[at] Update to 3.1.13.
Marcela Mašláňová
mmaslano at fedoraproject.org
Fri Jul 29 12:28:00 UTC 2011
commit 92956ea3adbd2d28876409531cf890251bde86ee
Author: Marcela Mašláňová <mmaslano at redhat.com>
Date: Fri Jul 29 14:27:23 2011 +0200
Update to 3.1.13.
at-3.1.13-makefile.patch | 82 +++++
at-3.1.13-nitpicks.patch | 121 +++++++
at-3.1.13-pam.patch | 430 +++++++++++++++++++++++++
at-3.1.13-selinux.patch | 165 ++++++++++
at.spec | 51 ++--
test.pl | 800 ----------------------------------------------
6 files changed, 821 insertions(+), 828 deletions(-)
---
diff --git a/at-3.1.13-makefile.patch b/at-3.1.13-makefile.patch
new file mode 100644
index 0000000..e429719
--- /dev/null
+++ b/at-3.1.13-makefile.patch
@@ -0,0 +1,82 @@
+diff -up at-3.1.13/Makefile.in.make at-3.1.13/Makefile.in
+--- at-3.1.13/Makefile.in.make 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/Makefile.in 2011-07-29 08:06:28.317600053 +0200
+@@ -65,13 +65,13 @@ LIST = Filelist Filelist.asc
+ all: at atd atrun
+
+ at: $(ATOBJECTS)
+- $(CC) $(CFLAGS) -o at $(ATOBJECTS) $(LIBS) $(LEXLIB)
++ $(CC) $(CFLAGS) -o at -pie $(ATOBJECTS) $(LIBS) $(LEXLIB) $(SELINUXLIB) $(PAMLIB)
+ rm -f $(CLONES)
+ $(LN_S) -f at atq
+ $(LN_S) -f at atrm
+
+ atd: $(RUNOBJECTS)
+- $(CC) $(CFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB)
++ $(CC) $(CFLAGS) -o atd -pie $(RUNOBJECTS) $(LIBS) $(SELINUXLIB) $(PAMLIB)
+
+ y.tab.c y.tab.h: parsetime.y
+ $(YACC) -d parsetime.y
+@@ -83,38 +83,41 @@ atrun: atrun.in
+ configure
+
+ .c.o:
+- $(CC) -c $(CFLAGS) $(DEFS) $*.c
++ $(CC) -c $(CFLAGS) -fPIE $(DEFS) $*.c
+
+ install: all
+- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(etcdir)
+- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(bindir)
+- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(sbindir)
+- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(docdir)
+- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(atdocdir)
+- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)
+- chmod 1770 $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)
++ $(INSTALL) -m 755 -d $(IROOT)$(etcdir)
++ $(INSTALL) -m 755 -d $(IROOT)$(bindir)
++ $(INSTALL) -m 755 -d $(IROOT)$(sbindir)
++ $(INSTALL) -m 755 -d $(IROOT)$(docdir)
++ $(INSTALL) -m 755 -d $(IROOT)$(atdocdir)
++ $(INSTALL) -m 755 -d $(IROOT)$(etcdir)/pam.d/
++ $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR)
++ chmod 700 $(IROOT)$(ATJOB_DIR) $(IROOT)$(ATSPOOL_DIR)
++ chown $(DAEMON_USERNAME):$(DAEMON_GROUPNAME) $(IROOT)$(ATJOB_DIR) $(IROOT)$(ATSPOOL_DIR)
+ touch $(IROOT)$(LFILE)
+ chmod 600 $(IROOT)$(LFILE)
+ chown $(DAEMON_USERNAME):$(DAEMON_GROUPNAME) $(IROOT)$(LFILE)
+- test -f $(IROOT)$(etcdir)/at.allow || test -f $(IROOT)$(etcdir)/at.deny || $(INSTALL) -o root -g $(DAEMON_GROUPNAME) -m 640 at.deny $(IROOT)$(etcdir)/
+- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 6755 at $(IROOT)$(bindir)
++ test -f $(IROOT)$(etcdir)/at.allow || test -f $(IROOT)$(etcdir)/at.deny || $(INSTALL) -m 600 at.deny $(IROOT)$(etcdir)/
++ $(INSTALL) -o $(INSTALL_ROOT_USER) -g $(DAEMON_GROUPNAME) pam_atd $(IROOT)$(etcdir)/pam.d/atd
++ $(INSTALL) -m 4755 at $(IROOT)$(bindir)
+ $(LN_S) -f at $(IROOT)$(bindir)/atq
+ $(LN_S) -f at $(IROOT)$(bindir)/atrm
+- $(INSTALL) -g root -o root -m 755 batch $(IROOT)$(bindir)
+- $(INSTALL) -d -o root -g root -m 755 $(IROOT)$(man1dir)
+- $(INSTALL) -d -o root -g root -m 755 $(IROOT)$(man5dir)
+- $(INSTALL) -d -o root -g root -m 755 $(IROOT)$(man8dir)
+- $(INSTALL) -g root -o root -m 755 atd $(IROOT)$(sbindir)
+- $(INSTALL) -g root -o root -m 755 atrun $(IROOT)$(sbindir)
