Merge branch 'master' into el5
This commit is contained in:
commit
21fd5f6adb
26
CVE-2013-4319.patch
Normal file
26
CVE-2013-4319.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
diff --git a/src/server/process_request.c b/src/server/process_request.c
|
||||||
|
index 4817ed0..6b4c955 100644
|
||||||
|
--- a/src/server/process_request.c
|
||||||
|
+++ b/src/server/process_request.c
|
||||||
|
@@ -679,6 +679,21 @@ void process_request(
|
||||||
|
log_buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (svr_conn[sfds].cn_authen != PBS_NET_CONN_FROM_PRIVIL)
|
||||||
|
+ {
|
||||||
|
+ sprintf(log_buffer, "request type %s from host %s rejected (connection not privileged)",
|
||||||
|
+ reqtype_to_txt(request->rq_type),
|
||||||
|
+ request->rq_host);
|
||||||
|
+
|
||||||
|
+ log_record(PBSEVENT_JOB, PBS_EVENTCLASS_JOB, id, log_buffer);
|
||||||
|
+
|
||||||
|
+ req_reject(PBSE_BADHOST, 0, request, NULL, "request not authorized");
|
||||||
|
+
|
||||||
|
+ close_client(sfds);
|
||||||
|
+
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* if (!tfind(svr_conn[sfds].cn_addr, &okclients)) */
|
||||||
|
if (!AVL_is_in_tree(svr_conn[sfds].cn_addr, 0, okclients))
|
||||||
|
{
|
411
CVE-2013-4495.patch
Normal file
411
CVE-2013-4495.patch
Normal file
@ -0,0 +1,411 @@
|
|||||||
|
From 64da0af7ed27284f3397081313850bba270593db Mon Sep 17 00:00:00 2001
|
||||||
|
From: David Beer <dbeer@adaptivecomputing.com>
|
||||||
|
Date: Mon, 11 Nov 2013 11:55:08 -0700
|
||||||
|
Subject: [PATCH] Fix CVE 2013-4495. Note: this patch has been verified as
|
||||||
|
fixing this security hole but has not received other regression testing.
|
||||||
|
|
||||||
|
---
|
||||||
|
src/server/svr_mail.c | 297 ++++++++++++++++++++++++++++++--------------------
|
||||||
|
1 file changed, 178 insertions(+), 119 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/server/svr_mail.c b/src/server/svr_mail.c
|
||||||
|
index 26b6dd7..a776399 100644
|
||||||
|
--- a/src/server/svr_mail.c
|
||||||
|
+++ b/src/server/svr_mail.c
|
||||||
|
@@ -91,6 +91,7 @@
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
+#include <unistd.h>
|
||||||
|
#include "list_link.h"
|
||||||
|
#include "attribute.h"
|
||||||
|
#include "server_limits.h"
|
||||||
|
@@ -98,7 +99,7 @@
|
||||||
|
#include "log.h"
|
||||||
|
#include "server.h"
|
||||||
|
#include "rpp.h"
|
||||||
|
-
|
||||||
|
+#include "utils.h"
|
||||||
|
|
||||||
|
/* External Functions Called */
|
||||||
|
|
||||||
|
@@ -111,21 +112,100 @@ extern struct server server;
|
||||||
|
|
||||||
|
extern int LOGLEVEL;
|
||||||
|
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * write_email()
|
||||||
|
+ *
|
||||||
|
+ * In emailing, the mail body is written to a pipe connected to
|
||||||
|
+ * standard input for sendmail. This function supplies the body
|
||||||
|
+ * of the message.
