rpms/at
6
0
Fork 0
Code Issues Pull Requests Releases Activity

new upstream release

Browse Source 
- correct the DST correction when using UTC time specification (#1320322)
This commit is contained in:
Tomas Mraz 2016-03-23 15:24:03 +01:00
parent 2f9ec0f869
commit 4e99767fd3
10 changed files with 170 additions and 397 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -5,3 +5,4 @@ at_3.1.12.orig.tar.gz
/at_3.1.13.orig.tar.gz
/at_3.1.14.orig.tar.gz
/at_3.1.16.orig.tar.gz
/at_3.1.18.orig.tar.gz

154
at-3.1.14-selinux.patch
View File

@ -1,154 +0,0 @@
diff -up at-3.1.14/config.h.in.selinux at-3.1.14/config.h.in
--- at-3.1.14/config.h.in.selinux 2013-09-26 15:06:55.177049852 +0200
+++ at-3.1.14/config.h.in 2013-09-26 15:06:55.180049850 +0200
@@ -71,6 +71,9 @@
/* Define if you are building with_pam */
#undef WITH_PAM
+/* Define if you are building with_selinux */
+#undef WITH_SELINUX
+
/* Define to 1 if you have the `pstat_getdynamic' function. */
#undef HAVE_PSTAT_GETDYNAMIC
diff -up at-3.1.14/configure.ac.selinux at-3.1.14/configure.ac
--- at-3.1.14/configure.ac.selinux 2013-09-26 15:06:55.178049851 +0200
+++ at-3.1.14/configure.ac 2013-09-26 15:06:55.180049850 +0200
@@ -246,6 +246,14 @@ AC_DEFINE(WITH_PAM),
AC_CHECK_LIB(pam, pam_start, PAMLIB='-lpam -lpam_misc')
AC_SUBST(PAMLIB)
+AC_ARG_WITH(selinux,
+[ --with-selinux Define to run with selinux],
+AC_DEFINE(WITH_SELINUX),
+)
+AC_CHECK_LIB(selinux, is_selinux_enabled, SELINUXLIB=-lselinux)
+AC_SUBST(SELINUXLIB)
+AC_SUBST(WITH_SELINUX)
+
AC_MSG_CHECKING(groupname to run under)
AC_ARG_WITH(daemon_groupname,
[ --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) ],
diff -up at-3.1.14/Makefile.in.selinux at-3.1.14/Makefile.in
--- at-3.1.14/Makefile.in.selinux 2013-09-26 15:06:55.175049853 +0200
+++ at-3.1.14/Makefile.in 2013-09-26 15:06:55.180049850 +0200
@@ -40,6 +40,7 @@ LIBS = @LIBS@
LIBOBJS = @LIBOBJS@
INSTALL = @INSTALL@
PAMLIB = @PAMLIB@
+SELINUXLIB = @SELINUXLIB@
CLONES = atq atrm
ATOBJECTS = at.o panic.o perm.o posixtm.o y.tab.o lex.yy.o
diff -up at-3.1.14/atd.c.selinux2 at-3.1.14/atd.c
--- at-3.1.14/atd.c.selinux2 2013-12-04 11:27:28.729005384 +0100
+++ at-3.1.14/atd.c 2013-12-04 11:30:17.709091150 +0100
@@ -83,6 +83,14 @@
#include "getloadavg.h"
#endif
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/get_context_list.h>
+int selinux_enabled=0;
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+#endif
+
#ifndef LOG_ATD
#define LOG_ATD LOG_DAEMON
#endif
@@ -191,6 +199,68 @@ myfork()
#define fork myfork
#endif
+#ifdef WITH_SELINUX
+static int set_selinux_context(const char *name, const char *filename) {
+ security_context_t user_context=NULL;
+ security_context_t file_context=NULL;
+ struct av_decision avd;
+ int retval=-1;
+ char *seuser=NULL;
+ char *level=NULL;
+
+ if (getseuserbyname(name, &seuser, &level) == 0) {
+ retval=get_default_context_with_level(seuser, level, NULL, &user_context);
+ free(seuser);
+ free(level);
+ if (retval) {
+ if (security_getenforce()==1) {
+ perr("execle: couldn't get security context for user %s\n", name);
+ } else {
+ syslog(LOG_ERR, "execle: couldn't get security context for user %s\n", name);
+ return -1;
+ }
+ }
+ }
+
+ /*
+ * Since crontab files are not directly executed,
+ * crond must ensure that the crontab file has
+ * a context that is appropriate for the context of
+ * the user cron job. It performs an entrypoint
+ * permission check for this purpose.
+ */
+ if (fgetfilecon(STDIN_FILENO, &file_context) < 0)
+ perr("fgetfilecon FAILED %s", filename);
+
+ retval = security_compute_av(user_context,
+ file_context,
+ SECCLASS_FILE,
+ FILE__ENTRYPOINT,
+ &avd);
+ freecon(file_context);
+ if (retval || ((FILE__ENTRYPOINT & avd.allowed) != FILE__ENTRYPOINT)) {
+ if (security_getenforce()==1) {
+ perr("Not allowed to set exec context to %s for user %s\n", user_context,name);
+ } else {
+ syslog(LOG_ERR, "Not allowed to set exec context to %s for user %s\n", user_context,name);
+ retval = -1;
+ goto err;
+ }
+ }
+ if (setexeccon(user_context) < 0) {
+ if (security_getenforce()==1) {
+ perr("Could not set exec context to %s for user %s\n", user_context,name);
+ retval = -1;
+ } else {
+ syslog(LOG_ERR, "Could not set exec context to %s for user %s\n", user_context,name);
+ }
+ }
+ err:
+ freecon(user_context);
+ return 0;
+}
+#endif
+
static void
run_file(const char *filename, uid_t uid, gid_t gid)
{
@@ -419,6 +489,13 @@ run_file(const char *filename, uid_t uid
nice((tolower((int) queue) - 'a' + 1) * 2);
+#ifdef WITH_SELINUX
+ if (selinux_enabled > 0) {
+ if (set_selinux_context(pentry->pw_name, filename) < 0)
+ perr("SELinux Failed to set context\n");
+ }
+#endif
+
if (initgroups(pentry->pw_name, pentry->pw_gid))
perr("Cannot initialize the supplementary group access list");
@@ -712,6 +789,10 @@ main(int argc, char *argv[])
struct passwd *pwe;
struct group *ge;
+#ifdef WITH_SELINUX
+ selinux_enabled=is_selinux_enabled();
+#endif
+
/* We don't need root privileges all the time; running under uid and gid
* daemon is fine.
*/