+- $(INSTALL) -g root -o root -m 644 at.1 $(IROOT)$(man1dir)/
++ $(INSTALL) -m 755 batch $(IROOT)$(bindir)
++ $(INSTALL) -d -m 755 $(IROOT)$(man1dir)
++ $(INSTALL) -d -m 755 $(IROOT)$(man5dir)
++ $(INSTALL) -d -m 755 $(IROOT)$(man8dir)
++ $(INSTALL) -m 755 atd $(IROOT)$(sbindir)
++ $(INSTALL) -m 755 atrun $(IROOT)$(sbindir)
++ $(INSTALL) -m 644 at.1 $(IROOT)$(man1dir)/
+ cd $(IROOT)$(man1dir) && $(LN_S) -f at.1 atq.1 && $(LN_S) -f at.1 batch.1 && $(LN_S) -f at.1 atrm.1
+- $(INSTALL) -g root -o root -m 644 atd.8 $(IROOT)$(man8dir)/
++ $(INSTALL) -m 644 atd.8 $(IROOT)$(man8dir)/
+ sed "s,\$${exec_prefix},$(exec_prefix),g" <atrun.8>tmpman
+- $(INSTALL) -g root -o root -m 644 tmpman $(IROOT)$(man8dir)/atrun.8
++ $(INSTALL) -m 644 tmpman $(IROOT)$(man8dir)/atrun.8
+ rm -f tmpman
+- $(INSTALL) -g root -o root -m 644 at.allow.5 $(IROOT)$(man5dir)/
++ $(INSTALL) -m 644 at.allow.5 $(IROOT)$(man5dir)/
+ cd $(IROOT)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5
+- $(INSTALL) -g root -o root -m 644 $(DOCS) $(IROOT)$(atdocdir)
++ $(INSTALL) -m 644 $(DOCS) $(IROOT)$(atdocdir)
+ rm -f $(IROOT)$(mandir)/cat1/at.1* $(IROOT)$(mandir)/cat1/batch.1* \
+ $(IROOT)$(mandir)/cat1/atq.1*
+ rm -f $(IROOT)$(mandir)/cat1/atd.8*
diff --git a/at-3.1.13-nitpicks.patch b/at-3.1.13-nitpicks.patch
new file mode 100644
index 0000000..d9174c0
--- /dev/null
+++ b/at-3.1.13-nitpicks.patch
@@ -0,0 +1,121 @@
+diff -up at-3.1.13/at.1.in.nit at-3.1.13/at.1.in
+--- at-3.1.13/at.1.in.nit 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/at.1.in 2011-07-28 13:04:41.398174737 +0200
+@@ -126,7 +126,7 @@ and to run a job at 1am tomorrow, you wo
+ .B at 1am tomorrow.
+ .PP
+ The definition of the time specification can be found in
+-.IR @prefix@/share/doc/at/timespec .
++.IR @prefix@/share/doc/at- at VERSION@/timespec .
+ .PP
+ For both
+ .BR at " and " batch ,
+@@ -204,7 +204,7 @@ queue for
+ .BR batch .
+ Queues with higher letters run with increased niceness. The special
+ queue "=" is reserved for jobs which are currently running.
+-.P
++
+ If a job is submitted to a queue designated with an uppercase letter, the
+ job is treated as if it were submitted to batch at the time of the job.
+ Once the time is reached, the batch processing rules with respect to load
+@@ -248,7 +248,7 @@ is an alias for
+ .TP
+ .B \-v
+ Shows the time the job will be executed before reading the job.
+-.P
++
+ Times displayed will be in the format "Thu Feb 20 14:50:00 1997".
+ .TP
+ .B
+diff -up at-3.1.13/atd.c.nit at-3.1.13/atd.c
+--- at-3.1.13/atd.c.nit 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/atd.c 2011-07-28 13:01:31.577967025 +0200
+@@ -83,6 +83,9 @@
+ #include "getloadavg.h"
+ #endif
+
++#ifndef LOG_ATD
++#define LOG_ATD LOG_DAEMON
++#endif
+ /* Macros */
+
+ #define BATCH_INTERVAL_DEFAULT 60
+@@ -194,6 +197,18 @@ myfork()
+
+ #define fork myfork
+ #endif
++#undef ATD_MAIL_PROGRAM
++#undef ATD_MAIL_NAME
++#if defined(SENDMAIL)
++#define ATD_MAIL_PROGRAM SENDMAIL
++#define ATD_MAIL_NAME "sendmail"
++#elif defined(MAILC)
++#define ATD_MAIL_PROGRAM MAILC
++#define ATD_MAIL_NAME "mail"
++#elif defined(MAILX)
++#define ATD_MAIL_PROGRAM MAILX
++#define ATD_MAIL_NAME "mailx"
++#endif
+
+ static void
+ run_file(const char *filename, uid_t uid, gid_t gid)
+@@ -271,6 +286,9 @@ run_file(const char *filename, uid_t uid
+ free(newname);
+ return;
+ }
++
++ (void) setsid(); //own session for process
++
+ /* Let's see who we mail to. Hopefully, we can read it from
+ * the command file; if not, send it to the owner, or, failing that,
+ * to root.
