rpms/at
5
0
Fork 0
Code Issues Pull Requests Releases Activity

new upstream release

Browse Source 
- properly lock the lock files to be able to safely remove
  stale ones
This commit is contained in:
Tomas Mraz 2016-07-01 10:43:48 +02:00
parent 4516f77e69
commit aa74292e24
6 changed files with 155 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -6,3 +6,4 @@ at_3.1.12.orig.tar.gz
/at_3.1.14.orig.tar.gz /at_3.1.14.orig.tar.gz
/at_3.1.16.orig.tar.gz /at_3.1.16.orig.tar.gz
/at_3.1.18.orig.tar.gz /at_3.1.18.orig.tar.gz
/at_3.1.20.orig.tar.gz

108
at-3.1.20-lock-locks.patch Normal file
View File

@ -0,0 +1,108 @@
diff -up at-3.1.20/atd.c.lock-locks at-3.1.20/atd.c
--- at-3.1.20/atd.c.lock-locks 2016-07-01 10:41:50.640867692 +0200
+++ at-3.1.20/atd.c 2016-07-01 10:42:32.345844967 +0200
@@ -74,6 +74,9 @@
#include <syslog.h>
#endif
+#include <sys/file.h>
+#include <utime.h>
+
/* Local headers */
#include "privs.h"
@@ -288,7 +291,7 @@ run_file(const char *filename, uid_t uid
* mail to the user.
*/
pid_t pid;
- int fd_out, fd_in;
+ int fd_out, fd_in, fd_std;
char jobbuf[9];
char *mailname = NULL;
int mailsize = 128;
@@ -410,6 +413,10 @@ run_file(const char *filename, uid_t uid
fcntl(fd_in, F_SETFD, fflags & ~FD_CLOEXEC);
+ if (flock(fd_in, LOCK_EX | LOCK_NB) != 0)
+ perr("Somebody already locked the job %8lu (%.500s) - "
+ "aborting", jobno, filename);
+
/*
* If the spool directory is mounted via NFS `atd' isn't able to
* read from the job file and will bump out here. The file is
@@ -553,10 +560,7 @@ run_file(const char *filename, uid_t uid
PRIV_END
}
/* We're the parent. Let's wait.
- */
- close(fd_in);
-
- /* We inherited the master's SIGCHLD handler, which does a
+ We inherited the master's SIGCHLD handler, which does a
non-blocking waitpid. So this blocking one will eventually
return with an ECHILD error.
*/
@@ -573,14 +577,14 @@ run_file(const char *filename, uid_t uid
/* some sendmail implementations are confused if stdout, stderr are
* not available, so let them point to /dev/null
*/
- if ((fd_in = open("/dev/null", O_WRONLY)) < 0)
+ if ((fd_std = open("/dev/null", O_WRONLY)) < 0)
perr("Could not open /dev/null.");
- if (dup2(fd_in, STDOUT_FILENO) < 0)
+ if (dup2(fd_std, STDOUT_FILENO) < 0)
perr("Could not use /dev/null as standard output.");
- if (dup2(fd_in, STDERR_FILENO) < 0)
+ if (dup2(fd_std, STDERR_FILENO) < 0)
perr("Could not use /dev/null as standard error.");
- if (fd_in != STDOUT_FILENO && fd_in != STDERR_FILENO)
- close(fd_in);
+ if (fd_std != STDOUT_FILENO && fd_std != STDERR_FILENO)
+ close(fd_std);
if (unlink(filename) == -1)
syslog(LOG_WARNING, "Warning: removing output file for job %li failed: %s",
@@ -588,7 +592,12 @@ run_file(const char *filename, uid_t uid
/* The job is now finished. We can delete its input file.
*/
- chdir(ATJOB_DIR);
+ if (chdir(ATJOB_DIR) != 0)
+ perr("Somebody removed %s directory from under us.", ATJOB_DIR);
+
+ /* This also removes the flock */
+ (void)close(fd_in);
+
unlink(newname);
free(newname);
@@ -723,16 +732,18 @@ run_loop()
/* Skip lock files */
if (queue == '=') {
- /* FIXME: calhariz */
- /* I think the following code is broken, but commenting
- may haven unknow side effects. Make a release and see
- in the wild how it works. For more information see:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818508/*
-
- /* if ((buf.st_nlink == 1) && (run_time + CHECK_INTERVAL <= now)) { */
- /* /\* Remove stale lockfile FIXME: lock the lockfile, if you fail, it's still in use. *\/ */
- /* unlink(dirent->d_name); */
- /* } */
+ if ((buf.st_nlink == 1) && (run_time + CHECK_INTERVAL <= now)) {
+ int fd;
+
+ fd = open(dirent->d_name, O_RDONLY);
+ if (fd != -1) {
+ if (flock(fd, LOCK_EX | LOCK_NB) == 0) {
+ unlink(dirent->d_name);
+ syslog(LOG_NOTICE, "removing stale lock file %s\n", dirent->d_name);
+ }
+ (void)close(fd);
+ }
+ }
continue;
}
/* Skip any other file types which may have been invented in