157
at-3.1.16-noabort.patch
View File

@ -1,157 +0,0 @@
diff -up at-3.1.16/atd.c.noabort at-3.1.16/atd.c
--- at-3.1.16/atd.c.noabort 2014-10-02 11:08:26.000000000 +0200
+++ at-3.1.16/atd.c 2014-11-06 16:07:54.851652541 +0100
@@ -221,7 +221,7 @@ static int set_selinux_context(const cha
security_context_t user_context=NULL;
security_context_t file_context=NULL;
struct av_decision avd;
- int retval=-1;
+ int retval=0;
char *seuser=NULL;
char *level=NULL;
@@ -230,12 +230,9 @@ static int set_selinux_context(const cha
free(seuser);
free(level);
if (retval) {
- if (security_getenforce()==1) {
- perr("execle: couldn't get security context for user %s\n", name);
- } else {
- syslog(LOG_ERR, "execle: couldn't get security context for user %s\n", name);
- return -1;
- }
+ lerr("execle: couldn't get security context for user %s\n", name);
+ retval = -1;
+ goto err;
}
}
@@ -246,8 +243,11 @@ static int set_selinux_context(const cha
* the user cron job. It performs an entrypoint
* permission check for this purpose.
*/
- if (fgetfilecon(STDIN_FILENO, &file_context) < 0)
- perr("fgetfilecon FAILED %s", filename);
+ if (fgetfilecon(STDIN_FILENO, &file_context) < 0) {
+ lerr("fgetfilecon FAILED %s", filename);
+ retval = -1;
+ goto err;
+ }
retval = security_compute_av(user_context,
file_context,
@@ -256,25 +256,21 @@ static int set_selinux_context(const cha
&avd);
freecon(file_context);
if (retval || ((FILE__ENTRYPOINT & avd.allowed) != FILE__ENTRYPOINT)) {
- if (security_getenforce()==1) {
- perr("Not allowed to set exec context to %s for user %s\n", user_context,name);
- } else {
- syslog(LOG_ERR, "Not allowed to set exec context to %s for user %s\n", user_context,name);
- retval = -1;
- goto err;
- }
+ lerr("Not allowed to set exec context to %s for user %s\n", user_context,name);
+ retval = -1;
+ goto err;
}
if (setexeccon(user_context) < 0) {
- if (security_getenforce()==1) {
- perr("Could not set exec context to %s for user %s\n", user_context,name);
- retval = -1;
- } else {
- syslog(LOG_ERR, "Could not set exec context to %s for user %s\n", user_context,name);
- }
+ lerr("Could not set exec context to %s for user %s\n", user_context,name);
+ retval = -1;
+ goto err;
}
err:
- freecon(user_context);
- return 0;
+ if (retval < 0 && security_getenforce() != 1)
+ retval = 0;
+ if (user_context)
+ freecon(user_context);
+ return retval;
}
#endif
@@ -347,9 +343,12 @@ run_file(const char *filename, uid_t uid
*/
pid = fork();
- if (pid == -1)
- perr("Cannot fork");
-
+ if (pid == -1) {
+ lerr("Cannot fork for job execution");
+ free(mailname);
+ free(newname);
+ return;
+ }
else if (pid != 0) {
free(mailname);
free(newname);
@@ -667,15 +666,19 @@ run_loop()
* up.
*/
- if (stat(".", &buf) == -1)
- perr("Cannot stat " ATJOB_DIR);
+ if (stat(".", &buf) == -1) {
+ lerr("Cannot stat " ATJOB_DIR);
+ return next_job;
+ }
if (nothing_to_do && buf.st_mtime <= last_chg)
return next_job;
last_chg = buf.st_mtime;
- if ((spool = opendir(".")) == NULL)
- perr("Cannot read " ATJOB_DIR);
+ if ((spool = opendir(".")) == NULL) {
+ lerr("Cannot read " ATJOB_DIR);
+ return next_job;
+ }
run_batch = 0;
nothing_to_do = 1;
diff -up at-3.1.16/daemon.c.noabort at-3.1.16/daemon.c
--- at-3.1.16/daemon.c.noabort 2014-09-30 08:29:02.000000000 +0200
+++ at-3.1.16/daemon.c 2014-11-06 15:37:22.109277583 +0100
@@ -83,6 +83,22 @@ perr(const char *fmt,...)
}
void
+lerr(const char *fmt,...)
+{
+ char buf[1024];
+ va_list args;
+
+ va_start(args, fmt);
+ vsnprintf(buf, sizeof(buf), fmt, args);
+ va_end(args);
+
+ if (daemon_debug) {
+ perror(buf);
+ } else
+ syslog(LOG_ERR, "%s: %m", buf);
+}
+
+void
pabort(const char *fmt,...)
{
char buf[1024];
diff -up at-3.1.16/daemon.h.noabort at-3.1.16/daemon.h
--- at-3.1.16/daemon.h.noabort 2014-09-30 08:29:02.000000000 +0200
+++ at-3.1.16/daemon.h 2014-11-06 15:36:10.461660104 +0100
@@ -13,5 +13,8 @@ __attribute__((noreturn))
#endif
perr (const char *fmt, ...);
+void
+lerr (const char *fmt, ...);
+
extern int daemon_debug;
extern int daemon_foreground;

