vixie-cron/files/vixie-cron-4.1-pam.patch

--- vixie-cron-3.0.1.orig/Makefile      Thu May 30 19:47:00 2002
+++ vixie-cron-3.0.1/Makefile   Thu May 30 20:54:46 2002
@@ -55,7 +55,7 @@
 INCLUDE                =       -I.
 #INCLUDE       =
 #<<need getopt()>>
-LIBS           =
+LIBS           =       -lpam
 #<<optimize or debug?>>
 OPTIM          =       $(RPM_OPT_FLAGS)
 #OPTIM         =       -g
--- vixie-cron-3.0.1.orig/do_command.c  Thu May 30 19:47:00 2002
+++ vixie-cron-3.0.1/do_command.c       Thu May 30 20:55:50 2002
@@ -25,6 +25,18 @@
 
 #include "cron.h"
 
+#include <security/pam_appl.h>
+static pam_handle_t *pamh = NULL;
+static const struct pam_conv conv = {
+       NULL
+};
+#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
+       fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
+       syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
+       pam_end(pamh, retcode); exit(1); \
+       }
+
+
 static void            child_process(entry *, user *);
 static int             safe_p(const char *, const char *);

@@ -65,6 +77,7 @@
        int stdin_pipe[2], stdout_pipe[2];
        char *input_data, *usernm, *mailto;
        int children = 0;
+       int retcode = 0;
 
        Debug(DPROC, ("[%ld] child_process('%s')\n", (long)getpid(), e->cmd))
 
@@ -134,6 +147,16 @@
                *p = '\0';
        }
 
+ 
+       retcode = pam_start("cron", usernm, &conv, &pamh);
+       PAM_FAIL_CHECK;
+       retcode = pam_acct_mgmt(pamh, PAM_SILENT);
+       PAM_FAIL_CHECK;
+       retcode = pam_open_session(pamh, PAM_SILENT);
+       PAM_FAIL_CHECK;
+       retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT);
+       PAM_FAIL_CHECK;
+
        /* fork again, this time so we can exec the user's command.
         */
        switch (vfork()) {
@@ -507,6 +530,9 @@
                        Debug(DPROC, (", dumped core"))
                Debug(DPROC, ("\n"))
        }
+       pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+       retcode = pam_close_session(pamh, PAM_SILENT);
+       pam_end(pamh, retcode);
 }
 
 static int
1	--- vixie-cron-3.0.1.orig/Makefile Thu May 30 19:47:00 2002
2	+++ vixie-cron-3.0.1/Makefile Thu May 30 20:54:46 2002
3	@@ -55,7 +55,7 @@
4	INCLUDE = -I.
5	#INCLUDE =
6	#<<need getopt()>>
7	-LIBS =
8	+LIBS = -lpam
9	#<<optimize or debug?>>
10	OPTIM = $(RPM_OPT_FLAGS)
11	#OPTIM = -g
12	--- vixie-cron-3.0.1.orig/do_command.c Thu May 30 19:47:00 2002
13	+++ vixie-cron-3.0.1/do_command.c Thu May 30 20:55:50 2002
14	@@ -25,6 +25,18 @@
15
16	#include "cron.h"
17
18	+#include <security/pam_appl.h>
19	+static pam_handle_t *pamh = NULL;
20	+static const struct pam_conv conv = {
21	+ NULL
22	+};
23	+#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
24	+ fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
25	+ syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
26	+ pam_end(pamh, retcode); exit(1); \
27	+ }
28	+
29	+
30	static void child_process(entry , user );
31	static int safe_p(const char , const char );
32
33	@@ -65,6 +77,7 @@
34	int stdin_pipe[2], stdout_pipe[2];
35	char input_data, usernm, *mailto;
36	int children = 0;
37	+ int retcode = 0;
38
39	Debug(DPROC, ("[%ld] child_process('%s')\n", (long)getpid(), e->cmd))
40
41	@@ -134,6 +147,16 @@
42	*p = '\0';
43	}
44
45	+
46	+ retcode = pam_start("cron", usernm, &conv, &pamh);
47	+ PAM_FAIL_CHECK;
48	+ retcode = pam_acct_mgmt(pamh, PAM_SILENT);
49	+ PAM_FAIL_CHECK;
50	+ retcode = pam_open_session(pamh, PAM_SILENT);
51	+ PAM_FAIL_CHECK;
52	+ retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED \| PAM_SILENT);
53	+ PAM_FAIL_CHECK;
54	+
55	/* fork again, this time so we can exec the user's command.
56	*/
57	switch (vfork()) {
58	@@ -507,6 +530,9 @@
59	Debug(DPROC, (", dumped core"))
60	Debug(DPROC, ("\n"))
61	}
62	+ pam_setcred(pamh, PAM_DELETE_CRED \| PAM_SILENT);
63	+ retcode = pam_close_session(pamh, PAM_SILENT);
64	+ pam_end(pamh, retcode);
65	}
66
67	static int
Name	Value
svn:eol-style	native
svn:keywords	Author Date Id Revision