From cbc8544d9fe9424290121728faba0ef88638faa4b178f2a2c37b30e9c0f00ca3 Mon Sep 17 00:00:00 2001 From: Danilo Spinella Date: Tue, 22 Feb 2022 16:51:45 +0000 Subject: [PATCH] Accepting request 956821 from home:dspinella:branches:Base:System - Update to version 3.2.4: * Upstream SUSE patches - Update to version 3.2.3: * Fix two typos on documentation * Upstream SUSE patches * Various improvements to the code and the build system - Refresh patches: * at-3.1.16-handle_malformed_jobs.patch * at-3.2.2.patch * at-backport-old-privs.patch * harden_atd.service.patch - Drop upstreamed patches: * at-3.1.13-leak-fix.patch * at-3.1.13-massive_batch.patch * at-3.1.14-joblist.patch * at-3.1.14-usePOSIXtimers.patch * at-3.1.8-jobdir-mtime.patch * at-atq-timeformat.patch * at-secure_getenv.patch OBS-URL: https://build.opensuse.org/request/show/956821 OBS-URL: https://build.opensuse.org/package/show/Base:System/at?expand=0&rev=121 --- at-3.1.13-leak-fix.patch | 26 ------ at-3.1.13-massive_batch.patch | 63 -------------- at-3.1.14-joblist.patch | 116 ------------------------- at-3.1.14-parse-suse-sysconfig.patch | 2 +- at-3.1.14-usePOSIXtimers.patch | 116 ------------------------- at-3.1.16-handle_malformed_jobs.patch | 14 --- at-3.1.8-jobdir-mtime.patch | 24 ------ at-3.2.2.patch | 118 +++++++++++++------------- at-atq-timeformat.patch | 92 -------------------- at-backport-old-privs.patch | 15 ++-- at-secure_getenv.patch | 57 ------------- at.changes | 23 +++++ at.spec | 15 +--- at_3.2.2.orig.tar.gz | 3 - at_3.2.4.orig.tar.gz | 3 + harden_atd.service.patch | 6 +- 16 files changed, 99 insertions(+), 594 deletions(-) delete mode 100644 at-3.1.13-leak-fix.patch delete mode 100644 at-3.1.13-massive_batch.patch delete mode 100644 at-3.1.14-joblist.patch delete mode 100644 at-3.1.14-usePOSIXtimers.patch delete mode 100644 at-3.1.8-jobdir-mtime.patch delete mode 100644 at-atq-timeformat.patch delete mode 100644 at-secure_getenv.patch delete mode 100644 at_3.2.2.orig.tar.gz create mode 100644 at_3.2.4.orig.tar.gz diff --git a/at-3.1.13-leak-fix.patch b/at-3.1.13-leak-fix.patch deleted file mode 100644 index 5eb4c97..0000000 --- a/at-3.1.13-leak-fix.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- - at.c | 4 ++++ - 1 file changed, 4 insertions(+) - -Index: at-3.2.0/at.c -=================================================================== ---- at-3.2.0.orig/at.c -+++ at-3.2.0/at.c -@@ -658,6 +658,9 @@ list_jobs(long *joblist, int len) - else - printf("%ld\t%s %c\n", jobno, timestr, queue); - } -+ -+ closedir(spool); -+ - PRIV_END - } - -@@ -740,6 +743,7 @@ process_jobs(int argc, char **argv, int - putchar(ch); - } - done = 1; -+ fclose(fp); - } - else { - perr("Cannot open %.500s", dirent->d_name); diff --git a/at-3.1.13-massive_batch.patch b/at-3.1.13-massive_batch.patch deleted file mode 100644 index d2a42cd..0000000 --- a/at-3.1.13-massive_batch.patch +++ /dev/null @@ -1,63 +0,0 @@ ---- - atd.c | 15 +++++++++------ - 1 file changed, 9 insertions(+), 6 deletions(-) - -Index: at-3.2.0/atd.c -=================================================================== ---- at-3.2.0.orig/atd.c -+++ at-3.2.0/atd.c -@@ -108,9 +108,10 @@ static char *namep; - static double load_avg = LOADAVG_MX; - static time_t now; - static time_t last_chg; --static int nothing_to_do; -+static int nothing_to_do = 0; - unsigned int batch_interval; - static int run_as_daemon = 0; -+static int hupped = 0; - - static volatile sig_atomic_t term_signal = 0; - -@@ -141,10 +142,10 @@ set_term(int dummy) - return; - } - --RETSIGTYPE --sdummy(int dummy) -+RETSIGTYPE -+set_hup(int dummy) - { -- /* Empty signal handler */ -+ hupped = 1; - nothing_to_do = 0; - return; - } -@@ -647,6 +648,7 @@ run_loop() - return