HEX

File: //usr/bin/crontab
#!/usr/bin/bash
##CageFS proxyexec wrapper - ver 18

if [[ $EUID -eq 0 ]]; then
    echo 'Cannot be run as root'
    exit 1
fi

USR=`/usr/bin/whoami`
CWD=`pwd`
TOKEN=`/bin/cat /var/.cagefs/.cagefs.token`
# It's user's tmp directory and write to it is secure procedure
# because this script is running only under usual user
LOCKFILE=/tmp/.crontab.lock

# automatically obtain next available fd
# previous strategy with `ulimit -n` failed
# in environment where limit is very high (e.g. 1073741816)
exec {FD}>$LOCKFILE

if [[ -e /var/.cagefs/origin ]]; then
    ORIGIN=`/bin/cat /var/.cagefs/origin`
    REMOTE="/usr/bin/ssh -F /etc/ssh/cagefs-rexec_config $USR@$ORIGIN"
else
    REMOTE=""
fi

eval "(
    /usr/bin/flock -x -w 10 $FD || exit 1
    echo -n \"\" | $REMOTE CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock \"$USR\" \"$CWD\" CRONTAB_CHECK $$
) $FD> $LOCKFILE"

[ $? -ne 0 ] && exit 1

eval "(
  /usr/bin/flock -x -w 10 $FD || exit 1
$REMOTE CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock \"$USR\" \"$CWD\" CRONTAB_LIST $$ 2>/dev/null |cat > /var/spool/cron/$USR
) $FD> $LOCKFILE"

/usr/bin/crontab.cagefs $@

eval "(
  /usr/bin/flock -x -w 10 $FD || exit 1
if [ -e /var/spool/cron/$USR ]; then
        cat /var/spool/cron/$USR | $REMOTE CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock \"$USR\" \"$CWD\" CRONTAB_SAVE $$ 2>/dev/null
else
        echo -n \"\" | $REMOTE CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock \"$USR\" \"$CWD\" CRONTAB_SAVE $$ 2>/dev/null
fi
) $FD>$LOCKFILE"