SOURCES: vixie-cron-crond.patch, vixie-cron-noroot.patch, vixie-cr...
hawk
hawk at pld-linux.org
Fri Sep 2 13:16:26 CEST 2005
Author: hawk Date: Fri Sep 2 11:16:26 2005 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- previous versions of patches ported from vixie-cron 3.x to 4.x were
either messed up or not adjusted to source changes:
* ported crond.patch, noroot.patch, pam.patch, security3.patch, and
sprintf.patch from
* ported redhat.patch and DESTDIR.patch into pld.patch
* ported selinux.patch and selinux-pld.patch into selinux.patch
---- Files affected:
SOURCES:
vixie-cron-crond.patch (1.10 -> 1.11) , vixie-cron-noroot.patch (1.2 -> 1.3) , vixie-cron-pam.patch (1.2 -> 1.3) , vixie-cron-pld.patch (1.3 -> 1.4) , vixie-cron-security3.patch (1.2 -> 1.3) , vixie-cron-selinux.patch (1.5 -> 1.6) , vixie-cron-sprintf.patch (1.2 -> 1.3)
---- Diffs:
================================================================
Index: SOURCES/vixie-cron-crond.patch
diff -u SOURCES/vixie-cron-crond.patch:1.10 SOURCES/vixie-cron-crond.patch:1.11
--- SOURCES/vixie-cron-crond.patch:1.10 Tue Aug 2 13:07:11 2005
+++ SOURCES/vixie-cron-crond.patch Fri Sep 2 13:16:20 2005
@@ -1,6 +1,6 @@
-diff -uNr vixie-cron-4.1.p7/cron.8 vixie-cron-4.1/cron.8
---- vixie-cron-4.1.p7/cron.8 2005-07-24 00:11:24.000000000 +0200
-+++ vixie-cron-4.1/cron.8 2005-07-24 22:34:43.000000000 +0200
+diff -ur vixie.orig/cron.8 vixie/cron.8
+--- vixie.orig/cron.8 2005-09-01 22:06:02.000000000 +0200
++++ vixie/cron.8 2005-09-02 08:32:11.000000000 +0200
@@ -39,7 +39,8 @@
searches /var/spool/cron for crontab files which are named after accounts in
/etc/passwd; crontabs found are loaded into memory.
@@ -11,9 +11,9 @@
.IR crontab (5)).
.I Cron
then wakes up every minute, examining all stored crontabs, checking each
-diff -uNr vixie-cron-4.1.p7/database.c vixie-cron-4.1/database.c
---- vixie-cron-4.1.p7/database.c 2005-07-23 12:40:31.000000000 +0200
-+++ vixie-cron-4.1/database.c 2005-07-24 22:39:30.000000000 +0200
+diff -ur vixie.orig/database.c vixie/database.c
+--- vixie.orig/database.c 2005-09-01 22:40:02.000000000 +0200
++++ vixie/database.c 2005-09-02 08:52:37.000000000 +0200
@@ -36,7 +36,7 @@
void
@@ -31,7 +31,7 @@
+ log_it("CRON", getpid(), "STAT FAILED", "/etc/cron.d");
+ (void) exit(ERROR_EXIT);
+ }
-+
++
/* track system crontab file
*/
if (stat(SYSCRONTAB, &syscron_stat) < OK)
@@ -41,7 +41,7 @@
*/
- if (old_db->mtime == TMAX(statbuf.st_mtime, syscron_stat.st_mtime)) {
+ if (old_db->mtime == TMAX(crond_stat.st_mtime,
-+ TMAX(statbuf.st_mtime, syscron_stat.st_mtime))) {
++ TMAX(statbuf.st_mtime, syscron_stat.st_mtime))) {
Debug(DLOAD, ("[%ld] spool dir mtime unch, no load needed.\n",
(long)getpid()))
return;
@@ -51,7 +51,7 @@
*/
- new_db.mtime = TMAX(statbuf.st_mtime, syscron_stat.st_mtime);
+ new_db.mtime = TMAX(crond_stat.st_mtime,
-+ TMAX(statbuf.st_mtime, syscron_stat.st_mtime));
++ TMAX(statbuf.st_mtime, syscron_stat.st_mtime));
new_db.head = new_db.tail = NULL;
if (syscron_stat.st_mtime)
@@ -80,7 +80,7 @@
+ if (dp->d_name[ln-1] == '~')
+ continue;
+
-+ /* ignore *.rpmnew and *.rpmsave files */
++ /* ignore *.rpmnew, *.rpmsave and *.rpmorig files */
+ if ((ln > 7 && strstr(&dp->d_name[ln-7], ".rpmnew")) ||
+ (ln > 8 && strstr(&dp->d_name[ln-8], ".rpmsave")) ||
+ (ln > 8 && strstr(&dp->d_name[ln-8], ".rpmorig")))
@@ -97,7 +97,7 @@
/* we used to keep this dir open all the time, for the sake of
* efficiency. however, we need to close it in every fork, and
* we fork a lot more often than the mtime of the dir changes.
