rpms/vixie-cron/devel vixie-cron-4.1-fixs.patch, NONE, 1.1 vixie-cron-4.1-tmp.patch, NONE, 1.1 vixie-cron.spec, 1.98, 1.99
Marcela Mašláňová (mmaslano)
fedora-extras-commits at redhat.com
Mon Jul 2 11:02:59 UTC 2007
- Previous message: rpms/koffice-langpack/FC-6 teamnames, NONE, 1.1 .cvsignore, 1.8, 1.9 koffice-langpack.spec, 1.9, 1.10 sources, 1.8, 1.9
- Next message: rpms/kipi-plugins/devel .cvsignore, 1.12, 1.13 kipi-plugins.spec, 1.36, 1.37 sources, 1.11, 1.12 kipi-plugins-0.1.4-beta2-LIB_KIO.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mmaslano
Update of /cvs/pkgs/rpms/vixie-cron/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19079
Modified Files:
vixie-cron.spec
Added Files:
vixie-cron-4.1-fixs.patch vixie-cron-4.1-tmp.patch
Log Message:
Add patches.
vixie-cron-4.1-fixs.patch:
--- NEW FILE vixie-cron-4.1-fixs.patch ---
--- vixie-cron-4.1/security.c.bug 2007-07-02 12:11:56.000000000 +0200
+++ vixie-cron-4.1/security.c 2007-07-02 12:20:25.000000000 +0200
@@ -201,13 +201,6 @@
return -1;
}
- if ( chdir(homedir) == -1 )
- {
- log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
- log_it("CRON", getpid(), homedir, strerror(errno));
- return -1;
- }
-
if ( initgroups( pw->pw_name, pw->pw_gid ) != 0 )
{
log_it("CRON", getpid(), "initgroups failed:", strerror(errno));
@@ -219,7 +212,14 @@
log_it("CRON", getpid(), "setuid failed:", strerror(errno));
return -1;
}
-
+
+ if ( chdir(homedir) == -1 )
+ {
+ log_it("CRON", getpid(), "chdir(HOME) failed:", strerror(errno));
+ log_it("CRON", getpid(), homedir, strerror(errno));
+ return -1;
+ }
+
return 0;
}
--- vixie-cron-4.1/crontab.1.bug 2007-07-02 12:11:56.000000000 +0200
+++ vixie-cron-4.1/crontab.1 2007-07-02 12:20:55.000000000 +0200
@@ -19,7 +19,7 @@
.\"
.\" $Id: crontab.1,v 1.7 2004/01/23 19:03:32 vixie Exp $
.\"
-.TH CRONTAB 1 "16 Januar 2007"
+.TH CRONTAB 1 "16 January 2007"
.UC 4
.SH NAME
crontab \- maintain crontab files for individual users (ISC Cron V4.1)
vixie-cron-4.1-tmp.patch:
--- NEW FILE vixie-cron-4.1-tmp.patch ---
--- vixie-cron-4.1/crontab.c.tmp 2007-05-18 21:17:02.000000000 +0200
+++ vixie-cron-4.1/crontab.c 2007-05-18 21:17:02.000000000 +0200
@@ -74,6 +74,7 @@
parse_args(int c, char *v[]),
die(int);
static int replace_cmd(void);
+static char *tmp_path(void);
static void
usage(const char *msg) {
@@ -336,6 +337,14 @@
fprintf(stderr, "\"%s\":%d: %s\n", Filename, LineNumber-1, msg);
}
+static char *
+tmp_path() {
+ char *tmpdir;
+
+ tmpdir = getenv("TMPDIR");
+ return tmpdir ? tmpdir : "/tmp";
+}
+
static void
edit_cmd(void) {
char n[MAX_FNAME], q[MAX_TEMPSTR], *editor;
@@ -345,7 +354,8 @@
struct utimbuf utimebuf;
WAIT_T waiter;
PID_T pid, xpid;
-
+ int uid;
+
log_it(RealUser, Pid, "BEGIN EDIT", User);
if (!glue_strings(n, sizeof n, SPOOL_DIR, User, '/')) {
fprintf(stderr, "path too long\n");
@@ -376,16 +386,23 @@
(void)signal(SIGINT, SIG_IGN);
(void)signal(SIGQUIT, SIG_IGN);
- if (!glue_strings(Filename, sizeof Filename, _PATH_TMP,