next_job; - last_chg = buf.st_mtime; - -+ hupped = 0; - if ((spool = opendir(".")) == NULL) - perr("Cannot read " ATJOB_DIR); - -@@ -898,7 +900,7 @@ main(int argc, char *argv[]) - */ - - sigaction(SIGHUP, NULL, &act); -- act.sa_handler = sdummy; -+ act.sa_handler = set_hup; - sigaction(SIGHUP, &act, NULL); - - sigaction(SIGTERM, NULL, &act); -@@ -914,9 +916,10 @@ main(int argc, char *argv[]) - do { - now = time(NULL); - next_invocation = run_loop(); -- if (next_invocation > now) { -+ if ((next_invocation > now) && (!hupped)) { - sleep(next_invocation - now); - } -+ hupped = 0; - } while (!term_signal); - daemon_cleanup(); - exit(EXIT_SUCCESS); diff --git a/at-3.1.14-joblist.patch b/at-3.1.14-joblist.patch deleted file mode 100644 index f5e4361..0000000 --- a/at-3.1.14-joblist.patch +++ /dev/null @@ -1,116 +0,0 @@ ---- - at.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++++---- - panic.c | 1 + - 2 files changed, 49 insertions(+), 4 deletions(-) - -Index: at-3.2.0/at.c -=================================================================== ---- at-3.2.0.orig/at.c -+++ at-3.2.0/at.c -@@ -135,7 +135,9 @@ static void sigc(int signo); - static void alarmc(int signo); - static char *cwdname(void); - static void writefile(time_t runtimer, char queue); --static void list_jobs(void); -+static void list_jobs(long *, int); -+static int in_job_list(long, long *, int); -+static long *get_job_list(int, char *[], int *); - - /* Signal catching functions */ - -@@ -587,8 +589,20 @@ writefile(time_t runtimer, char queue) - return; - } - -+static int -+in_job_list(long job, long *joblist, int len) -+{ -+ int i; -+ -+ for (i = 0; i < len; i++) -+ if (job == joblist[i]) -+ return 1; -+ -+ return 0; -+} -+ - static void --list_jobs(void) -+list_jobs(long *joblist, int len) - { - /* List all a user's jobs in the queue, by looping through ATJOB_DIR, - * or everybody's if we are root -@@ -627,6 +641,10 @@ list_jobs(void) - if (sscanf(dirent->d_name, "%c%5lx%8lx", &queue, &jobno, &ctm) != 3) - continue; - -+ /* If jobs are given, only list those jobs */ -+ if (joblist && !in_job_list(jobno, joblist, len)) -+ continue; -+ - if (atqueue && (queue != atqueue)) - continue; - -@@ -748,6 +766,29 @@ process_jobs(int argc, char **argv, int - return rc; - } /* delete_jobs */ - -+static long * -+get_job_list(int argc, char *argv[], int *joblen) -+{ -+ int i, len; -+ long *joblist; -+ char *ep; -+ -+ joblist = NULL; -+ len = argc; -+ if (len > 0) { -+ joblist = (long *) mymalloc(len * sizeof(*joblist)); -+ for (i = 0; i < argc; i++) { -+ errno = 0; -+ if ((joblist[i] = strtol(argv[i], &ep, 10)) < 0 || -+ ep == argv[i] || *ep != '\0' || errno) -+ panic("invalid job number"); -+ } -+ } -+ -+ *joblen = len; -+ return joblist; -+} -+ - /* Global functions */ - - void * -@@ -773,6 +814,8 @@ main(int argc, char **argv) - char *options = "q:f:Mmu:bvlrdhVct:"; /* default options for at */ - int disp_version = 0; - time_t timer = 0; -+ long *joblist = NULL; -+ int joblen = 0; - struct passwd *pwe; - struct group *ge; - -@@ -912,8 +955,9 @@ main(int argc, char **argv) - case ATQ: - - REDUCE_PRIV(daemon_uid, daemon_gid) -- -- list_jobs(); -+ if (queue_set == 0) -+ joblist = get_job_list(argc - optind, argv + optind, &joblen); -+ list_jobs(joblist, joblen); - break; - - case ATRM: -Index: at-3.2.0/panic.c -=================================================================== ---- at-3.2.0.orig/panic.c -+++ at-3.2.0/panic.c -@@ -95,6 +95,7 @@ usage(void) - fprintf(stderr, "Usage: at [-V] [-q x] [-f file] [-u username] [-mMlbv] timespec ...\n" - " at [-V] [-q x] [-f file] [-u username] [-mMlbv] -t time\n" - " at -c job ...\n" -+ " at [-V] -l [job ...]\n" - " atq [-V] [-q x]\n" - " at [ -rd ] job ...