Import macOS userland

adv_cmds-176
basic_cmds-55
bootstrap_cmds-116.100.1
developer_cmds-66
diskdev_cmds-667.40.1
doc_cmds-53.60.1
file_cmds-321.40.3
mail_cmds-35
misc_cmds-34
network_cmds-606.40.1
patch_cmds-17
remote_cmds-63
shell_cmds-216.60.1
system_cmds-880.60.2
text_cmds-106

12 files changed, 2607 insertions, 0 deletions

diff --git a/system_cmds/at.tproj/LEGAL b/system_cmds/at.tproj/LEGAL
new file mode 100644
index 0000000..92b1b49
--- /dev/null
+++ b/system_cmds/at.tproj/LEGAL
@@ -0,0 +1,29 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+
+Sorry for the long wait, but there still were a few things to
+be ironed out in at, which I've finally done :-)
+
+The FreeBSD team does have my permission to use at, version 2.9,
+under the BSD license.
+
+You'll find it on sunsite.unc.edu's Incoming, hopefully; the
+md5 checksum is
+
+3ba2ca3c0e87e1a04feae2c6c1376b0d  at-2.9.tgz
+
+Best regards
+	Thomas
+- -- 
+Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet.
+The joy of engineering is to find a straight line on a double
+logarithmic diagram.
+
+-----BEGIN PGP SIGNATURE-----
+Version: 2.6.2i
+
+iQCVAwUBMCjVrPBu+cbJcKCVAQFNiQP/dpWP57s/E8plVGUD3zfgOXDmKUvg8U7a
+VwRzJrIMuSgnSJs0wkpvcomc3NLicipfX7hhWLh/xatPM2YbF7O5HZoNdvWvexD2
+1Y67zJ+0HFb1mPnSBOrS5RFiQAe3KqmGec6E14Rih/qNoFQZBVRFXZ4xxuwP+0Rs
+e2U+TVTUz6A=
+=TvyW
+-----END PGP SIGNATURE-----
diff --git a/system_cmds/at.tproj/at.1 b/system_cmds/at.tproj/at.1
new file mode 100644
index 0000000..1a06d66
--- /dev/null
+++ b/system_cmds/at.tproj/at.1
@@ -0,0 +1,369 @@
+.\" $FreeBSD: src/usr.bin/at/at.man,v 1.34 2003/03/26 02:38:18 keramida Exp $
+.Dd January 13, 2002
+.Dt "AT" 1
+.Os
+.Sh NAME
+.Nm at ,
+.Nm batch ,
+.Nm atq ,
+.Nm atrm
+.Nd queue, examine, or delete jobs for later execution
+.Sh SYNOPSIS
+.Nm at
+.Op Fl q Ar queue
+.Op Fl f Ar file
+.Op Fl mldbv
+.Ar time
+.Nm at
+.Op Fl q Ar queue
+.Op Fl f Ar file
+.Op Fl mldbv
+.Fl t
+.Sm off
+.Op Oo Ar CC Oc Ar YY
+.Ar MM DD hh mm Op . Ar SS
+.Sm on
+.Nm at
+.Fl c Ar job Op Ar job ...
+.Nm at
+.Fl l Op Ar job ...
+.Nm at
+.Fl l
+.Fl q Ar queue
+.Nm at
+.Fl r Ar job Op Ar job ...
+.Pp
+.Nm atq
+.Op Fl q Ar queue
+.Op Fl v
+.Pp
+.Nm atrm
+.Ar job
+.Op Ar job ...
+.Pp
+.Nm batch
+.Op Fl q Ar queue
+.Op Fl f Ar file
+.Op Fl mv
+.Op Ar time
+.Sh DESCRIPTION
+The
+.Nm at
+and
+.Nm batch
+utilities
+read commands from standard input or a specified file.
+The commands are executed at a later time, using
+.Xr sh 1 .
+.Bl -tag -width indent
+.It Nm at
+executes commands at a specified time;
+.It Nm atq
+lists the user's pending jobs, unless the user is the superuser; in that
+case, everybody's jobs are listed;
+.It Nm atrm
+deletes jobs;
+.It Nm batch
+executes commands when system load levels permit; in other words, when the load average
+drops below _LOADAVG_MX (1.5), or the value specified in the invocation of
+.Nm atrun .
+.El
+.Pp
+The
+.Nm at
+utility allows some moderately complex
+.Ar time
+specifications.
+It accepts times of the form
+.Ar HHMM
+or
+.Ar HH:MM
+to run a job at a specific time of day.
+(If that time is already past, the next day is assumed.)
+As an alternative, the following keywords may be specified:
+.Em midnight ,
+.Em noon ,
+or
+.Em teatime
+(4pm)
+and time-of-day may be suffixed with
+.Em AM
+or
+.Em PM
+for running in the morning or the evening.
+The day on which the job is to be run may also be specified
+by giving a date in the form
+.Ar \%month-name day
+with an optional
+.Ar year ,
+or giving a date of the forms
+.Ar DD.MM.YYYY ,
+.Ar DD.MM.YY ,
+.Ar MM/DD/YYYY ,
+.Ar MM/DD/YY ,
+.Ar MMDDYYYY , or
+.Ar MMDDYY .
+The specification of a date must follow the specification of
+the time of day.
+Time can also be specified as:
+.Op Em now
+.Em + Ar count \%time-units ,
+where the time-units can be
+.Em minutes ,
+.Em hours ,
+.Em days ,
+.Em weeks ,
+.Em months
+or
+.Em years
+and
+.Nm at
+may be told to run the job today by suffixing the time with
+.Em today
+and to run the job tomorrow by suffixing the time with
+.Em tomorrow .
+The shortcut
+.Em next 
+can be used instead of
+.Em + 1 .
+.Pp
+For example, to run a job at 4pm three days from now, use
+.Nm at Ar 4pm + 3 days ,
+to run a job at 10:00am on July 31, use
+.Nm at Ar 10am Jul 31
+and to run a job at 1am tomorrow, use
+.Nm at Ar 1am tomorrow .
+.Pp
+The
+.Nm at
+utility also supports the
+.Tn POSIX
+time format (see
+.Fl t
+option).
+.Pp
+For both
+.Nm at
+and
+.Nm batch ,
+commands are read from standard input or the file specified
+with the
+.Fl f
+option.
+The working directory, the environment (except for the variables
+.Ev TERM ,
+.Ev TERMCAP ,
+.Ev DISPLAY
+and
+.Em _ ) ,
+and the
+.Ar umask
+are retained from the time of invocation.
+An
+.Nm at
+or
+.Nm batch
+command invoked from a
+.Xr su 1
+shell will retain the current userid.
+The user will be mailed standard error and standard output from his
+commands, if any.
+Mail will be sent using the command
+.Xr sendmail 8 .
+If
+.Nm at
+is executed from a
+.Xr su 1
+shell, the owner of the login shell will receive the mail.
+.Pp
+The superuser may use these commands in any case.
+For other users, permission to use
+.Nm at
+is determined by the files
+.Pa _PERM_PATH/at.allow
+and
+.Pa _PERM_PATH/at.deny .
+.Pp
+If the file
+.Pa _PERM_PATH/at.allow
+exists, only usernames mentioned in it are allowed to use
+.Nm at .
+In these two files,
+a user is considered to be listed
+only if the user name has no blank or other characters
+before it on its line and a newline character immediately after the name,
+even at the end of the file.
+Other lines are ignored and may be used for comments.
+.Pp
+If
+.Pa _PERM_PATH/at.allow
+does not exist,
+.Pa _PERM_PATH/at.deny
+is checked, every username not mentioned in it is then allowed
+to use
+.Nm at .
+.Pp
+If neither exists, only the superuser is allowed use of
+.Nm at .
+.Sh IMPLEMENTATION NOTES
+Note that
+.Nm at
+is implemented through the
+.Xr launchd 8
+daemon periodically invoking
+.Xr atrun 8 ,
+which is disabled by default.
+See 
+.Xr atrun 8
+for information about enabling
+.Nm atrun .
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl b
+Is an alias for
+.Nm batch .
+.It Fl c
+Cat the jobs listed on the command line to standard output.
+.It Fl d
+Is an alias for
+.Nm atrm
+(this option is deprecated; use
+.Fl r
+instead).
+.It Fl f Ar file
+Read the job from
+.Ar file
+rather than standard input.
+.It Fl l
+With no arguments, list all jobs for the invoking user.
+If one or more
+job numbers are given, list only those jobs.
+.It Fl m
+Send mail to the user when the job has completed even if there was no
+output.
+.It Fl q Ar queue
+Use the specified queue.
+A queue designation consists of a single letter; valid queue designations
+range from
+.Ar a
+to
+.Ar z
+and
+.Ar A
+to
+.Ar Z .
+The
+.Ar _DEFAULT_AT_QUEUE
+queue (a) is the default for
+.Nm at
+and the
+.Ar _DEFAULT_BATCH_QUEUE
+queue (b) is the default for
+.Nm batch .
+Queues with higher letters run with increased niceness.
+If a job is submitted to a queue designated with an uppercase letter, it
+is treated as if it had been submitted to batch at that time.
