rpms/vixie-cron/devel vixie-cron-4.1-_46-audit.patch, NONE, 1.1 vixie-cron-4.1-_47-m_option.patch, NONE, 1.1 vixie-cron.spec, 1.58, 1.59
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Sun Nov 13 22:55:08 UTC 2005
- Previous message (by thread): rpms/lynx/devel lynx-CVE-2005-2929.patch, NONE, 1.1 lynx.spec, 1.29, 1.30
- Next message (by thread): rpms/rhpxl/devel .cvsignore, 1.5, 1.6 rhpxl.spec, 1.6, 1.7 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jvdias
Update of /cvs/dist/rpms/vixie-cron/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv22496
Modified Files:
vixie-cron.spec
Added Files:
vixie-cron-4.1-_46-audit.patch
vixie-cron-4.1-_47-m_option.patch
Log Message:
- patches for IBM LSPP testing:
- Steve Grubb's patch to emit audit log message on crontab denial
- Use of sendmail unacceptable for LSPP: provide -m <mail command> option
vixie-cron-4.1-_46-audit.patch:
Makefile | 4 ++--
misc.c | 11 +++++++++++
2 files changed, 13 insertions(+), 2 deletions(-)
--- NEW FILE vixie-cron-4.1-_46-audit.patch ---
diff -ur vixie-cron-4.1.orig/Makefile vixie-cron-4.1/Makefile
--- vixie-cron-4.1.orig/Makefile 2005-10-27 13:33:56.000000000 -0400
+++ vixie-cron-4.1/Makefile 2005-10-27 13:42:37.000000000 -0400
@@ -60,7 +60,7 @@
INCLUDE = -I.
#INCLUDE =
#<<need getopt()>>
-LIBS = -lselinux -lpam -lpam_misc
+LIBS = -lselinux -lpam -lpam_misc -laudit
#<<optimize or debug?>>
#CDEBUG = -O
#CDEBUG = -g
@@ -70,7 +70,7 @@
#<<want to use a nonstandard CC?>>
CC = gcc -Wall -Wno-unused -Wno-comment
#<<manifest defines>>
-DEFS = -DWITH_SELINUX -DWITH_PAM
+DEFS = -DWITH_SELINUX -DWITH_PAM -DWITH_AUDIT
#(SGI IRIX systems need this)
#DEFS = -D_BSD_SIGNALS -Dconst=
#<<the name of the BSD-like install program>>
diff -ur vixie-cron-4.1.orig/misc.c vixie-cron-4.1/misc.c
--- vixie-cron-4.1.orig/misc.c 2005-10-27 13:33:56.000000000 -0400
+++ vixie-cron-4.1/misc.c 2005-10-27 13:41:31.000000000 -0400
@@ -29,6 +29,9 @@
#include "cron.h"
#include <limits.h>
+#ifdef WITH_AUDIT
+#include <libaudit.h>
+#endif
#if defined(SYSLOG) && defined(LOG_FILE)
# undef LOG_FILE
@@ -487,6 +490,14 @@
isallowed = TRUE;
}
}
+#ifdef WITH_AUDIT
+ if (isallowed == FALSE) {
+ int audit_fd = audit_open();
+ audit_log_user_message(audit_fd, AUDIT_USER_START, "cron deny",
+ NULL, NULL, NULL, 0);
+ close(audit_fd);
+ }
+#endif
return (isallowed);
}
vixie-cron-4.1-_47-m_option.patch:
cron.8 | 11 +++++++++++
cron.c | 7 +++++--
do_command.c | 18 +++++++++++++-----
globals.h | 1 +
4 files changed, 30 insertions(+), 7 deletions(-)
--- NEW FILE vixie-cron-4.1-_47-m_option.patch ---
--- vixie-cron-4.1/do_command.c.-m_option 2005-11-13 15:46:37.000000000 -0500
+++ vixie-cron-4.1/do_command.c 2005-11-13 17:03:34.000000000 -0500
@@ -508,16 +508,24 @@
char hostname[MAXHOSTNAMELEN];
gethostname(hostname, MAXHOSTNAMELEN);
- if (strlens(MAILFMT, MAILARG, NULL) + 1
- >= sizeof mailcmd) {
- fprintf(stderr, "mailcmd too long\n");
- (void) _exit(ERROR_EXIT);
+
+ if ( MailCmd[0] == '\0' )
+ {
+ if (strlens(MAILFMT, MAILARG, NULL) + 1
+ >= sizeof mailcmd) {
+ fprintf(stderr, "mailcmd too long\n");
+ (void) _exit(ERROR_EXIT);
+ }
+ (void)sprintf(mailcmd, MAILFMT, MAILARG);
+ }else
+ {
+ strncpy( mailcmd, MailCmd, MAX_COMMAND );
}
- (void)sprintf(mailcmd, MAILFMT, MAILARG);
if (!(mail = cron_popen(mailcmd, "w", e->pwd))) {
perror(mailcmd);
(void) _exit(ERROR_EXIT);
}
+
fprintf(mail, "From: root (Cron Daemon)\n");
fprintf(mail, "To: %s\n", mailto);
fprintf(mail, "Subject: Cron <%s@%s> %s\n",
--- vixie-cron-4.1/globals.h.-m_option 2005-11-13 15:46:37.000000000 -0500
+++ vixie-cron-4.1/globals.h 2005-11-13 16:56:16.000000000 -0500
@@ -65,6 +65,7 @@
XTRN int NoFork INIT(0);
XTRN int PermitAnyCrontab INIT(0);
XTRN int ValidateMailRcpts INIT(0);
+XTRN char MailCmd[MAX_COMMAND] INIT("");
#if DEBUGGING
XTRN int DebugFlags INIT(0);
--- vixie-cron-4.1/cron.8.-m_option 2005-11-13 15:46:37.000000000 -0500
+++ vixie-cron-4.1/cron.8 2005-11-13 17:10:34.000000000 -0500
@@ -29,6 +29,7 @@
.IR load_avg ]
.RB [ \-n ]
.RB [ \-p ]
+.RB [ \-m <mail command> ]
.SH DESCRIPTION
.I Cron
should be started from /etc/rc or /etc/rc.local. It will return immediately,
@@ -63,6 +64,16 @@
.IR Crontab (1)
command updates the modtime of the spool directory whenever it changes a
crontab.
