diff --git a/at-3.1.8-pam.patch b/at-3.1.8-pam.patch index 7166a04..a1e5040 100644 --- a/at-3.1.8-pam.patch +++ b/at-3.1.8-pam.patch @@ -1,6 +1,8 @@ ---- Makefile.in +Index: Makefile.in +=================================================================== +--- Makefile.in.orig +++ Makefile.in -@@ -28,6 +28,7 @@ +@@ -28,6 +28,7 @@ YACC = @YACC@ LEX = @LEX@ LEXLIB = @LEXLIB@ SELINUXLIB = @SELINUXLIB@ @@ -8,7 +10,7 @@ CC = @CC@ CFLAGS = @CFLAGS@ -@@ -73,7 +74,7 @@ +@@ -73,7 +74,7 @@ at: $(ATOBJECTS) $(LN_S) -f at atrm atd: $(RUNOBJECTS) @@ -17,18 +19,17 @@ y.tab.c y.tab.h: parsetime.y $(YACC) -d parsetime.y ---- atd.c +Index: atd.c +=================================================================== +--- atd.c.orig +++ atd.c -@@ -93,6 +93,20 @@ +@@ -93,6 +93,17 @@ int selinux_enabled=0; #include #endif +#ifdef WITH_PAM +#include +static pam_handle_t *pamh = NULL; -+static const struct pam_conv conv = { -+ NULL -+}; +#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \ + fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \ + syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \ @@ -40,7 +41,7 @@ /* Local headers */ #include "privs.h" -@@ -102,6 +116,10 @@ +@@ -102,6 +113,10 @@ int selinux_enabled=0; #include "getloadavg.h" #endif @@ -51,7 +52,7 @@ /* Macros */ #define BATCH_INTERVAL_DEFAULT 60 -@@ -195,6 +213,19 @@ +@@ -195,6 +210,47 @@ myfork() #define fork myfork #endif @@ -67,11 +68,39 @@ +#define ATD_MAIL_PROGRAM MAILX +#define ATD_MAIL_NAME "mailx" +#endif ++ ++#ifdef WITH_PAM ++static int ++cron_conv(int num_msg, const struct pam_message **msgm, ++ struct pam_response **response, void *appdata_ptr) ++{ ++ struct pam_message**m = msgm; ++ int i; ++ ++ for (i = 0; i < num_msg; i++) { ++ switch (m[i]->msg_style) { ++ case PAM_ERROR_MSG: ++ case PAM_TEXT_INFO: ++ if (m[i]->msg != NULL) { ++ syslog (LOG_NOTICE, "%s", m[i]->msg); ++ } ++ break; ++ default: ++ break; ++ } ++ } ++ return (0); ++} ++ ++static const struct pam_conv conv = { ++ cron_conv, NULL ++}; ++#endif + static void run_file(const char *filename, uid_t uid, gid_t gid) { -@@ -217,6 +248,9 @@ +@@ -217,6 +273,9 @@ run_file(const char *filename, uid_t uid int ngid; char queue; unsigned long jobno; @@ -81,7 +110,7 @@ sscanf(filename, "%c%5lx", &queue, &jobno); -@@ -361,6 +395,23 @@ +@@ -361,6 +420,23 @@ run_file(const char *filename, uid_t uid fstat(fd_out, &buf); size = buf.st_size; @@ -105,7 +134,7 @@ close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); -@@ -372,6 +423,16 @@ +@@ -372,6 +448,16 @@ run_file(const char *filename, uid_t uid else if (pid == 0) { char *nul = NULL; char **nenvp = &nul; @@ -122,7 +151,7 @@ /* Set up things for the child; we want standard input from the * input file, and standard output and error sent to our output file. -@@ -394,8 +455,6 @@ +@@ -394,8 +480,6 @@ run_file(const char *filename, uid_t uid if (chdir(ATJOB_DIR) < 0) perr("Cannot chdir to " ATJOB_DIR); @@ -131,7 +160,7 @@ nice((tolower((int) queue) - 'a' + 1) * 2); if (initgroups(pentry->pw_name, pentry->pw_gid)) -@@ -485,6 +544,24 @@ +@@ -485,6 +569,24 @@ run_file(const char *filename, uid_t uid