+@@ -433,6 +451,9 @@ run_file(const char *filename, uid_t uid
+ if (setuid(uid) < 0)
+ perr("Cannot set user id");
+
++ if (SIG_ERR == signal(SIGCHLD, SIG_DFL))
++ perr("Cannot reset signal handler to default");
++
+ chdir("/");
+
+ if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0)
+@@ -501,6 +522,9 @@ run_file(const char *filename, uid_t uid
+ if (setuid(uid) < 0)
+ perr("Cannot set user id");
+
++ if (SIG_ERR == signal(SIGCHLD, SIG_DFL))
++ perr("Cannot reset signal handler to default");
++
+ chdir ("/");
+
+ #if defined(SENDMAIL)
+@@ -615,6 +639,7 @@ run_loop()
+ * Let's remove the lockfile and reschedule.
+ */
+ strncpy(lock_name, dirent->d_name, sizeof(lock_name));
++ lock_name[sizeof(lock_name)-1] = '\0';
+ lock_name[0] = '=';
+ unlink(lock_name);
+ next_job = now;
+@@ -649,6 +674,7 @@ run_loop()
+ run_batch++;
+ if (strcmp(batch_name, dirent->d_name) > 0) {
+ strncpy(batch_name, dirent->d_name, sizeof(batch_name));
++ batch_name[sizeof(batch_name)-1] = '\0';
+ batch_uid = buf.st_uid;
+ batch_gid = buf.st_gid;
+ batch_queue = queue;
+@@ -723,11 +749,7 @@ main(int argc, char *argv[])
+
+ RELINQUISH_PRIVS_ROOT(daemon_uid, daemon_gid)
+
+-#ifndef LOG_CRON
+-#define LOG_CRON LOG_DAEMON
+-#endif
+-
+- openlog("atd", LOG_PID, LOG_CRON);
++ openlog("atd", LOG_PID, LOG_ATD);
+
+ opterr = 0;
+ errno = 0;
diff --git a/at-3.1.13-pam.patch b/at-3.1.13-pam.patch
new file mode 100644
index 0000000..e4cae11
--- /dev/null
+++ b/at-3.1.13-pam.patch
@@ -0,0 +1,430 @@
+diff -up at-3.1.13/at.c.pam at-3.1.13/at.c
+--- at-3.1.13/at.c.pam 2011-07-29 13:51:50.234127938 +0200
++++ at-3.1.13/at.c 2011-07-29 13:51:50.245127883 +0200
+@@ -141,18 +141,13 @@ sigc(int signo)
+ /* If the user presses ^C, remove the spool file and exit
+ */
+ if (fcreated) {
+- /*
+ PRIV_START
+-
++ /*
+ We need the unprivileged uid here since the file is owned by the real
+ (not effective) uid.
+ */
+- setregid(real_gid, effective_gid);
+- unlink(atfile);
+- setregid(effective_gid, real_gid);
+- /*
++ unlink(atfile);
+ PRIV_END
+- */
+ }
+ exit(EXIT_FAILURE);
+ }
+@@ -318,26 +313,19 @@ writefile(time_t runtimer, char queue)
+ * bit. Yes, this is a kluge.
+ */
+ cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR);
+- seteuid(real_uid);
++ if ((seteuid(effective_uid)) < 0)
++ perr("Error in seteuid: %s", errno);
+ if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1)
+ perr("Cannot create atjob file %.500s", atfile);
+- seteuid(effective_uid);
+
+ if ((fd2 = dup(fd)) < 0)
+ perr("Error in dup() of job file");
+
+- /*
+ if (fchown(fd2, real_uid, real_gid) != 0)
+- perr("Cannot give away file");
+- */
++ perr("Cannot give real_uid and real_gid the file");
+
+ PRIV_END
+
+- /* We no longer need suid root; now we just need to be able to write
+- * to the directory, if necessary.
+- */
+-
+- REDUCE_PRIV(daemon_uid, daemon_gid)
+ /* We've successfully created the file; let's set the flag so it
+ * gets removed in case of an interrupt or error.
+ */
+@@ -661,7 +649,7 @@ process_jobs(int argc, char **argv, int
+ We need the unprivileged uid here since the file is owned by the real
+ (not effective) uid.
