From 3a6490b2b2a203330a7bc102e9d572a0a56ff356 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcela=20Ma=C5=A1l=C3=A1=C5=88ov=C3=A1?= Date: Tue, 15 Mar 2011 15:34:50 +0100 Subject: [PATCH] Update to 1.4.7 - remove merged patches - clean specfile (whitespaces, remove BR automake) --- .gitignore | 6 +- cronie-1.4.6-anacron-locks.patch | 134 -------------------- cronie-1.4.6-manpages.patch | 34 ----- cronie-1.4.6-selinux.patch | 210 ------------------------------- cronie.spec | 78 ++++++------ sources | 2 +- 6 files changed, 39 insertions(+), 425 deletions(-) delete mode 100644 cronie-1.4.6-anacron-locks.patch delete mode 100644 cronie-1.4.6-manpages.patch delete mode 100644 cronie-1.4.6-selinux.patch diff --git a/.gitignore b/.gitignore index 22bf3f8..291b177 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,2 @@ -cronie-1.4.4.tar.gz -cronie-1.4.5.tar.gz -/cronie-1.4.6.tar.gz -/cronie.systemd +cronie.systemd +cronie-1.4.7.tar.gz diff --git a/cronie-1.4.6-anacron-locks.patch b/cronie-1.4.6-anacron-locks.patch deleted file mode 100644 index e1e2364..0000000 --- a/cronie-1.4.6-anacron-locks.patch +++ /dev/null @@ -1,134 +0,0 @@ -diff --git a/anacron/global.h b/anacron/global.h -index 91963a7..0fe3f9b 100644 ---- a/anacron/global.h -+++ b/anacron/global.h -@@ -42,6 +42,7 @@ - #define MAX_MSG 150 - - #include -+#include - #include "anacron-paths.h" - - /* Some declarations */ -@@ -102,6 +103,8 @@ extern int running_jobs,running_mailers; - - extern int complaints; - -+extern time_t start_sec; -+ - /* time ranges for START_HOURS_RANGE */ - extern int range_start; - extern int range_stop; -diff --git a/anacron/lock.c b/anacron/lock.c -index 68fd252..71aae09 100644 ---- a/anacron/lock.c -+++ b/anacron/lock.c -@@ -94,6 +94,9 @@ consider_job(job_rec *jr) - if (!force && b == 8) - { - int day_delta; -+ time_t jobtime; -+ struct tm *t; -+ - if (sscanf(timestamp, "%4d%2d%2d", &ts_year, &ts_month, &ts_day) == 3) - dn = day_num(ts_year, ts_month, ts_day); - else -@@ -149,6 +152,18 @@ consider_job(job_rec *jr) - return 0; - } - } -+ -+ jobtime = start_sec + jr->delay * 60; -+ -+ t = localtime(&jobtime); -+ if (!now && range_start != -1 && range_stop != -1 && -+ (t->tm_hour < range_start || t->tm_hour >= range_stop)) -+ { -+ Debug(("The job `%s' falls out of the %02d:00-%02d:00 hours range, skipping.", -+ jr->ident, range_start, range_stop)); -+ xclose (jr->timestamp_fd); -+ return 0; -+ } - } - - /* no! try to grab the lock */ -diff --git a/anacron/main.c b/anacron/main.c -index 2fd3ed5..08db810 100644 ---- a/anacron/main.c -+++ b/anacron/main.c -@@ -55,7 +55,7 @@ sigset_t old_sigmask; /* signal mask when started */ - job_rec *first_job_rec; - env_rec *first_env_rec; - --static time_t start_sec; /* time anacron started */ -+time_t start_sec; /* time anacron started */ - static volatile int got_sigalrm, got_sigchld, got_sigusr1; - int running_jobs, running_mailers; /* , number of */ - int range_start = -1; -@@ -406,7 +406,6 @@ static void - explain_intentions() - { - int j; -- struct tm *t; - - j = 0; - while (j < njobs) -@@ -417,21 +416,8 @@ explain_intentions() - } - else - { -- time_t jobtime = start_sec + job_array[j]->delay * 60; -- -- t = localtime(&jobtime); -- if (range_start != -1 && range_stop != -1 && -- (t->tm_hour < range_start || t->tm_hour >= range_stop)) -- { -- Debug(("The job `%s' falls out of the %02d:00-%02d:00 hours range, skipping.", -- job_array[j]->ident, range_start, range_stop)); -- job_array[j]->drop_job = 1; -- } -- else -- { -- explain("Will run job `%s' in %d min.", -+ explain("Will run job `%s' in %d min.", - job_array[j]->ident, job_array[j]->delay); -- } - } - j++; - } -@@ -443,15 +429,12 @@ int - main(int argc, char *argv[]) - { - int j; -- - int cwd; -- -- int dropped_jobs = 0; -+ struct timeval tv; -+ struct timezone tz; - - anacrontab = NULL; - spooldir = NULL; -- struct timeval tv; -- struct timezone tz; - - if (gettimeofday(&tv, &tz) != 0) - explain("Can't get exact time, failure."); -@@ -514,16 +497,11 @@ main(int argc, char *argv[]) - running_jobs = running_mailers = 0; - for(j = 0; j < njobs; ++j) - { -- if (job_array[j]->drop_job == 1) -- { -- ++dropped_jobs; -- continue; -- } - xsleep(time_till(job_array[j])); - if (serialize) wait_jobs(); - launch_job(job_array[j]); - } - wait_children(); -- explain("Normal exit (%d job%s run)", njobs-dropped_jobs, (njobs-dropped_jobs == 1 ? "" : "s")); -+ explain("Normal exit (%d job%s run)", njobs, njobs == 1 ? "" : "s"); - exit(0); - } diff --git a/cronie-1.4.6-manpages.patch b/cronie-1.4.6-manpages.patch deleted file mode 100644 index b623468..0000000 --- a/cronie-1.4.6-manpages.patch +++ /dev/null @@ -1,34 +0,0 @@ -diff -up cronie-1.4.6/man/cron.8.wrong cronie-1.4.6/man/cron.8 ---- cronie-1.4.6/man/cron.8.wrong 2010-10-21 17:31:28.000000000 +0200 -+++ cronie-1.4.6/man/cron.8 2010-10-26 10:16:38.000000000 +0200 -@@ -27,7 +27,7 @@ - crond \- daemon to execute scheduled commands - .SH SYNOPSIS - .B crond --.RB [ -n " | " -p " | " -s " | " -m \fP\fI\fP ] -+.RB [ -n " | " -p " | " -s " | " -c " | " -m \fP\fI\fP ] - - .B crond - .B -x -@@ -147,6 +147,9 @@ Allows - .I Cron - to accept any user set crontables. - .TP -+.B "\-c" -+This option enables clustering support, as described below. -+.TP - .B "\-s" - This option will direct - .I Cron -diff -up cronie-1.4.6/man/crontab.1.wrong cronie-1.4.6/man/crontab.1 ---- cronie-1.4.6/man/crontab.1.wrong 2010-10-22 09:49:29.000000000 +0200 -+++ cronie-1.4.6/man/crontab.1 2010-10-26 11:53:57.000000000 +0200 -@@ -139,7 +139,7 @@ This option is relevant only if - was started with the \fB-c\fP option, to enable clustering support. It is - used to set the host in the cluster which should run the jobs specified in the - crontab files in the --.I /var/spool/cron\ -+.I /var/spool/cron - directory. - If a hostname is supplied, the host whose hostname returned by - .BR gethostname(2) diff --git a/cronie-1.4.6-selinux.patch b/cronie-1.4.6-selinux.patch deleted file mode 100644 index 8fe60fd..0000000 --- a/cronie-1.4.6-selinux.patch +++ /dev/null @@ -1,210 +0,0 @@ -diff -up cronie-1.4.6/src/cron.c.old cronie-1.4.6/src/cron.c ---- cronie-1.4.6/src/cron.c.old 2010-10-21 07:56:27.000000000 +0200 -+++ cronie-1.4.6/src/cron.c 2010-12-16 13:44:44.000000000 +0100 -@@ -198,6 +198,11 @@ int main(int argc, char *argv[]) { - exit(1); - } - -+ if (cron_init_security() < 0) { -+ log_it("CRON", pid, "DEATH", "Critical security parameters not initialized", 0); -+ exit(1); -+ } -+ - /* Get the default locale character set for the mail - * "Content-Type: ...; charset=" header - */ -diff -up cronie-1.4.6/src/funcs.h.old cronie-1.4.6/src/funcs.h ---- cronie-1.4.6/src/funcs.h.old 2010-10-04 16:07:25.000000000 +0200 -+++ cronie-1.4.6/src/funcs.h 2010-12-16 09:59:02.000000000 +0100 -@@ -85,6 +85,8 @@ long get_gmtoff(time_t *, struct tm *); - - /* Red Hat security stuff (security.c): - */ -+int cron_init_security( void ); -+ - void