-@@ -263,7 +263,7 @@
+@@ -206,7 +249,7 @@
log_it(fname, getpid(), "NOT REGULAR", tabname);
goto next_crontab;
}
@@ -106,9 +106,9 @@
log_it(fname, getpid(), "BAD FILE MODE", tabname);
goto next_crontab;
}
-diff -uNr vixie-cron-4.1.p7/FEATURES vixie-cron-4.1/FEATURES
---- vixie-cron-4.1.p7/FEATURES 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/FEATURES 2005-07-24 22:35:17.000000000 +0200
+diff -ur vixie.orig/FEATURES vixie/FEATURES
+--- vixie.orig/FEATURES 2005-09-01 20:26:31.000000000 +0200
++++ vixie/FEATURES 2005-09-02 08:28:47.000000000 +0200
@@ -82,3 +82,8 @@
act this way and do the more reasonable thing, which is (IMHO) to "or"
the various field-matches together. In that sense this cron may not
================================================================
Index: SOURCES/vixie-cron-noroot.patch
diff -u SOURCES/vixie-cron-noroot.patch:1.2 SOURCES/vixie-cron-noroot.patch:1.3
--- SOURCES/vixie-cron-noroot.patch:1.2 Mon Jul 25 12:45:08 2005
+++ SOURCES/vixie-cron-noroot.patch Fri Sep 2 13:16:20 2005
@@ -1,28 +1,29 @@
-diff -uNr vixie-cron-4.1.p19/crontab.c vixie-cron-4.1/crontab.c
---- vixie-cron-4.1.p19/crontab.c 2005-07-24 23:23:18.000000000 +0200
-+++ vixie-cron-4.1/crontab.c 2005-07-24 23:35:28.000000000 +0200
-@@ -288,6 +288,7 @@
+diff -ur vixie.orig/crontab.c vixie/crontab.c
+--- vixie.orig/crontab.c 2005-09-02 10:08:01.000000000 +0200
++++ vixie/crontab.c 2005-09-02 10:08:56.000000000 +0200
+@@ -293,7 +293,7 @@
+ edit_cmd(void) {
char n[MAX_FNAME], q[MAX_TEMPSTR], *editor;
FILE *f;
- int ch, t, x;
-+ uid_t saved_uid;
+- int ch, t, x;
++ int ch, t, x, saved_uid;
struct stat statbuf;
struct utimbuf utimebuf;
WAIT_T waiter;
-@@ -376,6 +377,12 @@
+@@ -382,6 +382,12 @@
exit(ERROR_EXIT);
}
utime(Filename, &utimebuf);
+ /* Do not move this statement! */
-+ saved_uid = MY_UID(pw);
++ saved_uid = getuid();
+ if (saved_uid < 0) {
+ perror("getuid");
+ exit(ERROR_EXIT);
-+ }
++ }
again:
rewind(NewCrontab);
if (ferror(NewCrontab)) {
-@@ -409,7 +416,7 @@
+@@ -415,7 +421,7 @@
perror("setgid(getgid())");
exit(ERROR_EXIT);
}
================================================================
Index: SOURCES/vixie-cron-pam.patch
diff -u SOURCES/vixie-cron-pam.patch:1.2 SOURCES/vixie-cron-pam.patch:1.3
--- SOURCES/vixie-cron-pam.patch:1.2 Mon Jul 25 12:45:39 2005
+++ SOURCES/vixie-cron-pam.patch Fri Sep 2 13:16:20 2005
@@ -1,6 +1,6 @@
-diff -uNr vixie-cron-4.1.p20/do_command.c vixie-cron-4.1/do_command.c
---- vixie-cron-4.1.p20/do_command.c 2005-07-24 23:13:19.000000000 +0200
