From 181421145ed7c80e55706b460c3040b52cd7e5ac Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 20 Nov 2024 13:43:32 +0000 Subject: [PATCH] import RHEL 10 Beta logrotate-3.22.0-1.el10 --- .gitignore | 2 +- .logrotate.metadata | 1 - .../0001-logrotate-3.14.0-man-version.patch | 34 - SOURCES/0002-logrotate-3.14.0-coverity.patch | 630 ----------------- ...0003-logrotate-3.14.0-broken-symlink.patch | 89 --- .../0004-logrotate-3.14.0-man-page-su.patch | 37 - ...05-logrotate-3.14.0-btmp-create-mode.patch | 33 - ...rotate-3.14.0-stricter-config-parser.patch | 635 ------------------ cgzones.pgp | 179 +++++ logrotate-3.22.0.tar.xz.asc | 16 + SPECS/logrotate.spec => logrotate.spec | 186 +++-- SOURCES/rwtab => rwtab | 0 sources | 1 + 13 files changed, 331 insertions(+), 1512 deletions(-) delete mode 100644 .logrotate.metadata delete mode 100644 SOURCES/0001-logrotate-3.14.0-man-version.patch delete mode 100644 SOURCES/0002-logrotate-3.14.0-coverity.patch delete mode 100644 SOURCES/0003-logrotate-3.14.0-broken-symlink.patch delete mode 100644 SOURCES/0004-logrotate-3.14.0-man-page-su.patch delete mode 100644 SOURCES/0005-logrotate-3.14.0-btmp-create-mode.patch delete mode 100644 SOURCES/0006-logrotate-3.14.0-stricter-config-parser.patch create mode 100644 cgzones.pgp create mode 100644 logrotate-3.22.0.tar.xz.asc rename SPECS/logrotate.spec => logrotate.spec (79%) rename SOURCES/rwtab => rwtab (100%) create mode 100644 sources diff --git a/.gitignore b/.gitignore index 8c2ebbe..cde49e1 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/logrotate-3.14.0.tar.xz +logrotate-3.22.0.tar.xz diff --git a/.logrotate.metadata b/.logrotate.metadata deleted file mode 100644 index e406f00..0000000 --- a/.logrotate.metadata +++ /dev/null @@ -1 +0,0 @@ -10416a3aaea4fbf6c1a01858f2fb994e132c4127 SOURCES/logrotate-3.14.0.tar.xz diff --git a/SOURCES/0001-logrotate-3.14.0-man-version.patch b/SOURCES/0001-logrotate-3.14.0-man-version.patch deleted file mode 100644 index 726ed2a..0000000 --- a/SOURCES/0001-logrotate-3.14.0-man-version.patch +++ /dev/null @@ -1,34 +0,0 @@ -From b0d067cfba64956893fc095bb37f8c767f5a910e Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Mon, 6 Aug 2018 17:13:31 +0200 -Subject: [PATCH] logrotate.8: document the --version option - -The man page now covers all the options that are listed -by `logrotate --help`. - -Bug: https://bugzilla.redhat.com/1611498 - -Upstream-commit: 4088ef987df2ec48cc3d968eb87ad27c840fa2d8 -Signed-off-by: Kamil Dudka ---- - logrotate.8.in | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/logrotate.8.in b/logrotate.8.in -index 004229e..5ef09c5 100644 ---- a/logrotate.8.in -+++ b/logrotate.8.in -@@ -87,6 +87,10 @@ Prints a short usage message. - \fB\-v\fR, \fB\-\-verbose\fR - Turns on verbose mode, for example to display messages during rotation. - -+.TP -+\fB\-\-version\fR -+Display version information. -+ - .SH CONFIGURATION FILE - - \fBlogrotate\fR reads everything about the log files it should be handling --- -2.17.1 - diff --git a/SOURCES/0002-logrotate-3.14.0-coverity.patch b/SOURCES/0002-logrotate-3.14.0-coverity.patch deleted file mode 100644 index 80d76c3..0000000 --- a/SOURCES/0002-logrotate-3.14.0-coverity.patch +++ /dev/null @@ -1,630 +0,0 @@ -From a4ac21e9a8cfe8a73471a195308a742e07d7fe8d Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Wed, 1 Aug 2018 15:32:38 +0200 -Subject: [PATCH 1/3] readConfigFile: assign and check 'key' separately - -... to make the code readable. No changes in behavior intended -by this commit. ---- - config.c | 312 +++++++++++++++++++++++++++---------------------------- - 1 file changed, 152 insertions(+), 160 deletions(-) - -diff --git a/config.c b/config.c -index 84db36f..d2fba10 100644 ---- a/config.c -+++ b/config.c -@@ -1037,7 +1037,8 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - } - - if (isalpha((unsigned char)*start)) { -- if ((key = isolateWord(&start, &buf, length)) == NULL) -+ key = isolateWord(&start, &buf, length); -+ if (key == NULL) - continue; - if (!strcmp(key, "compress")) { - newlog->flags |= LOG_FLAG_COMPRESS; -@@ -1191,16 +1192,16 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - } - } else if (!strcmp(key, "shredcycles")) { - free(key); -- if ((key = isolateValue(configFile, lineNum, "shred cycles", -- &start, &buf, length)) != NULL) { -- newlog->shred_cycles = strtoul(key, &chptr, 0); -- if (*chptr || newlog->shred_cycles < 0) { -- message(MESS_ERROR, "%s:%d bad shred cycles '%s'\n", -- configFile, lineNum, key); -- goto error; -- } -+ key = isolateValue(configFile, lineNum, "shred cycles", -+ &start, &buf, length); -+ if (key == NULL) -+ continue; -+ newlog->shred_cycles = strtoul(key, &chptr, 0); -+ if (*chptr || newlog->shred_cycles < 0) { -+ message(MESS_ERROR, "%s:%d bad shred cycles '%s'\n", -+ configFile, lineNum, key); -+ goto error; - } -- else continue; - } else if (!strcmp(key, "hourly")) { - newlog->criterium = ROT_HOURLY; - } else if (!strcmp(key, "daily")) { -@@ -1232,59 +1233,53 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - newlog->criterium = ROT_YEARLY; - } else if (!strcmp(key, "rotate")) { - free(key); -- if ((key = isolateValue -- (configFile, lineNum, "rotate count", &start, -- &buf, length)) != NULL) { -- -- newlog->rotateCount = strtoul(key, &chptr, 0); -- if (*chptr || newlog->rotateCount < 0) { -- message(MESS_ERROR, -- "%s:%d bad rotation count '%s'\n", -- configFile, lineNum, key); -- RAISE_ERROR(); -- } -+ key = isolateValue(configFile, lineNum, "rotate count", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ newlog->rotateCount = strtoul(key, &chptr, 0); -+ if (*chptr || newlog->rotateCount < 0) { -+ message(MESS_ERROR, -+ "%s:%d bad rotation count '%s'\n", -+ configFile, lineNum, key); -+ RAISE_ERROR(); - } -- else continue; - } else if (!strcmp(key, "start")) { - free(key); -- if ((key = isolateValue -- (configFile, lineNum, "start count", &start, -- &buf, length)) != NULL) { -- -- newlog->logStart = strtoul(key, &chptr, 0); -- if (*chptr || newlog->logStart < 0) { -- message(MESS_ERROR, "%s:%d