+ */
+- setregid(real_gid, effective_gid);
++ PRIV_START
+
+ if (queue == '=') {
+ fprintf(stderr, "Warning: deleting running job\n");
+@@ -670,8 +658,8 @@ process_jobs(int argc, char **argv, int
+ perr("Cannot unlink %.500s", dirent->d_name);
+ rc = EXIT_FAILURE;
+ }
++ PRIV_END
+
+- setregid(effective_gid, real_gid);
+ done = 1;
+
+ break;
+@@ -681,7 +669,7 @@ process_jobs(int argc, char **argv, int
+ FILE *fp;
+ int ch;
+
+- setregid(real_gid, effective_gid);
++ PRIV_START
+ fp = fopen(dirent->d_name, "r");
+
+ if (fp) {
+@@ -694,7 +682,7 @@ process_jobs(int argc, char **argv, int
+ perr("Cannot open %.500s", dirent->d_name);
+ rc = EXIT_FAILURE;
+ }
+- setregid(effective_gid, real_gid);
++ PRIV_END
+ }
+ break;
+
+diff -up at-3.1.13/atd.c.pam at-3.1.13/atd.c
+--- at-3.1.13/atd.c.pam 2011-07-29 13:51:50.240127908 +0200
++++ at-3.1.13/atd.c 2011-07-29 13:54:35.805384873 +0200
+@@ -111,7 +111,7 @@ static int run_as_daemon = 0;
+
+ static volatile sig_atomic_t term_signal = 0;
+
+-#ifdef HAVE_PAM
++#ifdef WITH_PAM
+ #include <security/pam_appl.h>
+
+ static pam_handle_t *pamh = NULL;
+@@ -120,15 +120,7 @@ static const struct pam_conv conv = {
+ NULL
+ };
+
+-#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
+- fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
+- syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
+- pam_end(pamh, retcode); exit(1); \
+- }
+-#define PAM_END { retcode = pam_close_session(pamh,0); \
+- pam_end(pamh,retcode); }
+-
+-#endif /* HAVE_PAM */
++#endif /* WITH_PAM */
+
+ /* Signal handlers */
+ RETSIGTYPE
+@@ -235,7 +227,7 @@ run_file(const char *filename, uid_t uid
+ char fmt[64];
+ unsigned long jobno;
+ int rc;
+-#ifdef HAVE_PAM
++#ifdef WITH_PAM
+ int retcode;
+ #endif
+
+@@ -395,17 +387,10 @@ run_file(const char *filename, uid_t uid
+ fstat(fd_out, &buf);
+ size = buf.st_size;
+
+-#ifdef HAVE_PAM
+- PRIV_START
+- retcode = pam_start("atd", pentry->pw_name, &conv, &pamh);
+- PAM_FAIL_CHECK;
+- retcode = pam_acct_mgmt(pamh, PAM_SILENT);
+- PAM_FAIL_CHECK;
+- retcode = pam_open_session(pamh, PAM_SILENT);
+- PAM_FAIL_CHECK;
+- retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT);
+- PAM_FAIL_CHECK;
+- PRIV_END
++#ifdef WITH_PAM
++ PAM_HANDLING;
++ closelog();
++ openlog("atd", LOG_PID, LOG_ATD);
+ #endif
+
+ close(STDIN_FILENO);
+@@ -419,7 +404,14 @@ run_file(const char *filename, uid_t uid
+ else if (pid == 0) {
+ char *nul = NULL;
+ char **nenvp = &nul;
++ char **pam_envp=0L;
+
++ PRIV_START
++#ifdef WITH_PAM
++ pam_envp = pam_getenvlist(pamh);
++ if ( ( pam_envp != 0L ) && (pam_envp[0] != 0L) )
++ nenvp = pam_envp;
++#endif
+ /* Set up things for the child; we want standard input from the
+ * input file, and standard output and error sent to our output file.
+ */
+@@ -438,8 +430,6 @@ run_file(const char *filename, uid_t uid
+ close(fd_in);
+ close(fd_out);
+
+- PRIV_START
+-
+ nice((tolower((int) queue) - 'a' + 1) * 2);
+
+ if (initgroups(pentry->pw_name, pentry->pw_gid))
+@@ -458,7 +448,16 @@ run_file(const char *filename, uid_t uid
+
+ if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0)
+ perr("Exec failed for /bin/sh");
+-
++#ifdef WITH_PAM
++ if ( ( nenvp != &nul ) && (pam_envp != 0L) && (*pam_envp != 0L))
++ {
++ for( nenvp = pam_envp; *nenvp != 0L; nenvp++)
++ free(*nenvp);
++ free( pam_envp );
++ nenvp = &nul;
++ pam_envp=0L;
++ }
++#endif
+ PRIV_END
+ }
+ /* We're the parent. Let's wait.