+If
+.Nm atq
+is given a specific queue, it will only show jobs pending in that queue.
+.It Fl r
+Remove the specified jobs.
+.It Fl t
+Specify the job time using the \*[Px] time format.
+The argument should be in the form
+.Sm off
+.Op Oo Ar CC Oc Ar YY
+.Ar MM DD hh mm Op . Ar SS
+.Sm on
+where each pair of letters represents the following:
+.Pp
+.Bl -tag -width indent -compact -offset indent
+.It Ar CC
+The first two digits of the year (the century).
+.It Ar YY
+The second two digits of the year.
+.It Ar MM
+The month of the year, from 1 to 12.
+.It Ar DD
+the day of the month, from 1 to 31.
+.It Ar hh
+The hour of the day, from 0 to 23.
+.It Ar mm
+The minute of the hour, from 0 to 59.
+.It Ar SS
+The second of the minute, from 0 to 61.
+.El
+.Pp
+If the
+.Ar CC
+and
+.Ar YY
+letter pairs are not specified, the values default to the current
+year.
+If the
+.Ar SS
+letter pair is not specified, the value defaults to 0.
+.It Fl v
+For
+.Nm atq ,
+shows completed but not yet deleted jobs in the queue; otherwise
+shows the time the job will be executed.
+.El
+.Sh FILES
+.Bl -tag -width _ATJOB_DIR/_LOCKFILE -compact
+.It Pa _ATJOB_DIR
+directory containing job files
+(/usr/lib/cron/jobs/)
+.It Pa _ATJOB_DIR/_LOCKFILE
+job-creation lock file
+(/usr/lib/cron/jobs/...)
+.It Pa _ATSPOOL_DIR
+directory containing output spool files
+(/usr/lib/cron/spool/)
+.It Pa _PERM_PATH/at.allow
+allow permission control
+(/usr/lib/cron/at.allow)
+.It Pa _PERM_PATH/at.deny
+deny permission control
+(/usr/lib/cron/at.deny)
+.It Pa /var/run/utmpx
+login records
+.El
+.Sh SEE ALSO
+.Xr nice 1 ,
+.Xr sh 1 ,
+.Xr umask 2 ,
+.Xr compat 5 ,
+.Xr atrun 8 ,
+.Xr cron 8 ,
+.Xr sendmail 8
+.Sh BUGS
+If the file
+.Pa /var/run/utmpx
+is not available or corrupted,
+or if the user is not logged on at the time
+.Nm at
+is invoked, the mail is sent to the userid found
+in the environment variable
+.Ev LOGNAME .
+If that is undefined or empty, the current userid is assumed.
+.Pp
+The
+.Nm at
+and
+.Nm batch
+utilities
+as presently implemented are not suitable when users are competing for
+resources.
+If this is the case, another batch system such as
+.Em nqs
+may be more suitable.
+.Pp
+Specifying a date past 2038 may not work on some systems.
+.Sh AUTHORS
+At was mostly written by
+.An Thomas Koenig Aq ig25@rz.uni-karlsruhe.de .
+The time parsing routines are by
+.An David Parsons Aq orc@pell.chi.il.us ,
+with minor enhancements by
+.An Joe Halpin Aq joe.halpin@attbi.com .
diff --git a/system_cmds/at.tproj/at.c b/system_cmds/at.tproj/at.c
new file mode 100644
index 0000000..9b9b67c
--- /dev/null
+++ b/system_cmds/at.tproj/at.c
@@ -0,0 +1,960 @@
+/*
+ *  at.c : Put file into atrun queue
+ *  Copyright (C) 1993, 1994 Thomas Koenig
+ *
+ *  Atrun & Atq modifications
+ *  Copyright (C) 1993  David Parsons
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/usr.bin/at/at.c,v 1.34 2011/11/06 20:30:21 ed Exp $");
+
+#define _USE_BSD 1
+
+/* System Headers */
+
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/wait.h>
+#include <ctype.h>
+#include <dirent.h>
+#include <err.h>
+#include <errno.h>
+#include <fcntl.h>
+#ifndef __FreeBSD__
+#include <getopt.h>
+#endif
+#include <glob.h>
+#ifdef __FreeBSD__
+#include <locale.h>
+#endif
+#include <pwd.h>
+#include <signal.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+
+#ifdef __APPLE__
+#include <get_compat.h>
+#else  /* !__APPLE */
+#define COMPAT_MODE(a,b) (1)
+#endif /* __APPLE__ */
+
+/* Local headers */
+
+#include "at.h"
+#include "panic.h"
+#include "parsetime.h"
+#include "pathnames.h"
+#include "perm.h"
+
+#define MAIN
+#include "privs.h"
+
+/* Macros */
+
+#ifndef ATJOB_DIR
+#define ATJOB_DIR _PATH_ATJOBS
+#endif
+
+#ifndef LFILE
+#define LFILE ATJOB_DIR ".lockfile"
+#endif
+
+#ifndef ATJOB_MX
+#define ATJOB_MX 255
+#endif
+
+#define ALARMC 10 /* Number of seconds to wait for timeout */
+
+#define SIZE 255
+#define TIMESIZE 50
+
+enum { ATQ, ATRM, AT, BATCH, CAT };	/* what program we want to run */
+
+/* File scope variables */
+
+static const char *no_export[] = {
+    "TERM", "TERMCAP", "DISPLAY", "_"
+};
+static int send_mail = 0;
+static char *atinput = NULL;	/* where to get input from */
+static char atqueue = 0;	/* which queue to examine for jobs (atq) */
+
+/* External variables */
+
+extern char **environ;
+int fcreated;
+char atfile[] = ATJOB_DIR "12345678901234";
+char atverify = 0;		/* verify time instead of queuing job */
+char *namep;
+int posixly_correct;		/* Behave as per POSIX */
+/* http://www.opengroup.org/onlinepubs/009695399/utilities/at.html */
+
+/* Function declarations */
+
+static void sigc(int signo);
+static void alarmc(int signo);
+static char *cwdname(void);
+static void writefile(time_t runtimer, char queue);
+static void list_jobs(long *, int);
+static long nextjob(void);
+static time_t ttime(const char *arg);
+static int in_job_list(long, long *, int);
+static long *get_job_list(int, char *[], int *);
+
+/* Signal catching functions */
+
+static void
+sigc(int signo __unused)
+{
+/* If the user presses ^C, remove the spool file and exit
+ */
+    if (fcreated)
+    {
+	PRIV_START
+	    unlink(atfile);
+	PRIV_END
+    }
+
+    _exit(EXIT_FAILURE);
+}
+
+static void
+alarmc(int signo __unused)
+{
+    char buf[1024];
+
+    /* Time out after some seconds. */
+    strlcpy(buf, namep, sizeof(buf));
+    strlcat(buf, ": file locking timed out\n", sizeof(buf));
+    write(STDERR_FILENO, buf, strlen(buf));
+    sigc(0);
+}
+
+/* Local functions */
+
+static char *
+cwdname(void)
+{
+/* Read in the current directory; the name will be overwritten on
+ * subsequent calls.
+ */
+    static char *ptr = NULL;
+    static size_t size = SIZE;
+
+    if (ptr == NULL)
+	if ((ptr = malloc(size)) == NULL)
+	    errx(EXIT_FAILURE, "virtual memory exhausted");
+
+    while (1)
+    {
+	if (ptr == NULL)
+	    panic("out of memory");
+
+	if (getcwd(ptr, size-1) != NULL)
+	    return ptr;
+
+	if (errno != ERANGE)
+	    perr("cannot get directory");
+
+	free (ptr);
+	size += SIZE;
+	if ((ptr = malloc(size)) == NULL)
+	    errx(EXIT_FAILURE, "virtual memory exhausted");
+    }
+}
+
+static long
+nextjob(void)
+{
+    long jobno;
+    FILE *fid;
+
+    if ((fid = fopen(ATJOB_DIR ".SEQ", "r+")) != NULL) {
+	if (fscanf(fid, "%5lx", &jobno) == 1) {
+	    rewind(fid);
+	    jobno = (1+jobno) % 0xfffff;	/* 2^20 jobs enough? */
+	    fprintf(fid, "%05lx\n", jobno);
+	}
+	else
+	    jobno = EOF;
+	fclose(fid);
+	return jobno;
+    }
+    else if ((fid = fopen(ATJOB_DIR ".SEQ", "w")) != NULL) {
+	fprintf(fid, "%05lx\n", jobno = 1);
+	fclose(fid);
+	return 1;
+    }
+    return EOF;
+}
+
+static void
+writefile(time_t runtimer, char queue)
+{
+/* This does most of the work if at or batch are invoked for writing a job.
+ */
+    long jobno;
+    char *ap, *ppos, *mailname;
+    struct passwd *pass_entry;
+    struct stat statbuf;
+    int fdes, lockdes, fd2;
+    FILE *fp, *fpin;
+    struct sigaction act;
+    char **atenv;
+    int ch;
+    mode_t cmask;
+    struct flock lock;
+    char * oldpwd_str = NULL;
+
+#ifdef __FreeBSD__
+    (void) setlocale(LC_TIME, "");
+#endif
+
+/* Install the signal handler for SIGINT; terminate after removing the
+ * spool file if necessary
+ */
+    act.sa_handler = sigc;
+    sigemptyset(&(act.sa_mask));
+    act.sa_flags = 0;
+
+    sigaction(SIGINT, &act, NULL);
+
+    ppos = atfile + strlen(ATJOB_DIR);
+
+    /* Loop over all possible file names for running something at this
+     * particular time, see if a file is there; the first empty slot at any
+     * particular time is used.  Lock the file LFILE first to make sure
+     * we're alone when doing this.