\n" - " atrm [-V] job ...\n" diff --git a/at-3.1.14-parse-suse-sysconfig.patch b/at-3.1.14-parse-suse-sysconfig.patch index 7bda627..251aea0 100644 --- a/at-3.1.14-parse-suse-sysconfig.patch +++ b/at-3.1.14-parse-suse-sysconfig.patch @@ -87,6 +87,6 @@ Index: at-3.2.0/configure.ac +PKG_CHECK_MODULES([HX], [libHX]) + + AC_CHECK_FUNCS([__secure_getenv secure_getenv]) dnl Checks for header files. AC_HEADER_DIRENT - AC_HEADER_STDC diff --git a/at-3.1.14-usePOSIXtimers.patch b/at-3.1.14-usePOSIXtimers.patch deleted file mode 100644 index 3e714c8..0000000 --- a/at-3.1.14-usePOSIXtimers.patch +++ /dev/null @@ -1,116 +0,0 @@ -Index: at-3.1.20/atd.c -=================================================================== ---- at-3.1.20.orig/atd.c -+++ at-3.1.20/atd.c -@@ -787,6 +787,54 @@ run_loop() - return next_job; - } - -+#ifdef HAVE_CLOCK_GETTIME -+timer_t timer; -+struct itimerspec timeout; -+ -+void timer_setup() -+{ -+ struct sigevent sev; -+ -+ sev.sigev_notify = SIGEV_SIGNAL; -+ sev.sigev_signo = SIGHUP; -+ sev.sigev_value.sival_ptr = &timer; -+ -+ memset(&timeout, 0, sizeof(timeout)); -+ -+ if (timer_create(CLOCK_REALTIME, &sev, &timer) < 0) -+ pabort("unable to create timer"); -+} -+ -+time_t atd_gettime() -+{ -+ struct timespec curtime; -+ -+ clock_gettime(CLOCK_REALTIME, &curtime); -+ -+ return curtime.tv_sec; -+} -+ -+void atd_setalarm(time_t next) -+{ -+ timeout.it_value.tv_sec = next; -+ timer_settime(timer, TIMER_ABSTIME, &timeout, NULL); -+ pause(); -+} -+#else -+void timer_setup() -+{ -+} -+ -+time_t atd_gettime() -+{ -+ return time(NULL); -+} -+ -+void atd_setalarm(time_t next) -+{ -+ sleep(next - atd_gettime()); -+} -+#endif - /* Global functions */ - - int -@@ -909,7 +957,7 @@ main(int argc, char *argv[]) - sigaction(SIGCHLD, &act, NULL); - - if (!run_as_daemon) { -- now = time(NULL); -+ now = atd_gettime(); - run_loop(); - exit(EXIT_SUCCESS); - } -@@ -932,13 +980,14 @@ main(int argc, char *argv[]) - act.sa_handler = set_term; - sigaction(SIGINT, &act, NULL); - -+ timer_setup(); - daemon_setup(); - - do { -- now = time(NULL); -+ now = atd_gettime(); - next_invocation = run_loop(); - if ((next_invocation > now) && (!hupped)) { -- sleep(next_invocation - now); -+ atd_setalarm(next_invocation); - } - hupped = 0; - } while (!term_signal); -Index: at-3.1.20/config.h.in -=================================================================== ---- at-3.1.20.orig/config.h.in -+++ at-3.1.20/config.h.in -@@ -38,6 +38,9 @@ - /* Define to 1 if you have the `getloadavg' function. */ - #undef HAVE_GETLOADAVG - -+/* Define to 1 if you have the `clock_gettime' function. */ -+#undef HAVE_TIMER_CREATE -+ - /* Define to 1 if you have the header file. */ - #undef HAVE_GETOPT_H - -Index: at-3.1.20/configure.ac -=================================================================== ---- at-3.1.20.orig/configure.ac -+++ at-3.1.20/configure.ac -@@ -263,6 +263,12 @@ fi - AC_SUBST(SELINUXLIB) - AC_SUBST(WITH_SELINUX) - -+dnl check for POSIX timer functions -+AC_SEARCH_LIBS([timer_create],[rt]) -+AC_CHECK_FUNCS([timer_create]) -+AC_SEARCH_LIBS([clock_gettime],[rt]) -+AC_CHECK_FUNCS([clock_gettime]) -+ - AC_MSG_CHECKING(groupname to run under) - AC_ARG_WITH(daemon_groupname, - [ --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) ], diff --git a/at-3.1.16-handle_malformed_jobs.patch b/at-3.1.16-handle_malformed_jobs.patch index 6dc61ca..66f267d 100644 --- a/at-3.1.16-handle_malformed_jobs.patch +++ b/at-3.1.16-handle_malformed_jobs.patch @@ -1,17 +1,3 @@ -Index: at-3.1.13/at.c -=================================================================== ---- at-3.1.13.orig/at.c -+++ at-3.1.13/at.c -@@ -319,7 +319,8 @@ writefile(time_t runtimer, char