|
||||||
|
+ *
|
||||||
|
+ */
|
||||||
|
+void write_email(
|
||||||
|
+
|
||||||
|
+ FILE *outmail_input,
|
||||||
|
+ job *pjob,
|
||||||
|
+ char *mailto,
|
||||||
|
+ int mailpoint,
|
||||||
|
+ char *text)
|
||||||
|
+
|
||||||
|
+ {
|
||||||
|
+ char *bodyfmt = NULL;
|
||||||
|
+ char bodyfmtbuf[MAXLINE];
|
||||||
|
+ char *subjectfmt = NULL;
|
||||||
|
+
|
||||||
|
+ /* Pipe in mail headers: To: and Subject: */
|
||||||
|
+ fprintf(outmail_input, "To: %s\n", mailto);
|
||||||
|
+
|
||||||
|
+ /* mail subject line formating statement */
|
||||||
|
+ if ((server.sv_attr[SRV_ATR_MailSubjectFmt].at_flags & ATR_VFLAG_SET) &&
|
||||||
|
+ (server.sv_attr[SRV_ATR_MailSubjectFmt].at_val.at_str != NULL))
|
||||||
|
+ {
|
||||||
|
+ subjectfmt = server.sv_attr[SRV_ATR_MailSubjectFmt].at_val.at_str;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ subjectfmt = "PBS JOB %i";
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ fprintf(outmail_input, "Subject: ");
|
||||||
|
+ svr_format_job(outmail_input, pjob, subjectfmt, mailpoint, text);
|
||||||
|
+ fprintf(outmail_input, "\n");
|
||||||
|
+
|
||||||
|
+ /* Set "Precedence: bulk" to avoid vacation messages, etc */
|
||||||
|
+ fprintf(outmail_input, "Precedence: bulk\n\n");
|
||||||
|
+
|
||||||
|
+ /* mail body formating statement */
|
||||||
|
+ if ((server.sv_attr[SRV_ATR_MailBodyFmt].at_flags & ATR_VFLAG_SET) &&
|
||||||
|
+ (server.sv_attr[SRV_ATR_MailBodyFmt].at_val.at_str != NULL))
|
||||||
|
+ {
|
||||||
|
+ bodyfmt = server.sv_attr[SRV_ATR_MailBodyFmt].at_val.at_str;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ bodyfmt = strcpy(bodyfmtbuf, "PBS Job Id: %i\n"
|
||||||
|
+ "Job Name: %j\n");
|
||||||
|
+ if (pjob->ji_wattr[JOB_ATR_exec_host].at_flags & ATR_VFLAG_SET)
|
||||||
|
+ {
|
||||||
|
+ strcat(bodyfmt, "Exec host: %h\n");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ strcat(bodyfmt, "%m\n");
|
||||||
|
+
|
||||||
|
+ if (text != NULL)
|
||||||
|
+ {
|
||||||
|
+ strcat(bodyfmt, "%d\n");
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Now pipe in the email body */
|
||||||
|
+ svr_format_job(outmail_input, pjob, bodyfmt, mailpoint, text);
|
||||||
|
+ } /* write_email() */
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+
|
||||||
|
void svr_mailowner(
|
||||||
|
|
||||||
|
job *pjob, /* I */
|
||||||
|
- int mailpoint, /* note, single character */
|
||||||
|
+ int mailpoint, /* note, single character */
|
||||||
|
int force, /* if set to MAIL_FORCE, force mail delivery */
|
||||||
|
char *text) /* (optional) additional message text */
|
||||||
|
|
||||||
|
{
|
||||||
|
- char *cmdbuf;
|
||||||
|
- int i;
|
||||||
|
- char *mailfrom;
|
||||||
|
- char mailto[1024];
|
||||||
|
- char *bodyfmt, *subjectfmt;
|
||||||
|
- char bodyfmtbuf[1024];
|
||||||
|
- FILE *outmail;
|
||||||
|
+ int status = 0;
|
||||||
|
+ int numargs = 0;
|
||||||
|
+ int pipes[2];
|
||||||
|
+ int counter;
|
||||||
|
+ pid_t pid;
|
||||||
|
+ char *mailptr;
|
||||||
|
+ char *mailfrom = NULL;
|
||||||
|
+ char tmpBuf[LOG_BUF_SIZE];
|
||||||
|
+ // We call sendmail with cmd_name + 2 arguments + # of mailto addresses + 1 for null
|
||||||
|
+ char *sendmail_args[100];
|
||||||
|
+ char mailto[1024];
|
||||||
|
+ FILE *stream;
|
||||||
|
|
||||||
|
struct array_strings *pas;
|
||||||
|
|
||||||
|
@@ -217,17 +297,12 @@ void svr_mailowner(
|
||||||
|
return; /* its all up to the child now */
|
||||||
|
}
|
||||||
|
|
||||||
|
- /*
|
||||||
|
- * From here on, we are a child process of the server.
|
||||||
|
- * Fix up file descriptors and signal handlers.
