Hello community, here is the log from the commit of package at for openSUSE:Factory checked in at 2017-08-06 11:28:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/at (Old) and /work/SRC/openSUSE:Factory/.at.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "at" Sun Aug 6 11:28:23 2017 rev:71 rq:512800 version:3.1.20 Changes: -------- --- /work/SRC/openSUSE:Factory/at/at.changes 2015-10-17 16:36:49.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.at.new/at.changes 2017-08-06 11:28:24.693421366 +0200 @@ -1,0 +2,25 @@ +Sat Jul 22 07:21:45 UTC 2017 - [email protected] + +- Drop patch at-3.1.8-eal3-manpages.patch merged upstream differently + +------------------------------------------------------------------- +Sat Jul 22 07:07:28 UTC 2017 - [email protected] + +- Version update to at 3.1.20 to match latest upstream: + * Pam and selinux implemented upstream + * various tiny fixes +- Rebase patches: + * at-3.1.13-documentation-dir.patch + * at-3.1.13-massive_batch.patch + * at-3.1.14-joblist.patch + * at-3.1.14-parse-suse-sysconfig.patch + * at-3.1.14-usePOSIXtimers.patch + * at-3.1.14.patch +- Drop no longer needed patches: + * at-3.1.13-formatbugs.patch + * at-3.1.13-pam-session-as-root.patch + * at-3.1.13-pam.patch + * at-3.1.13-queue-nice-level.patch + * at-3.1.14-selinux.patch + +------------------------------------------------------------------- Old: ---- at-3.1.13-formatbugs.patch at-3.1.13-pam-session-as-root.patch at-3.1.13-pam.patch at-3.1.13-queue-nice-level.patch at-3.1.14-selinux.patch at-3.1.8-eal3-manpages.patch at_3.1.16.orig.tar.gz New: ---- at_3.1.20.orig.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ at.spec ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:26.933105834 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:26.941104707 +0200 @@ -1,7 +1,7 @@ # # spec file for package at # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: at -Version: 3.1.16 +Version: 3.1.20 Release: 0 Summary: A Job Manager License: GPL-2.0+ @@ -29,16 +29,8 @@ Source5: atd.service Patch0: at-3.1.14.patch Patch4: at-3.1.14-joblist.patch -Patch5: at-3.1.14-selinux.patch -Patch7: at-3.1.8-eal3-manpages.patch -## no bugs anymore for patch8. Just paranoia checking -Patch8: at-3.1.13-formatbugs.patch -Patch9: at-3.1.13-pam.patch Patch10: at-3.1.13-massive_batch.patch Patch11: at-3.1.13-documentation-dir.patch -Patch12: at-3.1.13-queue-nice-level.patch -# PATCH-FIX-UPSTREAM pam-session-as-root (bnc#408986, bnc#239210) -Patch14: at-3.1.13-pam-session-as-root.patch # PATCH-FIX-UPSTREAM clean-up opened descriptors (bnc#533454, bnc#523346) Patch15: at-3.1.13-leak-fix.patch #PATCH-FIX-OPENSUSE add proper system users to the deny list @@ -86,14 +78,8 @@ %setup -q %patch0 %patch4 -%patch5 -%patch7 -%patch8 -%patch9 %patch10 %patch11 -%patch12 -%patch14 %patch15 %patch16 %patch17 -p1 @@ -109,13 +95,10 @@ %patch29 -p1 %build -rm -fv y.tab.c y.tab.h lex.yy.c lex.yy.o y.tab.o -autoreconf -fiv - -export CFLAGS="%{?optflags} -fPIE" -export LDFLAGS="-pie" export SENDMAIL=%{_sbindir}/sendmail +autoreconf -fvi + %configure \ --with-pam \ --with-selinux \ ++++++ at-3.1.13-documentation-dir.patch ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.005095692 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.017094001 +0200 @@ -2,10 +2,8 @@ =================================================================== --- at.1.in.orig +++ at.1.in -@@ -124,11 +124,11 @@ to run a job at 10:00am on July 31, you - .B at 10am Jul 31 - and to run a job at 1am tomorrow, you would do - .B at 1am tomorrow. +@@ -132,7 +132,7 @@ the past, the job will run as soon as po + it will run more likely at 8:05pm. .PP The definition of the time specification can be found in -.IR @prefix@/share/doc/at/timespec . @@ -13,5 +11,3 @@ .PP For both .BR at " and " batch , - commands are read from standard input or the file specified - with the ++++++ at-3.1.13-massive_batch.patch ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.109081042 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.113080479 +0200 @@ -2,9 +2,7 @@ =================================================================== --- atd.c.orig +++ atd.c -@@ -112,13 +112,14 @@ gid_t daemon_gid = (gid_t) - 3; - - static char *namep; +@@ -108,9 +108,10 @@ static char *namep; static double load_avg = LOADAVG_MX; static time_t now; static time_t last_chg; @@ -16,11 +14,7 @@ static volatile sig_atomic_t term_signal = 0; - #ifdef WITH_PAM - #include <security/pam_appl.h> -@@ -146,14 +147,14 @@ set_term(int dummy) - { - term_signal = 1; +@@ -141,10 +142,10 @@ set_term(int dummy) return; } @@ -34,11 +28,7 @@ nothing_to_do = 0; return; } - - /* SIGCHLD handler - discards completion status of children */ -@@ -807,10 +808,11 @@ run_loop() - - if (nothing_to_do && buf.st_mtime <= last_chg) +@@ -647,6 +648,7 @@ run_loop() return next_job; last_chg = buf.st_mtime; @@ -46,11 +36,7 @@ if ((spool = opendir(".")) == NULL) perr("Cannot read " ATJOB_DIR); - run_batch = 0; - nothing_to_do = 1; -@@ -1043,11 +1045,11 @@ main(int argc, char *argv[]) - * A signal handler setting term_signal will make sure there's - * a clean exit. +@@ -898,7 +900,7 @@ main(int argc, char *argv[]) */ sigaction(SIGHUP, NULL, &act); @@ -59,11 +45,7 @@ sigaction(SIGHUP, &act, NULL); sigaction(SIGTERM, NULL, &act); - act.sa_handler = set_term; - sigaction(SIGTERM, &act, NULL); -@@ -1059,12 +1061,13 @@ main(int argc, char *argv[]) - daemon_setup(); - +@@ -914,9 +916,10 @@ main(int argc, char *argv[]) do { now = time(NULL); next_invocation = run_loop(); @@ -75,4 +57,3 @@ } while (!term_signal); daemon_cleanup(); exit(EXIT_SUCCESS); - } ++++++ at-3.1.14-joblist.patch ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.157074281 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.165073154 +0200 @@ -2,9 +2,7 @@ =================================================================== --- at.c.orig +++ at.c -@@ -132,11 +132,13 @@ char atverify = 0; /* verify time inste - - static void sigc(int signo); +@@ -134,7 +134,9 @@ static void sigc(int signo); static void alarmc(int signo); static char *cwdname(void); static void writefile(time_t runtimer, char queue); @@ -15,11 +13,7 @@ /* Signal catching functions */ - static RETSIGTYPE - sigc(int signo) -@@ -545,12 +547,24 @@ writefile(time_t runtimer, char queue) - break; - } +@@ -566,8 +568,20 @@ writefile(time_t runtimer, char queue) return; } @@ -41,11 +35,7 @@ { /* List all a user's jobs in the queue, by looping through ATJOB_DIR, * or everybody's if we are root - */ - DIR *spool; -@@ -585,10 +599,14 @@ list_jobs(void) - continue; - +@@ -606,6 +620,10 @@ list_jobs(void) if (sscanf(dirent->d_name, "%c%5lx%8lx", &queue, &jobno, &ctm) != 3) continue; @@ -56,11 +46,7 @@ if (atqueue && (queue != atqueue)) continue; - runtimer = 60 * (time_t) ctm; - runtime = localtime(&runtimer); -@@ -706,10 +724,33 @@ process_jobs(int argc, char **argv, int - } - } +@@ -727,6 +745,29 @@ process_jobs(int argc, char **argv, int return rc; } /* delete_jobs */ @@ -90,12 +76,8 @@ /* Global functions */ void * - mymalloc(size_t n) - { -@@ -731,10 +772,12 @@ main(int argc, char **argv) - - int program = AT; /* our default program */ - char *options = "q:f:MmvlrdhVct:"; /* default options for at */ +@@ -752,6 +793,8 @@ main(int argc, char **argv) + char *options = "q:f:MmbvlrdhVct:"; /* default options for at */ int disp_version = 0; time_t timer = 0; + long *joblist = NULL; @@ -103,11 +85,7 @@ struct passwd *pwe; struct group *ge; - RELINQUISH_PRIVS - -@@ -868,12 +911,13 @@ main(int argc, char **argv) - switch (program) { - int i; +@@ -889,8 +932,9 @@ main(int argc, char **argv) case ATQ: REDUCE_PRIV(daemon_uid, daemon_gid) @@ -119,15 +97,11 @@ break; case ATRM: - - REDUCE_PRIV(daemon_uid, daemon_gid) Index: panic.c =================================================================== --- panic.c.orig +++ panic.c -@@ -93,10 +93,11 @@ usage(void) - /* Print usage and exit. - */ +@@ -95,6 +95,7 @@ usage(void) fprintf(stderr, "Usage: at [-V] [-q x] [-f file] [-mMlbv] timespec ...