]>
granicus.if.org Git - cronie/log
Marcela Mašláňová [Wed, 17 Feb 2010 10:51:45 +0000 (11:51 +0100)]
CVE-2010-0424 -- crontab -e crontab file timestamp race condition
When run as "crontab -e", crontab creates a temporary file in /tmp, copies the
contents of an existing crontab to this file, and then calls utime() on the
temporary file name to set its mtime and atime to 0, in order to check after
editing whether or not the file has been modified.
Since the file is created with the user's euid, and because utime is called on
the file as root, an attacker can replace the temporary file after it is
created with a symlink to any file or folder on disk, which will then have its
atime and mtime set to 0. This is certainly not a critical issue, but this
action can be used to deny service in many scenarios. For example, the cron
daemon checks the mtime of the crontab spool folder and its contents to
determine whether or not it needs to update its database of cronjobs, and if
these times are reset to 0, no new cronjobs will be added. Other daemons
relying on accurate timestamps may be similarly affected. Finally, build tools
such as make could be tricked into not re-compiling source, based on an old
timestamp.
Thanks to: Dan Rosenberg
Marcela Mašláňová [Tue, 16 Feb 2010 07:28:01 +0000 (08:28 +0100)]
Dynamic shared libraries -laudit
There is need to add -laudit into gcc options because now it's not
found automatically. Based on:
http://fedoraproject.org/wiki/Features/ChangeInImplicitDSOLinking
Marcela Mašláňová [Fri, 12 Feb 2010 09:43:19 +0000 (10:43 +0100)]
Make man page more readable based on #564206.
Marcela Mašláňová [Mon, 25 Jan 2010 08:20:06 +0000 (09:20 +0100)]
CRON_VALIDATE_MAILRCPTS was removed, because it was not used anyway.
Marcela Mašláňová [Wed, 13 Jan 2010 12:54:43 +0000 (13:54 +0100)]
With NFS homes can't be job executed, because root can't access
this directory.
Will Woods [Tue, 5 Jan 2010 15:44:18 +0000 (16:44 +0100)]
Disable mailing output.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Will Woods [Tue, 5 Jan 2010 15:43:49 +0000 (16:43 +0100)]
Output could be redirectered to syslog.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Mon, 21 Dec 2009 12:58:08 +0000 (13:58 +0100)]
Cron doesn't use environment values from /etc/security/pam_env.conf.
This was fixed by moving pam_setcred into first part of authentication
of pam.
Marcela Mašláňová [Fri, 27 Nov 2009 09:10:38 +0000 (10:10 +0100)]
Initscript: if unprivileged user stop deamon, it should return 4.
Marcela Mašláňová [Fri, 27 Nov 2009 08:58:15 +0000 (09:58 +0100)]
Initscript: if unprivileged user restart deamon, it should return 4.
Guido Trentalancia [Thu, 5 Nov 2009 15:47:56 +0000 (16:47 +0100)]
This function will be probably removed from libselinux, so it is added into source code here.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Thu, 5 Nov 2009 15:36:32 +0000 (16:36 +0100)]
One line was missing in pam authentication. rhbz#533189
Marcela Mašláňová [Tue, 3 Nov 2009 13:41:36 +0000 (14:41 +0100)]
Autotools - Makefile includes dailyjobs, configure has new version.
Marcela Mašláňová [Tue, 3 Nov 2009 10:24:43 +0000 (11:24 +0100)]
New release 1.4.3.
SATOH Fumiyasu [Tue, 3 Nov 2009 09:56:24 +0000 (10:56 +0100)]
Fix "warning: unused variable" if LOG_FILE is not defined
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Tue, 3 Nov 2009 09:51:40 +0000 (10:51 +0100)]
Portability: Use swap_uids() instead of setreuid() directly
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Tue, 3 Nov 2009 09:44:55 +0000 (10:44 +0100)]
Portability: Solaris and AIX support saved UID/GID
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Tue, 3 Nov 2009 09:43:31 +0000 (10:43 +0100)]
Portability: Check if fchown() and fchgrp() exist by configure.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Tue, 3 Nov 2009 09:41:44 +0000 (10:41 +0100)]
Security: Ignore $TMPDIR if ruid!=euid and/or rgid!=egid A setuid/setgid process with GNU C library does NOT inherit $TMPDIR
from the parent process for security reason, but this behavior is
NOT standard feature.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Tue, 3 Nov 2009 09:38:39 +0000 (10:38 +0100)]
Portability: pam_misc.so is the Linux-PAM specific library
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Tue, 3 Nov 2009 09:21:30 +0000 (10:21 +0100)]
Portability: Check if sys/fcntl.h exists or not
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Tue, 3 Nov 2009 09:13:50 +0000 (10:13 +0100)]
Dailyjobs are here for users who don't like anacron.