+@@ -471,14 +470,6 @@ run_file(const char *filename, uid_t uid
+ */
+ waitpid(pid, (int *) NULL, 0);
+
+-#ifdef HAVE_PAM
+- PRIV_START
+- pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+- retcode = pam_close_session(pamh, PAM_SILENT);
+- pam_end(pamh, retcode);
+- PRIV_END
+-#endif
+-
+ /* Send mail. Unlink the output file after opening it, so it
+ * doesn't hang around after the run.
+ */
+@@ -509,8 +500,19 @@ run_file(const char *filename, uid_t uid
+ unlink(newname);
+ free(newname);
+
++#ifdef ATD_MAIL_PROGRAM
+ if (((send_mail != -1) && (buf.st_size != size)) || (send_mail == 1)) {
++ int mail_pid = -1;
++#ifdef WITH_PAM
++ PAM_HANDLING;
++ closelog();
++ openlog("atd", LOG_PID, LOG_ATD);
++#endif
++
++ mail_pid = fork();
+
++ if ( mail_pid == 0 )
++ {
+ PRIV_START
+
+ if (initgroups(pentry->pw_name, pentry->pw_gid))
+@@ -535,7 +537,23 @@ run_file(const char *filename, uid_t uid
+ perr("Exec failed for mail command");
+
+ PRIV_END
++ }
++ else if ( mail_pid == -1 ) {
++ perr("fork of mailer failed");
++ }
++ else {
++ /* Parent */
++ waitpid(mail_pid, (int *) NULL, 0);
++ }
++#ifdef WITH_PAM
++ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT );
++ pam_close_session(pamh, PAM_SILENT);
++ pam_end(pamh, PAM_ABORT);
++ closelog();
++ openlog("atd", LOG_PID, LOG_ATD);
++#endif
+ }
++#endif
+ exit(EXIT_SUCCESS);
+ }
+
+diff -up at-3.1.13/config.h.in.pam at-3.1.13/config.h.in
+--- at-3.1.13/config.h.in.pam 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/config.h.in 2011-07-29 13:51:50.246127878 +0200
+@@ -68,8 +68,8 @@
+ /* Define to 1 if you have the <nlist.h> header file. */
+ #undef HAVE_NLIST_H
+
+-/* Define to 1 for PAM support */
+-#undef HAVE_PAM
++/* Define if you are building with_pam */
++#undef WITH_PAM
+
+ /* Define to 1 if you have the `pstat_getdynamic' function. */
+ #undef HAVE_PSTAT_GETDYNAMIC
+diff -up at-3.1.13/configure.ac.pam at-3.1.13/configure.ac
+--- at-3.1.13/configure.ac.pam 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/configure.ac 2011-07-29 13:51:50.247127873 +0200
+@@ -84,7 +84,7 @@ AC_FUNC_GETLOADAVG
+ AC_CHECK_FUNCS(getcwd mktime strftime setreuid setresuid sigaction waitpid)
+ AC_CHECK_HEADERS(security/pam_appl.h, [
+ PAMLIB="-lpam"
+- AC_DEFINE(HAVE_PAM, 1, [Define to 1 for PAM support])
++ AC_DEFINE(WITH_PAM, 1, [Define to 1 for PAM support])
+ ])
+
+ dnl Checking for programs
+@@ -238,6 +238,13 @@ AC_ARG_WITH(daemon_username,
+ )
+ AC_SUBST(DAEMON_USERNAME)
+
++AC_ARG_WITH(pam,
++[ --with-pam Define to enable pam support ],
++AC_DEFINE(WITH_PAM),
++)
++AC_CHECK_LIB(pam, pam_start, PAMLIB='-lpam -lpam_misc')
++AC_SUBST(PAMLIB)
++
+ AC_MSG_CHECKING(groupname to run under)
+ AC_ARG_WITH(daemon_groupname,
+ [ --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) ],
+diff -up at-3.1.13/perm.c.pam at-3.1.13/perm.c
+--- at-3.1.13/perm.c.pam 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/perm.c 2011-07-29 13:51:50.248127868 +0200
+@@ -51,6 +51,14 @@
+ #define PRIV_END while(0)
+ #endif
+
++#ifdef WITH_PAM
++#include <security/pam_appl.h>
++static pam_handle_t *pamh = NULL;
++static const struct pam_conv conv = {
++ NULL
++};
++#endif
++
+ /* Structures and unions */
+
+
+@@ -108,18 +116,51 @@ user_in_file(const char *path, const cha
+ int
+ check_permission()
+ {
+- uid_t uid = geteuid();
++ uid_t euid = geteuid(), uid=getuid(), egid=getegid(), gid=getgid();
+ struct passwd *pentry;
+ int allow = 0, deny = 1;
+
+- if (uid == 0)
++ int retcode = 0;
++ if (euid == 0)
+ return 1;
+
+- if ((pentry = getpwuid(uid)) == NULL) {
++ if ((pentry = getpwuid(euid)) == NULL) {
+ perror("Cannot access user database");
+ exit(EXIT_FAILURE);
+ }
+
++#ifdef WITH_PAM
++/*
++ * We must check if the atd daemon userid will be allowed to gain the job owner user's
++ * credentials with PAM . If not, the user has been denied at(1) usage, eg. with pam_access.