+     */
+
+    PRIV_START
+
+    if ((lockdes = open(LFILE, O_WRONLY | O_CREAT, S_IWUSR | S_IRUSR)) < 0)
+	perr("cannot open lockfile " LFILE);
+
+    lock.l_type = F_WRLCK; lock.l_whence = SEEK_SET; lock.l_start = 0;
+    lock.l_len = 0;
+
+    act.sa_handler = alarmc;
+    sigemptyset(&(act.sa_mask));
+    act.sa_flags = 0;
+
+    /* Set an alarm so a timeout occurs after ALARMC seconds, in case
+     * something is seriously broken.
+     */
+    sigaction(SIGALRM, &act, NULL);
+    alarm(ALARMC);
+    fcntl(lockdes, F_SETLKW, &lock);
+    alarm(0);
+
+    if ((jobno = nextjob()) == EOF)
+	perr("cannot generate job number");
+
+    sprintf(ppos, "%c%5lx%8lx", queue,
+	    jobno, (unsigned long) (runtimer/60));
+
+    for(ap=ppos; *ap != '\0'; ap ++)
+	if (*ap == ' ')
+	    *ap = '0';
+
+    if (stat(atfile, &statbuf) != 0)
+	if (errno != ENOENT)
+	    perr("cannot access " ATJOB_DIR);
+
+    /* Create the file. The x bit is only going to be set after it has
+     * been completely written out, to make sure it is not executed in the
+     * meantime.  To make sure they do not get deleted, turn off their r
+     * bit.  Yes, this is a kluge.
+     */
+    cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR);
+    if ((fdes = creat(atfile, O_WRONLY)) == -1)
+	perr("cannot create atjob file");
+
+    if ((fd2 = dup(fdes)) <0)
+	perr("error in dup() of job file");
+
+    if(fchown(fd2, real_uid, real_gid) != 0)
+	perr("cannot give away file");
+
+    PRIV_END
+
+    /* We no longer need suid root; now we just need to be able to write
+     * to the directory, if necessary.
+     */
+
+    REDUCE_PRIV(DAEMON_UID, DAEMON_GID)
+
+    /* We've successfully created the file; let's set the flag so it
+     * gets removed in case of an interrupt or error.
+     */
+    fcreated = 1;
+
+    /* Now we can release the lock, so other people can access it
+     */
+    lock.l_type = F_UNLCK; lock.l_whence = SEEK_SET; lock.l_start = 0;
+    lock.l_len = 0;
+    fcntl(lockdes, F_SETLKW, &lock);
+    close(lockdes);
+
+    if((fp = fdopen(fdes, "w")) == NULL)
+	panic("cannot reopen atjob file");
+
+    /* Get the userid to mail to, first by trying getlogin(),
+     * then from LOGNAME, finally from getpwuid().
+     */
+    mailname = getlogin();
+    if (mailname == NULL)
+	mailname = getenv("LOGNAME");
+
+    if ((mailname == NULL) || (mailname[0] == '\0')
+	|| (strlen(mailname) >= MAXLOGNAME) || (getpwnam(mailname)==NULL))
+    {
+	pass_entry = getpwuid(real_uid);
+	if (pass_entry != NULL)
+	    mailname = pass_entry->pw_name;
+    }
+
+    if (atinput != (char *) NULL)
+    {
+	fpin = freopen(atinput, "r", stdin);
+	if (fpin == NULL)
+	    perr("cannot open input file");
+    }
+    fprintf(fp, "#!/bin/sh\n# atrun uid=%ld gid=%ld\n# mail %.*s %d\n",
+	(long) real_uid, (long) real_gid, MAXLOGNAME - 1, mailname,
+	send_mail);
+
+    /* Write out the umask at the time of invocation
+     */
+    fprintf(fp, "umask %lo\n", (unsigned long) cmask);
+
+    /* Write out the environment. Anything that may look like a
+     * special character to the shell is quoted, except for \n, which is
+     * done with a pair of "'s.  Don't export the no_export list (such
+     * as TERM or DISPLAY) because we don't want these.
+     */
+    for (atenv= environ; *atenv != NULL; atenv++)
+    {
+	int export = 1;
+	char *eqp;
+
+	eqp = strchr(*atenv, '=');
+	if (ap == NULL)
+	    eqp = *atenv;
+	else
+	{
+	    size_t i;
+
+	    if(strncmp(*atenv, "OLDPWD", (size_t) (eqp-*atenv)) == 0) {
+		oldpwd_str = *atenv;
+	    }
+	    if (!posixly_correct) {
+		/* Test 891 expects TERM, etc. to show up in "at" env
+		   so exclude them only when not posixly_correct */
+		for (i=0; i<sizeof(no_export)/sizeof(no_export[0]); i++)
+		{
+		    export = export
+			&& (strncmp(*atenv, no_export[i],
+				(size_t) (eqp-*atenv)) != 0);
+		}
+	    }
+	    eqp++;
+	}
+
+	if (export)
+	{
+	    fwrite(*atenv, sizeof(char), eqp-*atenv, fp);
+	    for(ap = eqp;*ap != '\0'; ap++)
+	    {
+		if (*ap == '\n')
+		    fprintf(fp, "\"\n\"");
+		else
+		{
+		    if (!isalnum(*ap)) {
+			switch (*ap) {
+			  case '%': case '/': case '{': case '[':
+			  case ']': case '=': case '}': case '@':
+			  case '+': case '#': case ',': case '.':
+			  case ':': case '-': case '_':
+			    break;
+			  default:
+			    fputc('\\', fp);
+			    break;
+			}
+		    }
+		    fputc(*ap, fp);
+		}
+	    }
+	    fputs("; export ", fp);
+	    fwrite(*atenv, sizeof(char), eqp-*atenv -1, fp);
+	    fputc('\n', fp);
+
+	}
+    }
+    /* Cd to the directory at the time and write out all the
+     * commands the user supplies from stdin.
+     */
+    fprintf(fp, "cd ");
+    for (ap = cwdname(); *ap != '\0'; ap++)
+    {
+	if (*ap == '\n')
+	    fprintf(fp, "\"\n\"");
+	else
+	{
+	    if (*ap != '/' && !isalnum(*ap))
+		fputc('\\', fp);
+
+	    fputc(*ap, fp);
+	}
+    }
+    /* Test cd's exit status: die if the original directory has been
+     * removed, become unreadable or whatever
+     */
+    fprintf(fp, " || {\n\t echo 'Execution directory "
+	        "inaccessible' >&2\n\t exit 1\n}\n");
+
+    /* Put OLDPWD back, since the cd has set it	*/
+    /* Although this is added to fix conformance test at.ex 891, it seems like	*/
+    /* the right thing to do always, so the code is not posix_pedantic only	*/
+    if (oldpwd_str) {
+	    fprintf(fp, "%s; export OLDPWD\n", oldpwd_str);
+    } else {
+	    fprintf(fp, "unset OLDPWD\n");
+    }
+
+    while((ch = getchar()) != EOF)
+	fputc(ch, fp);
+
+    fprintf(fp, "\n");
+    if (ferror(fp))
+	panic("output error");
+
+    if (ferror(stdin))
+	panic("input error");
+
+    fclose(fp);
+
+    /* Set the x bit so that we're ready to start executing
+     */
+
+    if (fchmod(fd2, S_IRUSR | S_IWUSR | S_IXUSR) < 0)
+	perr("cannot give away file");
+
+    close(fd2);
+    if (posixly_correct) {
+	struct tm runtime;
+	char timestr[TIMESIZE];
+	runtime = *localtime(&runtimer);
+	strftime(timestr, TIMESIZE, "%a %b %e %T %Y", &runtime);
+	fprintf(stderr, "job %ld at %s\n", jobno, timestr);
+    } else
+	fprintf(stderr, "Job %ld will be executed using /bin/sh\n", jobno);
+}
+
+static int
+in_job_list(long job, long *joblist, int len)
+{
+    int i;
+
+    for (i = 0; i < len; i++)
+	if (job == joblist[i])
+	    return 1;
+
+    return 0;
+}
+
+static void
+list_one_job(char *name, long *joblist, int len, int *first)
+{
+    struct stat buf;
+    struct tm runtime;
+    unsigned long ctm;
+    char queue;
+    long jobno;
+    time_t runtimer;
+    char timestr[TIMESIZE];
+
+    if (stat(name, &buf) != 0)
+	perr("cannot stat in " ATJOB_DIR);
+
+    /* See it's a regular file and has its x bit turned on and
+     * is the user's
+     */
+    if (!S_ISREG(buf.st_mode)
+	|| ((buf.st_uid != real_uid) && ! (real_uid == 0))
+	|| !(S_IXUSR & buf.st_mode || atverify))
+	return;
+
+    if(sscanf(name, "%c%5lx%8lx", &queue, &jobno, &ctm)!=3)
+	return;
+
+    /* If jobs are given, only list those jobs */
+    if (joblist && !in_job_list(jobno, joblist, len))
+	return;
+
+    if (atqueue && (queue != atqueue))
+        return;
+
+    runtimer = 60*(time_t) ctm;
+    runtime = *localtime(&runtimer);
+    strftime(timestr, TIMESIZE, "%a %b %e %T %Y", &runtime);
+    if (*first) {
+	if (!posixly_correct)
+	    printf("Date\t\t\t\tOwner\t\tQueue\tJob#\n");
+	*first=0;
+    }
+    if (posixly_correct)
+	printf("%ld\t%s\n", jobno, timestr);
+    else {
+	struct passwd *pw = getpwuid(buf.st_uid);
+
+	printf("%s\t%s\t%c%s\t%s\n",
+	       timestr,
+	       pw ? pw->pw_name : "???",
+	       queue,
+	       (S_IXUSR & buf.st_mode) ? "":"(done)",
+	       name);
+    }
+}
+
+static void
+list_jobs(long *joblist, int len)
+{
