|
Marcela Mašláňová |
c5c176 |
diff -up at-3.1.12/atd.c.fix at-3.1.12/atd.c
|
|
Marcela Mašláňová |
c5c176 |
--- at-3.1.12/atd.c.fix 2010-01-18 14:22:19.364913059 +0100
|
|
Marcela Mašláňová |
c5c176 |
+++ at-3.1.12/atd.c 2010-01-18 14:20:17.867912485 +0100
|
|
Marcela Mašláňová |
c5c176 |
@@ -458,11 +458,9 @@ run_file(const char *filename, uid_t uid
|
|
Marcela Mašláňová |
c5c176 |
size = buf.st_size;
|
|
Marcela Mašláňová |
c5c176 |
|
|
Marcela Mašláňová |
c5c176 |
#ifdef WITH_PAM
|
|
Marcela Mašláňová |
c5c176 |
- PRIV_START
|
|
Marcela Mašláňová |
c5c176 |
- PAM_HANDLING;
|
|
Marcela Mašláňová |
c5c176 |
+ PAM_HANDLING;
|
|
Marcela Mašláňová |
c5c176 |
closelog();
|
|
Marcela Mašláňová |
c5c176 |
openlog("atd", LOG_PID, LOG_ATD);
|
|
Marcela Mašláňová |
c5c176 |
- PRIV_END
|
|
Marcela Mašláňová |
c5c176 |
#endif
|
|
Marcela Mašláňová |
c5c176 |
|
|
Marcela Mašláňová |
c5c176 |
close(STDIN_FILENO);
|
|
Marcela Mašláňová |
c5c176 |
@@ -484,7 +482,6 @@ run_file(const char *filename, uid_t uid
|
|
Marcela Mašláňová |
c5c176 |
if ( ( pam_envp != 0L ) && (pam_envp[0] != 0L) )
|
|
Marcela Mašláňová |
c5c176 |
nenvp = pam_envp;
|
|
Marcela Mašláňová |
c5c176 |
#endif
|
|
Marcela Mašláňová |
c5c176 |
- PRIV_END
|
|
Marcela Mašláňová |
c5c176 |
/* Set up things for the child; we want standard input from the
|
|
Marcela Mašláňová |
c5c176 |
* input file, and standard output and error sent to our output file.
|
|
Marcela Mašláňová |
c5c176 |
*/
|
|
Marcela Mašláňová |
c5c176 |
@@ -505,8 +502,6 @@ run_file(const char *filename, uid_t uid
|
|
Marcela Mašláňová |
c5c176 |
if (chdir(ATJOB_DIR) < 0)
|
|
Marcela Mašláňová |
c5c176 |
perr("Cannot chdir to " ATJOB_DIR);
|
|
Marcela Mašláňová |
c5c176 |
|
|
Marcela Mašláňová |
c5c176 |
- PRIV_START
|
|
Marcela Mašláňová |
c5c176 |
-
|
|
Marcela Mašláňová |
c5c176 |
nice((tolower((int) queue) - 'a' + 1) * 2);
|
|
Marcela Mašláňová |
c5c176 |
|
|
Marcela Mašláňová |
c5c176 |
if (initgroups(pentry->pw_name, pentry->pw_gid))
|
|
Marcela Mašláňová |
c5c176 |
@@ -531,6 +526,17 @@ run_file(const char *filename, uid_t uid
|
|
Marcela Mašláňová |
c5c176 |
|
|
Marcela Mašláňová |
c5c176 |
if (execle("/bin/sh", "sh", (char *) NULL, nenvp) != 0)
|
|
Marcela Mašláňová |
c5c176 |
perr("Exec failed for /bin/sh");
|
|
Marcela Mašláňová |
c5c176 |
+
|
|
Marcela Mašláňová |
c5c176 |
+//add for fedora
|
|
Marcela Mašláňová |
c5c176 |
+#ifdef WITH_SELINUX
|
|
Marcela Mašláňová |
c5c176 |
+ if (selinux_enabled>0)
|
|
Marcela Mašláňová |
c5c176 |
+ if (setexeccon(NULL) < 0)
|
|
Marcela Mašláňová |
c5c176 |
+ if (security_getenforce()==1)
|
|
Marcela Mašláňová |
c5c176 |
+ perr("Could not resset exec context for user %s\n", pentry->pw_name);
|
|
Marcela Mašláňová |
c5c176 |
+
|
|
Marcela Mašláňová |
c5c176 |
+#endif
|
|
Marcela Mašláňová |
c5c176 |
+//end
|
|
Marcela Mašláňová |
c5c176 |
+//add for fedora
|
|
Marcela Mašláňová |
c5c176 |
#ifdef WITH_PAM
|
|
Marcela Mašláňová |
c5c176 |
if ( ( nenvp != &nul ) && (pam_envp != 0L) && (*pam_envp != 0L))
|
|
Marcela Mašláňová |
c5c176 |
{
|
|
Marcela Mašláňová |
c5c176 |
@@ -553,7 +559,7 @@ run_file(const char *filename, uid_t uid
|
|
Marcela Mašláňová |
c5c176 |
return with an ECHILD error.
|
|
Marcela Mašláňová |
c5c176 |
*/
|
|
Marcela Mašláňová |
c5c176 |
waitpid(pid, (int *) NULL, 0);
|
|
Marcela Mašláňová |
c5c176 |
-
|
|
Marcela Mašláňová |
c5c176 |
+/*
|
|
Marcela Mašláňová |
c5c176 |
#ifdef WITH_PAM
|
|
Marcela Mašláňová |
c5c176 |
PRIV_START
|
|
Marcela Mašláňová |
c5c176 |
pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
|
|
Marcela Mašláňová |
c5c176 |
@@ -561,7 +567,7 @@ run_file(const char *filename, uid_t uid
|
|
Marcela Mašláňová |
c5c176 |
pam_end(pamh, retcode);
|
|
Marcela Mašláňová |
c5c176 |
PRIV_END
|
|
Marcela Mašláňová |
c5c176 |
#endif
|
|
Marcela Mašláňová |
c5c176 |
-
|
|
Marcela Mašláňová |
c5c176 |
+*/
|
|
Marcela Mašláňová |
c5c176 |
/* Send mail. Unlink the output file after opening it, so it
|
|
Marcela Mašláňová |
c5c176 |
* doesn't hang around after the run.
|
|
Marcela Mašláňová |
c5c176 |
*/
|