forked from rpms/cronie
Auto sync2gitlab import of cronie-1.5.2-6.el8.src.rpm
This commit is contained in:
parent
40e20c35ec
commit
baef22f9f4
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
/cronie-1.5.2.tar.gz
|
41
cronie-1.5.2-context-role.patch
Normal file
41
cronie-1.5.2-context-role.patch
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
From 1f866530f5b3c49012c61b299f3c4e1dceff2a71 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tomas Mraz <tmraz@fedoraproject.org>
|
||||||
|
Date: Thu, 18 Oct 2018 14:25:58 +0200
|
||||||
|
Subject: [PATCH] Use the role from the crond context for system job contexts.
|
||||||
|
|
||||||
|
New SELinux policy added multiple roles for the system_u user on crond_t.
|
||||||
|
The default context returned from get_default_context_with_level() is now
|
||||||
|
unconfined_t instead of system_cronjob_t which is incorrect for system cron
|
||||||
|
jobs.
|
||||||
|
We use the role to limit the default context to system_cronjob_t.
|
||||||
|
---
|
||||||
|
src/security.c | 6 ++++--
|
||||||
|
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/security.c b/src/security.c
|
||||||
|
index d1bdc7f..5213cf3 100644
|
||||||
|
--- a/src/security.c
|
||||||
|
+++ b/src/security.c
|
||||||
|
@@ -505,6 +505,7 @@ get_security_context(const char *name, int crontab_fd,
|
||||||
|
retval = get_default_context_with_level(seuser, level, NULL, &scontext);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
+ const char *current_user, *current_role;
|
||||||
|
if (getcon(¤t_context_str) < 0) {
|
||||||
|
log_it(name, getpid(), "getcon FAILED", "", 0);
|
||||||
|
return (security_getenforce() > 0);
|
||||||
|
@@ -517,8 +518,9 @@ get_security_context(const char *name, int crontab_fd,
|
||||||
|
return (security_getenforce() > 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
- const char *current_user = context_user_get(current_context);
|
||||||
|
- retval = get_default_context_with_level(current_user, level, NULL, &scontext);
|
||||||
|
+ current_user = context_user_get(current_context);
|
||||||
|
+ current_role = context_role_get(current_context);
|
||||||
|
+ retval = get_default_context_with_rolelevel(current_user, current_role, level, NULL, &scontext);
|
||||||
|
|
||||||
|
freecon(current_context_str);
|
||||||
|
context_free(current_context);
|
||||||
|
--
|
||||||
|
2.14.5
|
||||||
|
|
26
cronie-1.5.2-create-pid-files.patch
Normal file
26
cronie-1.5.2-create-pid-files.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
From 0570c2cd979bc9ce1da6a873089e89dbca900a1f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tomas Mraz <tmraz@fedoraproject.org>
|
||||||
|
Date: Tue, 7 May 2019 14:45:53 +0200
|
||||||
|
Subject: [PATCH] Revert "Avoid creating pid files when crond doesn't fork"
|
||||||
|
|
||||||
|
This reverts commit 5b285b46b88dc63689c6a56542cb2ba81f861b66.
|
||||||
|
The PID file is useful to avoid running multiple crond instances
|
||||||
|
at once.
|
||||||
|
---
|
||||||
|
src/misc.c | 3 ---
|
||||||
|
1 file changed, 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/misc.c b/src/misc.c
|
||||||
|
index 42153b8..faf6ffb 100644
|
||||||
|
--- a/src/misc.c
|
||||||
|
+++ b/src/misc.c
|
||||||
|
@@ -315,9 +315,6 @@ void acquire_daemonlock(int closeflag) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (NoFork == 1)
|
||||||
|
- return; //move along, nothing to do here...
|
||||||
|
-
|
||||||
|
if (fd == -1) {
|
||||||
|
pidfile = _PATH_CRON_PID;
|
||||||
|
/* Initial mode is 0600 to prevent flock() race/DoS. */
|
13
cronie-1.5.2-restart-on-failure.patch
Normal file
13
cronie-1.5.2-restart-on-failure.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
diff -ru cronie-1.5.2/contrib/cronie.systemd cronie-1.5.2_patched/contrib/cronie.systemd
|
||||||
|
--- cronie-1.5.2/contrib/cronie.systemd 2018-11-27 15:26:46.797288342 +0100
|
||||||
|
+++ cronie-1.5.2_patched/contrib/cronie.systemd 2018-11-27 15:26:19.479159225 +0100
|
||||||
|
@@ -7,6 +7,8 @@
|
||||||
|
ExecStart=/usr/sbin/crond -n $CRONDARGS
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
KillMode=process
|
||||||
|
+Restart=on-failure
|
||||||
|
+RestartSec=30s
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
|
26
cronie-1.5.2-use-pam-system-auth.patch
Normal file
26
cronie-1.5.2-use-pam-system-auth.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
