]> granicus.if.org Git - cronie/log
cronie
17 years agoPam authentication wasn't used wise. User's crontab
mmaslano [Fri, 24 Aug 2007 06:28:24 +0000 (08:28 +0200)]
Pam authentication wasn't used wise. User's crontab

didn't use pam and functions, which were for pam
opening etc. were incorrect (wrong credetials).

17 years agoChecking homedir is last, because we need at first set up gid and uid.
mmaslano [Fri, 24 Aug 2007 06:18:36 +0000 (08:18 +0200)]
Checking homedir is last, because we need at first set up gid and uid.

17 years agoIt's possible to use your own tmp dir. Before was /tmp hardwired.
mmaslano [Fri, 24 Aug 2007 06:18:19 +0000 (08:18 +0200)]
It's possible to use your own tmp dir. Before was /tmp hardwired.

17 years agoSystem table in manual page is mentioned.
mmaslano [Fri, 24 Aug 2007 06:17:59 +0000 (08:17 +0200)]
System table in manual page is mentioned.

17 years agoHard links on system table break doing jobs.
mmaslano [Fri, 24 Aug 2007 06:17:37 +0000 (08:17 +0200)]
Hard links on system table break doing jobs.

17 years agoSystem table wasn't sometimes checked for changes.
mmaslano [Fri, 24 Aug 2007 06:16:40 +0000 (08:16 +0200)]
System table wasn't sometimes checked for changes.

17 years agoAudit: new auditing message is print, when the user isn't allowed
mmaslano [Fri, 24 Aug 2007 06:15:53 +0000 (08:15 +0200)]
Audit: new auditing message is print, when the user isn't allowed

to use mls range. Job wasn't runned without warning message.

17 years agoBecause there was typo (- instead of +) jobs wasn't runned after new year.
mmaslano [Fri, 24 Aug 2007 06:15:37 +0000 (08:15 +0200)]
Because there was typo (- instead of +) jobs wasn't runned after new year.

17 years agoErrors in manual was fixed and mls range was mentioned.
mmaslano [Fri, 24 Aug 2007 06:15:11 +0000 (08:15 +0200)]
Errors in manual was fixed and mls range was mentioned.

17 years agoForce reload of database when SIGGUP is received.
mmaslano [Fri, 17 Aug 2007 13:19:37 +0000 (15:19 +0200)]
Force reload of database when SIGGUP is received.
max_mtime uses dir_name instead of SPOOL_DIR now. (which caused a bug
preventing correct detection of changes in RH_CROND_DIR)

(comment updated by <tjanouse@redhat.com>)

17 years agoSelinux ranges: for every selinux operation are now checked
mmaslano [Fri, 17 Aug 2007 13:19:26 +0000 (15:19 +0200)]
Selinux ranges: for every selinux operation are now checked

the ranges of user. Now is set not only context for user, but
even ranges(enabled selinux or selinux in mls mode).

17 years agoIt's possible to change file without changing mtime of file.
mmaslano [Fri, 17 Aug 2007 13:19:05 +0000 (15:19 +0200)]
It's possible to change file without changing mtime of file.

So we're stat'ing files for the changes of files.
The detection of not_a_crontab files was added: files started with
dot aren't crontabs etc.

17 years agopam.limits.so was substitued by system-auth (pam progress).
mmaslano [Fri, 17 Aug 2007 13:18:46 +0000 (15:18 +0200)]
pam.limits.so was substitued by system-auth (pam progress).

17 years agoPart with_selinux now include even the testing of linux context.
mmaslano [Fri, 17 Aug 2007 13:18:33 +0000 (15:18 +0200)]
Part with_selinux now include even the testing of linux context.

17 years agoLoading database before reaping the child take up time of
mmaslano [Fri, 17 Aug 2007 13:18:15 +0000 (15:18 +0200)]
Loading database before reaping the child take up time of

running the jobs.

17 years agoThe Auto-Submitted header is defined (and suggested by) RFC3834.
mmaslano [Fri, 17 Aug 2007 13:17:56 +0000 (15:17 +0200)]
The Auto-Submitted header is defined (and suggested by) RFC3834.

Added into mail header: 'Auto-Submitted: auto-generated'

17 years agoFix typo in man pages.
mmaslano [Fri, 17 Aug 2007 13:17:11 +0000 (15:17 +0200)]
Fix typo in man pages.

17 years agoIt's possible to change file without changing mtime of file.
mmaslano [Fri, 17 Aug 2007 13:16:44 +0000 (15:16 +0200)]
It's possible to change file without changing mtime of file.

