ports/97066: sysutils/fcron
huntting at glarp.com
huntting at glarp.com
Wed May 10 00:10:22 UTC 2006
>Number: 97066
>Category: ports
>Synopsis: sysutils/fcron
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Wed May 10 00:10:21 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Brad Huntting
>Release: FreeBSD 6.0-RELEASE i386
>Organization:
>Environment:
System: FreeBSD pernicious.glarp.com 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Apr 20 00:14:39 MDT 2006 root at pernicious.glarp.com:/usr/src/sys/i386/compile/PERNICIOUS i386
>Description:
This update fixes the problems detailed in http://www.freebsd.org/cgi/query-pr.cgi?pr=96918
and http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/96552
Specifically:
The port now installs the pam files directly (in /etc/pam.d,
unless they already exist) rather than just leaving them
in the examples directory. There seems to be no real
security advantage to not installing the pam files since
they are required for fcron and fcrontab to operate, and
root privs are required to install fcron to begin with.
The sockaddr.sa_len was not set prior to calls to
bind() and connect(). The upshot begin that fcrondyn
was unable to open the socket to communicate with
fcron.
>How-To-Repeat:
See
http://www.freebsd.org/cgi/query-pr.cgi?pr=96918
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/96552
>Fix:
diff -Nru /usr/ports/sysutils/fcron/Makefile fcron/Makefile
--- /usr/ports/sysutils/fcron/Makefile Fri Feb 10 02:51:04 2006
+++ fcron/Makefile Tue May 9 17:18:12 2006
@@ -8,6 +8,7 @@
PORTNAME= fcron
PORTVERSION= 3.0.1
+PORTREVISION= 1
CATEGORIES= sysutils
MASTER_SITES= ${MASTER_SITE_SUNSITE} \
http://fcron.free.fr/archives/ \
@@ -20,10 +21,11 @@
GNU_CONFIGURE= yes
USE_GMAKE= yes
+USE_AUTOTOOLS= autoconf:259
USE_PERL5_BUILD=yes
CONFIGURE_ARGS= --with-etcdir=${PREFIX}/etc --with-cflags="${CFLAGS}" \
--with-rootname=root --with-rootgroup=wheel \
- --with-docdir=${DOCSDIR}
+ --with-docdir=${DOCSDIR} --with-debug
WRKSRC= ${WRKDIR}/fcron-${PORTVERSION}
@@ -34,6 +36,9 @@
MAN5= fcron.conf.5 fcrontab.5
MAN8= fcron.8
+PAMDIR?= /etc/pam.d
+PLIST_SUB+= PAMDIR=${PAMDIR}
+
PORTDOCS= *
.if defined(MANLANG) && exists(${WRKSRC}/doc/${MANLANG})
@@ -55,6 +60,8 @@
.endfor
${MKDIR} ${EXAMPLESDIR}
${INSTALL_DATA} ${FILESDIR}/fcrontab-* ${WRKSRC}/files/*.pam ${EXAMPLESDIR}
+ [ -f ${PAMDIR}/fcron ] || ${INSTALL_DATA} ${WRKSRC}/files/fcron.pam ${PAMDIR}/fcron
+ [ -f ${PAMDIR}/fcrontab ] || ${INSTALL_DATA} ${WRKSRC}/files/fcrontab.pam ${PAMDIR}/fcrontab
.for n in 1 5 8
${INSTALL_MAN} ${MAN${n}:S|^|${DOCSRC}/man/|} ${PREFIX}/man/man${n}
.endfor
diff -Nru /usr/ports/sysutils/fcron/files/patch-config.h.in fcron/files/patch-config.h.in
--- /usr/ports/sysutils/fcron/files/patch-config.h.in Wed Dec 31 17:00:00 1969
+++ fcron/files/patch-config.h.in Tue May 9 17:15:42 2006
@@ -0,0 +1,8 @@
+--- config.h.in.orig Mon Feb 6 14:44:52 2006
++++ config.h.in Tue May 9 17:15:19 2006
+@@ -424,3 +424,5 @@
+ #define O_SYNC O_FSYNC
+ #endif
+
++/* Define if (struct sockaddr) has an sa_len field. */
++#undef HAVE_SA_LEN
diff -Nru /usr/ports/sysutils/fcron/files/patch-configure.in fcron/files/patch-configure.in
--- /usr/ports/sysutils/fcron/files/patch-configure.in Wed Dec 31 17:00:00 1969
+++ fcron/files/patch-configure.in Tue May 9 17:04:47 2006
@@ -0,0 +1,20 @@
+--- configure.in.orig Mon Jan 9 17:21:24 2006
++++ configure.in Tue May 9 17:04:30 2006
+@@ -57,6 +57,17 @@
+ AC_STRUCT_TM
+ AC_TYPE_UID_T
+
++dnl Check for post-Reno style struct sockaddr
++AC_CACHE_CHECK([for sa_len],
++ ac_cv_sa_len,
++[AC_TRY_COMPILE([#include <sys/types.h>
++#include <sys/socket.h>], [int main(void) {
++ struct sockaddr t;t.sa_len = 0;}],
++ ac_cv_sa_len=yes,ac_cv_sa_len=no)])
++if test $ac_cv_sa_len = yes; then
++ AC_DEFINE(HAVE_SA_LEN)
++fi
++
+ dnl Checks for library functions.
