rpms/vixie-cron/F-7 vixie-cron-4.1-pam_crontab.patch, 1.1, 1.2 vixie-cron.spec, 1.99, 1.100
Marcela Mašláňová (mmaslano)
fedora-extras-commits at redhat.com
Tue Sep 11 09:10:38 UTC 2007
- Previous message (by thread): rpms/hwbrowser/devel .cvsignore, 1.33, 1.34 hwbrowser.spec, 1.45, 1.46 sources, 1.39, 1.40
- Next message (by thread): rpms/apr/devel .cvsignore, 1.10, 1.11 apr.spec, 1.71, 1.72 sources, 1.10, 1.11 apr-1.2.9-openlfs.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mmaslano
Update of /cvs/pkgs/rpms/vixie-cron/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27750
Modified Files:
vixie-cron-4.1-pam_crontab.patch vixie-cron.spec
Log Message:
Change patch - add correct setting of home dir for selinux rhbz#241877.
vixie-cron-4.1-pam_crontab.patch:
Index: vixie-cron-4.1-pam_crontab.patch
===================================================================
RCS file: /cvs/pkgs/rpms/vixie-cron/F-7/vixie-cron-4.1-pam_crontab.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- vixie-cron-4.1-pam_crontab.patch 30 Jul 2007 15:13:24 -0000 1.1
+++ vixie-cron-4.1-pam_crontab.patch 11 Sep 2007 09:10:31 -0000 1.2
@@ -1,5 +1,5 @@
---- vixie-cron-4.1/cron.h.old 2007-07-30 16:34:07.000000000 +0200
-+++ vixie-cron-4.1/cron.h 2007-07-26 15:14:19.000000000 +0200
+--- vixie-cron-4.1/cron.h.pamcrontab 2007-09-11 10:22:20.000000000 +0200
++++ vixie-cron-4.1/cron.h 2007-09-11 10:22:21.000000000 +0200
@@ -47,3 +47,20 @@
#include "funcs.h"
#include "globals.h"
@@ -21,37 +21,8 @@
+ return(retcode); }
+#endif
+
---- vixie-cron-4.1/do_command.c.old 2007-07-30 16:34:08.000000000 +0200
-+++ vixie-cron-4.1/do_command.c 2007-07-26 16:56:11.000000000 +0200
-@@ -71,7 +71,7 @@
- */
- if ( cron_set_job_security_context( e, u, &jobenv ) != 0 )
- {
-- syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
-+ //syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
- exit(ERROR_EXIT);
- }
-
-@@ -158,7 +158,7 @@
- switch (fork()) {
- case -1:
- log_it("CRON", getpid(), "error", "can't fork");
-- cron_close_security_session();
-+ cron_close_pam();
- exit(ERROR_EXIT);
- /*NOTREACHED*/
- case 0:
-@@ -523,7 +523,7 @@
- Debug(DPROC, (", dumped core"))
- Debug(DPROC, ("\n"))
- }
-- cron_close_security_session();
-+ cron_close_pam();
- env_free(jobenv);
- }
-
---- vixie-cron-4.1/crontab.c.old 2007-07-30 16:34:09.000000000 +0200
-+++ vixie-cron-4.1/crontab.c 2007-07-30 10:49:09.000000000 +0200
+--- vixie-cron-4.1/crontab.c.pamcrontab 2007-09-11 10:22:21.000000000 +0200
++++ vixie-cron-4.1/crontab.c 2007-09-11 10:22:21.000000000 +0200
@@ -37,7 +37,6 @@
#include <selinux/av_permissions.h>
#endif
@@ -127,8 +98,8 @@
if (!glue_strings(q, sizeof q, editor, Filename, ' ')) {
fprintf(stderr, "%s: editor command line too long\n",
ProgramName);
---- vixie-cron-4.1/security.c.old 2007-07-30 16:34:09.000000000 +0200
-+++ vixie-cron-4.1/security.c 2007-07-30 16:30:52.000000000 +0200
+--- vixie-cron-4.1/security.c.pamcrontab 2007-09-11 10:22:21.000000000 +0200
++++ vixie-cron-4.1/security.c 2007-09-11 10:30:26.000000000 +0200
@@ -46,70 +46,55 @@
int cron_restore_default_security_context() {
setexeccon(NULL);
@@ -341,19 +312,18 @@
- {