So we're stat'ing files for the changes of files.
The detection of not_a_crontab files was added: files started with
dot aren't crontabs etc.

17 years agoSelinux: option -s added. Header from crontab was removed and
mmaslano [Fri, 17 Aug 2007 13:16:31 +0000 (15:16 +0200)]
Selinux: option -s added. Header from crontab was removed and

now is print into crontab the SELINUX_ROLE_TYPE which specify
the permission of user. With mls could one user run some jobs
with different roles and security level.

17 years agoInto with_selinux and with_pam part was added variables
mmaslano [Fri, 17 Aug 2007 13:16:14 +0000 (15:16 +0200)]
Into with_selinux and with_pam part was added variables

used only there. In Makefile are libs set by variables.

17 years agoNow is possible to use different character encodings for mailed cron job output by
mmaslano [Fri, 17 Aug 2007 13:15:49 +0000 (15:15 +0200)]
Now is possible to use different character encodings for mailed cron job output by

setting the CONTENT_TYPE and CONTENT_TRANSFER_ENCODING variables in crontabs,
to the correct values of the mail headers of those names.

17 years agoModule pam_limit.so was added to default configuration.
mmaslano [Fri, 17 Aug 2007 13:15:35 +0000 (15:15 +0200)]
Module pam_limit.so was added to default configuration.

17 years agoFixing "security": minutely job are made realy only one time per
mmaslano [Fri, 17 Aug 2007 13:15:24 +0000 (15:15 +0200)]
Fixing "security": minutely job are made realy only one time per

minute. If the job is delayed into next minute, then it's skipped
for this minute.

17 years agoThe security.c file was filled with selinux and pam often
mmaslano [Fri, 17 Aug 2007 13:15:07 +0000 (15:15 +0200)]
The security.c file was filled with selinux and pam often

used functions, which were removed from other files.

17 years agoOption -m was added: it's possible to use something else then sendmail.
mmaslano [Fri, 17 Aug 2007 13:13:20 +0000 (15:13 +0200)]
Option -m was added: it's possible to use something else then sendmail.

17 years agoNow is cron with audit. Complaining about denying users.
mmaslano [Fri, 17 Aug 2007 13:13:09 +0000 (15:13 +0200)]
Now is cron with audit. Complaining about denying users.

17 years agoThe return value were added because of too many warning messages
mmaslano [Fri, 17 Aug 2007 13:12:59 +0000 (15:12 +0200)]
The return value were added because of too many warning messages

from compiler. Also the variables were initialized.

17 years ago'Build enviroment' is set in pam section for better security.
mmaslano [Fri, 17 Aug 2007 13:12:45 +0000 (15:12 +0200)]
'Build enviroment' is set in pam section for better security.

17 years agoComments were changed.
mmaslano [Fri, 17 Aug 2007 13:10:50 +0000 (15:10 +0200)]
Comments were changed.

17 years agoSelinux: Instead of getting context and then the username is
mmaslano [Fri, 17 Aug 2007 13:10:36 +0000 (15:10 +0200)]
Selinux: Instead of getting context and then the username is

used function getuserbyname.

17 years agoToo many flags was set for lstating crontab. Time of change is
mmaslano [Fri, 17 Aug 2007 13:10:16 +0000 (15:10 +0200)]
Too many flags was set for lstating crontab. Time of change is

checked and uids for reading new crontab are ok.

17 years agoList corruption when items are removed from /etc/cron.d.
mmaslano [Fri, 17 Aug 2007 13:09:50 +0000 (15:09 +0200)]
List corruption when items are removed from /etc/cron.d.

Variable tabname is filled with file or NULL and checked
when crontab is changed.

17 years agoCrond.pam was changed according to pam modules.
mmaslano [Fri, 17 Aug 2007 13:09:30 +0000 (15:09 +0200)]
Crond.pam was changed according to pam modules.

The pam_limits.so could be used.

17 years agolstat instead of stat can stat even symlink itself, not the file
mmaslano [Fri, 17 Aug 2007 13:04:56 +0000 (15:04 +0200)]
lstat instead of stat can stat even symlink itself, not the file

that it refers to.

17 years agoRedefined limits of macros.
mmaslano [Fri, 17 Aug 2007 13:04:41 +0000 (15:04 +0200)]
Redefined limits of macros.