From 978a00ea7ac92852c153ebb3b2152886730ca51c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Marcel Plch <mplch@redhat.com>
|
||||||
|
Date: Fri, 7 Dec 2018 15:01:19 +0100
|
||||||
|
Subject: [PATCH] Use system-auth instead of password-auth for PAM
|
||||||
|
authentication (#25)
|
||||||
|
|
||||||
|
---
|
||||||
|
pam/crond | 6 +++---
|
||||||
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/pam/crond b/pam/crond
|
||||||
|
index 91964aa..560529d 100644
|
||||||
|
--- a/pam/crond
|
||||||
|
+++ b/pam/crond
|
||||||
|
@@ -4,8 +4,8 @@
|
||||||
|
#
|
||||||
|
# Although no PAM authentication is called, auth modules
|
||||||
|
# are used for credential setting
|
||||||
|
-auth include password-auth
|
||||||
|
+auth include system-auth
|
||||||
|
account required pam_access.so
|
||||||
|
-account include password-auth
|
||||||
|
+account include system-auth
|
||||||
|
session required pam_loginuid.so
|
||||||
|
-session include password-auth
|
||||||
|
+session include system-auth
|
550
cronie.spec
Normal file
550
cronie.spec
Normal file
@ -0,0 +1,550 @@
|
|||||||
|
%bcond_without selinux
|
||||||
|
%bcond_without pam
|
||||||
|
%bcond_without audit
|
||||||
|
%bcond_without inotify
|
||||||
|
|
||||||
|
Summary: Cron daemon for executing programs at set times
|
||||||
|
Name: cronie
|
||||||
|
Version: 1.5.2
|
||||||
|
Release: 6%{?dist}
|
||||||
|
License: MIT and BSD and ISC and GPLv2+
|
||||||
|
Group: System Environment/Base
|
||||||
|
URL: https://github.com/cronie-crond/cronie
|
||||||
|
Source0: https://github.com/cronie-crond/cronie/releases/download/cronie-%{version}/cronie-%{version}.tar.gz
|
||||||
|
|
||||||
|
Requires: dailyjobs
|
||||||
|
|
||||||
|
%if %{with selinux}
|
||||||
|
Requires: libselinux >= 2.0.64
|
||||||
|
Buildrequires: libselinux-devel >= 2.0.64
|
||||||
|
%endif
|
||||||
|
%if %{with pam}
|
||||||
|
Requires: pam >= 1.0.1
|
||||||
|
Buildrequires: pam-devel >= 1.0.1
|
||||||
|
%endif
|
||||||
|
%if %{with audit}
|
||||||
|
Buildrequires: audit-libs-devel >= 1.4.1
|
||||||
|
%endif
|
||||||
|
|
||||||
|
BuildRequires: gcc
|
||||||
|
BuildRequires: systemd
|
||||||
|
Obsoletes: %{name}-sysvinit
|
||||||
|
|
||||||
|
Requires(post): coreutils sed
|
||||||
|
Requires(post): systemd
|
||||||
|
Requires(preun): systemd
|
||||||
|
Requires(postun): systemd
|
||||||
|
Requires(post): systemd
|
||||||
|
|
||||||
|
# Some parts of code could result in a memory leak.
|
||||||
|
Patch0: fix-memory-leaks.patch
|
||||||
|
# Some parts of code could result in undefined behavior.
|
||||||
|
Patch1: fix-unsafe-code.patch
|
||||||
|
# Use correct selinux role
|
||||||
|
Patch2: cronie-1.5.2-context-role.patch
|
||||||
|
# Make systemd restart crond when it fails.
|
||||||
|
Patch3: cronie-1.5.2-restart-on-failure.patch
|
||||||
|
# Revert "Avoid creating pid files when crond doesn't fork"
|
||||||
|
Patch4: cronie-1.5.2-create-pid-files.patch
|
||||||
|
# Use system-auth in PAM (rhbz#2005526)
|
||||||
|
Patch5: cronie-1.5.2-use-pam-system-auth.patch
|
||||||
|
|
||||||
|
%description
|
||||||
|
Cronie contains the standard UNIX daemon crond that runs specified programs at
|
||||||
|
scheduled times and related tools. It is a fork of the original vixie-cron and
|
||||||
|
has security and configuration enhancements like the ability to use pam and
|
||||||
|
SELinux.
|
||||||
|
|
||||||
|
%package anacron
|
||||||
|
Summary: Utility for running regular jobs
|
||||||
|
Requires: crontabs
|
||||||
|
Group: System Environment/Base
|
||||||
|
Provides: dailyjobs
|
||||||
|
Provides: anacron = 2.4
|
||||||
|
Obsoletes: anacron <= 2.3
|
||||||
|
Requires(post): coreutils
|
||||||
|
Requires: %{name} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description anacron
|
||||||
|
Anacron is part of cronie that is used for running jobs with regular
|
||||||
|
periodicity which do not have exact time of day of execution.
|
||||||
|
|
||||||
|
The default settings of anacron execute the daily, weekly, and monthly
|
||||||
|
jobs, but anacron allows setting arbitrary periodicity of jobs.
|
||||||
|
|
||||||
|
Using anacron allows running the periodic jobs even if the system is often
|
||||||
|
powered off and it also allows randomizing the time of the job execution
|
||||||
|
for better utilization of resources shared among multiple systems.
