From 502726fe29ba77802e5f3398508df1d110925457 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Thu, 28 Mar 2024 09:58:05 +0000 Subject: [PATCH] import CS cronie-1.5.7-11.el9 --- SOURCES/n_option.patch | 205 ++++++++++++++++++++++++ SOURCES/optimization_to_close_fds.patch | 52 ++++++ SPECS/cronie.spec | 21 ++- 3 files changed, 277 insertions(+), 1 deletion(-) create mode 100644 SOURCES/n_option.patch create mode 100644 SOURCES/optimization_to_close_fds.patch diff --git a/SOURCES/n_option.patch b/SOURCES/n_option.patch new file mode 100644 index 0000000..441c214 --- /dev/null +++ b/SOURCES/n_option.patch @@ -0,0 +1,205 @@ +From ce7d5bf0a43d147f8502e6424cd523b56adf5599 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= +Date: Mon, 26 Sep 2022 16:51:41 +0200 +Subject: [PATCH] Add -n option for crontab entries + +The -n option causes no mail to be sent +when the command finishes successfully. + +These kind of options are already supported in *BSD; +in fact, this is a port of a patch from NetBSD [1]. + +This was requested in [2]. + +[1]: NetBSD/src@666eac5 +[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1591763 +--- + src/do_command.c | 32 +++++++++++++++++++++++++++++--- + src/entry.c | 31 +++++++++++++++++++++++++++++++ + src/funcs.h | 1 + + src/popen.c | 33 ++++++++++++++++++++++++++++++--- + src/structs.h | 1 + + 5 files changed, 92 insertions(+), 6 deletions(-) + +diff --git a/src/do_command.c b/src/do_command.c +index 87f996f..6a3886a 100644 +--- a/src/do_command.c ++++ b/src/do_command.c +@@ -94,6 +94,7 @@ static int child_process(entry * e, char **jobenv) { + char mailfrom_expanded[MAX_EMAILSTR]; + int children = 0; + pid_t pid = getpid(); ++ pid_t jobpid = -1; + struct sigaction sa; + + /* Ignore SIGPIPE as we will be writing to pipes and do not want to terminate +@@ -199,7 +200,7 @@ static int child_process(entry * e, char **jobenv) { + + /* fork again, this time so we can exec the user's command. + */ +- switch (fork()) { ++ switch (jobpid = fork()) { + case -1: + log_it("CRON", pid, "CAN'T FORK", "child_process", errno); + return ERROR_EXIT; +@@ -552,10 +553,35 @@ static int child_process(entry * e, char **jobenv) { + } + #endif + } +- /* only close pipe if we opened it -- i.e., we're +- * mailing... ++ /* if -n option was specified, abort the sending ++ * now when we read all of the command output ++ * and thus can wait for it's exit status + */ ++ if (mail && e->flags & MAIL_WHEN_ERR) { ++ int jobstatus = -1; ++ if (jobpid > 0) { ++ while (waitpid(jobpid, &jobstatus, WNOHANG) == -1) { ++ if (errno == EINTR) continue; ++ log_it("CRON", getpid(), "error", "invalid job pid", errno); ++ break; ++ } ++ } else { ++ log_it("CRON", getpid(), "error", "invalid job pid", 0); ++ } + ++ /* if everything went well, -n is set, and we have mail, ++ * we won't be mailing – so shoot the messenger! ++ */ ++ if (WIFEXITED(jobstatus) && WEXITSTATUS(jobstatus) == EXIT_SUCCESS) { ++ Debug(DPROC, ("[%ld] aborting pipe to mail\n", (long)getpid())); ++ status = cron_pabort(mail); ++ mail = NULL; ++ } ++ } ++ ++ /* only close pipe if we opened it -- i.e., we're (still) ++ * mailing... ++ */ + if (mail) { + Debug(DPROC, ("[%ld] closing pipe to mail\n", (long) getpid())); + /* Note: the pclose will probably see +diff --git