bad start count '%s'\n", -- configFile, lineNum, key); -- RAISE_ERROR(); -- } -+ key = isolateValue(configFile, lineNum, "start count", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ newlog->logStart = strtoul(key, &chptr, 0); -+ if (*chptr || newlog->logStart < 0) { -+ message(MESS_ERROR, "%s:%d bad start count '%s'\n", -+ configFile, lineNum, key); -+ RAISE_ERROR(); - } -- else continue; - } else if (!strcmp(key, "minage")) { - free(key); -- if ((key = isolateValue -- (configFile, lineNum, "minage count", &start, -- &buf, length)) != NULL) { -- newlog->rotateMinAge = strtoul(key, &chptr, 0); -- if (*chptr || newlog->rotateMinAge < 0) { -- message(MESS_ERROR, "%s:%d bad minimum age '%s'\n", -- configFile, lineNum, start); -- RAISE_ERROR(); -- } -+ key = isolateValue(configFile, lineNum, "minage count", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ newlog->rotateMinAge = strtoul(key, &chptr, 0); -+ if (*chptr || newlog->rotateMinAge < 0) { -+ message(MESS_ERROR, "%s:%d bad minimum age '%s'\n", -+ configFile, lineNum, start); -+ RAISE_ERROR(); - } -- else continue; - } else if (!strcmp(key, "maxage")) { - free(key); -- if ((key = isolateValue -- (configFile, lineNum, "maxage count", &start, -- &buf, length)) != NULL) { -- newlog->rotateAge = strtoul(key, &chptr, 0); -- if (*chptr || newlog->rotateAge < 0) { -- message(MESS_ERROR, "%s:%d bad maximum age '%s'\n", -- configFile, lineNum, start); -- RAISE_ERROR(); -- } -+ key = isolateValue(configFile, lineNum, "maxage count", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ newlog->rotateAge = strtoul(key, &chptr, 0); -+ if (*chptr || newlog->rotateAge < 0) { -+ message(MESS_ERROR, "%s:%d bad maximum age '%s'\n", -+ configFile, lineNum, start); -+ RAISE_ERROR(); - } -- else continue; - } else if (!strcmp(key, "errors")) { - message(MESS_DEBUG, - "%s: %d: the errors directive is deprecated and no longer used.\n", -@@ -1337,48 +1332,48 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - continue; - } - free(key); -- if ((key = isolateValue(configFile, lineNum, "tabooext", &start, -- &buf, length)) != NULL) { -- endtag = key; -- if (*endtag == '+') { -+ key = isolateValue(configFile, lineNum, "tabooext", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ endtag = key; -+ if (*endtag == '+') { -+ endtag++; -+ while (isspace((unsigned char)*endtag) && *endtag) - endtag++; -- while (isspace((unsigned char)*endtag) && *endtag) -- endtag++; -- } else { -- free_2d_array(tabooPatterns, tabooCount); -- tabooCount = 0; -- /* realloc of NULL is safe by definition */ -- tabooPatterns = NULL; -- } -- -- while (*endtag) { -- int bytes; -- char *pattern = NULL; -+ } else { -+ free_2d_array(tabooPatterns, tabooCount); -+ tabooCount = 0; -+ /* realloc of NULL is safe by definition */ -+ tabooPatterns = NULL; -+ } - -- chptr = endtag; -- while (!isspace((unsigned char)*chptr) && *chptr != ',' && *chptr) -- chptr++; -+ while (*endtag) { -+ int bytes; -+ char *pattern = NULL; - -- /* accept only non-empty patterns to avoid exclusion of everything */ -- if (endtag < chptr) { -- tabooPatterns = realloc(tabooPatterns, sizeof(*tabooPatterns) * -- (tabooCount + 1)); -- bytes = asprintf(&pattern, "*%.*s", (int)(chptr - endtag), endtag); -+ chptr = endtag; -+ while (!isspace((unsigned char)*chptr) && *chptr != ',' && *chptr) -+ chptr++; - -- /* should test for malloc() failure */ -- assert(bytes != -1); -- tabooPatterns[tabooCount] = pattern; -- tabooCount++; -- } -+ /* accept only non-empty patterns to avoid exclusion of everything */ -+ if (endtag < chptr) { -+ tabooPatterns = realloc(tabooPatterns, sizeof(*tabooPatterns) * -+ (tabooCount + 1)); -+ bytes = asprintf(&pattern, "*%.*s", (int)(chptr - endtag), endtag); - -- endtag = chptr; -- if (*endtag == ',') -- endtag++; -- while (*endtag && isspace((unsigned char)*endtag)) -- endtag++; -+ /* should test for malloc() failure */ -+ assert(bytes != -1); -+ tabooPatterns[tabooCount] = pattern; -+ tabooCount++; - } -+ -+ endtag = chptr; -+ if (*endtag == ',') -+ endtag++; -+ while (*endtag && isspace((unsigned char)*endtag)) -+ endtag++; - } -- else continue; - } else if (!strcmp(key, "taboopat")) { - if (newlog != defConfig) { - message(MESS_ERROR, -@@ -1389,68 +1384,68 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - continue; - } - free(key); -- if ((key = isolateValue(configFile, lineNum, "taboopat", &start, -- &buf, length)) != NULL) { -- endtag = key; -- if (*endtag == '+') { -+ key = isolateValue(configFile, lineNum, "taboopat", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ -+ endtag = key; -+ if (*endtag == '+') { -+ endtag++; -+ while (isspace((unsigned char)*endtag) && *endtag) - endtag++; -- while (isspace((unsigned char)*endtag) && *endtag) -- endtag++; -- } else { -- free_2d_array(tabooPatterns, tabooCount); -- tabooCount = 0; -- /* realloc of NULL is safe by definition */ -- tabooPatterns = NULL; -- } -+ } else { -+ free_2d_array(tabooPatterns, tabooCount); -+ tabooCount = 0; -+ /* realloc of NULL is safe by definition */ -+ tabooPatterns = NULL; -+ } - -- while (*endtag) { -- int bytes; -- char *pattern = NULL; -+ while (*endtag) { -+ int bytes; -+ char *pattern = NULL; - -- chptr = endtag; -- while (!isspace((unsigned char)*chptr) && *chptr != ',' && *chptr) -- chptr++; -+ chptr = endtag; -+ while (!isspace((unsigned char)*chptr) && *chptr != ',' && *chptr) -+ chptr++; - -- tabooPatterns = realloc(tabooPatterns, sizeof(*tabooPatterns) * -- (tabooCount + 1)); -- bytes = asprintf(&pattern, "%.*s", (int)(chptr - endtag), endtag); -+ tabooPatterns = realloc(tabooPatterns, sizeof(*tabooPatterns) * -+ (tabooCount + 1)); -+ bytes = asprintf(&pattern, "%.