\n" " at [-V] [-q x] [-f file] [-mMlbv] -t time\n" " at -c job ...\n" @@ -135,5 +109,3 @@ " atq [-V] [-q x]\n" " at [ -rd ] job ...\n" " atrm [-V] job ...\n" - " batch\n"); - exit(EXIT_FAILURE); ++++++ at-3.1.14-parse-suse-sysconfig.patch ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.217065829 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.229064138 +0200 @@ -46,7 +46,7 @@ /* Local headers */ #include "privs.h" -@@ -930,6 +934,7 @@ main(int argc, char *argv[]) +@@ -798,6 +802,7 @@ main(int argc, char *argv[]) * for execution and yet another one, optionally, for sending mail. * Files which already have run are removed during the next invocation. */ @@ -54,7 +54,7 @@ int c; time_t next_invocation; struct sigaction act; -@@ -998,6 +1003,22 @@ main(int argc, char *argv[]) +@@ -875,6 +880,22 @@ main(int argc, char *argv[]) } } @@ -81,8 +81,8 @@ =================================================================== --- configure.ac.orig +++ configure.ac -@@ -53,6 +53,8 @@ AC_CHECK_LIB(fl,yywrap, - AC_DEFINE([NEED_YYWRAP], 1, [need yywrap]) +@@ -54,6 +54,8 @@ AC_CHECK_LIB(fl,yywrap, + [Define to 1 if we need to provide our own yywrap()]) ) +PKG_CHECK_MODULES([HX], [libHX]) ++++++ at-3.1.14-usePOSIXtimers.patch ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.273057940 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.273057940 +0200 @@ -1,6 +1,8 @@ ---- at-3.1.15.orig/atd.c -+++ at-3.1.15/atd.c -@@ -919,6 +919,54 @@ run_loop() +Index: at-3.1.20/atd.c +=================================================================== +--- at-3.1.20.orig/atd.c ++++ at-3.1.20/atd.c +@@ -787,6 +787,54 @@ run_loop() return next_job; } @@ -55,7 +57,7 @@ /* Global functions */ int -@@ -1032,7 +1080,7 @@ main(int argc, char *argv[]) +@@ -909,7 +957,7 @@ main(int argc, char *argv[]) sigaction(SIGCHLD, &act, NULL); if (!run_as_daemon) { @@ -64,7 +66,7 @@ run_loop(); exit(EXIT_SUCCESS); } -@@ -1055,13 +1103,14 @@ main(int argc, char *argv[]) +@@ -932,13 +980,14 @@ main(int argc, char *argv[]) act.sa_handler = set_term; sigaction(SIGINT, &act, NULL); @@ -81,8 +83,10 @@ } hupped = 0; } while (!term_signal); ---- at-3.1.15.orig/config.h.in -+++ at-3.1.15/config.h.in +Index: at-3.1.20/config.h.in +=================================================================== +--- at-3.1.20.orig/config.h.in ++++ at-3.1.20/config.h.in @@ -38,6 +38,9 @@ /* Define to 1 if you have the `getloadavg' function. */ #undef HAVE_GETLOADAVG @@ -93,11 +97,13 @@ /* Define to 1 if you have the <getopt.h> header file. */ #undef HAVE_GETOPT_H ---- at-3.1.15.orig/configure.ac -+++ at-3.1.15/configure.ac -@@ -254,6 +254,12 @@ AC_ARG_WITH(daemon_username, - ) - AC_SUBST(DAEMON_USERNAME) +Index: at-3.1.20/configure.ac +=================================================================== +--- at-3.1.20.orig/configure.ac ++++ at-3.1.20/configure.ac +@@ -263,6 +263,12 @@ fi + AC_SUBST(SELINUXLIB) + AC_SUBST(WITH_SELINUX) +dnl check for POSIX timer functions +AC_SEARCH_LIBS([timer_create],[rt]) ++++++ at-3.1.14.patch ++++++ --- /var/tmp/diff_new_pack.6NrHe7/_old 2017-08-06 11:28:27.361045544 +0200 +++ /var/tmp/diff_new_pack.6NrHe7/_new 2017-08-06 11:28:27.373043854 +0200 @@ -55,7 +55,7 @@ - cd $(IROOT)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5 - $(INSTALL) -g root -o root -m 644 $(DOCS) $(IROOT)$(atdocdir) + $(INSTALL) -m 644 at.allow.5 $(IROOT)$(man5dir)/ -+ $(INSTALL) -m 644 at.deny.5 $(IROOT)$(man5dir)/ ++ cd $(IROOT)$(man5dir) && $(LN_S) -f at.allow.5 at.deny.5 + $(INSTALL) -m 644 $(DOCS) $(IROOT)$(atdocdir) rm -f $(IROOT)$(mandir)/cat1/at.1* $(IROOT)$(mandir)/cat1/batch.1* \ $(IROOT)$(mandir)/cat1/atq.1* ++++++ at_3.1.16.orig.tar.gz -> at_3.1.20.orig.