+ if (!glue_strings(Filename, sizeof Filename, tmp_path(),
"crontab.XXXXXXXXXX", '/')) {
fprintf(stderr, "path too long\n");
goto fatal;
}
+ //syslog(LOG_ERR,"%s%s",Filename,tmp_path());
+ //syslog(LOG_ERR,"BEFORE MKSTEMP pid: %d uid: %d gid: %d",Pid,MY_UID(pw), MY_GID(pw));//uid, gid);
+ uid = MY_UID(pw);
+ setreuid(0, uid);
+ //syslog(LOG_ERR,"BEFORE MKSTEMP SETREUID pid: %d uid: %d gid: %d",Pid,MY_UID(pw), MY_GID(pw));//uid,gid);
if (-1 == (t = mkstemp(Filename))) {
perror(Filename);
goto fatal;
}
-#ifdef HAS_FCHOWN
+
+/* instead of chown we're using setreuid */
+/*#ifdef HAS_FCHOWN
if (fchown(t, MY_UID(pw), MY_GID(pw)) < 0) {
perror("fchown");
goto fatal;
@@ -395,7 +412,10 @@
perror("chown");
goto fatal;
}
-#endif
+#endif*/
+
+ setreuid(uid,0);
+ //syslog(LOG_ERR,"AFTER MKSTEMP pid: %d uid: %d gid: %d",Pid,uid, MY_GID(pw));
if (!(NewCrontab = fdopen(t, "r+"))) {
perror("fdopen");
goto fatal;
@@ -481,10 +501,10 @@
perror("setuid(getuid())");
exit(ERROR_EXIT);
}
- if (chdir(_PATH_TMP) < 0) {
+/* if (chdir(_PATH_TMP) < 0) {
perror(_PATH_TMP);
exit(ERROR_EXIT);
- }
+ }*/
if (!glue_strings(q, sizeof q, editor, Filename, ' ')) {
fprintf(stderr, "%s: editor command line too long\n",
ProgramName);
Index: vixie-cron.spec
===================================================================
RCS file: /cvs/pkgs/rpms/vixie-cron/devel/vixie-cron.spec,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- vixie-cron.spec 12 Apr 2007 16:47:46 -0000 1.98
+++ vixie-cron.spec 2 Jul 2007 11:02:23 -0000 1.99
@@ -10,7 +10,7 @@
Summary: The Vixie cron daemon for executing specified programs at set times
Name: vixie-cron
Version: 4.1
-Release: 82%{?dist}
+Release: 83%{?dist}
Epoch: 4
License: BSD
Group: System Environment/Base
@@ -86,6 +86,8 @@
Patch66: vixie-cron-4.1-bz220376.patch
Patch67: vixie-cron-4.1-hardlink.patch
Patch68: vixie-cron-4.1-mancrond.patch
+Patch69: vixie-cron-4.1-tmp.patch
+Patch70: vixie-cron-4.1-fixs.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: syslog, bash >= 2.0
@@ -195,6 +197,8 @@
#%patch66 -p1 -b .bz220376
%patch67 -p1 -b .hardlink
%patch68 -p1 -b .mancrond
+%patch69 -p1 -b .tmp
+%patch70 -p1 -b .fix
%build
# RPM_OPT_FLAGS are better here, because we don't have configure for set up variables ;-)
@@ -266,6 +270,10 @@
%config(noreplace) /etc/sysconfig/crond
%changelog
+* Mon Jul 2 2007 Marcela Maslanova <mmaslano at redhat.com> - 4:4.1-83
+- fix 246396, tmp directory, typo in crontab.1
+- Resolves: rhbz#246396
+
* Thu Apr 12 2007 Marcela Maslanova <mmaslano at redhat.com> - 4:4.1-82
- removed bz220376.patch
- change in manual - using jobs in cron.d
- Previous message: rpms/koffice-langpack/FC-6 teamnames, NONE, 1.1 .cvsignore, 1.8, 1.9 koffice-langpack.spec, 1.9, 1.10 sources, 1.8, 1.9
- Next message: rpms/kipi-plugins/devel .cvsignore, 1.12, 1.13 kipi-plugins.spec, 1.36, 1.37 sources, 1.11, 1.12 kipi-plugins-0.1.4-beta2-LIB_KIO.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list