54
at-3.1.18-pam.patch → at-3.1.20-pam.patch
View File

@ -1,6 +1,6 @@
diff -up at-3.1.18/at.c.pam at-3.1.18/at.c diff -up at-3.1.20/at.c.pam at-3.1.20/at.c
--- at-3.1.18/at.c.pam 2015-12-06 16:45:10.000000000 +0100 --- at-3.1.20/at.c.pam 2016-06-28 22:18:00.000000000 +0200
+++ at-3.1.18/at.c 2016-03-23 12:40:10.694447117 +0100 +++ at-3.1.20/at.c 2016-07-01 09:44:22.251683924 +0200
@@ -144,18 +144,13 @@ sigc(int signo) @@ -144,18 +144,13 @@ sigc(int signo)
/* If the user presses ^C, remove the spool file and exit /* If the user presses ^C, remove the spool file and exit
*/ */
@ -52,7 +52,7 @@ diff -up at-3.1.18/at.c.pam at-3.1.18/at.c
/* We've successfully created the file; let's set the flag so it /* We've successfully created the file; let's set the flag so it
* gets removed in case of an interrupt or error. * gets removed in case of an interrupt or error.
*/ */
@@ -670,7 +658,7 @@ process_jobs(int argc, char **argv, int @@ -673,7 +661,7 @@ process_jobs(int argc, char **argv, int
We need the unprivileged uid here since the file is owned by the real We need the unprivileged uid here since the file is owned by the real
(not effective) uid. (not effective) uid.
*/ */
@ -61,7 +61,7 @@ diff -up at-3.1.18/at.c.pam at-3.1.18/at.c
if (queue == '=') { if (queue == '=') {
fprintf(stderr, "Warning: deleting running job\n"); fprintf(stderr, "Warning: deleting running job\n");
@@ -679,8 +667,8 @@ process_jobs(int argc, char **argv, int @@ -682,8 +670,8 @@ process_jobs(int argc, char **argv, int
perr("Cannot unlink %.500s", dirent->d_name); perr("Cannot unlink %.500s", dirent->d_name);
rc = EXIT_FAILURE; rc = EXIT_FAILURE;
} }
@ -71,7 +71,7 @@ diff -up at-3.1.18/at.c.pam at-3.1.18/at.c
done = 1; done = 1;
break; break;
@@ -690,7 +678,7 @@ process_jobs(int argc, char **argv, int @@ -693,7 +681,7 @@ process_jobs(int argc, char **argv, int
FILE *fp; FILE *fp;
int ch; int ch;
@ -80,7 +80,7 @@ diff -up at-3.1.18/at.c.pam at-3.1.18/at.c
fp = fopen(dirent->d_name, "r"); fp = fopen(dirent->d_name, "r");
if (fp) { if (fp) {
@@ -703,7 +691,7 @@ process_jobs(int argc, char **argv, int @@ -706,7 +694,7 @@ process_jobs(int argc, char **argv, int
perr("Cannot open %.500s", dirent->d_name); perr("Cannot open %.500s", dirent->d_name);
rc = EXIT_FAILURE; rc = EXIT_FAILURE;
} }
@ -89,9 +89,9 @@ diff -up at-3.1.18/at.c.pam at-3.1.18/at.c
} }
break; break;
diff -up at-3.1.18/atd.c.pam at-3.1.18/atd.c diff -up at-3.1.20/atd.c.pam at-3.1.20/atd.c
--- at-3.1.18/atd.c.pam 2015-12-06 16:45:10.000000000 +0100 --- at-3.1.20/atd.c.pam 2016-06-28 22:14:39.000000000 +0200
+++ at-3.1.18/atd.c 2016-03-23 12:43:31.990906478 +0100 +++ at-3.1.20/atd.c 2016-07-01 09:44:22.251683924 +0200
@@ -91,6 +91,10 @@ int selinux_enabled = 0; @@ -91,6 +91,10 @@ int selinux_enabled = 0;
/* Macros */ /* Macros */
@ -248,9 +248,9 @@ diff -up at-3.1.18/atd.c.pam at-3.1.18/atd.c
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
} }
diff -up at-3.1.18/config.h.in.pam at-3.1.18/config.h.in diff -up at-3.1.20/config.h.in.pam at-3.1.20/config.h.in
--- at-3.1.18/config.h.in.pam 2015-12-06 16:45:10.000000000 +0100 --- at-3.1.20/config.h.in.pam 2015-12-18 21:29:24.000000000 +0100
+++ at-3.1.18/config.h.in 2016-03-23 12:40:10.695447139 +0100 +++ at-3.1.20/config.h.in 2016-07-01 09:44:22.251683924 +0200
@@ -68,8 +68,8 @@ @@ -68,8 +68,8 @@
/* Define to 1 if you have the <nlist.h> header file. */ /* Define to 1 if you have the <nlist.h> header file. */