*s", (int)(chptr - endtag), endtag); - -- /* should test for malloc() failure */ -- assert(bytes != -1); -- tabooPatterns[tabooCount] = pattern; -- tabooCount++; -+ /* should test for malloc() failure */ -+ assert(bytes != -1); -+ tabooPatterns[tabooCount] = pattern; -+ tabooCount++; - -- endtag = chptr; -- if (*endtag == ',') -- endtag++; -- while (*endtag && isspace((unsigned char)*endtag)) -- endtag++; -- } -+ endtag = chptr; -+ if (*endtag == ',') -+ endtag++; -+ while (*endtag && isspace((unsigned char)*endtag)) -+ endtag++; - } -- else continue; - } else if (!strcmp(key, "include")) { - free(key); -- if ((key = isolateValue(configFile, lineNum, "include", &start, -- &buf, length)) != NULL) { -- -- message(MESS_DEBUG, "including %s\n", key); -- if (recursion_depth >= MAX_NESTING) { -- message(MESS_ERROR, "%s:%d include nesting too deep\n", -- configFile, lineNum); -- logerror = 1; -- continue; -- } -+ key = isolateValue(configFile, lineNum, "include", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ message(MESS_DEBUG, "including %s\n", key); -+ if (recursion_depth >= MAX_NESTING) { -+ message(MESS_ERROR, "%s:%d include nesting too deep\n", -+ configFile, lineNum); -+ logerror = 1; -+ continue; -+ } - -- ++recursion_depth; -- rv = readConfigPath(key, newlog); -- --recursion_depth; -+ ++recursion_depth; -+ rv = readConfigPath(key, newlog); -+ --recursion_depth; - -- if (rv) { -- logerror = 1; -- continue; -- } -+ if (rv) { -+ logerror = 1; -+ continue; - } -- else continue; - } else if (!strcmp(key, "olddir")) { - freeLogItem (oldDir); - -@@ -1460,28 +1455,23 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - } - message(MESS_DEBUG, "olddir is now %s\n", newlog->oldDir); - } else if (!strcmp(key, "extension")) { -- if ((key = isolateValue -- (configFile, lineNum, "extension name", &start, -- &buf, length)) != NULL) { -- freeLogItem (extension); -- newlog->extension = key; -- key = NULL; -- } -- else continue; -- -- message(MESS_DEBUG, "extension is now %s\n", -- newlog->extension); -+ key = isolateValue(configFile, lineNum, "extension name", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ freeLogItem (extension); -+ newlog->extension = key; -+ key = NULL; -+ message(MESS_DEBUG, "extension is now %s\n", newlog->extension); - - } else if (!strcmp(key, "addextension")) { -- if ((key = isolateValue -- (configFile, lineNum, "addextension name", &start, -- &buf, length)) != NULL) { -- freeLogItem (addextension); -- newlog->addextension = key; -- key = NULL; -- } -- else continue; -- -+ key = isolateValue(configFile, lineNum, "addextension name", &start, -+ &buf, length); -+ if (key == NULL) -+ continue; -+ freeLogItem (addextension); -+ newlog->addextension = key; -+ key = NULL; - message(MESS_DEBUG, "addextension is now %s\n", - newlog->addextension); - -@@ -1827,7 +1817,8 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - break; - case STATE_LOAD_SCRIPT: - case STATE_LOAD_SCRIPT | STATE_SKIP_CONFIG: -- if ((key = isolateWord(&start, &buf, length)) == NULL) -+ key = isolateWord(&start, &buf, length); -+ if (key == NULL) - continue; - - if (strcmp(key, "endscript") == 0) { -@@ -1862,7 +1853,8 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - newlog = defConfig; - } - else { -- if ((key = isolateWord(&start, &buf, length)) == NULL) -+ key = isolateWord(&start, &buf, length); -+ if (key == NULL) - continue; - if ( - (strcmp(key, "postrotate") == 0) || --- -2.17.1 - - -From a3a955494999bd4861f14b846c345cbc96715262 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Wed, 1 Aug 2018 15:09:40 +0200 -Subject: [PATCH 2/3] readConfigFile: assign and free 'key' consistently - -This commit fixes the following memory leaks (detected by Coverity): - -Error: RESOURCE_LEAK: -config.c:1466: overwrite_var: Overwriting "key" in "key = isolateValue(configFile, lineNum, "extension name", &start, &buf, length)" leaks the storage that "key" points to. - -Error: RESOURCE_LEAK: -config.c:1479: overwrite_var: Overwriting "key" in "key = isolateValue(configFile, lineNum, "addextension name", &start, &buf, length)" leaks the storage that "key" points to. - -Error: RESOURCE_LEAK: -config.c:1043: alloc_fn: Storage is returned from allocation function "isolateWord". -config.c:219:2: alloc_fn: Storage is returned from allocation function "strndup". -config.c:219:2: assign: Assigning: "key" = "strndup(start, endtag - start)". -config.c:221:2: return_alloc: Returning allocated memory "key". -config.c:1043: var_assign: Assigning: "key" = storage returned from "isolateWord(&start, &buf, length)". -config.c:1928: leaked_storage: Variable "key" going out of scope leaks the storage it points to. - -Error: RESOURCE_LEAK: -config.c:1153: alloc_fn: Storage is returned from allocation function "isolateValue". -config.c:204:2: alloc_fn: Storage is returned from allocation function "isolateLine". -config.c:178:2: alloc_fn: Storage is returned from allocation function "strndup". -config.c:178:2: assign: Assigning: "key" = "strndup(start, endtag - start + 1L)". -config.c:180:2: return_alloc: Returning allocated memory "key". -config.c:204:2: return_alloc_fn: Directly returning storage allocated by "isolateLine". -config.c:1153: var_assign: Assigning: "key" = storage returned from "isolateValue(configFile, lineNum, opt, &start, &buf, length)". -config.c:1928: leaked_storage: Variable "key" going out of scope leaks the storage it points to. - -Error: RESOURCE_LEAK: -config.c:1219: alloc_fn: Storage is returned from allocation function "isolateLine". -config.c:178:2: alloc_fn: Storage is returned from allocation function "strndup". -config.c:178:2: assign: Assigning: "key" = "strndup(start, endtag - start + 1L)". -config.c:180:2: return_alloc: Returning allocated memory "key". -config.c:1219: var_assign: Assigning: "key" = storage returned from "isolateLine(&start, &buf, length)". -config.c:1928: leaked_storage: Variable "key" going out of scope leaks the storage it points to. - -Closes #208 ---- - config.c | 19 +++++++------------ - 1 file changed, 7 insertions(+), 12 deletions(-) - -diff --git a/config.c b/config.c -index d2fba10..39c9bc7 100644 ---- a/config.c -+++ b/config.c -@@ -1022,10 +1022,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - - start = buf; - for (start = buf; start - buf < length; start++) { -- if (key) { -- free(key); -- key = NULL; -- } - switch (state) { - case STATE_DEFAULT: - if (isblank((unsigned