|
||||||
|
- */
|
||||||
|
-
|
||||||
|
- rpp_terminate();
|
||||||
|
-
|
||||||
|
- net_close(-1);
|
||||||
|
-
|
||||||
|
+ /* Close the rest of the open file descriptors */
|
||||||
|
+ int numfds = sysconf(_SC_OPEN_MAX);
|
||||||
|
+ while (--numfds > 0)
|
||||||
|
+ close(numfds);
|
||||||
|
+
|
||||||
|
/* Who is mail from, if SRV_ATR_mailfrom not set use default */
|
||||||
|
-
|
||||||
|
if ((mailfrom = server.sv_attr[SRV_ATR_mailfrom].at_val.at_str) == NULL)
|
||||||
|
{
|
||||||
|
if (LOGLEVEL >= 5)
|
||||||
|
@@ -244,19 +319,18 @@ void svr_mailowner(
|
||||||
|
}
|
||||||
|
mailfrom = PBS_DEFAULT_MAIL;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+
|
||||||
|
/* Who does the mail go to? If mail-list, them; else owner */
|
||||||
|
-
|
||||||
|
*mailto = '\0';
|
||||||
|
|
||||||
|
if (pjob->ji_wattr[JOB_ATR_mailuser].at_flags & ATR_VFLAG_SET)
|
||||||
|
{
|
||||||
|
/* has mail user list, send to them rather than owner */
|
||||||
|
-
|
||||||
|
pas = pjob->ji_wattr[JOB_ATR_mailuser].at_val.at_arst;
|
||||||
|
|
||||||
|
if (pas != NULL)
|
||||||
|
{
|
||||||
|
+ int i;
|
||||||
|
for (i = 0;i < pas->as_usedptr;i++)
|
||||||
|
{
|
||||||
|
if ((strlen(mailto) + strlen(pas->as_string[i]) + 2) < sizeof(mailto))
|
||||||
|
@@ -270,7 +344,6 @@ void svr_mailowner(
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* no mail user list, just send to owner */
|
||||||
|
-
|
||||||
|
if ((server.sv_attr[SRV_ATR_MailDomain].at_flags & ATR_VFLAG_SET) &&
|
||||||
|
(server.sv_attr[SRV_ATR_MailDomain].at_val.at_str != NULL))
|
||||||
|
{
|
||||||
|
@@ -316,135 +389,121 @@ void svr_mailowner(
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* mail subject line formating statement */
|
||||||
|
-
|
||||||
|
- if ((server.sv_attr[SRV_ATR_MailSubjectFmt].at_flags & ATR_VFLAG_SET) &&
|
||||||
|
- (server.sv_attr[SRV_ATR_MailSubjectFmt].at_val.at_str != NULL))
|
||||||
|
- {
|
||||||
|
- subjectfmt = server.sv_attr[SRV_ATR_MailSubjectFmt].at_val.at_str;
|
||||||
|
- }
|
||||||
|
- else
|
||||||
|
- {
|
||||||
|
- subjectfmt = "PBS JOB %i";
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /* mail body formating statement */
|
||||||
|
+ sendmail_args[numargs++] = (char *)SENDMAIL_CMD;
|
||||||
|
+ sendmail_args[numargs++] = (char *)"-f";
|
||||||
|
+ sendmail_args[numargs++] = (char *)mailfrom;
|
||||||
|
|
||||||
|
- if ((server.sv_attr[SRV_ATR_MailBodyFmt].at_flags & ATR_VFLAG_SET) &&
|
||||||
|
- (server.sv_attr[SRV_ATR_MailBodyFmt].at_val.at_str != NULL))
|
||||||
|
- {
|
||||||
|
- bodyfmt = server.sv_attr[SRV_ATR_MailBodyFmt].at_val.at_str;
|
||||||
|
- }
|
||||||
|
- else
|
||||||
|
+ /* Add the e-mail addresses to the command line */
|
||||||
|
+ mailptr = strdup(mailto);
|
||||||
|
+ sendmail_args[numargs++] = mailptr;
|
||||||
|
+ for (counter=0; counter < (int)strlen(mailptr); counter++)
|
||||||
|
{
|
||||||
|
- bodyfmt = strcpy(bodyfmtbuf, "PBS Job Id: %i\n"
|
||||||
|
- "Job Name: %j\n");
|
||||||
|
- if (pjob->ji_wattr[JOB_ATR_exec_host].at_flags & ATR_VFLAG_SET)
|
||||||
|
- {
|
||||||
|
- strcat(bodyfmt, "Exec host: %h\n");
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- strcat(bodyfmt, "%m\n");
|
||||||
|
-
|
||||||
|
- if (text != NULL)
|
||||||
|
+ if (mailptr[counter] == ',')
|
||||||
|
{
|
||||||
|
- strcat(bodyfmt, "%d\n");
|
||||||
|
+ mailptr[counter] = '\0';
|
||||||
|
+ sendmail_args[numargs++] = mailptr + counter + 1;
|
||||||
|
+ if (numargs >= 99)
|
||||||
|
+ break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- /* setup sendmail command line with -f from_whom */
|
||||||
|
-
|
