rpms/at
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- polish pam in atd again

Browse Source
This commit is contained in:
Marcela Mašláňová 2010-01-18 14:47:12 +00:00
parent 7babbd86d0
commit c5c176fd70
4 changed files with 96 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
at-3.1.12-fix.patch Normal file
View File

@ -0,0 +1,69 @@
diff -up at-3.1.12/atd.c.fix at-3.1.12/atd.c
--- at-3.1.12/atd.c.fix 2010-01-18 14:22:19.364913059 +0100
+++ at-3.1.12/atd.c 2010-01-18 14:20:17.867912485 +0100
@@ -458,11 +458,9 @@ run_file(const char *filename, uid_t uid
size = buf.st_size;
#ifdef WITH_PAM
- PRIV_START
- PAM_HANDLING;
+ PAM_HANDLING;
closelog();
openlog("atd", LOG_PID, LOG_ATD);
- PRIV_END
#endif
close(STDIN_FILENO);
@@ -484,7 +482,6 @@ run_file(const char *filename, uid_t uid
if ( ( pam_envp != 0L ) && (pam_envp[0] != 0L) )
nenvp = pam_envp;
#endif
- PRIV_END
/* Set up things for the child; we want standard input from the
* input file, and standard output and error sent to our output file.
*/
@@ -505,8 +502,6 @@ run_file(const char *filename, uid_t uid
if (chdir(ATJOB_DIR) < 0)
perr("Cannot chdir to " ATJOB_DIR);
- PRIV_START
-
nice((tolower((int) queue) - 'a' + 1) * 2);
if (initgroups(pentry->pw_name, pentry->pw_gid))
@@ -531,6 +526,17 @@ run_file(const char *filename, uid_t uid
if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0)
perr("Exec failed for /bin/sh");
+
+//add for fedora
+#ifdef WITH_SELINUX
+ if (selinux_enabled>0)
+ if (setexeccon(NULL) < 0)
+ if (security_getenforce()==1)
+ perr("Could not resset exec context for user %s\n", pentry->pw_name);
+
+#endif
+//end
+//add for fedora
#ifdef WITH_PAM
if ( ( nenvp != &nul ) && (pam_envp != 0L) && (*pam_envp != 0L))
{
@@ -553,7 +559,7 @@ run_file(const char *filename, uid_t uid
return with an ECHILD error.
*/
waitpid(pid, (int *) NULL, 0);
-
+/*
#ifdef WITH_PAM
PRIV_START
pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
@@ -561,7 +567,7 @@ run_file(const char *filename, uid_t uid
pam_end(pamh, retcode);
PRIV_END
#endif
-
+*/
/* Send mail. Unlink the output file after opening it, so it
* doesn't hang around after the run.
*/

22
at-3.1.12-nitpicks.patch
View File

@ -1,6 +1,6 @@
diff -up at-3.1.12/at.1.in.nit at-3.1.12/at.1.in diff -up at-3.1.12/at.1.in.nit at-3.1.12/at.1.in
--- at-3.1.12/at.1.in.nit 2009-11-23 16:11:52.000000000 +0100 --- at-3.1.12/at.1.in.nit 2009-11-23 16:11:52.000000000 +0100
+++ at-3.1.12/at.1.in 2009-12-03 10:32:19.018261655 +0100 +++ at-3.1.12/at.1.in 2010-01-18 14:43:58.287163082 +0100
@@ -121,7 +121,7 @@ and to run a job at 1am tomorrow, you wo @@ -121,7 +121,7 @@ and to run a job at 1am tomorrow, you wo
.B at 1am tomorrow. .B at 1am tomorrow.
.PP .PP
@ -10,9 +10,27 @@ diff -up at-3.1.12/at.1.in.nit at-3.1.12/at.1.in
.PP .PP
For both For both
.BR at " and " batch , .BR at " and " batch ,
@@ -216,7 +216,7 @@ queue for
.BR batch .
Queues with higher letters run with increased niceness. The special
queue "=" is reserved for jobs which are currently running.
-.P
+
If a job is submitted to a queue designated with an uppercase letter, the
job is treated as if it were submitted to batch at the time of the job.
Once the time is reached, the batch processing rules with respect to load
@@ -253,7 +253,7 @@ is an alias for
.TP
.B \-v
Shows the time the job will be executed before reading the job.
-.P
+
Times displayed will be in the format "Thu Feb 20 14:50:00 1997".
.TP
.B
diff -up at-3.1.12/atd.c.nit at-3.1.12/atd.c diff -up at-3.1.12/atd.c.nit at-3.1.12/atd.c
--- at-3.1.12/atd.c.nit 2009-11-23 16:11:52.000000000 +0100 --- at-3.1.12/atd.c.nit 2009-11-23 16:11:52.000000000 +0100
+++ at-3.1.12/atd.c 2009-12-03 10:33:12.494259601 +0100 +++ at-3.1.12/atd.c 2010-01-18 14:42:58.024161433 +0100
@@ -83,6 +83,9 @@ @@ -83,6 +83,9 @@
#include "getloadavg.h" #include "getloadavg.h"
#endif #endif

