no need to bzip smallish patches

Package-Manager: portage-2.1_pre3-r1

6 files changed, 152 insertions, 22 deletions

diff --git a/sys-process/vixie-cron/ChangeLog b/sys-process/vixie-cron/ChangeLog
index 7c9627b67036..c5133c0488f0 100644
--- a/sys-process/vixie-cron/ChangeLog
+++ b/sys-process/vixie-cron/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-process/vixie-cron
-# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/ChangeLog,v 1.22 2005/12/25 15:39:49 flameeyes Exp $
+# Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/ChangeLog,v 1.23 2006/01/28 18:53:32 blubb Exp $
+
+  28 Jan 2006; Simon Stelling <blubb@gentoo.org>
+  +files/vixie-cron-3.0.1-selinux.diff,
+  -files/vixie-cron-3.0.1-selinux.diff.bz2, vixie-cron-3.0.1-r4.ebuild,
+  vixie-cron-3.0.1-r5.ebuild:
+  no need to bzip smallish patches
 
   25 Dec 2005; Diego Pettenò <flameeyes@gentoo.org>
   vixie-cron-4.1-r8.ebuild:
diff --git a/sys-process/vixie-cron/Manifest b/sys-process/vixie-cron/Manifest
index a9a72050618a..7c7e5bf3a59d 100644
--- a/sys-process/vixie-cron/Manifest
+++ b/sys-process/vixie-cron/Manifest
@@ -1,7 +1,4 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-MD5 89baed66d98a1b113ee0d5430bdcf98f ChangeLog 15806
+MD5 1c62f986ece7d3162649e9c85f82ac26 ChangeLog 16029
 MD5 5eab102dfecfc35810ab8cf50f95d0d3 files/cron.pam.d 123
 MD5 7747bde52c8a9ba3e71df61198339a60 files/crontab 603
 MD5 e4197c958169b19b86804f9a3359370f files/crontab-3.0.1-r4 616
@@ -13,7 +10,7 @@ MD5 97c19ba5204c68115a2648856e685c0c files/digest-vixie-cron-4.1-r8 143
 MD5 83144cbbd67c226a855da47c8a37f083 files/pamd.compatible 123
 MD5 9d66b761d15afae9471d33509b712fe9 files/vixie-cron-3.0.1-close_stdin.diff 810
 MD5 cec7bf697ed66fa43aedb973b2ad5362 files/vixie-cron-3.0.1-pam.patch 1854
-MD5 1915f29deae7e87c569877f1dbbbec67 files/vixie-cron-3.0.1-selinux.diff.bz2 1853
+MD5 512129021ee02ccf5f151dcf23f37a29 files/vixie-cron-3.0.1-selinux.diff 4261
 MD5 2e993fc2910f6f8d1453b3eb2dbe838c files/vixie-cron-4.1-basename.diff 479
 MD5 08c5d571b72d52a2762b2c40639d6946 files/vixie-cron-4.1-commandline.patch 387
 MD5 2d67e6c187ebd062179a892d79466462 files/vixie-cron-4.1-cron.deny 220
@@ -21,14 +18,7 @@ MD5 620b10c2982aed3071acd92d52e76d8e files/vixie-cron-4.1-pam.patch 1714
 MD5 4c35adb745265e3008fe1999d6a18952 files/vixie-cron-4.1-selinux.diff 3557
 MD5 30251a1787c7ca9235041da74ac68dfe files/vixie-cron.rc6 530
 MD5 0fcc78652b11c683f3fe76d614934379 metadata.xml 288
-MD5 da21751a527096452e591d8defac6026 vixie-cron-3.0.1-r4.ebuild 2024
-MD5 af45391149f90c6a9a7fca422e349727 vixie-cron-3.0.1-r5.ebuild 2208
+MD5 34a68d9f10c442cab1897794a969a4c3 vixie-cron-3.0.1-r4.ebuild 2018
+MD5 41a56c03d2caea1f14b307963fe7abb6 vixie-cron-3.0.1-r5.ebuild 2202
 MD5 c90c415fa2ab9ea6ed34a2f6a55b534c vixie-cron-4.1-r7.ebuild 2666
 MD5 b2d4a3a3ca78ca2235ac05faa24a4953 vixie-cron-4.1-r8.ebuild 2679
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.2 (GNU/Linux)
-
-iD8DBQFDrr1RAiZjviIA2XgRAnzEAKDfgFiVT2YjFEakE4UcRkYX2twNngCgwA9n
-W5b2ifPhEg5hH+4crXqpq9k=
-=sn4l
------END PGP SIGNATURE-----
diff --git a/sys-process/vixie-cron/files/vixie-cron-3.0.1-selinux.diff b/sys-process/vixie-cron/files/vixie-cron-3.0.1-selinux.diff
new file mode 100644
index 000000000000..eb8111986bf9
--- /dev/null
+++ b/sys-process/vixie-cron/files/vixie-cron-3.0.1-selinux.diff
@@ -0,0 +1,134 @@
+--- vixie-cron-3.0.1/Makefile.selinux	2003-05-20 14:52:06.000000000 -0400
++++ vixie-cron-3.0.1/Makefile	2003-05-20 14:52:21.000000000 -0400
+@@ -71,7 +71,8 @@ LINTFLAGS	=	-hbxa $(INCLUDE) $(COMPAT) $
+ #<<want to use a nonstandard CC?>>
+ #CC		=	vcc
+ #<<manifest defines>>
+-DEFS		= -s
++DEFS		= -s -DWITH_SELINUX
++LIBS		+= 	-lselinux
+ #(SGI IRIX systems need this)
+ #DEFS		=	-D_BSD_SIGNALS -Dconst=
+ #<<the name of the BSD-like install program>>
+--- vixie-cron-3.0.1/database.c.selinux	2003-05-20 14:52:56.000000000 -0400
++++ vixie-cron-3.0.1/database.c	2003-05-23 13:27:24.898020960 -0400
+@@ -28,6 +28,15 @@ static char rcsid[] = "$Id: database.c,v
+ #include <sys/stat.h>
+ #include <sys/file.h>
+ 
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#include <selinux/flask.h>
++#include <selinux/av_permissions.h>
++#define SYSUSERNAME "system_u"
++#else
++#define SYSUSERNAME "*system*"
++#endif
++
+ 
+ #define TMAX(a,b) ((a)>(b)?(a):(b))