26
at-3.1.14-makefile.patch → at-3.1.18-make.patch
View File

@ -1,23 +1,23 @@
diff -up at-3.1.14/Makefile.in.make at-3.1.14/Makefile.in
--- at-3.1.14/Makefile.in.make 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/Makefile.in 2013-09-19 16:48:03.605192754 +0200
@@ -67,13 +67,13 @@ LIST = Filelist Filelist.asc
diff -up at-3.1.18/Makefile.in.make at-3.1.18/Makefile.in
--- at-3.1.18/Makefile.in.make 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/Makefile.in 2016-03-23 12:38:15.652898579 +0100
@@ -68,13 +68,13 @@ LIST = Filelist Filelist.asc
all: at atd atd.service atrun
at: $(ATOBJECTS)
- $(CC) $(LDFLAGS) -o at $(ATOBJECTS) $(LIBS) $(LEXLIB)
+ $(CC) $(LDFLAGS) -o at -pie $(ATOBJECTS) $(LIBS) $(LEXLIB) $(SELINUXLIB) $(PAMLIB)
+ $(CC) $(LDFLAGS) -pie -o at $(ATOBJECTS) $(LIBS) $(LEXLIB)
rm -f $(CLONES)
$(LN_S) -f at atq
$(LN_S) -f at atrm
atd: $(RUNOBJECTS)
- $(CC) $(LDFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB)
+ $(CC) $(LDFLAGS) -o atd -pie $(RUNOBJECTS) $(LIBS) $(SELINUXLIB) $(PAMLIB)
- $(CC) $(LDFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB) $(SELINUXLIB)
+ $(CC) $(LDFLAGS) -pie -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB) $(SELINUXLIB)
y.tab.c y.tab.h: parsetime.y
$(YACC) -d parsetime.y
@@ -88,38 +88,41 @@ atrun: atrun.in
@@ -89,38 +89,41 @@ atrun: atrun.in
configure
.c.o:
@ -32,11 +32,11 @@ diff -up at-3.1.14/Makefile.in.make at-3.1.14/Makefile.in
- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(atdocdir)
- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)
- chmod 1770 $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)
+ $(INSTALL) root -m 755 -d $(IROOT)$(etcdir)
+ $(INSTALL) root -m 755 -d $(IROOT)$(bindir)
+ $(INSTALL) root -m 755 -d $(IROOT)$(sbindir)
+ $(INSTALL) root -m 755 -d $(IROOT)$(docdir)
+ $(INSTALL) root -m 755 -d $(IROOT)$(atdocdir)
+ $(INSTALL) -m 755 -d $(IROOT)$(etcdir)
+ $(INSTALL) -m 755 -d $(IROOT)$(bindir)
+ $(INSTALL) -m 755 -d $(IROOT)$(sbindir)
+ $(INSTALL) -m 755 -d $(IROOT)$(docdir)
+ $(INSTALL) -m 755 -d $(IROOT)$(atdocdir)
+ $(INSTALL) -m 755 -d $(IROOT)$(etcdir)/pam.d/
+ $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR)
+ chmod 700 $(IROOT)$(ATJOB_DIR) $(IROOT)$(ATSPOOL_DIR)

44
at-3.1.14-nitpicks.patch → at-3.1.18-nitpicks.patch
View File

@ -1,19 +1,7 @@
diff -up at-3.1.14/at.1.in.nit at-3.1.14/at.1.in
--- at-3.1.14/at.1.in.nit 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/at.1.in 2013-12-04 11:36:29.737279969 +0100
@@ -204,7 +204,7 @@ queue for
.BR batch .
Queues with higher letters run with increased niceness. The special
queue "=" is reserved for jobs which are currently running.
-.P
+
If a job is submitted to a queue designated with an uppercase letter, the
job is treated as if it were submitted to batch at the time of the job.
