Hello community,
here is the log from the commit of package at for openSUSE:Factory checked in at 2017-08-06 11:28:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/at (Old)
and /work/SRC/openSUSE:Factory/.at.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "at"
Sun Aug 6 11:28:23 2017 rev:71 rq:512800 version:3.1.20
Changes:
--------
--- /work/SRC/openSUSE:Factory/at/at.changes 2015-10-17 16:36:49.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.at.new/at.changes 2017-08-06 11:28:24.693421366 +0200
@@ -1,0 +2,25 @@
+Sat Jul 22 07:21:45 UTC 2017 - tchvatal@suse.com
+
+- Drop patch at-3.1.8-eal3-manpages.patch merged upstream differently
+
+-------------------------------------------------------------------
+Sat Jul 22 07:07:28 UTC 2017 - tchvatal@suse.com
+
+- Version update to at 3.1.20 to match latest upstream:
+ * Pam and selinux implemented upstream
+ * various tiny fixes
+- Rebase patches:
+ * at-3.1.13-documentation-dir.patch
+ * at-3.1.13-massive_batch.patch
+ * at-3.1.14-joblist.patch
+ * at-3.1.14-parse-suse-sysconfig.patch
+ * at-3.1.14-usePOSIXtimers.patch
+ * at-3.1.14.patch
+- Drop no longer needed patches:
+ * at-3.1.13-formatbugs.patch
+ * at-3.1.13-pam-session-as-root.patch
+ * at-3.1.13-pam.patch
+ * at-3.1.13-queue-nice-level.patch
+ * at-3.1.14-selinux.patch
+
+-------------------------------------------------------------------
Old:
----
at-3.1.13-formatbugs.patch
at-3.1.13-pam-session-as-root.patch
at-3.1.13-pam.patch
at-3.1.13-queue-nice-level.patch
at-3.1.14-selinux.patch
at-3.1.8-eal3-manpages.patch
at_3.1.16.orig.tar.gz
New:
----
at_3.1.20.orig.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ at.spec ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:26.933105834 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:26.941104707 +0200
@@ -1,7 +1,7 @@
#
# spec file for package at
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: at
-Version: 3.1.16
+Version: 3.1.20
Release: 0
Summary: A Job Manager
License: GPL-2.0+
@@ -29,16 +29,8 @@
Source5: atd.service
Patch0: at-3.1.14.patch
Patch4: at-3.1.14-joblist.patch
-Patch5: at-3.1.14-selinux.patch
-Patch7: at-3.1.8-eal3-manpages.patch
-## no bugs anymore for patch8. Just paranoia checking
-Patch8: at-3.1.13-formatbugs.patch
-Patch9: at-3.1.13-pam.patch
Patch10: at-3.1.13-massive_batch.patch
Patch11: at-3.1.13-documentation-dir.patch
-Patch12: at-3.1.13-queue-nice-level.patch
-# PATCH-FIX-UPSTREAM pam-session-as-root (bnc#408986, bnc#239210)
-Patch14: at-3.1.13-pam-session-as-root.patch
# PATCH-FIX-UPSTREAM clean-up opened descriptors (bnc#533454, bnc#523346)
Patch15: at-3.1.13-leak-fix.patch
#PATCH-FIX-OPENSUSE add proper system users to the deny list
@@ -86,14 +78,8 @@
%setup -q
%patch0
%patch4
-%patch5
-%patch7
-%patch8
-%patch9
%patch10
%patch11
-%patch12
-%patch14
%patch15
%patch16
%patch17 -p1
@@ -109,13 +95,10 @@
%patch29 -p1
%build
-rm -fv y.tab.c y.tab.h lex.yy.c lex.yy.o y.tab.o
-autoreconf -fiv
-
-export CFLAGS="%{?optflags} -fPIE"
-export LDFLAGS="-pie"
export SENDMAIL=%{_sbindir}/sendmail
+autoreconf -fvi
+
%configure \
--with-pam \
--with-selinux \
++++++ at-3.1.13-documentation-dir.patch ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.005095692 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.017094001 +0200
@@ -2,10 +2,8 @@
===================================================================
--- at.1.in.orig
+++ at.1.in
-@@ -124,11 +124,11 @@ to run a job at 10:00am on July 31, you
- .B at 10am Jul 31
- and to run a job at 1am tomorrow, you would do
- .B at 1am tomorrow.
