[arch-commits] Commit in fcron/repos (8 files)
Evangelos Foutras
foutrelis at archlinux.org
Sun Nov 6 20:04:58 UTC 2016
Date: Sunday, November 6, 2016 @ 20:04:57
Author: foutrelis
Revision: 194766
archrelease: copy trunk to community-staging-i686, community-staging-x86_64
Added:
fcron/repos/community-staging-i686/
fcron/repos/community-staging-i686/PKGBUILD
(from rev 194765, fcron/trunk/PKGBUILD)
fcron/repos/community-staging-i686/fcron.install
(from rev 194765, fcron/trunk/fcron.install)
fcron/repos/community-staging-i686/systab.orig
(from rev 194765, fcron/trunk/systab.orig)
fcron/repos/community-staging-x86_64/
fcron/repos/community-staging-x86_64/PKGBUILD
(from rev 194765, fcron/trunk/PKGBUILD)
fcron/repos/community-staging-x86_64/fcron.install
(from rev 194765, fcron/trunk/fcron.install)
fcron/repos/community-staging-x86_64/systab.orig
(from rev 194765, fcron/trunk/systab.orig)
----------------------------------------+
community-staging-i686/PKGBUILD | 90 +++++++++++++++++++++++++++++++
community-staging-i686/fcron.install | 39 +++++++++++++
community-staging-i686/systab.orig | 4 +
community-staging-x86_64/PKGBUILD | 90 +++++++++++++++++++++++++++++++
community-staging-x86_64/fcron.install | 39 +++++++++++++
community-staging-x86_64/systab.orig | 4 +
6 files changed, 266 insertions(+)
Copied: fcron/repos/community-staging-i686/PKGBUILD (from rev 194765, fcron/trunk/PKGBUILD)
===================================================================
--- community-staging-i686/PKGBUILD (rev 0)
+++ community-staging-i686/PKGBUILD 2016-11-06 20:04:57 UTC (rev 194766)
@@ -0,0 +1,90 @@
+# $Id$
+# Contributor: Giorgio Lando <lando at imap dot cc>
+# Contributor: Sergej Pupykin
+# Contributor: Thomas Bächler
+# Contributor: Sébastien Luttringer
+# Maintainer: Thorsten Töpper <atsutane-tu at freethoughts.de>
+
+pkgname=fcron
+pkgver=3.2.1
+pkgrel=2
+pkgdesc='Feature-rich cron implementation'
+arch=(i686 x86_64)
+url='http://fcron.free.fr'
+license=('GPL')
+depends=('pam' 'run-parts')
+makedepends=('smtp-forwarder' 'vim' 'fcron')
+# use fcron as recursive deps to have user fcron installed during installation
+# else add the following in build chroot
+# groupadd -g 23 fcron
+# useradd -r -d /var/spool/fcron -u 23 -g 23 fcron
+optdepends=('smtp-forwarder: to send mails from cron jobs'
+ 'vim: default editor for fcrontab')
+provides=('cron')
+conflicts=('dcron')
+backup=('etc/fcron/fcron.conf'
+ 'etc/fcron/fcron.allow'
+ 'etc/fcron/fcron.deny'
+ 'var/spool/fcron/systab.orig')
+options=('emptydirs' '!makeflags')
+install=$pkgname.install
+source=("http://fcron.free.fr/archives/$pkgname-$pkgver.src.tar.gz"
+ "http://fcron.free.fr/archives/$pkgname-$pkgver.src.tar.gz.sign"
+ 'systab.orig')
+md5sums=('bd4996e941a40327d11efc5e3fd1f839'
+ 'SKIP'
+ 'afecbfd98caa49e8e4aa239fa1b19255')
+validpgpkeys=('7733B98B987784DF27707D41F8E544EC485EE7BC')
+
+build() {
+ cd $pkgname-$pkgver
+ # Don't use --username=root and --groupname=root, this completly break
+ # fcron security and allow local root escalation.
+ # Thanks to Anh K. Huynh <kyanh at theslinux.org> for reporting it.