++ */
++ if (setreuid(daemon_uid, daemon_uid) != 0) {
++ fprintf(stderr, "cannot set egid: %s", strerror(errno));
++ exit(1);
++ }
++ if (setregid(daemon_gid, daemon_gid) != 0) {
++ fprintf(stderr, "cannot set euid: %s", strerror(errno));
++ exit(1);
++ }
++
++ pam_close_session(pamh,PAM_SILENT);
++
++ PAM_HANDLING;
++
++ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT );
++ pam_close_session(pamh,PAM_SILENT);
++ pam_end(pamh, PAM_ABORT);
++
++ if (setregid(gid,egid) != 0) {
++ fprintf(stderr, "cannot set egid: %s", strerror(errno));
++ exit(1);
++ }
++ if (setreuid(uid,euid) != 0) {
++ fprintf(stderr, "cannot set euid: %s", strerror(errno));
++ exit(1);
++ }
++#endif
++
+ allow = user_in_file(ETCDIR "/at.allow", pentry->pw_name);
+ if (allow==0 || allow==1)
+ return allow;
+diff -up at-3.1.13/privs.h.pam at-3.1.13/privs.h
+--- at-3.1.13/privs.h.pam 2011-06-25 14:43:14.000000000 +0200
++++ at-3.1.13/privs.h 2011-07-29 13:51:50.248127868 +0200
+@@ -144,3 +144,61 @@ extern gid_t real_gid, effective_gid, da
+ #error "Cannot implement user ID swapping without setreuid or setresuid"
+ #endif
+ #endif
++
++#ifdef WITH_PAM
++/* PAM failed after session was open. */
++#define PAM_SESSION_FAIL if (retcode != PAM_SUCCESS) \
++ pam_close_session(pamh,PAM_SILENT);
++
++/* syslog will be logging error messages */
++#ifdef HAVE_UNISTD_H
++#include <syslog.h>
++#endif
++
++/* PAM fail even before opening the session */
++#define PAM_FAIL_CHECK \
++ do { if (retcode != PAM_SUCCESS) { \
++ fprintf(stderr,"PAM failure: %s\n",pam_strerror(pamh, retcode)); \
++ syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
++ if (pamh) \
++ pam_end(pamh, retcode); \
++ if (setregid(getgid(),getegid()) != 0) { \
++ fprintf(stderr, "cannot set egid: %s", strerror(errno)); \
++ exit(1); \
++ } \
++ if (setreuid(getuid(),geteuid()) != 0) { \
++ fprintf(stderr, "cannot set euid: %s", strerror(errno)); \
++ exit(1); \
++ } \
++ exit(1); \
++ } \
++ } while (0) \
++
++/* PAM - check after every operation whether they passed */
++#define PAM_HANDLING \
++ do { pamh = NULL; \
++ retcode = pam_start("atd", pentry->pw_name, &conv, &pamh); \
++ PAM_FAIL_CHECK; \
++ retcode = pam_set_item(pamh, PAM_TTY, "atd"); \
++ PAM_FAIL_CHECK; \
++ retcode = pam_acct_mgmt(pamh, PAM_SILENT); \
++ PAM_FAIL_CHECK; \
++ retcode = pam_open_session(pamh, PAM_SILENT); \
++ PAM_FAIL_CHECK; \
++ retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT); \
++ PAM_SESSION_FAIL; \
++ PAM_FAIL_CHECK; \
++ } while (0)
++
++/* OLD FAIL_CHECK ONLY FOR perm.c
++ * define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
++ * fprintf(stderr,"\nPAM failure %s\n",pam_strerror(pamh, retcode)); \
++ * syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
++ * if (pamh) \
++ * pam_end(pamh, retcode); \
++ * exit(1); \
++ * }
++ */
++
++#endif
++
diff --git a/at-3.1.13-selinux.patch b/at-3.1.13-selinux.patch
new file mode 100644
index 0000000..0fcaff1
--- /dev/null
+++ b/at-3.1.13-selinux.patch
@@ -0,0 +1,165 @@
+diff -up at-3.1.13/atd.c.selinux at-3.1.13/atd.c
+--- at-3.1.13/atd.c.selinux 2011-07-29 13:58:54.282221007 +0200
++++ at-3.1.13/atd.c 2011-07-29 14:02:46.563175313 +0200
+@@ -83,6 +83,14 @@
+ #include "getloadavg.h"
+ #endif
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#include <selinux/get_context_list.h>
++int selinux_enabled=0;
++#include <selinux/flask.h>
++#include <selinux/av_permissions.h>
++#endif
++
+ #ifndef LOG_ATD
+ #define LOG_ATD LOG_DAEMON
+ #endif
+@@ -202,6 +210,68 @@ myfork()
+ #define ATD_MAIL_NAME "mailx"
+ #endif
+
++#ifdef WITH_SELINUX
++static int set_selinux_context(const char *name, const char *filename) {
++ security_context_t user_context=NULL;
++ security_context_t file_context=NULL;
++ struct av_decision avd;
++ int retval=-1;
++ char *seuser=NULL;
++ char *level=NULL;
++
++ if (getseuserbyname(name, &seuser, &level) == 0) {
++ retval=get_default_context_with_level(seuser, level, NULL, &user_context);
++ free(seuser);
++ free(level);
++ if (retval) {
++ if (security_getenforce()==1) {
++ perr("execle: couldn't get security context for user %s\n", name);
++ } else {
++ syslog(LOG_ERR, "execle: couldn't get security context for user %s\n", name);
++ return -1;
++ }
++ }
++ }
++
++ /*
++ * Since crontab files are not directly executed,
++ * crond must ensure that the crontab file has
++ * a context that is appropriate for the context of
++ * the user cron job. It performs an entrypoint
++ * permission check for this purpose.