||||||
|
- i = strlen(SENDMAIL_CMD) + strlen(mailfrom) + strlen(mailto) + 6;
|
||||||
|
|
||||||
|
- if ((cmdbuf = malloc(i)) == NULL)
|
||||||
|
+ sendmail_args[numargs] = NULL;
|
||||||
|
+
|
||||||
|
+ /* Create a pipe to talk to the sendmail process we are about to fork */
|
||||||
|
+ if (pipe(pipes) == -1)
|
||||||
|
{
|
||||||
|
- char tmpBuf[LOG_BUF_SIZE];
|
||||||
|
-
|
||||||
|
- snprintf(tmpBuf,sizeof(tmpBuf),
|
||||||
|
- "Unable to popen() command '%s' for writing: '%s' (error %d)\n",
|
||||||
|
- cmdbuf,
|
||||||
|
- strerror(errno),
|
||||||
|
- errno);
|
||||||
|
+ snprintf(tmpBuf, sizeof(tmpBuf), "Unable to pipes for sending e-mail\n");
|
||||||
|
log_event(PBSEVENT_ERROR | PBSEVENT_ADMIN | PBSEVENT_JOB,
|
||||||
|
PBS_EVENTCLASS_JOB,
|
||||||
|
pjob->ji_qs.ji_jobid,
|
||||||
|
tmpBuf);
|
||||||
|
|
||||||
|
- exit(1);
|
||||||
|
+ free(mailptr);
|
||||||
|
+ exit(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
- sprintf(cmdbuf, "%s -f %s %s",
|
||||||
|
-
|
||||||
|
- SENDMAIL_CMD,
|
||||||
|
- mailfrom,
|
||||||
|
- mailto);
|
||||||
|
-
|
||||||
|
- outmail = (FILE *)popen(cmdbuf, "w");
|
||||||
|
-
|
||||||
|
- if (outmail == NULL)
|
||||||
|
+ if ((pid=fork()) == -1)
|
||||||
|
{
|
||||||
|
- char tmpBuf[LOG_BUF_SIZE];
|
||||||
|
-
|
||||||
|
- snprintf(tmpBuf,sizeof(tmpBuf),
|
||||||
|
- "Unable to popen() command '%s' for writing: '%s' (error %d)\n",
|
||||||
|
- cmdbuf,
|
||||||
|
- strerror(errno),
|
||||||
|
- errno);
|
||||||
|
+ snprintf(tmpBuf, sizeof(tmpBuf), "Unable to fork for sending e-mail\n");
|
||||||
|
log_event(PBSEVENT_ERROR | PBSEVENT_ADMIN | PBSEVENT_JOB,
|
||||||
|
PBS_EVENTCLASS_JOB,
|
||||||
|
pjob->ji_qs.ji_jobid,
|
||||||
|
tmpBuf);
|
||||||
|
|
||||||
|
+ free(mailptr);
|
||||||
|
+ close(pipes[0]);
|
||||||
|
+ close(pipes[1]);
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+ else if (pid == 0)
|
||||||
|
+ {
|
||||||
|
+ /* CHILD */
|
||||||
|
+
|
||||||
|
+ /* Make stdin the read end of the pipe */
|
||||||
|
+ dup2(pipes[0], 0);
|
||||||
|
+
|
||||||
|
+ /* Close the rest of the open file descriptors */
|
||||||
|
+ int numfds = sysconf(_SC_OPEN_MAX);
|
||||||
|
+ while (--numfds > 0)
|
||||||
|
+ close(numfds);
|
||||||
|
+
|
||||||
|
+ execv(SENDMAIL_CMD, sendmail_args);
|
||||||
|
+ /* This never returns, but if the execv fails the child should exit */
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ /* This is the parent */
|
||||||
|
|
||||||
|
- /* Pipe in mail headers: To: and Subject: */
|
||||||
|
+ /* Close the read end of the pipe */
|
||||||
|
+ close(pipes[0]);
|
||||||
|
|
||||||
|
- fprintf(outmail, "To: %s\n",
|
||||||
|
- mailto);
|
||||||
|
+ /* Write the body to the pipe */
|
||||||
|
+ stream = fdopen(pipes[1], "w");
|
||||||
|
+ write_email(stream, pjob, mailto, mailpoint, text);
|
||||||
|
|
||||||
|
- fprintf(outmail, "Subject: ");
|
||||||
|
- svr_format_job(outmail, pjob, subjectfmt, mailpoint, text);
|
||||||
|
- fprintf(outmail, "\n");
|
||||||
|
+ fflush(stream);
|
||||||
|
|
||||||
|
- /* Set "Precedence: bulk" to avoid vacation messages, etc */
|
||||||
|
+ /* Close and wait for the command to finish */
|
||||||
|
+ if (fclose(stream) != 0)
|
||||||
|
+ {
|
||||||
|
+ snprintf(tmpBuf,sizeof(tmpBuf),
|
||||||
|
+ "Piping mail body to sendmail closed: errno %d:%s\n",
|
||||||
|
+ errno, strerror(errno));
|
||||||
|
|
||||||
|
- fprintf(outmail, "Precedence: bulk\n\n");
|
||||||
|
+ log_event(PBSEVENT_ERROR | PBSEVENT_ADMIN | PBSEVENT_JOB,
|
||||||
|
+ PBS_EVENTCLASS_JOB,
|
||||||
|
+ pjob->ji_qs.ji_jobid,
|
||||||
|