0hourly executes cron.hourly scripts and other will be executed
by dailyjobs.
HONDA Hirofumi [Mon, 19 Oct 2009 10:25:15 +0000 (12:25 +0200)]
When parent crond is stopped and child crond (executing program) is running,"service crond status" reports "crond (pid XXX) is running...".
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Mon, 12 Oct 2009 08:35:36 +0000 (10:35 +0200)]
New release with few bugfixes.
Marcela Mašláňová [Fri, 25 Sep 2009 06:32:34 +0000 (08:32 +0200)]
Symlinks were not followed. This is a limitation of inotify API.
rhbz#477100
Tomas Mraz [Fri, 18 Sep 2009 14:14:42 +0000 (16:14 +0200)]
Do not segfault if mailto does not pass safe_p test.
Tomas Mraz [Wed, 16 Sep 2009 09:52:00 +0000 (11:52 +0200)]
Use password-auth common PAM configuration.
Marcela Mašláňová [Mon, 17 Aug 2009 13:11:41 +0000 (15:11 +0200)]
Add daily, weekly as a possibility of anacrontab configuration.
Marcela Mašláňová [Tue, 11 Aug 2009 11:06:16 +0000 (13:06 +0200)]
Add anacrontab configuration file.
Marcela Mašláňová [Tue, 11 Aug 2009 10:57:37 +0000 (12:57 +0200)]
Polish manual pages.
Marcela Mašláňová [Thu, 30 Jul 2009 08:54:24 +0000 (10:54 +0200)]
Revert configuration file regularly-file back to anacrontab.
Marcela Mašláňová [Wed, 29 Jul 2009 13:37:27 +0000 (15:37 +0200)]
Start minor releases cronie-1.4.1.
Marcela Mašláňová [Wed, 29 Jul 2009 06:44:15 +0000 (08:44 +0200)]
Revert configure file for anacrontab.
Rocco Iannacci [Wed, 29 Jul 2009 06:29:57 +0000 (08:29 +0200)]
Segfault on ppc64 was caused by parsing random delay from anacrontab.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Tue, 21 Jul 2009 05:22:57 +0000 (07:22 +0200)]
New release cronie1.4.
Marcela Mašláňová [Mon, 20 Jul 2009 13:04:37 +0000 (15:04 +0200)]
New option: enable-anacron in configure which can set compilation
with or without anacron part. Also there were changes in manual pages.
Updated ChangeLog.
Štěpán Kasal [Fri, 17 Jul 2009 10:13:28 +0000 (12:13 +0200)]
Fix of autotools stuff for anacron.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Thu, 16 Jul 2009 14:21:55 +0000 (16:21 +0200)]
Make anacron configurable. The option --enable-anacron in configure
can switch on/off compilation of this part of the package.
Marcela Mašláňová [Thu, 16 Jul 2009 11:52:27 +0000 (13:52 +0200)]
Put anacron binary into proper location.
Marcela Mašláňová [Thu, 16 Jul 2009 08:02:01 +0000 (10:02 +0200)]
Add configuration scripts into contrib.
Cleaning/adding man pages into Makefile/directories.
Marcela Mašláňová [Tue, 14 Jul 2009 07:44:29 +0000 (09:44 +0200)]
Cleaning useless files.
Marcela Mašláňová [Tue, 14 Jul 2009 07:32:51 +0000 (09:32 +0200)]
Anacron makefile was rewritten according to the rest of autotools
makefiles in this project.
Marcela Mašláňová [Mon, 13 Jul 2009 15:41:17 +0000 (17:41 +0200)]
New options:
random delay could be set from anacrontab instead of sysconfig file,
range of hours when should be jobs started.
Marcela Mašláňová [Mon, 13 Jul 2009 15:36:22 +0000 (17:36 +0200)]
Update manual pages.
Marcela Mašláňová [Mon, 13 Jul 2009 14:46:34 +0000 (16:46 +0200)]
Fix error message for wrong spooldir.
Marcela Mašláňová [Mon, 13 Jul 2009 14:33:03 +0000 (16:33 +0200)]
Memory leaks should be fixed. Instead of log is used slog function.
Marcela Mašláňová [Mon, 13 Jul 2009 14:20:00 +0000 (16:20 +0200)]
The temporary file has file descriptors for input and output instead
of one descriptor.
Marcela Mašláňová [Mon, 13 Jul 2009 14:18:37 +0000 (16:18 +0200)]
Mail langinfo was fixed.
Marcela Mašláňová [Mon, 13 Jul 2009 14:15:03 +0000 (16:15 +0200)]
Minor debian release anacron-2.3.1 which adds this features:
-anacron runs jobs twice in a 31 day month
-add hostname to emails sent to admin
-allow user anacrontabs
and some debian scripts for apm support.