+ AC_PROG_GCC_TRADITIONAL
+ AC_FUNC_MEMCMP
diff -Nru /usr/ports/sysutils/fcron/files/patch-fcrondyn.c fcron/files/patch-fcrondyn.c
--- /usr/ports/sysutils/fcron/files/patch-fcrondyn.c Wed Dec 31 17:00:00 1969
+++ fcron/files/patch-fcrondyn.c Tue May 9 15:26:26 2006
@@ -0,0 +1,29 @@
+--- fcrondyn.c.orig Mon Feb 6 14:44:52 2006
++++ fcrondyn.c Tue May 9 15:24:22 2006
+@@ -399,17 +399,21 @@
+ int fd = -1;
+ struct sockaddr_un addr;
+ int len = 0;
++ int sa_len;
+
+ if ( (fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1 )
+ die_e("could not create socket");
+
+ addr.sun_family = AF_UNIX;
+- if ( (len = strlen(fifofile)) > sizeof(addr.sun_path) )
+- die("Error : fifo file path too long (max is %d)", sizeof(addr.sun_path));
+- strncpy(addr.sun_path, fifofile, sizeof(addr.sun_path) - 1);
+- addr.sun_path[sizeof(addr.sun_path)-1] = '\0';
++ if ( (len = strlen(fifofile)) > sizeof(addr.sun_path) - 1 )
++ die("Error : fifo file path too long (max is %d)", sizeof(addr.sun_path) - 1);
++ strncpy(addr.sun_path, fifofile, sizeof(addr.sun_path));
++ sa_len = (addr.sun_path - (char *)&addr) + len;
++#if HAVE_SA_LEN
++ addr.sun_len = sa_len;
++#endif
+
+- if ( connect(fd, (struct sockaddr *) &addr, sizeof(addr.sun_family) + len) < 0 )
++ if ( connect(fd, (struct sockaddr *) &addr, sa_len) < 0 )
+ die_e("Cannot connect() to fcron (check if fcron is running)");
+
+ if ( authenticate_user(fd) == ERR ) {
diff -Nru /usr/ports/sysutils/fcron/files/patch-socket.c fcron/files/patch-socket.c
--- /usr/ports/sysutils/fcron/files/patch-socket.c Wed Dec 31 17:00:00 1969
+++ fcron/files/patch-socket.c Tue May 9 16:33:41 2006
@@ -0,0 +1,34 @@
+--- socket.c.orig Mon Feb 6 14:44:52 2006
++++ socket.c Tue May 9 16:33:19 2006
+@@ -134,6 +134,7 @@
+ {
+ struct sockaddr_un addr;
+ int len = 0;
++ int sa_len;
+
+ /* used in fcron.c:main_loop():select() */
+ FD_ZERO(&read_set);
+@@ -145,15 +146,19 @@
+ }
+
+ addr.sun_family = AF_UNIX;
+- if ( (len = strlen(fifofile)) > sizeof(addr.sun_path) ) {
+- error("Error : fifo file path too long (max is %d)", sizeof(addr.sun_path));
++ if ( (len = strlen(fifofile)) > sizeof(addr.sun_path) - 1) {
++ error("Error : fifo file path too long (max is %d)", sizeof(addr.sun_path) - 1);
+ goto err;
+ }
+- strncpy(addr.sun_path, fifofile, sizeof(addr.sun_path) - 1);
++ strncpy(addr.sun_path, fifofile, sizeof(addr.sun_path));
+ addr.sun_path[sizeof(addr.sun_path) -1 ] = '\0';
++ sa_len = (addr.sun_path - (char *)&addr) + len;
++#if HAVE_SA_LEN
++ addr.sun_len = sa_len;
++#endif
+
+ unlink(fifofile);
+- if (bind(listen_fd, (struct sockaddr*) &addr, sizeof(addr.sun_family)+len+1) != 0){
++ if (bind(listen_fd, (struct sockaddr*) &addr, sa_len) != 0){
+ error_e("Cannot bind socket to '%s'", fifofile);
+ goto err;
+ }
diff -Nru /usr/ports/sysutils/fcron/files/pkg-message.in fcron/files/pkg-message.in
--- /usr/ports/sysutils/fcron/files/pkg-message.in Fri Feb 10 02:51:04 2006
+++ fcron/files/pkg-message.in Mon May 8 09:24:35 2006
@@ -5,12 +5,6 @@
fcron_enable="YES"
cron_enable="NO"
-install the pam config files
-
- mkdir -p %%PREFIX%%/etc/pam.d
- cp %%EXAMPLESDIR%%/fcron.pam %%PREFIX%%/etc/pam.d/fcron
- cp %%EXAMPLESDIR%%/fcrontab.pam %%PREFIX%%/etc/pam.d/fcrontab
-
and move any jobs in /etc/crontab to the root fcrontab(5) file. See:
%%EXAMPLESDIR%%
diff -Nru /usr/ports/sysutils/fcron/pkg-plist fcron/pkg-plist
--- /usr/ports/sysutils/fcron/pkg-plist Fri Feb 10 02:51:04 2006
+++ fcron/pkg-plist Tue May 9 16:54:49 2006
@@ -5,8 +5,8 @@
etc/fcron.conf.dist
etc/fcron.deny.dist
sbin/fcron
-%%EXAMPLESDIR%%/fcron.pam
+%%PAMDIR%%/fcron
+%%PAMDIR%%/fcrontab
%%EXAMPLESDIR%%/fcrontab-operator
%%EXAMPLESDIR%%/fcrontab-root
-%%EXAMPLESDIR%%/fcrontab.pam
@dirrm %%EXAMPLESDIR%%
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list