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/ChangeLog new/at-3.1.20/ChangeLog --- old/at-3.1.16/ChangeLog 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/ChangeLog 2016-06-28 22:55:01.000000000 +0200 @@ -157,3 +157,20 @@ Ansgar Burchardt (1): at: only retain variables whose name consists of alphanumerics and underscores + +at 3.1.17 (2015-08-31): + + Jose M Calhariz: + at.1.in: Document behaviour when using past time, thanks Kelly Price (Closes: #639900). + Makefile.in: On distclean remove at.allow.5, auto generated file. + +at 3.1.18 (2015-12-06) + + Jose M Calhariz: + Add support for SELinux, multiples files + +at 3.1.19 (2016-03-20) + Jose M Calhariz: + Fix configure handling of flag --without-selinux. + +Last entry on this file follow debian/changelog. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/Copyright new/at-3.1.20/Copyright --- old/at-3.1.16/Copyright 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/Copyright 2015-12-18 21:29:24.000000000 +0100 @@ -9,6 +9,9 @@ In August 2009 the upstream development and Debian packaging were taken over by Ansgar Burchardt <[email protected]> and Cyril Brulebois <[email protected]>. +In August 2015 the upstream development and Debian packaging were +taken over by Jose M Calhariz <[email protected]> + This may be considered the experimental upstream source, and since there doesn't seem to be any other upstream source, the only upstream source. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/Makefile.in new/at-3.1.20/Makefile.in --- old/at-3.1.16/Makefile.in 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/Makefile.in 2015-12-18 21:29:24.000000000 +0100 @@ -40,6 +40,7 @@ LIBOBJS = @LIBOBJS@ INSTALL = @INSTALL@ PAMLIB = @PAMLIB@ +SELINUXLIB = @SELINUXLIB@ CLONES = atq atrm ATOBJECTS = at.o panic.o perm.o posixtm.o y.tab.o lex.yy.o @@ -73,7 +74,7 @@ $(LN_S) -f at atrm atd: $(RUNOBJECTS) - $(CC) $(LDFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB) + $(CC) $(LDFLAGS) -o atd $(RUNOBJECTS) $(LIBS) $(PAMLIB) $(SELINUXLIB) y.tab.c y.tab.h: parsetime.y $(YACC) -d parsetime.y @@ -142,7 +143,7 @@ rm -f parsetest parsetime.c lex.yy.c y.tab.c y.tab.h distclean: clean - rm -rf at.1 atd.8 atrun.8 config.cache atrun batch config.h \ + rm -rf at.1 at.allow.5 atd.8 atrun.8 config.cache atrun batch config.h \ config.status Makefile config.log build atd.service checkin: $(DIST) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/at.1.in new/at-3.1.20/at.1.in --- old/at-3.1.16/at.1.in 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/at.1.in 2015-12-18 21:29:24.000000000 +0100 @@ -125,6 +125,12 @@ and to run a job at 1am tomorrow, you would do .B at 1am tomorrow. .PP +If you specify a job to absolutely run at a specific time and date in +the past, the job will run as soon as possible. For example, if it is +8pm and you do a +.B at 6pm today, +it will run more likely at 8:05pm. +.PP The definition of the time specification can be found in .IR @prefix@/share/doc/at/timespec . .PP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/at.c new/at-3.1.20/at.c --- old/at-3.1.16/at.c 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/at.c 2016-06-28 22:18:00.000000000 +0200 @@ -495,6 +495,9 @@ fprintf(fp, "\n"); if (ferror(fp)) panic("Output error"); + fflush(fp); + if (ferror(fp)) + panic("Output error"); if (ferror(stdin)) panic("Input