char)*start)) -@@ -1037,6 +1033,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - } - - if (isalpha((unsigned char)*start)) { -+ free(key); - key = isolateWord(&start, &buf, length); - if (key == NULL) - continue; -@@ -1455,6 +1452,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - } - message(MESS_DEBUG, "olddir is now %s\n", newlog->oldDir); - } else if (!strcmp(key, "extension")) { -+ free(key); - key = isolateValue(configFile, lineNum, "extension name", &start, - &buf, length); - if (key == NULL) -@@ -1465,6 +1463,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - message(MESS_DEBUG, "extension is now %s\n", newlog->extension); - - } else if (!strcmp(key, "addextension")) { -+ free(key); - key = isolateValue(configFile, lineNum, "addextension name", &start, - &buf, length); - if (key == NULL) -@@ -1557,8 +1556,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - if (*start != '\n') - state = STATE_SKIP_LINE; - } -- free(key); -- key = NULL; - } else if (*start == '/' || *start == '"' || *start == '\'' - #ifdef GLOB_TILDE - || *start == '~' -@@ -1817,6 +1814,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - break; - case STATE_LOAD_SCRIPT: - case STATE_LOAD_SCRIPT | STATE_SKIP_CONFIG: -+ free(key); - key = isolateWord(&start, &buf, length); - if (key == NULL) - continue; -@@ -1853,6 +1851,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - newlog = defConfig; - } - else { -+ free(key); - key = isolateWord(&start, &buf, length); - if (key == NULL) - continue; -@@ -1884,8 +1883,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - state = STATE_SKIP_LINE | STATE_SKIP_CONFIG; - } - } -- free(key); -- key = NULL; - } - break; - default: -@@ -1893,10 +1890,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - "%s: %d: readConfigFile() unknown state\n", - configFile, lineNum); - } -- if (key) { -- free(key); -- key = NULL; -- } - if (*start == '\n') { - lineNum++; - } -@@ -1910,6 +1903,8 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - goto error; - } - -+ free(key); -+ - munmap(buf, (size_t) length); - close(fd); - return logerror; --- -2.17.1 - - -From 771af94fd6c6299a7cb3d20c8b247591775653d3 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Wed, 1 Aug 2018 16:06:27 +0200 -Subject: [PATCH 3/3] simplify code of prerotateSingleLog() - -... to eliminate a use-after-free false positive reported by Coverity: - -Error: USE_AFTER_FREE: -logrotate.c:1800: freed_arg: "free" frees "oldName". -logrotate.c:1779: use_after_free: Using freed pointer "oldName". - -Closes #209 ---- - logrotate.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/logrotate.c b/logrotate.c -index 02d45e9..95fd70b 100644 ---- a/logrotate.c -+++ b/logrotate.c -@@ -1353,7 +1353,7 @@ static int prerotateSingleLog(struct logInfo *log, int logNum, - struct logState *state, struct logNames *rotNames) - { - struct tm now = *localtime(&nowSecs); -- char *oldName, *newName = NULL; -+ char *oldName = NULL; - const char *compext = ""; - const char *fileext = ""; - int hasErrors = 0; -@@ -1670,6 +1670,7 @@ static int prerotateSingleLog(struct logInfo *log, int logNum, - free(glob_pattern); - } else { - int i; -+ char *newName = NULL; - if (log->rotateAge) { - struct stat fst_buf; - for (i = 1; i <= rotateCount + 1; i++) { -@@ -1697,7 +1698,6 @@ static int prerotateSingleLog(struct logInfo *log, int logNum, - compext) < 0) { - message(MESS_FATAL, "could not allocate disposeName memory\n"); - } -- newName = strdup(oldName); - - rotNames->disposeName = strdup(oldName); - -@@ -1711,6 +1711,8 @@ static int prerotateSingleLog(struct logInfo *log, int logNum, - if (asprintf(&oldName, "%s/%s.%d%s%s", rotNames->dirName, - rotNames->baseName, i, fileext, compext) < 0) { - message(MESS_FATAL, "could not allocate oldName memory\n"); -+ oldName = NULL; -+ break; - } - - message(MESS_DEBUG, -@@ -1727,11 +1729,9 @@ static int prerotateSingleLog(struct logInfo *log, int logNum, - hasErrors = 1; - } - } -- if (hasErrors || i - 1 < 0) -- free(oldName); -- - } - free(newName); -+ free(oldName); - } /* !LOG_FLAG_DATEEXT */ - - if (log->flags & LOG_FLAG_DATEEXT) { --- -2.17.1 - diff --git a/SOURCES/0003-logrotate-3.14.0-broken-symlink.patch b/SOURCES/0003-logrotate-3.14.0-broken-symlink.patch deleted file mode 100644 index 14cfaed..0000000 --- a/SOURCES/0003-logrotate-3.14.0-broken-symlink.patch +++ /dev/null @@ -1,89 +0,0 @@ -From b98dd1933b1ebf5c86041bf135af421fe1ce4fc9 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Fri, 28 Jun 2019 18:22:39 +0200 -Subject: [PATCH] globerr: do not abort globbing on broken symlink - -Fixes #251 - -Upstream-commit: 4297f01103915f4ee356d37bdb35e8c41bbbdb28 -Signed-off-by: Kamil Dudka ---- - config.c | 16 +++++++++++++--- - test/Makefile.am | 1 + - test/test-0084.sh | 14 ++++++++++++++ - test/test-config.84.in | 3 +++ - 4 files changed, 31 insertions(+), 3 deletions(-) - create mode 100755 test/test-0084.sh - create mode 100644 test/test-config.84.in - -diff --git a/config.c b/config.c -index e4807c9..1805a16 100644 ---- a/config.c -+++ b/config.c -@@ -834,9 +834,19 @@ static int globerr(const char *pathname, int theerr) - { - (void) pathname; - -- /* A missing directory is not an error, so return 0 */ -- if (theerr == ENOTDIR) -- return 0; -+ /* prevent glob() from being aborted in certain cases */ -+ switch (theerr) { -+ case ENOTDIR: -+ /* non-directory where directory was expected by the glob */ -+ return 0; -+ -+ case ENOENT: -+ /* most likely symlink with non-existent target */ -+ return 0; -+ -+ default: -+ break; -+ } - - glob_errno = theerr; - -diff --git a/test/Makefile.am b/test/Makefile.am -index 5e838d1..35ba2b9 100644 ---- a/test/Makefile.am -+++ b/test/Makefile.am -@@ -76,6 +76,7 @@ TEST_CASES = \ - test-0075.sh \ - test-0076.sh \ - test-0077.sh \ -+ test-0084.sh \ - test-0100.sh \ - test-0101.sh - -diff --git a/test/test-0084.sh b/test/test-0084.sh -new file mode 100755 -index 0000000..1389331 ---- /dev/null -+++ b/test/test-0084.sh -@@ -0,0 +1,14 @@ -+#!