+@@ -132,7 +132,7 @@ the past, the job will run as soon as po
+ it will run more likely at 8:05pm.
.PP
The definition of the time specification can be found in
-.IR @prefix@/share/doc/at/timespec .
@@ -13,5 +11,3 @@
.PP
For both
.BR at " and " batch ,
- commands are read from standard input or the file specified
- with the
++++++ at-3.1.13-massive_batch.patch ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.109081042 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.113080479 +0200
@@ -2,9 +2,7 @@
===================================================================
--- atd.c.orig
+++ atd.c
-@@ -112,13 +112,14 @@ gid_t daemon_gid = (gid_t) - 3;
-
- static char *namep;
+@@ -108,9 +108,10 @@ static char *namep;
static double load_avg = LOADAVG_MX;
static time_t now;
static time_t last_chg;
@@ -16,11 +14,7 @@
static volatile sig_atomic_t term_signal = 0;
- #ifdef WITH_PAM
- #include
-@@ -146,14 +147,14 @@ set_term(int dummy)
- {
- term_signal = 1;
+@@ -141,10 +142,10 @@ set_term(int dummy)
return;
}
@@ -34,11 +28,7 @@
nothing_to_do = 0;
return;
}
-
- /* SIGCHLD handler - discards completion status of children */
-@@ -807,10 +808,11 @@ run_loop()
-
- if (nothing_to_do && buf.st_mtime <= last_chg)
+@@ -647,6 +648,7 @@ run_loop()
return next_job;
last_chg = buf.st_mtime;
@@ -46,11 +36,7 @@
if ((spool = opendir(".")) == NULL)
perr("Cannot read " ATJOB_DIR);
- run_batch = 0;
- nothing_to_do = 1;
-@@ -1043,11 +1045,11 @@ main(int argc, char *argv[])
- * A signal handler setting term_signal will make sure there's
- * a clean exit.
+@@ -898,7 +900,7 @@ main(int argc, char *argv[])
*/
sigaction(SIGHUP, NULL, &act);
@@ -59,11 +45,7 @@
sigaction(SIGHUP, &act, NULL);
sigaction(SIGTERM, NULL, &act);
- act.sa_handler = set_term;
- sigaction(SIGTERM, &act, NULL);
-@@ -1059,12 +1061,13 @@ main(int argc, char *argv[])
- daemon_setup();
-
+@@ -914,9 +916,10 @@ main(int argc, char *argv[])
do {
now = time(NULL);
next_invocation = run_loop();
@@ -75,4 +57,3 @@
} while (!term_signal);
daemon_cleanup();
exit(EXIT_SUCCESS);
- }
++++++ at-3.1.14-joblist.patch ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.157074281 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.165073154 +0200
@@ -2,9 +2,7 @@
===================================================================
--- at.c.orig
+++ at.c
-@@ -132,11 +132,13 @@ char atverify = 0; /* verify time inste
-
- static void sigc(int signo);
+@@ -134,7 +134,9 @@ static void sigc(int signo);
static void alarmc(int signo);
static char *cwdname(void);
static void writefile(time_t runtimer, char queue);