2
at-3.1.12-shell.patch
View File

@ -31,7 +31,7 @@ diff -up at-3.1.12/at.c.shell at-3.1.12/at.c
"inaccessible' >&2\n\t exit 1\n}\n"); "inaccessible' >&2\n\t exit 1\n}\n");
+ i = random(); + i = random();
+ fprintf(fp, "${SHELL:-/bin/sh} << marcinDELIMITER%08lx\n", i); + fprintf(fp, "${SHELL:-/bin/sh} << \'marcinDELIMITER%08lx\'\n", i);
+ +
istty = isatty(fileno(stdin)); istty = isatty(fileno(stdin));
if (istty) { if (istty) {

7
at.spec
View File

@ -6,7 +6,7 @@
Summary: Job spooling tools Summary: Job spooling tools
Name: at Name: at
Version: %{major_ver} Version: %{major_ver}
Release: 1%{dist} Release: 2%{dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Daemons Group: System Environment/Daemons
URL: http://ftp.debian.org/debian/pool/main/a/at URL: http://ftp.debian.org/debian/pool/main/a/at
@ -23,6 +23,7 @@ Patch3: at-3.1.12-shell.patch
Patch4: at-3.1.12-nitpicks.patch Patch4: at-3.1.12-nitpicks.patch
Patch5: at-3.1.12-pam.patch Patch5: at-3.1.12-pam.patch
Patch6: at-3.1.12-selinux.patch Patch6: at-3.1.12-selinux.patch
Patch7: at-3.1.12-fix.patch
BuildRequires: fileutils chkconfig /etc/init.d BuildRequires: fileutils chkconfig /etc/init.d
BuildRequires: flex bison autoconf BuildRequires: flex bison autoconf
@ -58,6 +59,7 @@ cp %{SOURCE1} .
%patch4 -p1 -b .nit %patch4 -p1 -b .nit
%patch5 -p1 -b .pam %patch5 -p1 -b .pam
%patch6 -p1 -b .selinux %patch6 -p1 -b .selinux
%patch7 -p1 -b .fix
%build %build
# patch9 touches configure.in # patch9 touches configure.in
@ -159,6 +161,9 @@ fi
%attr(0755,root,root) %{_libdir}/pm-utils/sleep.d/56atd %attr(0755,root,root) %{_libdir}/pm-utils/sleep.d/56atd
%changelog %changelog
* Mon Jan 18 2010 Marcela Mašláňová <mmaslano@redhat.com> - 3.1.12-2
- polish pam in atd again
* Thu Dec 3 2009 Marcela Mašláňová <mmaslano@redhat.com> - 3.1.12-1 * Thu Dec 3 2009 Marcela Mašláňová <mmaslano@redhat.com> - 3.1.12-1
- update to the new version of at - update to the new version of at
- adapt patches for new version - adapt patches for new version