cron_restore_default_security_context( void ); - - int cron_set_job_security_context( entry *e, user *u, char ***jobenvp ); -diff -up cronie-1.4.6/src/security.c.old cronie-1.4.6/src/security.c ---- cronie-1.4.6/src/security.c.old 2010-10-04 16:07:25.000000000 +0200 -+++ cronie-1.4.6/src/security.c 2010-12-16 09:59:02.000000000 +0100 -@@ -41,15 +41,14 @@ static int - cron_conv(int num_msg, const struct pam_message **msgm, - struct pam_response **response, void *appdata_ptr) - { -- struct pam_message**m = msgm; - int i; - - for (i = 0; i < num_msg; i++) { -- switch (m[i]->msg_style) { -+ switch (msgm[i]->msg_style) { - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: -- if (m[i]->msg != NULL) { -- log_it("CRON", getpid(), "pam_message", m[i]->msg, 0); -+ if (msgm[i]->msg != NULL) { -+ log_it("CRON", getpid(), "pam_message", msgm[i]->msg, 0); - } - break; - default: -@@ -81,6 +80,11 @@ static char **build_env(char **cronenv); - static int cron_change_selinux_range(user * u, security_context_t ucontext); - static int cron_get_job_range(user * u, security_context_t * ucontextp, - char **jobenv); -+ -+static security_class_t file_class; -+static security_class_t context_class; -+static access_vector_t entrypoint_bit; -+static access_vector_t contains_bit; - #endif - - void cron_restore_default_security_context() { -@@ -89,6 +93,40 @@ void cron_restore_default_security_conte - #endif - } - -+int cron_init_security() { -+#ifdef WITH_SELINUX -+ int rv = -1; -+ -+ if (is_selinux_enabled() <= 0) -+ return 0; -+ -+ if (security_getenforce() <= 0) -+ rv = 0; -+ -+ file_class = string_to_security_class("file"); -+ if (!file_class) { -+ log_it("CRON", getpid(), "ERROR", "Failed to translate security class file", errno); -+ return rv; -+ } -+ context_class = string_to_security_class("context"); -+ if (!context_class) { -+ log_it("CRON", getpid(), "ERROR", "Failed to translate security class context", errno); -+ return rv; -+ } -+ entrypoint_bit = string_to_av_perm(file_class, "entrypoint"); -+ if (!entrypoint_bit) { -+ log_it("CRON", getpid(), "ERROR", "Failed to translate av perm entrypoint", errno); -+ return rv; -+ } -+ contains_bit = string_to_av_perm(context_class, "contains"); -+ if (!contains_bit) { -+ log_it("CRON", getpid(), "ERROR", "Failed to translate av perm contains", errno); -+ return rv; -+ } -+#endif -+ return 0; -+} -+ - int cron_set_job_security_context(entry * e, user * u, char ***jobenv) { - time_t minutely_time = 0; - #ifdef WITH_PAM -@@ -254,7 +292,7 @@ static int cron_authorize_context(securi - #ifdef WITH_SELINUX - struct av_decision avd; - int retval; -- unsigned int bit = FILE__ENTRYPOINT; -+ - /* - * Since crontab files are not directly executed, - * crond must ensure that the crontab file has -@@ -262,9 +300,11 @@ static int cron_authorize_context(securi - * the user cron job. It performs an entrypoint - * permission check for this purpose. - */ -+ if (!file_class || !entrypoint_bit) -+ return 0; - retval = security_compute_av(scontext, file_context, -- SECCLASS_FILE, bit, &avd); -- if (retval || ((bit & avd.allowed) != bit)) -+ file_class, entrypoint_bit, &avd); -+ if (retval || ((entrypoint_bit & avd.allowed) != entrypoint_bit)) - return 0; - #endif - return 1; -@@ -275,16 +315,17 @@ static int cron_authorize_range(security - #ifdef WITH_SELINUX - struct av_decision avd; - int retval; -- unsigned int bit = CONTEXT__CONTAINS; - /* - * Since crontab files are not directly executed, - * so crond