-+++ vixie-cron-4.1/do_command.c 2005-07-24 23:41:34.000000000 +0200
+diff -ur vixie.orig/do_command.c vixie/do_command.c
+--- vixie.orig/do_command.c 2005-09-02 08:59:14.000000000 +0200
++++ vixie/do_command.c 2005-09-02 09:42:17.000000000 +0200
@@ -25,6 +25,17 @@
#include "cron.h"
@@ -8,8 +8,8 @@
+#include <security/pam_appl.h>
+static pam_handle_t *pamh = NULL;
+static const struct pam_conv conv = {
-+ NULL
-+};
++ NULL
++ };
+#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
+ fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
+ syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
@@ -27,7 +27,7 @@
Debug(DPROC, ("[%ld] child_process('%s')\n", (long)getpid(), e->cmd))
-@@ -135,6 +147,15 @@
+@@ -134,6 +146,15 @@
*p = '\0';
}
@@ -43,9 +43,11 @@
/* fork again, this time so we can exec the user's command.
*/
switch (vfork()) {
-@@ -516,6 +537,9 @@
+@@ -513,7 +534,11 @@
+ if (WIFSIGNALED(waiter) && WCOREDUMP(waiter))
Debug(DPROC, (", dumped core"))
Debug(DPROC, ("\n"))
++
}
+ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+ retcode = pam_close_session(pamh, PAM_SILENT);
@@ -53,9 +55,9 @@
}
static int
-diff -uNr vixie-cron-4.1.p20/Makefile vixie-cron-4.1/Makefile
---- vixie-cron-4.1.p20/Makefile 2005-07-24 00:05:03.000000000 +0200
-+++ vixie-cron-4.1/Makefile 2005-07-24 23:37:58.000000000 +0200
+diff -ur vixie.orig/Makefile vixie/Makefile
+--- vixie.orig/Makefile 2005-09-01 22:17:26.000000000 +0200
++++ vixie/Makefile 2005-09-02 09:38:53.000000000 +0200
@@ -59,7 +59,7 @@
INCLUDE = -I.
#INCLUDE =
@@ -65,12 +67,3 @@
#<<optimize or debug?>>
CDEBUG = $(RPM_OPT_FLAGS)
#CDEBUG = -g
-@@ -68,7 +68,7 @@
- #<<want to use a nonstandard CC?>>
- CC = gcc -Wall -Wno-unused -Wno-comment
- #<<manifest defines>>
--DEFS = -s
-+DEFS =
- #(SGI IRIX systems need this)
- #DEFS = -D_BSD_SIGNALS -Dconst=
- #<<the name of the BSD-like install program>>
================================================================
Index: SOURCES/vixie-cron-pld.patch
diff -u SOURCES/vixie-cron-pld.patch:1.3 SOURCES/vixie-cron-pld.patch:1.4
--- SOURCES/vixie-cron-pld.patch:1.3 Wed Aug 3 15:19:56 2005
+++ SOURCES/vixie-cron-pld.patch Fri Sep 2 13:16:20 2005
@@ -1,6 +1,6 @@
-diff -uNr vixie-cron-4.1.orig/cron.8 vixie-cron-4.1/cron.8
---- vixie-cron-4.1.orig/cron.8 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/cron.8 2005-07-24 00:11:24.000000000 +0200
+diff -ur vixie.orig/cron.8 vixie/cron.8
+--- vixie.orig/cron.8 2005-09-01 20:26:31.000000000 +0200
++++ vixie/cron.8 2005-09-02 09:45:56.000000000 +0200
@@ -36,7 +36,7 @@
starting it out of init.