if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0) perr("Exec failed for /bin/sh"); @@ -156,7 +185,7 @@ PRIV_END } /* We're the parent. Let's wait. -@@ -498,13 +575,6 @@ +@@ -498,13 +600,6 @@ run_file(const char *filename, uid_t uid */ waitpid(pid, (int *) NULL, 0); @@ -170,7 +199,7 @@ /* Send mail. Unlink the output file after opening it, so it * doesn't hang around after the run. */ -@@ -514,6 +584,14 @@ +@@ -514,6 +609,14 @@ run_file(const char *filename, uid_t uid unlink(filename); @@ -185,7 +214,7 @@ /* The job is now finished. We can delete its input file. */ chdir(ATJOB_DIR); -@@ -522,7 +600,31 @@ +@@ -522,7 +625,31 @@ run_file(const char *filename, uid_t uid if (((send_mail != -1) && (buf.st_size != size)) || (send_mail == 1)) { @@ -217,7 +246,7 @@ if (initgroups(pentry->pw_name, pentry->pw_gid)) perr("Cannot delete saved userids"); -@@ -535,6 +637,47 @@ +@@ -535,6 +662,47 @@ run_file(const char *filename, uid_t uid chdir ("/"); @@ -265,7 +294,7 @@ #if defined(SENDMAIL) execl(SENDMAIL, "sendmail", mailname, (char *) NULL); #elif defined(MAILC) -@@ -546,7 +689,33 @@ +@@ -546,7 +714,33 @@ run_file(const char *filename, uid_t uid #endif perr("Exec failed for mail command"); @@ -300,7 +329,7 @@ } exit(EXIT_SUCCESS); } -@@ -741,7 +910,7 @@ +@@ -741,7 +935,7 @@ main(int argc, char *argv[]) #ifdef WITH_SELINUX selinux_enabled=is_selinux_enabled(); @@ -309,7 +338,7 @@ /* We don't need root privileges all the time; running under uid and gid * daemon is fine. */ -@@ -758,12 +927,7 @@ +@@ -758,12 +952,7 @@ main(int argc, char *argv[]) RELINQUISH_PRIVS_ROOT(daemon_uid, daemon_gid) @@ -323,7 +352,9 @@ opterr = 0; errno = 0; run_as_daemon = 1; ---- config.h.in +Index: config.h.in +=================================================================== +--- config.h.in.orig +++ config.h.in @@ -187,3 +187,7 @@ @@ -333,9 +364,11 @@ +/* Define if you are building with_pam */ +#undef WITH_PAM + ---- configure.in +Index: configure.in +=================================================================== +--- configure.in.orig +++ configure.in -@@ -323,4 +323,11 @@ +@@ -323,4 +323,11 @@ AC_CHECK_LIB(selinux, is_selinux_enabled AC_SUBST(SELINUXLIB) AC_SUBST(WITH_SELINUX) @@ -347,9 +380,11 @@ +AC_SUBST(PAMLIB) + AC_OUTPUT(Makefile atrun atd.8 atrun.8 at.1 batch) ---- perm.c +Index: perm.c +=================================================================== +--- perm.c.orig +++ perm.c -@@ -109,14 +109,15 @@ +@@ -109,14 +109,15 @@ user_in_file(const char *path, const cha int check_permission() { diff --git a/at.changes b/at.changes index 4d00696..d77a20f 100644 --- a/at.changes +++ b/at.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Nov 18 17:18:44 UTC 2009 - mseben@novell.com + +- added pam conversion function (reworked pam.patch) fate#306386 + ------------------------------------------------------------------- Tue Nov 3 19:09:06 UTC 2009 - coolo@novell.com diff --git a/at.spec b/at.spec index 73b47e0..6d1db47 100644 --- a/at.spec +++ b/at.spec @@ -26,7 +26,7 @@ License: GPL v2 or later Group: System/Daemons AutoReqProv: on Version: 3.1.8 -Release: 1076 +Release: 1077 Summary: A Job Manager Source: at_3.1.8-11.tar.gz Source1: atd.init