#undef HAVE_NLIST_H #undef HAVE_NLIST_H
@ -262,9 +262,9 @@ diff -up at-3.1.18/config.h.in.pam at-3.1.18/config.h.in
/* Define to 1 if you have the `pstat_getdynamic' function. */ /* Define to 1 if you have the `pstat_getdynamic' function. */
#undef HAVE_PSTAT_GETDYNAMIC #undef HAVE_PSTAT_GETDYNAMIC
diff -up at-3.1.18/configure.ac.pam at-3.1.18/configure.ac diff -up at-3.1.20/configure.ac.pam at-3.1.20/configure.ac
--- at-3.1.18/configure.ac.pam 2015-12-06 16:45:10.000000000 +0100 --- at-3.1.20/configure.ac.pam 2016-06-28 22:55:52.000000000 +0200
+++ at-3.1.18/configure.ac 2016-03-23 12:45:27.885473913 +0100 +++ at-3.1.20/configure.ac 2016-07-01 09:45:23.268092527 +0200
@@ -78,7 +78,7 @@ AC_FUNC_GETLOADAVG @@ -78,7 +78,7 @@ AC_FUNC_GETLOADAVG
AC_CHECK_FUNCS(getcwd mktime strftime setreuid setresuid sigaction waitpid) AC_CHECK_FUNCS(getcwd mktime strftime setreuid setresuid sigaction waitpid)
AC_CHECK_HEADERS(security/pam_appl.h, [ AC_CHECK_HEADERS(security/pam_appl.h, [
@ -286,11 +286,11 @@ diff -up at-3.1.18/configure.ac.pam at-3.1.18/configure.ac
+AC_SUBST(PAMLIB) +AC_SUBST(PAMLIB)
+ +
AC_ARG_WITH(selinux, AC_ARG_WITH(selinux,
[ --with-selinux Define to run with selinux], [ --with-selinux Define to run with selinux (default=check)],
AC_DEFINE(WITH_SELINUX, 1, [Define if you are building with_selinux]), [],
diff -up at-3.1.18/Makefile.in.pam at-3.1.18/Makefile.in diff -up at-3.1.20/Makefile.in.pam at-3.1.20/Makefile.in
--- at-3.1.18/Makefile.in.pam 2016-03-23 12:55:30.000000000 +0100 --- at-3.1.20/Makefile.in.pam 2016-07-01 09:44:22.250683901 +0200
+++ at-3.1.18/Makefile.in 2016-03-23 12:57:58.347145148 +0100 +++ at-3.1.20/Makefile.in 2016-07-01 09:44:22.252683947 +0200
@@ -68,7 +68,7 @@ LIST = Filelist Filelist.asc @@ -68,7 +68,7 @@ LIST = Filelist Filelist.asc
all: at atd atd.service atrun all: at atd atd.service atrun
@ -300,9 +300,9 @@ diff -up at-3.1.18/Makefile.in.pam at-3.1.18/Makefile.in
rm -f $(CLONES) rm -f $(CLONES)
$(LN_S) -f at atq $(LN_S) -f at atq
$(LN_S) -f at atrm $(LN_S) -f at atrm
diff -up at-3.1.18/perm.c.pam at-3.1.18/perm.c diff -up at-3.1.20/perm.c.pam at-3.1.20/perm.c
--- at-3.1.18/perm.c.pam 2015-12-06 16:45:10.000000000 +0100 --- at-3.1.20/perm.c.pam 2015-08-22 00:09:22.000000000 +0200
+++ at-3.1.18/perm.c 2016-03-23 12:40:10.695447139 +0100 +++ at-3.1.20/perm.c 2016-07-01 09:44:22.252683947 +0200
@@ -51,6 +51,14 @@ @@ -51,6 +51,14 @@
#define PRIV_END while(0) #define PRIV_END while(0)
#endif #endif
@ -367,9 +367,9 @@ diff -up at-3.1.18/perm.c.pam at-3.1.18/perm.c
allow = user_in_file(ETCDIR "/at.allow", pentry->pw_name); allow = user_in_file(ETCDIR "/at.allow", pentry->pw_name);
if (allow==0 || allow==1) if (allow==0 || allow==1)
return allow; return allow;
diff -up at-3.1.18/privs.h.pam at-3.1.18/privs.h diff -up at-3.1.20/privs.h.pam at-3.1.20/privs.h
--- at-3.1.18/privs.h.pam 2015-12-06 16:45:10.000000000 +0100 --- at-3.1.20/privs.h.pam 2015-08-22 00:09:22.000000000 +0200
+++ at-3.1.18/privs.h 2016-03-23 12:40:10.695447139 +0100 +++ at-3.1.20/privs.h 2016-07-01 09:44:22.252683947 +0200
@@ -144,3 +144,63 @@ extern gid_t real_gid, effective_gid, da @@ -144,3 +144,63 @@ extern gid_t real_gid, effective_gid, da
#error "Cannot implement user ID swapping without setreuid or setresuid" #error "Cannot implement user ID swapping without setreuid or setresuid"
#endif #endif