+ tmpBuf);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- /* Now pipe in the email body */
|
||||||
|
- svr_format_job(outmail, pjob, bodyfmt, mailpoint, text);
|
||||||
|
+ // we aren't going to block in order to find out whether or not sendmail worked
|
||||||
|
+ if ((waitpid(pid, &status, WNOHANG) != 0) &&
|
||||||
|
+ (status != 0))
|
||||||
|
+ {
|
||||||
|
+ snprintf(tmpBuf,sizeof(tmpBuf),
|
||||||
|
+ "Sendmail command returned %d. Mail may not have been sent\n",
|
||||||
|
+ status);
|
||||||
|
|
||||||
|
- errno = 0;
|
||||||
|
- if ((i = pclose(outmail)) != 0)
|
||||||
|
- {
|
||||||
|
- char tmpBuf[LOG_BUF_SIZE];
|
||||||
|
+ log_event(PBSEVENT_ERROR | PBSEVENT_ADMIN | PBSEVENT_JOB,
|
||||||
|
+ PBS_EVENTCLASS_JOB,
|
||||||
|
+ pjob->ji_qs.ji_jobid,
|
||||||
|
+ tmpBuf);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- snprintf(tmpBuf,sizeof(tmpBuf),
|
||||||
|
- "Email '%c' to %s failed: Child process '%s' %s %d (errno %d:%s)\n",
|
||||||
|
- mailpoint,
|
||||||
|
- mailto,
|
||||||
|
- cmdbuf,
|
||||||
|
- ((WIFEXITED(i)) ? ("returned") : ((WIFSIGNALED(i)) ? ("killed by signal") : ("croaked"))),
|
||||||
|
- ((WIFEXITED(i)) ? (WEXITSTATUS(i)) : ((WIFSIGNALED(i)) ? (WTERMSIG(i)) : (i))),
|
||||||
|
- errno,
|
||||||
|
- strerror(errno));
|
||||||
|
- log_event(PBSEVENT_ERROR | PBSEVENT_ADMIN | PBSEVENT_JOB,
|
||||||
|
- PBS_EVENTCLASS_JOB,
|
||||||
|
- pjob->ji_qs.ji_jobid,
|
||||||
|
- tmpBuf);
|
||||||
|
- }
|
||||||
|
- else if (LOGLEVEL >= 4)
|
||||||
|
- {
|
||||||
|
- log_event(PBSEVENT_ERROR | PBSEVENT_ADMIN | PBSEVENT_JOB,
|
||||||
|
- PBS_EVENTCLASS_JOB,
|
||||||
|
- pjob->ji_qs.ji_jobid,
|
||||||
|
- "Email sent successfully\n");
|
||||||
|
+ // don't leave zombies
|
||||||
|
+ while (waitpid(-1, &status, WNOHANG) != 0)
|
||||||
|
+ {
|
||||||
|
+ // zombie reaped, NO-OP
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ free(mailptr);
|
||||||
|
+ exit(0);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ /* NOT REACHED */
|
||||||
|
|
||||||
|
exit(0);
|
||||||
|
-
|
||||||
|
- /*NOTREACHED*/
|
||||||
|
-
|
||||||
|
- return;
|
||||||
|
} /* END svr_mailowner() */
|
||||||
|
|
||||||
|
/* END svr_mail.c */
|
10
pbs-mom.service
Normal file
10
pbs-mom.service
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=pbs-mom
|
||||||
|
After=syslog.target network.target trqauthd.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
ExecStart=/usr/sbin/pbs_mom
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
10
pbs-sched.service
Normal file
10
pbs-sched.service
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=pbs-sched
|
||||||
|
After=syslog.target network.target trqauthd.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
ExecStart=/usr/sbin/pbs_sched
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
10
pbs-server.service
Normal file
10
pbs-server.service
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=pbs-server
|
||||||
|
After=syslog.target network.target trqauthd.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
ExecStart=/usr/sbin/pbs_server
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
102
torque.spec
102
torque.spec
@ -71,7 +71,7 @@
|
|||||||
|
|
||||||
Name: torque
|
Name: torque
|
||||||
Version: 4.2.10
|
Version: 4.2.10
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
Summary: Tera-scale Open-source Resource and QUEue manager
|
Summary: Tera-scale Open-source Resource and QUEue manager
|
||||||
Source0: http://www.adaptivecomputing.com/download/%{name}/%{name}-%{version}.tar.gz
|
Source0: http://www.adaptivecomputing.com/download/%{name}/%{name}-%{version}.tar.gz