queue) - * bit. Yes, this is a kluge. - */ - cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR); -- if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1) -+ if ((fd = open(atfile, -+ O_CREAT | O_EXCL | O_TRUNC | O_WRONLY | O_SYNC, S_IRUSR)) == -1) - perr("Cannot create atjob file %.500s", atfile); - - if ((fd2 = dup(fd)) < 0) Index: at-3.1.13/atd.c =================================================================== --- at-3.1.13.orig/atd.c diff --git a/at-3.1.8-jobdir-mtime.patch b/at-3.1.8-jobdir-mtime.patch deleted file mode 100644 index db4b8fe..0000000 --- a/at-3.1.8-jobdir-mtime.patch +++ /dev/null @@ -1,24 +0,0 @@ -Copyright (c) 2009 Ingo Schwarze - -This patch is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - ---- - atd.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: at-3.2.0/atd.c -=================================================================== ---- at-3.2.0.orig/atd.c -+++ at-3.2.0/atd.c -@@ -644,7 +644,7 @@ run_loop() - if (stat(".", &buf) == -1) - perr("Cannot stat " ATJOB_DIR); - -- if (nothing_to_do && buf.st_mtime <= last_chg) -+ if (nothing_to_do && buf.st_mtime == last_chg) - return next_job; - last_chg = buf.st_mtime; - diff --git a/at-3.2.2.patch b/at-3.2.2.patch index 979cc4c..9227b75 100644 --- a/at-3.2.2.patch +++ b/at-3.2.2.patch @@ -6,68 +6,68 @@ Index: at-3.2.2/Makefile.in $(CC) -c $(CFLAGS) $(DEFS) $*.c install: all -- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(etcdir) -- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(bindir) -- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(sbindir) -- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(atdatadir) -- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(docdir) -- $(INSTALL) -g root -o root -m 755 -d $(IROOT)$(atdocdir) -- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR) -- chmod 1770 $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR) -+ $(INSTALL) -m 755 -d $(IROOT)$(etcdir) -+ $(INSTALL) -m 755 -d $(IROOT)$(bindir) -+ $(INSTALL) -m 755 -d $(IROOT)$(sbindir) -+ $(INSTALL) -m 755 -d $(IROOT)$(atdatadir) -+ $(INSTALL) -m 755 -d $(IROOT)$(docdir) -+ $(INSTALL) -m 755 -d $(IROOT)$(atdocdir) -+ $(INSTALL) -m 755 -d $(IROOT)$(ATJOB_DIR) -+ $(INSTALL) -m 755 -d $(IROOT)$(ATSPOOL_DIR) -+ chmod 1770 $(IROOT)$(ATJOB_DIR) $(IROOT)$(ATSPOOL_DIR) - touch $(IROOT)$(LFILE) - chmod 600 $(IROOT)$(LFILE) -- chown $(DAEMON_USERNAME):$(DAEMON_GROUPNAME) $(IROOT)$(LFILE) -- test -f $(IROOT)$(etcdir)/at.allow || test -f $(IROOT)$(etcdir)/at.deny || $(INSTALL) -o root -g $(DAEMON_GROUPNAME) -m 640 at.deny $(IROOT)$(etcdir)/ -- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 6755 at $(IROOT)$(bindir) -+ test -f $(IROOT)$(etcdir)/at.allow || test -f $(IROOT)$(etcdir)/at.deny || $(INSTALL) -m 640 at.deny $(IROOT)$(etcdir)/ -+ $(INSTALL) -m 6755 at $(IROOT)$(bindir) - $(LN_S) -f at $(IROOT)$(bindir)/atq - $(LN_S) -f at $(IROOT)$(bindir)/atrm -- $(INSTALL) -g root -o root -m 755 batch $(IROOT)$(bindir) -- $(INSTALL) -g root -o root -m 755 batch-job $(IROOT)$(atdatadir) -- $(INSTALL) -d -o root -g root -m 755 $(IROOT)$(man1dir) -- $(INSTALL) -d -o root -g root -m 755 $(IROOT)$(man5dir) -- $(INSTALL) -d -o root -g root -m 755 $(IROOT)$(man8dir) -- $(INSTALL) -g root -o root -m 755 atd $(IROOT)$(sbindir) -- $(INSTALL) -g root -o root -m 755 atrun $(IROOT)$(sbindir) -- $(INSTALL) -g root -o root -m 644 at.1 $(IROOT)$(man1dir)/ -+ $(INSTALL) -m 755 batch $(IROOT)$(bindir) -+ $(INSTALL) -m 755 batch-job $(IROOT)$(atdatadir) -+ $(INSTALL) -d -m 755 $(IROOT)$(man1dir) -+ $(INSTALL) -d -m 755 $(IROOT)$(man5dir) -+ $(INSTALL) -d -m 755 $(IROOT)$(man8dir) -+ $(INSTALL) -m 755 atd $(IROOT)$(sbindir) -+ $(INSTALL) -m 755 atrun $(IROOT)$(sbindir) -+ $(INSTALL) -m 644 at.1 $(IROOT)$(man1dir)/ - cd $(IROOT)$(man1dir) && $(LN_S) -f at.1 atq.1 && $(LN_S) -f at.1 batch.1 && $(LN_S) -f at.1 atrm.1 -- $(INSTALL) -g root -o root -m 644 atd.8 $(IROOT)$(man8dir)/ -+ $(INSTALL) -m 644 atd.8 $(IROOT)$(man8dir)/ +- $(INSTALL) -g root -o root -m 755 -d $(DESTDIR)$(etcdir) +- $(INSTALL) -g root -o root -m 755 -d $(DESTDIR)$(bindir) +- $(INSTALL) -g root -o root -m 755 -d $(DESTDIR)$(sbindir) +- $(INSTALL) -g root -o root -m 755 -d $(DESTDIR)$(atdatadir) +- $(INSTALL) -g root -o root -m 755 -d $(DESTDIR)$(docdir) +- $(INSTALL) -g root -o root -m 755 -d $(DESTDIR)$(atdocdir) +- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(DESTDIR)$(ATSPOOL_DIR) $(DESTDIR)$(ATJOB_DIR) +- chmod 1770 $(DESTDIR)$(ATSPOOL_DIR) $(DESTDIR)$(ATJOB_DIR) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(etcdir) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(sbindir) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(atdatadir) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(docdir) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(atdocdir) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(ATJOB_DIR) ++ $(INSTALL) -m 755 -d $(DESTDIR)$(ATSPOOL_DIR) ++ chmod 1770 $(DESTDIR)$(ATJOB_DIR) $(DESTDIR)$(ATSPOOL_DIR) + touch $(DESTDIR)$(LFILE) + chmod 600 $(DESTDIR)$(LFILE) +- chown $(DAEMON_USERNAME):$(DAEMON_GROUPNAME) $(DESTDIR)$(LFILE) +- test -f $(DESTDIR)$(etcdir)/at.allow || test -f $(DESTDIR)$(etcdir)/at.deny || $(INSTALL) -o root -g $(DAEMON_GROUPNAME) -m 640 at.deny $(DESTDIR)$(etcdir)/ +- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 6755 at $(DESTDIR)$(bindir) ++ test -f $(DESTDIR)$(etcdir)/at.allow || test -f $(DESTDIR)$(etcdir)/at.deny || $(INSTALL) -m 640 at.deny $(DESTDIR)$(etcdir)/ ++ $(INSTALL) -m 6755 at $(DESTDIR)$(bindir) + $(LN_S) -f at $(DESTDIR)$(bindir)/atq + $(LN_S) -f at $(DESTDIR)$(bindir)/atrm +- $(INSTALL) -g root -o root -m 755 batch $(DESTDIR)$(bindir) +- $(INSTALL) -g root -o root -m 755 batch-job $(DESTDIR)$(atdatadir) +- $(INSTALL) -d -o root -g root -m 755 $(DESTDIR)$(man1dir) +- $(INSTALL) -d -o root -g root -m 755 $(DESTDIR)$(man5dir) +- $(INSTALL) -d -o root -g root -m 755 $(DESTDIR)$(man8dir) +- $(INSTALL) -g root -o root -m 755 atd $(DESTDIR)$(sbindir) +- $(INSTALL) -g root -o root -m 755 atrun $(DESTDIR)$(sbindir) +- $(INSTALL) -g root -o root -m 644 at.1 $(DESTDIR)$(man1dir)/ ++ $(INSTALL) -m 755 batch $(DESTDIR)$(bindir) ++ $(INSTALL) -m 755 batch-job $(DESTDIR)$(atdatadir) ++ $(INSTALL) -d -m 755 $(DESTDIR)$(man1dir) ++ $(INSTALL) -d -m 755 $(DESTDIR)$(man5dir) ++ $(INSTALL) -d -m 755 $(DESTDIR)$(man8dir) ++ $(INSTALL) -m 755 atd $(DESTDIR)$(sbindir) ++ $(INSTALL) -m 755 atrun $(DESTDIR)$(sbindir) ++ $(INSTALL) -m 644 at.1 $(DESTDIR)$(man1dir)/ + cd $(DESTDIR)$(man1dir) && $(LN_S) -f at.1 atq.1 && $(LN_S) -f at.1 batch.1 && $(LN_S) -f at.1 atrm.1 +- $(INSTALL) -g root -o root -m 644 atd.8 $(DESTDIR)$(man8dir)/ ++ $(INSTALL) -m 644 atd.8 $(DESTDIR)$(man8dir)/ sed "s,\$${exec_prefix},$(exec_prefix),g" tmpman -- $(INSTALL) -g root -o root -m 644 tmpman $(IROOT)$(man8dir)/atrun.8 -+ $(INSTALL) -m 644 tmpman $(IROOT)$(man8dir)/atrun.8 +- $(INSTALL) -g root -o root -m 644 tmpman $(DESTDIR)$(man8dir)/atrun.8 ++ $(INSTALL) -m 644 tmpman $(DESTDIR)$(man8dir)/atrun.8 rm -f tmpman -- $(INSTALL) -g root -o root -m 644 at.allow.5 $(IROOT)$(man5dir)/ -+ $(INSTALL) -m 644 at.allow.5 $(IROOT)$(man5dir)/ - cd $(IROOT)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5 -- $(INSTALL) -g root -o root -m 644 $(DOCS) $(IROOT)$(atdocdir) -+ $(INSTALL) -m 644 $(DOCS) $(IROOT)$(atdocdir) - rm -f $(IROOT)$(mandir)/cat1/at.1* $(IROOT)$(mandir)/cat1/batch.1* \ - $(IROOT)$(mandir)/cat1/atq.1* - rm -f $(IROOT)$(mandir)/cat1/atd.8* +- $(INSTALL) -g root -o root -m 644 at.allow.5 $(DESTDIR)$(man5dir)/ ++ $(INSTALL) -m 644 at.allow.5 $(DESTDIR)$(man5dir)/ + cd $(DESTDIR)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5 +- $(INSTALL) -g root -o root -m 644 $(DOCS) $(DESTDIR)$(atdocdir) ++ $(INSTALL) -m 644 $(DOCS) $(DESTDIR)$(atdocdir) + rm -f $(DESTDIR)$(mandir)/cat1/at.1* $(DESTDIR)$(mandir)/cat1/batch.1* \ + $(DESTDIR)$(mandir)/cat1/atq.1* + rm -f $(DESTDIR)$(mandir)/cat1/atd.8* if test x"$(systemdsystemunitdir)" != xno; then \ -- $(INSTALL) -o root -g root -m 755 -d $(IROOT)$(systemdsystemunitdir); \ -- $(INSTALL) -o root -g root -m 644 atd.service $(IROOT)$(systemdsystemunitdir); \ -+ $(INSTALL) -m 755 -d $(IROOT)$(systemdsystemunitdir); \ -+ $(INSTALL) -m 644 atd.service $(IROOT)$(systemdsystemunitdir); \ +- $(INSTALL) -o root -g root -m 755 -d $(DESTDIR)$(systemdsystemunitdir); \ +- $(INSTALL) -o root -g root -m 644 atd.service $(DESTDIR)$(systemdsystemunitdir); \ ++ $(INSTALL) -m 755 -d $(DESTDIR)$(systemdsystemunitdir); \ ++ $(INSTALL) -m 644 atd.service $(DESTDIR)$(systemdsystemunitdir); \ fi dist: checkin $(DIST) $(LIST) Filelist.asc diff --git a/at-atq-timeformat.patch b/at-atq-timeformat.patch deleted file mode 100644 index 4b738cc..0000000 --- a/at-atq-timeformat.patch +++ /dev/null @@ -1,92 +0,0 @@ ---- - at.1.in | 5 +++++ - at.c | 11 ++++++++--- - panic.c | 2 +- - 3 files changed, 14 insertions(+), 4 deletions(-) - -Index: at-3.2.0/at.1.in -=================================================================== ---- at-3.2.0.orig/at.1.in -+++ at-3.2.0/at.1.in -@@ -33,6 +33,8 @@ at, batch, atq, atrm \- queue, examine, - .RB [ \-V ] - .RB [ \-q - .IR queue ] -+.RB [ -o -+.IR timeformat ] - .br - .B at - .RB [ \-rd ] -@@ -269,6 +271,9 @@ Times displayed will be in the format "T - .B - \-c - cats the jobs listed on the command line to standard output. -+.TP 8 -+.BI \-o " fmt" -+strftime-like time format used for the job list - .SH FILES - .I @ATJBD@ - .br -Index: at-3.2.0/at.c -=================================================================== ---- at-3.2.0.orig/at.c -+++ at-3.2.0/at.c -@@ -136,6 +136,7 @@ char *atinput = (char *) 0; /* where to - char atqueue = 0; /* which queue to examine for jobs (atq) */ - char atverify = 0; /* verify time instead of queuing job */ - char *mail_rcpt = (char *) 0; /* user to send mail to */ -+char *timeformat = TIMEFORMAT_POSIX; /* time format (atq) */ - - /* Function declarations */ - -@@ -534,7 +535,7 @@ writefile(time_t runtimer, char queue) - /* This line maybe superfluous after commit 11cb731bb560eb7bff4889c5528d5f776606b0d3 */ - runtime = localtime(&runtimer); - -- strftime(timestr, TIMESIZE, TIMEFORMAT_POSIX, runtime); -+ strftime(timestr, TIMESIZE, timeformat, runtime); - fprintf(stderr, "job %ld at %s\n", jobno, timestr); - - /* Signal atd, if present. Usual precautions taken... */ -@@ -648,7 +649,7 @@ list_jobs(long *joblist, int len) - runtimer = 60 * (time_t) ctm; - runtime = localtime(&runtimer); - -- strftime(timestr, TIMESIZE, TIMEFORMAT_POSIX, runtime); -+ strftime(timestr, TIMESIZE, timeformat, runtime); - - if ((pwd = getpwuid(buf.st_uid))) - printf("%ld\t%s %c %s\n", jobno, timestr, queue, pwd->pw_name); -@@ -845,7 +846,7 @@ main(int argc, char **argv) - */ - if (strcmp(pgm, "atq") == 0) { - program = ATQ; -- options = "hq:V"; -+ options = "hq:Vo:"; - } else if (strcmp(pgm, "atrm") == 0) { - program = ATRM; - options = "hV"; -@@ -931,6 +932,10 @@ main(int argc, char **argv) - } - break; - -+ case 'o': -+ timeformat = optarg; -+ break; -+ - default: - usage(); - break; -Index: at-3.2.0/panic.c -=================================================================== ---- at-3.2.0.orig/panic.c -+++ at-3.2.0/panic.c -@@ -96,7 +96,7 @@ usage(void) - " at [-V] [-q x] [-f file] [-u username] [-mMlbv] -t time\n" - " at -c job ...