rpms/vixie-cron/devel vixie-cron-4.1-_49-bz178436.patch, NONE, 1.1 vixie-cron-4.1-_50-bz178931.patch, NONE, 1.1 vixie-cron.spec, 1.62, 1.63

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Jan 26 19:51:54 UTC 2006 

Author: jvdias

Update of /cvs/dist/rpms/vixie-cron/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv9770

Modified Files:
	vixie-cron.spec 
Added Files:
	vixie-cron-4.1-_49-bz178436.patch 
	vixie-cron-4.1-_50-bz178931.patch 
Log Message:
- fix bug 178436: prevent per-minute jobs being delayed into next minute
- fix bug 178931: remove pam_unix and pam_krb5 from pam session stack


vixie-cron-4.1-_49-bz178436.patch:
 security.c |   31 +++++++++++++++++++++++++++++++
 1 files changed, 31 insertions(+)

--- NEW FILE vixie-cron-4.1-_49-bz178436.patch ---
--- vixie-cron-4.1/security.c.bz178436	2006-01-26 14:26:55.000000000 -0500
+++ vixie-cron-4.1/security.c	2006-01-26 14:34:23.000000000 -0500
@@ -32,6 +32,16 @@
 
 int cron_set_job_security_context( entry *e, user *u, char ***jobenv )
 {
+    time_t minutely_time = 0;
+    if((e->flags & MIN_STAR)==MIN_STAR)
+    {
+	/* "minute-ly" job: Every minute for given hour/dow/month/dom. 
+	 * Ensure that these jobs never run in the same minute:
+	 */
+	minutely_time = time(0);
+	Debug(DSCH, ("Minute-ly job. Recording time %lu\n", minutely_time))
+    }
+
     if ( cron_open_security_session( e->pwd ) != 0 )
     {
 	syslog(LOG_INFO, "CRON (%s) ERROR: failed to open PAM security session: %s", 
@@ -57,12 +67,32 @@
 
     *jobenv = build_env( e->envp );
 
+    log_close();
+    openlog(ProgramName, LOG_PID, LOG_CRON);
+
     if ( chdir(env_get("HOME", *jobenv)) == -1 )
     {
 	log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
 	return -1;
     }
 
+    time_t job_run_time = time(0L);
+
+    if( (minutely_time > 0)
+	&&((job_run_time / 60) != (minutely_time / 60))
+      )
+    {/* if a per-minute job is delayed into the next minute 
+      * (eg. by network authentication method timeouts), skip it.
+      */
+	struct tm tmS, tmN;
+	localtime_r(&job_run_time, &tmN);
+	localtime_r(&minutely_time,&tmS);
+	syslog(LOG_ERR, 
+	       "(%s) error: Job execution of per-minute job scheduled for "
+	       "%.2u:%.2u delayed into subsequent minute %.2u:%.2u. Skipping job run.",
+	       e->pwd->pw_name, tmS.tm_hour, tmS.tm_min, tmN.tm_hour, tmN.tm_min);
+	return -1;
+    }
     return 0;
 }
 
@@ -96,6 +126,7 @@
     retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT);
     PAM_FAIL_CHECK;
     log_close(); /* PAM has now re-opened our log to auth.info ! */
+    openlog(ProgramName, LOG_PID, LOG_CRON);
 #endif
 
     return retcode;

vixie-cron-4.1-_50-bz178931.patch:
 crond.pam |    7 +------
 1 files changed, 1 insertion(+), 6 deletions(-)

--- NEW FILE vixie-cron-4.1-_50-bz178931.patch ---
--- vixie-cron-4.1/crond.pam.bz178931	2006-01-26 14:26:55.000000000 -0500
+++ vixie-cron-4.1/crond.pam	2006-01-26 14:33:04.000000000 -0500
@@ -7,10 +7,5 @@
 auth       include    system-auth
 account    required   pam_access.so
 account    include    system-auth
-session    include    system-auth
 session    required   pam_loginuid.so
-# To enable PAM user limits for cron jobs, 
-# configure /etc/security/limits.conf and 
-# uncomment this line:
-# session  required   pam_limits.so
-#
+session	   required   pam_limits.so


Index: vixie-cron.spec
===================================================================
RCS file: /cvs/dist/rpms/vixie-cron/devel/vixie-cron.spec,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- vixie-cron.spec	10 Jan 2006 23:25:19 -0000	1.62
+++ vixie-cron.spec	26 Jan 2006 19:51:52 -0000	1.63
@@ -7,7 +7,7 @@
 Summary: The Vixie cron daemon for executing specified programs at set times.
 Name: vixie-cron
 Version: 4.1
-Release: 44.FC5
+Release: 50.FC5
 Epoch:   4
 License: distributable
 Group:   System Environment/Base
@@ -63,6 +63,8 @@
 Patch46: vixie-cron-4.1-_46-audit.patch
 Patch47: vixie-cron-4.1-_47-m_option.patch
 Patch48: vixie-cron-4.1-_48-security.patch
+Patch49: vixie-cron-4.1-_49-bz178436.patch
+Patch50: vixie-cron-4.1-_50-bz178931.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-root
 Requires: syslog, bash >= 2.0
 Conflicts: sysklogd < 1.4.1
@@ -142,6 +144,8 @@
 %patch46 -p1 -b .audit_deny
 %patch47 -p1 -b .-m_option
 %patch48 -p1 -b .security
+%patch49 -p1 -b .bz178436
+%patch50 -p1 -b .bz178931
 
 %build
 make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -g -DLINT -Dlint -Werror"
@@ -199,6 +203,10 @@
 %config(noreplace) /etc/sysconfig/crond
 
 %changelog
+* Thu Jan 26 2006 Jason Vas Dias<jvdias at redhat.com> - 4.1-50.FC5
+- fix bug 178436: prevent per-minute jobs being delayed into next minute
+- fix bug 178931: remove pam_unix and pam_krb5 from pam session stack
+
 * Tue Jan 10 2006 Jason Vas Dias<jvdias at redhat.com>
 - fix bug 177476: make minder/mailer process run as job user 
   with user context; re-organize PAM and SELinux code 
@@ -209,12 +217,12 @@
 * Fri Dec 09 2005 Jesse Keating <jkeating at redhat.com>
 - rebuilt
 
-* Sun Nov 13 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-41-FC5
+* Sun Nov 13 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-41.FC5
 - patches for IBM LSPP testing:
 - Steve Grubb's patch to emit audit log message on crontab denial
 - Use of sendmail unacceptable for LSPP: provide -m <mail command> option
 
-* Tue Oct 18 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-40-FC5
+* Tue Oct 18 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-40.FC5
 - *** NOTE : please do not modify vixie-cron without contacting ***
   *** the package maintainer (me at the moment).                ***
   *** Or at least test it first!                                ***

More information about the fedora-cvs-commits mailing list