From 3dfd1fffeca103eee6051d2e671df2290261122cd2212eda362cf2f15f139c4d Mon Sep 17 00:00:00 2001 From: Michal Seben Date: Wed, 4 Nov 2009 07:37:55 +0000 Subject: [PATCH 1/5] Accepting request 23660 from home:coolo:branches:openSUSE:Factory:branched Copy from home:coolo:branches:openSUSE:Factory:branched/at via accept of submit request 23660 revision 2. Request was accepted with message: thanks OBS-URL: https://build.opensuse.org/request/show/23660 OBS-URL: https://build.opensuse.org/package/show/Base:System/at?expand=0&rev=6 --- at-3.1.8-queue-nice-level.patch | 10 ++++++---- at.changes | 5 +++++ 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/at-3.1.8-queue-nice-level.patch b/at-3.1.8-queue-nice-level.patch index 7d1fd9e..d8e9a18 100644 --- a/at-3.1.8-queue-nice-level.patch +++ b/at-3.1.8-queue-nice-level.patch @@ -1,8 +1,10 @@ ---- atd.c +Index: atd.c +=================================================================== +--- atd.c.orig +++ atd.c -@@ -383,7 +383,7 @@ - - PRIV_START +@@ -457,7 +457,7 @@ run_file(const char *filename, uid_t uid + if (chdir(ATJOB_DIR) < 0) + perr("Cannot chdir to " ATJOB_DIR); - nice((tolower((int) queue) - 'a' + 1) * 2); + nice((tolower((int) queue) - 'a' ) ); diff --git a/at.changes b/at.changes index e19bc3c..4d00696 100644 --- a/at.changes +++ b/at.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Nov 3 19:09:06 UTC 2009 - coolo@novell.com + +- updated patches to apply with fuzz=0 + ------------------------------------------------------------------- Thu Aug 27 12:16:43 CEST 2009 - mseben@novell.com From 13d381dbb1f81efd2ac346d769845cbc78ec134dc9dec9a346c2364c10445150 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Mon, 16 Nov 2009 16:58:54 +0000 Subject: [PATCH 2/5] checked in OBS-URL: https://build.opensuse.org/package/show/Base:System/at?expand=0&rev=7 --- at-3.1.8-queue-nice-level.patch | 10 ++++------ at.changes | 5 ----- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/at-3.1.8-queue-nice-level.patch b/at-3.1.8-queue-nice-level.patch index d8e9a18..7d1fd9e 100644 --- a/at-3.1.8-queue-nice-level.patch +++ b/at-3.1.8-queue-nice-level.patch @@ -1,10 +1,8 @@ -Index: atd.c -=================================================================== ---- atd.c.orig +--- atd.c +++ atd.c -@@ -457,7 +457,7 @@ run_file(const char *filename, uid_t uid - if (chdir(ATJOB_DIR) < 0) - perr("Cannot chdir to " ATJOB_DIR); +@@ -383,7 +383,7 @@ + + PRIV_START - nice((tolower((int) queue) - 'a' + 1) * 2); + nice((tolower((int) queue) - 'a' ) ); diff --git a/at.changes b/at.changes index 4d00696..e19bc3c 100644 --- a/at.changes +++ b/at.