- log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
- return -1;
-+ if (chdir(homedir) == -1) {
-+ log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
-+ log_it("CRON", getpid(), homedir, strerror(errno));
-+ return -1;
++ if (initgroups(pw->pw_name, pw->pw_gid) != 0) {
++ log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
++ return -1;
}
- if ( setuid( pw->pw_uid ) != 0 )
- {
- log_it("CRON", getpid(), "setuid failed:", strerror(errno));
- return -1;
-+ if (initgroups(pw->pw_name, pw->pw_gid) != 0) {
-+ log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
-+ return -1;
++ if (setuid( pw->pw_uid ) != 0) {
++ log_it("CRON", getpid(), "setuid failed:", strerror(errno));
++ return -1;
}
- if ( chdir(homedir) == -1 )
@@ -361,12 +331,13 @@
- log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
- log_it("CRON", getpid(), homedir, strerror(errno));
- return -1;
-+ if (setuid( pw->pw_uid ) != 0) {
-+ log_it("CRON", getpid(), "setuid failed:", strerror(errno));
-+ return -1;
++ if (chdir(homedir) == -1) {
++ log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
++ log_it("CRON", getpid(), homedir, strerror(errno));
++ return -1;
}
-
-+
++
return 0;
}
@@ -842,3 +813,32 @@
}
return jobenv;
#else
+--- vixie-cron-4.1/do_command.c.pamcrontab 2007-09-11 10:22:21.000000000 +0200
++++ vixie-cron-4.1/do_command.c 2007-09-11 10:22:21.000000000 +0200
+@@ -71,7 +71,7 @@
+ */
+ if ( cron_set_job_security_context( e, u, &jobenv ) != 0 )
+ {
+- syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
++ //syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name);
+ exit(ERROR_EXIT);
+ }
+
+@@ -158,7 +158,7 @@
+ switch (fork()) {
+ case -1:
+ log_it("CRON", getpid(), "error", "can't fork");
+- cron_close_security_session();
++ cron_close_pam();
+ exit(ERROR_EXIT);
+ /*NOTREACHED*/
+ case 0:
+@@ -523,7 +523,7 @@
+ Debug(DPROC, (", dumped core"))
+ Debug(DPROC, ("\n"))
+ }
+- cron_close_security_session();
++ cron_close_pam();
+ env_free(jobenv);
+ }
+
Index: vixie-cron.spec
===================================================================
RCS file: /cvs/pkgs/rpms/vixie-cron/F-7/vixie-cron.spec,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -r1.99 -r1.100
--- vixie-cron.spec 30 Jul 2007 15:13:24 -0000 1.99
+++ vixie-cron.spec 11 Sep 2007 09:10:31 -0000 1.100
@@ -10,7 +10,7 @@
Summary: The Vixie cron daemon for executing specified programs at set times
Name: vixie-cron
Version: 4.1
-Release: 83%{?dist}
+Release: 84%{?dist}
Epoch: 4
License: BSD
Group: System Environment/Base
@@ -272,6 +272,9 @@
%config(noreplace) /etc/sysconfig/crond
%changelog
+* Tue Sep 11 2007 Marcela Maslanova <mmaslano at redhat.com> - 4:4.1-84
+- fix problem with selinux homedir #241877 in patch pam_crontab
+
* Mon Jul 31 2007 Marcela Maslanova <mmaslano at redhat.com> - 4:4.1-83
- update from devel
- add pam to crontab, add variable tmpdir, fix man again
- Previous message (by thread): rpms/hwbrowser/devel .cvsignore, 1.33, 1.34 hwbrowser.spec, 1.45, 1.46 sources, 1.39, 1.40
- Next message (by thread): rpms/apr/devel .cvsignore, 1.10, 1.11 apr.spec, 1.71, 1.72 sources, 1.10, 1.11 apr-1.2.9-openlfs.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list