|
||||||
Source2: xpbs.desktop
|
Source2: xpbs.desktop
|
||||||
@ -80,6 +80,10 @@ Source4: xpbs.png
|
|||||||
Source5: xpbsmon.png
|
Source5: xpbsmon.png
|
||||||
Source6: README.Fedora
|
Source6: README.Fedora
|
||||||
Source8: config
|
Source8: config
|
||||||
|
Source20: pbs-mom.service
|
||||||
|
Source21: pbs-sched.service
|
||||||
|
Source22: pbs-server.service
|
||||||
|
Source23: trqauthd.service
|
||||||
# Feb 3rd 2011, I've sent a mail upstream to request the re-inclusion
|
# Feb 3rd 2011, I've sent a mail upstream to request the re-inclusion
|
||||||
# of the OpenPBS license file in distribution.
|
# of the OpenPBS license file in distribution.
|
||||||
# I'll announce to fedora-devel once this is resolved either way.
|
# I'll announce to fedora-devel once this is resolved either way.
|
||||||
@ -111,7 +115,12 @@ BuildRequires: tcl-devel
|
|||||||
BuildRequires: tk-devel
|
BuildRequires: tk-devel
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
BuildRequires: systemd
|
||||||
|
Requires(post): systemd
|
||||||
|
Requires(preun): systemd
|
||||||
|
Requires(postun): systemd
|
||||||
|
%endif
|
||||||
|
|
||||||
%if 0%{?doxydoc}
|
%if 0%{?doxydoc}
|
||||||
BuildRequires: graphviz
|
BuildRequires: graphviz
|
||||||
@ -119,13 +128,15 @@ BuildRequires: doxygen
|
|||||||
%if "%{?rhel}" == "5"
|
%if "%{?rhel}" == "5"
|
||||||
BuildRequires: graphviz-gd
|
BuildRequires: graphviz-gd
|
||||||
%endif
|
%endif
|
||||||
%if %{?fedora}%{!?fedora:0} >= 9
|
%if %{?fedora}%{!?fedora:0} >= 9 || %{?rhel}%{!?rhel:0} >= 7
|
||||||
BuildRequires: tex(latex)
|
BuildRequires: tex(latex)
|
||||||
BuildRequires: tex-xtab
|
BuildRequires: tex-xtab
|
||||||
BuildRequires: tex-sectsty
|
BuildRequires: tex-sectsty
|
||||||
BuildRequires: tex-tocloft
|
BuildRequires: tex-tocloft
|
||||||
BuildRequires: tex-multirow
|
BuildRequires: tex-multirow
|
||||||
|
%if %{?fedora}%{!?fedora:0}
|
||||||
BuildRequires: tex-adjustbox
|
BuildRequires: tex-adjustbox
|
||||||
|
%endif
|
||||||
%else
|
%else
|
||||||
%if %{?rhel}%{!?rhel:0} >= 6
|
%if %{?rhel}%{!?rhel:0} >= 6
|
||||||
BuildRequires: tex(latex)
|
BuildRequires: tex(latex)
|
||||||
@ -135,6 +146,8 @@ BuildRequires: tetex-latex
|
|||||||
%endif
|
%endif
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
Requires(post): /bin/grep /etc/services
|
||||||
|
|
||||||
%description
|
%description
|
||||||
TORQUE (Tera-scale Open-source Resource and QUEue manager) is a resource
|
TORQUE (Tera-scale Open-source Resource and QUEue manager) is a resource
|
||||||
manager providing control over batch jobs and distributed compute nodes.
|
manager providing control over batch jobs and distributed compute nodes.
|
||||||
@ -368,7 +381,7 @@ CFLAGS="%{optflags} -DUSE_INTERP_RESULT -DUSE_INTERP_ERRORLINE"
|
|||||||
|
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
|
|
||||||
for daemon in pbs_mom pbs_sched pbs_server
|
for daemon in pbs_mom pbs_sched pbs_server trqauthd
|
||||||
do
|
do
|
||||||
sed -i -e 's|^PBS_HOME=.*|PBS_HOME=%{torquehomedir}|' \
|
sed -i -e 's|^PBS_HOME=.*|PBS_HOME=%{torquehomedir}|' \
|
||||||
-e 's|^PBS_DAEMON=.*|PBS_DAEMON=%{_sbindir}/'$daemon'|' \
|
-e 's|^PBS_DAEMON=.*|PBS_DAEMON=%{_sbindir}/'$daemon'|' \
|
||||||
@ -385,11 +398,21 @@ rm -f %{buildroot}%{_libdir}/*/buildindex
|
|||||||
rm -f %{buildroot}/%{_lib}/security/pam_pbssimpleauth.{a,la}
|
rm -f %{buildroot}/%{_lib}/security/pam_pbssimpleauth.{a,la}
|
||||||
mkdir -p %{buildroot}%{_bindir}
|
mkdir -p %{buildroot}%{_bindir}
|
||||||
|
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
# install systemd scripts
|
||||||
|
mkdir -p %{buildroot}%{_unitdir}
|
||||||
|
install -p -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/
|
||||||
|
install -p -m 644 %{SOURCE21} %{buildroot}%{_unitdir}/
|
||||||
|
install -p -m 644 %{SOURCE22} %{buildroot}%{_unitdir}/
|
||||||
|
install -p -m 644 %{SOURCE23} %{buildroot}%{_unitdir}/
|
||||||