Once the time is reached, the batch processing rules with respect to load
diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
--- at-3.1.14/atd.c.nit 2013-12-04 11:36:29.733279967 +0100
+++ at-3.1.14/atd.c 2013-12-04 11:38:44.551247496 +0100
@@ -198,6 +198,18 @@ myfork()
diff -up at-3.1.18/atd.c.nit at-3.1.18/atd.c
--- at-3.1.18/atd.c.nit 2016-03-23 12:46:49.222277787 +0100
+++ at-3.1.18/atd.c 2016-03-23 12:47:50.521639804 +0100
@@ -196,6 +196,18 @@ myfork()
#define fork myfork
#endif
@ -31,8 +19,8 @@ diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
+#endif
#ifdef WITH_SELINUX
static int set_selinux_context(const char *name, const char *filename) {
@@ -337,6 +349,9 @@ run_file(const char *filename, uid_t uid
static int
@@ -339,6 +351,9 @@ run_file(const char *filename, uid_t uid
free(newname);
return;
}
@ -42,7 +30,7 @@ diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
/* Let's see who we mail to. Hopefully, we can read it from
* the command file; if not, send it to the owner, or, failing that,
* to root.
@@ -505,6 +520,9 @@ run_file(const char *filename, uid_t uid
@@ -507,6 +522,9 @@ run_file(const char *filename, uid_t uid
if (setuid(uid) < 0)
perr("Cannot set user id");
@ -52,7 +40,7 @@ diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
chdir("/");
execle("/bin/sh", "sh", (char *) NULL, nenvp);
@@ -570,6 +588,9 @@ run_file(const char *filename, uid_t uid
@@ -572,6 +590,9 @@ run_file(const char *filename, uid_t uid
if (setuid(uid) < 0)
perr("Cannot set user id");
@ -62,7 +50,7 @@ diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
chdir ("/");
#if defined(SENDMAIL)
@@ -697,6 +718,7 @@ run_loop()
@@ -699,6 +720,7 @@ run_loop()
* Let's remove the lockfile and reschedule.
*/
strncpy(lock_name, dirent->d_name, sizeof(lock_name));
@ -70,7 +58,7 @@ diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
lock_name[0] = '=';
unlink(lock_name);
next_job = now;
@@ -731,6 +753,7 @@ run_loop()
@@ -733,6 +755,7 @@ run_loop()
run_batch++;
if (strcmp(batch_name, dirent->d_name) > 0) {
strncpy(batch_name, dirent->d_name, sizeof(batch_name));
@ -78,3 +66,15 @@ diff -up at-3.1.14/atd.c.nit at-3.1.14/atd.c
batch_uid = buf.st_uid;
batch_gid = buf.st_gid;
batch_queue = queue;
diff -up at-3.1.18/at.1.in.nit at-3.1.18/at.1.in
--- at-3.1.18/at.1.in.nit 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/at.1.in 2016-03-23 12:46:49.226277876 +0100
@@ -210,7 +210,7 @@ queue for
.BR batch .
Queues with higher letters run with increased niceness. The special
queue "=" is reserved for jobs which are currently running.
-.P
+
If a job is submitted to a queue designated with an uppercase letter, the
job is treated as if it were submitted to batch at the time of the job.
Once the time is reached, the batch processing rules with respect to load