must ensure that any user specified range - * falls within the seusers-specified range for that Linux user. - */ -+ if (!context_class || !contains_bit) -+ return 0; - retval = security_compute_av(scontext, ucontext, -- SECCLASS_CONTEXT, bit, &avd); -+ context_class, contains_bit, &avd); - -- if (retval || ((bit & avd.allowed) != bit)) -+ if (retval || ((contains_bit & avd.allowed) != contains_bit)) - return 0; - #endif - return 1; -@@ -479,15 +520,22 @@ get_security_context(const char *name, i - } - - if (!cron_authorize_context(scontext, file_context)) { -+ char *msg=NULL; -+ if (asprintf(&msg, -+ "Unauthorized SELinux context=%s file_context=%s", (char *) scontext, file_context) >= 0) { -+ log_it(name, getpid(), msg, tabname, 0); -+ free(msg); -+ } else { -+ log_it(name, getpid(), "Unauthorized SELinux context", tabname, 0); -+ } - freecon(scontext); - freecon(file_context); - if (security_getenforce() > 0) { -- log_it(name, getpid(), "Unauthorized SELinux context", tabname, 0); - return -1; - } - else { - log_it(name, getpid(), -- "Unauthorized SELinux context, but SELinux in permissive mode, continuing", -+ "SELinux in permissive mode, continuing", - tabname, 0); - return 0; - } -@@ -515,22 +563,30 @@ int crontab_security_access(void) { - security_context_t user_context; - if (getprevcon_raw(&user_context) == 0) { - security_class_t passwd_class; -+ access_vector_t crontab_bit; - struct av_decision avd; -- int retval; -+ int retval = 0; - - passwd_class = string_to_security_class("passwd"); - if (passwd_class == 0) { -- selinux_check_passwd_access = -1; - fprintf(stderr, "Security class \"passwd\" is not defined in the SELinux policy.\n"); -+ retval = -1; -+ } -+ -+ if (retval == 0) { -+ crontab_bit = string_to_av_perm(passwd_class, "crontab"); -+ if (crontab_bit == 0) { -+ fprintf(stderr, "Security av permission \"crontab\" is not defined in the SELinux policy.\n"); -+ retval = -1; -+ } - } - -- retval = security_compute_av_raw(user_context, -- user_context, -- passwd_class, -- PASSWD__CRONTAB, -- &avd); -+ if (retval == 0) -+ retval = security_compute_av_raw(user_context, -+ user_context, passwd_class, -+ crontab_bit, &avd); - -- if ((retval == 0) && ((PASSWD__CRONTAB & avd.allowed) == PASSWD__CRONTAB)) { -+ if ((retval == 0) && ((crontab_bit & avd.allowed) == crontab_bit)) { - selinux_check_passwd_access = 0; - } - freecon(user_context); diff --git a/cronie.spec b/cronie.spec index 80afcc9..b1e4d6d 100644 --- a/cronie.spec +++ b/cronie.spec @@ -3,46 +3,42 @@ %bcond_without audit %bcond_without inotify -Summary: Cron daemon for executing programs at set times -Name: cronie -Version: 1.4.6 -Release: 9%{?dist} -License: MIT and BSD and ISC and GPLv2 -Group: System Environment/Base -URL: https://fedorahosted.org/cronie -Source0: https://fedorahosted.org/releases/c/r/cronie/%{name}-%{version}.tar.gz -Source1: cronie.systemd -Patch0: cronie-1.4.6-manpages.patch -Patch1: cronie-1.4.6-anacron-locks.patch -Patch2: cronie-1.4.6-selinux.patch +Summary: Cron daemon for executing programs at set times +Name: cronie +Version: 1.4.7 +Release: 1%{?dist} +License: MIT and BSD and ISC and GPLv2 +Group: System Environment/Base +URL: https://fedorahosted.org/cronie +Source0: https://fedorahosted.org/releases/c/r/cronie/%{name}-%{version}.tar.gz +Source1: cronie.systemd -Requires: syslog, bash >= 2.0 +Requires: syslog, bash >= 2.0 Conflicts: sysklogd < 1.4.1 -Provides: vixie-cron = 4:4.4 +Provides: vixie-cron = 4:4.4 