.PP
@@ -10,9 +10,9 @@
/etc/passwd; crontabs found are loaded into memory.
.I Cron
also searches for /etc/crontab which is in a different format (see
-diff -uNr vixie-cron-4.1.orig/crontab.1 vixie-cron-4.1/crontab.1
---- vixie-cron-4.1.orig/crontab.1 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/crontab.1 2005-07-24 00:12:10.000000000 +0200
+diff -ur vixie.orig/crontab.1 vixie/crontab.1
+--- vixie.orig/crontab.1 2005-09-01 20:26:31.000000000 +0200
++++ vixie/crontab.1 2005-09-02 09:45:56.000000000 +0200
@@ -88,8 +88,8 @@
crontab(5), cron(8)
.SH FILES
@@ -24,10 +24,22 @@
.fi
.SH STANDARDS
The
-diff -uNr vixie-cron-4.1.orig/Makefile vixie-cron-4.1/Makefile
---- vixie-cron-4.1.orig/Makefile 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/Makefile 2005-07-24 00:05:03.000000000 +0200
-@@ -54,28 +54,28 @@
+diff -ur vixie.orig/globals.h vixie/globals.h
+--- vixie.orig/globals.h 2005-09-01 20:26:31.000000000 +0200
++++ vixie/globals.h 2005-09-02 09:45:56.000000000 +0200
+@@ -59,7 +59,7 @@
+ #endif
+ ;
+
+-XTRN char *ProgramName INIT("amnesia");
++XTRN char *ProgramName INIT("crond");
+ XTRN int LineNumber INIT(0);
+ XTRN time_t StartTime INIT(0);
+ XTRN int NoFork INIT(0);
+diff -ur vixie.orig/Makefile vixie/Makefile
+--- vixie.orig/Makefile 2005-09-01 20:26:31.000000000 +0200
++++ vixie/Makefile 2005-09-02 09:46:13.000000000 +0200
+@@ -54,15 +54,15 @@
DESTROOT = $(DESTDIR)/usr
DESTSBIN = $(DESTROOT)/sbin
DESTBIN = $(DESTROOT)/bin
@@ -46,13 +58,7 @@
#<<lint flags of choice?>>
LINTFLAGS = -hbxa $(INCLUDE) $(DEBUGGING)
#<<want to use a nonstandard CC?>>
- CC = gcc -Wall -Wno-unused -Wno-comment
- #<<manifest defines>>
--DEFS =
-+DEFS = -s
- #(SGI IRIX systems need this)
- #DEFS = -D_BSD_SIGNALS -Dconst=
- #<<the name of the BSD-like install program>>
+@@ -75,7 +75,7 @@
#INSTALL = installbsd
INSTALL = install
#<<any special load flags>>
@@ -61,7 +67,7 @@
#################################### end configurable stuff
SHELL = /bin/sh
-@@ -110,13 +110,16 @@
+@@ -110,23 +110,26 @@
$(CC) $(LDFLAGS) -o crontab $(CRONTAB_OBJ) $(LIBS)
install : all
@@ -82,19 +88,21 @@
distclean : clean
rm -f *.orig *.rej *.BAK *.CKP *~ #*
-@@ -126,7 +129,8 @@
- rm -f *.o
+ rm -f a.out core tags
+
+ clean :
+- rm -f *.o
++ rm -f *.o a.out core tags *~ #*
rm -f cron crontab
-tags :; ctags ${SOURCES}
-+tags :
-+ ctags ${SOURCES}
++tags : ctags ${SOURCES}
kit : $(SHAR_SOURCE)
shar $(SHAR_SOURCE) >kit
-diff -uNr vixie-cron-4.1.orig/pathnames.h vixie-cron-4.1/pathnames.h
---- vixie-cron-4.1.orig/pathnames.h 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/pathnames.h 2005-07-24 00:14:24.000000000 +0200
+diff -ur vixie.orig/pathnames.h vixie/pathnames.h
+--- vixie.orig/pathnames.h 2005-09-01 20:26:31.000000000 +0200
++++ vixie/pathnames.h 2005-09-02 09:45:56.000000000 +0200
@@ -35,7 +35,7 @@
* to; SPOOL_DIR, CRON_ALLOW, CRON_DENY, and LOG_FILE
* are all relative to this directory.