12
at-3.1.14-shell.patch → at-3.1.20-shell.patch
View File

@ -1,6 +1,6 @@
diff -up at-3.1.14/at.c.shell at-3.1.14/at.c diff -up at-3.1.20/at.c.shell at-3.1.20/at.c
--- at-3.1.14/at.c.shell 2014-01-06 17:58:17.555564746 +0100 --- at-3.1.20/at.c.shell 2016-07-01 09:47:13.392684445 +0200
+++ at-3.1.14/at.c 2014-01-06 17:59:17.699720002 +0100 +++ at-3.1.20/at.c 2016-07-01 09:48:47.679931959 +0200
@@ -62,11 +62,8 @@ @@ -62,11 +62,8 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
@ -26,7 +26,7 @@ diff -up at-3.1.14/at.c.shell at-3.1.14/at.c
/* Install the signal handler for SIGINT; terminate after removing the /* Install the signal handler for SIGINT; terminate after removing the
* spool file if necessary * spool file if necessary
@@ -449,6 +452,9 @@ writefile(time_t runtimer, char queue) @@ -465,6 +468,9 @@ writefile(time_t runtimer, char queue)
fprintf(fp, " || {\n\t echo 'Execution directory " fprintf(fp, " || {\n\t echo 'Execution directory "
"inaccessible' >&2\n\t exit 1\n}\n"); "inaccessible' >&2\n\t exit 1\n}\n");
@ -36,7 +36,7 @@ diff -up at-3.1.14/at.c.shell at-3.1.14/at.c
istty = isatty(fileno(stdin)); istty = isatty(fileno(stdin));
if (istty) { if (istty) {
fprintf(stderr, "at> "); fprintf(stderr, "at> ");
@@ -464,7 +470,7 @@ writefile(time_t runtimer, char queue) @@ -480,7 +486,7 @@ writefile(time_t runtimer, char queue)
if (istty) { if (istty) {
fprintf(stderr, "<EOT>\n"); fprintf(stderr, "<EOT>\n");
} }
@ -44,4 +44,4 @@ diff -up at-3.1.14/at.c.shell at-3.1.14/at.c
+ fprintf(fp, "marcinDELIMITER%08lx\n", i); + fprintf(fp, "marcinDELIMITER%08lx\n", i);
if (ferror(fp)) if (ferror(fp))
panic("Output error"); panic("Output error");
fflush(fp);

