rpms/at
5
0
Fork 0
Code Issues Pull Requests Releases Activity

make atd less abort prone

Browse Source
This commit is contained in:
Tomas Mraz 2014-11-06 16:16:42 +01:00
parent 831ee27011
commit 7ca7f064c8
2 changed files with 163 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

157
at-3.1.16-noabort.patch Normal file
View File

@ -0,0 +1,157 @@
diff -up at-3.1.16/atd.c.noabort at-3.1.16/atd.c
--- at-3.1.16/atd.c.noabort 2014-10-02 11:08:26.000000000 +0200
+++ at-3.1.16/atd.c 2014-11-06 16:07:54.851652541 +0100
@@ -221,7 +221,7 @@ static int set_selinux_context(const cha
security_context_t user_context=NULL;
security_context_t file_context=NULL;
struct av_decision avd;
- int retval=-1;
+ int retval=0;
char *seuser=NULL;
char *level=NULL;
@@ -230,12 +230,9 @@ static int set_selinux_context(const cha
free(seuser);
free(level);
if (retval) {
- if (security_getenforce()==1) {
- perr("execle: couldn't get security context for user %s\n", name);
- } else {
- syslog(LOG_ERR, "execle: couldn't get security context for user %s\n", name);
- return -1;
- }
+ lerr("execle: couldn't get security context for user %s\n", name);
+ retval = -1;
+ goto err;
}
}
@@ -246,8 +243,11 @@ static int set_selinux_context(const cha
* the user cron job. It performs an entrypoint
* permission check for this purpose.
*/
- if (fgetfilecon(STDIN_FILENO, &file_context) < 0)
- perr("fgetfilecon FAILED %s", filename);
+ if (fgetfilecon(STDIN_FILENO, &file_context) < 0) {
+ lerr("fgetfilecon FAILED %s", filename);
+ retval = -1;
+ goto err;
+ }
retval = security_compute_av(user_context,
file_context,
@@ -256,25 +256,21 @@ static int set_selinux_context(const cha
&avd);
freecon(file_context);
if (retval || ((FILE__ENTRYPOINT & avd.allowed) != FILE__ENTRYPOINT)) {
- if (security_getenforce()==1) {
- perr("Not allowed to set exec context to %s for user %s\n", user_context,name);
- } else {
- syslog(LOG_ERR, "Not allowed to set exec context to %s for user %s\n", user_context,name);
- retval = -1;
- goto err;
- }
+ lerr("Not allowed to set exec context to %s for user %s\n", user_context,name);
+ retval = -1;
+ goto err;
}
if (setexeccon(user_context) < 0) {
- if (security_getenforce()==1) {
- perr("Could not set exec context to %s for user %s\n", user_context,name);
- retval = -1;
- } else {
- syslog(LOG_ERR, "Could not set exec context to %s for user %s\n", user_context,name);
- }
+ lerr("Could not set exec context to %s for user %s\n", user_context,name);
+ retval = -1;
+ goto err;
}
err:
- freecon(user_context);
- return 0;
+ if (retval < 0 && security_getenforce() != 1)
+ retval = 0;
+ if (user_context)
+ freecon(user_context);
+ return retval;
}
#endif
@@ -347,9 +343,12 @@ run_file(const char *filename, uid_t uid
*/
pid = fork();
- if (pid == -1)
- perr("Cannot fork");
-
+ if (pid == -1) {
+ lerr("Cannot fork for job execution");
+ free(mailname);
+ free(newname);
+ return;
+ }
else if (pid != 0) {
free(mailname);
free(newname);
@@ -667,15 +666,19 @@ run_loop()
* up.
*/
- if (stat(".", &buf) == -1)
- perr("Cannot stat " ATJOB_DIR);
+ if (stat(".", &buf) == -1) {
+ lerr("Cannot stat " ATJOB_DIR);
+ return next_job;
+ }
if (nothing_to_do && buf.st_mtime <= last_chg)
return next_job;
last_chg = buf.st_mtime;
- if ((spool = opendir(".")) == NULL)
- perr("Cannot read " ATJOB_DIR);
+ if ((spool = opendir(".")) == NULL) {
+ lerr("Cannot read " ATJOB_DIR);
+ return next_job;
+ }
run_batch = 0;
nothing_to_do = 1;
diff -up at-3.1.16/daemon.c.noabort at-3.1.16/daemon.c
--- at-3.1.16/daemon.c.noabort 2014-09-30 08:29:02.000000000 +0200
+++ at-3.1.16/daemon.c 2014-11-06 15:37:22.109277583 +0100
@@ -83,6 +83,22 @@ perr(const char *fmt,...)
}
void
+lerr(const char *fmt,...)
+{
+ char buf[1024];
+ va_list args;
+
+ va_start(args, fmt);
+ vsnprintf(buf, sizeof(buf), fmt, args);
+ va_end(args);
+
+ if (daemon_debug) {
+ perror(buf);
+ } else
+ syslog(LOG_ERR, "%s: %m", buf);
+}
+
+void
pabort(const char *fmt,...)
{
char buf[1024];
diff -up at-3.1.16/daemon.h.noabort at-3.1.16/daemon.h
--- at-3.1.16/daemon.h.noabort 2014-09-30 08:29:02.000000000 +0200
+++ at-3.1.16/daemon.h 2014-11-06 15:36:10.461660104 +0100
@@ -13,5 +13,8 @@ __attribute__((noreturn))
#endif
perr (const char *fmt, ...);
+void
+lerr (const char *fmt, ...);
+
extern int daemon_debug;
extern int daemon_foreground;