@@ -126,7 +134,7 @@
* be used.
*/
-#define LOG_FILE "log"
-+#undef LOG_FILE
++#define LOG_FILE "/var/log/cron"
/* where should the daemon stick its PID?
* PIDDIR must end in '/'.
@@ -139,15 +147,3 @@
#define _PATH_CRON_PID PIDDIR PIDFILE
/* 4.3BSD-style crontab */
-diff -uNr vixie-cron-4.1.orig/globals.h vixie-cron-4.1/globals.h
---- vixie-cron-4.1.orig/globals.h 2005-08-03 15:03:12.699629976 +0200
-+++ vixie-cron-4.1/globals.h 2005-08-03 15:03:58.225708960 +0200
-@@ -59,7 +59,7 @@
- #endif
- ;
-
--XTRN char *ProgramName INIT("amnesia");
-+XTRN char *ProgramName INIT("crond");
- XTRN int LineNumber INIT(0);
- XTRN time_t StartTime INIT(0);
- XTRN int NoFork INIT(0);
================================================================
Index: SOURCES/vixie-cron-security3.patch
diff -u SOURCES/vixie-cron-security3.patch:1.2 SOURCES/vixie-cron-security3.patch:1.3
--- SOURCES/vixie-cron-security3.patch:1.2 Mon Jul 25 12:44:50 2005
+++ SOURCES/vixie-cron-security3.patch Fri Sep 2 13:16:20 2005
@@ -1,12 +1,16 @@
-diff -uNr vixie-cron-4.1.p18/crontab.c vixie-cron-4.1/crontab.c
---- vixie-cron-4.1.p18/crontab.c 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/crontab.c 2005-07-24 23:23:18.000000000 +0200
-@@ -132,8 +132,10 @@
+diff -ur vixie.orig/crontab.c vixie/crontab.c
+--- vixie.orig/crontab.c 2005-09-01 22:40:02.000000000 +0200
++++ vixie/crontab.c 2005-09-02 09:28:05.000000000 +0200
+@@ -132,8 +132,14 @@
fprintf(stderr, "username too long\n");
exit(ERROR_EXIT);
}
- strcpy(User, pw->pw_name);
- strcpy(RealUser, User);
++ if (strlen (pw->pw_name) >= sizeof(User)) {
++ fprintf(stderr, "crontab: fatal: username too long\n");
++ exit(ERROR_EXIT);
++ }
+ memset(User,0,MAX_UNAME);
+ memset(RealUser,0,MAX_UNAME);
+ strncpy(User, pw->pw_name, MAX_UNAME - 1);
@@ -14,7 +18,7 @@
Filename[0] = '\0';
Option = opt_unknown;
while (-1 != (argch = getopt(argc, argv, getoptargs))) {
-@@ -157,7 +159,7 @@
+@@ -157,7 +163,7 @@
}
if (strlen(optarg) >= sizeof User)
usage("username too long");
@@ -23,18 +27,19 @@
break;
case 'l':
if (Option != opt_unknown)
-diff -uNr vixie-cron-4.1.p18/macros.h vixie-cron-4.1/macros.h
---- vixie-cron-4.1.p18/macros.h 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/macros.h 2005-07-24 23:19:19.000000000 +0200