\n" - " at [-V] -l [job ...]\n" -- " atq [-V] [-q x]\n" -+ " atq [-V] [-q x] [-o timeformat]\n" - " at [ -rd ] job ...\n" - " atrm [-V] job ...\n" - " batch\n"); diff --git a/at-backport-old-privs.patch b/at-backport-old-privs.patch index d53195d..3995f1a 100644 --- a/at-backport-old-privs.patch +++ b/at-backport-old-privs.patch @@ -11,10 +11,10 @@ References: https://bugzilla.novell.com/show_bug.cgi?id=849720 at.c | 31 ++++++++++--------------------- 1 file changed, 10 insertions(+), 21 deletions(-) -Index: at-3.2.0/at.c +Index: at-3.2.4/at.c =================================================================== ---- at-3.2.0.orig/at.c -+++ at-3.2.0/at.c +--- at-3.2.4.orig/at.c ++++ at-3.2.4/at.c @@ -155,18 +155,11 @@ sigc(int signo) /* If the user presses ^C, remove the spool file and exit */ @@ -40,7 +40,7 @@ Index: at-3.2.0/at.c */ cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR); - seteuid(real_uid); - if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1) + if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY | O_SYNC, S_IRUSR)) == -1) perr("Cannot create atjob file %.500s", atfile); - seteuid(effective_uid); @@ -54,7 +54,7 @@ Index: at-3.2.0/at.c PRIV_END -@@ -719,11 +708,7 @@ process_jobs(int argc, char **argv, int +@@ -729,11 +718,7 @@ process_jobs(int argc, char **argv, int switch (what) { case ATRM: @@ -67,7 +67,7 @@ Index: at-3.2.0/at.c if (queue == '=') { fprintf(stderr, "Warning: deleting running job\n"); -@@ -733,7 +718,7 @@ process_jobs(int argc, char **argv, int +@@ -743,7 +728,7 @@ process_jobs(int argc, char **argv, int rc = EXIT_FAILURE; } @@ -76,7 +76,7 @@ Index: at-3.2.0/at.c done = 1; break; -@@ -743,21 +728,25 @@ process_jobs(int argc, char **argv, int +@@ -753,22 +738,26 @@ process_jobs(int argc, char **argv, int FILE *fp; int ch; @@ -96,6 +96,7 @@ Index: at-3.2.0/at.c + PRIV_START fclose(fp); + PRIV_END + fp = NULL; } else { perr("Cannot open %.500s", dirent->d_name); diff --git a/at-secure_getenv.patch b/at-secure_getenv.patch deleted file mode 100644 index 62a7080..0000000 --- a/at-secure_getenv.patch +++ /dev/null @@ -1,57 +0,0 @@ ---- - at.c | 10 +++++++++- - configure.ac | 6 ++++-- - 2 files changed, 13 insertions(+), 3 deletions(-) - -Index: at-3.2.0/at.c -=================================================================== ---- at-3.2.0.orig/at.c -+++ at-3.2.0/at.c -@@ -97,6 +97,14 @@ - #define DEFAULT_QUEUE 'a' - #define BATCH_QUEUE 'b' - -+#ifndef HAVE_SECURE_GETENV -+# ifdef HAVE___SECURE_GETENV -+# define secure_getenv __secure_getenv -+# else -+# error neither secure_getenv nor __secure_getenv is available -+# endif -+#endif -+ - enum { - ATQ, BATCH, ATRM, AT, CAT - }; /* what program we want to run */ -@@ -372,7 +380,7 @@ writefile(time_t runtimer, char queue) - */ - mailname = getlogin(); - if (mailname == NULL) -- mailname = getenv("LOGNAME"); -+ mailname = secure_getenv("LOGNAME"); - if (mailname == NULL || mailname[0] == '\0' || getpwnam(mailname) == NULL) { - pass_entry = getpwuid(real_uid); - if (pass_entry != NULL) -Index: at-3.2.0/configure.ac -=================================================================== ---- at-3.2.0.orig/configure.ac -+++ at-3.2.0/configure.ac -@@ -17,8 +17,9 @@ AC_SUBST(VERSION) - AC_CANONICAL_HOST - - dnl Checks for programs. -- --AC_PROG_CC -+AC_USE_SYSTEM_EXTENSIONS -+AC_PROG_CC_STDC -+AC_SYS_LARGEFILE - AC_PROG_INSTALL - AC_PROG_LN_S - AC_PROG_YACC -@@ -56,6 +57,7 @@ AC_CHECK_LIB(fl,yywrap, - - PKG_CHECK_MODULES([HX], [libHX]) - -+AC_CHECK_FUNCS([__secure_getenv secure_getenv]) - dnl Checks for header files. - AC_HEADER_DIRENT - AC_HEADER_STDC diff --git a/at.changes b/at.changes index 007d0b5..5a9e91f 100644 --- a/at.changes +++ b/at.