|
%else
|
||||||
# install initscripts
|
# install initscripts
|
||||||
mkdir -p %{buildroot}%{_initrddir}
|
mkdir -p %{buildroot}%{_initrddir}
|
||||||
install -p -m 755 contrib/init.d/pbs_mom %{buildroot}%{_initrddir}/pbs_mom
|
install -p -m 755 contrib/init.d/pbs_mom %{buildroot}%{_initrddir}/pbs_mom
|
||||||
install -p -m 755 contrib/init.d/pbs_sched %{buildroot}%{_initrddir}/pbs_sched
|
install -p -m 755 contrib/init.d/pbs_sched %{buildroot}%{_initrddir}/pbs_sched
|
||||||
install -p -m 755 contrib/init.d/pbs_server %{buildroot}%{_initrddir}/pbs_server
|
install -p -m 755 contrib/init.d/pbs_server %{buildroot}%{_initrddir}/pbs_server
|
||||||
|
install -p -m 755 contrib/init.d/trqauthd %{buildroot}%{_initrddir}/trqauthd
|
||||||
|
%endif
|
||||||
|
|
||||||
%if %{build_gui}
|
%if %{build_gui}
|
||||||
# This is really trivial, but cleans up an rpmlint warning
|
# This is really trivial, but cleans up an rpmlint warning
|
||||||
@ -496,21 +519,17 @@ EOF
|
|||||||
rm -rf %{buildroot}
|
rm -rf %{buildroot}
|
||||||
|
|
||||||
%post
|
%post
|
||||||
if grep -q "PBS services" /etc/services;then
|
for srvs in pbs:15001 pbs_mon:15002 pbs_resmom:15003 pbs_sched:15004 ; do
|
||||||
: PBS services already installed
|
port=${srvs/*:/}
|
||||||
else
|
srvs=${srvs/:*/}
|
||||||
cat<<__EOF__>>/etc/services
|
for proto in tcp udp ; do
|
||||||
# Standard PBS services
|
if ! grep -q $srvs'\W\W*'$port'/'$proto /etc/services;then
|
||||||
pbs 15001/tcp # pbs server (pbs_server)
|
cat<<__EOF__>>/etc/services
|
||||||
pbs 15001/udp # pbs server (pbs_server)
|
$srvs $port/$proto
|
||||||
pbs_mom 15002/tcp # mom to/from server
|
|
||||||
pbs_mom 15002/udp # mom to/from server
|
|
||||||
pbs_resmom 15003/tcp # mom resource management requests
|
|
||||||
pbs_resmom 15003/udp # mom resource management requests
|
|
||||||
pbs_sched 15004/tcp # scheduler
|
|
||||||
pbs_sched 15004/udp # scheduler
|
|
||||||
__EOF__
|
__EOF__
|
||||||
fi
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
%posttrans client
|
%posttrans client
|
||||||
/usr/sbin/alternatives --install %{_bindir}/qsub qsub %{_bindir}/qsub-torque 10 \
|
/usr/sbin/alternatives --install %{_bindir}/qsub qsub %{_bindir}/qsub-torque 10 \
|
||||||
@ -547,31 +566,55 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%post mom
|
%post mom
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%systemd_post pbs-mom.service
|
||||||
|
%else
|
||||||
/sbin/chkconfig --add pbs_mom
|
/sbin/chkconfig --add pbs_mom
|
||||||
|
%endif
|
||||||
|
|
||||||
%preun mom
|
%preun mom
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%systemd_preun pbs-mom.service
|
||||||
|
%else
|
||||||
if [ $1 -eq 0 ]; then
|
if [ $1 -eq 0 ]; then
|
||||||
/sbin/service pbs_mom stop >/dev/null 2>&1
|
/sbin/service pbs_mom stop >/dev/null 2>&1
|
||||||
/sbin/chkconfig --del pbs_mom
|
/sbin/chkconfig --del pbs_mom
|
||||||
fi
|
fi
|
||||||
|
%endif
|
||||||
|
|
||||||
%post scheduler
|
%post scheduler
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%systemd_post pbs-sched.service
|
||||||
|
%else
|
||||||
/sbin/chkconfig --add pbs_sched
|
/sbin/chkconfig --add pbs_sched
|
||||||
|
%endif
|
||||||
|
|
||||||
%preun scheduler
|
%preun scheduler
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%systemd_preun pbs-sched.service
|
||||||
|
%else
|
||||||
if [ $1 -eq 0 ]; then
|
if [ $1 -eq 0 ]; then
|
||||||
/sbin/service pbs_sched stop >/dev/null 2>&1
|
/sbin/service pbs_sched stop >/dev/null 2>&1
|
||||||
/sbin/chkconfig --del pbs_sched
|
/sbin/chkconfig --del pbs_sched
|
||||||
fi
|
fi
|
||||||
|
%endif
|
||||||
|
|
||||||
%post server
|
%post server
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%systemd_post pbs-server.service
|
||||||
|
%else
|
||||||
/sbin/chkconfig --add pbs_server
|
/sbin/chkconfig --add pbs_server
|
||||||
|
%endif
|
||||||
|
|
||||||
%preun server
|
%preun server