/bin/bash -+ -+. ./test-common.sh -+ -+cleanup 84 -+ -+# ------------------------------- Test 84 ------------------------------------ -+preptest test.log 84 1 -+ -+mkdir -p log/dir -+ln -s XXX log/sym -+touch log/dir/file -+ -+$RLR test-config.84 -v --force -diff --git a/test/test-config.84.in b/test/test-config.84.in -new file mode 100644 -index 0000000..1a79bfe ---- /dev/null -+++ b/test/test-config.84.in -@@ -0,0 +1,3 @@ -+&DIR&/log/*/* { -+ rotate 1 -+} --- -2.21.3 - diff --git a/SOURCES/0004-logrotate-3.14.0-man-page-su.patch b/SOURCES/0004-logrotate-3.14.0-man-page-su.patch deleted file mode 100644 index 4809a72..0000000 --- a/SOURCES/0004-logrotate-3.14.0-man-page-su.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 893ab396daffebfe5bb97e9fcf0adbd7fda1b828 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Fri, 18 Jan 2019 16:10:56 +0100 -Subject: [PATCH] logrotate.8: encourage admins to use the `su` directive - -... to rotate files in directories that are directly or indirectly in -control of non-privileged users. Originally reported in the following -pull request: - -https://github.com/logrotate/logrotate/pull/235 - -Closes #236 - -Upstream-commit: 3e170c0609a18e0bb5fd7f647cb877221d576456 -Signed-off-by: Kamil Dudka ---- - logrotate.8.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/logrotate.8.in b/logrotate.8.in -index 56c4a32..ee26821 100644 ---- a/logrotate.8.in -+++ b/logrotate.8.in -@@ -575,7 +575,9 @@ user/group (usually root). \fIuser\fR specifies the user name used for - rotation and \fIgroup\fR specifies the group used for rotation. If the - user/group you specify here does not have sufficient privilege to make - files with the ownership you've specified in a \fIcreate\fR instruction, --it will cause an error. -+it will cause an error. If logrotate runs with root privileges, it is -+recommended to use the \fBsu\fR directive to rotate files in directories -+that are directly or indirectly in control of non-privileged users. - - .TP - \fBtabooext\fR [+] \fIlist\fR --- -2.21.3 - diff --git a/SOURCES/0005-logrotate-3.14.0-btmp-create-mode.patch b/SOURCES/0005-logrotate-3.14.0-btmp-create-mode.patch deleted file mode 100644 index 8f6e0af..0000000 --- a/SOURCES/0005-logrotate-3.14.0-btmp-create-mode.patch +++ /dev/null @@ -1,33 +0,0 @@ -From a045dbad7370109a8ddf16a24090b8357a9b73fd Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Mon, 26 Aug 2019 15:13:16 +0200 -Subject: [PATCH] examples/btmp: use create mode 0660 - -... to make the created file accessible by the utmp group. - -Bug: https://bugzilla.redhat.com/1745330 -Suggested-by: Steve Grubb - -Closes #257 - -Upstream-commit: b1bddec3e73bff4282bcd4845f27ab7b375469da -Signed-off-by: Kamil Dudka ---- - examples/btmp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/examples/btmp b/examples/btmp -index 393ead5..0aa1ae1 100644 ---- a/examples/btmp -+++ b/examples/btmp -@@ -2,6 +2,6 @@ - /var/log/btmp { - missingok - monthly -- create 0600 root utmp -+ create 0660 root utmp - rotate 1 - } --- -2.37.3 - diff --git a/SOURCES/0006-logrotate-3.14.0-stricter-config-parser.patch b/SOURCES/0006-logrotate-3.14.0-stricter-config-parser.patch deleted file mode 100644 index cc174dd..0000000 --- a/SOURCES/0006-logrotate-3.14.0-stricter-config-parser.patch +++ /dev/null @@ -1,635 +0,0 @@ -From 92067ac8e75b3d1f431982d8156da5ffb18df249 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Thu, 7 Jun 2018 14:49:07 +0200 -Subject: [PATCH 1/7] return non-zero exit status if a config file contains an - error - -... which causes the config file to be skipped - -Closes #199 -Closes #204 - -Upstream-commit: e547b942ebdf58026f0b28a74b3d02a7674e38dc -Signed-off-by: Kamil Dudka ---- - config.c | 1 + - test/Makefile.am | 1 + - test/test-0083.sh | 14 ++++++++++++++ - test/test-config.83.in | 3 +++ - 4 files changed, 19 insertions(+) - create mode 100755 test/test-0083.sh - create mode 100644 test/test-config.83.in - -diff --git a/config.c b/config.c -index 1805a16..ec4c5fb 100644 ---- a/config.c -+++ b/config.c -@@ -1820,6 +1820,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - message(MESS_ERROR, "found error in %s, skipping\n", - newlog->pattern ? newlog->pattern : "log config"); - -+ logerror = 1; - state = STATE_SKIP_CONFIG; - break; - case STATE_LOAD_SCRIPT: -diff --git a/test/Makefile.am b/test/Makefile.am -index 35ba2b9..cfe09c4 100644 ---- a/test/Makefile.am -+++ b/test/Makefile.am -@@ -76,6 +76,7 @@ TEST_CASES = \ - test-0075.sh \ - test-0076.sh \ - test-0077.sh \ -+ test-0083.sh \ - test-0084.sh \ - test-0100.sh \ - test-0101.sh -diff --git a/test/test-0083.sh b/test/test-0083.sh -new file mode 100755 -index 0000000..f6cf26c ---- /dev/null -+++ b/test/test-0083.sh -@@ -0,0 +1,14 @@ -+#!/bin/bash -+ -+. ./test-common.sh -+ -+cleanup 83 -+ -+# ------------------------------- Test 83 ------------------------------------ -+preptest test.log 83 1 -+ -+if $RLR test-config.83 -v --force; then -+ exit 1 -+else -+ exit 0 -+fi -diff --git a/test/test-config.83.in b/test/test-config.83.in -new file mode 100644 -index 0000000..f8a36f8 ---- /dev/null -+++ b/test/test-config.83.in -@@ -0,0 +1,3 @@ -+&DIR&/test.log { -+ rotate 1 # invalid comment -+} --- -2.38.1 - - -From d6b10a7dd5946a6bce400ab87fd1adbde832c046 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 20 Apr 2021 17:41:10 +0200 -Subject: [PATCH 2/7] Log if keyword is not properly separated - -The man page states - Values are separated from directives by whitespace and/or an - optional =. - -But logrotate does accept no separator, like - rotate7 - -Log those occurrences with a normal severity, as this usage is not -intended. - -Upstream-commit: 2b588b5ec2e5c27bee857c4abeddafa6a9602ebc -Signed-off-by: Kamil Dudka ---- - config.