diff options
| author |   Jose Quinteiro <gentoo@quinteiro.org> | 2019-10-10 07:17:50 -0700 |
|---|---|---|
| committer | Jose Quinteiro <gentoo@quinteiro.org> | 2019-10-10 07:19:00 -0700 |
| commit | f6cd408fab585e664611b4c5eea5ba69b18f9d8f (patch) | |
| tree | 4274f970594f6fb4a347beb5030ba1d8926427cf /sys-process/vixie-cron/files/vixie-cron-4.1-pam.patch | |
| parent | Remove bogus dependency on br0ken Openrc (diff) | |
| download | JoseQ-f6cd408fab585e664611b4c5eea5ba69b18f9d8f.tar.gz JoseQ-f6cd408fab585e664611b4c5eea5ba69b18f9d8f.tar.bz2 JoseQ-f6cd408fab585e664611b4c5eea5ba69b18f9d8f.zip | |
Save vixie-cron from being Mgornied
Signed-off-by: Jose Quinteiro <gentoo@quinteiro.org>
Diffstat (limited to 'sys-process/vixie-cron/files/vixie-cron-4.1-pam.patch')
| -rw-r--r-- | sys-process/vixie-cron/files/vixie-cron-4.1-pam.patch | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/sys-process/vixie-cron/files/vixie-cron-4.1-pam.patch b/sys-process/vixie-cron/files/vixie-cron-4.1-pam.patch new file mode 100644 index 0000000..64bf671 --- /dev/null +++ b/sys-process/vixie-cron/files/vixie-cron-4.1-pam.patch @@ -0,0 +1,67 @@ +--- vixie-cron-3.0.1.orig/Makefile Thu May 30 19:47:00 2002 ++++ vixie-cron-3.0.1/Makefile Thu May 30 20:54:46 2002 +@@ -55,7 +55,7 @@ + INCLUDE = -I. + #INCLUDE = + #<<need getopt()>> +-LIBS = ++LIBS = -lpam + #<<optimize or debug?>> + OPTIM = $(RPM_OPT_FLAGS) + #OPTIM = -g +--- vixie-cron-3.0.1.orig/do_command.c Thu May 30 19:47:00 2002 ++++ vixie-cron-3.0.1/do_command.c Thu May 30 20:55:50 2002 +@@ -25,6 +25,18 @@ + + #include "cron.h" + ++#include <security/pam_appl.h> ++static pam_handle_t *pamh = NULL; ++static const struct pam_conv conv = { ++ NULL ++}; ++#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \ ++ fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \ ++ syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \ ++ pam_end(pamh, retcode); exit(1); \ ++ } ++ ++ + static void child_process(entry *, user *); + static int safe_p(const char *, const char *); + +@@ -65,6 +77,7 @@ + int stdin_pipe[2], stdout_pipe[2]; + char *input_data, *usernm, *mailto; + int children = 0; ++ int retcode = 0; + + Debug(DPROC, ("[%ld] child_process('%s')\n", (long)getpid(), e->cmd)) + +@@ -134,6 +147,16 @@ + *p = '\0'; + } + ++ ++ retcode = pam_start("cron", usernm, &conv, &pamh); ++ PAM_FAIL_CHECK; ++ retcode = pam_acct_mgmt(pamh, PAM_SILENT); ++ PAM_FAIL_CHECK; ++ retcode = pam_open_session(pamh, PAM_SILENT); ++ PAM_FAIL_CHECK; ++ retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT); ++ PAM_FAIL_CHECK; ++ + /* fork again, this time so we can exec the user's command. + */ + switch (vfork()) { +@@ -507,6 +530,9 @@ + Debug(DPROC, (", dumped core")) + Debug(DPROC, ("\n")) + } ++ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT); ++ retcode = pam_close_session(pamh, PAM_SILENT); ++ pam_end(pamh, retcode); + } + + static int |