++ */
++ if (fgetfilecon(STDIN_FILENO, &file_context) < 0)
++ perr("fgetfilecon FAILED %s", filename);
++
++ retval = security_compute_av(user_context,
++ file_context,
++ SECCLASS_FILE,
++ FILE__ENTRYPOINT,
++ &avd);
++ freecon(file_context);
++ if (retval || ((FILE__ENTRYPOINT & avd.allowed) != FILE__ENTRYPOINT)) {
++ if (security_getenforce()==1) {
++ perr("Not allowed to set exec context to %s for user %s\n", user_context,name);
++ } else {
++ syslog(LOG_ERR, "Not allowed to set exec context to %s for user %s\n", user_context,name);
++ retval = -1;
++ goto err;
++ }
++ }
++ if (setexeccon(user_context) < 0) {
++ if (security_getenforce()==1) {
++ perr("Could not set exec context to %s for user %s\n", user_context,name);
++ retval = -1;
++ } else {
++ syslog(LOG_ERR, "Could not set exec context to %s for user %s\n", user_context,name);
++ }
++ }
++ err:
++ freecon(user_context);
++ return 0;
++}
++#endif
++
+ static void
+ run_file(const char *filename, uid_t uid, gid_t gid)
+ {
+@@ -445,9 +515,24 @@ run_file(const char *filename, uid_t uid
+ perr("Cannot reset signal handler to default");
+
+ chdir("/");
++#ifdef WITH_SELINUX
++ if (selinux_enabled > 0) {
++ if (set_selinux_context(pentry->pw_name, filename) < 0)
++ perr("SELinux Failed to set context\n");
++ }
++#endif
+
+ if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0)
+ perr("Exec failed for /bin/sh");
++//add for fedora
++#ifdef WITH_SELINUX
++ if (selinux_enabled>0)
++ if (setexeccon(NULL) < 0)
++ if (security_getenforce()==1)
++ perr("Could not resset exec context for user %s\n", pentry->pw_name);
++#endif
++//end
++//add for fedora
+ #ifdef WITH_PAM
+ if ( ( nenvp != &nul ) && (pam_envp != 0L) && (*pam_envp != 0L))
+ {
+@@ -751,6 +836,10 @@ main(int argc, char *argv[])
+ struct passwd *pwe;
+ struct group *ge;
+
++#ifdef WITH_SELINUX
++ selinux_enabled=is_selinux_enabled();
++#endif
++
+ /* We don't need root privileges all the time; running under uid and gid
+ * daemon is fine.