Marcela Mašláňová [Mon, 13 Jul 2009 13:36:53 +0000 (15:36 +0200)]
Initial upload of anacron-2.3 which should be optimized for better
cooperation with cronie. However, cronie should be working with or
without anacron, which should be configurable.
Tomas Mraz [Fri, 19 Jun 2009 16:07:00 +0000 (18:07 +0200)]
Fix the disable inotify functionality.
Marcela Mašláňová [Fri, 19 Jun 2009 13:47:02 +0000 (15:47 +0200)]
Option -i for disabling inotify support.
This option was based on email by user who can't set up daemon
when they have mounted from NFS /var/spool/cron for a number
of identical machines. Inotify pass the test because it find
the directory, but didn't notice changes.
http://linux-nfs.org/pipermail/nfsv4/2007-November/007127.html
Thanks to: Alex Bame
Marcela Mašláňová [Fri, 5 Jun 2009 12:36:55 +0000 (14:36 +0200)]
ValidateMailRcpts removed for problems when could be enviromental
settings exported under wrong user.
Marcela Mašláňová [Fri, 29 May 2009 13:49:04 +0000 (15:49 +0200)]
Beautify the code with indent.
Thanks for .indent.pro to Martin Klozik.
Marcela Mašláňová [Fri, 29 May 2009 10:28:00 +0000 (12:28 +0200)]
CRON_DIR became obsolete. SPOOL_DIR is enough for work with user
crontables.
Marcela Mašláňová [Fri, 22 May 2009 07:14:56 +0000 (09:14 +0200)]
Merge branch 'master' of ssh://mmaslano@git.fedorahosted.org/git/cronie
Štěpán Kasal [Fri, 22 May 2009 07:05:10 +0000 (09:05 +0200)]
Make the paths more configurable.
Štěpán Kasal [Fri, 22 May 2009 06:17:29 +0000 (08:17 +0200)]
Rename RH_CRON_DIR to SYS_CRON_DIR.
Štěpán Kasal [Fri, 22 May 2009 06:06:34 +0000 (08:06 +0200)]
Drop uselles part of configure.
Marcela Mašláňová [Fri, 22 May 2009 06:04:22 +0000 (08:04 +0200)]
Remove unused function cron_get_job_context.
Marcela Mašláňová [Wed, 20 May 2009 10:36:53 +0000 (12:36 +0200)]
PAM logging was incorrect bz#249870.
The jobs is setuid to user before exec. Mail runs under root
permissions.
Vlad Glagolev [Thu, 14 May 2009 12:16:24 +0000 (14:16 +0200)]
@reboot alias check the return value.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Thu, 14 May 2009 08:08:36 +0000 (10:08 +0200)]
Save delimiters need more characters f.e. '_'.
Fix based on: http://bugs.gentoo.org/show_bug.cgi?id=197625
Marcela Mašláňová [Wed, 13 May 2009 14:39:36 +0000 (16:39 +0200)]
MAILFROM, if set, will be used as the envelope sender address when cron
mails the output of commands in that crontab.
The initial patch was written by: Heath Caldwell
Marcela Mašláňová [Tue, 28 Apr 2009 13:44:37 +0000 (15:44 +0200)]
No need to initialize globals, which are set by default to zero.
Stěpán Kasal [Tue, 28 Apr 2009 13:43:55 +0000 (15:43 +0200)]
Fix with(out)-pam in configure.
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Mon, 27 Apr 2009 05:30:24 +0000 (07:30 +0200)]
Update ChangeLog for new release.
Marcela Mašláňová [Thu, 23 Apr 2009 09:24:33 +0000 (11:24 +0200)]
Inotify initialization left open file descriptors which are leaking
and annoying SElinux.
This could be once fixed by inotify_init1, but that's supported from
kernel 2.6.27.
Willy Tarreua [Wed, 15 Apr 2009 08:32:57 +0000 (10:32 +0200)]
I have noticed that with cronie-1.2, my binaries have seen their \
size grow by 10x (from 28kB to 290kB). After searching a bit, I found that the responsible was the INIT() macro in globals.h \
which initializes huge strings MailCmd and cron_default_mail_charset both of which are 128 kB. Due to this initialization, the memory \
areas are stored for real in the binary, resulting in larger sizes
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Thu, 12 Feb 2009 13:32:59 +0000 (14:32 +0100)]
Cronie could be build as Position Independent Executable when the
configure is executed with --enable-pie.
Erased commented unused stuff from configure.
Marcela Mašláňová [Thu, 12 Feb 2009 13:13:43 +0000 (14:13 +0100)]
Fix typo in sysconfig.
