diff --git a/at-backport-old-privs.patch b/at-backport-old-privs.patch new file mode 100644 index 0000000..1d859fa --- /dev/null +++ b/at-backport-old-privs.patch @@ -0,0 +1,107 @@ +From: Michal Vyskocil +Subject: Backport old privs + +at since 3.10 have substantially changed the priviledge model, which is tied to +Debian setup of at. As SUSE does use a different layout, this patch introduces +back the PRIV_START/PRIV_END + fchown where needed. + +References: https://bugzilla.novell.com/show_bug.cgi?id=849720 + +--- + at.c | 12 ++++-------- + 1 file changed, 4 insertions(+), 8 deletions(-) + +Index: at-3.1.13/at.c +=================================================================== +--- at-3.1.13.orig/at.c ++++ at-3.1.13/at.c +@@ -154,18 +154,11 @@ sigc(int signo) + /* If the user presses ^C, remove the spool file and exit + */ + if (fcreated) { +- /* + PRIV_START + +- We need the unprivileged uid here since the file is owned by the real +- (not effective) uid. +- */ +- setregid(real_gid, effective_gid); + unlink(atfile); +- setregid(effective_gid, real_gid); +- /* ++ + PRIV_END +- */ + } + exit(EXIT_FAILURE); + } +@@ -325,18 +318,14 @@ writefile(time_t runtimer, char queue) + * bit. Yes, this is a kluge. + */ + cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR); +- seteuid(real_uid); + if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1) + perr("Cannot create atjob file %.500s", atfile); +- seteuid(effective_uid); + + if ((fd2 = dup(fd)) < 0) + perr("Error in dup() of job file"); + +- /* + if (fchown(fd2, real_uid, real_gid) != 0) + perr("Cannot give away file"); +- */ + + PRIV_END + +@@ -679,11 +668,7 @@ process_jobs(int argc, char **argv, int + switch (what) { + case ATRM: + +- /* +- We need the unprivileged uid here since the file is owned by the real +- (not effective) uid. +- */ +- setregid(real_gid, effective_gid); ++ PRIV_START + + if (queue == '=') { + fprintf(stderr, "Warning: deleting running job\n"); +@@ -693,7 +678,7 @@ process_jobs(int argc, char **argv, int + rc = EXIT_FAILURE; + } + +- setregid(effective_gid, real_gid); ++ PRIV_END + done = 1; + + break; +@@ -703,21 +688,25 @@ process_jobs(int argc, char **argv, int + FILE *fp; + int ch; + +- setregid(real_gid, effective_gid); +- fp = fopen(dirent->d_name, "r"); ++ PRIV_START ++ ++ fp = fopen(dirent->d_name, "r"); ++ ++ PRIV_END + + if (fp) { + while ((ch = getc(fp)) != EOF) { + putchar(ch); + } + done = 1; ++ PRIV_START + fclose(fp); ++ PRIV_END + } + else { + perr("Cannot open %.500s", dirent->d_name); + rc = EXIT_FAILURE; + } +- setregid(effective_gid, real_gid); + } + break; + diff --git a/at.changes b/at.changes index 5706f15..492a4a9 100644 --- a/at.changes +++ b/at.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Nov 12 15:37:29 UTC 2013 - mvyskocil@suse.com + +- use old privs model (fixes bnc#849720) + * at-backport-old-privs.patch +- do not install sysvinit script and service file together +- add sticky bit to atjobs + ------------------------------------------------------------------- Tue Oct 22 06:38:25 UTC 2013 - meissner@suse.com diff --git a/at.spec b/at.spec index e0c608f..6e1853b 100644 --- a/at.spec +++ b/at.spec @@ -62,6 +62,8 @@ Patch21: at-makefile-deps.patch #PATCH-FIX-OPENSUSE Set pid dir to /run not /var/run Patch22: at-piddir.patch Patch23: at-secure_getenv.patch +#PATCH-FIX-OPENSUSE backport privs from 3.1.8 (bnc#849720) +Patch24: at-backport-old-privs.