Resolves: #240292, #239934 #223476

2007-05-23 12:05:19 +00:00 · 2007-05-23 12:05:19 +00:00 · c06a6ee6c9
commit c06a6ee6c9
parent d39149986b
4 changed files with 238 additions and 1 deletions
--- a/logrotate-3.7.5-cfengine.patch
+++ b/logrotate-3.7.5-cfengine.patch
@ -0,0 +1,11 @@
+--- logrotate-3.7.5/config.c.cfengine	2007-05-14 14:18:44.000000000 +0200
+++ logrotate-3.7.5/config.c	2007-05-14 14:19:06.000000000 +0200
+@@ -31,7 +31,7 @@
+ #endif
+ 
+ static char *defTabooExts[] = { ".rpmsave", ".rpmorig", "~", ",v",
+-    ".rpmnew", ".swp"
+    ".rpmnew", ".swp", ".cfsaved"
+ };
+ static int defTabooCount = sizeof(defTabooExts) / sizeof(char *);
+ 
--- a/logrotate-3.7.5-date.patch
+++ b/logrotate-3.7.5-date.patch
@ -0,0 +1,12 @@
+--- logrotate-3.7.5/examples/logrotate-default.date	2007-05-16 16:36:06.000000000 +0200
+++ logrotate-3.7.5/examples/logrotate-default	2007-05-16 16:36:50.000000000 +0200
+@@ -8,6 +8,9 @@
+ # create new (empty) log files after rotating old ones
+ create
+ 
+# use date as a suffix of rotated file
+dateext
+
+ # uncomment this if you want your log files compressed
+ #compress
+ 
--- a/logrotate-3.7.5-shred.patch
+++ b/logrotate-3.7.5-shred.patch
@ -0,0 +1,201 @@
+--- logrotate-3.7.5/logrotate.h.shred	2007-05-14 09:25:50.000000000 +0200
+++ logrotate-3.7.5/logrotate.h	2007-05-14 10:27:48.000000000 +0200
+@@ -16,6 +16,7 @@
+ #define LOG_FLAG_SHAREDSCRIPTS	(1 << 7)
+ #define LOG_FLAG_COPY		(1 << 8)
+ #define LOG_FLAG_DATEEXT	(1 << 9)
+#define LOG_FLAG_SHRED		(1 << 10)
+ 
+ #define NO_MODE ((mode_t) -1)
+ #define NO_UID  ((uid_t) -1)
+@@ -44,6 +45,7 @@
+     char *uncompress_prog;
+     char *compress_ext;
+     int flags;
+	int shred_cycles;		/* if !=0, pass -n shred_cycles to GNU shred */
+     mode_t createMode;		/* if any/all of these are -1, we use the */
+     uid_t createUid;		/* attributes from the log file just rotated */
+     gid_t createGid;
+--- logrotate-3.7.5/logrotate.c.shred	2007-05-14 09:25:30.000000000 +0200
+++ logrotate-3.7.5/logrotate.c	2007-05-14 10:35:41.000000000 +0200
+@@ -53,6 +53,8 @@
+ char *mailCommand = DEFAULT_MAIL_COMMAND;
+ time_t nowSecs = 0;
+ 
+static int shred_file(char * filename, logInfo *log);
+
+ static int globerr(const char *pathname, int theerr)
+ {
+     message(MESS_ERROR, "error accessing %s: %s\n", pathname,
+@@ -188,11 +190,54 @@
+     return fd;
+ }
+ 
+-static int removeLogFile(char *name)
+#define SHRED_CALL "shred -u "
+#define SHRED_COUNT_FLAG "-n "
+#define DIGITS 10
+/* unlink, but try to call shred from GNU fileutils */
+static int shred_file(char * filename, logInfo *log)
+{
+	int len, ret;
+	char *cmd;
+	char count[DIGITS];    /*  that's a lot of shredding :)  */
+
+	if (!(log->flags & LOG_FLAG_SHRED)) {
+		return unlink(filename);
+	}
+