|
||||||
|
|
||||||
|
%package noanacron
|
||||||
|
Summary: Utility for running simple regular jobs in old cron style
|
||||||
|
Group: System Environment/Base
|
||||||
|
Provides: dailyjobs
|
||||||
|
Requires: crontabs
|
||||||
|
Requires: %{name} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description noanacron
|
||||||
|
Old style of running {hourly,daily,weekly,monthly}.jobs without anacron. No
|
||||||
|
extra features.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q
|
||||||
|
|
||||||
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
|
%build
|
||||||
|
%configure \
|
||||||
|
%if %{with pam}
|
||||||
|
--with-pam \
|
||||||
|
%endif
|
||||||
|
%if %{with selinux}
|
||||||
|
--with-selinux \
|
||||||
|
%endif
|
||||||
|
%if %{with audit}
|
||||||
|
--with-audit \
|
||||||
|
%endif
|
||||||
|
%if %{with inotify}
|
||||||
|
--with-inotify \
|
||||||
|
%endif
|
||||||
|
--enable-anacron \
|
||||||
|
--enable-pie \
|
||||||
|
--enable-relro
|
||||||
|
|
||||||
|
make %{?_smp_mflags} V=2
|
||||||
|
|
||||||
|
%install
|
||||||
|
make install DESTDIR=$RPM_BUILD_ROOT DESTMAN=$RPM_BUILD_ROOT%{_mandir}
|
||||||
|
mkdir -pm700 $RPM_BUILD_ROOT%{_localstatedir}/spool/cron
|
||||||
|
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/
|
||||||
|
mkdir -pm755 $RPM_BUILD_ROOT%{_sysconfdir}/cron.d/
|
||||||
|
%if ! %{with pam}
|
||||||
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/crond
|
||||||
|
%endif
|
||||||
|
install -m 644 crond.sysconfig $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/crond
|
||||||
|
touch $RPM_BUILD_ROOT%{_sysconfdir}/cron.deny
|
||||||
|
install -m 644 contrib/anacrontab $RPM_BUILD_ROOT%{_sysconfdir}/anacrontab
|
||||||
|
install -c -m755 contrib/0hourly $RPM_BUILD_ROOT%{_sysconfdir}/cron.d/0hourly
|
||||||
|
mkdir -pm 755 $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly
|
||||||
|
install -c -m755 contrib/0anacron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/0anacron
|
||||||
|
mkdir -p $RPM_BUILD_ROOT/var/spool/anacron
|
||||||
|
touch $RPM_BUILD_ROOT/var/spool/anacron/cron.daily
|
||||||
|
touch $RPM_BUILD_ROOT/var/spool/anacron/cron.weekly
|
||||||
|
touch $RPM_BUILD_ROOT/var/spool/anacron/cron.monthly
|
||||||
|
|
||||||
|
# noanacron package
|
||||||
|
install -m 644 contrib/dailyjobs $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/dailyjobs
|
||||||
|
|
||||||
|
# install systemd initscript
|
||||||
|
mkdir -p $RPM_BUILD_ROOT/lib/systemd/system/
|
||||||
|
install -m 644 contrib/cronie.systemd $RPM_BUILD_ROOT/lib/systemd/system/crond.service
|
||||||
|
|
||||||
|
%post
|
||||||
|
# run after an installation
|
||||||
|
%systemd_post crond.service
|
||||||
|
|
||||||
|
%post anacron
|
||||||
|
[ -e /var/spool/anacron/cron.daily ] || touch /var/spool/anacron/cron.daily 2>/dev/null || :
|
||||||
|
[ -e /var/spool/anacron/cron.weekly ] || touch /var/spool/anacron/cron.weekly 2>/dev/null || :
|
||||||
|
[ -e /var/spool/anacron/cron.monthly ] || touch /var/spool/anacron/cron.monthly 2>/dev/null || :
|
||||||
|
|
||||||
|
%preun
|
||||||
|
# run before a package is removed
|
||||||
|
%systemd_preun crond.service
|
||||||
|
|
||||||
|
%postun
|
||||||
|
# run after a package is removed
|
||||||
|
%systemd_postun_with_restart crond.service
|
||||||
|
|
||||||
|
%triggerun -- cronie-anacron < 1.4.1
|
||||||
|
# empty /etc/crontab in case there are only old regular jobs
|
||||||
|
cp -a /etc/crontab /etc/crontab.rpmsave
|
||||||
|
sed -e '/^01 \* \* \* \* root run-parts \/etc\/cron\.hourly/d'\
|
||||||
|
-e '/^02 4 \* \* \* root run-parts \/etc\/cron\.daily/d'\
|
||||||
|
-e '/^22 4 \* \* 0 root run-parts \/etc\/cron\.weekly/d'\
|
||||||
|
-e '/^42 4 1 \* \* root run-parts \/etc\/cron\.monthly/d' /etc/crontab.rpmsave > /etc/crontab
|
||||||
|
exit 0
|
||||||
|
|
||||||
|
%triggerun -- cronie < 1.4.7-2
|
||||||
|
# Save the current service runlevel info
|
||||||
|
# User must manually run systemd-sysv-convert --apply crond
|
||||||
|
# to migrate them to systemd targets
|
||||||
|
/usr/bin/systemd-sysv-convert --save crond
|
||||||
|
|
||||||
|
# The package is allowed to autostart:
|
||||||
|
/bin/systemctl enable crond.service >/dev/null 2>&1
|
||||||
|
|
||||||
|
/sbin/chkconfig --del crond >/dev/null 2>&1 || :
|
||||||
|
/bin/systemctl try-restart crond.service >/dev/null 2>&1 || :
|
||||||
|
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||||
|
|
||||||
|
%triggerin -- pam, glibc, libselinux
|
||||||
|
# changes in pam, glibc or libselinux can make crond crash
|
||||||
|
# when it calls pam
|
||||||
|
/bin/systemctl try-restart crond.service >/dev/null 2>&1 || :
|
||||||
|
|
||||||
|
%files
|
||||||
|
%doc AUTHORS README ChangeLog
|
||||||
|
%{!?_licensedir:%global license %%doc}
|
||||||
|
%license COPYING
|
||||||
|
%attr(755,root,root) %{_sbindir}/crond
|
||||||
|
%attr(4755,root,root) %{_bindir}/crontab
|
||||||
|
%attr(755,root,root) %{_bindir}/cronnext
|
||||||
|
%{_mandir}/man8/crond.*
|
||||||
|
%{_mandir}/man8/cron.*
|
||||||
|
%{_mandir}/man5/crontab.*
|
||||||
|
%{_mandir}/man1/crontab.*
|
||||||
|
%{_mandir}/man1/cronnext.*