+diff -ur vixie.orig/macros.h vixie/macros.h
+--- vixie.orig/macros.h 2005-09-01 20:26:31.000000000 +0200
++++ vixie/macros.h 2005-09-02 09:31:47.000000000 +0200
@@ -48,7 +48,12 @@
#define MAX_COMMAND 1000 /* max length of internally generated cmd */
#define MAX_ENVSTR 1000 /* max length of envvar=value\0 strings */
#define MAX_TEMPSTR 100 /* obvious */
+-#define MAX_UNAME 33 /* max length of username, should be overkill */
+#if defined(__GLIBC__) && ( __GLIBC__ >= 2 )
+#include <utmpx.h>
+#define MAX_UNAME __UT_NAMESIZE
+#else
- #define MAX_UNAME 33 /* max length of username, should be overkill */
++#define MAX_UNAME 32 /* max length of username, should be overkill */
+#endif
#define ROOT_UID 0 /* don't change this, it really must be root */
#define ROOT_USER "root" /* ditto */
================================================================
Index: SOURCES/vixie-cron-selinux.patch
diff -u SOURCES/vixie-cron-selinux.patch:1.5 SOURCES/vixie-cron-selinux.patch:1.6
--- SOURCES/vixie-cron-selinux.patch:1.5 Sat Jul 30 12:54:19 2005
+++ SOURCES/vixie-cron-selinux.patch Fri Sep 2 13:16:20 2005
@@ -1,6 +1,6 @@
-diff -uNr vixie-cron-4.1.p22/cron.c vixie-cron-4.1/cron.c
---- vixie-cron-4.1.p22/cron.c 2005-07-23 12:40:30.000000000 +0200
-+++ vixie-cron-4.1/cron.c 2005-07-24 23:59:50.000000000 +0200
+diff -u vixie.orig/cron.c vixie/cron.c
+--- vixie.orig/cron.c 2005-09-02 12:24:57.000000000 +0200
++++ vixie/cron.c 2005-09-02 12:25:28.000000000 +0200
@@ -110,7 +110,7 @@
break;
case 0:
@@ -10,9 +10,9 @@
if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) >= 0) {
(void) dup2(fd, STDIN);
(void) dup2(fd, STDOUT);
-diff -uNr vixie-cron-4.1.p22/database.c vixie-cron-4.1/database.c
---- vixie-cron-4.1.p22/database.c 2005-07-24 23:50:09.000000000 +0200
-+++ vixie-cron-4.1/database.c 2005-07-25 00:22:09.000000000 +0200
+diff -u vixie.orig/database.c vixie/database.c
+--- vixie.orig/database.c 2005-09-02 12:24:57.000000000 +0200
++++ vixie/database.c 2005-09-02 12:25:28.000000000 +0200
@@ -28,6 +28,15 @@
#include "cron.h"
@@ -38,7 +38,7 @@
} else if ((pw = getpwnam(uname)) == NULL) {
/* file doesn't have a user in passwd file.