a/src/entry.c b/src/entry.c +index bb7cb62..9e199fe 100644 +--- a/src/entry.c ++++ b/src/entry.c +@@ -417,6 +417,37 @@ entry *load_entry(FILE * file, void (*error_func) (), struct passwd *pw, + + Debug(DPARS, ("load_entry()...about to parse command\n")); + ++ /* If the first character of the command is '-', it is a cron option. */ ++ ch = get_char(file); ++ while (ch == '-') { ++ switch (ch = get_char(file)) { ++ case 'n': ++ /* only allow user to set the option once */ ++ if ((e->flags & MAIL_WHEN_ERR) == MAIL_WHEN_ERR) { ++ ecode = e_option; ++ goto eof; ++ } ++ e->flags |= MAIL_WHEN_ERR; ++ break; ++ ++ default: ++ ecode = e_option; ++ goto eof; ++ } ++ ++ ch = get_char(file); ++ if (ch != '\t' && ch != ' ') { ++ ecode = e_option; ++ goto eof; ++ } ++ Skip_Blanks(ch, file); ++ if (ch == EOF || ch == '\n') { ++ ecode = e_cmd; ++ goto eof; ++ } ++ } ++ unget_char(ch, file); ++ + /* Everything up to the next \n or EOF is part of the command... + * too bad we don't know in advance how long it will be, since we + * need to malloc a string for it... so, we limit it to MAX_COMMAND. +diff --git a/src/funcs.h b/src/funcs.h +index dea737e..427e027 100644 +--- a/src/funcs.h ++++ b/src/funcs.h +@@ -67,6 +67,7 @@ int load_database(cron_db *), + swap_uids_back(void), + load_env(char *, FILE *), + env_set_from_environ(char ***envpp), ++ cron_pabort(FILE *), + cron_pclose(FILE *), + glue_strings(char *, size_t, const char *, const char *, char), + strcmp_until(const char *, const char *, char), +diff --git a/src/popen.c b/src/popen.c +index 4397264..3043eb6 100644 +--- a/src/popen.c ++++ b/src/popen.c +@@ -167,7 +167,7 @@ FILE *cron_popen(char *program, const char *type, struct passwd *pw, char **jobe + return (iop); + } + +-int cron_pclose(FILE * iop) { ++static int cron_finalize(FILE * iop, int sig) { + int fdes; + sigset_t oset, nset; + WAIT_T stat_loc; +@@ -180,7 +180,12 @@ int cron_pclose(FILE * iop) { + fdes = fileno(iop); + if (pids == NULL || fdes >= fds || pids[fdes] == 0L) + return (-1); +- (void) fclose(iop); ++ ++ if (!sig) { ++ (void) fclose(iop); ++ } else if (kill(pids[fdes], sig) == -1) { ++ return -1; ++ } + + sigemptyset(&nset); + sigaddset(&nset, SIGINT); +@@ -189,6 +194,28 @@ int cron_pclose(FILE * iop) { + (void) sigprocmask(SIG_BLOCK, &nset, &oset); + while ((pid = wait(&stat_loc)) != pids[fdes] && pid != -1) ; + (void) sigprocmask(SIG_SETMASK, &oset, NULL); ++ ++ if (sig) { ++ (void) fclose(iop); ++ } + pids[fdes] = 0; +- return (pid == -1 ? -1 : WEXITSTATUS(stat_loc)); ++ ++ if (pid < 0) { ++ return pid; ++ } ++ ++ if (WIFEXITED(stat_loc)) { ++ return WEXITSTATUS(stat_loc); ++ } else { ++ return WTERMSIG(stat_loc); ++ } ++} ++ ++int cron_pclose(FILE * iop) { ++ return cron_finalize(iop, 0); ++} ++ ++int cron_pabort(FILE * iop) { ++ int esig = cron_finalize(iop, SIGKILL); ++ return esig == SIGKILL ? 