+    /* List all a user's jobs in the queue, by looping through ATJOB_DIR,
+     * or everybody's if we are root
+     */
+    DIR *spool;
+    struct dirent *dirent;
+    int first=1;
+
+#ifdef __FreeBSD__
+    (void) setlocale(LC_TIME, "");
+#endif
+
+    PRIV_START
+
+    if (chdir(ATJOB_DIR) != 0)
+	perr("cannot change to " ATJOB_DIR);
+
+    if (joblist) {		/* Force order to match POSIX */
+	char jobglob[32];
+	glob_t g;
+	int i;
+
+	sprintf(jobglob, "?%05lx*", joblist[0]);
+	g.gl_offs = 0;
+	glob(jobglob, GLOB_DOOFFS, NULL, &g);
+	for (i = 1; i < len; i++) {
+	    sprintf(jobglob, "?%05lx*", joblist[i]);
+	    glob(jobglob, GLOB_DOOFFS | GLOB_APPEND, NULL, &g);
+	}
+	for (i = 0; i < g.gl_pathc; i++) {
+	    list_one_job(g.gl_pathv[i], joblist, len, &first);
+	}
+	globfree(&g);
+    } else {
+	if ((spool = opendir(".")) == NULL)
+	    perr("cannot open " ATJOB_DIR);
+
+	/*	Loop over every file in the directory
+	 */
+	while((dirent = readdir(spool)) != NULL) {
+	   list_one_job(dirent->d_name, joblist, len, &first);
+	}
+	closedir(spool);
+    }
+    PRIV_END
+}
+
+static void
+process_jobs(int argc, char **argv, int what)
+{
+    /* Delete every argument (job - ID) given
+     */
+    int i;
+    struct stat buf;
+    DIR *spool;
+    struct dirent *dirent;
+    unsigned long ctm;
+    char queue;
+    long jobno;
+
+    PRIV_START
+
+    if (chdir(ATJOB_DIR) != 0)
+	perr("cannot change to " ATJOB_DIR);
+
+    if ((spool = opendir(".")) == NULL)
+	perr("cannot open " ATJOB_DIR);
+
+    PRIV_END
+
+    /*	Loop over every file in the directory
+     */
+    while((dirent = readdir(spool)) != NULL) {
+
+	PRIV_START
+	if (stat(dirent->d_name, &buf) != 0)
+	    perr("cannot stat in " ATJOB_DIR);
+	PRIV_END
+
+	if(sscanf(dirent->d_name, "%c%5lx%8lx", &queue, &jobno, &ctm)!=3)
+	    continue;
+
+	for (i=optind; i < argc; i++) {
+	    if (atoi(argv[i]) == jobno || strcmp(argv[i], dirent->d_name)==0) {
+		if ((buf.st_uid != real_uid) && !(real_uid == 0))
+		    errx(EXIT_FAILURE, "%s: not owner", argv[i]);
+		switch (what) {
+		  case ATRM:
+
+		    PRIV_START
+
+		    if (unlink(dirent->d_name) != 0)
+		        perr(dirent->d_name);
+
+		    PRIV_END
+
+		    break;
+
+		  case CAT:
+		    {
+			FILE *fp;
+			int ch;
+
+			PRIV_START
+
+			fp = fopen(dirent->d_name,"r");
+
+			PRIV_END
+
+			if (!fp) {
+			    perr("cannot open file");
+			}
+			while((ch = getc(fp)) != EOF) {
+			    putchar(ch);
+			}
+			fclose(fp);
+		    }
+		    break;
+
+		  default:
+		    errx(EXIT_FAILURE, "internal error, process_jobs = %d",
+			what);
+	        }
+	    }
+	}
+    }
+    closedir(spool);
+} /* process_jobs */
+
+#define	ATOI2(ar)	((ar)[0] - '0') * 10 + ((ar)[1] - '0'); (ar) += 2;
+
+static time_t
+ttime(const char *arg)
+{
+    /*
+     * This is pretty much a copy of stime_arg1() from touch.c.  I changed
+     * the return value and the argument list because it's more convenient
+     * (IMO) to do everything in one place. - Joe Halpin
+     */
+    struct timeval tv[2];
+    time_t now;
+    struct tm *t;
+    int yearset;
+    char *p;
+
+    if (gettimeofday(&tv[0], NULL))
+	panic("Cannot get current time");
+
+    /* Start with the current time. */
+    now = tv[0].tv_sec;
+    if ((t = localtime(&now)) == NULL)
+	panic("localtime");
+    /* [[CC]YY]MMDDhhmm[.SS] */
+    if ((p = strchr(arg, '.')) == NULL)
+	t->tm_sec = 0;		/* Seconds defaults to 0. */
+    else {
+	if (strlen(p + 1) != 2)
+	    goto terr;
+	*p++ = '\0';
+	t->tm_sec = ATOI2(p);
+    }
+
+    yearset = 0;
+    switch(strlen(arg)) {
+    case 12:			/* CCYYMMDDhhmm */
+	t->tm_year = ATOI2(arg);
+	t->tm_year *= 100;
+	yearset = 1;
+	/* FALLTHROUGH */
+    case 10:			/* YYMMDDhhmm */
+	if (yearset) {
+	    yearset = ATOI2(arg);
+	    t->tm_year += yearset;
+	} else {
+	    yearset = ATOI2(arg);
+	    t->tm_year = yearset + 2000;
+	}
+	t->tm_year -= 1900;	/* Convert to UNIX time. */
+	/* FALLTHROUGH */
+    case 8:				/* MMDDhhmm */
+	t->tm_mon = ATOI2(arg);
+	--t->tm_mon;		/* Convert from 01-12 to 00-11 */
+	t->tm_mday = ATOI2(arg);
+	t->tm_hour = ATOI2(arg);
+	t->tm_min = ATOI2(arg);
+	break;
+    default:
+	goto terr;
+    }
+
+    t->tm_isdst = -1;		/* Figure out DST. */
+    tv[0].tv_sec = tv[1].tv_sec = mktime(t);
+    if (tv[0].tv_sec != -1)
+	return tv[0].tv_sec;
+    else
+terr:
+	panic(
+	   "out of range or illegal time specification: [[CC]YY]MMDDhhmm[.SS]");
+}
+
+static long *
+get_job_list(int argc, char *argv[], int *joblen)
+{
+    int i, len;
+    long *joblist;
+    char *ep;
+
+    joblist = NULL;
+    len = argc;
+    if (len > 0) {
+	if ((joblist = malloc(len * sizeof(*joblist))) == NULL)
+	    panic("out of memory");
+
+	for (i = 0; i < argc; i++) {
+	    errno = 0;
+	    if ((joblist[i] = strtol(argv[i], &ep, 10)) < 0 ||
+		ep == argv[i] || *ep != '\0' || errno)
+		panic("invalid job number");
+	}
+    }
+
+    *joblen = len;
+    return joblist;
+}
+
+int
+main(int argc, char **argv)
+{
+    int c;
+    char queue = DEFAULT_AT_QUEUE;
+    char queue_set = 0;
+    char *pgm;
+
+    int program = AT;			/* our default program */
+    const char *options = "q:f:t:rmvldbc"; /* default options for at */
+    time_t timer;
+    long *joblist;
+    int joblen;
+
+    posixly_correct = COMPAT_MODE("bin/at", "Unix2003");
+    joblist = NULL;
+    joblen = 0;
+    timer = -1;
+    RELINQUISH_PRIVS
+
+    if (argv[0] == NULL)
+	usage();
+    /* Eat any leading paths
+     */
+    if ((pgm = strrchr(argv[0], '/')) == NULL)
+	pgm = argv[0];
+    else
+        pgm++;
+
+    namep = pgm;
+
+    /* find out what this program is supposed to do
+     */
+    if (strcmp(pgm, "atq") == 0) {
+	program = ATQ;
+	options = "q:v";
+    }
+    else if (strcmp(pgm, "atrm") == 0) {
+	program = ATRM;
+	options = "";
+    }
+    else if (strcmp(pgm, "batch") == 0) {
+	program = BATCH;
+	options = "f:q:mv";
+    }
+
+    /* process whatever options we can process
+     */
+    opterr=1;
+    while ((c=getopt(argc, argv, options)) != -1)
+	switch (c) {
+	case 'v':   /* verify time settings */
+	    atverify = 1;
+	    break;
+
+	case 'm':   /* send mail when job is complete */
+	    send_mail = 1;
+	    break;
+
+	case 'f':
+	    atinput = optarg;
+	    break;
+
+	case 'q':    /* specify queue */
+	    if (strlen(optarg) > 1)
+		usage();
+
+	    atqueue = queue = *optarg;
+	    if (!(islower(queue)||isupper(queue)))
+		usage();
+
+	    queue_set = 1;
+	    break;
+
+	case 'd':
+	    warnx("-d is deprecated; use -r instead");
+	    /* fall through to 'r' */
+
+	case 'r':
+	    if (program != AT)
+		usage();
+
+	    program = ATRM;
+	    options = "";
+	    break;
+
+	case 't':
+	    if (program != AT)
+		usage();
+	    timer = ttime(optarg);
+	    break;
+
+	case 'l':
+	    if (program != AT)
+		usage();
+
+	    program = ATQ;
+	    options = "q:";
+	    break;
+
+	case 'b':
+	    if (program != AT)
+		usage();
+
+	    program = BATCH;
+	    options = "f:q:mv";
+	    break;
+
+	case 'c':
+	    program = CAT;
+	    options = "";
+	    break;
+
+	default:
+	    usage();
+	    break;
+	}
+    /* end of options eating
+     */
+
+    /* select our program
+     */
+    if(!check_permission())
+	errx(EXIT_FAILURE, "you do not have permission to use this program");
+    switch (program) {
+    case ATQ:
+
+	REDUCE_PRIV(DAEMON_UID, DAEMON_GID)
+
+	if (queue_set == 0)
+	    joblist = get_job_list(argc - optind, argv + optind, &joblen);
+	list_jobs(joblist, joblen);
+	break;
+
+    case ATRM:
+
+	REDUCE_PRIV(DAEMON_UID, DAEMON_GID)
+
+	process_jobs(argc, argv, ATRM);
+	break;
+
+    case CAT:
+
+	process_jobs(argc, argv, CAT);
+	break;
+
+    case AT:
+	/*
+	 * If timer is > -1, then the user gave the time with -t.  In that
+	 * case, it's already been set. If not, set it now.