43
at-3.1.18-noabort.patch Normal file
View File

@ -0,0 +1,43 @@
diff -up at-3.1.18/atd.c.noabort at-3.1.18/atd.c
--- at-3.1.18/atd.c.noabort 2016-03-23 12:49:15.147520116 +0100
+++ at-3.1.18/atd.c 2016-03-23 12:49:15.148520138 +0100
@@ -349,9 +349,12 @@ run_file(const char *filename, uid_t uid
*/
pid = fork();
- if (pid == -1)
- perr("Cannot fork");
-
+ if (pid == -1) {
+ lerr("Cannot fork for job execution");
+ free(mailname);
+ free(newname);
+ return;
+ }
else if (pid != 0) {
free(mailname);
free(newname);
@@ -669,15 +672,19 @@ run_loop()
* up.
*/
- if (stat(".", &buf) == -1)
- perr("Cannot stat " ATJOB_DIR);
+ if (stat(".", &buf) == -1) {
+ lerr("Cannot stat " ATJOB_DIR);
+ return next_job;
+ }
if (nothing_to_do && buf.st_mtime <= last_chg)
return next_job;
last_chg = buf.st_mtime;
- if ((spool = opendir(".")) == NULL)
- perr("Cannot read " ATJOB_DIR);
+ if ((spool = opendir(".")) == NULL) {
+ lerr("Cannot read " ATJOB_DIR);
+ return next_job;
+ }
run_batch = 0;
nothing_to_do = 1;