error"); @@ -746,7 +749,7 @@ char *pgm; int program = AT; /* our default program */ - char *options = "q:f:MmvlrdhVct:"; /* default options for at */ + char *options = "q:f:MmbvlrdhVct:"; /* default options for at */ int disp_version = 0; time_t timer = 0; struct passwd *pwe; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/atd.c new/at-3.1.20/atd.c --- old/at-3.1.16/atd.c 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/atd.c 2016-06-28 22:14:39.000000000 +0200 @@ -83,6 +83,12 @@ #include "getloadavg.h" #endif +#ifdef WITH_SELINUX +#include <selinux/selinux.h> +#include <selinux/get_context_list.h> +int selinux_enabled = 0; +#endif + /* Macros */ #define BATCH_INTERVAL_DEFAULT 60 @@ -195,6 +201,72 @@ #define fork myfork #endif +#ifdef WITH_SELINUX +static int +set_selinux_context(const char *name, const char *filename) { + security_context_t user_context = NULL; + security_context_t file_context = NULL; + int retval = 0; + char *seuser = NULL; + char *level = NULL; + + if (getseuserbyname(name, &seuser, &level) == 0) { + retval = get_default_context_with_level(seuser, level, NULL, &user_context); + free(seuser); + free(level); + if (retval < 0) { + lerr("get_default_context_with_level: couldn't get security context for user %s", name); + retval = -1; + goto err; + } + } + + /* + * Since crontab files are not directly executed, + * crond must ensure that the crontab file has + * a context that is appropriate for the context of + * the user cron job. It performs an entrypoint + * permission check for this purpose. + */ + if (fgetfilecon(STDIN_FILENO, &file_context) < 0) { + lerr("fgetfilecon FAILED %s", filename); + retval = -1; + goto err; + } + + retval = selinux_check_access(user_context, file_context, "file", "entrypoint", NULL); + freecon(file_context); + if (retval < 0) { + lerr("Not allowed to set exec context to %s for user %s", user_context, name); + retval = -1; + goto err; + } + if (setexeccon(user_context) < 0) { + lerr("Could not set exec context to %s for user %s", user_context, name); + retval = -1; + goto err; + } +err: + if (retval < 0 && security_getenforce() != 1) + retval = 0; + if (user_context) + freecon(user_context); + return retval; +} + +static int +selinux_log_callback (int type, const char *fmt, ...) +{ + va_list ap; + + va_start(ap, fmt); + vsyslog (LOG_ERR, fmt, ap); + va_end(ap); + return 0; +} + +#endif + static void run_file(const char *filename, uid_t uid, gid_t gid) { @@ -424,6 +496,13 @@ nice((tolower((int) queue) - 'a' + 1) * 2); +#ifdef WITH_SELINUX + if (selinux_enabled > 0) { + if (set_selinux_context(pentry->pw_name, filename) < 0) + perr("SELinux Failed to set context\n"); + } +#endif + if (initgroups(pentry->pw_name, pentry->pw_gid)) perr("Cannot initialize the supplementary group access list"); @@ -594,10 +673,16 @@ /* Skip lock files */ if (queue == '=') { - if ((buf.st_nlink == 1) && (run_time + CHECK_INTERVAL <= now)) { - /* Remove stale lockfile FIXME: lock the lockfile, if you fail, it's still in use. */ - unlink(dirent->d_name); - } + /* FIXME: calhariz */ + /* I think the following code is broken, but commenting + may haven unknow side effects. Make a release and see + in the wild how it works. For more information see: + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818508/* + + /* if ((buf.st_nlink == 1) && (run_time + CHECK_INTERVAL <= now)) { */ + /* /\* Remove stale lockfile FIXME: lock the lockfile, if you fail, it's still in use. *\/ */ + /* unlink(dirent->d_name); */ + /* } */ continue; } /* Skip any other file types which may have been invented in @@ -707,6 +792,14 @@ struct passwd *pwe; struct group *ge; +#ifdef WITH_SELINUX + selinux_enabled=is_selinux_enabled(); + + if (selinux_enabled) { + selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) selinux_log_callback); + } +#endif + /* We don't need root privileges all the time; running under uid and gid * daemon is fine. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/config.h.in new/at-3.1.20/config.h.in --- old/at-3.1.16/config.h.in 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/config.h.in 2015-12-18 21:29:24.000000000 +0100 @@ -192,6 +192,9 @@ <sys/cpustats.h>. */ #undef UMAX4_3 +/* Define if you are building with_selinux */ +#undef WITH_SELINUX + /* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a `char[]'. */ #undef YYTEXT_POINTER diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/configure new/at-3.1.20/configure --- old/at-3.1.16/configure 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/configure 2016-06-28 22:55:01.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for at 3.1.16. +# Generated by GNU Autoconf 2.69 for at 3.1.19. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -577,8 +577,8 @@ # Identity of this package. PACKAGE_NAME='at' PACKAGE_TARNAME='at' -PACKAGE_VERSION='3.1.16' -PACKAGE_STRING='at 3.1.16' +PACKAGE_VERSION='3.1.19' +PACKAGE_STRING='at 3.1.19' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -622,6 +622,8 @@ ac_subst_vars='LTLIBOBJS DAEMON_GROUPNAME +WITH_SELINUX +SELINUXLIB DAEMON_USERNAME LOADAVG_MX ATSPD @@ -682,6 +684,7 @@ docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -710,6 +713,7 @@ with_atspool with_loadavg_mx with_daemon_username +with_selinux with_daemon_groupname ' ac_precious_vars='build_alias @@ -761,6 +765,7 @@ sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -1013,6 +1018,15 @@ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1150,7 +1164,7 @@ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1263,7 +1277,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures at 3.1.16 to adapt to many kinds of systems. +\`configure' configures at 3.1.19 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1303,6 +1317,7 @@ --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -1328,7 +1343,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of at 3.1.16:";; + short | recursive ) echo "Configuration of at 3.1.19:";; esac cat <<\_ACEOF @@ -1341,6 +1356,7 @@ --with-atspool=PATH Directory containing at spool (default SPOOLDIR/atspool). --with-loadavg_mx=LOADAVG_MX Default max. load average for batch (default 0.8). --with-daemon_username=DAEMON_USERNAME Username to run under (default daemon) + --with-selinux Define to run with selinux (default=check) --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) Some influential environment variables: @@ -1425,7 +1441,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -at configure 3.1.16 +at configure 3.1.19 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1901,7 +1917,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by at $as_me 3.1.16, which was +It was created by at $as_me 3.1.19, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2256,7 +2272,7 @@ -VERSION=3.1.16 +VERSION=3.1.19 if test "X$CFLAGS" = "X"; then CFLAGS="-O2 -g -Wall" fi @@ -5207,6 +5223,73 @@ + +# Check whether --with-selinux was given. +if test "${with_selinux+set}" = set; then : + withval=$with_selinux; +else + with_selinux=check +fi + + +if test "x$with_selinux" != xno; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for is_selinux_enabled in -lselinux" >&5 +$as_echo_n "checking for is_selinux_enabled in -lselinux... " >&6; } +if ${ac_cv_lib_selinux_is_selinux_enabled+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lselinux $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char is_selinux_enabled (); +int +main () +{ +return is_selinux_enabled (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_selinux_is_selinux_enabled=yes +else + ac_cv_lib_selinux_is_selinux_enabled=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_is_selinux_enabled" >&5 +$as_echo "$ac_cv_lib_selinux_is_selinux_enabled" >&6; } +if test "x$ac_cv_lib_selinux_is_selinux_enabled" = xyes; then : + SELINUXLIB=-lselinux + +$as_echo "#define WITH_SELINUX 1" >>confdefs.h + + +else + if test "x$with_selinux" != xcheck; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "--with-selinux is given, but test for selinux failed $with_selinux +See \`config.log' for more details" "$LINENO" 5; } + fi + + +fi + +fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking groupname to run under" >&5 $as_echo_n "checking groupname to run under... " >&6; } @@ -5744,7 +5827,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by at $as_me 3.1.16, which was +This file was extended by at $as_me 3.1.19, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -5806,7 +5889,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -at config.status 3.1.16 +at config.status 3.1.19 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/configure.ac new/at-3.1.20/configure.ac --- old/at-3.1.16/configure.ac 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/configure.ac 2016-06-28 22:55:52.000000000 +0200 @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(at, 3.1.16) +AC_INIT(at, 3.1.20) AC_CONFIG_SRCDIR(at.c) AC_PREFIX_DEFAULT(/usr) @@ -239,6 +239,25 @@ ) AC_SUBST(DAEMON_USERNAME) +AC_ARG_WITH(selinux, +[ --with-selinux Define to run with selinux (default=check)], +[], +[with_selinux=check]) + +if test "x$with_selinux" != xno; then + AC_CHECK_LIB([selinux], [is_selinux_enabled], + [SELINUXLIB=-lselinux + AC_DEFINE(WITH_SELINUX, 1, [Define if you are building with_selinux]) + ], + [if test "x$with_selinux" != xcheck; then + AC_MSG_FAILURE([--with-selinux is given, but test for selinux failed $with_selinux]) + fi + ] + ) +fi +AC_SUBST(SELINUXLIB) +AC_SUBST(WITH_SELINUX) + AC_MSG_CHECKING(groupname to run under) AC_ARG_WITH(daemon_groupname, [ --with-daemon_groupname=DAEMON_GROUPNAME Groupname to run under (default daemon) ], diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/daemon.c new/at-3.1.20/daemon.c --- old/at-3.1.16/daemon.c 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/daemon.c 2015-12-18 21:29:24.000000000 +0100 @@ -83,6 +83,22 @@ } void +lerr(const char *fmt,...) +{ + char buf[1024]; + va_list args; + + va_start(args, fmt); + vsnprintf(buf, sizeof(buf), fmt, args); + va_end(args); + + if (daemon_debug) { + perror(buf); + } else + syslog(LOG_ERR, "%s: %m", buf); +} + +void pabort(const char *fmt,...) { char buf[1024]; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/daemon.h new/at-3.1.20/daemon.h --- old/at-3.1.16/daemon.h 2014-09-30 08:29:02.000000000 +0200 +++ new/at-3.1.20/daemon.h 2015-12-18 21:29:24.000000000 +0100 @@ -13,5 +13,8 @@ #endif perr (const char *fmt, ...); +void +lerr (const char *fmt, ...); + extern int daemon_debug; extern int daemon_foreground; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/at-3.1.16/dist new/at-3.1.20/dist --- old/at-3.1.16/dist 1970-01-01 01:00:00.000000000 +0100 +++ new/at-3.1.20/dist 2016-06-28 22:31:01.000000000 +0200 @@ -0,0 +1,17 @@ +#!/bin/bash +set -e + +PACKNAME=at +SOURCENAME=at +VER=$( grep AC_INIT configure.ac | cut -d ',' -f 2 | tr -d ' )' ) +RELTAR=${SOURCENAME}_$VER.orig.tar.gz + +echo $PACKNAME $SOURCENAME $VER +echo $RELTAR + +[ ! -e ../$SOURCENAME-$VER ] || ( echo "Dir $SOURCENAME-$VER exist, aborting" ; exit 1 ) +[ ! -e ../$RELTAR ] || ( echo "Release file $RELTAR exist, aborting" ; exit 2 ) +mkdir ../$SOURCENAME-$VER +fakeroot tar --exclude=debian --exclude=.git -cf - . | tar -C ../$SOURCENAME-$VER -x +GZIP=-9 fakeroot tar -C .. -czf ../$RELTAR $SOURCENAME-$VER +rm -r ../$SOURCENAME-$VER