*/
-@@ -293,6 +302,60 @@
+@@ -288,6 +297,59 @@
free_user(u);
log_it(fname, getpid(), "RELOAD", tabname);
}
@@ -56,7 +56,7 @@
+ } else {
+ log_it(fname, getpid(), "getfilecon FAILED but SELinux in permissive mode, continuing", tabname);
+ goto selinux_out;
-+ }
++ }
+ }
+
+ /*
@@ -68,12 +68,12 @@
+ */
+ if (get_default_context(fname, NULL, &user_context)) {
+ freecon(file_context);
-+ if (security_getenforce() > 0) {
-+ log_it(fname, getpid(), "NO CONTEXT", tabname);
-+ goto next_crontab;
++ if (security_getenforce() > 0) {
++ log_it(fname, getpid(), "NO CONTEXT", tabname);
++ goto next_crontab;
+ } else {
-+ log_it(fname, getpid(), "NO CONTEXT but SELinux in permissive mode, continuing", tabname);
-+ goto selinux_out;
++ log_it(fname, getpid(), "NO CONTEXT but SELinux in permissive mode, continuing", tabname);
++ goto selinux_out;
+ }
+ }
+ retval = security_compute_av(user_context,
@@ -93,15 +93,14 @@
+ }
+ }
+selinux_out:
-+ ((void)0);
+ }
+#endif
u = load_user(crontab_fd, pw, fname);
if (u != NULL) {
u->mtime = statbuf->st_mtime;
-diff -uNr vixie-cron-4.1.p22/do_command.c vixie-cron-4.1/do_command.c
---- vixie-cron-4.1.p22/do_command.c 2005-07-25 00:07:52.000000000 +0200
-+++ vixie-cron-4.1/do_command.c 2005-07-25 00:21:27.000000000 +0200
+diff -u vixie.orig/do_command.c vixie/do_command.c
+--- vixie.orig/do_command.c 2005-09-02 12:24:57.000000000 +0200
++++ vixie/do_command.c 2005-09-02 12:27:57.000000000 +0200
@@ -23,6 +23,10 @@
static char rcsid[] = "$Id$";
#endif
@@ -113,35 +112,35 @@
#include "cron.h"
#include <security/pam_appl.h>
-@@ -295,6 +299,25 @@
- */
- (void) signal(SIGCHLD, SIG_DFL);
- #endif /*USE_SIGCHLD*/
+@@ -293,6 +297,25 @@
+ _exit(OK_EXIT);
+ }
+ # endif /*DEBUGGING*/
+#ifdef WITH_SELINUX
+ if (is_selinux_enabled()>0) {
-+ security_context_t scontext;
-+ if (get_default_context(u->name, NULL, &scontext)) {
-+ if (security_getenforce() > 0) {
-+ fprintf(stderr, "execle: couldn't get security context for user %s\n", u->name);
-+ _exit(ERROR_EXIT);
++ security_context_t scontext;
++ if (get_default_context(u->name, NULL, &scontext)) {
++ if (security_getenforce() > 0) {
++ fprintf(stderr, "execle: couldn't get security context for user %s\n", u->name);
++ _exit(ERROR_EXIT);
++ }
++ } else {
++ if (setexeccon(scontext) < 0) {
++ if (security_getenforce() > 0) {
++ fprintf(stderr, "Could not set exec context to %s for user %s\n", scontext,u->name);
++ _exit(ERROR_EXIT);
++ }
++ }
++ freecon(scontext);
+ }
-+ } else {
-+ if (setexeccon(scontext) < 0) {
-+ if (security_getenforce() > 0) {
-+ fprintf(stderr, "Could not set exec context to %s for user %s\n", scontext,u->name);
-+ _exit(ERROR_EXIT);
-+ }
-+ }
-+ freecon(scontext);
-+ }
-+ }
-+#endif /*WITH_SELINUX*/
++ }
++#endif
execle(shell, shell, "-c", e->cmd, (char *)0, e->envp);
fprintf(stderr, "execl: couldn't exec `%s'\n", shell);
perror("execl");
-diff -uNr vixie-cron-4.1.p22/Makefile vixie-cron-4.1/Makefile
---- vixie-cron-4.1.p22/Makefile 2005-07-24 23:37:58.000000000 +0200
-+++ vixie-cron-4.1/Makefile 2005-07-25 00:00:34.000000000 +0200
+diff -u vixie.orig/Makefile vixie/Makefile
+--- vixie.orig/Makefile 2005-09-02 12:24:57.000000000 +0200
++++ vixie/Makefile 2005-09-02 12:25:28.000000000 +0200
@@ -59,7 +59,7 @@
INCLUDE = -I.
