Accepting request 1140679 from Base:System
OBS-URL: https://build.opensuse.org/request/show/1140679 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cronie?expand=0&rev=91
This commit is contained in:
commit
bda5856b15
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:956c6a722ad7fc332b96ecc2f8374236825a7c6f4a48dcaf7d23b0f17670cdcc
|
|
||||||
size 153390
|
|
3
cronie-1.7.1.tar.gz
Normal file
3
cronie-1.7.1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:535b96894c52e679085e1d8b36794308c162b1e8dac29031c02f678effc523e1
|
||||||
|
size 154050
|
@ -1,3 +1,19 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jan 22 15:39:47 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com>
|
||||||
|
|
||||||
|
- Update to 1.7.1:
|
||||||
|
* crond: Wait on finishing the job with -n option to check
|
||||||
|
the exit status
|
||||||
|
* crond: Do not set the return path to <> if non-default MAILFROM is set
|
||||||
|
* /etc/sysconfig/crond and /etc/default/anacron files are optional
|
||||||
|
- Remove test-for-etc-default-anacron.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jan 18 08:27:24 UTC 2024 - Johannes Segitz <jsegitz@suse.com>
|
||||||
|
|
||||||
|
- Set safe permissions for crontab backups. Add
|
||||||
|
* safe-backup-permissions.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jan 11 17:52:56 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com>
|
Thu Jan 11 17:52:56 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com>
|
||||||
|
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
||||||
%endif
|
%endif
|
||||||
Name: cronie
|
Name: cronie
|
||||||
Version: 1.7.0
|
Version: 1.7.1
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Cron Daemon
|
Summary: Cron Daemon
|
||||||
License: BSD-3-Clause AND GPL-2.0-only AND MIT
|
License: BSD-3-Clause AND GPL-2.0-only AND MIT
|
||||||
@ -48,8 +48,8 @@ Patch5: cronie-crond_pid.diff
|
|||||||
Patch13: fix-manpage-replace-anacrontab-with-crontab.patch
|
Patch13: fix-manpage-replace-anacrontab-with-crontab.patch
|
||||||
# PATCH-FEATURE-OPENSUSE user common-session-nonlogin
|
# PATCH-FEATURE-OPENSUSE user common-session-nonlogin
|
||||||
Patch14: cronie-pam_config-nonlogin.diff
|
Patch14: cronie-pam_config-nonlogin.diff
|
||||||
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1218377
|
# PATCH-FIX-UPSTREAM jsegitz@suse.de https://github.com/cronie-crond/cronie/pull/172
|
||||||
Patch15: test-for-etc-default-anacron.patch
|
Patch16: safe-backup-permissions.patch
|
||||||
BuildRequires: audit-devel
|
BuildRequires: audit-devel
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
@ -111,7 +111,7 @@ cp %{SOURCE7} ./cron_to_cronie.README
|
|||||||
%if 0%{?suse_version} > 1500
|
%if 0%{?suse_version} > 1500
|
||||||
%patch14 -p1
|
%patch14 -p1
|
||||||
%endif
|
%endif
|
||||||
%patch15 -p1
|
%patch16 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# fill macro CRON_VERSION it is used in top three lines of crontab file,should be reworked
|
# fill macro CRON_VERSION it is used in top three lines of crontab file,should be reworked
|
||||||
|
31
safe-backup-permissions.patch
Normal file
31
safe-backup-permissions.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
Index: cronie-cronie-1.7.0/src/crontab.c
|
||||||
|
===================================================================
|
||||||
|
--- cronie-cronie-1.7.0.orig/src/crontab.c
|
||||||
|
+++ cronie-cronie-1.7.0/src/crontab.c
|
||||||
|
@@ -520,6 +520,7 @@ static int backup_crontab(const char *cr
|
||||||
|
FILE *backup_file;
|
||||||
|
struct stat sb;
|
||||||
|
int retval = 0;
|
||||||
|
+ mode_t old_umask;
|
||||||
|
|
||||||
|
/* create backup directory */
|
||||||
|
if ((env_value = getenv("XDG_CACHE_HOME")) != NULL) {
|
||||||
|
@@ -590,6 +591,9 @@ static int backup_crontab(const char *cr
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // ensure backup file has strict permssions. Crontabs are not readable for
|
||||||
|
+ // other users and might contain sensitive information
|
||||||
|
+ old_umask = umask(0077);
|
||||||
|
if ((backup_file = fopen(backup_path, "w+")) == NULL) {
|
||||||
|
fprintf(stderr, "Failed to write to the backup file: ");
|
||||||
|
perror(backup_path);
|
||||||
|
@@ -598,6 +602,8 @@ static int backup_crontab(const char *cr
|
||||||
|
}
|
||||||
|
|
||||||
|
swapback:
|
||||||
|
+ umask(old_umask);
|
||||||
|
+
|
||||||
|
if (swap_uids_back() < OK) {
|
||||||
|
perror("swapping uids back");
|
||||||
|
exit(ERROR_EXIT);
|
@ -1,26 +0,0 @@
|
|||||||
From 7700b1465d32ddb1d3988e9af852af6f0f5cd66e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Christian Hesse <mail@eworm.de>
|
|
||||||
Date: Mon, 16 Oct 2023 10:14:33 +0200
|
|
||||||
Subject: [PATCH] re-introduce the test for existence of file
|
|
||||||
|
|
||||||
If the file does not exist it exits early with error... Let's source
|
|
||||||
only if files acutually does exist. We still have a sane default.
|
|
||||||
---
|
|
||||||
contrib/0anacron | 4 +++-
|
|
||||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/contrib/0anacron b/contrib/0anacron
|
|
||||||
index 090219a..5379e41 100644
|
|
||||||
--- a/contrib/0anacron
|
|
||||||
+++ b/contrib/0anacron
|
|
||||||
@@ -8,7 +8,9 @@ if [ `date +%Y%m%d` = "$day" ]; then
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check whether run on battery should be allowed
|
|
||||||
-. /etc/default/anacron
|
|
||||||
+if test -r /etc/default/anacron; then
|
|
||||||
+ . /etc/default/anacron
|
|
||||||
+fi
|
|
||||||
|
|
||||||
if [ "$ANACRON_RUN_ON_BATTERY_POWER" != "yes" ]; then
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user