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Tue Feb 22 16:24:52 UTC 2022 - Danilo Spinella + +- Update to version 3.2.4: + * Upstream SUSE patches +- Update to version 3.2.3: + * Fix two typos on documentation + * Upstream SUSE patches + * Various improvements to the code and the build system +- Refresh patches: + * at-3.1.16-handle_malformed_jobs.patch + * at-3.2.2.patch + * at-backport-old-privs.patch + * harden_atd.service.patch +- Drop upstreamed patches: + * at-3.1.13-leak-fix.patch + * at-3.1.13-massive_batch.patch + * at-3.1.14-joblist.patch + * at-3.1.14-usePOSIXtimers.patch + * at-3.1.8-jobdir-mtime.patch + * at-atq-timeformat.patch + * at-secure_getenv.patch + ------------------------------------------------------------------- Tue Nov 23 12:32:11 UTC 2021 - Johannes Segitz diff --git a/at.spec b/at.spec index 3b4c797..93adff0 100644 --- a/at.spec +++ b/at.spec @@ -1,7 +1,7 @@ # # spec file for package at # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: at -Version: 3.2.2 +Version: 3.2.4 Release: 0 Summary: A Job Manager License: GPL-2.0-or-later @@ -32,29 +32,18 @@ Source3: sysconfig.atd Source5: atd.service Source6: system-user-at.conf Patch0: at-3.2.2.patch -Patch4: at-3.1.14-joblist.patch -Patch10: at-3.1.13-massive_batch.patch Patch11: at-3.1.13-documentation-dir.patch -# PATCH-FIX-UPSTREAM clean-up opened descriptors (bnc#533454, bnc#523346) -Patch15: at-3.1.13-leak-fix.patch #PATCH-FIX-OPENSUSE add proper system users to the deny list Patch16: at-3.1.8-denylist.patch #PATCH-FIX-UPSTREAM plan jobs with past time to tomorrow (bnc#672586) Patch17: at-3.1.13-tomorrow.patch -#PATCH-FIX-UPSTREAM wrong mtime handling of jobdir (bnc#680113) -Patch19: at-3.1.8-jobdir-mtime.patch Patch20: at-3.1.14-parse-suse-sysconfig.patch #PATCH-FIX-UPSTREAM fix makefile dependencies Patch21: at-3.1.14-makefile-deps.patch #PATCH-FIX-OPENSUSE Set pid dir to /run not /var/run Patch22: at-piddir.patch -Patch23: at-secure_getenv.patch #PATCH-FIX-OPENSUSE backport privs from 3.1.8 (bnc#849720) Patch24: at-backport-old-privs.patch -#PATCH-FEATURE-UPSTREAM introduce -o argument for atq (bnc#879402) -Patch25: at-atq-timeformat.patch -#PATCH-FIX-OPENSUSE use posix timers to avoid the need of suspend/resume hacks. -Patch27: at-3.1.14-usePOSIXtimers.patch Patch28: at-adjust_load_to_cpu_count.patch # PATCH-FIX-UPSTREAM bnc#945124 kstreitova@suse.com -- don't loop on corrupt files and prevent their creation Patch29: at-3.1.16-handle_malformed_jobs.patch diff --git a/at_3.2.2.orig.tar.gz b/at_3.2.2.orig.tar.gz deleted file mode 100644 index e0f698a..0000000 --- a/at_3.2.2.orig.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2211da14914fde1f9cc83592838fb6385a32fb11fcecb7816c77700df6559088 -size 127677 diff --git a/at_3.2.4.orig.tar.gz b/at_3.2.4.orig.tar.gz new file mode 100644 index 0000000..237c0ad --- /dev/null +++ b/at_3.2.4.orig.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:76990cbb6f4b9bfedb926637904fdcc0d4fa20b6596b9c932117a49a0624c684 +size 132124 diff --git a/harden_atd.service.patch b/harden_atd.service.patch index 1610889..69e4905 100644 --- a/harden_atd.service.patch +++ b/harden_atd.service.patch @@ -1,7 +1,7 @@ -Index: at-3.2.2/atd.service.in +Index: at-3.2.4/atd.service.in =================================================================== ---- at-3.2.2.orig/atd.service.in -+++ at-3.2.2/atd.service.in +--- at-3.2.4.orig/atd.service.in ++++ at-3.2.4/atd.service.in @@ -4,6 +4,17 @@ Documentation=man:atd(8) After=remote-fs.target nss-user-lookup.target