+	len = strlen(filename) + strlen(SHRED_CALL);
+	len += strlen(SHRED_COUNT_FLAG) + DIGITS;
+	cmd = malloc(len);
+
+	if (!cmd) {
+		message(MESS_ERROR, "malloc error while shredding");
+		return unlink(filename);
+	}
+	strcpy(cmd, SHRED_CALL);
+	if (log->shred_cycles != 0) {
+		strcat(cmd, SHRED_COUNT_FLAG);
+		snprintf(count, DIGITS - 1, "%d", log->shred_cycles);
+		strcat(count, " ");
+		strcat(cmd, count);
+	}
+	strcat(cmd, filename);
+	ret = system(cmd);
+	free(cmd);
+	if (ret != 0) {
+		message(MESS_ERROR, "Failed to shred %s\n, trying unlink", filename);
+		if (ret != -1) {
+			message(MESS_NORMAL, "Shred returned %d\n", ret);
+		}
+		return unlink(filename);
+	} else {
+		return ret;
+	}
+}
+
+static int removeLogFile(char *name, logInfo *log)
+ {
+     message(MESS_DEBUG, "removing old log %s\n", name);
+ 
+-    if (!debug && unlink(name)) {
+    if (!debug && shred_file(name, log)) {
+ 	message(MESS_ERROR, "Failed to remove old log %s: %s\n",
+ 		name, strerror(errno));
+ 	return 1;
+@@ -255,7 +300,7 @@
+ 	return 1;
+     }
+ 
+-    unlink(name);
+    shred_file(name, log);
+ 
+     return 0;
+ }
+@@ -697,7 +742,7 @@
+ 						   mailCommand, logNum,
+ 						   log);
+ 			    if (!hasErrors)
+-				hasErrors = removeLogFile(mailFilename);
+				hasErrors = removeLogFile(mailFilename, log);
+ 			}
+ 			mail_out = i;
+ 		    }
+@@ -737,7 +782,7 @@
+ 			    mailLogWrapper(mailFilename, mailCommand,
+ 					   logNum, log);
+ 		    if (!hasErrors)
+-			hasErrors = removeLogFile(mailFilename);
+			hasErrors = removeLogFile(mailFilename, log);
+ 		}
+ 	    }
+ 	}
+@@ -954,7 +999,7 @@
+     }
+ 
+     if (!hasErrors && rotNames->disposeName)
+-	hasErrors = removeLogFile(rotNames->disposeName);
+	hasErrors = removeLogFile(rotNames->disposeName, log);
+ 
+ #ifdef WITH_SELINUX
+     if (selinux_enabled) {
+--- logrotate-3.7.5/logrotate.8.shred	2007-05-14 09:26:02.000000000 +0200
+++ logrotate-3.7.5/logrotate.8	2007-05-14 10:42:16.000000000 +0200
+@@ -330,6 +330,10 @@
+ not be executed for the affected log only.
+ 
+ .TP
+\fBnoshred\fR
+Do not use \fBshred\fR when deleting old log files. See also \fBshred\fR. 
+
+.TP
+ \fBnotifempty\fR
+ Do not rotate the log if it is empty (this overrides the \fBifempty\fR option).
+ 
+@@ -403,6 +407,16 @@
+ actions will not be executed for any logs. This option overrides the
+ \fBnosharedscripts\fR option and implies \fBcreate\fR option.
+ 
+.TP
+\fBshred\fR
+Delete log files using \fBshred\fR -u instead of unlink().  This should
+ensure that logs are not readable after their scheduled deletion; this is
+off by default.  See also \fBnoshred\fR. 
+
+.TP
+\fBshredcycles\fR \fIcount\fR
+Asks GNU \fBshred\fR to overwite log files \fBcount\fR times before 
+deletion.  Without this option, \fBshred\fR's default will be used.