Obsoletes: vixie-cron <= 4:4.3 -Requires: dailyjobs +Requires: dailyjobs %if %{with selinux} -Requires: libselinux >= 2.0.64 +Requires: libselinux >= 2.0.64 Buildrequires: libselinux-devel >= 2.0.64 %endif %if %{with pam} -Requires: pam >= 1.0.1 +Requires: pam >= 1.0.1 Buildrequires: pam-devel >= 1.0.1 %endif %if %{with audit} Buildrequires: audit-libs-devel >= 1.4.1 %endif -BuildRequires: automake -Requires(post): /sbin/chkconfig coreutils sed +Requires(post): /sbin/chkconfig coreutils sed Requires(postun): /sbin/chkconfig Requires(postun): /sbin/service -Requires(preun): /sbin/chkconfig -Requires(preun): /sbin/service +Requires(preun): /sbin/chkconfig +Requires(preun): /sbin/service # systemd compatibility -Requires(post): systemd-units -Requires(preun): systemd-units +Requires(post): systemd-units +Requires(preun): systemd-units Requires(postun): systemd-units %description @@ -52,14 +48,14 @@ has security and configuration enhancements like the ability to use pam and SELinux. %package anacron -Summary: Utility for running regular jobs -Requires: crontabs -Group: System Environment/Base -Provides: dailyjobs -Provides: anacron = 2.4 +Summary: Utility for running regular jobs +Requires: crontabs +Group: System Environment/Base +Provides: dailyjobs +Provides: anacron = 2.4 Obsoletes: anacron <= 2.3 Requires(post): coreutils -Requires: %{name} = %{version}-%{release} +Requires: %{name} = %{version}-%{release} %description anacron Anacron becames part of cronie. Anacron is used only for running regular jobs. @@ -67,23 +63,19 @@ The default settings execute regular jobs by anacron, however this could be overloaded in settings. %package noanacron -Summary: Utility for running simple regular jobs in old cron style -Group: System Environment/Base -Provides: dailyjobs -Requires: crontabs -Requires: %{name} = %{version}-%{release} +Summary: Utility for running simple regular jobs in old cron style +Group: System Environment/Base +Provides: dailyjobs +Requires: crontabs +Requires: %{name} = %{version}-%{release} %description noanacron Old style of {hourly,daily,weekly,monthly}.jobs without anacron. No features. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 %build - %configure \ %if %{with pam} --with-pam \ @@ -97,7 +89,9 @@ Old style of {hourly,daily,weekly,monthly}.jobs without anacron. No features. %if %{with inotify} --with-inotify \ %endif ---enable-anacron --enable-pie +--enable-anacron \ +--enable-pie \ +--enable-relro make %{?_smp_mflags} @@ -129,9 +123,6 @@ install -m 644 contrib/dailyjobs $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/dailyjobs mkdir -p $RPM_BUILD_ROOT/lib/systemd/system/ install -m 644 %SOURCE1 $RPM_BUILD_ROOT/lib/systemd/system/crond.service -%clean -rm -rf $RPM_BUILD_ROOT - %post /sbin/chkconfig --add crond >/dev/null 2>&1 || : /bin/systemctl enable crond.service >/dev/null 2>&1 || : @@ -213,6 +204,9 @@ cp -a /var/lock/subsys/crond /var/lock/subsys/cronie > /dev/null 2>&1 ||: %attr(0644,root,root) %{_sysconfdir}/cron.d/dailyjobs %changelog +* Tue Mar 15 2011 Marcela Mašláňová - 1.4.7-1 +- new release 1.4.7 + * Tue Feb 08 2011 Fedora Release Engineering - 1.4.6-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild diff --git a/sources b/sources index 10cf035..b849879 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -968e3d3e7c8e1d0588d533883482d3fa cronie-1.4.6.tar.gz 01014d53a9ede7c45f2419dc023cc372 cronie.systemd +dfc26c47756d0c40ee27ae3c7ee98e0d cronie-1.4.7.tar.gz