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/config.c b/config.c -index ec4c5fb..cfbb3d1 100644 ---- a/config.c -+++ b/config.c -@@ -1047,6 +1047,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - key = isolateWord(&start, &buf, length); - if (key == NULL) - continue; -+ if (!isspace((unsigned char)*start)) { -+ message(MESS_NORMAL, "%s:%d keyword '%s' not properly" -+ " separated, found %#x\n", -+ configFile, lineNum, key, *start); -+ } - if (!strcmp(key, "compress")) { - newlog->flags |= LOG_FLAG_COMPRESS; - } else if (!strcmp(key, "nocompress")) { --- -2.38.1 - - -From 0881276c62ac95d803371f3f5c6cf11ffb552211 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 20 Apr 2021 17:41:12 +0200 -Subject: [PATCH 3/7] Log error on keyword parse failure - -isolateWord() only fails on OOM and EOF. - -Upstream-commit: 326179a901b0a8d10e902cae0abab0c68d7abc98 -Signed-off-by: Kamil Dudka ---- - config.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/config.c b/config.c -index cfbb3d1..5a774ac 100644 ---- a/config.c -+++ b/config.c -@@ -1045,8 +1045,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - if (isalpha((unsigned char)*start)) { - free(key); - key = isolateWord(&start, &buf, length); -- if (key == NULL) -+ if (key == NULL) { -+ message(MESS_ERROR, "%s:%d failed to parse keyword\n", -+ configFile, lineNum); - continue; -+ } - if (!isspace((unsigned char)*start)) { - message(MESS_NORMAL, "%s:%d keyword '%s' not properly" - " separated, found %#x\n", --- -2.38.1 - - -From 539b863fbd211b61614493447040cb340b53f0c0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 20 Apr 2021 17:41:20 +0200 -Subject: [PATCH 4/7] Fail on parse error of required option value - -Fail on a parse error of a required option value of the directives -include, extension, addextension, rotate, start, minage, maxage, -shredcycles and su. -Failing is better than silently skipping a directive and running with an -undesired configuration. - -Upstream-commit: 906ea11981cb1842538c4aaed395885fda693e47 -Signed-off-by: Kamil Dudka ---- - config.c | 49 ++++++++++++++++++++++++++++++------------------- - 1 file changed, 30 insertions(+), 19 deletions(-) - -diff --git a/config.c b/config.c -index 5a774ac..ae7bf4b 100644 ---- a/config.c -+++ b/config.c -@@ -1110,8 +1110,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - mode_t tmp_mode = NO_MODE; - free(key); - key = isolateLine(&start, &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ message(MESS_ERROR, "%s:%d failed to parse su option value\n", -+ configFile, lineNum); -+ RAISE_ERROR(); -+ } - - rv = readModeUidGid(configFile, lineNum, key, "su", - &tmp_mode, &newlog->suUid, -@@ -1209,13 +1212,14 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "shred cycles", - &start, &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - newlog->shred_cycles = strtoul(key, &chptr, 0); - if (*chptr || newlog->shred_cycles < 0) { - message(MESS_ERROR, "%s:%d bad shred cycles '%s'\n", - configFile, lineNum, key); -- goto error; -+ RAISE_ERROR(); - } - } else if (!strcmp(key, "hourly")) { - newlog->criterium = ROT_HOURLY; -@@ -1250,8 +1254,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "rotate count", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - newlog->rotateCount = strtoul(key, &chptr, 0); - if (*chptr || newlog->rotateCount < 0) { - message(MESS_ERROR, -@@ -1263,8 +1268,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "start count", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - newlog->logStart = strtoul(key, &chptr, 0); - if (*chptr || newlog->logStart < 0) { - message(MESS_ERROR, "%s:%d bad start count '%s'\n", -@@ -1275,8 +1281,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "minage count", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - newlog->rotateMinAge = strtoul(key, &chptr, 0); - if (*chptr || newlog->rotateMinAge < 0) { - message(MESS_ERROR, "%s:%d bad minimum age '%s'\n", -@@ -1287,8 +1294,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "maxage count", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - newlog->rotateAge = strtoul(key, &chptr, 0); - if (*chptr || newlog->rotateAge < 0) { - message(MESS_ERROR, "%s:%d bad maximum age '%s'\n", -@@ -1443,8 +1451,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "include", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - message(MESS_DEBUG, "including %s\n", key); - if (recursion_depth >= MAX_NESTING) { - message(MESS_ERROR, "%s:%d include nesting too deep\n", -@@ -1473,8 +1482,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "extension name", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - freeLogItem (extension); - newlog->extension = key; - key = NULL; -@@ -1484,8 +1494,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - free(key); - key = isolateValue(configFile, lineNum, "addextension name", &start, - &buf, length); -- if (key == NULL) -- continue; -+ if (key == NULL) { -+ RAISE_ERROR(); -+ } - freeLogItem (addextension); - newlog->addextension = key; - key = NULL; --- -2.38.1 - - -From bf20b227b45b232eec9b659839d7ae20604f5de3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Mon, 26 Jul 2021 19:35:00 +0200 -Subject: [PATCH 5/7] Do not warn on key value pair separated by only an equal - sign - -Do not warn if a configuration directive is specified with the key and -value separated by just an equal sign, like: - - size=+2048k - -The warning is intended for the usage of: - - size2048k - -Fixes: 2b588b5e ("Log if keyword is not properly separated") -Fixes: #410 - -Upstream-commit: a98c38bc867ec59e00625b48262bb3334c8f5728 -Signed-off-by: Kamil Dudka ---- - config.