+	 */
+	if (timer == -1)
+	    timer = parsetime(argc, argv);
+
+	if (atverify)
+	{
+	    struct tm *tm = localtime(&timer);
+	    fprintf(stderr, "%s\n", asctime(tm));
+	}
+	writefile(timer, queue);
+	break;
+
+    case BATCH:
+	if (queue_set)
+	    queue = toupper(queue);
+	else
+	    queue = DEFAULT_BATCH_QUEUE;
+
+	if (argc > optind)
+	    timer = parsetime(argc, argv);
+	else
+	    timer = time(NULL);
+
+	if (atverify)
+	{
+	    struct tm *tm = localtime(&timer);
+	    fprintf(stderr, "%s\n", asctime(tm));
+	}
+
+        writefile(timer, queue);
+	break;
+
+    default:
+	panic("internal error");
+	break;
+    }
+    exit(EXIT_SUCCESS);
+}
diff --git a/system_cmds/at.tproj/at.h b/system_cmds/at.tproj/at.h
new file mode 100644
index 0000000..a3dc18a
--- /dev/null
+++ b/system_cmds/at.tproj/at.h
@@ -0,0 +1,31 @@
+/*
+ *  at.h -  header for at(1)
+ *  Copyright (C) 1993  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD: src/usr.bin/at/at.h,v 1.5 2001/07/24 14:15:51 obrien Exp $
+ */
+
+extern int fcreated;
+extern char *namep;
+extern char atfile[];
+extern char atverify;
diff --git a/system_cmds/at.tproj/panic.c b/system_cmds/at.tproj/panic.c
new file mode 100644
index 0000000..b1d99d8
--- /dev/null
+++ b/system_cmds/at.tproj/panic.c
@@ -0,0 +1,92 @@
+/*
+ *  panic.c - terminate fast in case of error
+ *  Copyright (C) 1993  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: src/usr.bin/at/panic.c,v 1.17 2002/05/16 00:47:14 tjr Exp $");
+
+/* System Headers */
+
+#include <err.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+/* Local headers */
+
+#include "panic.h"
+#include "privs.h"
+#include "at.h"
+
+/* External variables */
+
+/* Global functions */
+
+void
+panic(const char *a)
+{
+/* Something fatal has happened, print error message and exit.
+ */
+	if (fcreated) {
+		PRIV_START
+		unlink(atfile);
+		PRIV_END
+	}
+
+	errx(EXIT_FAILURE, "%s", a);
+}
+
+void
+perr(const char *a)
+{
+/* Some operating system error; print error message and exit.
+ */
+	int serrno = errno;
+
+	if (fcreated) {
+		PRIV_START
+		unlink(atfile);
+		PRIV_END
+	}
+
+	errno = serrno;
+	err(EXIT_FAILURE, "%s", a);
+}
+
+void
+usage(void)
+{
+	/* Print usage and exit. */
+    fprintf(stderr, "usage: at [-q x] [-f file] [-m] time\n"
+		    "       at -c job [job ...]\n"
+		    "       at [-f file] -t [[CC]YY]MMDDhhmm[.SS]\n"
+		    "       at -r job [job ...]\n"
+		    "       at -l -q queuename\n"
+		    "       at -l [job ...]\n"
+		    "       atq [-q x] [-v]\n"
+		    "       atrm job [job ...]\n"
+		    "       batch [-f file] [-m]\n");
+    exit(EXIT_FAILURE);
+}
diff --git a/system_cmds/at.tproj/panic.h b/system_cmds/at.tproj/panic.h
new file mode 100644
index 0000000..d50405e
--- /dev/null
+++ b/system_cmds/at.tproj/panic.h
@@ -0,0 +1,32 @@
+/*
+ *  panic.h -  header for at(1)
+ *  Copyright (C) 1993  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD: src/usr.bin/at/panic.h,v 1.6 2002/01/13 20:21:08 mike Exp $
+ */
+
+#include <sys/cdefs.h>
+
+void	panic(const char *a) __dead2;
+void	perr(const char *a) __dead2;
+void	usage(void) __dead2;
diff --git a/system_cmds/at.tproj/parsetime.c b/system_cmds/at.tproj/parsetime.c
new file mode 100644
index 0000000..3aeea6c
--- /dev/null
+++ b/system_cmds/at.tproj/parsetime.c
@@ -0,0 +1,736 @@
+/*
+ *  parsetime.c - parse time for at(1)
+ *  Copyright (C) 1993, 1994  Thomas Koenig
+ *
+ *  modifications for English-language times
+ *  Copyright (C) 1993  David Parsons
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ *  at [NOW] PLUS NUMBER MINUTES|HOURS|DAYS|WEEKS
+ * DOT ::= ':'|'.'
+ *     /NUMBER [DOT NUMBER] [AM|PM]\ /[MONTH NUMBER [NUMBER]]             \
+ *     |NOON                       | |[TOMORROW]                          |
+ *     |MIDNIGHT                   | |[DAY OF WEEK]                       |
+ *     \TEATIME                    / |NUMBER [SLASH NUMBER [SLASH NUMBER]]|
+ *                                   \PLUS NUMBER MINUTES|HOURS|DAYS|WEEKS/
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/usr.bin/at/parsetime.c,v 1.28 2011/11/06 17:32:29 ed Exp $");
+
+/* System Headers */
+
+#include <sys/types.h>
+#include <ctype.h>
+#include <err.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <tzfile.h>
+#include <unistd.h>
+#ifndef __FreeBSD__
+#include <getopt.h>
+#endif
+
+/* Local headers */
+
+#include "at.h"
+#include "panic.h"
+#include "parsetime.h"
+
+
+/* Structures and unions */
+
+enum {	/* symbols */
+    MIDNIGHT, NOON, TEATIME,
+    PM, AM, TOMORROW, TODAY, NOW,
+    MINUTES, HOURS, DAYS, WEEKS, MONTHS, YEARS,
+    NUMBER, PLUS, DOT, COMMA, SLASH, ID, JUNK,
+    JAN, FEB, MAR, APR, MAY, JUN,
+    JUL, AUG, SEP, OCT, NOV, DEC,
+    SUN, MON, TUE, WED, THU, FRI, SAT,
+    UTC, NEXT
+    };
+
+/* parse translation table - table driven parsers can be your FRIEND!