94
at-3.1.14-pam.patch → at-3.1.18-pam.patch
View File

@ -1,6 +1,6 @@
diff -up at-3.1.14/at.c.pam at-3.1.14/at.c
--- at-3.1.14/at.c.pam 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/at.c 2013-12-04 11:09:56.165752053 +0100
diff -up at-3.1.18/at.c.pam at-3.1.18/at.c
--- at-3.1.18/at.c.pam 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/at.c 2016-03-23 12:40:10.694447117 +0100
@@ -144,18 +144,13 @@ sigc(int signo)
/* If the user presses ^C, remove the spool file and exit
*/
@ -52,7 +52,7 @@ diff -up at-3.1.14/at.c.pam at-3.1.14/at.c
/* We've successfully created the file; let's set the flag so it
* gets removed in case of an interrupt or error.
*/
@@ -654,7 +642,7 @@ process_jobs(int argc, char **argv, int
@@ -670,7 +658,7 @@ process_jobs(int argc, char **argv, int
We need the unprivileged uid here since the file is owned by the real
(not effective) uid.
*/
@ -61,7 +61,7 @@ diff -up at-3.1.14/at.c.pam at-3.1.14/at.c
if (queue == '=') {
fprintf(stderr, "Warning: deleting running job\n");
@@ -663,8 +651,8 @@ process_jobs(int argc, char **argv, int
@@ -679,8 +667,8 @@ process_jobs(int argc, char **argv, int
perr("Cannot unlink %.500s", dirent->d_name);
rc = EXIT_FAILURE;
}
@ -71,7 +71,7 @@ diff -up at-3.1.14/at.c.pam at-3.1.14/at.c
done = 1;
break;
@@ -674,7 +662,7 @@ process_jobs(int argc, char **argv, int
@@ -690,7 +678,7 @@ process_jobs(int argc, char **argv, int
FILE *fp;
int ch;
@ -80,7 +80,7 @@ diff -up at-3.1.14/at.c.pam at-3.1.14/at.c
fp = fopen(dirent->d_name, "r");
if (fp) {
@@ -687,7 +675,7 @@ process_jobs(int argc, char **argv, int
@@ -703,7 +691,7 @@ process_jobs(int argc, char **argv, int
perr("Cannot open %.500s", dirent->d_name);
rc = EXIT_FAILURE;
}
@ -89,21 +89,21 @@ diff -up at-3.1.14/at.c.pam at-3.1.14/at.c
}
break;
diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
--- at-3.1.14/atd.c.pam 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/atd.c 2013-12-04 11:14:31.780617480 +0100
@@ -83,6 +83,10 @@
#include "getloadavg.h"
#endif
diff -up at-3.1.18/atd.c.pam at-3.1.18/atd.c
--- at-3.1.18/atd.c.pam 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/atd.c 2016-03-23 12:43:31.990906478 +0100
@@ -91,6 +91,10 @@ int selinux_enabled = 0;
/* Macros */
+#ifndef LOG_ATD
+#define LOG_ATD LOG_DAEMON
+#endif
+
/* Macros */
#define BATCH_INTERVAL_DEFAULT 60
@@ -108,7 +112,7 @@ static int run_as_daemon = 0;
#define CHECK_INTERVAL 3600
@@ -114,7 +118,7 @@ static int run_as_daemon = 0;
static volatile sig_atomic_t term_signal = 0;
@ -112,7 +112,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
#include <security/pam_appl.h>
static pam_handle_t *pamh = NULL;
@@ -117,15 +121,7 @@ static const struct pam_conv conv = {
@@ -123,15 +127,7 @@ static const struct pam_conv conv = {
NULL
};
@ -129,7 +129,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
/* Signal handlers */
RETSIGTYPE
@@ -220,7 +216,7 @@ run_file(const char *filename, uid_t uid
@@ -292,7 +288,7 @@ run_file(const char *filename, uid_t uid
char fmt[64];
unsigned long jobno;
int rc;
@ -138,7 +138,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
int retcode;
#endif
@@ -377,17 +373,11 @@ run_file(const char *filename, uid_t uid
@@ -449,17 +445,11 @@ run_file(const char *filename, uid_t uid
fstat(fd_out, &buf);
size = buf.st_size;
@ -161,7 +161,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
#endif
close(STDIN_FILENO);
@@ -401,7 +391,14 @@ run_file(const char *filename, uid_t uid
@@ -473,7 +463,14 @@ run_file(const char *filename, uid_t uid
else if (pid == 0) {
char *nul = NULL;
char **nenvp = &nul;
@ -176,7 +176,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
/* Set up things for the child; we want standard input from the
* input file, and standard output and error sent to our output file.
*/
@@ -420,8 +417,6 @@ run_file(const char *filename, uid_t uid
@@ -492,8 +489,6 @@ run_file(const char *filename, uid_t uid
close(fd_in);
close(fd_out);
@ -184,8 +184,8 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
-
nice((tolower((int) queue) - 'a' + 1) * 2);
if (initgroups(pentry->pw_name, pentry->pw_gid))
@@ -435,9 +430,9 @@ run_file(const char *filename, uid_t uid
#ifdef WITH_SELINUX