#INCLUDE =
@@ -155,7 +154,7 @@
#<<want to use a nonstandard CC?>>
CC = gcc -Wall -Wno-unused -Wno-comment
#<<manifest defines>>
--DEFS =
+-DEFS =
+DEFS = -DWITH_SELINUX
#(SGI IRIX systems need this)
#DEFS = -D_BSD_SIGNALS -Dconst=
================================================================
Index: SOURCES/vixie-cron-sprintf.patch
diff -u SOURCES/vixie-cron-sprintf.patch:1.2 SOURCES/vixie-cron-sprintf.patch:1.3
--- SOURCES/vixie-cron-sprintf.patch:1.2 Mon Jul 25 12:38:17 2005
+++ SOURCES/vixie-cron-sprintf.patch Fri Sep 2 13:16:20 2005
@@ -1,6 +1,6 @@
-diff -uNr vixie-cron-4.1.p0/do_command.c vixie-cron-4.1/do_command.c
---- vixie-cron-4.1.p0/do_command.c 2005-07-23 12:40:31.000000000 +0200
-+++ vixie-cron-4.1/do_command.c 2005-07-24 21:57:56.000000000 +0200
+diff -ur vixie.orig/do_command.c vixie/do_command.c
+--- vixie.orig/do_command.c 2005-09-01 20:26:31.000000000 +0200
++++ vixie/do_command.c 2005-09-01 22:43:36.000000000 +0200
@@ -412,7 +412,7 @@
fprintf(stderr, "mailcmd too long\n");
(void) _exit(ERROR_EXIT);
@@ -19,9 +19,9 @@
"mailed %d byte%s of output but got status 0x%04x\n",
bytes, (bytes==1)?"":"s",
status);
-diff -uNr vixie-cron-4.1.p0/misc.c vixie-cron-4.1/misc.c
---- vixie-cron-4.1.p0/misc.c 2005-07-23 12:40:31.000000000 +0200
-+++ vixie-cron-4.1/misc.c 2005-07-24 22:15:24.000000000 +0200
+diff -ur vixie.orig/misc.c vixie/misc.c
+--- vixie.orig/misc.c 2005-09-01 20:26:31.000000000 +0200
++++ vixie/misc.c 2005-09-01 22:53:45.000000000 +0200
@@ -290,7 +290,7 @@
pidfile = _PATH_CRON_PID;
/* Initial mode is 0600 to prevent flock() race/DoS. */
@@ -50,12 +50,21 @@
pidfile, otherpid, strerror(save_errno));
fprintf(stderr, "%s: %s\n", ProgramName, buf);
log_it("CRON", getpid(), "DEATH", buf);
-@@ -473,16 +473,18 @@
+@@ -322,7 +322,7 @@
+ (void) fcntl(fd, F_SETFD, 1);
+ }
+
+- sprintf(buf, "%ld\n", (long)getpid());
++ snprintf(buf, MAX_TEMPSTR, "%ld\n", (long)getpid());
+ (void) lseek(fd, (off_t)0, SEEK_SET);
+ num = write(fd, buf, strlen(buf));
+ (void) ftruncate(fd, num);
+@@ -473,16 +473,19 @@
TIME_T now = time((TIME_T) 0);
struct tm *t = localtime(&now);
#endif /*LOG_FILE*/
--
-+ int msg_size;
++ int msg_size;
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/vixie-cron-crond.patch?r1=1.10&r2=1.11&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron-noroot.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron-pam.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron-pld.patch?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron-security3.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron-selinux.patch?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron-sprintf.patch?r1=1.2&r2=1.3&f=u
More information about the pld-cvs-commit
mailing list