@@ -15,11 +13,7 @@
/* Signal catching functions */
- static RETSIGTYPE
- sigc(int signo)
-@@ -545,12 +547,24 @@ writefile(time_t runtimer, char queue)
- break;
- }
+@@ -566,8 +568,20 @@ writefile(time_t runtimer, char queue)
return;
}
@@ -41,11 +35,7 @@
{
/* List all a user's jobs in the queue, by looping through ATJOB_DIR,
* or everybody's if we are root
- */
- DIR *spool;
-@@ -585,10 +599,14 @@ list_jobs(void)
- continue;
-
+@@ -606,6 +620,10 @@ list_jobs(void)
if (sscanf(dirent->d_name, "%c%5lx%8lx", &queue, &jobno, &ctm) != 3)
continue;
@@ -56,11 +46,7 @@
if (atqueue && (queue != atqueue))
continue;
- runtimer = 60 * (time_t) ctm;
- runtime = localtime(&runtimer);
-@@ -706,10 +724,33 @@ process_jobs(int argc, char **argv, int
- }
- }
+@@ -727,6 +745,29 @@ process_jobs(int argc, char **argv, int
return rc;
} /* delete_jobs */
@@ -90,12 +76,8 @@
/* Global functions */
void *
- mymalloc(size_t n)
- {
-@@ -731,10 +772,12 @@ main(int argc, char **argv)
-
- int program = AT; /* our default program */
- char *options = "q:f:MmvlrdhVct:"; /* default options for at */
+@@ -752,6 +793,8 @@ main(int argc, char **argv)
+ char *options = "q:f:MmbvlrdhVct:"; /* default options for at */
int disp_version = 0;
time_t timer = 0;
+ long *joblist = NULL;
@@ -103,11 +85,7 @@
struct passwd *pwe;
struct group *ge;
- RELINQUISH_PRIVS
-
-@@ -868,12 +911,13 @@ main(int argc, char **argv)
- switch (program) {
- int i;
+@@ -889,8 +932,9 @@ main(int argc, char **argv)
case ATQ:
REDUCE_PRIV(daemon_uid, daemon_gid)
@@ -119,15 +97,11 @@
break;
case ATRM:
-
- REDUCE_PRIV(daemon_uid, daemon_gid)
Index: panic.c
===================================================================
--- panic.c.orig
+++ panic.c
-@@ -93,10 +93,11 @@ usage(void)
- /* Print usage and exit.
- */
+@@ -95,6 +95,7 @@ usage(void)
fprintf(stderr, "Usage: at [-V] [-q x] [-f file] [-mMlbv] timespec ...\n"
" at [-V] [-q x] [-f file] [-mMlbv] -t time\n"
" at -c job ...\n"
@@ -135,5 +109,3 @@
" atq [-V] [-q x]\n"
" at [ -rd ] job ...\n"
" atrm [-V] job ...\n"
- " batch\n");
- exit(EXIT_FAILURE);
++++++ at-3.1.14-parse-suse-sysconfig.patch ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.217065829 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.229064138 +0200
@@ -46,7 +46,7 @@
/* Local headers */
#include "privs.h"
-@@ -930,6 +934,7 @@ main(int argc, char *argv[])
+@@ -798,6 +802,7 @@ main(int argc, char *argv[])
* for execution and yet another one, optionally, for sending mail.
* Files which already have run are removed during the next invocation.