+ */
+static const struct {
+    const char *name;	/* token name */
+    int value;	/* token id */
+    int plural;	/* is this plural? */
+} Specials[] = {
+    { "midnight", MIDNIGHT,0 },	/* 00:00:00 of today or tomorrow */
+    { "noon", NOON,0 },		/* 12:00:00 of today or tomorrow */
+    { "teatime", TEATIME,0 },	/* 16:00:00 of today or tomorrow */
+    { "am", AM,0 },		/* morning times for 0-12 clock */
+    { "pm", PM,0 },		/* evening times for 0-12 clock */
+    { "tomorrow", TOMORROW,0 },	/* execute 24 hours from time */
+    { "today", TODAY, 0 },	/* execute today - don't advance time */
+    { "now", NOW,0 },		/* opt prefix for PLUS */
+
+    { "minute", MINUTES,0 },	/* minutes multiplier */
+    { "minutes", MINUTES,1 },	/* (pluralized) */
+    { "hour", HOURS,0 },	/* hours ... */
+    { "hours", HOURS,1 },	/* (pluralized) */
+    { "day", DAYS,0 },		/* days ... */
+    { "days", DAYS,1 },		/* (pluralized) */
+    { "week", WEEKS,0 },	/* week ... */
+    { "weeks", WEEKS,1 },	/* (pluralized) */
+    { "month", MONTHS,0 },	/* month ... */
+    { "months", MONTHS,1 },	/* (pluralized) */
+    { "year", YEARS,0 },	/* year ... */
+    { "years", YEARS,1 },	/* (pluralized) */
+    { "jan", JAN,0 },
+    { "feb", FEB,0 },
+    { "mar", MAR,0 },
+    { "apr", APR,0 },
+    { "may", MAY,0 },
+    { "jun", JUN,0 },
+    { "jul", JUL,0 },
+    { "aug", AUG,0 },
+    { "sep", SEP,0 },
+    { "oct", OCT,0 },
+    { "nov", NOV,0 },
+    { "dec", DEC,0 },
+    { "january", JAN,0 },
+    { "february", FEB,0 },
+    { "march", MAR,0 },
+    { "april", APR,0 },
+    { "may", MAY,0 },
+    { "june", JUN,0 },
+    { "july", JUL,0 },
+    { "august", AUG,0 },
+    { "september", SEP,0 },
+    { "october", OCT,0 },
+    { "november", NOV,0 },
+    { "december", DEC,0 },
+    { "sunday", SUN, 0 },
+    { "sun", SUN, 0 },
+    { "monday", MON, 0 },
+    { "mon", MON, 0 },
+    { "tuesday", TUE, 0 },
+    { "tue", TUE, 0 },
+    { "wednesday", WED, 0 },
+    { "wed", WED, 0 },
+    { "thursday", THU, 0 },
+    { "thu", THU, 0 },
+    { "friday", FRI, 0 },
+    { "fri", FRI, 0 },
+    { "saturday", SAT, 0 },
+    { "sat", SAT, 0 },
+    { "utc", UTC, 0 },
+    { "next", NEXT, 0 },
+} ;
+
+/* File scope variables */
+
+static char **scp;	/* scanner - pointer at arglist */
+static char scc;	/* scanner - count of remaining arguments */
+static char *sct;	/* scanner - next char pointer in current argument */
+static int need;	/* scanner - need to advance to next argument */
+
+static char *sc_token;	/* scanner - token buffer */
+static size_t sc_len;   /* scanner - length of token buffer */
+static int sc_tokid;	/* scanner - token id */
+static int sc_tokplur;	/* scanner - is token plural? */
+
+/* Local functions */
+
+/*
+ * parse a token, checking if it's something special to us
+ */
+static int
+parse_token(char *arg)
+{
+    size_t i;
+
+    for (i=0; i<(sizeof Specials/sizeof Specials[0]); i++)
+	if (strcasecmp(Specials[i].name, arg) == 0) {
+	    sc_tokplur = Specials[i].plural;
+	    return sc_tokid = Specials[i].value;
+	}
+
+    /* not special - must be some random id */
+    return sc_tokid = ID;
+} /* parse_token */
+
+
+/*
+ * init_scanner() sets up the scanner to eat arguments
+ */
+static void
+init_scanner(int argc, char **argv)
+{
+    scp = argv;
+    scc = argc;
+    need = 1;
+    sc_len = 1;
+    while (argc-- > 0)
+	sc_len += strlen(*argv++);
+
+    if ((sc_token = malloc(sc_len)) == NULL)
+	errx(EXIT_FAILURE, "virtual memory exhausted");
+} /* init_scanner */
+
+/*
+ * token() fetches a token from the input stream
+ */
+static int
+token(void)
+{
+    int idx;
+
+    while (1) {
+	memset(sc_token, 0, sc_len);
+	sc_tokid = EOF;
+	sc_tokplur = 0;
+	idx = 0;
+
+	/* if we need to read another argument, walk along the argument list;
+	 * when we fall off the arglist, we'll just return EOF forever
+	 */
+	if (need) {
+	    if (scc < 1)
+		return sc_tokid;
+	    sct = *scp;
+	    scp++;
+	    scc--;
+	    need = 0;
+	}
+	/* eat whitespace now - if we walk off the end of the argument,
+	 * we'll continue, which puts us up at the top of the while loop
+	 * to fetch the next argument in
+	 */
+	while (isspace(*sct))
+	    ++sct;
+	if (!*sct) {
+	    need = 1;
+	    continue;
+	}
+
+	/* preserve the first character of the new token
+	 */
+	sc_token[0] = *sct++;
+
+	/* then see what it is
+	 */
+	if (isdigit(sc_token[0])) {
+	    while (isdigit(*sct))
+		sc_token[++idx] = *sct++;
+	    sc_token[++idx] = 0;
+	    return sc_tokid = NUMBER;
+	}
+	else if (isalpha(sc_token[0])) {
+	    while (isalpha(*sct))
+		sc_token[++idx] = *sct++;
+	    sc_token[++idx] = 0;
+	    return parse_token(sc_token);
+	}
+	else if (sc_token[0] == ':' || sc_token[0] == '.')
+	    return sc_tokid = DOT;
+	else if (sc_token[0] == '+')
+	    return sc_tokid = PLUS;
+	else if (sc_token[0] == '/')
+	    return sc_tokid = SLASH;
+	else if (sc_token[0] == ',')
+	    return sc_tokid = COMMA;
+	else
+	    return sc_tokid = JUNK;
+    } /* while (1) */
+} /* token */
+
+
+/*
+ * plonk() gives an appropriate error message if a token is incorrect
+ */
+static void
+plonk(int tok)
+{
+    panic((tok == EOF) ? "incomplete time"
+		       : "garbled time");
+} /* plonk */
+
+
+/*
+ * expect() gets a token and dies most horribly if it's not the token we want
+ */
+static void
+expect(int desired)
+{
+    if (token() != desired)
+	plonk(sc_tokid);	/* and we die here... */
+} /* expect */
+
+
+/*
+ * plus() parses a now + time
+ *
+ *  at [NOW] PLUS NUMBER [MINUTES|HOURS|DAYS|WEEKS|MONTHS|YEARS]
+ *
+ */
+
+static void
+plus(struct tm *tm)
+{
+    int delay;
+    int expectplur;
+
+    expect(NUMBER);
+
+    delay = atoi(sc_token);
+    expectplur = (delay != 1) ? 1 : 0;
+
+    switch (token()) {
+    case YEARS:
+	    tm->tm_year += delay;
+	    break;
+    case MONTHS:
+	    tm->tm_mon += delay;
+	    break;
+    case WEEKS:
+	    delay *= 7;
+    case DAYS:
+	    tm->tm_mday += delay;
+	    break;
+    case HOURS:
+	    tm->tm_hour += delay;
+	    break;
+    case MINUTES:
+	    tm->tm_min += delay;
+	    break;
+    default:
+	    plonk(sc_tokid);
+	    break;
+    }
+
+    if (expectplur != sc_tokplur)
+	warnx("pluralization is wrong");
+
+    tm->tm_isdst = -1;
+    if (mktime(tm) < 0)
+	plonk(sc_tokid);
+
+} /* plus */
+
+/*
+ *  at [NOW] NEXT [MINUTES|HOURS|DAYS|WEEKS|MONTHS|YEARS]
+ */
+static void
+next(struct tm *tm)
+{
+    switch (token()) {
+        case YEARS:
+            tm->tm_year++;
+            break;
+
+        case MONTHS:
+            tm->tm_mon++;
+            break;
+
+        case WEEKS:
+            tm->tm_mday += 7;
+            break;
+
+        case DAYS:
+            tm->tm_mday++;
+            break;
+
+        case HOURS:
+            tm->tm_hour++;
+            break;
+
+        case MINUTES:
+            tm->tm_min++;
+            break;
+
+        default:
+	    plonk(sc_tokid);
+            break;
+    }
+
+    if (sc_tokplur) {
+        warnx("pluralization is wrong");
+    }
+    tm->tm_isdst = -1;
+    if (mktime(tm) < 0) {
+        plonk(sc_tokid);
+    }
+} /* next */
+
+/*
+ * tod() computes the time of day
+ *     [NUMBER [DOT NUMBER] [AM|PM]] [UTC]
+ */
+static void
+tod(struct tm *tm)
+{
+    int hour, minute = 0;
+    size_t tlen;
+
+    hour = atoi(sc_token);
+    tlen = strlen(sc_token);
+
+    /* first pick out the time of day - if it's 4 digits, we assume
+     * a HHMM time, otherwise it's HH DOT MM time
+     */
+    if (token() == DOT) {
+        expect(NUMBER);
+        minute = atoi(sc_token);
+        if (minute > 59)
+            panic("garbled time");
+        token();
+    }
+    else if (tlen == 4) {
+        minute = hour%100;
+        if (minute > 59)
+            panic("garbled time");
+        hour = hour/100;
+    }
+
+    /* check if an AM or PM specifier was given
+     */
+    switch (sc_tokid) {
+        case AM:
+        case PM:
+            if (hour > 12)
+                panic("garbled time");
+
+            if (sc_tokid == PM) {
+                if (hour != 12)	/* 12:xx PM is 12:xx, not 24:xx */
+                    hour += 12;
+            } else {
+                if (hour == 12)	/* 12:xx AM is 00:xx, not 12:xx */
+                    hour = 0;
+            }
+            if (UTC != token())
+                break;		/* else fallthrough */
+
+        case UTC:
+            hour += tm->tm_gmtoff/(60*60);
+            while (hour < 0)
+                hour += 24;
+            minute += (tm->tm_gmtoff/60);
+            while (minute < 0)
+                minute += 60;
+            tm->tm_gmtoff = 0;
+            token();
+            break;
+        default:
+            if (hour > 23)
+                panic("garbled time");
+            break;
+    }
+
+    /* if we specify an absolute time, we don't want to bump the day even
+     * if we've gone past that time - but if we're specifying a time plus
+     * a relative offset, it's okay to bump things
+     * If minutes are the same assume tomorrow was meant
+     */
+    if ((sc_tokid == EOF || sc_tokid == PLUS) &&
+        ((tm->tm_hour > hour) || ((tm->tm_hour == hour) && (tm->tm_min >= minute)))) {
+        tm->tm_mday++;
+        tm->tm_wday++;
+    }
+
+    tm->tm_hour = hour;
+    tm->tm_min = minute;
+    if (tm->tm_hour == 24) {
+        tm->tm_hour = 0;
+        tm->tm_mday++;
+    }
+} /* tod */
+
+
+/*
+ * assign_date() assigns a date, wrapping to next year if needed
+ */
+static void
+assign_date(struct tm *tm, int mday, int mon, int year)
+{
+   /*
+    * Convert year into tm_year format (year - 1900).
