg['ipaddrv6'])) {
$realif = get_real_interface($interface);
if (file_exists("{$g['tmp_path']}/{$realif}_routerv6")) {
$gw = trim(file_get_contents("{$g['tmp_path']}/{$realif}_routerv6"), " \n");
if (file_exists("/tmp/{$realif}_routerv6")) {
$gw = trim(file_get_contents("/tmp/{$realif}_routerv6"), " \n");
$dynamic = true;
}
if (file_exists("{$g['tmp_path']}/{$realif}_defaultgwv6"))
if (file_exists("/tmp/{$realif}_defaultgwv6"))
$dynamic = "default";
}
......
<?php
/*
Copyright (C) 2011-2012 Ermal Luçi
Copyright (C) 2011-2012 Ermal Luçi
All rights reserved.
Redistribution and use in source and binary forms, with or without
......@@ -177,8 +178,6 @@ $rules = parse_cisco_acl($attributes);
if (!empty($rules)) {
$pid = posix_getpid();
@file_put_contents("/tmp/ipsec_{$pid}{$common_name}.rules", $rules);
mwexec("/sbin/pfctl -a " . escapeshellarg("ipsec/{$common_name}") . " -f {$g['tmp_path']}/ipsec_{$pid}" . escapeshellarg($common_name) . ".rules");
@unlink("{$g['tmp_path']}/ipsec_{$pid}{$common_name}.rules");
mwexec("/sbin/pfctl -a " . escapeshellarg("ipsec/{$common_name}") . " -f /tmp/ipsec_{$pid}" . escapeshellarg($common_name) . ".rules");
@unlink("/tmp/ipsec_{$pid}{$common_name}.rules");
}
?>
<?php
/*
* Copyright (C) 2009 Scott Ullrich (sullrich@gmail.com)
* Copyright (C) 2005 Colin Smith (ethethlay@gmail.com)
* Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>
* Copyright (C) 2005 Colin Smith <ethethlay@gmail.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
......@@ -31,8 +31,6 @@
require_once("globals.inc");
require_once("led.inc");
$notice_path = $g['tmp_path'] . '/notices';
/****f* notices/file_notice
* NAME
* file_notice
......@@ -49,7 +47,6 @@ function file_notice($id, $notice, $category = "General", $url = "", $priority =
* $priority - A notice's priority. Higher numbers indicate greater severity.
* 0 = informational, 1 = warning, 2 = error, etc. This may also be arbitrary,
*/
global $notice_path;
if(!$queue = get_notices()) $queue = array();
$queuekey = time();
$toqueue = array(
......@@ -60,9 +57,9 @@ function file_notice($id, $notice, $category = "General", $url = "", $priority =
'priority' => $priority,
);
$queue[$queuekey] = $toqueue;
$queueout = fopen($notice_path, "w");
$queueout = fopen('/tmp/notices', 'w');
if(!$queueout) {
log_error(printf(gettext("Could not open %s for writing"), $notice_path));
log_error(printf(gettext("Could not open %s for writing"), '/tmp/notices'));
return;
}
fwrite($queueout, serialize($queue));
......@@ -87,11 +84,12 @@ function file_notice($id, $notice, $category = "General", $url = "", $priority =
* RESULT
* Returns a specific notices text
******/
function get_notices($category = "all") {
function get_notices($category = 'all')
{
global $g;
if(file_exists("{$g['tmp_path']}/notices")) {
$queue = unserialize(file_get_contents("{$g['tmp_path']}/notices"));
if (file_exists('/tmp/notices')) {
$queue = unserialize(file_get_contents('/tmp/notices'));
if(!$queue) return false;
if($category != 'all') {
foreach($queue as $time => $notice) {
......@@ -115,9 +113,10 @@ function get_notices($category = "all") {
* RESULT
* Removes a notice from the list
******/
function close_notice($id) {
global $notice_path;
function close_notice($id)
{
require_once("util.inc");
/* soekris */
if(file_exists("/dev/led/error"))
exec("/bin/echo 0 > /dev/led/error");
......@@ -126,7 +125,7 @@ function close_notice($id) {
$ids = array();
if(!$notices = get_notices()) return;
if($id == "all") {
unlink_if_exists($notice_path);
unlink_if_exists('/tmp/notices');
return;
}
foreach(array_keys($notices) as $time) {
......@@ -145,11 +144,11 @@ function close_notice($id) {
}
}
if(count($notices) != 0) {
$queueout = fopen($notice_path, "w");
$queueout = fopen('/tmp/notices', 'w');
fwrite($queueout, serialize($notices));
fclose($queueout);
} else {
unlink_if_exists($notice_path);
unlink_if_exists('/tmp/notices');
}
return;
......@@ -165,7 +164,7 @@ function close_notice($id) {
******/
function dump_xml_notices() {
require_once("xmlparse.inc");
global $notice_path, $listtags;
global $listtags;
$listtags[] = 'notice';
if(!$notices = get_notices()) return;
foreach($notices as $time => $notice) {
......@@ -235,11 +234,12 @@ function print_notice_box($category = "all") {
* RESULT
* returns true if notices are pending, false if they are not
******/
function are_notices_pending($category = "all") {
global $notice_path;
if(file_exists($notice_path)) {
function are_notices_pending($category = 'all')
{
if (file_exists('/tmp/notices')) {
return true;
}
return false;
}
......