+ 
+@@ -94,7 +103,7 @@ load_database(old_db)
+ 	new_db.head = new_db.tail = NULL;
+ 
+ 	if (syscron_stat.st_mtime) {
+-		process_crontab("root", "*system*",
++		process_crontab("root", SYSUSERNAME,
+ 				SYSCRONTAB, &syscron_stat,
+ 				&new_db, old_db);
+ 	}
+@@ -136,7 +145,7 @@ load_database(old_db)
+ 
+ 		snprintf(tabname, MAXNAMLEN+1, "/etc/cron.d/%s", fname);
+ 
+-		process_crontab("root", "*system*", tabname,
++		process_crontab("root", SYSUSERNAME, tabname,
+ 				&crond_stat, &new_db, old_db);
+ 	}
+ 	closedir(dir);
+@@ -253,7 +262,7 @@ process_crontab(uname, fname, tabname, s
+ 	int		crontab_fd = OK - 1;
+ 	user		*u;
+ 
+-	if (strcmp(fname, "*system*") && !(pw = getpwnam(uname))) {
++	if (strcmp(fname, SYSUSERNAME) && !(pw = getpwnam(uname))) {
+ 		/* file doesn't have a user in passwd file.
+ 		 */
+ 		log_it(fname, getpid(), "ORPHAN", "no passwd entry");
+@@ -297,6 +306,43 @@ process_crontab(uname, fname, tabname, s
+ 		free_user(u);
+ 		log_it(fname, getpid(), "RELOAD", tabname);
+ 	}
++#ifdef WITH_SELINUX
++	if (is_selinux_enabled())	{
++	  security_context_t  file_context=NULL;
++	  security_context_t   user_context=NULL;
++	  struct av_decision avd;
++	  int retval=0;
++
++	  if (fgetfilecon(crontab_fd, &file_context) < OK) {
++	    log_it(fname, getpid(), "getfilecon FAILED", tabname);
++	    goto next_crontab;
++	  }
++
++	  /*
++	   * Since crontab files are not directly executed,
++	   * crond must ensure that the crontab file has
++	   * a context that is appropriate for the context of
++	   * the user cron job.  It performs an entrypoint
++	   * permission check for this purpose.
++	   */
++	  if (get_default_context(fname, NULL, &user_context)) {
++	    log_it(fname, getpid(), "NO CONTEXT", tabname);
++	    freecon(file_context);
++	    goto next_crontab;
++	  }
++	  retval = security_compute_av(user_context,
++				       file_context,
++				       SECCLASS_FILE,
++				       FILE__ENTRYPOINT,
++				       &avd);
++	  freecon(user_context);
++	  freecon(file_context);
++	  if (retval || ((FILE__ENTRYPOINT & avd.allowed) != FILE__ENTRYPOINT)) {
++	    log_it(fname, getpid(), "ENTRYPOINT FAILED", tabname);
++	    goto next_crontab;
++	  }
++	}
++#endif
+ 	u = load_user(crontab_fd, pw, fname);
+ 	if (u != NULL) {
+ 		u->mtime = statbuf->st_mtime;
+--- vixie-cron-3.0.1/do_command.c.selinux	2003-05-20 14:53:12.000000000 -0400
++++ vixie-cron-3.0.1/do_command.c	2003-05-20 14:58:06.000000000 -0400
+@@ -29,6 +29,9 @@ static char rcsid[] = "$Id: do_command.c
+ # include <syslog.h>
+ #endif
+ 
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#endif
+ 
+ static void		child_process __P((entry *, user *)),
+ 			do_univ __P((user *));
+@@ -251,6 +254,20 @@ child_process(e, u)
+ 			 */
+ 			(void) signal(SIGCHLD, SIG_DFL);
+ #endif
++#ifdef WITH_SELINUX
++			if (is_selinux_enabled()) {
++			  security_context_t scontext;
++			  if (get_default_context(u->name, NULL, &scontext)) {
++			    fprintf(stderr, "execle_secure: couldn't get security context for user %s\n", u->name); 
++			    _exit(ERROR_EXIT);
++			  }
++			  if (setexeccon(scontext) < 0) {
++			    fprintf(stderr, "Could not set exec context to %s for user  %s\n", scontext,u->name);
++			    _exit(ERROR_EXIT);
++			  }
++			  freecon(scontext);
++			}
++#endif
+ 			execle(shell, shell, "-c", e->cmd, (char *)0, e->envp);
+ 			fprintf(stderr, "execl: couldn't exec `%s'\n", shell);
+ 			perror("execl");
diff --git a/sys-process/vixie-cron/files/vixie-cron-3.0.1-selinux.diff.bz2 b/sys-process/vixie-cron/files/vixie-cron-3.0.1-selinux.diff.bz2
deleted file mode 100644
index 9fbbcf8d8cd0..000000000000
--- a/sys-process/vixie-cron/files/vixie-cron-3.0.1-selinux.diff.bz2
+++ /dev/null
diff --git a/sys-process/vixie-cron/vixie-cron-3.0.1-r4.ebuild b/sys-process/vixie-cron/vixie-cron-3.0.1-r4.ebuild
index 67b1825e3147..5b50a7e974c6 100644
--- a/sys-process/vixie-cron/vixie-cron-3.0.1-r4.ebuild
+++ b/sys-process/vixie-cron/vixie-cron-3.0.1-r4.ebuild
@@ -1,12 +1,12 @@
-# Copyright 1999-2005 Gentoo Foundation
+# Copyright 1999-2006 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/vixie-cron-3.0.1-r4.ebuild,v 1.1 2005/03/04 23:59:48 ciaranm Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/vixie-cron-3.0.1-r4.ebuild,v 1.2 2006/01/28 18:53:32 blubb Exp $
 