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Tue Nov 3 19:09:06 UTC 2009 - coolo@novell.com - -- updated patches to apply with fuzz=0 - ------------------------------------------------------------------- Thu Aug 27 12:16:43 CEST 2009 - mseben@novell.com From 574ccbc3ec4b400a5e71c96a0f89641c9faf48ba9d67f8f1faa5efe31606e45c Mon Sep 17 00:00:00 2001 From: Michal Seben Date: Fri, 20 Nov 2009 09:17:02 +0000 Subject: [PATCH 3/5] - added pam conversion function (reworked pam.patch) fate#306386 OBS-URL: https://build.opensuse.org/package/show/Base:System/at?expand=0&rev=8 --- at-3.1.8-pam.patch | 89 +++++++++++++++++++++++---------- at-3.1.8-queue-nice-level.patch | 10 ++-- at.changes | 10 ++++ at.spec | 2 +- 4 files changed, 79 insertions(+), 32 deletions(-) diff --git a/at-3.1.8-pam.patch b/at-3.1.8-pam.patch index 7166a04..a1e5040 100644 --- a/at-3.1.8-pam.patch +++ b/at-3.1.8-pam.patch @@ -1,6 +1,8 @@ ---- Makefile.in +Index: Makefile.in +=================================================================== +--- Makefile.in.orig +++ Makefile.in -@@ -28,6 +28,7 @@ +@@ -28,6 +28,7 @@ YACC = @YACC@ LEX = @LEX@ LEXLIB = @LEXLIB@ SELINUXLIB = @SELINUXLIB@ @@ -8,7 +10,7 @@ CC = @CC@ CFLAGS = @CFLAGS@ -@@ -73,7 +74,7 @@ +@@ -73,7 +74,7 @@ at: $(ATOBJECTS) $(LN_S) -f at atrm atd: $(RUNOBJECTS) @@ -17,18 +19,17 @@ y.tab.c y.tab.h: parsetime.y $(YACC) -d parsetime.y ---- atd.c +Index: atd.c +=================================================================== +--- atd.c.orig +++ atd.c -@@ -93,6 +93,20 @@ +@@ -93,6 +93,17 @@ int selinux_enabled=0; #include #endif +#ifdef WITH_PAM +#include +static pam_handle_t *pamh = NULL; -+static const struct pam_conv conv = { -+ NULL -+}; +#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \ + fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \ + syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \ @@ -40,7 +41,7 @@ /* Local headers */ #include "privs.h" -@@ -102,6 +116,10 @@ +@@ -102,6 +113,10 @@ int selinux_enabled=0; #include "getloadavg.h" #endif @@ -51,7 +52,7 @@ /* Macros */ #define BATCH_INTERVAL_DEFAULT 60 -@@ -195,6 +213,19 @@ +@@ -195,6 +210,47 @@ myfork() #define fork myfork #endif @@ -67,11 +68,39 @@ +#define ATD_MAIL_PROGRAM MAILX +#define ATD_MAIL_NAME "mailx" +#endif ++ ++#ifdef WITH_PAM ++static int ++cron_conv(int num_msg, const struct pam_message **msgm, ++ struct pam_response **response, void *appdata_ptr) ++{ ++ struct pam_message**m = msgm; ++ int i; ++ ++ for (i = 0; i < num_msg; i++) { ++ switch (m[i]->msg_style) { ++ case PAM_ERROR_MSG: ++ case PAM_TEXT_INFO: ++ if (m[i]->msg != NULL) { ++ syslog (LOG_NOTICE, "%s", m[i]->msg); ++ } ++ break; ++ default: ++ break; ++ } ++ } ++ return (0); ++} ++ ++static const struct pam_conv conv = { ++ cron_conv, NULL ++}; ++#endif + static void run_file(const char *filename, uid_t uid, gid_t gid) { -@@ -217,6 +248,9 @@ +@@ -217,6 +273,9 @@ run_file(const char *filename, uid_t uid int ngid; char queue; unsigned long jobno; @@ -81,7 +110,7 @@ sscanf(filename, "%c%5lx", &queue, &jobno); -@@ -361,6 +395,23 @@ +@@ -361,6 +420,23 @@ run_file(const char *filename, uid_t uid fstat(fd_out, &buf); size = buf.st_size; @@ -105,7 +134,7 @@ close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); -@@ -372,6 +423,16 @@ +@@ -372,6 +448,16 @@ run_file(const char *filename, uid_t uid else if (pid == 0) { char *nul = NULL; char **nenvp = &nul; @@ -122,7 +151,7 @@ /* Set up things for the child; we want standard input from the * input file, and standard output and error sent to our output file. -@@ -394,8 +455,6 @@ +@@ -394,8 +480,6 @@ run_file(const char *filename, uid_t uid if (chdir(ATJOB_DIR) < 0) perr("Cannot chdir to " ATJOB_DIR); @@ -131,7 +160,7 @@ nice((tolower((int) queue) - 'a' + 1) * 2); if (initgroups(pentry->pw_name, pentry->pw_gid)) -@@ -485,6 +544,24 @@ +@@ -485,6 +569,24 @@ run_file(const char *filename, uid_t uid if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0) perr("Exec failed for /bin/sh"); @@ -156,7 +185,7 @@ PRIV_END } /* We're the parent. Let's wait. -@@ -498,13 +575,6 @@ +@@ -498,13 +600,6 @@ run_file(const char *filename, uid_t uid */ waitpid(pid, (int *) NULL, 0); @@ -170,7 +199,7 @@ /* Send mail. Unlink the output file after opening it, so it * doesn't hang around after the run. */ -@@ -514,6 +584,14 @@ +@@ -514,6 +609,14 @@ run_file(const char *filename, uid_t uid unlink(filename); @@ -185,7 +214,7 @@ /* The job is now finished. We can delete its input file. */ chdir(ATJOB_DIR); -@@ -522,7 +600,31 @@ +@@ -522,7 +625,31 @@ run_file(const char *filename, uid_t uid if (((send_mail != -1) && (buf.st_size != size)) || (send_mail == 1)) { @@ -217,7 +246,7 @@ if (initgroups(pentry->pw_name, pentry->pw_gid)) perr("Cannot delete saved userids"); -@@ -535,6 +637,47 @@ +@@ -535,6 +662,47 @@ run_file(const char *filename, uid_t uid chdir ("/"); @@ -265,7 +294,7 @@ #if defined(SENDMAIL) execl(SENDMAIL, "sendmail", mailname, (char *) NULL); #elif defined(MAILC) -@@ -546,7 +689,33 @@ +@@ -546,7 +714,33 @@ run_file(const char *filename, uid_t uid #endif perr("Exec failed for mail command"); @@ -300,7 +329,7 @@ } exit(EXIT_SUCCESS); } -@@ -741,7 +910,7 @@ +@@ -741,7 +935,7 @@ main(int argc, char *argv[]) #ifdef WITH_SELINUX selinux_enabled=is_selinux_enabled(); @@ -309,7 +338,7 @@ /* We don't need root privileges all the time; running under uid and gid * daemon is fine. */ -@@ -758,12 +927,7 @@ +@@ -758,12 +952,7 @@ main(int argc, char *argv[]) RELINQUISH_PRIVS_ROOT(daemon_uid, daemon_gid) @@ -323,7 +352,9 @@ opterr = 0; errno = 0; run_as_daemon = 1; ---- config.h.in +Index: config.h.in +=================================================================== +--- config.h.in.orig +++ config.h.in @@ -187,3 +187,7 @@ @@ -333,9 +364,11 @@ +/* Define if you are building with_pam */ +#undef WITH_PAM + ---- configure.in +Index: configure.in +=================================================================== +--- configure.in.orig +++ configure.in -@@ -323,4 +323,11 @@ +@@ -323,4 +323,11 @@ AC_CHECK_LIB(selinux, is_selinux_enabled AC_SUBST(SELINUXLIB) AC_SUBST(WITH_SELINUX) @@ -347,9 +380,11 @@ +AC_SUBST(PAMLIB) + AC_OUTPUT(Makefile atrun atd.8 atrun.8 at.1 batch) ---- perm.c +Index: perm.c +=================================================================== +--- perm.c.orig +++ perm.c -@@ -109,14 +109,15 @@ +@@ -109,14 +109,15 @@ user_in_file(const