@@ -514,9 +509,9 @@ run_file(const char *filename, uid_t uid
chdir("/");
@ -198,7 +198,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
PRIV_END
}
/* We're the parent. Let's wait.
@@ -450,14 +445,6 @@ run_file(const char *filename, uid_t uid
@@ -529,14 +524,6 @@ run_file(const char *filename, uid_t uid
*/
waitpid(pid, (int *) NULL, 0);
@ -213,7 +213,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
/* Send mail. Unlink the output file after opening it, so it
* doesn't hang around after the run.
*/
@@ -488,8 +475,13 @@ run_file(const char *filename, uid_t uid
@@ -567,8 +554,13 @@ run_file(const char *filename, uid_t uid
unlink(newname);
free(newname);
@ -227,7 +227,7 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
PRIV_START
if (initgroups(pentry->pw_name, pentry->pw_gid))
@@ -511,7 +503,20 @@ run_file(const char *filename, uid_t uid
@@ -590,7 +582,20 @@ run_file(const char *filename, uid_t uid
perr("Exec failed for mail command");
PRIV_END
@ -248,9 +248,9 @@ diff -up at-3.1.14/atd.c.pam at-3.1.14/atd.c
exit(EXIT_SUCCESS);
}
diff -up at-3.1.14/config.h.in.pam at-3.1.14/config.h.in
--- at-3.1.14/config.h.in.pam 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/config.h.in 2013-12-04 11:09:56.165752053 +0100
diff -up at-3.1.18/config.h.in.pam at-3.1.18/config.h.in
--- at-3.1.18/config.h.in.pam 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/config.h.in 2016-03-23 12:40:10.695447139 +0100
@@ -68,8 +68,8 @@
/* Define to 1 if you have the <nlist.h> header file. */
#undef HAVE_NLIST_H
@ -262,9 +262,9 @@ diff -up at-3.1.14/config.h.in.pam at-3.1.14/config.h.in
/* Define to 1 if you have the `pstat_getdynamic' function. */
#undef HAVE_PSTAT_GETDYNAMIC
diff -up at-3.1.14/configure.ac.pam at-3.1.14/configure.ac
--- at-3.1.14/configure.ac.pam 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/configure.ac 2013-12-04 11:09:56.165752053 +0100
diff -up at-3.1.18/configure.ac.pam at-3.1.18/configure.ac
--- at-3.1.18/configure.ac.pam 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/configure.ac 2016-03-23 12:45:27.885473913 +0100
@@ -78,7 +78,7 @@ AC_FUNC_GETLOADAVG
AC_CHECK_FUNCS(getcwd mktime strftime setreuid setresuid sigaction waitpid)
AC_CHECK_HEADERS(security/pam_appl.h, [
@ -285,12 +285,24 @@ diff -up at-3.1.14/configure.ac.pam at-3.1.14/configure.ac
+AC_CHECK_LIB(pam, pam_start, PAMLIB='-lpam -lpam_misc')
+AC_SUBST(PAMLIB)
+
AC_MSG_CHECKING(groupname to run under)
AC_ARG_WITH(daemon_groupname,
[ --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) ],
diff -up at-3.1.14/perm.c.pam at-3.1.14/perm.c
--- at-3.1.14/perm.c.pam 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/perm.c 2013-12-04 11:09:56.165752053 +0100
AC_ARG_WITH(selinux,
[ --with-selinux Define to run with selinux],
AC_DEFINE(WITH_SELINUX, 1, [Define if you are building with_selinux]),
diff -up at-3.1.18/Makefile.in.pam at-3.1.18/Makefile.in
--- at-3.1.18/Makefile.in.pam 2016-03-23 12:55:30.000000000 +0100
+++ at-3.1.18/Makefile.in 2016-03-23 12:57:58.347145148 +0100
@@ -68,7 +68,7 @@ LIST = Filelist Filelist.asc
all: at atd atd.service atrun
at: $(ATOBJECTS)
- $(CC) $(LDFLAGS) -pie -o at $(ATOBJECTS) $(LIBS) $(LEXLIB)
+ $(CC) $(LDFLAGS) -pie -o at $(ATOBJECTS) $(LIBS) $(LEXLIB) $(PAMLIB)
rm -f $(CLONES)
$(LN_S) -f at atq
$(LN_S) -f at atrm
diff -up at-3.1.18/perm.c.pam at-3.1.18/perm.c
--- at-3.1.18/perm.c.pam 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/perm.c 2016-03-23 12:40:10.695447139 +0100
@@ -51,6 +51,14 @@
#define PRIV_END while(0)
#endif
@ -355,9 +367,9 @@ diff -up at-3.1.14/perm.c.pam at-3.1.14/perm.c
allow = user_in_file(ETCDIR "/at.allow", pentry->pw_name);
if (allow==0 || allow==1)
return allow;
diff -up at-3.1.14/privs.h.pam at-3.1.14/privs.h
--- at-3.1.14/privs.h.pam 2013-09-08 14:43:53.000000000 +0200
+++ at-3.1.14/privs.h 2013-12-04 11:09:56.166752054 +0100
diff -up at-3.1.18/privs.h.pam at-3.1.18/privs.h
--- at-3.1.18/privs.h.pam 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/privs.h 2016-03-23 12:40:10.695447139 +0100
@@ -144,3 +144,63 @@ extern gid_t real_gid, effective_gid, da
#error "Cannot implement user ID swapping without setreuid or setresuid"
#endif

