rpms/vixie-cron/F-7 vixie-cron-4.1-pam_crontab.patch, 1.1, 1.2 vixie-cron.spec, 1.99, 1.100

Tue Sep 11 09:10:38 UTC 2007

Author: mmaslano

Update of /cvs/pkgs/rpms/vixie-cron/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27750

Modified Files:
	vixie-cron-4.1-pam_crontab.patch vixie-cron.spec 
Log Message:
Change patch - add correct setting of home dir for selinux rhbz#241877.


vixie-cron-4.1-pam_crontab.patch:

Index: vixie-cron-4.1-pam_crontab.patch
===================================================================
RCS file: /cvs/pkgs/rpms/vixie-cron/F-7/vixie-cron-4.1-pam_crontab.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2

--- vixie-cron-4.1-pam_crontab.patch	30 Jul 2007 15:13:24 -0000	1.1
+++ vixie-cron-4.1-pam_crontab.patch	11 Sep 2007 09:10:31 -0000	1.2
@@ -1,5 +1,5 @@
---- vixie-cron-4.1/cron.h.old	2007-07-30 16:34:07.000000000 +0200
-+++ vixie-cron-4.1/cron.h	2007-07-26 15:14:19.000000000 +0200
+--- vixie-cron-4.1/cron.h.pamcrontab	2007-09-11 10:22:20.000000000 +0200
++++ vixie-cron-4.1/cron.h	2007-09-11 10:22:21.000000000 +0200
 @@ -47,3 +47,20 @@
  #include "funcs.h"
  #include "globals.h"
@@ -21,37 +21,8 @@
 +        return(retcode);    }
 +#endif
 +
---- vixie-cron-4.1/do_command.c.old	2007-07-30 16:34:08.000000000 +0200
-+++ vixie-cron-4.1/do_command.c	2007-07-26 16:56:11.000000000 +0200
-@@ -71,7 +71,7 @@
-          */
- 	if ( cron_set_job_security_context( e, u, &jobenv ) != 0 )
- 	{
--	    syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
-+	    //syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
- 	    exit(ERROR_EXIT);
- 	}
- 
-@@ -158,7 +158,7 @@
- 	switch (fork()) {
- 	case -1:
- 		log_it("CRON", getpid(), "error", "can't fork");
--		cron_close_security_session();
-+		cron_close_pam();
- 		exit(ERROR_EXIT);
- 		/*NOTREACHED*/
- 	case 0:
-@@ -523,7 +523,7 @@
- 			Debug(DPROC, (", dumped core"))
- 		Debug(DPROC, ("\n"))
- 	}
--	cron_close_security_session();
-+	cron_close_pam();
- 	env_free(jobenv);
- }
- 
---- vixie-cron-4.1/crontab.c.old	2007-07-30 16:34:09.000000000 +0200
-+++ vixie-cron-4.1/crontab.c	2007-07-30 10:49:09.000000000 +0200
+--- vixie-cron-4.1/crontab.c.pamcrontab	2007-09-11 10:22:21.000000000 +0200
++++ vixie-cron-4.1/crontab.c	2007-09-11 10:22:21.000000000 +0200
 @@ -37,7 +37,6 @@
  #include <selinux/av_permissions.h>
  #endif
@@ -127,8 +98,8 @@
  		if (!glue_strings(q, sizeof q, editor, Filename, ' ')) {
  			fprintf(stderr, "%s: editor command line too long\n",
  			    ProgramName);
---- vixie-cron-4.1/security.c.old	2007-07-30 16:34:09.000000000 +0200
-+++ vixie-cron-4.1/security.c	2007-07-30 16:30:52.000000000 +0200
+--- vixie-cron-4.1/security.c.pamcrontab	2007-09-11 10:22:21.000000000 +0200
++++ vixie-cron-4.1/security.c	2007-09-11 10:30:26.000000000 +0200
 @@ -46,70 +46,55 @@
  int cron_restore_default_security_context() {
  	setexeccon(NULL);
@@ -341,19 +312,18 @@
 -    {
 -	log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
 -	return -1;	
-+    if (chdir(homedir) == -1) {
-+		log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
-+		log_it("CRON", getpid(), homedir, strerror(errno));
-+		return -1;
++    if (initgroups(pw->pw_name, pw->pw_gid) != 0) {
++		log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
++		return -1;	
      }
  
 -    if ( setuid( pw->pw_uid ) != 0 )
 -    {
 -	log_it("CRON", getpid(), "setuid failed:", strerror(errno));
 -	return -1;
-+    if (initgroups(pw->pw_name, pw->pw_gid) != 0) {
-+		log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
-+		return -1;	
++    if (setuid( pw->pw_uid ) != 0) {
++		log_it("CRON", getpid(), "setuid failed:", strerror(errno));
++		return -1;
      }
  
 -	if ( chdir(homedir) == -1 )
@@ -361,12 +331,13 @@
 -    log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
 -    log_it("CRON", getpid(), homedir, strerror(errno));
 -    return -1;
-+    if (setuid( pw->pw_uid ) != 0) {
-+		log_it("CRON", getpid(), "setuid failed:", strerror(errno));
-+		return -1;
++    if (chdir(homedir) == -1) {
++	log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
++        log_it("CRON", getpid(), homedir, strerror(errno));
++        return -1;
      }
 -   
-+    
++                                                        
      return 0;
  }
  
@@ -842,3 +813,32 @@
      }
      return jobenv;    
  #else
+--- vixie-cron-4.1/do_command.c.pamcrontab	2007-09-11 10:22:21.000000000 +0200
++++ vixie-cron-4.1/do_command.c	2007-09-11 10:22:21.000000000 +0200
+@@ -71,7 +71,7 @@
+          */
+ 	if ( cron_set_job_security_context( e, u, &jobenv ) != 0 )
+ 	{
+-	    syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
++	    //syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
+ 	    exit(ERROR_EXIT);
+ 	}
+ 
+@@ -158,7 +158,7 @@
+ 	switch (fork()) {
+ 	case -1:
+ 		log_it("CRON", getpid(), "error", "can't fork");
+-		cron_close_security_session();
++		cron_close_pam();
+ 		exit(ERROR_EXIT);
+ 		/*NOTREACHED*/
+ 	case 0:
+@@ -523,7 +523,7 @@
+ 			Debug(DPROC, (", dumped core"))
+ 		Debug(DPROC, ("\n"))
+ 	}
+-	cron_close_security_session();
++	cron_close_pam();
+ 	env_free(jobenv);
+ }
+ 


Index: vixie-cron.spec
===================================================================
RCS file: /cvs/pkgs/rpms/vixie-cron/F-7/vixie-cron.spec,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -r1.99 -r1.100
--- vixie-cron.spec	30 Jul 2007 15:13:24 -0000	1.99
+++ vixie-cron.spec	11 Sep 2007 09:10:31 -0000	1.100
@@ -10,7 +10,7 @@
 Summary: The Vixie cron daemon for executing specified programs at set times
 Name: vixie-cron
 Version: 4.1
-Release: 83%{?dist}
+Release: 84%{?dist}
 Epoch: 4
 License: BSD
 Group: System Environment/Base
@@ -272,6 +272,9 @@
 %config(noreplace) /etc/sysconfig/crond
 
 %changelog
+* Tue Sep 11 2007 Marcela Maslanova <mmaslano at redhat.com> - 4:4.1-84
+- fix problem with selinux homedir #241877 in patch pam_crontab
+
 * Mon Jul 31 2007 Marcela Maslanova <mmaslano at redhat.com> - 4:4.1-83
 - update from devel
 - add pam to crontab, add variable tmpdir, fix man again