|
||||||
|
%dir %{_localstatedir}/spool/cron
|
||||||
|
%dir %{_sysconfdir}/cron.d
|
||||||
|
%if %{with pam}
|
||||||
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/crond
|
||||||
|
%endif
|
||||||
|
%config(noreplace) %{_sysconfdir}/sysconfig/crond
|
||||||
|
%config(noreplace) %{_sysconfdir}/cron.deny
|
||||||
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/cron.d/0hourly
|
||||||
|
%attr(0644,root,root) /lib/systemd/system/crond.service
|
||||||
|
|
||||||
|
%files anacron
|
||||||
|
%{_sbindir}/anacron
|
||||||
|
%attr(0755,root,root) %{_sysconfdir}/cron.hourly/0anacron
|
||||||
|
%config(noreplace) %{_sysconfdir}/anacrontab
|
||||||
|
%dir /var/spool/anacron
|
||||||
|
%ghost %attr(0600,root,root) %verify(not md5 size mtime) /var/spool/anacron/cron.daily
|
||||||
|
%ghost %attr(0600,root,root) %verify(not md5 size mtime) /var/spool/anacron/cron.weekly
|
||||||
|
%ghost %attr(0600,root,root) %verify(not md5 size mtime) /var/spool/anacron/cron.monthly
|
||||||
|
%{_mandir}/man5/anacrontab.*
|
||||||
|
%{_mandir}/man8/anacron.*
|
||||||
|
|
||||||
|
%files noanacron
|
||||||
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/cron.d/dailyjobs
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Mon Sep 20 2021 Jan Staněk <jstanek@redhat.com> - 1.5.2-6
|
||||||
|
- Use system-auth for PAM authentication
|
||||||
|
Resolves: rhbz#2005526
|
||||||
|
|
||||||
|
* Fri Sep 03 2021 Jan Staněk <jstanek@redhat.com> - 1.5.2-5
|
||||||
|
- Create PID files even when crond does not fork
|
||||||
|
Resolves: rhbz#1926300
|
||||||
|
|
||||||
|
* Wed Jun 12 2019 Marcel Plch <mplch@redhat.com> - 1.5.2-4
|
||||||
|
- Make crond restart on failure
|
||||||
|
- Resolves: rhbz#1715137
|
||||||
|
|
||||||
|
* Mon May 20 2019 Marcel Plch <mplch@redhat.com> - 1.5.2-3
|
||||||
|
- use role from the current context for system crontabs
|
||||||
|
- Resolves: rhbz#1708557
|
||||||
|
|
||||||
|
* Fri Sep 07 2018 Marcel Plch <mplch@redhat.com> - 1.5.2-2
|
||||||
|
- Covscan issues review
|
||||||
|
- Fix potential memory leaks
|
||||||
|
- Fix unsafe code
|
||||||
|
- Resolves: rhbz#1602467
|
||||||
|
|
||||||
|
* Thu May 3 2018 Tomáš Mráz <tmraz@redhat.com> - 1.5.2-1
|
||||||
|
- new upstream release 1.5.2
|
||||||
|
|
||||||
|
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu May 4 2017 Tomáš Mráz <tmraz@redhat.com> - 1.5.1-6
|
||||||
|
- fix Y2038 problems in cron and anacron (#1445136)
|
||||||
|
|
||||||
|
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jan 3 2017 Tomáš Mráz <tmraz@redhat.com> - 1.5.1-4
|
||||||
|
- make failure of creation of the ghost files in /var non-fatal
|
||||||
|
|
||||||
|
* Mon Sep 5 2016 Tomáš Mráz <tmraz@redhat.com> - 1.5.1-3
|
||||||
|
- on some machines the power supply is named ADP0
|
||||||
|
|
||||||
|
* Tue Aug 23 2016 Tomáš Mráz <tmraz@redhat.com> - 1.5.1-2
|
||||||
|
- query power status directly from kernel
|
||||||
|
|
||||||
|
* Thu Jun 23 2016 Tomáš Mráz <tmraz@redhat.com> - 1.5.1-1
|
||||||
|
- new upstream release
|
||||||
|
|
||||||
|
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jul 13 2015 Tomáš Mráz <tmraz@redhat.com> - 1.5.0-3
|
||||||
|
- the temp file name used by crontab needs to be ignored by crond
|
||||||
|
|
||||||
|
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu May 28 2015 Tomáš Mráz <tmraz@redhat.com> - 1.5.0-1
|
||||||
|
- new upstream release
|
||||||
|
|
||||||
|
* Tue Apr 21 2015 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-6
|
||||||
|
- mark the 0hourly and dailyjobs crontabs as config
|
||||||
|
- do not add already existing orphan on reload
|
||||||
|
|
||||||
|
* Tue Feb 3 2015 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-5
|
||||||
|
- correct the permissions of the anacron timestamp files
|
||||||
|
|
||||||
|
* Fri Jan 2 2015 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-4
|
||||||
|
- check for NULL pamh on two more places (#1176215)
|
||||||
|
|
||||||
|
* Tue Dec 2 2014 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-3
|
||||||
|
- call PAM only for non-root user or non-system crontabs (#956157)
|
||||||
|
- bypass the PAM check in crontab for root (#1169175)
|
||||||
|
|
||||||
|
* Tue Nov 4 2014 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-2
|
||||||
|
- refresh user entries when jobs are run
|
||||||
|
|
||||||
|
* Wed Sep 17 2014 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.12-1
|
||||||
|
- new release 1.4.12
|
||||||
|
- remove gpl2 license, because it's part of upstream COPYING now
|
||||||
|
|
||||||
|
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.11-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> - 1.4.11-8
|
||||||
|
- fix license handling
|
||||||
|
|
||||||
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.11-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Apr 30 2014 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.11-6
|
||||||
|
- unwanted fd could make trouble to SElinux 1075106
|
||||||
|
|
||||||
|
* Thu Jan 16 2014 Ville Skyttä <ville.skytta@iki.fi> - 1.4.11-5
|
||||||
|
- Drop INSTALL from docs, fix rpmlint tabs vs spaces warning.