+    * We may be given the year in 2 digit, 4 digit, or tm_year format.
+    */
+    if (year != -1) {
+	if (year >= TM_YEAR_BASE)
+		year -= TM_YEAR_BASE;   /* convert from 4 digit year */
+	else if (year < 100) {
+		/* convert from 2 digit year */
+		struct tm *lt;
+		time_t now;
+
+		time(&now);
+		lt = localtime(&now);
+
+		/* Convert to tm_year assuming current century */
+		year += (lt->tm_year / 100) * 100;
+
+		if (year == lt->tm_year - 1) year++;
+		else if (year < lt->tm_year)
+			year += 100;    /* must be in next century */
+	}
+    }
+
+    if (year < 0 &&
+	(tm->tm_mon > mon ||(tm->tm_mon == mon && tm->tm_mday > mday)))
+	year = tm->tm_year + 1;
+
+    tm->tm_mday = mday;
+    tm->tm_mon = mon;
+
+    if (year >= 0)
+	tm->tm_year = year;
+} /* assign_date */
+
+
+/*
+ * month() picks apart a month specification
+ *
+ *  /[<month> NUMBER [NUMBER]]           \
+ *  |[TOMORROW]                          |
+ *  |[DAY OF WEEK]                       |
+ *  |NUMBER [SLASH NUMBER [SLASH NUMBER]]|
+ *  |NEXT MINUTES|HOURS|DAYS|WEEKS|MONTHS|YEARS|
+ *  \PLUS NUMBER MINUTES|HOURS|DAYS|WEEKS/
+ */
+static void
+month(struct tm *tm)
+{
+    int year= (-1);
+    int mday = 0, wday, mon;
+    int tlen;
+
+    switch (sc_tokid) {
+    case PLUS:
+	    plus(tm);
+	    break;
+
+    case NEXT:
+	    next(tm);
+	    break;
+
+    case TOMORROW:
+	    /* do something tomorrow */
+	    tm->tm_mday ++;
+	    tm->tm_wday ++;
+    case TODAY:	/* force ourselves to stay in today - no further processing */
+	    token();
+	    break;
+
+    case JAN: case FEB: case MAR: case APR: case MAY: case JUN:
+    case JUL: case AUG: case SEP: case OCT: case NOV: case DEC:
+	    /* do month mday [,year]
+	     */
+	    mon = (sc_tokid-JAN);
+	    expect(NUMBER);
+	    mday = atoi(sc_token);
+	    if (token() == COMMA) {
+		if (token() == NUMBER) {
+		    year = atoi(sc_token);
+		    token();
+		}
+	    }
+	    assign_date(tm, mday, mon, year);
+	    if (sc_tokid == PLUS)
+		    plus(tm);
+	    break;
+
+    case SUN: case MON: case TUE:
+    case WED: case THU: case FRI:
+    case SAT:
+	    /* do a particular day of the week
+	     */
+	    wday = (sc_tokid-SUN);
+
+	    mday = tm->tm_mday;
+
+	    /* if this day is < today, then roll to next week
+	     */
+	    if (wday < tm->tm_wday)
+		mday += 7 - (tm->tm_wday - wday);
+	    else
+		mday += (wday - tm->tm_wday);
+
+	    tm->tm_wday = wday;
+
+	    assign_date(tm, mday, tm->tm_mon, tm->tm_year);
+	    break;
+
+    case NUMBER:
+	    /* get numeric MMDDYY, mm/dd/yy, or dd.mm.yy
+	     */
+	    tlen = (int)strlen(sc_token);
+	    mon = atoi(sc_token);
+	    token();
+
+	    if (sc_tokid == SLASH || sc_tokid == DOT) {
+		int sep;
+
+		sep = sc_tokid;
+		expect(NUMBER);
+		mday = atoi(sc_token);
+		if (token() == sep) {
+		    expect(NUMBER);
+		    year = atoi(sc_token);
+		    token();
+		}
+
+		/* flip months and days for European timing
+		 */
+		if (sep == DOT) {
+		    int x = mday;
+		    mday = mon;
+		    mon = x;
+		}
+	    }
+	    else if (tlen == 6 || tlen == 8) {
+		if (tlen == 8) {
+		    year = (mon % 10000) - TM_YEAR_BASE;
+		    mon /= 10000;
+		}
+		else {
+		    year = mon % 100;
+		    mon /= 100;
+		}
+		mday = mon % 100;
+		mon /= 100;
+	    }
+	    else
+		panic("garbled time");
+
+	    mon--;
+	    if (mon < 0 || mon > 11 || mday < 1 || mday > 31)
+		panic("garbled time");
+
+	    assign_date(tm, mday, mon, year);
+	    break;
+
+    case EOF:
+            break;
+
+    default:
+	    plonk(sc_tokid);
+	    break;
+    } /* case */
+} /* month */
+
+
+/* Global functions */
+
+time_t
+parsetime(int argc, char **argv)
+{
+    /* Do the argument parsing, die if necessary, and return the time the job
+     * should be run.
+     */
+    time_t nowtimer, runtimer;
+    struct tm nowtime, runtime;
+    int hr = 0;
+    /* this MUST be initialized to zero for midnight/noon/teatime */
+
+    nowtimer = time(NULL);
+    nowtime = *localtime(&nowtimer);
+
+    runtime = nowtime;
+    runtime.tm_sec = 0;
+    runtime.tm_isdst = 0;
+
+    if (argc <= optind)
+        usage();
+
+    init_scanner(argc-optind, argv+optind);
+
+    switch (token()) {
+        case NOW:
+            if (scc < 1) {
+                return nowtimer;
+            }
+            /* now is optional prefix for PLUS/NEXT tree */
+            switch (token()) {
+                case PLUS:
+                    plus(&runtime);
+                    break;
+
+                case NEXT:
+                    next(&runtime);
+                    break;
+
+                default:
+                    plonk(sc_token);
+                    break;
+            }
+            break;
+
+        case PLUS:
+            plus(&runtime);
+            break;
+
+        case NEXT:
+            next(&runtime);
+            break;
+
+        case NUMBER:
+            tod(&runtime);
+            month(&runtime);
+            break;
+
+            /* evil coding for TEATIME|NOON|MIDNIGHT - we've initialised
+             * hr to zero up above, then fall into this case in such a
+             * way so we add +12 +4 hours to it for teatime, +12 hours
+             * to it for noon, and nothing at all for midnight, then
+             * set our runtime to that hour before leaping into the
+             * month scanner
+             */
+        case TEATIME:
+            hr += 4;
+        case NOON:
+            hr += 12;
+        case MIDNIGHT:
+            if (runtime.tm_hour >= hr) {
+                runtime.tm_mday++;
+                runtime.tm_wday++;
+            }
+            runtime.tm_hour = hr;
+            runtime.tm_min = 0;
+            token();
+            /* FALLTHROUGH to month setting */
+        default:
+            month(&runtime);
+            break;
+    } /* ugly case statement */
+    expect(EOF);
+
+    /* convert back to time_t
+     */
+    runtime.tm_isdst = -1;
+    runtimer = mktime(&runtime);
+
+    if (runtimer < 0)
+        panic("garbled time");
+
+    if (nowtimer > runtimer)
+        panic("trying to travel back in time");
+
+    return runtimer;
+} /* parsetime */
diff --git a/system_cmds/at.tproj/parsetime.h b/system_cmds/at.tproj/parsetime.h
new file mode 100644
index 0000000..cf426bb
--- /dev/null
+++ b/system_cmds/at.tproj/parsetime.h
@@ -0,0 +1,26 @@
+/*
+ *  at.h -  header for at(1)
+ *  Copyright (C) 1993  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+time_t parsetime(int argc, char **argv);
diff --git a/system_cmds/at.tproj/pathnames.h b/system_cmds/at.tproj/pathnames.h
new file mode 100644
index 0000000..c409b6e
--- /dev/null
+++ b/system_cmds/at.tproj/pathnames.h
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 1999-2016 Apple Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * "Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
+ * Reserved.  This file contains Original Code and/or Modifications of
+ * Original Code as defined in and that are subject to the Apple Public
+ * Source License Version 1.0 (the 'License').  You may not use this file
+ * except in compliance with the License.  Please obtain a copy of the
+ * License at http://www.apple.com/publicsource and read it before using
+ * this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
+ * License for the specific language governing rights and limitations
+ * under the License."