 inherit eutils
 
 IUSE="selinux"
 
-SELINUX_PATCH="${P}-selinux.diff.bz2"
+SELINUX_PATCH="${P}-selinux.diff"
 
 DESCRIPTION="The Vixie cron daemon"
 HOMEPAGE="http://www.vix.com/"
diff --git a/sys-process/vixie-cron/vixie-cron-3.0.1-r5.ebuild b/sys-process/vixie-cron/vixie-cron-3.0.1-r5.ebuild
index 5a905fb2ef0e..b93e78689bb9 100644
--- a/sys-process/vixie-cron/vixie-cron-3.0.1-r5.ebuild
+++ b/sys-process/vixie-cron/vixie-cron-3.0.1-r5.ebuild
@@ -1,12 +1,12 @@
-# Copyright 1999-2005 Gentoo Foundation
+# Copyright 1999-2006 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/vixie-cron-3.0.1-r5.ebuild,v 1.1 2005/03/04 23:59:48 ciaranm Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/vixie-cron-3.0.1-r5.ebuild,v 1.2 2006/01/28 18:53:32 blubb Exp $
 
 inherit eutils
 
 IUSE="selinux pam"
 
-SELINUX_PATCH="${P}-selinux.diff.bz2"
+SELINUX_PATCH="${P}-selinux.diff"
 
 DESCRIPTION="The Vixie cron daemon"
 HOMEPAGE="http://www.vix.com/"