char *path, const cha int check_permission() { diff --git a/at-3.1.8-queue-nice-level.patch b/at-3.1.8-queue-nice-level.patch index 7d1fd9e..d8e9a18 100644 --- a/at-3.1.8-queue-nice-level.patch +++ b/at-3.1.8-queue-nice-level.patch @@ -1,8 +1,10 @@ ---- atd.c +Index: atd.c +=================================================================== +--- atd.c.orig +++ atd.c -@@ -383,7 +383,7 @@ - - PRIV_START +@@ -457,7 +457,7 @@ run_file(const char *filename, uid_t uid + if (chdir(ATJOB_DIR) < 0) + perr("Cannot chdir to " ATJOB_DIR); - nice((tolower((int) queue) - 'a' + 1) * 2); + nice((tolower((int) queue) - 'a' ) ); diff --git a/at.changes b/at.changes index e19bc3c..d77a20f 100644 --- a/at.changes +++ b/at.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Wed Nov 18 17:18:44 UTC 2009 - mseben@novell.com + +- added pam conversion function (reworked pam.patch) fate#306386 + +------------------------------------------------------------------- +Tue Nov 3 19:09:06 UTC 2009 - coolo@novell.com + +- updated patches to apply with fuzz=0 + ------------------------------------------------------------------- Thu Aug 27 12:16:43 CEST 2009 - mseben@novell.com diff --git a/at.spec b/at.spec index f102ae1..73b47e0 100644 --- a/at.spec +++ b/at.spec @@ -26,7 +26,7 @@ License: GPL v2 or later Group: System/Daemons AutoReqProv: on Version: 3.1.8 -Release: 1075 +Release: 1076 Summary: A Job Manager Source: at_3.1.8-11.tar.gz Source1: atd.init From 571fc8e20ae2214c3769cc69649bfdec4a25d1ac5048cf7ddb7b84b6cd3fa56f Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Fri, 20 Nov 2009 13:38:37 +0000 Subject: [PATCH 4/5] checked in OBS-URL: https://build.opensuse.org/package/show/Base:System/at?expand=0&rev=9 --- at-3.1.8-pam.patch | 89 ++++++++++++++-------------------------------- at.changes | 5 --- 2 files changed, 27 insertions(+), 67 deletions(-) diff --git a/at-3.1.8-pam.patch b/at-3.1.8-pam.patch index a1e5040..7166a04 100644 --- a/at-3.1.8-pam.patch +++ b/at-3.1.8-pam.patch @@ -1,8 +1,6 @@ -Index: Makefile.in -=================================================================== ---- Makefile.in.orig +--- Makefile.in +++ Makefile.in -@@ -28,6 +28,7 @@ YACC = @YACC@ +@@ -28,6 +28,7 @@ LEX = @LEX@ LEXLIB = @LEXLIB@ SELINUXLIB = @SELINUXLIB@ @@ -10,7 +8,7 @@ Index: Makefile.in CC = @CC@ CFLAGS = @CFLAGS@ -@@ -73,7 +74,7 @@ at: $(ATOBJECTS) +@@ -73,7 +74,7 @@ $(LN_S) -f at atrm atd: $(RUNOBJECTS) @@ -19,17 +17,18 @@ Index: Makefile.in y.tab.c y.tab.h: parsetime.y $(YACC) -d parsetime.y -Index: atd.c -=================================================================== ---- atd.c.orig +--- atd.c +++ atd.c -@@ -93,6 +93,17 @@ int selinux_enabled=0; +@@ -93,6 +93,20 @@ #include #endif +#ifdef WITH_PAM +#include +static pam_handle_t *pamh = NULL; ++static const struct pam_conv conv = { ++ NULL ++}; +#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \ + fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \ + syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \ @@ -41,7 +40,7 @@ Index: atd.c /* Local headers */ #include "privs.h" -@@ -102,6 +113,10 @@ int selinux_enabled=0; +@@ -102,6 +116,10 @@ #include "getloadavg.h" #endif @@ -52,7 +51,7 @@ Index: atd.c /* Macros */ #define BATCH_INTERVAL_DEFAULT 60 -@@ -195,6 +210,47 @@ myfork() +@@ -195,6 +213,19 @@ #define fork myfork #endif @@ -68,39 +67,11 @@ Index: atd.c +#define ATD_MAIL_PROGRAM MAILX +#define ATD_MAIL_NAME "mailx" +#endif -+ -+#ifdef WITH_PAM -+static int -+cron_conv(int num_msg, const struct pam_message **msgm, -+ struct pam_response **response, void *appdata_ptr) -+{ -+ struct pam_message**m = msgm; -+ int i; -+ -+ for (i = 0; i < num_msg; i++) { -+ switch (m[i]->msg_style) { -+ case PAM_ERROR_MSG: -+ case PAM_TEXT_INFO: -+ if (m[i]->msg != NULL) { -+ syslog (LOG_NOTICE, "%s", m[i]->msg); -+ } -+ break; -+ default: -+ break; -+ } -+ } -+ return (0); -+} -+ -+static const struct pam_conv conv = { -+ cron_conv, NULL -+}; -+#endif + static void run_file(const char *filename, uid_t uid, gid_t gid) { -@@ -217,6 +273,9 @@ run_file(const char *filename, uid_t uid +@@ -217,6 +248,9 @@ int ngid; char queue; unsigned long jobno; @@ -110,7 +81,7 @@ Index: atd.c sscanf(filename, "%c%5lx", &queue, &jobno); -@@ -361,6 +420,23 @@ run_file(const char *filename, uid_t uid +@@ -361,6 +395,23 @@ fstat(fd_out, &buf); size = buf.st_size; @@ -134,7 +105,7 @@ Index: atd.c close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); -@@ -372,6 +448,16 @@ run_file(const char *filename, uid_t uid +@@ -372,6 +423,16 @@ else if (pid == 0) { char *nul = NULL; char **nenvp = &nul; @@ -151,7 +122,7 @@ Index: atd.c /* Set up things for the child; we want standard input from the * input file, and standard output and error sent to our output file. -@@ -394,8 +480,6 @@ run_file(const char *filename, uid_t uid +@@ -394,8 +455,6 @@ if (chdir(ATJOB_DIR) < 0) perr("Cannot chdir to " ATJOB_DIR); @@ -160,7 +131,7 @@ Index: atd.c nice((tolower((int) queue) - 'a' + 1) * 2); if (initgroups(pentry->pw_name, pentry->pw_gid)) -@@ -485,6 +569,24 @@ run_file(const char *filename, uid_t uid +@@ -485,6 +544,24 @@ if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0) perr("Exec failed for /bin/sh"); @@ -185,7 +156,7 @@ Index: atd.c PRIV_END } /* We're the parent. Let's wait. -@@ -498,13 +600,6 @@ run_file(const char *filename, uid_t uid +@@ -498,13 +575,6 @@ */ waitpid(pid, (int *) NULL, 0); @@ -199,7 +170,7 @@ Index: atd.c /* Send mail. Unlink the output file after opening it, so it * doesn't hang around after the run. */ -@@ -514,6 +609,14 @@ run_file(const char *filename, uid_t uid +@@ -514,6 +584,14 @@ unlink(filename); @@ -214,7 +185,7 @@ Index: atd.c /* The job is now finished. We can delete its input file. */ chdir(ATJOB_DIR); -@@ -522,7 +625,31 @@ run_file(const char *filename, uid_t uid +@@ -522,7 +600,31 @@ if (((send_mail != -1) && (buf.st_size != size)) || (send_mail == 1)) { @@ -246,7 +217,7 @@ Index: atd.c if (initgroups(pentry->pw_name, pentry->pw_gid)) perr("Cannot