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %{_sbindir}/useradd %{_sbindir}/groupadd %fillup_prereq %insserv_prereq PreReq: permissions @@ -98,6 +100,8 @@ This program allows you to run jobs at specified times. %patch21 -p1 %patch22 %patch23 -p1 +%patch24 -p1 + %build rm -fv y.tab.c y.tab.h lex.yy.c lex.yy.o y.tab.o autoreconf -fiv @@ -107,10 +111,11 @@ export SENDMAIL=%{_sbindir}/sendmail --with-selinux \ --with-daemon_username=at \ --with-daemon_groupname=at + make %{?_smp_mflags} %install -mkdir -p $RPM_BUILD_ROOT/etc/{init.d,pam.d} +mkdir -p $RPM_BUILD_ROOT/etc/pam.d mkdir -p $RPM_BUILD_ROOT/usr/{bin,sbin,share/man/man{1,5,8}} mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates export CFLAGS="$RPM_OPT_FLAGS" @@ -119,15 +124,20 @@ make install IROOT=$RPM_BUILD_ROOT # Don't install docs here in this way mkdir docs mv $RPM_BUILD_ROOT/%{_prefix}/doc/at/* docs/ + +%if ! %{has_systemd} +mkdir -p $RPM_BUILD_ROOT/etc/init.d install %SOURCE1 $RPM_BUILD_ROOT/etc/init.d/atd ln -sf ../../etc/init.d/atd $RPM_BUILD_ROOT%{_sbindir}/rcatd -install -m644 %SOURCE2 $RPM_BUILD_ROOT/etc/pam.d/atd -install -m644 %SOURCE3 $RPM_BUILD_ROOT/var/adm/fillup-templates -%if 0%{?has_systemd} +%else install -D -m 0644 %{S:5} %{buildroot}%{_unitdir}/atd.service %{__install} -D -m 0755 %{S:4} %{buildroot}%{_prefix}/lib/systemd/system-sleep/atd.sh +ln -sf ../../%{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcatd %endif +install -m644 %SOURCE2 $RPM_BUILD_ROOT/etc/pam.d/atd +install -m644 %SOURCE3 $RPM_BUILD_ROOT/var/adm/fillup-templates + %pre %{_sbindir}/groupadd -g 25 -o -r at 2> /dev/null || : %{_sbindir}/useradd -r -o -g at -u 25 -s /bin/bash -c "Batch jobs daemon" -d /var/spool/atjobs at 2> /dev/null || : @@ -148,20 +158,22 @@ if [ -f etc/init.d/at ] ; then rm -f etc/init.d/at %{insserv_cleanup} fi -%{fillup_and_insserv -n atd atd } %set_permissions /usr/bin/at %if 0%{?has_systemd} %service_add_post atd.service +%else +%{fillup_and_insserv -n atd atd } %endif %verifyscript %verify_permissions -e /usr/bin/at %postun -%restart_on_update atd %insserv_cleanup %if 0%{?has_systemd} %service_del_postun atd.service +%else +%restart_on_update atd %endif %files @@ -169,7 +181,6 @@ fi %doc Problems Copyright COPYING README ChangeLog timespec %config(noreplace) /etc/at.deny %{_sbindir}/rcatd -%config /etc/init.d/atd %config %attr(644,root,root) /etc/pam.d/atd %verify(not mode) %attr(4750,root,trusted) %{_bindir}/at %{_bindir}/atq @@ -179,12 +190,14 @@ fi %{_sbindir}/atd %{_sbindir}/atrun %attr(700,at,at) %dir /var/spool/atspool -%attr(700,at,at) %dir /var/spool/atjobs +%attr(1770,at,at) %dir /var/spool/atjobs %attr(600,at,at) /var/spool/atjobs/.SEQ /var/adm/fillup-templates/sysconfig.atd %if 0%{?has_systemd} %{_unitdir}/atd.service %{_prefix}/lib/systemd/system-sleep/atd.sh +%else +%config /etc/init.d/atd %endif %changelog