17 years agoIf fork fails, pam has to close session.
mmaslano [Fri, 17 Aug 2007 13:04:30 +0000 (15:04 +0200)]
If fork fails, pam has to close session.

17 years agofix of bug rhbz#154065: crontab should not use waitpid(...,WUNTRACED)
mmaslano [Fri, 17 Aug 2007 13:04:18 +0000 (15:04 +0200)]
fix of bug rhbz#154065: crontab should not use waitpid(...,WUNTRACED)

and stop itself if its child is stopped

17 years agoPAM hadn't closed session.
mmaslano [Fri, 17 Aug 2007 13:04:04 +0000 (15:04 +0200)]
PAM hadn't closed session.

17 years agoSelinux doesn't segfault, because of: permissive mode returns 0
mmaslano [Fri, 17 Aug 2007 13:03:51 +0000 (15:03 +0200)]
Selinux doesn't segfault, because of: permissive mode returns 0

and selinux enabled is also check context.

17 years agoCron validate the recipient only when CRON_VALIDATE_MAILRCPTS isn't null.
mmaslano [Fri, 17 Aug 2007 13:03:34 +0000 (15:03 +0200)]
Cron validate the recipient only when CRON_VALIDATE_MAILRCPTS isn't null.
Validating of email recipient is default off.

17 years agoSet item in pam - "cron".
mmaslano [Fri, 17 Aug 2007 13:03:24 +0000 (15:03 +0200)]
Set item in pam - "cron".

17 years agoInitialize some important variables.
mmaslano [Fri, 17 Aug 2007 13:03:13 +0000 (15:03 +0200)]
Initialize some important variables.

17 years agoAdd -p option for crontab.
mmaslano [Fri, 17 Aug 2007 13:03:01 +0000 (15:03 +0200)]
Add -p option for crontab.

Without the -p option /etc/crontab must not be writable by any
user other than root, no crontab files may be links, or linked
to by any other file, and no crontab files may be executable,
or be writable by any user other than their owner

17 years agoFix for ppc: int ch='\0' is initialized.
mmaslano [Fri, 17 Aug 2007 13:02:43 +0000 (15:02 +0200)]
Fix for ppc: int ch='\0' is initialized.

17 years agoDon't read the header of crontab.
mmaslano [Fri, 17 Aug 2007 13:02:33 +0000 (15:02 +0200)]
Don't read the header of crontab.

17 years agoFor setegid are used saved gid instead of getgid().
mmaslano [Fri, 17 Aug 2007 13:02:23 +0000 (15:02 +0200)]
For setegid are used saved gid instead of getgid().

Now are swaped back the correct gid.

17 years agoAllow root's crontab (check with getuid).
mmaslano [Fri, 17 Aug 2007 13:02:07 +0000 (15:02 +0200)]
Allow root's crontab (check with getuid).

17 years agoAccording to changes in selinux selinux_check_passwd_access
mmaslano [Fri, 17 Aug 2007 13:01:57 +0000 (15:01 +0200)]
According to changes in selinux selinux_check_passwd_access

is now enough for examinitaion of user's password.

17 years agoContext in selinux is now correctly undone.
mmaslano [Fri, 17 Aug 2007 13:01:43 +0000 (15:01 +0200)]
Context in selinux is now correctly undone.

17 years ago/etc/crontab is now writable only by root. No links on this file are allowed.
mmaslano [Fri, 17 Aug 2007 13:01:32 +0000 (15:01 +0200)]
/etc/crontab is now writable only by root. No links on this file are allowed.

17 years agoAdd -i option to crontab, which print prompt before removing crontab.
mmaslano [Fri, 17 Aug 2007 13:01:19 +0000 (15:01 +0200)]
Add -i option to crontab, which print prompt before removing crontab.

17 years agoNicknames were mentioned in man pages (@yearly, @hourly, etc).
mmaslano [Fri, 17 Aug 2007 13:01:06 +0000 (15:01 +0200)]
Nicknames were mentioned in man pages (@yearly, @hourly, etc).

17 years agoCrontab is stat instead of fstat and crontab is reopened for
mmaslano [Fri, 17 Aug 2007 13:00:52 +0000 (15:00 +0200)]
Crontab is stat instead of fstat and crontab is reopened for
reading new stdin.
This change should:
Allowed editors such as 'gedit' which do not modify original
file, but which rename(2) a temp file to original, to be used
by crontab -e (bug 129170).

17 years agoIn lower version of pam was re-open log needed (rhel-4 and lower).
mmaslano [Fri, 17 Aug 2007 13:00:31 +0000 (15:00 +0200)]
In lower version of pam was re-open log needed (rhel-4 and lower).