*/
@@ -54,7 +54,7 @@
int c;
time_t next_invocation;
struct sigaction act;
-@@ -998,6 +1003,22 @@ main(int argc, char *argv[])
+@@ -875,6 +880,22 @@ main(int argc, char *argv[])
}
}
@@ -81,8 +81,8 @@
===================================================================
--- configure.ac.orig
+++ configure.ac
-@@ -53,6 +53,8 @@ AC_CHECK_LIB(fl,yywrap,
- AC_DEFINE([NEED_YYWRAP], 1, [need yywrap])
+@@ -54,6 +54,8 @@ AC_CHECK_LIB(fl,yywrap,
+ [Define to 1 if we need to provide our own yywrap()])
)
+PKG_CHECK_MODULES([HX], [libHX])
++++++ at-3.1.14-usePOSIXtimers.patch ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.273057940 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.273057940 +0200
@@ -1,6 +1,8 @@
---- at-3.1.15.orig/atd.c
-+++ at-3.1.15/atd.c
-@@ -919,6 +919,54 @@ run_loop()
+Index: at-3.1.20/atd.c
+===================================================================
+--- at-3.1.20.orig/atd.c
++++ at-3.1.20/atd.c
+@@ -787,6 +787,54 @@ run_loop()
return next_job;
}
@@ -55,7 +57,7 @@
/* Global functions */
int
-@@ -1032,7 +1080,7 @@ main(int argc, char *argv[])
+@@ -909,7 +957,7 @@ main(int argc, char *argv[])
sigaction(SIGCHLD, &act, NULL);
if (!run_as_daemon) {
@@ -64,7 +66,7 @@
run_loop();
exit(EXIT_SUCCESS);
}
-@@ -1055,13 +1103,14 @@ main(int argc, char *argv[])
+@@ -932,13 +980,14 @@ main(int argc, char *argv[])
act.sa_handler = set_term;
sigaction(SIGINT, &act, NULL);
@@ -81,8 +83,10 @@
}
hupped = 0;
} while (!term_signal);
---- at-3.1.15.orig/config.h.in
-+++ at-3.1.15/config.h.in
+Index: at-3.1.20/config.h.in
+===================================================================
+--- at-3.1.20.orig/config.h.in
++++ at-3.1.20/config.h.in
@@ -38,6 +38,9 @@
/* Define to 1 if you have the `getloadavg' function. */
#undef HAVE_GETLOADAVG
@@ -93,11 +97,13 @@
/* Define to 1 if you have the header file. */
#undef HAVE_GETOPT_H
---- at-3.1.15.orig/configure.ac
-+++ at-3.1.15/configure.ac
-@@ -254,6 +254,12 @@ AC_ARG_WITH(daemon_username,
- )
- AC_SUBST(DAEMON_USERNAME)
+Index: at-3.1.20/configure.ac
+===================================================================
+--- at-3.1.20.orig/configure.ac
++++ at-3.1.20/configure.ac
+@@ -263,6 +263,12 @@ fi
+ AC_SUBST(SELINUXLIB)
+ AC_SUBST(WITH_SELINUX)
+dnl check for POSIX timer functions
+AC_SEARCH_LIBS([timer_create],[rt])
++++++ at-3.1.14.patch ++++++
--- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.361045544 +0200
+++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.373043854 +0200
@@ -55,7 +55,7 @@
- cd $(IROOT)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5
- $(INSTALL) -g root -o root -m 644 $(DOCS) $(IROOT)$(atdocdir)
+ $(INSTALL) -m 644 at.allow.5 $(IROOT)$(man5dir)/
-+ $(INSTALL) -m 644 at.deny.5 $(IROOT)$(man5dir)/
++ cd $(IROOT)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5
+ $(INSTALL) -m 644 $(DOCS) $(IROOT)$(atdocdir)
rm -f $(IROOT)$(mandir)/cat1/at.1* $(IROOT)$(mandir)/cat1/batch.1* \
$(IROOT)$(mandir)/cat1/atq.1*
++++++ at_3.1.16.orig.tar.gz -> at_3.1.20.orig.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/ChangeLog new/at-3.1.20/ChangeLog
--- old/at-3.1.16/ChangeLog 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/ChangeLog 2016-06-28 22:55:01.000000000 +0200
@@ -157,3 +157,20 @@
Ansgar Burchardt (1):
at: only retain variables whose name consists of alphanumerics and underscores
+
+at 3.1.17 (2015-08-31):
+
+ Jose M Calhariz:
+ at.1.in: Document behaviour when using past time, thanks Kelly Price (Closes: #639900).
+ Makefile.in: On distclean remove at.allow.5, auto generated file.