+ ./configure --prefix=/usr \
+ --sbindir=/usr/bin \
+ --sysconfdir=/etc/fcron \
+ --with-answer-all=no \
+ --with-boot-install=no \
+ --datarootdir=/usr/share \
+ --datadir=/usr/share \
+ --with-docdir=/usr/share/doc \
+ --localstatedir=/var \
+ --with-systemdsystemunitdir=/usr/lib/systemd/system \
+ --with-piddir=/run \
+ --with-editor=/usr/bin/vim \
+ --with-sendmail=/usr/bin/sendmail
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir/" install
+ install -Dm644 files/fcron.pam "$pkgdir/etc/pam.d/fcron"
+ install -Dm644 files/fcrontab.pam "$pkgdir/etc/pam.d/fcrontab"
+
+ # Install a default fcrontab so that fcron can completely replace dcron
+ # We don't use binary format which is incompatible between arch and may cause crash
+ # We regenerate the binary format at each update
+ install -Dm640 "$srcdir/systab.orig" "$pkgdir/var/spool/fcron/systab.orig"
+
+ # Add cron.* directories
+ install -d -m755 "$pkgdir/etc/cron.daily"
+ install -d -m755 "$pkgdir/etc/cron.hourly"
+ install -d -m755 "$pkgdir/etc/cron.monthly"
+ install -d -m755 "$pkgdir/etc/cron.weekly"
+
+ # remove docs
+ rm -r "$pkgdir/usr/share/doc"
+
+ # avoid conflict with filesystem>=2012.06
+ rmdir "$pkgdir"/{var/,}run
+
+ # avoid conflict with libbsd - #31259
+ rm "$pkgdir/usr/share/man/man3/bitstring.3" \
+ "$pkgdir/usr/share/man/fr/man3/bitstring.3"
+ rmdir --ignore-fail-on-non-empty "$pkgdir/usr/share/man/man3" \
+ "$pkgdir/usr/share/man/fr/man3"
+}
+
+# vim:set ts=2 sw=2 et:
Copied: fcron/repos/community-staging-i686/fcron.install (from rev 194765, fcron/trunk/fcron.install)
===================================================================
--- community-staging-i686/fcron.install (rev 0)
+++ community-staging-i686/fcron.install 2016-11-06 20:04:57 UTC (rev 194766)
@@ -0,0 +1,39 @@
+# arg 1: the new package version
+post_install() {
+ # we need a dedicated fcron user
+ getent group fcron >/dev/null || groupadd -g 23 fcron
+ getent passwd fcron >/dev/null || useradd -r -d /var/spool/fcron -u 23 -g 23 fcron
+ # Generate binary format which is incompatible between arch
+ fcrontab -z -u systab &>/dev/null
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ post_install "$1"
+ if (( $(vercmp $2 3.1.2-8) < 0 )); then
+ echo 'Previous versions of fcron allow root priviledge escalation by using'
+ echo 'runas option in crontabs. fcron check rights at crontab compilation.'
+ echo 'Thus, the migration script will recreate the binary crontabs'
+ echo 'for you (with all side effects) and fix the files rights.'
+ # fix invalid etc files
+ for _f in /etc/fcron/fcron.{conf,allow,deny}; do
+ [[ -e $_f ]] || continue
+ chown root:fcron "$_f"
+ chmod 640 "$_f"
+ done
+ # fix invalid spool directory
+ chown fcron:fcron /var/spool/fcron
+ chmod 770 /var/spool/fcron
+ # regen user fcron files
+ cd /var/spool/fcron
+ for _f in *; do
+ if [[ "${_f%.orig}" != "$_f" ]]; then
+ chgrp fcron "$_f"
+ fcrontab -z -u "${_f%.orig}" &>/dev/null
+ fi
+ done
+ fi
+}
+
+# vim:set ts=2 sw=2 et:
Copied: fcron/repos/community-staging-i686/systab.orig (from rev 194765, fcron/trunk/systab.orig)
===================================================================
--- community-staging-i686/systab.orig (rev 0)
+++ community-staging-i686/systab.orig 2016-11-06 20:04:57 UTC (rev 194766)
@@ -0,0 +1,4 @@
+&bootrun 01 * * * * /usr/bin/run-parts /etc/cron.hourly
+&bootrun 02 00 * * * /usr/bin/run-parts /etc/cron.daily
+&bootrun 22 00 * * 0 /usr/bin/run-parts /etc/cron.weekly
+&bootrun 42 00 1 * * /usr/bin/run-parts /etc/cron.monthly
Copied: fcron/repos/community-staging-x86_64/PKGBUILD (from rev 194765, fcron/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2016-11-06 20:04:57 UTC (rev 194766)
@@ -0,0 +1,90 @@
+# $Id$
+# Contributor: Giorgio Lando <lando at imap dot cc>
+# Contributor: Sergej Pupykin
+# Contributor: Thomas Bächler
+# Contributor: Sébastien Luttringer
+# Maintainer: Thorsten Töpper <atsutane-tu at freethoughts.de>
+
+pkgname=fcron
+pkgver=3.2.1
+pkgrel=2
+pkgdesc='Feature-rich cron implementation'
+arch=(i686 x86_64)
+url='http://fcron.free.fr'
+license=('GPL')
+depends=('pam' 'run-parts')
+makedepends=('smtp-forwarder' 'vim' 'fcron')
+# use fcron as recursive deps to have user fcron installed during installation
+# else add the following in build chroot
+# groupadd -g 23 fcron
+# useradd -r -d /var/spool/fcron -u 23 -g 23 fcron
+optdepends=('smtp-forwarder: to send mails from cron jobs'
+ 'vim: default editor for fcrontab')
+provides=('cron')
+conflicts=('dcron')
+backup=('etc/fcron/fcron.conf'
+ 'etc/fcron/fcron.allow'
+ 'etc/fcron/fcron.deny'
+ 'var/spool/fcron/systab.orig')
+options=('emptydirs' '!makeflags')
+install=$pkgname.install
+source=("http://fcron.free.fr/archives/$pkgname-$pkgver.src.tar.gz"
+ "http://fcron.free.fr/archives/$pkgname-$pkgver.src.tar.gz.sign"
+ 'systab.orig')
+md5sums=('bd4996e941a40327d11efc5e3fd1f839'
+ 'SKIP'
+ 'afecbfd98caa49e8e4aa239fa1b19255')
+validpgpkeys=('7733B98B987784DF27707D41F8E544EC485EE7BC')
+
+build() {
+ cd $pkgname-$pkgver
+ # Don't use --username=root and --groupname=root, this completly break
+ # fcron security and allow local root escalation.