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Copyright (c) 1993 Christopher G. Demetriou
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by Christopher G. Demetriou.
+ * 4. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ *	$Id: pathnames.h,v 1.2 2005/07/30 01:30:01 lindak Exp $
+ */
+
+#ifndef _PATHNAMES_H_
+#define	_PATHNAMES_H_
+
+#include <paths.h>
+
+#define _PATH_ATJOBS	"/usr/lib/cron/jobs/"
+#define _PATH_ATSPOOL	"/usr/lib/cron/spool/"
+/* Note: _PATH_LOCKFILE appears to be unused; /usr/lib/cron/jobs/.lockfile
+   is the file currently being used by at.*/
+#define _PATH_LOCKFILE	"/usr/lib/cron/.lockfile"
+#define _PATH_AT	"/usr/lib/cron/"
+
+#endif				/* !_PATHNAMES_H_ */
diff --git a/system_cmds/at.tproj/perm.c b/system_cmds/at.tproj/perm.c
new file mode 100644
index 0000000..82bab87
--- /dev/null
+++ b/system_cmds/at.tproj/perm.c
@@ -0,0 +1,125 @@
+/*
+ *  perm.c - check user permission for at(1)
+ *  Copyright (C) 1994  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: src/usr.bin/at/perm.c,v 1.13 2001/12/10 21:13:01 dwmalone Exp $");
+
+/* System Headers */
+
+#include <sys/types.h>
+#include <err.h>
+#include <errno.h>
+#include <pwd.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+/* Local headers */
+
+#include "at.h"
+#include "panic.h"
+#include "perm.h"
+#include "privs.h"
+
+/* Macros */
+
+#define MAXUSERID 10
+
+/* Structures and unions */
+
+/* Function declarations */
+
+static int check_for_user(FILE *fp,const char *name);
+
+/* Local functions */
+
+static int check_for_user(FILE *fp,const char *name)
+{
+    char *buffer;
+    int len;
+    int found = 0;
+
+    len = (int)strlen(name);
+    if ((buffer = malloc(len+2)) == NULL)
+	errx(EXIT_FAILURE, "virtual memory exhausted");
+
+    while(fgets(buffer, len+2, fp) != NULL)
+    {
+	if ((strncmp(name, buffer, len) == 0) &&
+	    (buffer[len] == '\n'))
+	{
+	    found = 1;
+	    break;
+	}
+    }
+    fclose(fp);
+    free(buffer);
+    return found;
+}
+/* Global functions */
+int check_permission(void)
+{
+    FILE *fp;
+    uid_t uid = geteuid();
+    struct passwd *pentry;
+
+    if (uid==0)
+	return 1;
+
+    if ((pentry = getpwuid(uid)) == NULL)
+	err(EXIT_FAILURE, "cannot access user database");
+
+    PRIV_START
+
+    fp=fopen(PERM_PATH "at.allow","r");
+
+    PRIV_END
+
+    if (fp != NULL)
+    {
+	return check_for_user(fp, pentry->pw_name);
+    }
+    else if (errno == ENOENT)
+    {
+
+	PRIV_START
+
+	fp=fopen(PERM_PATH "at.deny", "r");
+
+	PRIV_END
+
+	if (fp != NULL)
+	{
+	    return !check_for_user(fp, pentry->pw_name);
+	}
+	else if (errno != ENOENT)
+	    warn("at.deny");
+    }
+    else
+	warn("at.allow");
+    return 0;
+}
diff --git a/system_cmds/at.tproj/perm.h b/system_cmds/at.tproj/perm.h
new file mode 100644
index 0000000..9781ef8
--- /dev/null
+++ b/system_cmds/at.tproj/perm.h
@@ -0,0 +1,28 @@
+/*
+ *  perm.h -  header for at(1)
+ *  Copyright (C) 1994  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD: src/usr.bin/at/perm.h,v 1.4 2001/12/02 12:26:18 markm Exp $
+ */
+
+int check_permission(void);
diff --git a/system_cmds/at.tproj/privs.h b/system_cmds/at.tproj/privs.h
new file mode 100644
index 0000000..4a43b6c
--- /dev/null
+++ b/system_cmds/at.tproj/privs.h
@@ -0,0 +1,110 @@
+/*
+ *  privs.h - header for privileged operations
+ *  Copyright (C) 1993  Thomas Koenig
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. The name of the author(s) may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/usr.bin/at/privs.h,v 1.10 2011/11/06 20:30:21 ed Exp $
+ */
+
+#ifndef _PRIVS_H
+#define _PRIVS_H
+
+#include <unistd.h>
+
+/* Relinquish privileges temporarily for a setuid or setgid program
+ * with the option of getting them back later.  This is done by
+ * utilizing POSIX saved user and group IDs.  Call RELINQUISH_PRIVS once
+ * at the beginning of the main program.  This will cause all operations
+ * to be executed with the real userid.  When you need the privileges
+ * of the setuid/setgid invocation, call PRIV_START; when you no longer
+ * need it, call PRIV_END.  Note that it is an error to call PRIV_START
+ * and not PRIV_END within the same function.
+ *
+ * Use RELINQUISH_PRIVS_ROOT(a,b) if your program started out running
+ * as root, and you want to drop back the effective userid to a
+ * and the effective group id to b, with the option to get them back
+ * later.
+ *
+ * If you no longer need root privileges, but those of some other
+ * userid/groupid, you can call REDUCE_PRIV(a,b) when your effective
+ * is the user's.
+ *
+ * Problems: Do not use return between PRIV_START and PRIV_END; this
+ * will cause the program to continue running in an unprivileged
+ * state.
+ *
+ * It is NOT safe to call exec(), system() or popen() with a user-
+ * supplied program (i.e. without carefully checking PATH and any
+ * library load paths) with relinquished privileges; the called program
+ * can acquire them just as easily.  Set both effective and real userid
+ * to the real userid before calling any of them.
+ */
+
+#ifndef MAIN
+extern
+#endif
+uid_t real_uid, effective_uid;
+
+#ifndef MAIN
+extern
+#endif
+gid_t real_gid, effective_gid;
+
+#define RELINQUISH_PRIVS { \
+	real_uid = getuid(); \
+	effective_uid = geteuid(); \
+	real_gid = getgid(); \
+	effective_gid = getegid(); \
+	if (setegid(real_gid)<0) perr("cannot setegid"); \
+	if (seteuid(real_uid)<0) perr("cannot seteuid"); \
+}
+
+#define RELINQUISH_PRIVS_ROOT(a, b) { \
+	real_uid = (a); \
+	effective_uid = geteuid(); \
+	real_gid = (b); \
+	effective_gid = getegid(); \
+	if (setegid(real_gid)<0) perr("cannot setegid"); \
+	if (seteuid(real_uid)<0) perr("cannot seteuid"); \
+}
+
+#define PRIV_START { \
+	if (seteuid(0)<0) perr("cannot regain privs"); \
+	if (setegid(effective_gid)<0) perr("cannot reset gid"); \
+	if (seteuid(effective_uid)<0) perr("cannot reset uid"); \
+}
+
+#define PRIV_END { \
+	if (seteuid(0)<0) perr("cannot regain privs"); \
+	if (setegid(real_gid)<0) perr("cannot reset gid"); \
+	if (seteuid(real_uid)<0) perr("cannot reset uid"); \
+}
+
+#define REDUCE_PRIV(a, b) { \
+	PRIV_START \
+	effective_uid = (a); \
+	effective_gid = (b); \
+	if (setegid(effective_gid)<0) perr("cannot setegid"); \
+	if (seteuid(effective_uid)<0) perr("cannot seteuid"); \
+	PRIV_END \
+}
+#endif