+ 
+ .TP
+ \fBstart \fIcount\fR
+--- logrotate-3.7.5/config.c.shred	2007-05-14 09:26:42.000000000 +0200
+++ logrotate-3.7.5/config.c	2007-05-14 10:32:37.000000000 +0200
+@@ -432,6 +432,7 @@
+ 	/* uncompress_prog */ NULL,
+ 	/* compress_ext */ NULL,
+ 	/* flags */ LOG_FLAG_IFEMPTY,
+	/* shred_cycles */ 0,
+ 	/* createMode/Uid/Gid */ NO_MODE, NO_UID, NO_GID,
+ 	/* compress_options_list/count */ NULL, 0
+     };
+@@ -638,6 +639,14 @@
+ 		newlog->flags &= ~LOG_FLAG_DELAYCOMPRESS;
+ 
+ 		*endtag = oldchar, start = endtag;
+		} else if (!strcmp(start, "shred")) {
+		newlog->flags |= LOG_FLAG_SHRED;
+
+		*endtag = oldchar, start = endtag;
+		} else if (!strcmp(start, "noshred")) { 
+		newlog->flags &= ~LOG_FLAG_SHRED;
+
+		*endtag = oldchar, start = endtag;
+ 	    } else if (!strcmp(start, "sharedscripts")) {
+ 		newlog->flags |= LOG_FLAG_SHAREDSCRIPTS;
+ 
+@@ -833,7 +842,22 @@
+ 		    *endtag = oldchar, start = endtag;
+ 		}
+ #endif
+-	    } else if (!strcmp(start, "daily")) {
+	    } else if (!strcmp(start, "shredcycles")) {
+		*endtag = oldchar, start = endtag;
+
+		if (!isolateValue(configFile, lineNum, "shred cycles", 
+				&start, &endtag)) {
+			oldchar = *endtag, *endtag = '\0';
+
+			newlog->shred_cycles = strtoul(start, &chptr, 0);
+			if (*chptr || newlog->shred_cycles < 0) {
+				message(MESS_ERROR, "%s:%d bad shred cycles '%s'\n",
+						configFile, lineNum, start);
+				return 1;
+			}
+			*endtag = oldchar, start = endtag;
+		}
+		} else if (!strcmp(start, "daily")) {
+ 		*endtag = oldchar, start = endtag;
+ 
+ 		newlog->criterium = ROT_DAYS;
--- a/logrotate.spec
+++ b/logrotate.spec
@ -1,7 +1,7 @@
 Summary: Rotates, compresses, removes and mails system log files
 Name: logrotate
 Version: 3.7.5
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPL
 Group: System Environment/Base
 # The source for this package was pulled from cvs.
@ -13,6 +13,10 @@ Group: System Environment/Base
 #  make create-archive
 Source: logrotate-%{version}.tar.gz
 Patch1: logrotate-3.7.5-errorHandling.patch
+Patch2: logrotate-3.7.5-shred.patch
+Patch3: logrotate-3.7.5-cfengine.patch
+Patch4: logrotate-3.7.5-date.patch
+Requires: coreutils >= 5.92
 BuildRequires: libselinux-devel
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

@ -30,6 +34,9 @@ log files on your system.
 %prep
 %setup -q
 %patch1 -p1 -b .errorHandling
+%patch2 -p1 -b .shred
+%patch3 -p1 -b .cfengine
+%patch4 -p1 -b .dateext

 %build
 make %{?_smp_mflags} RPM_OPT_FLAGS="$RPM_OPT_FLAGS" WITH_SELINUX=yes
@ -59,6 +66,12 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0644, root, root) %verify(not size md5 mtime) %config(noreplace) %{_localstatedir}/lib/logrotate.status

 %changelog
+* Wed May 23 2007 Tomas Smetana <tsmetana@redhat.com> 3.7.5-4
+- use dateext in the default config file (#240292)
+- add options to use shred for deleting files -- adapt patch sent by
+  Peter Eckersley <pde@eff.org> (#239934)
+- ignore .cfsaved files by default (#223476)
+
 * Sat Mar 31 2007 Peter Vrabec <pvrabec@redhat.com> 3.7.5-3
 - add error checking before running prerotate and postrotate scripts