24
at-3.1.18-utc-dst.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up at-3.1.18/parsetime.y.dst at-3.1.18/parsetime.y
--- at-3.1.18/parsetime.y.dst 2015-12-06 16:45:10.000000000 +0100
+++ at-3.1.18/parsetime.y 2015-07-01 13:53:14.088881926 +0200
@@ -476,8 +476,8 @@ parsetime(time_t currtime, int argc, cha
exectm = *localtime(&currtime);
currtime -= exectm.tm_sec;
exectm.tm_sec = 0;
- exectm.tm_isdst = -1;
memcpy(&currtm,&exectm,sizeof(currtm));
+ exectm.tm_isdst = -1;
time_only = 0;
yearspec = 0;
@@ -503,8 +503,8 @@ parsetime(time_t currtime, int argc, cha
return 0;
if (isgmt) {
exectime -= timezone;
- if (currtm.tm_isdst && !exectm.tm_isdst)
- exectime -= 3600;
+ if (exectm.tm_isdst)
+ exectime += 3600;
}
if (exectime < currtime)
panic("refusing to create job destined in the past");

22
at.spec
View File

@ -2,8 +2,8 @@
Summary: Job spooling tools
Name: at
Version: 3.1.16
Release: 8%{?dist}
Version: 3.1.18
Release: 1%{?dist}
# http://packages.debian.org/changelogs/pool/main/a/at/current/copyright
# + install-sh is MIT license with changes under Public Domain
License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain
@ -17,19 +17,19 @@ Source3: atd.sysconf
Source5: atd.systemd
Patch0: at-aarch64.patch
Patch1: at-3.1.14-makefile.patch
Patch2: at-3.1.14-pam.patch
Patch3: at-3.1.14-selinux.patch
Patch1: at-3.1.18-make.patch
Patch2: at-3.1.18-pam.patch
Patch4: at-3.1.14-opt_V.patch
Patch5: at-3.1.14-shell.patch
Patch6: at-3.1.14-nitpicks.patch
Patch6: at-3.1.18-nitpicks.patch
Patch8: at-3.1.14-fix_no_export.patch
Patch9: at-3.1.14-mailwithhostname.patch
Patch10: at-3.1.14-usePOSIXtimers.patch
Patch12: at-3.1.14-wrong_format.patch
Patch13: at-3.1.16-noabort.patch
Patch13: at-3.1.18-noabort.patch
Patch14: at-3.1.16-fclose-error.patch
Patch15: at-3.1.16-clear-nonjobs.patch
Patch16: at-3.1.18-utc-dst.patch
BuildRequires: fileutils /etc/init.d
BuildRequires: flex flex-static bison autoconf
@ -63,12 +63,11 @@ need to be repeated at the same time every day/week, etc. you should
use crontab instead.
%prep
%setup -q
%setup -c -q
cp %{SOURCE1} .
%patch0 -p1 -b .arm
%patch1 -p1 -b .make
%patch2 -p1 -b .pam
%patch3 -p1 -b .selinux
%patch4 -p1 -b .opt_V
%patch5 -p1 -b .shell
%patch6 -p1 -b .nit
@ -79,6 +78,7 @@ cp %{SOURCE1} .
%patch13 -p1 -b .noabort
%patch14 -p1 -b .fclose
%patch15 -p1 -b .clear-nojobs
%patch16 -p1 -b .dst
%build
# patch9 touches configure.in
@ -176,6 +176,10 @@ chown daemon:daemon %{_localstatedir}/spool/at/.SEQ
%attr(0644,root,root) /%{_unitdir}/atd.service
%changelog
* Wed Mar 23 2016 Tomáš Mráz <tmraz@redhat.com> - 3.1.18-1
- new upstream release
- correct the DST correction when using UTC time specification (#1320322)
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.16-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
d05da75d9b75d93917ffb16ab48b1e19 at_3.1.16.orig.tar.gz
f67a7aab557cd5b4a1311079a08acebe at_3.1.18.orig.tar.gz