17 years agoChange in pam configuration file (auth sufficient is now used).
mmaslano [Fri, 17 Aug 2007 13:00:21 +0000 (15:00 +0200)]
Change in pam configuration file (auth sufficient is now used).

17 years agoSelinux for crontab: checking users with selinux.
mmaslano [Fri, 17 Aug 2007 13:00:05 +0000 (15:00 +0200)]
Selinux for crontab: checking users with selinux.
User is fixed from char to const char.

17 years agoHardwired 'system' wasn't needed.
mmaslano [Fri, 17 Aug 2007 12:59:53 +0000 (14:59 +0200)]
Hardwired 'system' wasn't needed.

17 years agoAdd file crond.pam, which has rules for pam sessions.
mmaslano [Fri, 17 Aug 2007 12:59:18 +0000 (14:59 +0200)]
Add file crond.pam, which has rules for pam sessions.
In Makefile is now crond.pam installed.

17 years ago Now we compile with pam flags and libs.
mmaslano [Fri, 17 Aug 2007 12:59:02 +0000 (14:59 +0200)]
 Now we compile with pam flags and libs.

17 years agoPAM support was added: open sessions and set credentials for users.
mmaslano [Fri, 17 Aug 2007 12:58:01 +0000 (14:58 +0200)]
PAM support was added: open sessions and set credentials for users.

17 years ago In Makefile are now LIB = -lselinux and -DWITH_SELINUX flags.
mmaslano [Fri, 17 Aug 2007 12:53:48 +0000 (14:53 +0200)]
 In Makefile are now LIB = -lselinux and -DWITH_SELINUX flags.

17 years agoFeatures was added into manual.
mmaslano [Fri, 17 Aug 2007 12:53:37 +0000 (14:53 +0200)]
Features was added into manual.

17 years agoRemove header in user's crontab.
mmaslano [Fri, 17 Aug 2007 12:53:24 +0000 (14:53 +0200)]
Remove header in user's crontab.

17 years agoLogs now inform about creating crontabs for users,
mmaslano [Fri, 17 Aug 2007 12:53:13 +0000 (14:53 +0200)]
Logs now inform about creating crontabs for users,
which aren't allowed to use crontab.
It's for user in cron.{allow,deny}

17 years agoChange behavior to allow crontab to take stdin with no '-'.
mmaslano [Fri, 17 Aug 2007 12:52:59 +0000 (14:52 +0200)]
Change behavior to allow crontab to take stdin with no '-'.

17 years agoRH_CROND was added in programme - stating directory.
mmaslano [Fri, 17 Aug 2007 12:52:48 +0000 (14:52 +0200)]
RH_CROND was added in programme - stating directory.
In RH_CROND are system crontables.

17 years agoUse snprintf instead of sprintf.
mmaslano [Fri, 17 Aug 2007 12:52:34 +0000 (14:52 +0200)]
Use snprintf instead of sprintf.

17 years agoUse fork instead of vfork.
mmaslano [Fri, 17 Aug 2007 12:52:22 +0000 (14:52 +0200)]
Use fork instead of vfork.
    Add signal: Our grandparent is watching for our parent's death by
    catching SIGCHLD. Meanwhile, our parent will use wait
    explicitly and so has disabled SIGCHLD. So now it's
    time to reset SIGCHLD handling.

17 years ago Add first selinux patch. Loading users through selinux scontext.
mmaslano [Fri, 17 Aug 2007 12:52:08 +0000 (14:52 +0200)]
 Add first selinux patch. Loading users through selinux scontext.

17 years agoRedefine sendmail options.
mmaslano [Fri, 17 Aug 2007 12:51:52 +0000 (14:51 +0200)]
Redefine sendmail options.

17 years ago Change path names for redhat/fedora system.
mmaslano [Fri, 17 Aug 2007 12:51:35 +0000 (14:51 +0200)]
 Change path names for redhat/fedora system.

17 years agoChanges in Makefile: flags, -pie option, permission
mmaslano [Fri, 17 Aug 2007 12:51:21 +0000 (14:51 +0200)]
Changes in Makefile: flags, -pie option, permission
and installation paths for redhat/fedora system.

17 years agoSource files of vixie-cron-4.1. v4.1
mmaslano [Fri, 17 Aug 2007 12:47:59 +0000 (14:47 +0200)]
Source files of vixie-cron-4.1.