+ */
+diff -up at-3.1.13/config.h.in.selinux at-3.1.13/config.h.in
+--- at-3.1.13/config.h.in.selinux 2011-07-29 13:58:54.283221003 +0200
++++ at-3.1.13/config.h.in 2011-07-29 13:58:54.289220979 +0200
+@@ -71,6 +71,9 @@
+ /* Define if you are building with_pam */
+ #undef WITH_PAM
+
++/* Define if you are building with_selinux */
++#undef WITH_SELINUX
++
+ /* Define to 1 if you have the `pstat_getdynamic' function. */
+ #undef HAVE_PSTAT_GETDYNAMIC
+
+diff -up at-3.1.13/configure.ac.selinux at-3.1.13/configure.ac
+--- at-3.1.13/configure.ac.selinux 2011-07-29 13:58:54.284220999 +0200
++++ at-3.1.13/configure.ac 2011-07-29 13:58:54.290220975 +0200
+@@ -266,5 +266,13 @@ AC_ARG_WITH(daemon_groupname,
+ )
+ AC_SUBST(DAEMON_GROUPNAME)
+
++AC_ARG_WITH(selinux,
++[ --with-selinux Define to run with selinux],
++AC_DEFINE(WITH_SELINUX),
++)
++AC_CHECK_LIB(selinux, is_selinux_enabled, SELINUXLIB=-lselinux)
++AC_SUBST(SELINUXLIB)
++AC_SUBST(WITH_SELINUX)
++
+ AC_CONFIG_FILES(Makefile atrun atd.8 atrun.8 at.1 at.allow.5 batch)
+ AC_OUTPUT
+diff -up at-3.1.13/Makefile.in.selinux at-3.1.13/Makefile.in
+--- at-3.1.13/Makefile.in.selinux 2011-07-29 13:58:54.270221055 +0200
++++ at-3.1.13/Makefile.in 2011-07-29 13:58:54.290220975 +0200
+@@ -39,6 +39,8 @@ LIBS = @LIBS@
+ LIBOBJS = @LIBOBJS@
+ INSTALL = @INSTALL@
+ PAMLIB = @PAMLIB@
++SELINUXLIB = @SELINUXLIB@
++
+
+ CLONES = atq atrm
+ ATOBJECTS = at.o panic.o perm.o posixtm.o y.tab.o lex.yy.o
diff --git a/at.spec b/at.spec
index 3418b28..da563f2 100644
--- a/at.spec
+++ b/at.spec
@@ -1,32 +1,28 @@
-# needed because of _ in upstream tarball
-%define major_ver 3.1.12
-
%bcond_without pam
Summary: Job spooling tools
Name: at
-Version: %{major_ver}
-Release: 11%{dist}
+Version: 3.1.13
+Release: 1%{dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://ftp.debian.org/debian/pool/main/a/at
-Source: http://ftp.debian.org/debian/pool/main/a/at/at_%{major_ver}.orig.tar.gz
+Source: http://ftp.debian.org/debian/pool/main/a/at/at_%{version}.orig.tar.gz
# git upstream source git://git.debian.org/git/collab-maint/at.git
-Source1: pam_atd
-Source2: atd.init
-Source3: atd.sysconf
-Source4: 56atd
-Source5: atd.systemd
-
-Patch1: at-3.1.12-makefile.patch
-Patch2: at-3.1.12-opt_V.patch
-Patch3: at-3.1.12-shell.patch
-Patch4: at-3.1.12-nitpicks.patch
-Patch5: at-3.1.12-pam.patch
-Patch6: at-3.1.12-selinux.patch
-Patch7: at-3.1.12-fix.patch
-Patch8: at-3.1.12-nowrap.patch
-Patch9: at-3.1.12-fix_no_export.patch
+Source1: pam_atd
+Source2: atd.init
+Source3: atd.sysconf
+Source4: 56atd
+Source5: atd.systemd
+
+Patch1: at-3.1.13-makefile.patch
+Patch2: at-3.1.12-opt_V.patch
+Patch3: at-3.1.12-shell.patch
+Patch4: at-3.1.13-nitpicks.patch
+Patch5: at-3.1.13-pam.patch
+Patch6: at-3.1.13-selinux.patch
+Patch7: at-3.1.12-nowrap.patch
+Patch8: at-3.1.12-fix_no_export.patch
BuildRequires: fileutils /etc/init.d
BuildRequires: flex flex-static bison autoconf
@@ -75,9 +71,8 @@ cp %{SOURCE1} .
%patch4 -p1 -b .nit
%patch5 -p1 -b .pam
%patch6 -p1 -b .selinux
-%patch7 -p1 -b .fix
-%patch8 -p1 -b .nowrap
-%patch9 -p1 -b .export
+%patch7 -p1 -b .nowrap
+%patch8 -p1 -b .export
%build
# patch9 touches configure.in
@@ -122,10 +117,6 @@ install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/atd
mkdir -p %{buildroot}%{_sysconfdir}/rc.d/init.d
install -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/atd
-mv -f %{buildroot}/%{_mandir}/man5/at_allow.5 \
- %{buildroot}/%{_mandir}/man5/at.allow.5
-rm -f %{buildroot}/%{_mandir}/man5/at_deny.5
-
mkdir -p %{buildroot}/etc/sysconfig
install -m 644 %{SOURCE3} %{buildroot}/etc/sysconfig/atd
@@ -197,6 +188,10 @@ fi
%attr(0755,root,root) %{_initrddir}/atd
%changelog
+* Fri Jul 29 2011 Marcela Mašláňová <mmaslano at redhat.com> - 3.1.13-1
+- update to 3.1.13
+- rewrite patches to be applicable
+
* Thu Jul 21 2011 Marcela Mašláňová <mmaslano at redhat.com> - 3.1.12-11
- fix permission of init.d/atd
More information about the scm-commits
mailing list