+
+at 3.1.18 (2015-12-06)
+
+ Jose M Calhariz:
+ Add support for SELinux, multiples files
+
+at 3.1.19 (2016-03-20)
+ Jose M Calhariz:
+ Fix configure handling of flag --without-selinux.
+
+Last entry on this file follow debian/changelog.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/Copyright new/at-3.1.20/Copyright
--- old/at-3.1.16/Copyright 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/Copyright 2015-12-18 21:29:24.000000000 +0100
@@ -9,6 +9,9 @@
In August 2009 the upstream development and Debian packaging were taken over
by Ansgar Burchardt and Cyril Brulebois .
+In August 2015 the upstream development and Debian packaging were
+taken over by Jose M Calhariz
+
This may be considered the experimental upstream source, and since there
doesn't seem to be any other upstream source, the only upstream source.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/Makefile.in new/at-3.1.20/Makefile.in
--- old/at-3.1.16/Makefile.in 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/Makefile.in 2015-12-18 21:29:24.000000000 +0100
@@ -40,6 +40,7 @@
LIBOBJS = @LIBOBJS@
INSTALL = @INSTALL@
PAMLIB = @PAMLIB@
+SELINUXLIB = @SELINUXLIB@
CLONES = atq atrm
ATOBJECTS = at.o panic.o perm.o posixtm.o y.tab.o lex.yy.o
@@ -73,7 +74,7 @@
$(LN_S) -f at atrm
atd: $(RUNOBJECTS)
- $(CC) $(LDFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB)
+ $(CC) $(LDFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB) $(SELINUXLIB)
y.tab.c y.tab.h: parsetime.y
$(YACC) -d parsetime.y
@@ -142,7 +143,7 @@
rm -f parsetest parsetime.c lex.yy.c y.tab.c y.tab.h
distclean: clean
- rm -rf at.1 atd.8 atrun.8 config.cache atrun batch config.h \
+ rm -rf at.1 at.allow.5 atd.8 atrun.8 config.cache atrun batch config.h \
config.status Makefile config.log build atd.service
checkin: $(DIST)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/at.1.in new/at-3.1.20/at.1.in
--- old/at-3.1.16/at.1.in 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/at.1.in 2015-12-18 21:29:24.000000000 +0100
@@ -125,6 +125,12 @@
and to run a job at 1am tomorrow, you would do
.B at 1am tomorrow.
.PP
+If you specify a job to absolutely run at a specific time and date in
+the past, the job will run as soon as possible. For example, if it is
+8pm and you do a
+.B at 6pm today,
+it will run more likely at 8:05pm.
+.PP
The definition of the time specification can be found in
.IR @prefix@/share/doc/at/timespec .
.PP
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/at.c new/at-3.1.20/at.c
--- old/at-3.1.16/at.c 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/at.c 2016-06-28 22:18:00.000000000 +0200
@@ -495,6 +495,9 @@
fprintf(fp, "\n");
if (ferror(fp))
panic("Output error");
+ fflush(fp);
+ if (ferror(fp))
+ panic("Output error");
if (ferror(stdin))
panic("Input error");
@@ -746,7 +749,7 @@
char *pgm;
int program = AT; /* our default program */
- char *options = "q:f:MmvlrdhVct:"; /* default options for at */
+ char *options = "q:f:MmbvlrdhVct:"; /* default options for at */
int disp_version = 0;
time_t timer = 0;
struct passwd *pwe;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/atd.c new/at-3.1.20/atd.c
--- old/at-3.1.16/atd.c 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/atd.c 2016-06-28 22:14:39.000000000 +0200
@@ -83,6 +83,12 @@
#include "getloadavg.h"
#endif
+#ifdef WITH_SELINUX
+#include
+#include
+int selinux_enabled = 0;
+#endif
+
/* Macros */
#define BATCH_INTERVAL_DEFAULT 60
@@ -195,6 +201,72 @@
#define fork myfork
#endif
+#ifdef WITH_SELINUX
+static int
+set_selinux_context(const char *name, const char *filename) {
+ security_context_t user_context = NULL;
+ security_context_t file_context = NULL;
+ int retval = 0;
+ char *seuser = NULL;
+ char *level = NULL;
+
+ if (getseuserbyname(name, &seuser, &level) == 0) {
+ retval = get_default_context_with_level(seuser, level, NULL, &user_context);
+ free(seuser);
+ free(level);
+ if (retval < 0) {
+ lerr("get_default_context_with_level: couldn't get security context for user %s", name);
+ retval = -1;
+ goto err;
+ }
+ }
+
+ /*
+ * Since crontab files are not directly executed,
+ * crond must ensure that the crontab file has
+ * a context that is appropriate for the context of
+ * the user cron job. It performs an entrypoint
+ * permission check for this purpose.