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/config.c b/config.c -index ae7bf4b..569104d 100644 ---- a/config.c -+++ b/config.c -@@ -1050,7 +1050,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - configFile, lineNum); - continue; - } -- if (!isspace((unsigned char)*start)) { -+ if (!isspace((unsigned char)*start) && *start != '=') { - message(MESS_NORMAL, "%s:%d keyword '%s' not properly" - " separated, found %#x\n", - configFile, lineNum, key, *start); --- -2.38.1 - - -From 07faa84dc2e31002b0212c0b57669595ef9be99d Mon Sep 17 00:00:00 2001 -From: Felix Wilhelm -Date: Thu, 21 Oct 2021 09:47:57 +0000 -Subject: [PATCH 6/7] config.c: enforce stricter parsing of config files - -Abort parsing of config files that contain invalid lines. -This makes it harder to abuse logrotate for privilege escalation -attacks where an attacker can partially control a privileged file write. - -Upstream-commit: 124e4ca6532b0fe823fa2ec145294547b3aaeb4b -Signed-off-by: Kamil Dudka ---- - config.c | 7 ++++--- - test/Makefile.am | 4 +++- - test/test-0102.sh | 16 ++++++++++++++++ - test/test-0103.sh | 16 ++++++++++++++++ - test/test-config.102.in | 10 ++++++++++ - test/test-config.103.in | 12 ++++++++++++ - 6 files changed, 61 insertions(+), 4 deletions(-) - create mode 100755 test/test-0102.sh - create mode 100755 test/test-0103.sh - create mode 100644 test/test-config.102.in - create mode 100644 test/test-config.103.in - -diff --git a/config.c b/config.c -index 569104d..36765be 100644 ---- a/config.c -+++ b/config.c -@@ -1048,12 +1048,13 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - if (key == NULL) { - message(MESS_ERROR, "%s:%d failed to parse keyword\n", - configFile, lineNum); -- continue; -+ RAISE_ERROR(); - } - if (!isspace((unsigned char)*start) && *start != '=') { -- message(MESS_NORMAL, "%s:%d keyword '%s' not properly" -+ message(MESS_ERROR, "%s:%d keyword '%s' not properly" - " separated, found %#x\n", - configFile, lineNum, key, *start); -+ RAISE_ERROR(); - } - if (!strcmp(key, "compress")) { - newlog->flags |= LOG_FLAG_COMPRESS; -@@ -1805,7 +1806,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) - message(MESS_ERROR, "%s:%d lines must begin with a keyword " - "or a filename (possibly in double quotes)\n", - configFile, lineNum); -- state = STATE_SKIP_LINE; -+ RAISE_ERROR(); - } - break; - case STATE_SKIP_LINE: -diff --git a/test/Makefile.am b/test/Makefile.am -index cfe09c4..255c1f7 100644 ---- a/test/Makefile.am -+++ b/test/Makefile.am -@@ -79,7 +79,9 @@ TEST_CASES = \ - test-0083.sh \ - test-0084.sh \ - test-0100.sh \ -- test-0101.sh -+ test-0101.sh \ -+ test-0102.sh \ -+ test-0103.sh - - EXTRA_DIST = \ - compress \ -diff --git a/test/test-0102.sh b/test/test-0102.sh -new file mode 100755 -index 0000000..d2550a5 ---- /dev/null -+++ b/test/test-0102.sh -@@ -0,0 +1,16 @@ -+#!/bin/sh -+ -+. ./test-common.sh -+ -+cleanup 102 -+ -+# ------------------------------- Test 102 ------------------------------------ -+# test invalid config file with binary content -+preptest test.log 102 1 -+ -+$RLR test-config.102 --force -+ -+if [ $? -eq 0 ]; then -+ echo "No error, but there should be one." -+ exit 3 -+fi -diff --git a/test/test-0103.sh b/test/test-0103.sh -new file mode 100755 -index 0000000..bccd8ed ---- /dev/null -+++ b/test/test-0103.sh -@@ -0,0 +1,16 @@ -+#!/bin/sh -+ -+. ./test-common.sh -+ -+cleanup 103 -+ -+# ------------------------------- Test 103 ------------------------------------ -+# test invalid config file with unknown keywords -+preptest test.log 103 1 -+ -+$RLR test-config.103 --force -+ -+if [ $? -eq 0 ]; then -+ echo "No error, but there should be one." -+ exit 3 -+fi -diff --git a/test/test-config.102.in b/test/test-config.102.in -new file mode 100644 -index 0000000..cbca4c4 ---- /dev/null -+++ b/test/test-config.102.in -@@ -0,0 +1,10 @@ -+ELF -+ -+&DIR&/test.log { -+ daily -+ size=0 -+ -+firstaction -+ /bin/sh -c "echo test123" -+ endscript -+} -diff --git a/test/test-config.103.in b/test/test-config.103.in -new file mode 100644 -index 0000000..ef4d19c ---- /dev/null -+++ b/test/test-config.103.in -@@ -0,0 +1,12 @@ -+random noise -+a b c d -+a::x -+ -+&DIR&/test.log { -+ daily -+ size=0 -+ -+firstaction -+ /bin/sh -c "echo test123" -+ endscript -+} --- -2.38.1 - - -From 88870bf2d84f65d0f2633bb32b7dc696be51d202 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Mon, 13 Dec 2021 21:47:16 +0100 -Subject: [PATCH 7/7] Add more testcases for stricter configuration parsing - -Upstream-commit: 9cbc22b91caff6cfbd1378737c62276bd9ffe3e7 -Signed-off-by: Kamil Dudka ---- - test/Makefile.am | 4 +++- - test/test-0102.sh | 5 +++++ - test/test-0103.sh | 5 +++++ - test/test-0104.sh | 19 +++++++++++++++++++ - test/test-0105.sh | 25 +++++++++++++++++++++++++ - test/test-config.104.in | 8 ++++++++ - test/test-config.105.in | 8 ++++++++ - 7 files changed, 73 insertions(+), 1 deletion(-) - create mode 100755 test/test-0104.sh - create mode 100755 test/test-0105.sh - create mode 100644 test/test-config.104.in - create mode 100644 test/test-config.105.in - -diff --git a/test/Makefile.am b/test/Makefile.am -index 255c1f7..a489a76 100644 ---- a/test/Makefile.am -+++ b/test/Makefile.am -@@ -81,7 +81,9 @@ TEST_CASES = \ - test-0100.sh \ - test-0101.sh \ - test-0102.sh \ -- test-0103.sh -+ test-0103.sh \ -+ test-0104.sh \ -+ test-0105.sh - - EXTRA_DIST = \ - compress \ -diff --git a/test/test-0102.sh b/test/test-0102.sh -index d2550a5..367bde9 100755 ---- a/test/test-0102.sh -+++ b/test/test-0102.sh -@@ -14,3 +14,8 @@ if [ $? -eq 0 ]; then - echo "No error, but there should be one." - exit 3 - fi -+ -+checkoutput <> .gitignore << EOF @@ -56,14 +49,6 @@ EOF git add .gitignore git commit -m "update .gitignore" -%if 0%{?fedora} == 0 && 0%{?rhel} < 7 -sed -e 's/^AM_EXTRA_RECURSIVE_TARGETS/dnl AM_EXTRA_RECURSIVE_TARGETS/' \ - -e 's/ serial-tests//' \ - -i configure.ac -git add configure.ac -git commit -m "configure.ac: compatibility fixes for RHEL-6" -%endif - autoreconf -fiv git add --all git commit -m "force autoreconf" --allow-empty @@ -72,25 +57,25 @@ git commit -m "force autoreconf" --allow-empty mkdir build && cd build %global _configure ../configure %configure --with-state-file-path=%{_localstatedir}/lib/logrotate/logrotate.status -make %{?_smp_mflags} V=1 +%make_build %check -make %{?_smp_mflags} -C build check +%make_build -C build -s check %install %make_install -C build mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily +mkdir -p $RPM_BUILD_ROOT%{_unitdir} mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/logrotate -install -p -m 644 examples/logrotate-default $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.conf +install -p -m 644 examples/logrotate.conf $RPM_BUILD_ROOT%{_sysconfdir}/ install -p -m 644 examples/{b,w}tmp $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/ -install -p -m 755 examples/logrotate.