7
at.spec
View File

@ -3,7 +3,7 @@
Summary: Job spooling tools Summary: Job spooling tools
Name: at Name: at
Version: 3.1.16 Version: 3.1.16
Release: 2%{?dist} Release: 3%{?dist}
# http://packages.debian.org/changelogs/pool/main/a/at/current/copyright # http://packages.debian.org/changelogs/pool/main/a/at/current/copyright
# + install-sh is MIT license with changes under Public Domain # + install-sh is MIT license with changes under Public Domain
License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain
@ -29,6 +29,7 @@ Patch9: at-3.1.14-mailwithhostname.patch
Patch10: at-3.1.14-usePOSIXtimers.patch Patch10: at-3.1.14-usePOSIXtimers.patch
Patch11: at-3.1.14-help.patch Patch11: at-3.1.14-help.patch
Patch12: at-3.1.14-wrong_format.patch Patch12: at-3.1.14-wrong_format.patch
Patch13: at-3.1.16-noabort.patch
BuildRequires: fileutils /etc/init.d BuildRequires: fileutils /etc/init.d
BuildRequires: flex flex-static bison autoconf BuildRequires: flex flex-static bison autoconf
@ -77,6 +78,7 @@ cp %{SOURCE1} .
%patch10 -p1 -b .posix %patch10 -p1 -b .posix
%patch11 -p1 -b .help %patch11 -p1 -b .help
%patch12 -p1 -b .wrong %patch12 -p1 -b .wrong
%patch13 -p1 -b .noabort
%build %build
# patch9 touches configure.in # patch9 touches configure.in
@ -174,6 +176,9 @@ chown daemon:daemon %{_localstatedir}/spool/at/.SEQ
%attr(0644,root,root) /%{_unitdir}/atd.service %attr(0644,root,root) /%{_unitdir}/atd.service
%changelog %changelog
* Thu Nov 6 2014 Tomáš Mráz <tmraz@redhat.com> - 3.1.16-3
- make atd less abort prone
* Fri Oct 10 2014 Tomáš Mráz <tmraz@redhat.com> - 3.1.16-2 * Fri Oct 10 2014 Tomáš Mráz <tmraz@redhat.com> - 3.1.16-2
- add proper Obsoletes for the sysvinit subpackage - add proper Obsoletes for the sysvinit subpackage