+ */
+ if (fgetfilecon(STDIN_FILENO, &file_context) < 0) {
+ lerr("fgetfilecon FAILED %s", filename);
+ retval = -1;
+ goto err;
+ }
+
+ retval = selinux_check_access(user_context, file_context, "file", "entrypoint", NULL);
+ freecon(file_context);
+ if (retval < 0) {
+ lerr("Not allowed to set exec context to %s for user %s", user_context, name);
+ retval = -1;
+ goto err;
+ }
+ if (setexeccon(user_context) < 0) {
+ lerr("Could not set exec context to %s for user %s", user_context, name);
+ retval = -1;
+ goto err;
+ }
+err:
+ if (retval < 0 && security_getenforce() != 1)
+ retval = 0;
+ if (user_context)
+ freecon(user_context);
+ return retval;
+}
+
+static int
+selinux_log_callback (int type, const char *fmt, ...)
+{
+ va_list ap;
+
+ va_start(ap, fmt);
+ vsyslog (LOG_ERR, fmt, ap);
+ va_end(ap);
+ return 0;
+}
+
+#endif
+
static void
run_file(const char *filename, uid_t uid, gid_t gid)
{
@@ -424,6 +496,13 @@
nice((tolower((int) queue) - 'a' + 1) * 2);
+#ifdef WITH_SELINUX
+ if (selinux_enabled > 0) {
+ if (set_selinux_context(pentry->pw_name, filename) < 0)
+ perr("SELinux Failed to set context\n");
+ }
+#endif
+
if (initgroups(pentry->pw_name, pentry->pw_gid))
perr("Cannot initialize the supplementary group access list");
@@ -594,10 +673,16 @@
/* Skip lock files */
if (queue == '=') {
- if ((buf.st_nlink == 1) && (run_time + CHECK_INTERVAL <= now)) {
- /* Remove stale lockfile FIXME: lock the lockfile, if you fail, it's still in use. */
- unlink(dirent->d_name);
- }
+ /* FIXME: calhariz */
+ /* I think the following code is broken, but commenting
+ may haven unknow side effects. Make a release and see
+ in the wild how it works. For more information see:
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818508/*
+
+ /* if ((buf.st_nlink == 1) && (run_time + CHECK_INTERVAL <= now)) { */
+ /* /\* Remove stale lockfile FIXME: lock the lockfile, if you fail, it's still in use. *\/ */
+ /* unlink(dirent->d_name); */
+ /* } */
continue;
}
/* Skip any other file types which may have been invented in
@@ -707,6 +792,14 @@
struct passwd *pwe;
struct group *ge;
+#ifdef WITH_SELINUX
+ selinux_enabled=is_selinux_enabled();
+
+ if (selinux_enabled) {
+ selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) selinux_log_callback);
+ }
+#endif
+
/* We don't need root privileges all the time; running under uid and gid
* daemon is fine.
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/config.h.in new/at-3.1.20/config.h.in
--- old/at-3.1.16/config.h.in 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/config.h.in 2015-12-18 21:29:24.000000000 +0100
@@ -192,6 +192,9 @@
. */
#undef UMAX4_3
+/* Define if you are building with_selinux */
+#undef WITH_SELINUX
+
/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a
`char[]'. */
#undef YYTEXT_POINTER
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/configure new/at-3.1.20/configure
--- old/at-3.1.16/configure 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/configure 2016-06-28 22:55:01.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for at 3.1.16.
+# Generated by GNU Autoconf 2.69 for at 3.1.19.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
# Identity of this package.
PACKAGE_NAME='at'
PACKAGE_TARNAME='at'
-PACKAGE_VERSION='3.1.16'
-PACKAGE_STRING='at 3.1.16'
+PACKAGE_VERSION='3.1.19'
+PACKAGE_STRING='at 3.1.19'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -622,6 +622,8 @@
ac_subst_vars='LTLIBOBJS
DAEMON_GROUPNAME
+WITH_SELINUX
+SELINUXLIB
DAEMON_USERNAME
LOADAVG_MX
ATSPD
@@ -682,6 +684,7 @@
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -710,6 +713,7 @@
with_atspool
with_loadavg_mx
with_daemon_username
+with_selinux
with_daemon_groupname
'
ac_precious_vars='build_alias
@@ -761,6 +765,7 @@
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1013,6 +1018,15 @@
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1150,7 +1164,7 @@
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1263,7 +1277,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures at 3.1.16 to adapt to many kinds of systems.
+\`configure' configures at 3.1.19 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1303,6 +1317,7 @@
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -1328,7 +1343,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of at 3.1.16:";;
+ short | recursive ) echo "Configuration of at 3.1.19:";;
esac
cat <<\_ACEOF
@@ -1341,6 +1356,7 @@
--with-atspool=PATH Directory containing at spool (default SPOOLDIR/atspool).
--with-loadavg_mx=LOADAVG_MX Default max. load average for batch (default 0.8).
--with-daemon_username=DAEMON_USERNAME Username to run under (default daemon)
+ --with-selinux Define to run with selinux (default=check)
--with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon)
Some influential environment variables:
@@ -1425,7 +1441,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-at configure 3.1.16
+at configure 3.1.19
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1901,7 +1917,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by at $as_me 3.1.16, which was
+It was created by at $as_me 3.1.19, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2256,7 +2272,7 @@
-VERSION=3.1.16
+VERSION=3.1.19
if test "X$CFLAGS" = "X"; then
CFLAGS="-O2 -g -Wall"
fi
@@ -5207,6 +5223,73 @@
+
+# Check whether --with-selinux was given.
+if test "${with_selinux+set}" = set; then :
+ withval=$with_selinux;
+else
+ with_selinux=check
+fi
+
+
+if test "x$with_selinux" != xno; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for is_selinux_enabled in -lselinux" >&5
+$as_echo_n "checking for is_selinux_enabled in -lselinux... " >&6; }
+if ${ac_cv_lib_selinux_is_selinux_enabled+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lselinux $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char is_selinux_enabled ();
+int
+main ()
+{
+return is_selinux_enabled ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ ac_cv_lib_selinux_is_selinux_enabled=yes
+else
+ ac_cv_lib_selinux_is_selinux_enabled=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_is_selinux_enabled" >&5
+$as_echo "$ac_cv_lib_selinux_is_selinux_enabled" >&6; }
+if test "x$ac_cv_lib_selinux_is_selinux_enabled" = xyes; then :
+ SELINUXLIB=-lselinux
+
+$as_echo "#define WITH_SELINUX 1" >>confdefs.h
+
+
+else
+ if test "x$with_selinux" != xcheck; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "--with-selinux is given, but test for selinux failed $with_selinux
+See \`config.log' for more details" "$LINENO" 5; }
+ fi
+
+
+fi
+
+fi
+
+
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking groupname to run under" >&5
$as_echo_n "checking groupname to run under... " >&6; }
@@ -5744,7 +5827,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by at $as_me 3.1.16, which was
+This file was extended by at $as_me 3.1.19, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -5806,7 +5889,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-at config.status 3.1.16
+at config.status 3.1.19
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/configure.ac new/at-3.1.20/configure.ac
--- old/at-3.1.16/configure.ac 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/configure.ac 2016-06-28 22:55:52.000000000 +0200
@@ -1,6 +1,6 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT(at, 3.1.16)
+AC_INIT(at, 3.1.20)
AC_CONFIG_SRCDIR(at.c)
AC_PREFIX_DEFAULT(/usr)
@@ -239,6 +239,25 @@
)
AC_SUBST(DAEMON_USERNAME)
+AC_ARG_WITH(selinux,
+[ --with-selinux Define to run with selinux (default=check)],
+[],
+[with_selinux=check])
+
+if test "x$with_selinux" != xno; then
+ AC_CHECK_LIB([selinux], [is_selinux_enabled],
+ [SELINUXLIB=-lselinux
+ AC_DEFINE(WITH_SELINUX, 1, [Define if you are building with_selinux])
+ ],
+ [if test "x$with_selinux" != xcheck; then
+ AC_MSG_FAILURE([--with-selinux is given, but test for selinux failed $with_selinux])
+ fi
+ ]
+ )
+fi
+AC_SUBST(SELINUXLIB)
+AC_SUBST(WITH_SELINUX)
+
AC_MSG_CHECKING(groupname to run under)
AC_ARG_WITH(daemon_groupname,
[ --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) ],
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/daemon.c new/at-3.1.20/daemon.c
--- old/at-3.1.16/daemon.c 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/daemon.c 2015-12-18 21:29:24.000000000 +0100
@@ -83,6 +83,22 @@
}
void
+lerr(const char *fmt,...)
+{
+ char buf[1024];
+ va_list args;
+
+ va_start(args, fmt);
+ vsnprintf(buf, sizeof(buf), fmt, args);
+ va_end(args);
+
+ if (daemon_debug) {
+ perror(buf);
+ } else
+ syslog(LOG_ERR, "%s: %m", buf);
+}
+
+void
pabort(const char *fmt,...)
{
char buf[1024];
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/daemon.h new/at-3.1.20/daemon.h
--- old/at-3.1.16/daemon.h 2014-09-30 08:29:02.000000000 +0200
+++ new/at-3.1.20/daemon.h 2015-12-18 21:29:24.000000000 +0100
@@ -13,5 +13,8 @@
#endif
perr (const char *fmt, ...);
+void
+lerr (const char *fmt, ...);
+
extern int daemon_debug;
extern int daemon_foreground;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/dist new/at-3.1.20/dist
--- old/at-3.1.16/dist 1970-01-01 01:00:00.000000000 +0100
+++ new/at-3.1.20/dist 2016-06-28 22:31:01.000000000 +0200
@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+PACKNAME=at
+SOURCENAME=at
+VER=$( grep AC_INIT configure.ac | cut -d ',' -f 2 | tr -d ' )' )
+RELTAR=${SOURCENAME}_$VER.orig.tar.gz
+
+echo $PACKNAME $SOURCENAME $VER
+echo $RELTAR
+
+[ ! -e ../$SOURCENAME-$VER ] || ( echo "Dir $SOURCENAME-$VER exist, aborting" ; exit 1 )
+[ ! -e ../$RELTAR ] || ( echo "Release file $RELTAR exist, aborting" ; exit 2 )
+mkdir ../$SOURCENAME-$VER
+fakeroot tar --exclude=debian --exclude=.git -cf - . | tar -C ../$SOURCENAME-$VER -x
+GZIP=-9 fakeroot tar -C .. -czf ../$RELTAR $SOURCENAME-$VER
+rm -r ../$SOURCENAME-$VER