+.PP
+The
+.B -m
+option allows you to specify a shell command string to use for sending
+cron mail output instead of
+.IR sendmail (8).
+This command must accept a fully
+formatted mail message (with headers) on stdin and send it as a mail
+message to the recipients specified in the mail headers.
+.PP
.SS Daylight Saving Time and other time changes
Local time changes of less than three hours, such as those caused
by the start or end of Daylight Saving Time, are handled specially.
--- vixie-cron-4.1/cron.c.-m_option 2005-11-13 15:46:37.000000000 -0500
+++ vixie-cron-4.1/cron.c 2005-11-13 16:58:30.000000000 -0500
@@ -48,7 +48,7 @@
usage(void) {
const char **dflags;
- fprintf(stderr, "usage: %s [-n] [-p] [-x [", ProgramName);
+ fprintf(stderr, "usage: %s [-n] [-p] [-m <mail command>] [-x [", ProgramName);
for (dflags = DebugFlagNames; *dflags; dflags++)
fprintf(stderr, "%s%s", *dflags, dflags[1] ? "," : "]");
fprintf(stderr, "]\n");
@@ -437,7 +437,7 @@
parse_args(int argc, char *argv[]) {
int argch;
- while (-1 != (argch = getopt(argc, argv, "npx:"))) {
+ while (-1 != (argch = getopt(argc, argv, "npx:m:"))) {
switch (argch) {
default:
usage();
@@ -451,6 +451,9 @@
case 'p':
PermitAnyCrontab=1;
break;
+ case 'm':
+ strncpy(MailCmd, optarg, MAX_COMMAND);
+ break;
}
}
}
Index: vixie-cron.spec
===================================================================
RCS file: /cvs/dist/rpms/vixie-cron/devel/vixie-cron.spec,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- vixie-cron.spec 18 Oct 2005 19:12:06 -0000 1.58
+++ vixie-cron.spec 13 Nov 2005 22:55:06 -0000 1.59
@@ -7,7 +7,7 @@
Summary: The Vixie cron daemon for executing specified programs at set times.
Name: vixie-cron
Version: 4.1
-Release: 40.FC5
+Release: 41.FC5
Epoch: 4
License: distributable
Group: System Environment/Base
@@ -60,6 +60,8 @@
Patch43: vixie-cron-4.1-_43-config_comments.patch
Patch44: vixie-cron-4.1-_44-build_env.patch
Patch45: vixie-cron-4.1-_45-warnings.patch
+Patch46: vixie-cron-4.1-_46-audit.patch
+Patch47: vixie-cron-4.1-_47-m_option.patch
Buildroot: %{_tmppath}/%{name}-%{version}-root
Requires: sysklogd >= 1.3.33-6, bash >= 2.0
%if %{WITH_SELINUX}
@@ -135,6 +137,8 @@
%patch43 -p1 -b .config_comments
%patch44 -p1 -b .build_env
%patch45 -p1 -b .warnings
+%patch46 -p1 -b .audit_deny
+%patch47 -p1 -b .-m_option
%build
make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -g -DLINT -Dlint -Werror"
@@ -192,7 +196,12 @@
%config(noreplace) /etc/sysconfig/crond
%changelog
-* Tue Oct 18 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-39-FC5
+* Sun Nov 13 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-41-FC5
+- patches for IBM LSPP testing:
+- Steve Grubb's patch to emit audit log message on crontab denial
+- Use of sendmail unacceptable for LSPP: provide -m <mail command> option
+
+* Tue Oct 18 2005 Jason Vas Dias <jvdias at redhat.com> - 4.1-40-FC5
- *** NOTE : please do not modify vixie-cron without contacting ***
*** the package maintainer (me at the moment). ***
*** Or at least test it first! ***
- Previous message (by thread): rpms/lynx/devel lynx-CVE-2005-2929.patch, NONE, 1.1 lynx.spec, 1.29, 1.30
- Next message (by thread): rpms/rhpxl/devel .cvsignore, 1.5, 1.6 rhpxl.spec, 1.6, 1.7 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list