|
||||||
|
|
||||||
|
* Wed Sep 25 2013 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.11-4
|
||||||
|
- some jobs are not executed because not all environment variables are set 995590
|
||||||
|
- cronie's systemd script use "KillMode=process" 919290
|
||||||
|
|
||||||
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.11-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jul 22 2013 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.11-2
|
||||||
|
- scriptlets are not created correctly if systemd is not in BR 986698
|
||||||
|
- remove sub-package sysvinit, which is not needed anymore
|
||||||
|
- update license, anacron is under GPLv2+
|
||||||
|
|
||||||
|
* Thu Jul 18 2013 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.11-1
|
||||||
|
- new release 1.4.11 (contains previous bug fixes from 1.4.10-5)
|
||||||
|
|
||||||
|
* Tue Jun 11 2013 Tomáš Mráz <tmraz@redhat.com> - 1.4.10-5
|
||||||
|
- add support for RANDOM_DELAY - delaying job startups
|
||||||
|
- pass some environment variables to processes (LANG, etc.) (#969761)
|
||||||
|
- do not use putenv() with string literals (#971516)
|
||||||
|
|
||||||
|
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.10-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jan 2 2013 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.10-3
|
||||||
|
- change configuration files to 644
|
||||||
|
- change 6755 to 4755 for crontab binary
|
||||||
|
|
||||||
|
* Tue Nov 27 2012 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.10-1
|
||||||
|
- New release 1.4.10
|
||||||
|
|
||||||
|
* Thu Nov 22 2012 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.9-1
|
||||||
|
- New release 1.4.9
|
||||||
|
|
||||||
|
* Wed Sep 05 2012 Václav Pavlín <vpavlin@redhat.com> - 1.4.8-13
|
||||||
|
- Scriptlets replaced with new systemd macros (#850070)
|
||||||
|
|
||||||
|
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.8-12
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.8-11
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Oct 26 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.8-10
|
||||||
|
- Rebuilt for glibc bug#747377
|
||||||
|
|
||||||
|
* Tue Oct 25 2011 Tomáš Mráz <tmraz@redhat.com> - 1.4.8-9
|
||||||
|
- make crond run a little bit later in the boot process (#747759)
|
||||||
|
|
||||||
|
* Mon Oct 17 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.8-8
|
||||||
|
- change triggerun to fix 735802 during upgrade
|
||||||
|
|
||||||
|
* Wed Jul 27 2011 Karsten Hopp <karsten@redhat.com> 1.4.8-7
|
||||||
|
- rebuild again, ppc still had the broken rpm in the buildroots
|
||||||
|
|
||||||
|
* Thu Jul 21 2011 Rex Dieter <rdieter@fedoraproject.org> 1.4.8-6
|
||||||
|
- rebuild (broken rpm in buildroot)
|
||||||
|
|
||||||
|
* Thu Jul 21 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.8-5
|
||||||
|
- fix permission of init.d/crond
|
||||||
|
|
||||||
|
* Thu Jun 30 2011 Tomáš Mráz <tmraz@redhat.com> - 1.4.8-4
|
||||||
|
- drop the without systemd build condition
|
||||||
|
- add the chkconfig readding trigger to the sysvinit subpackage
|
||||||
|
|
||||||
|
* Wed Jun 29 2011 Tomáš Mráz <tmraz@redhat.com> - 1.4.8-3
|
||||||
|
- start crond after auditd
|
||||||
|
|
||||||
|
* Wed Jun 29 2011 Tomáš Mráz <tmraz@redhat.com> - 1.4.8-2
|
||||||
|
- fix inotify support to not leak fds (#717505)
|
||||||
|
|
||||||
|
* Tue Jun 28 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.8-1
|
||||||
|
- update to 1.4.8
|
||||||
|
- create sub-package sysvinit for initscript
|
||||||
|
|
||||||
|
* Mon May 9 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.7-3
|
||||||
|
- missing requirement on systemd-sysv for scriptlets
|
||||||
|
|
||||||
|
* Thu May 05 2011 Tomáš Mráz <tmraz@redhat.com> - 1.4.7-2
|
||||||
|
- use only systemd units with systemd
|
||||||
|
- add trigger for restart on glibc, libselinux or pam upgrades (#699189)
|
||||||
|
|
||||||
|
* Tue Mar 15 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.7-1
|
||||||
|
- new release 1.4.7
|
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.6-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jan 17 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-8
|
||||||
|
- enable crond even with systemctl
|
||||||
|
|
||||||
|
* Thu Dec 16 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-7
|
||||||
|
- 663193 rewritten selinux support
|
||||||
|
|
||||||
|
* Wed Dec 15 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-6
|
||||||
|
- apply selinux patch from dwalsh
|
||||||
|
|
||||||
|
* Fri Dec 10 2010 Tomas Mraz <tmraz@redhat.com> - 1.4.6-5
|
||||||
|
- do not lock jobs that fall out of allowed range - 661966
|
||||||
|
|
||||||
|
* Thu Dec 02 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-4
|
||||||
|
- fix post (thanks plautrba for review)
|
||||||
|
|
||||||
|
* Tue Nov 30 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-3
|
||||||
|
- systemd init script 617320
|
||||||
|
|
||||||
|
* Tue Nov 30 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-2
|
||||||
|
- fix typos in man pages
|
||||||
|
|
||||||
|
* Fri Oct 22 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.6-1
|
||||||
|
- update to 1.4.6
|
||||||
|
|
||||||
|
* Fri Aug 13 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.5-4
|
||||||
|
- 623908 fix fd leak in anacron, which caused denail of prelink
|
||||||
|
and others
|
||||||
|
|
||||||
|
* Mon Aug 9 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.5-2
|
||||||
|
- remove sendmail from requirements. If it's not installed, it will
|
||||||
|
log into (r)syslog.
