rpms/vixie-cron/devel vixie-cron-4.1-getseuserbyname.patch, NONE, 1.1 vixie-cron.spec, 1.55, 1.56
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Oct 14 20:08:12 UTC 2005
- Previous message (by thread): rpms/openldap/FC-4 openldap-2.0.27-hop.patch, NONE, 1.1 openldap-2.1.30-hop.patch, NONE, 1.1 openldap-2.2.13-tls-fix-connection-test.patch, NONE, 1.1 openldap.spec, 1.40, 1.41 sources, 1.18, 1.19
- Next message (by thread): rpms/abiword/FC-3 abiword.spec,1.46,1.47
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/vixie-cron/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv14922
Modified Files:
vixie-cron.spec
Added Files:
vixie-cron-4.1-getseuserbyname.patch
Log Message:
add getseuserbyname support
vixie-cron-4.1-getseuserbyname.patch:
user.c | 25 ++++++++++++++++++-------
1 files changed, 18 insertions(+), 7 deletions(-)
--- NEW FILE vixie-cron-4.1-getseuserbyname.patch ---
--- vixie-cron-4.1/user.c~ 2005-10-14 14:55:17.000000000 -0400
+++ vixie-cron-4.1/user.c 2005-10-14 15:15:07.000000000 -0400
@@ -44,15 +44,26 @@
security_context_t file_context=NULL;
struct av_decision avd;
int retval=0;
+ char *seuser=NULL;
+ char *level=NULL;
*rcontext = NULL;
- if (get_default_context(name, NULL, &scontext)) {
- if (security_getenforce() > 0) {
- log_it(name, getpid(), "No SELinux security context",tabname);
- return -1;
- } else {
- log_it(name, getpid(), "No security context but SELinux in permissive mode, continuing",tabname);
- return 0;
+
+ if (getseuserbyname(name, &seuser, &level) == 0) {
+ retval=get_default_context_with_level(seuser, level, NULL, &scontext);
+ free(seuser);
+ free(level);
+ if (retval) {
+ if (security_getenforce() > 0) {
+ log_it(name, getpid(), "No SELinux security context",tabname);
+ return -1;
+ } else {
+ log_it(name, getpid(), "No security context but SELinux in permissive mode, continuing",tabname);
+ return 0;
+ }
}
+ } else {
+ log_it(name, getpid(), "getseusername FAILED", name);
+ return (security_getenforce() > 0);
}
if (fgetfilecon(crontab_fd, &file_context) < OK) {
Index: vixie-cron.spec
===================================================================
RCS file: /cvs/dist/rpms/vixie-cron/devel/vixie-cron.spec,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- vixie-cron.spec 14 Oct 2005 18:40:43 -0000 1.55
+++ vixie-cron.spec 14 Oct 2005 20:08:07 -0000 1.56
@@ -1,13 +1,11 @@
-%if %{?WITH_SELINUX:0}%{!?WITH_SELINUX:1}
%define WITH_SELINUX 1
-%endif
%if %{?WITH_PAM:0}%{!?WITH_PAM:1}
%define WITH_PAM 1
%endif
Summary: The Vixie cron daemon for executing specified programs at set times.
Name: vixie-cron
Version: 4.1
-Release: 39.FC5
+Release: 40.FC5
Epoch: 4
License: distributable
Group: System Environment/Base
@@ -56,13 +54,12 @@
Patch39: vixie-cron-4.1-loginuid.patch
Patch40: vixie_cron-4.1-162887.patch
Patch41: vixie-cron-4.1-CAN-2005-1038-fix-race.patch
+Patch42: vixie-cron-4.1-getseuserbyname.patch
Buildroot: %{_tmppath}/%{name}-%{version}-root
Requires: sysklogd >= 1.3.33-6, bash >= 2.0
-%if %{WITH_SELINUX}
Requires: libselinux >= 1.25.2-1
Buildrequires: libselinux-devel >= 1.25.2-1
-%endif
%if %{WITH_PAM}
Requires: pam >= 0.77-66.8
Buildrequires: pam-devel
@@ -89,11 +86,7 @@
%patch8 -p1 -b .root-allowed
%patch9 -p1 -b .no-header
%patch10 -p1 -b .manpages
-%if %{WITH_SELINUX}
-#SELinux
-# Enables SELinux support
%patch11 -p1 -b .with_selinux
-%endif
%patch12 -p1 -b .pam
%if %{WITH_PAM}
%patch13 -p1 -b .with_pam
@@ -107,10 +100,8 @@
%patch20 -p1 -b .nickname_man
%patch21 -p1 -b -i_option
%patch22 -p1 -b .no_0600_mode_enforce
-%if %{WITH_SELINUX}
%patch23 -p1 -b .freecon_segv
%patch24 -p1 -b .selinux_crontab_new
-%endif
%patch25 -p1 -b .allow-root-crontab
%patch26 -p1 -b .saved_uids
%patch27 -p1 -b .no-strip-header-comments
@@ -128,6 +119,7 @@
%patch39 -p1 -b .loginuid
%patch40 -p1 -b .162887
%patch41 -p1 -b .CAN-2005-1038-fix-race
+%patch42 -p1 -b .getseuserbyname
%build
make RPM_OPT_FLAGS="$RPM_OPT_FLAGS"
@@ -185,6 +177,9 @@
%config(noreplace) /etc/sysconfig/crond
%changelog
+* Fri Oct 14 2005 Dan Walsh <dwalsh at redhat.com> - 4.1-40.FC5
+- Change to use getseuserbyname for selinux
+
* Fri Oct 14 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-39-FC5
- fix bug 170830: the last PAM change disabled all cron jobs.
backing out the new PAM configuration file until I've had a
- Previous message (by thread): rpms/openldap/FC-4 openldap-2.0.27-hop.patch, NONE, 1.1 openldap-2.1.30-hop.patch, NONE, 1.1 openldap-2.2.13-tls-fix-connection-test.patch, NONE, 1.1 openldap.spec, 1.40, 1.41 sources, 1.18, 1.19
- Next message (by thread): rpms/abiword/FC-3 abiword.spec,1.46,1.47
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list