17
at.spec
View File

@ -2,8 +2,8 @@
Summary: Job spooling tools Summary: Job spooling tools
Name: at Name: at
Version: 3.1.18 Version: 3.1.20
Release: 2%{?dist} Release: 1%{?dist}
# http://packages.debian.org/changelogs/pool/main/a/at/current/copyright # http://packages.debian.org/changelogs/pool/main/a/at/current/copyright
# + install-sh is MIT license with changes under Public Domain # + install-sh is MIT license with changes under Public Domain
License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain
@ -18,9 +18,9 @@ Source5: atd.systemd
Patch0: at-aarch64.patch Patch0: at-aarch64.patch
Patch1: at-3.1.18-make.patch Patch1: at-3.1.18-make.patch
Patch2: at-3.1.18-pam.patch Patch2: at-3.1.20-pam.patch
Patch4: at-3.1.14-opt_V.patch Patch4: at-3.1.14-opt_V.patch
Patch5: at-3.1.14-shell.patch Patch5: at-3.1.20-shell.patch
Patch6: at-3.1.18-nitpicks.patch Patch6: at-3.1.18-nitpicks.patch
Patch8: at-3.1.14-fix_no_export.patch Patch8: at-3.1.14-fix_no_export.patch
Patch9: at-3.1.14-mailwithhostname.patch Patch9: at-3.1.14-mailwithhostname.patch
@ -30,6 +30,7 @@ Patch13: at-3.1.18-noabort.patch
Patch14: at-3.1.16-fclose-error.patch Patch14: at-3.1.16-fclose-error.patch
Patch15: at-3.1.16-clear-nonjobs.patch Patch15: at-3.1.16-clear-nonjobs.patch
Patch16: at-3.1.18-utc-dst.patch Patch16: at-3.1.18-utc-dst.patch
Patch17: at-3.1.20-lock-locks.patch
BuildRequires: fileutils /etc/init.d BuildRequires: fileutils /etc/init.d
BuildRequires: flex flex-static bison autoconf BuildRequires: flex flex-static bison autoconf
@ -63,7 +64,7 @@ need to be repeated at the same time every day/week, etc. you should
use crontab instead. use crontab instead.
%prep %prep
%setup -c -q %setup -q
cp %{SOURCE1} . cp %{SOURCE1} .
%patch0 -p1 -b .arm %patch0 -p1 -b .arm
%patch1 -p1 -b .make %patch1 -p1 -b .make
@ -79,6 +80,7 @@ cp %{SOURCE1} .
%patch14 -p1 -b .fclose %patch14 -p1 -b .fclose
%patch15 -p1 -b .clear-nojobs %patch15 -p1 -b .clear-nojobs
%patch16 -p1 -b .dst %patch16 -p1 -b .dst
%patch17 -p1 -b .lock-locks
%build %build
# patch9 touches configure.in # patch9 touches configure.in
@ -176,6 +178,11 @@ chown daemon:daemon %{_localstatedir}/spool/at/.SEQ
%attr(0644,root,root) /%{_unitdir}/atd.service %attr(0644,root,root) /%{_unitdir}/atd.service
%changelog %changelog
* Fri Jul 1 2016 Tomáš Mráz <tmraz@redhat.com> - 3.1.20-1
- new upstream release
- properly lock the lock files to be able to safely remove
stale ones
* Mon May 23 2016 Tomáš Mráz <tmraz@redhat.com> - 3.1.18-2 * Mon May 23 2016 Tomáš Mráz <tmraz@redhat.com> - 3.1.18-2
- SIGPIPE should not be ignored in atd (#1338039) - SIGPIPE should not be ignored in atd (#1338039)

2
sources
View File

@ -1 +1 @@
f67a7aab557cd5b4a1311079a08acebe at_3.1.18.orig.tar.gz e7bd7b785b2cbb17e133d6bdc0fb099e at_3.1.20.orig.tar.gz