|
||||||
|
|
||||||
|
* Mon Aug 2 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.5-1
|
||||||
|
- update to new release
|
||||||
|
|
||||||
|
* Fri Feb 19 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.4-1
|
||||||
|
- update to new release
|
||||||
|
|
||||||
|
* Mon Feb 15 2010 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.3-3
|
||||||
|
- 564894 FTBFS DSOLinking
|
||||||
|
|
||||||
|
* Thu Nov 5 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.3-2
|
||||||
|
- 533189 pam needs add a line and selinux needs defined one function
|
||||||
|
|
||||||
|
* Fri Oct 30 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.3-1
|
||||||
|
- 531963 and 532482 creating noanacron package
|
||||||
|
|
||||||
|
* Mon Oct 19 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.2-2
|
||||||
|
- 529632 service crond stop returns appropriate value
|
||||||
|
|
||||||
|
* Mon Oct 12 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.2-1
|
||||||
|
- new release
|
||||||
|
|
||||||
|
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.4.1-3
|
||||||
|
- rebuilt with new audit
|
||||||
|
|
||||||
|
* Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> - 1.4.1-2
|
||||||
|
- create the anacron timestamps in correct post script
|
||||||
|
|
||||||
|
* Fri Aug 14 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.4.1-1
|
||||||
|
- update to 1.4.1
|
||||||
|
- create and own /var/spool/anacron/cron.{daily,weekly,monthly} to
|
||||||
|
remove false warning about non existent files
|
||||||
|
- Resolves: 517398
|
||||||
|
|
||||||
|
* Wed Aug 5 2009 Tomas Mraz <tmraz@redhat.com> - 1.4-4
|
||||||
|
- 515762 move anacron provides and obsoletes to the anacron subpackage
|
||||||
|
|
||||||
|
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jul 20 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.4-2
|
||||||
|
- merge cronie and anacron in new release of cronie
|
||||||
|
- obsolete/provide anacron in spec
|
||||||
|
|
||||||
|
* Thu Jun 18 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.3-2
|
||||||
|
- 506560 check return value of access
|
||||||
|
|
||||||
|
* Mon Apr 27 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.3-1
|
||||||
|
- new release
|
||||||
|
|
||||||
|
* Fri Apr 24 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.2-8
|
||||||
|
- 496973 close file descriptors after exec
|
||||||
|
|
||||||
|
* Mon Mar 9 2009 Tomas Mraz <tmraz@redhat.com> - 1.2-7
|
||||||
|
- rebuild
|
||||||
|
|
||||||
|
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Dec 23 2008 Marcela Mašláňová <mmaslano@redhat.com> - 1.2-5
|
||||||
|
- 477100 NO_FOLLOW was removed, reload after change in symlinked
|
||||||
|
crontab is needed, man updated.
|
||||||
|
|
||||||
|
* Fri Oct 24 2008 Marcela Mašláňová <mmaslano@redhat.com> - 1.2-4
|
||||||
|
- update init script
|
||||||
|
|
||||||
|
* Thu Sep 25 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.2-3
|
||||||
|
- add sendmail file into requirement, cause it's needed some MTA
|
||||||
|
|
||||||
|
* Thu Sep 18 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.2-2
|
||||||
|
- 462252 /etc/sysconfig/crond does not need to be executable
|
||||||
|
|
||||||
|
* Thu Jun 26 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.2-1
|
||||||
|
- update to 1.2
|
||||||
|
|
||||||
|
* Tue Jun 17 2008 Tomas Mraz <tmraz@redhat.com> - 1.1-3
|
||||||
|
- fix setting keycreate context
|
||||||
|
- unify logging a bit
|
||||||
|
- cleanup some warnings and fix a typo in TZ code
|
||||||
|
- 450993 improve and fix inotify support
|
||||||
|
|
||||||
|
* Wed Jun 4 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.1-2
|
||||||
|
- 49864 upgrade/update problem. Syntax error in spec.
|
||||||
|
|
||||||
|
* Wed May 28 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.1-1
|
||||||
|
- release 1.1
|
||||||
|
|
||||||
|
* Tue May 20 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.0-6
|
||||||
|
- 446360 check for lock didn't call chkconfig
|
||||||
|
|
||||||
|
* Tue Feb 12 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.0-5
|
||||||
|
- upgrade from less than cronie-1.0-4 didn't add chkconfig
|
||||||
|
|
||||||
|
* Wed Feb 6 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.0-4
|
||||||
|
- 431366 after reboot wasn't cron in chkconfig
|
||||||
|
|
||||||
|
* Tue Feb 5 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.0-3
|
||||||
|
- 431366 trigger part => after update from vixie-cron on cronie will
|
||||||
|
be daemon running.
|
||||||
|
|
||||||
|
* Wed Jan 30 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.0-2
|
||||||
|
- change the provides on higher version than obsoletes
|
||||||
|
|
||||||
|
* Tue Jan 8 2008 Marcela Maslanova <mmaslano@redhat.com> - 1.0-1
|
||||||
|
- packaging cronie
|
||||||
|
- thank's for help with packaging to my reviewers
|
140
fix-memory-leaks.patch
Normal file
140
fix-memory-leaks.patch
Normal file
@ -0,0 +1,140 @@
|
|||||||
|
diff -ru cronie-1.5.2/anacron/readtab.c cronie-1.5.2_patched/anacron/readtab.c
