rpms/vixie-cron/FC-4 vixie-cron-4.1-_42-bz178431.patch,NONE,1.1

Tue Jan 24 00:04:09 UTC 2006

Author: jvdias

Update of /cvs/dist/rpms/vixie-cron/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv12832

Added Files:
	vixie-cron-4.1-_42-bz178431.patch 
Log Message:
fix bug 178431

vixie-cron-4.1-_42-bz178431.patch:
 do_command.c |   95 ++++++++++++++++++++---------------------------------------
 1 files changed, 33 insertions(+), 62 deletions(-)

--- NEW FILE vixie-cron-4.1-_42-bz178431.patch ---
--- vixie-cron-4.1/do_command.c.bz178431	2006-01-23 17:16:54.000000000 -0500
+++ vixie-cron-4.1/do_command.c	2006-01-23 18:43:24.000000000 -0500
@@ -107,7 +107,7 @@
 #if defined(WITH_PAM)
 	int		retcode = 0;
 #endif
-
+	char **jobenv;
 
 	Debug(DPROC, ("[%ld] child_process('%s')\n", (long)getpid(), e->cmd))
 
@@ -189,6 +189,7 @@
 	retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT);
 	PAM_FAIL_CHECK;
 	log_close(); /* PAM has now re-opened our log to auth.info ! */
+	jobenv = build_env(e->envp);
 #endif
 
 	/* fork again, this time so we can exec the user's command.
@@ -259,71 +260,40 @@
 		/* set our directory, uid and gid.  Set gid first, since once
 		 * we set uid, we've lost root privledges.
 		 */
-#ifdef LOGIN_CAP
+                if( setgid(e->pwd->pw_gid) == -1 )
 		{
-#ifdef BSD_AUTH
-			auth_session_t *as;
-#endif
-			login_cap_t *lc;
-			char **p;
-			extern char **environ;
+			openlog(ProgramName, LOG_PID, LOG_CRON);
+			syslog(LOG_ERR,"(%s): error: setgid failed: %s\n",
+			       e->pwd->pw_name, strerror(errno) 
+			      );
+			_exit(ERROR_EXIT);
+		}
+			  
+		if( initgroups(usernm, e->pwd->pw_gid) == -1 )
+		{
+			openlog(ProgramName, LOG_PID, LOG_CRON);
+			syslog(LOG_ERR,"(%s): error: initgroups failed: %s\n",
+			       e->pwd->pw_name, strerror(errno) 
+			      );
+			_exit(ERROR_EXIT);
+		}
 
-			if ((lc = login_getclass(e->pwd->pw_class)) == NULL) {
-				fprintf(stderr,
-				    "unable to get login class for %s\n",
-				    e->pwd->pw_name);
-				_exit(ERROR_EXIT);
-			}
-			if (setusercontext(lc, e->pwd, e->pwd->pw_uid, LOGIN_SETALL) < 0) {
-				fprintf(stderr,
-				    "setusercontext failed for %s\n",
-				    e->pwd->pw_name);
-				_exit(ERROR_EXIT);
-			}
-#ifdef BSD_AUTH
-			as = auth_open();
-			if (as == NULL || auth_setpwd(as, e->pwd) != 0) {
-				fprintf(stderr, "can't malloc\n");
-				_exit(ERROR_EXIT);
-			}
-			if (auth_approval(as, lc, usernm, "cron") <= 0) {
-				fprintf(stderr, "approval failed for %s\n",
-				    e->pwd->pw_name);
-				_exit(ERROR_EXIT);
-			}
-			auth_close(as);
-#endif /* BSD_AUTH */
-			login_close(lc);
-
-			/* If no PATH specified in crontab file but
-			 * we just added one via login.conf, add it to
-			 * the crontab environment.
-			 */
-			if (env_get("PATH", e->envp) == NULL && environ != NULL) {
-				for (p = environ; *p; p++) {
-					if (strncmp(*p, "PATH=", 5) == 0) {
-						e->envp = env_set(e->envp, *p);
-						break;
-					}
-				}
-			}
+		if( setuid(e->pwd->pw_uid) == -1)
+		{
+			openlog(ProgramName, LOG_PID, LOG_CRON);
+			syslog(LOG_ERR,"(%s): error: setuid failed: %s\n",
+			       e->pwd->pw_name, strerror(errno) 
+			      );
+			_exit(ERROR_EXIT);
 		}
-#else
-		setgid(e->pwd->pw_gid);
-		initgroups(usernm, e->pwd->pw_gid);
-#if (defined(BSD)) && (BSD >= 199103)
-		setlogin(usernm);
-#endif /* BSD */
-		setuid(e->pwd->pw_uid);	/* we aren't root after this... */
 
-#endif /* LOGIN_CAP */
-		chdir(env_get("HOME", e->envp));
+		chdir(env_get("HOME", jobenv));
 
 		/*
 		 * Exec the command.
 		 */
 		{
-			char	*shell = env_get("SHELL", e->envp);
+			char	*shell = env_get("SHELL", jobenv);
 
 # if DEBUGGING
 			if (DebugFlags & DTEST) {
@@ -339,16 +309,17 @@
 			if ((is_selinux_enabled() >0) && (u->scontext != 0L)) {
 				if (setexeccon(u->scontext) < 0) {
 					if (security_getenforce() > 0) {
-						fprintf(stderr, 
-							"Could not set exec context to %s for user  %s\n", 
-							u->scontext,u->name);
+						openlog(ProgramName, LOG_PID, LOG_CRON);
+						syslog(LOG_ERR,
+						       "(%s): error: could not set exec context to %s for user  %s\n", 
+						       e->pwd->pw_name, u->scontext, u->name);
 						_exit(ERROR_EXIT);
 					}
 				}
 			}
 #endif
 
-			execle(shell, shell, "-c", e->cmd, (char *)0, e->envp);
+			execle(shell, shell, "-c", e->cmd, (char *)0, jobenv);
 			fprintf(stderr, "execl: couldn't exec `%s'\n", shell);
 			perror("execl");
 			_exit(ERROR_EXIT);
@@ -513,7 +484,7 @@
 				fprintf(mail, "Date: %s\n",
 					arpadate(&StartTime));
 #endif /*MAIL_DATE*/
-				for (env = e->envp;  *env;  env++)
+				for (env = jobenv;  *env;  env++)
 					fprintf(mail, "X-Cron-Env: <%s>\n",
 						*env);
 				fprintf(mail, "\n");