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/logrotate +install -p -m 644 examples/logrotate.{service,timer} $RPM_BUILD_ROOT%{_unitdir}/ # Make sure logrotate is able to run on read-only root mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d -install -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/logrotate +install -m644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/logrotate %pre # If /var/lib/logrotate/logrotate.status does not exist, create it and copy @@ -102,37 +87,134 @@ if [ ! -d %{_localstatedir}/lib/logrotate/ -a -f %{_localstatedir}/lib/logrotate cp -a %{_localstatedir}/lib/logrotate.status %{_localstatedir}/lib/logrotate fi +%post +%systemd_post logrotate.{service,timer} + +# If there is any cron daemon configured, enable the systemd timer to avoid +# breaking the configuration silently when upgrading from 3.14.0-4 or +# earlier versions +%triggerin -- logrotate < 3.14.0-5 +[ -e %{_sysconfdir}/crontab -o -e %{_sysconfdir}/anacrontab -o -e %{_sysconfdir}/fcrontab ] \ + && %{_bindir}/systemctl enable --now logrotate.timer &>/dev/null || : + +%preun +%systemd_preun logrotate.{service,timer} + %files -%{!?_licensedir:%global license %%doc} %license COPYING %doc ChangeLog.md %{_sbindir}/logrotate +%{_unitdir}/logrotate.{service,timer} %{_mandir}/man8/logrotate.8* %{_mandir}/man5/logrotate.conf.5* -%dir %{_sysconfdir}/cron.daily -%config(noreplace) %{_sysconfdir}/cron.daily/logrotate %config(noreplace) %{_sysconfdir}/logrotate.conf %dir %{_sysconfdir}/logrotate.d %config(noreplace) %{_sysconfdir}/logrotate.d/{b,w}tmp %dir %{_localstatedir}/lib/logrotate -%ghost %verify(not size md5 mtime) %attr(0644, root, root) %{_localstatedir}/lib/logrotate/logrotate.status +%ghost %verify(not size md5 mtime) %attr(0640, root, root) %{_localstatedir}/lib/logrotate/logrotate.status %config(noreplace) %{_sysconfdir}/rwtab.d/logrotate %changelog -* Tue Dec 20 2022 Kamil Dudka - 3.14.0-6 -- enforce stricter parsing of config files (#2148925) +* Mon Jun 10 2024 Jan Macku - 3.22.0-1 +- new upstream version 3.22.0 +- release signed with new key (cgzones.pgp) -* Mon Nov 14 2022 Kamil Dudka - 3.14.0-5 -- create /var/log/btmp with mode 0660 (#2061561) +* Thu Jan 25 2024 Fedora Release Engineering - 3.21.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -* Wed May 06 2020 Kamil Dudka - 3.14.0-4 -- logrotate.8: encourage admins to use the `su` directive (#1759770) -- do not abort globbing on broken symlink (#1723265) +* Sun Jan 21 2024 Fedora Release Engineering - 3.21.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -* Fri Aug 10 2018 Kamil Dudka - 3.14.0-3 +* Thu Jul 20 2023 Fedora Release Engineering - 3.21.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Mar 22 2023 Lukáš Zaoral - 3.21.0-3 +- migrated to SPDX license + +* Thu Jan 19 2023 Fedora Release Engineering - 3.21.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Dec 13 2022 Kamil Dudka - 3.21.0-1 +- new upstream version 3.21.0 + +* Thu Jul 21 2022 Fedora Release Engineering - 3.20.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Fri May 27 2022 Kamil Dudka - 3.20.1-2 +- lockState: do not print `error:` when exit code is unaffected (#2090926) + +* Wed May 25 2022 Kamil Dudka - 3.20.1-1 +- new upstream version 3.20.1, which fixes the following security issue: + CVE-2022-1348 - potential DoS from unprivileged users via the state file + +* Tue Mar 15 2022 Kamil Dudka - 3.19.0-3 +- verify GPG signature of upstream tarball when building the package + +* Thu Jan 20 2022 Fedora Release Engineering - 3.19.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jan 07 2022 Kamil Dudka - 3.19.0-1 +- new upstream version 3.19.0 + +* Thu Jul 22 2021 Fedora Release Engineering - 3.18.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Kamil Dudka - 3.18.1-1 +- new upstream version 3.18.1 + +* Tue May 04 2021 Kamil Dudka - 3.18.0-3 +- make `renamecopy` and `copytruncate` override each other (#1934601) +- unify documentation of copy/copytruncate/renamecopy (#1934629) +- fix resource leaks reported by Coverity + +* Tue Jan 26 2021 Fedora Release Engineering - 3.18.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Jan 08 2021 Kamil Dudka - 3.18.0-1 +- new upstream version 3.18.0 + +* Tue Jul 28 2020 Fedora Release Engineering - 3.17.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 13 2020 Tom Stellard - 3.17.0-2 +- Use make macros +- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro + +* Fri Jul 10 2020 Kamil Dudka - 3.17.0-1 +- new upstream version 3.17.0 + +* Fri Feb 28 2020 Kamil Dudka - 3.16.0-1 +- new upstream version 3.16.0 + +* Thu Jan 30 2020 Kamil Dudka - 3.15.1-3 +- make the code compile with gcc-10 + +* Wed Jan 29 2020 Fedora Release Engineering - 3.15.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Aug 30 2019 Kamil Dudka - 3.15.1-1 +- new upstream version 3.15.1 + +* Thu Jul 25 2019 Fedora Release Engineering - 3.15.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri Feb 01 2019 Fedora Release Engineering - 3.15.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Dec 04 2018 Kamil Dudka - 3.15.0-1 +- new upstream version 3.15.0 + +* Wed Nov 21 2018 Alejandro Domínguez Muñoz - 3.14.0-5 +- add make as a build dependency +- replace cron job with a systemd timer unit (#1502085, #1655153) + +* Fri Aug 10 2018 Kamil Dudka - 3.14.0-4 - fix programming mistakes detected by Coverity Analysis - document the --version option in the logrotate(8) man page (#1611498) +* Fri Jul 13 2018 Fedora Release Engineering - 3.14.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Wed Jul 11 2018 Kamil Dudka - 3.14.0-2 - fix license tag to match the source code license diff --git a/SOURCES/rwtab b/rwtab similarity index 100% rename from SOURCES/rwtab rename to rwtab diff --git a/sources b/sources new file mode 100644 index 0000000..393ca67 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (logrotate-3.22.0.tar.xz) = 16fd95b4daef779212008c4a968c7a7130be8d550f58531d24fc04599cb9adff6323a745725b3b14d7312ad36cb6646fe33a3defdb5b70cda2cec9646aab066a