|
||||||
|
--- cronie-1.5.2/anacron/readtab.c 2017-09-14 13:53:21.000000000 +0200
|
||||||
|
+++ cronie-1.5.2_patched/anacron/readtab.c 2018-09-07 15:13:17.752498050 +0200
|
||||||
|
@@ -134,8 +134,19 @@
|
||||||
|
|
||||||
|
var_len = (int)strlen(env_var);
|
||||||
|
val_len = (int)strlen(value);
|
||||||
|
+ if (!var_len) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
er = obstack_alloc(&tab_o, sizeof(env_rec));
|
||||||
|
+ if (er == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
er->assign = obstack_alloc(&tab_o, var_len + 1 + val_len + 1);
|
||||||
|
+ if (er->assign == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
strcpy(er->assign, env_var);
|
||||||
|
er->assign[var_len] = '=';
|
||||||
|
strcpy(er->assign + var_len + 1, value);
|
||||||
|
@@ -167,15 +178,24 @@
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
jr = obstack_alloc(&tab_o, sizeof(job_rec));
|
||||||
|
+ if (jr == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
jr->period = period;
|
||||||
|
jr->named_period = 0;
|
||||||
|
delay += random_number;
|
||||||
|
jr->delay = delay;
|
||||||
|
jr->tab_line = line_num;
|
||||||
|
jr->ident = obstack_alloc(&tab_o, ident_len + 1);
|
||||||
|
+ if (jr->ident == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
strcpy(jr->ident, ident);
|
||||||
|
jr->arg_num = job_arg_num(ident);
|
||||||
|
jr->command = obstack_alloc(&tab_o, command_len + 1);
|
||||||
|
+ if (jr->command == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
strcpy(jr->command, command);
|
||||||
|
jr->job_pid = jr->mailer_pid = 0;
|
||||||
|
if (last_job_rec != NULL) last_job_rec->next = jr;
|
||||||
|
@@ -208,6 +228,9 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
jr = obstack_alloc(&tab_o, sizeof(job_rec));
|
||||||
|
+ if (jr == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
if (!strncmp ("@monthly", periods, 8)) {
|
||||||
|
jr->named_period = 1;
|
||||||
|
} else if (!strncmp("@yearly", periods, 7) || !strncmp("@annually", periods, 9) || !strncmp(/* backwards compat misspelling */"@annualy", periods, 8)) {
|
||||||
|
@@ -225,9 +248,15 @@
|
||||||
|
jr->delay = delay;
|
||||||
|
jr->tab_line = line_num;
|
||||||
|
jr->ident = obstack_alloc(&tab_o, ident_len + 1);
|
||||||
|
+ if (jr->ident == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
strcpy(jr->ident, ident);
|
||||||
|
jr->arg_num = job_arg_num(ident);
|
||||||
|
jr->command = obstack_alloc(&tab_o, command_len + 1);
|
||||||
|
+ if (jr->command == NULL) {
|
||||||
|
+ die_e("Cannot allocate memory.");
|
||||||
|
+ }
|
||||||
|
strcpy(jr->command, command);
|
||||||
|
jr->job_pid = jr->mailer_pid = 0;
|
||||||
|
if (last_job_rec != NULL) last_job_rec->next = jr;
|
||||||
|
diff -ru cronie-1.5.2/anacron/runjob.c cronie-1.5.2_patched/anacron/runjob.c
|
||||||
|
--- cronie-1.5.2/anacron/runjob.c 2018-01-24 17:02:33.000000000 +0100
|
||||||
|
+++ cronie-1.5.2_patched/anacron/runjob.c 2018-09-07 15:13:17.752498050 +0200
|
||||||
|
@@ -104,9 +104,44 @@
|
||||||
|
static void
|
||||||
|
xputenv(const char *s)
|
||||||
|
{
|
||||||
|
- char *copy = strdup (s);
|
||||||
|
- if (!copy) die_e("Not enough memory to set the environment");
|
||||||
|
- if (putenv(copy)) die_e("Can't set the environment");
|
||||||
|
+ char *name = NULL, *val = NULL;
|
||||||
|
+ char *eq_ptr;
|
||||||
|
+ const char *errmsg;
|
||||||
|
+ size_t eq_index;
|
||||||
|
+
|
||||||
|
+ if (s == NULL) {
|
||||||
|
+ die_e("Invalid environment string");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ eq_ptr = strchr(s, '=');
|
||||||
|
+ if (eq_ptr == NULL) {
|
||||||
|
+ die_e("Invalid environment string");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ eq_index = (size_t) (eq_ptr - s);
|
||||||
|
+
|
||||||
|
+ name = malloc((eq_index + 1) * sizeof(char));
|
||||||
|
+ if (name == NULL) {
|
||||||
|
+ die_e("Not enough memory to set the environment");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ val = malloc((strlen(s) - eq_index) * sizeof(char));
|
||||||
|
+ if (val == NULL) {
|
||||||
|
+ die_e("Not enough memory to set the environment");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ strncpy(name, s, eq_index);
|
||||||
|
+ name[eq_index] = '\0';
|
||||||
|
+ strcpy(val, s + eq_index + 1);
|
||||||
|
+
|
||||||
|
+ if (setenv(name, val, 1)) {
|
||||||
|
+ die_e("Can't set the environment");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ free(name);
|
||||||
|
+ free(val);
|
||||||
|
+ return;
|
||||||
|
+
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
diff -ru cronie-1.5.2/src/entry.c cronie-1.5.2_patched/src/entry.c
|
||||||
|
--- cronie-1.5.2/src/entry.c 2017-09-14 13:53:21.000000000 +0200
|
||||||
|
+++ cronie-1.5.2_patched/src/entry.c 2018-09-07 15:13:17.752498050 +0200
|
||||||
|
@@ -131,8 +131,10 @@
|
||||||
|
goto eof;
|
||||||
|
}
|
||||||
|
ch = get_char(file);
|
||||||
|
- if (ch == EOF)
|
||||||
|
+ if (ch == EOF) {
|
||||||
|
+ free(e);
|
||||||
|
return NULL;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ch == '@') {