0 : esig; + } +diff --git a/src/structs.h b/src/structs.h +index 6d3c15b..d930da5 100644 +--- a/src/structs.h ++++ b/src/structs.h +@@ -48,6 +48,7 @@ typedef struct _entry { + #define DOW_STAR 0x08 + #define WHEN_REBOOT 0x10 + #define DONT_LOG 0x20 ++#define MAIL_WHEN_ERR 0x40 + } entry; + + /* the crontab database will be a list of the diff --git a/SOURCES/optimization_to_close_fds.patch b/SOURCES/optimization_to_close_fds.patch new file mode 100644 index 0000000..b90905e --- /dev/null +++ b/SOURCES/optimization_to_close_fds.patch @@ -0,0 +1,52 @@ +From e3682c7135b9176b60d226c60ee4e78cf1ab711b Mon Sep 17 00:00:00 2001 +From: bwelterl +Date: Thu, 7 Sep 2023 10:05:36 +0200 +Subject: [PATCH] Optimization to close fds from /proc/self/fd in case of high + nofile limit after fork + +--- + src/do_command.c | 23 ++++++++++++++++++++--- + 1 file changed, 20 insertions(+), 3 deletions(-) + +diff --git a/src/do_command.c b/src/do_command.c +index 500f1b0..665e1f0 100644 +--- a/src/do_command.c ++++ b/src/do_command.c +@@ -30,6 +30,7 @@ + #include + #include + #include ++#include + + #include "externs.h" + #include "funcs.h" +@@ -264,10 +265,26 @@ static int child_process(entry * e, char **jobenv) { + { + char *shell = env_get("SHELL", jobenv); + int fd, fdmax = TMIN(getdtablesize(), MAX_CLOSE_FD); ++ DIR *dir; ++ struct dirent *dent; + +- /* close all unwanted open file descriptors */ +- for(fd = STDERR + 1; fd < fdmax; fd++) { +- close(fd); ++ /* ++ * if /proc is mounted, we can optimize what fd can be closed, ++ * but if it isn't available, fall back to the previous behavior. ++ */ ++ if ((dir = opendir("/proc/self/fd")) != NULL) { ++ while ((dent = readdir(dir)) != NULL) { ++ if (!strcmp(dent->d_name, ".") || !strcmp(dent->d_name, "..")) ++ continue; ++ fd = atoi(dent->d_name); ++ if (fd > STDERR_FILENO) ++ close(fd); ++ } ++ } else { ++ /* close all unwanted open file descriptors */ ++ for (fd = STDERR + 1; fd < fdmax; fd++) { ++ close(fd); ++ } + } + + #if DEBUGGING diff --git a/SPECS/cronie.spec b/SPECS/cronie.spec index 6bdcef2..1421368 100644 --- a/SPECS/cronie.spec +++ b/SPECS/cronie.spec @@ -6,7 +6,7 @@ Summary: Cron daemon for executing programs at set times Name: cronie Version: 1.5.7 -Release: 8%{?dist} +Release: 11%{?dist} License: MIT and BSD and ISC and GPLv2+ URL: https://github.com/cronie-crond/cronie Source0: https://github.com/cronie-crond/cronie/releases/download/cronie-%{version}/cronie-%{version}.tar.gz @@ -17,6 +17,12 @@ Patch: 0002-Add-random-within-range-operator.patch Patch: 0003-get_number-Add-missing-NUL-termination-for-the-scann.patch Patch: 0004-Fix-regression-in-handling-x-crontab-entries.patch Patch: 0005-Fix-regression-in-handling-1-5-crontab-entries.patch +# Add support for `-n` option in crontab entries +# https://github.com/cronie-crond/cronie/commit/ce7d5bf0a43d147f8502e6424cd523b56adf5599 +Patch: n_option.patch +# Optimization to close fds from /proc/self/fd in case of high nofile limit after fork +# https://github.com/cronie-crond/cronie/commit/e3682c7135b9176b60d226c60ee4e78cf1ab711b +Patch: optimization_to_close_fds.patch Requires: dailyjobs @@ -211,6 +217,19 @@ exit 0 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/cron.d/dailyjobs %changelog +* Thu Nov 30 2023 Ondřej Pohořelský - 1.5.7-11 +- Add `optimization_to_close_fds.patch` +- Resolves: RHEL-17710 + +* Thu Nov 16 2023 Jan Houška - 1.5.7-10 +- Related: RHEL-5372 +- remove obsolete tests. +- Correct gating.yaml for CI. + +* Fri Nov 10 2023 Ondřej Pohořelský - 1.5.7-9 +- Add support for `-n` option in crontab entries +- Resolves: RHEL-5372 + * Mon Jul 11 2022 Jan Staněk - 1.5.7-8 - Set 'missingok' for /etc/cron.deny to not recreate it on update