Marcela Mašláňová [Tue, 23 Dec 2008 12:56:32 +0000 (13:56 +0100)]
After long time update ChangeLog file.
Tomas Mraz [Tue, 23 Dec 2008 09:59:02 +0000 (10:59 +0100)]
Update man pages to reflect the reality.
Tomas Mraz [Mon, 22 Dec 2008 15:01:39 +0000 (16:01 +0100)]
Fix handling of HUP signal with inotify enabled.
Marcela Mašláňová [Tue, 2 Dec 2008 13:11:45 +0000 (14:11 +0100)]
Configure can't be run without pam-devel libraries. (rhbz#473893)
Marcela Mašláňová [Fri, 24 Oct 2008 12:48:12 +0000 (14:48 +0200)]
Init script is according to SysVInitScript guidelines.
Marcela Mašláňová [Mon, 11 Aug 2008 10:22:13 +0000 (12:22 +0200)]
Check user before job is run.
Marcela Mašláňová [Mon, 28 Jul 2008 12:56:52 +0000 (14:56 +0200)]
Clean hardwired pathnames.
Marcela Mašláňová [Mon, 28 Jul 2008 12:27:56 +0000 (14:27 +0200)]
@reboot jobs should be run only after reboot instead
of every daemon's restart.
Patch inspired by debian.
Marcela Mašláňová [Thu, 26 Jun 2008 12:53:27 +0000 (14:53 +0200)]
Release 1.2
Marcela Mašláňová [Thu, 26 Jun 2008 12:48:14 +0000 (14:48 +0200)]
Updated manuals - diffent typos and inotify support mentioned.
SATOH Fumiyasu [Thu, 26 Jun 2008 08:42:46 +0000 (10:42 +0200)]
Portability: File locking by fcntl, lockf or flock
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Thu, 26 Jun 2008 08:38:27 +0000 (10:38 +0200)]
Bugfix: PATH_MAX is defined in limits.h
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Thu, 26 Jun 2008 08:35:48 +0000 (10:35 +0200)]
Portability: Check if sys/cdefs.h is there on the platform
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Sun, 22 Jun 2008 15:57:58 +0000 (00:57 +0900)]
Portability: Check for struct tm.tm_gmtoff by AC_CHECK_MEMBERS
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
SATOH Fumiyasu [Thu, 26 Jun 2008 08:08:42 +0000 (10:08 +0200)]
Bugfix: Correct log_it() prototype
Signed-off-by: Marcela Mašláňová <mmaslano@redhat.com>
Marcela Mašláňová [Thu, 26 Jun 2008 08:08:16 +0000 (10:08 +0200)]
Add missing endif.
Tomas Mraz [Mon, 23 Jun 2008 19:13:45 +0000 (21:13 +0200)]
Fix the inotify support.
Tomas Mraz [Mon, 23 Jun 2008 19:06:11 +0000 (21:06 +0200)]
Remove rcsid tags.
Tomas Mraz [Mon, 23 Jun 2008 19:01:33 +0000 (21:01 +0200)]
Move macros and static declarations where they are needed.
Tomas Mraz [Mon, 23 Jun 2008 18:59:17 +0000 (20:59 +0200)]
Add check for _GNU_SOURCE.
Tomas Mraz [Mon, 23 Jun 2008 18:50:01 +0000 (20:50 +0200)]
Fix wrong declaration of orig_tz.
Tomas Mraz [Mon, 23 Jun 2008 18:47:27 +0000 (20:47 +0200)]
Unification of logging (syslog->log_it).
Tomas Mraz [Mon, 23 Jun 2008 16:00:46 +0000 (18:00 +0200)]
Fixed call to setkeycreatecon.
Marcela Mašláňová [Fri, 30 May 2008 09:26:39 +0000 (11:26 +0200)]
Update version also in configure.
Marcela Mašláňová [Fri, 30 May 2008 09:17:19 +0000 (11:17 +0200)]
cronie-1.1 released.
Updated Changelog.
Marcela Mašláňová [Fri, 30 May 2008 09:15:06 +0000 (11:15 +0200)]
Init script die faster, if the sysconfig script is missing.
Patch from scop.
Marcela Mašláňová [Thu, 29 May 2008 13:27:18 +0000 (15:27 +0200)]
Function instead of macro. Code cleaning.
Marcela [Tue, 27 May 2008 12:15:42 +0000 (14:15 +0200)]
Man: crontab.1
TMP directory could be set in eviroment instead of /tmp.
Marcela [Tue, 27 May 2008 11:59:11 +0000 (13:59 +0200)]
Keyring will be created after restart of computer and services
won't be dying on selinux denial. The reason for this change
was pam-devels update.