+ # Thanks to Anh K. Huynh <kyanh at theslinux.org> for reporting it.
+ ./configure --prefix=/usr \
+ --sbindir=/usr/bin \
+ --sysconfdir=/etc/fcron \
+ --with-answer-all=no \
+ --with-boot-install=no \
+ --datarootdir=/usr/share \
+ --datadir=/usr/share \
+ --with-docdir=/usr/share/doc \
+ --localstatedir=/var \
+ --with-systemdsystemunitdir=/usr/lib/systemd/system \
+ --with-piddir=/run \
+ --with-editor=/usr/bin/vim \
+ --with-sendmail=/usr/bin/sendmail
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir/" install
+ install -Dm644 files/fcron.pam "$pkgdir/etc/pam.d/fcron"
+ install -Dm644 files/fcrontab.pam "$pkgdir/etc/pam.d/fcrontab"
+
+ # Install a default fcrontab so that fcron can completely replace dcron
+ # We don't use binary format which is incompatible between arch and may cause crash
+ # We regenerate the binary format at each update
+ install -Dm640 "$srcdir/systab.orig" "$pkgdir/var/spool/fcron/systab.orig"
+
+ # Add cron.* directories
+ install -d -m755 "$pkgdir/etc/cron.daily"
+ install -d -m755 "$pkgdir/etc/cron.hourly"
+ install -d -m755 "$pkgdir/etc/cron.monthly"
+ install -d -m755 "$pkgdir/etc/cron.weekly"
+
+ # remove docs
+ rm -r "$pkgdir/usr/share/doc"
+
+ # avoid conflict with filesystem>=2012.06
+ rmdir "$pkgdir"/{var/,}run
+
+ # avoid conflict with libbsd - #31259
+ rm "$pkgdir/usr/share/man/man3/bitstring.3" \
+ "$pkgdir/usr/share/man/fr/man3/bitstring.3"
+ rmdir --ignore-fail-on-non-empty "$pkgdir/usr/share/man/man3" \
+ "$pkgdir/usr/share/man/fr/man3"
+}
+
+# vim:set ts=2 sw=2 et:
Copied: fcron/repos/community-staging-x86_64/fcron.install (from rev 194765, fcron/trunk/fcron.install)
===================================================================
--- community-staging-x86_64/fcron.install (rev 0)
+++ community-staging-x86_64/fcron.install 2016-11-06 20:04:57 UTC (rev 194766)
@@ -0,0 +1,39 @@
+# arg 1: the new package version
+post_install() {
+ # we need a dedicated fcron user
+ getent group fcron >/dev/null || groupadd -g 23 fcron
+ getent passwd fcron >/dev/null || useradd -r -d /var/spool/fcron -u 23 -g 23 fcron
+ # Generate binary format which is incompatible between arch
+ fcrontab -z -u systab &>/dev/null
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ post_install "$1"
+ if (( $(vercmp $2 3.1.2-8) < 0 )); then
+ echo 'Previous versions of fcron allow root priviledge escalation by using'
+ echo 'runas option in crontabs. fcron check rights at crontab compilation.'
+ echo 'Thus, the migration script will recreate the binary crontabs'
+ echo 'for you (with all side effects) and fix the files rights.'
+ # fix invalid etc files
+ for _f in /etc/fcron/fcron.{conf,allow,deny}; do
+ [[ -e $_f ]] || continue
+ chown root:fcron "$_f"
+ chmod 640 "$_f"
+ done
+ # fix invalid spool directory
+ chown fcron:fcron /var/spool/fcron
+ chmod 770 /var/spool/fcron
+ # regen user fcron files
+ cd /var/spool/fcron
+ for _f in *; do
+ if [[ "${_f%.orig}" != "$_f" ]]; then
+ chgrp fcron "$_f"
+ fcrontab -z -u "${_f%.orig}" &>/dev/null
+ fi
+ done
+ fi
+}
+
+# vim:set ts=2 sw=2 et:
Copied: fcron/repos/community-staging-x86_64/systab.orig (from rev 194765, fcron/trunk/systab.orig)
===================================================================
--- community-staging-x86_64/systab.orig (rev 0)
+++ community-staging-x86_64/systab.orig 2016-11-06 20:04:57 UTC (rev 194766)
@@ -0,0 +1,4 @@
+&bootrun 01 * * * * /usr/bin/run-parts /etc/cron.hourly
+&bootrun 02 00 * * * /usr/bin/run-parts /etc/cron.daily
+&bootrun 22 00 * * 0 /usr/bin/run-parts /etc/cron.weekly
+&bootrun 42 00 1 * * /usr/bin/run-parts /etc/cron.monthly
More information about the arch-commits
mailing list