<?php
/*
Copyright (C) 2011-2012 Ermal Luçi
Copyright (C) 2011-2012 Ermal Luçi
All rights reserved.
Redistribution and use in source and binary forms, with or without
......@@ -179,8 +180,8 @@ $rules = parse_cisco_acl($attributes);
if (!empty($rules)) {
$pid = posix_getpid();
@file_put_contents("/tmp/ovpn_{$pid}{$common_name}.rules", $rules);
mwexec("/sbin/pfctl -a " . escapeshellarg("openvpn/{$common_name}") . " -f {$g['tmp_path']}/ovpn_{$pid}" . escapeshellarg($common_name) . ".rules");
@unlink("{$g['tmp_path']}/ovpn_{$pid}{$common_name}.rules");
mwexec("/sbin/pfctl -a " . escapeshellarg("openvpn/{$common_name}") . " -f /tmp/ovpn_{$pid}" . escapeshellarg($common_name) . ".rules");
@unlink("/tmp/ovpn_{$pid}{$common_name}.rules");
}
?>
......@@ -160,8 +160,9 @@ if (isset($attributes['framed_ip'])) {
// }
}
if (!empty($content))
@file_put_contents("{$g['tmp_path']}/{$username}", $content);
if (!empty($content)) {
@file_put_contents("/tmp/{$username}", $content);
}
syslog(LOG_NOTICE, "user '{$username}' authenticated\n");
closelog();
......
......@@ -2,7 +2,7 @@
/*
* Copyright (C) 2010 Ermal Luci
* Copyright (C) 2005-2006 Colin Smith (ethethlay@gmail.com)
* Copyright (C) 2005-2006 Colin Smith <ethethlay@gmail.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
......@@ -55,7 +55,7 @@ if (!function_exists("pkg_debug")) {
return;
if (!$fd_log) {
if (!$fd_log = fopen("{$g['tmp_path']}/pkg_mgr_{$package}.log", "w"))
if (!$fd_log = fopen("/tmp/pkg_mgr_{$package}.log", "w"))
update_output_window("Warning, could not open log for writing.");
}
@fwrite($fd_log, $msg);
......@@ -473,7 +473,7 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url =
$pkgstaging = "-o {$pkgstagingdir}/instmp.XXXXXX";
$fetchdir = $pkgstagingdir;
} else {
$fetchdir = $g['tmp_path'];
$fetchdir = '/tmp';
}
/* FreeBSD has no PBI's hosted, so fall back to our own URL for now. (Maybe fail to PC-BSD?) */
......
......@@ -287,7 +287,7 @@ function services_dhcpd_configure($family = "all", $blacklist = array()) {
global $config, $g;
/* configure DHCPD chroot once */
$fd = fopen("{$g['tmp_path']}/dhcpd.sh","w");
$fd = fopen('/tmp/dhcpd.sh', 'w');
fwrite($fd, "/bin/mkdir -p {$g['dhcpd_chroot_path']}\n");
fwrite($fd, "/bin/mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
fwrite($fd, "/bin/mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
......@@ -306,7 +306,7 @@ function services_dhcpd_configure($family = "all", $blacklist = array()) {
if (!trim($status))
fwrite($fd, "/sbin/mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
fclose($fd);
mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh");
mwexec('/bin/sh /tmp/dhcpd.sh');
if ($family == "all" || $family == "inet")
services_dhcpdv4_configure();
......@@ -1345,7 +1345,7 @@ EOD;
}
$igmpconf .= "\n";
$igmpfl = fopen($g['tmp_path'] . "/igmpproxy.conf", "w");
$igmpfl = fopen('/tmp/igmpproxy.conf', 'w');
if (!$igmpfl) {
log_error(gettext("Could not write Igmpproxy configuration file!"));
return;
......@@ -1355,7 +1355,7 @@ EOD;
unset($igmpconf);
/* NOTE: -d4 means everything LOG_WARNING and smaller */
mwexec("/usr/local/sbin/igmpproxy -d4 -c {$g['tmp_path']}/igmpproxy.conf");
mwexec('/usr/local/sbin/igmpproxy -d4 -c /tmp/igmpproxy.conf');
log_error(gettext("Started IGMP proxy service."));
return 0;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment