Tim Landscheidt [Wed, 6 Jun 2012 15:14:06 +0000 (17:14 +0200)]
Previously, crond exited in the signal handler for SIGINT and SIGTERM.
Thus, the Inotify close code in main() was never reached. This commit
introduces a got_sigintterm variable that is set when SIGINT or SIGTERM
are received and leads to a clean exit of the main loop.
* src/cron.c: Rename quit() to sigintterm_handler(). Add got_sigintterm
variable and set it on SIGINT and SIGTERM. Shorten sleep and exit main
loop on got_sigintterm.
Tim Landscheidt [Wed, 6 Jun 2012 14:49:26 +0000 (16:49 +0200)]
9th bit is overwritten.
Hour bit fields have 24 bits (0..23, 3 bytes). bit_nclear() however in this case is called to clear bits 0..24! Thus, it overwrites the first bit of the following struct member (dom). This is not problematic for normal use as dom is set after hour as are all other fields.
The last field, dow, uses 8 bits so 9 are cleared. This could be the MIN_STAR bit of flags, but as flags is an int, there is probably a padding byte in between; at least I couldn't trigger it to be unset. So this could probably only cause problems on 8-bit systems.
This unit file is used in Fedora. The systemd-user-sessions.service guarantees
everything, what is needed for log in of users, is already running
(ypbind, sssd, ldap, ...).
Cron writes job output to syslog incorrectly. When cron is invoked in a way to print job output to syslog, it does print only the first character of the output. Author: Vitezslav Cizek
We want all long running daemons to have PIE and RELRO flags set. This is a
missing security mechanism. Fixing this generally involves adding -fPIE -DPIE
to the CFLAGS, and -pie -Wl,-z,relro -Wl,-z,now to the LDFLAGS.
Expected results:
PIE and partial RELRO at a minimum.
Tomas Mraz [Thu, 16 Dec 2010 16:06:28 +0000 (17:06 +0100)]
Revert "Cache the security class and bit values and translate the remaining hardcoded values."
Caching cannot be done as the values can change on SELinux policy update.
Colin Dean [Mon, 4 Oct 2010 14:29:12 +0000 (16:29 +0200)]
cronie on cluster
On issue we have is that although we've made our services very
resilient, by employing HA failover, load balancing and round robin DNS,
the one service that's difficult to do anything with is cron, because it
has traditionally been tied to a single machine.
For instance, we have a cluster of 4 Fedora servers which our end users
use as timeshare systems, using round robin DNS, and if one of the
servers is down it doesn't really matter too much. We don't even backup
the servers, relying on NFS home directories and rebuilding from scratch
using kickstart + cfengine if a server fails and can't be restarted.
However, the users have scattered crontab files around the 4 servers, so
that if the particular server a cron job is meant to run on dies, the
job doesn't run any more, and the crontab file may be permanently lost.
What we needed was a facility to allow crontabs in /var/spool/cron on
these 4 servers be NFS mounted from a single directory on our NetApp
filers (so giving us backups and snapshots), with any user able to run
"crontab -e" from any of the servers to manage a single shared crontab,
and for us in the IT Service to be able to set just one of the 4 servers
to run user crontab jobs at any time. However, we needed to keep
/etc/crontab and the files in /etc/cron.d/ specific to each individual
server still, and keep crond running on all 4 servers.
If sendmail isn't installed, syslog is used. This patch should
also solve problem with RPM requirements of sendmail
(and which mail should be installed by default).
Based on: https://bugzilla.redhat.com/show_bug.cgi?id=472710#c42
Michal Seben [Wed, 14 Apr 2010 12:01:42 +0000 (14:01 +0200)]
Option "-" don't log jobs as root
If the uid of the owner is 0 (root), he can put a "-" as first
character of a crontab entry. This will prevent cron from writing
a syslog message about this command getting executed.
Michal Seben [Wed, 14 Apr 2010 11:26:48 +0000 (13:26 +0200)]
Correctly reported PAM errors
cron_conv could be helpfull for debug purposes, when something bad happens
with pam e.g. : expired user password - without cron_conv cronie doesn't
report usefull info in syslog messages (it just write no conversation
function error to messages file),if you want to do quick test of pam
conversation function, you could set PASS_MAX_DAYS and PASS_WARN_AGE in
etc/login.defs , add new user and for this user create cron rule (crontab -e)
When run as "crontab -e", crontab creates a temporary file in /tmp, copies the
contents of an existing crontab to this file, and then calls utime() on the
temporary file name to set its mtime and atime to 0, in order to check after
editing whether or not the file has been modified.
Since the file is created with the user's euid, and because utime is called on
the file as root, an attacker can replace the temporary file after it is
created with a symlink to any file or folder on disk, which will then have its
atime and mtime set to 0. This is certainly not a critical issue, but this
action can be used to deny service in many scenarios. For example, the cron
daemon checks the mtime of the crontab spool folder and its contents to
determine whether or not it needs to update its database of cronjobs, and if
these times are reset to 0, no new cronjobs will be added. Other daemons
relying on accurate timestamps may be similarly affected. Finally, build tools
such as make could be tricked into not re-compiling source, based on an old
timestamp.
Thanks to: Dan Rosenberg
There is need to add -laudit into gcc options because now it's not
found automatically. Based on:
http://fedoraproject.org/wiki/Features/ChangeInImplicitDSOLinking