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%systemd_preun pbs-server.service
|
||||||
|
%else
|
||||||
if [ $1 -eq 0 ]; then
|
if [ $1 -eq 0 ]; then
|
||||||
/sbin/service pbs_server stop >/dev/null 2>&1
|
/sbin/service pbs_server stop >/dev/null 2>&1
|
||||||
/sbin/chkconfig --del pbs_server
|
/sbin/chkconfig --del pbs_server
|
||||||
fi
|
fi
|
||||||
|
%endif
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-, root, root, -)
|
%defattr(-, root, root, -)
|
||||||
@ -729,7 +772,11 @@ fi
|
|||||||
%{_sbindir}/qnoded
|
%{_sbindir}/qnoded
|
||||||
%{_sbindir}/pbs_demux
|
%{_sbindir}/pbs_demux
|
||||||
%{_bindir}/pbs_track
|
%{_bindir}/pbs_track
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%{_unitdir}/pbs-mom.service
|
||||||
|
%else
|
||||||
%{_initrddir}/pbs_mom
|
%{_initrddir}/pbs_mom
|
||||||
|
%endif
|
||||||
%if %{use_rcp}
|
%if %{use_rcp}
|
||||||
%attr(4755, root, root) %{_sbindir}/pbs_rcp
|
%attr(4755, root, root) %{_sbindir}/pbs_rcp
|
||||||
%endif
|
%endif
|
||||||
@ -751,7 +798,11 @@ fi
|
|||||||
%defattr(-, root, root, -)
|
%defattr(-, root, root, -)
|
||||||
%attr(0755, root, root) %{_sbindir}/pbs_sched
|
%attr(0755, root, root) %{_sbindir}/pbs_sched
|
||||||
%{_sbindir}/qschedd
|
%{_sbindir}/qschedd
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%{_unitdir}/pbs-sched.service
|
||||||
|
%else
|
||||||
%{_initrddir}/pbs_sched
|
%{_initrddir}/pbs_sched
|
||||||
|
%endif
|
||||||
%dir %{torquehomedir}/sched_priv
|
%dir %{torquehomedir}/sched_priv
|
||||||
%config(noreplace) %{torquehomedir}/sched_priv/*
|
%config(noreplace) %{torquehomedir}/sched_priv/*
|
||||||
%{torquehomedir}/sched_logs
|
%{torquehomedir}/sched_logs
|
||||||
@ -772,7 +823,13 @@ fi
|
|||||||
%attr(0755, root, root) %{_sbindir}/momctl
|
%attr(0755, root, root) %{_sbindir}/momctl
|
||||||
%attr(0755, root, root) %{_sbindir}/trqauthd
|
%attr(0755, root, root) %{_sbindir}/trqauthd
|
||||||
%{_sbindir}/qserverd
|
%{_sbindir}/qserverd
|
||||||
|
%if 0%{?rhel} >= 7 || 0%{?fedora} > 0
|
||||||
|
%{_unitdir}/pbs-server.service
|
||||||
|
%{_unitdir}/trqauthd.service
|
||||||
|
%else
|
||||||
%{_initrddir}/pbs_server
|
%{_initrddir}/pbs_server
|
||||||
|
%{_initrddir}/trqauthd.service
|
||||||
|
%endif
|
||||||
%dir %{_var}/log/torque/server_logs
|
%dir %{_var}/log/torque/server_logs
|
||||||
%{torquehomedir}/server_logs
|
%{torquehomedir}/server_logs
|
||||||
%{torquehomedir}/server_priv
|
%{torquehomedir}/server_priv
|
||||||
@ -814,6 +871,9 @@ fi
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 24 2015 David Brown <david.brown@pnnl.gov> - 4.2.10-2
|
||||||
|
- Bugfix - #1154413 make manipulating services better.
|
||||||
|
|
||||||
* Mon Apr 6 2015 David Brown <david.brown@pnnl.gov> - 4.2.10-1
|
* Mon Apr 6 2015 David Brown <david.brown@pnnl.gov> - 4.2.10-1
|
||||||
- Updated upstream version
|
- Updated upstream version
|
||||||
|
|
||||||
@ -827,6 +887,12 @@ fi
|
|||||||
- merged fedora latest into epel
|
- merged fedora latest into epel
|
||||||
- This breaks old configs and should be treated carefully
|
- This breaks old configs and should be treated carefully
|
||||||
|
|
||||||
|
* Wed Oct 01 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 3.0.4-6
|
||||||
|
- Fix CVE-2013-4319 (RHBZ #1005918, #1005919)
|
||||||
|
|
||||||
|
* Fri Sep 05 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 3.0.4-5
|
||||||
|
- Fix CVE-2013-4495 (RHBZ #1029752)
|
||||||
|
|
||||||
* Mon Sep 01 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 4.2.8-1
|
* Mon Sep 01 2014 Haïkel Guémar <hguemar@fedoraproject.org> - 4.2.8-1
|
||||||
- upstream 4.2.8
|
- upstream 4.2.8
|
||||||
|
|
||||||
|
10
trqauthd.service
Normal file
10
trqauthd.service
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=trqauthd
|
||||||
|
After=syslog.target network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
ExecStart=/usr/sbin/trqauthd
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user