delete saved userids"); -@@ -535,6 +662,47 @@ run_file(const char *filename, uid_t uid +@@ -535,6 +637,47 @@ chdir ("/"); @@ -294,7 +265,7 @@ Index: atd.c #if defined(SENDMAIL) execl(SENDMAIL, "sendmail", mailname, (char *) NULL); #elif defined(MAILC) -@@ -546,7 +714,33 @@ run_file(const char *filename, uid_t uid +@@ -546,7 +689,33 @@ #endif perr("Exec failed for mail command"); @@ -329,7 +300,7 @@ Index: atd.c } exit(EXIT_SUCCESS); } -@@ -741,7 +935,7 @@ main(int argc, char *argv[]) +@@ -741,7 +910,7 @@ #ifdef WITH_SELINUX selinux_enabled=is_selinux_enabled(); @@ -338,7 +309,7 @@ Index: atd.c /* We don't need root privileges all the time; running under uid and gid * daemon is fine. */ -@@ -758,12 +952,7 @@ main(int argc, char *argv[]) +@@ -758,12 +927,7 @@ RELINQUISH_PRIVS_ROOT(daemon_uid, daemon_gid) @@ -352,9 +323,7 @@ Index: atd.c opterr = 0; errno = 0; run_as_daemon = 1; -Index: config.h.in -=================================================================== ---- config.h.in.orig +--- config.h.in +++ config.h.in @@ -187,3 +187,7 @@ @@ -364,11 +333,9 @@ Index: config.h.in +/* Define if you are building with_pam */ +#undef WITH_PAM + -Index: configure.in -=================================================================== ---- configure.in.orig +--- configure.in +++ configure.in -@@ -323,4 +323,11 @@ AC_CHECK_LIB(selinux, is_selinux_enabled +@@ -323,4 +323,11 @@ AC_SUBST(SELINUXLIB) AC_SUBST(WITH_SELINUX) @@ -380,11 +347,9 @@ Index: configure.in +AC_SUBST(PAMLIB) + AC_OUTPUT(Makefile atrun atd.8 atrun.8 at.1 batch) -Index: perm.c -=================================================================== ---- perm.c.orig +--- perm.c +++ perm.c -@@ -109,14 +109,15 @@ user_in_file(const char *path, const cha +@@ -109,14 +109,15 @@ int check_permission() { diff --git a/at.changes b/at.changes index d77a20f..4d00696 100644 --- a/at.changes +++ b/at.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Wed Nov 18 17:18:44 UTC 2009 - mseben@novell.com - -- added pam conversion function (reworked pam.patch) fate#306386 - ------------------------------------------------------------------- Tue Nov 3 19:09:06 UTC 2009 - coolo@novell.com From f4ac6528718b4561093084a4bcf65f1c9b03a5df582db17072509849823143cb Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Fri, 20 Nov 2009 13:38:44 +0000 Subject: [PATCH 5/5] Updating link to change in openSUSE:Factory/at revision 16.0 OBS-URL: https://build.opensuse.org/package/show/Base:System/at?expand=0&rev=1e5b02f0ed5d3284ffc90336bcc74729 --- at-3.1.8-pam.patch | 89 ++++++++++++++++++++++++++++++++-------------- at.changes | 5 +++ at.spec | 2 +- 3 files changed, 68 insertions(+), 28 deletions(-) diff --git a/at-3.1.8-pam.patch b/at-3.1.8-pam.patch index 7166a04..a1e5040 100644 --- a/at-3.1.8-pam.patch +++ b/at-3.1.8-pam.patch @@ -1,6 +1,8 @@ ---- Makefile.in +Index: Makefile.in +=================================================================== +--- Makefile.in.orig +++ Makefile.in -@@ -28,6 +28,7 @@ +@@ -28,6 +28,7 @@ YACC = @YACC@ LEX = @LEX@ LEXLIB = @LEXLIB@ SELINUXLIB = @SELINUXLIB@ @@ -8,7 +10,7 @@ CC = @CC@ CFLAGS = @CFLAGS@ -@@ -73,7 +74,7 @@ +@@ -73,7 +74,7 @@ at: $(ATOBJECTS) $(LN_S) -f at atrm atd: $(RUNOBJECTS) @@ -17,18 +19,17 @@ y.tab.c y.tab.h: parsetime.y $(YACC) -d parsetime.y ---- atd.c +Index: atd.c +=================================================================== +--- atd.c.orig +++ atd.c -@@ -93,6 +93,20 @@ +@@ -93,6 +93,17 @@ int selinux_enabled=0; #include #endif +#ifdef WITH_PAM +#include +static pam_handle_t *pamh = NULL; -+static const struct pam_conv conv = { -+ NULL -+}; +#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \ + fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \ + syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \ @@ -40,7 +41,7 @@ /* Local headers */ #include "privs.h" -@@ -102,6 +116,10 @@ +@@ -102,6 +113,10 @@ int selinux_enabled=0; #include "getloadavg.h" #endif @@ -51,7 +52,7 @@ /* Macros */ #define BATCH_INTERVAL_DEFAULT 60 -@@ -195,6 +213,19 @@ +@@ -195,6 +210,47 @@ myfork() #define fork myfork #endif @@ -67,11 +68,39 @@ +#define ATD_MAIL_PROGRAM MAILX +#define ATD_MAIL_NAME "mailx" +#endif ++ ++#ifdef WITH_PAM ++static int ++cron_conv(int num_msg, const struct pam_message **msgm, ++ struct pam_response **response, void *appdata_ptr) ++{ ++ struct pam_message**m = msgm; ++ int i; ++ ++ for (i = 0; i < num_msg; i++) { ++ switch (m[i]->msg_style) { ++ case PAM_ERROR_MSG: ++ case PAM_TEXT_INFO: ++ if (m[i]->msg != NULL) { ++ syslog (LOG_NOTICE, "%s", m[i]->msg); ++ } ++ break; ++ default: ++ break; ++ } ++ } ++ return (0); ++} ++ ++static const struct pam_conv conv = { ++ cron_conv, NULL ++}; ++#endif + static void run_file(const char *filename, uid_t uid, gid_t gid) { -@@ -217,6 +248,9 @@ +@@ -217,6 +273,9 @@ run_file(const char *filename, uid_t uid int ngid; char queue; unsigned long jobno; @@ -81,7 +110,7 @@ sscanf(filename, "%c%5lx", &queue, &jobno); -@@ -361,6 +395,23 @@ +@@ -361,6 +420,23 @@ run_file(const char *filename, uid_t uid fstat(fd_out, &buf); size = buf.st_size; @@ -105,7 +134,7 @@ close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); -@@ -372,6 +423,16 @@ +@@ -372,6 +448,16 @@ run_file(const char *filename, uid_t uid else if (pid == 0) { char *nul = NULL; char **nenvp = &nul; @@ -122,7 +151,7 @@ /* Set up things for the child; we want standard input from the * input file, and standard output and error sent to our output file. -@@ -394,8 +455,6 @@ +@@ -394,8 +480,6 @@ run_file(const char *filename, uid_t uid if (chdir(ATJOB_DIR) < 0) perr("Cannot chdir to " ATJOB_DIR); @@ -131,7 +160,7 @@ nice((tolower((int) queue) - 'a' + 1) * 2); if (initgroups(pentry->pw_name, pentry->pw_gid)) -@@ -485,6 +544,24 @@ +@@ -485,6 +569,24 @@ run_file(const char *filename, uid_t uid if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0) perr("Exec failed for /bin/sh"); @@ -156,7 +185,7 @@ PRIV_END } /* We're the parent. Let's wait. -@@ -498,13 +575,6 @@ +@@ -498,13 +600,6 @@ run_file(const char *filename, uid_t uid */ waitpid(pid, (int *) NULL, 0); @@ -170,7 +199,7 @@ /* Send mail. Unlink the output file after opening it, so it * doesn't hang around after the run. */ -@@ -514,6 +584,14 @@ +@@ -514,6 +609,14 @@ run_file(const char *filename, uid_t uid unlink(filename); @@ -185,7 +214,7 @@ /* The job is now finished. We can delete its input file. */ chdir(ATJOB_DIR); -@@ -522,7 +600,31 @@ +@@ -522,7 +625,31 @@ run_file(const char *filename, uid_t uid if (((send_mail != -1) && (buf.st_size != size)) || (send_mail == 1)) { @@ -217,7 +246,7 @@ if (initgroups(pentry->pw_name, pentry->pw_gid)) perr("Cannot delete saved userids"); -@@ -535,6 +637,47 @@ +@@ -535,6 +662,47 @@ run_file(const char *filename, uid_t uid chdir ("/"); @@ -265,7 +294,7 @@ #if defined(SENDMAIL) execl(SENDMAIL, "sendmail", mailname, (char *) NULL); #elif defined(MAILC) -@@ -546,7 +689,33 @@ +@@ -546,7 +714,33 @@ run_file(const char *filename, uid_t uid #endif perr("Exec failed for mail command"); @@ -300,7 +329,7 @@ } exit(EXIT_SUCCESS); } -@@ -741,7 +910,7 @@ +@@ -741,7 +935,7 @@ main(int argc, char *argv[]) #ifdef WITH_SELINUX selinux_enabled=is_selinux_enabled(); @@ -309,7 +338,7 @@ /* We don't need root privileges all the time; running under uid and gid * daemon is fine. */ -@@ -758,12 +927,7 @@ +@@ -758,12 +952,7 @@ main(int argc, char *argv[]) RELINQUISH_PRIVS_ROOT(daemon_uid, daemon_gid) @@ -323,7 +352,9 @@ opterr = 0; errno = 0; run_as_daemon = 1; ---- config.h.in +Index: config.h.in +=================================================================== +--- config.h.in.orig +++ config.h.in @@ -187,3 +187,7 @@ @@ -333,9 +364,11 @@ +/* Define if you are building with_pam */ +#undef WITH_PAM + ---- configure.in +Index: configure.in +=================================================================== +--- configure.in.orig +++ configure.in -@@ -323,4 +323,11 @@ +@@ -323,4 +323,11 @@ AC_CHECK_LIB(selinux, is_selinux_enabled AC_SUBST(SELINUXLIB) AC_SUBST(WITH_SELINUX) @@ -347,9 +380,11 @@ +AC_SUBST(PAMLIB) + AC_OUTPUT(Makefile atrun atd.8 atrun.8 at.1 batch) ---- perm.c +Index: perm.c +=================================================================== +--- perm.c.orig +++ perm.c -@@ -109,14 +109,15 @@ +@@ -109,14 +109,15 @@ user_in_file(const char *path, const cha int check_permission() { diff --git a/at.changes b/at.changes index 4d00696..d77a20f 100644 --- a/at.changes +++ b/at.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Nov 18 17:18:44 UTC 2009 - mseben@novell.com + +- added pam conversion function (reworked pam.patch) fate#306386 + ------------------------------------------------------------------- Tue Nov 3 19:09:06 UTC 2009 - coolo@novell.com diff --git a/at.spec b/at.spec index 73b47e0..6d1db47 100644 --- a/at.spec +++ b/at.spec @@ -26,7 +26,7 @@ License: GPL v2 or later Group: System/Daemons AutoReqProv: on Version: 3.1.8 -Release: 1076 +Release: 1077 Summary: A Job Manager Source: at_3.1.8-11.tar.gz Source1: atd.init