|
117
fix-unsafe-code.patch
Normal file
117
fix-unsafe-code.patch
Normal file
@ -0,0 +1,117 @@
|
|||||||
|
diff -ru cronie-1.5.2/src/cronnext.c cronie-1.5.2_patched/src/cronnext.c
|
||||||
|
--- cronie-1.5.2/src/cronnext.c 2018-05-03 18:41:12.000000000 +0200
|
||||||
|
+++ cronie-1.5.2_patched/src/cronnext.c 2018-09-07 15:17:54.555924440 +0200
|
||||||
|
@@ -71,13 +71,13 @@
|
||||||
|
/*
|
||||||
|
* print entry flags
|
||||||
|
*/
|
||||||
|
-char *flagname[]= {
|
||||||
|
- [MIN_STAR] = "MIN_STAR",
|
||||||
|
- [HR_STAR] = "HR_STAR",
|
||||||
|
- [DOM_STAR] = "DOM_STAR",
|
||||||
|
- [DOW_STAR] = "DOW_STAR",
|
||||||
|
- [WHEN_REBOOT] = "WHEN_REBOOT",
|
||||||
|
- [DONT_LOG] = "DONT_LOG"
|
||||||
|
+const char *flagname[]= {
|
||||||
|
+ "MIN_STAR",
|
||||||
|
+ "HR_STAR",
|
||||||
|
+ "DOM_STAR",
|
||||||
|
+ "DOW_STAR",
|
||||||
|
+ "WHEN_REBOOT",
|
||||||
|
+ "DONT_LOG"
|
||||||
|
};
|
||||||
|
|
||||||
|
void printflags(char *indent, int flags) {
|
||||||
|
@@ -85,8 +85,8 @@
|
||||||
|
int first = 1;
|
||||||
|
|
||||||
|
printf("%s flagnames:", indent);
|
||||||
|
- for (f = 1; f < sizeof(flagname); f = f << 1)
|
||||||
|
- if (flags & f) {
|
||||||
|
+ for (f = 0; f < sizeof(flagname)/sizeof(char *); f++)
|
||||||
|
+ if (flags & (int)1 << f) {
|
||||||
|
printf("%s%s", first ? " " : "|", flagname[f]);
|
||||||
|
first = 0;
|
||||||
|
}
|
||||||
|
diff -ru cronie-1.5.2/src/do_command.c cronie-1.5.2_patched/src/do_command.c
|
||||||
|
--- cronie-1.5.2/src/do_command.c 2017-09-14 13:53:21.000000000 +0200
|
||||||
|
+++ cronie-1.5.2_patched/src/do_command.c 2018-09-07 15:17:54.555924440 +0200
|
||||||
|
@@ -418,7 +418,7 @@
|
||||||
|
if (mailto && safe_p(usernm, mailto)
|
||||||
|
&& strncmp(MailCmd,"off",3) && !SyslogOutput) {
|
||||||
|
char **env;
|
||||||
|
- char mailcmd[MAX_COMMAND];
|
||||||
|
+ char mailcmd[MAX_COMMAND+1]; /* +1 for terminator */
|
||||||
|
char hostname[MAXHOSTNAMELEN];
|
||||||
|
char *content_type = env_get("CONTENT_TYPE", jobenv),
|
||||||
|
*content_transfer_encoding =
|
||||||
|
@@ -434,7 +434,7 @@
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
- strncpy(mailcmd, MailCmd, MAX_COMMAND);
|
||||||
|
+ strncpy(mailcmd, MailCmd, MAX_COMMAND+1);
|
||||||
|
}
|
||||||
|
if (!(mail = cron_popen(mailcmd, "w", e->pwd, jobenv))) {
|
||||||
|
perror(mailcmd);
|
||||||
|
diff -ru cronie-1.5.2/src/env.c cronie-1.5.2_patched/src/env.c
|
||||||
|
--- cronie-1.5.2/src/env.c 2017-09-14 13:53:21.000000000 +0200
|
||||||
|
+++ cronie-1.5.2_patched/src/env.c 2018-09-07 15:17:54.554924435 +0200
|
||||||
|
@@ -63,7 +63,7 @@
|
||||||
|
for (i = 0; i < count; i++)
|
||||||
|
if ((p[i] = strdup(envp[i])) == NULL) {
|
||||||
|
save_errno = errno;
|
||||||
|
- while (--i >= 0)
|
||||||
|
+ while (i-- > 0)
|
||||||
|
free(p[i]);
|
||||||
|
free(p);
|
||||||
|
errno = save_errno;
|
||||||
|
@@ -263,7 +263,9 @@
|
||||||
|
}
|
||||||
|
if (state != FINI && state != EQ2 && !(state == VALUE && !quotechar)) {
|
||||||
|
Debug(DPARS, ("load_env, not an env var, state = %d\n", state));
|
||||||
|
- fseek(f, filepos, 0);
|
||||||
|
+ if (fseek(f, filepos, 0)) {
|
||||||
|
+ return ERR;
|
||||||
|
+ }
|
||||||
|
Set_LineNum(fileline);
|
||||||
|
return (FALSE);
|
||||||
|
}
|
||||||
|
diff -ru cronie-1.5.2/src/globals.h cronie-1.5.2_patched/src/globals.h
|
||||||
|
--- cronie-1.5.2/src/globals.h 2017-01-17 16:53:50.000000000 +0100
|
||||||
|
+++ cronie-1.5.2_patched/src/globals.h 2018-09-07 15:17:54.555924440 +0200
|
||||||
|
@@ -77,7 +77,7 @@
|
||||||
|
XTRN time_t StartTime;
|
||||||
|
XTRN int NoFork;
|
||||||
|
XTRN int PermitAnyCrontab;
|
||||||
|
-XTRN char MailCmd[MAX_COMMAND];
|
||||||
|
+XTRN char MailCmd[MAX_COMMAND+1]; /* +1 for terminator */
|
||||||
|
XTRN char cron_default_mail_charset[MAX_ENVSTR];
|
||||||
|
XTRN int EnableClustering;
|
||||||
|
XTRN int ChangePath;
|
||||||
|
diff -ru cronie-1.5.2/src/security.c cronie-1.5.2_patched/src/security.c
|
||||||
|
--- cronie-1.5.2/src/security.c 2017-09-14 13:29:47.000000000 +0200
|
||||||
|
+++ cronie-1.5.2_patched/src/security.c 2018-09-07 15:17:54.554924435 +0200
|
||||||
|
@@ -417,7 +417,7 @@
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (strcmp(u->scontext, ucontext)) {
|
||||||
|
+ if (!ucontext || strcmp(u->scontext, ucontext)) {
|
||||||
|
if (!cron_authorize_range(u->scontext, ucontext)) {
|
||||||
|
if (security_getenforce() > 0) {
|
||||||
|
# ifdef WITH_AUDIT
|
||||||
|
diff -ru cronie-1.5.2/src/user.c cronie-1.5.2_patched/src/user.c
|
||||||
|
--- cronie-1.5.2/src/user.c 2017-01-17 16:53:50.000000000 +0100
|
||||||
|
+++ cronie-1.5.2_patched/src/user.c 2018-09-07 15:17:54.555924440 +0200
|
||||||
|
@@ -44,6 +44,10 @@
|
||||||
|
free_user (user * u) {
|
||||||
|
entry *e, *ne;
|
||||||
|
|
||||||
|
+ if (!u) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
free(u->name);
|
||||||
|
free(u->tabname);
|
||||||
|
for (e = u->crontab; e != NULL; e = ne) {
|
Loading…
Reference in New Issue
Block a user