Package: cron
Version: 3.0pl1-137
Followup-For: Bug #887035
X-Debbugs-Cc: Georges Khaznadar <georges.khazna...@orange.fr>
If anybody wants to use Greek's patch (see [1] and [2]) then I'm attaching my
version of it adapted to cron 3.0pl1-137 (the version in Debian bullseye).
It comes in two parts: one is the patch and one is
cron-3.0pl1/debian/patches/log-to-stdout-when-in-foreground to satisfy
the Debian build infrastructure.
Use the patch like this to build a new, patched cron package:
apt-get source cron
sudo apt-get build-dep cron
patch -p0 <
cron-syslog-fix-and-foreground-stdout.for-new-cron.debianized.patch
cp log-to-stdout-when-in-foreground cron-3.0pl1/debian/patches
cd cron-3.0pl1 && dpkg-buildpackage -rfakeroot
*t
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887035#5
[2]
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=887035;filename=cron-syslog-fix-and-foreground-stdout.patch;msg=5
-- Package-specific info:
--- EDITOR:
--- /usr/bin/editor:
/usr/bin/vim.gtk3
--- /usr/bin/crontab:
-rwxr-sr-x 1 root crontab 43568 Feb 22 2021 /usr/bin/crontab
--- /var/spool/cron:
drwxr-xr-x 3 root root 4096 Apr 10 2021 /var/spool/cron
--- /var/spool/cron/crontabs:
drwx-wx--T 2 root crontab 4096 Feb 22 2021 /var/spool/cron/crontabs
--- /etc/cron.d:
drwxr-xr-x 2 root root 4096 Jul 22 15:03 /etc/cron.d
--- /etc/cron.daily:
drwxr-xr-x 2 root root 4096 Jul 11 09:33 /etc/cron.daily
--- /etc/cron.hourly:
drwxr-xr-x 2 root root 4096 Apr 10 2021 /etc/cron.hourly
--- /etc/cron.monthly:
drwxr-xr-x 2 root root 4096 Apr 10 2021 /etc/cron.monthly
--- /etc/cron.weekly:
drwxr-xr-x 2 root root 4096 Apr 10 2021 /etc/cron.weekly
-- System Information:
Debian Release: 11.4
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/8 CPU threads)
Locale: LANG=de_CH.UTF-8, LC_CTYPE=de_CH.UTF-8 (charmap=UTF-8),
LANGUAGE=de_CH:de
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages cron depends on:
ii adduser 3.118
ii debianutils 4.11.2
ii init-system-helpers 1.60
ii libc6 2.31-13+deb11u3
ii libpam-runtime 1.4.0-9+deb11u1
ii libpam0g 1.4.0-9+deb11u1
ii libselinux1 3.1-3
ii lsb-base 11.1.0
ii sensible-utils 0.0.14
Versions of packages cron recommends:
ii msmtp-mta [mail-transport-agent] 1.8.11-2.1
Versions of packages cron suggests:
ii anacron 2.3-30
pn checksecurity <none>
ii logrotate 3.18.0-2+deb11u1
Versions of packages cron is related to:
pn libnss-ldap <none>
pn libnss-ldapd <none>
pn libpam-ldap <none>
pn libpam-mount <none>
pn nis <none>
pn nscd <none>
-- no debconf information
diff -u -r orig/cron-3.0pl1/cron.c cron-3.0pl1/cron.c
--- orig/cron-3.0pl1/cron.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/cron.c 2022-07-19 14:24:39.000000000 +0200
@@ -122,12 +122,12 @@
} else if (!stay_foreground) {
switch (fork()) {
case -1:
- log_it("CRON",getpid(),"DEATH","can't fork");
+ log_it(LOG_ERR, "CRON",getpid(),"DEATH","can't fork");
exit(0);
break;
case 0:
/* child process */
- log_it("CRON",getpid(),"STARTUP","fork ok");
+ log_it(LOG_INFO, "CRON",getpid(),"STARTUP","fork ok");
(void) setsid();
freopen("/dev/null", "r", stdin);
freopen("/dev/null", "w", stdout);
@@ -281,18 +281,18 @@
/* Run on actual reboot, rather than cron restart */
if (access(REBOOT_FILE, F_OK) == 0) {
/* File exists, return */
- log_it("CRON", getpid(),"INFO",
+ log_it(LOG_INFO, "CRON", getpid(),"INFO",
"Skipping @reboot jobs -- not system startup");
return;
}
/* Create the file */
if ((rbfd = creat(REBOOT_FILE, S_IRUSR & S_IWUSR)) < 0) {
/* Bad news, bail out */
- log_it("CRON",getpid(),"DEATH","Can't create reboot check
file");
+ log_it(LOG_ERR, "CRON",getpid(),"DEATH","Can't create reboot
check file");
exit(0);
} else {
close(rbfd);
- log_it("CRON", getpid(),"INFO", "Running @reboot jobs");
+ log_it(LOG_INFO, "CRON", getpid(),"INFO", "Running @reboot
jobs");
}
Debug(DMISC, ("[%d], running reboot jobs\n", getpid()));
for (u = db->head; u != NULL; u = u->next) {
diff -u -r orig/cron-3.0pl1/cron.h cron-3.0pl1/cron.h
--- orig/cron-3.0pl1/cron.h 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/cron.h 2022-07-19 14:24:39.000000000 +0200
@@ -144,6 +144,20 @@
#define CRON_LOG_JOBFAILED 0x04
#define CRON_LOG_JOBPID 0x08
+/* Log priorities */
+#if !defined(SYSLOG)
+#define LOG_EMERG 0
+#define LOG_ALERT 1
+#define LOG_CRIT 2
+#define LOG_ERR 3
+#define LOG_WARNING 4
+#define LOG_NOTICE 5
+#define LOG_INFO 6
+#define LOG_DEBUG 7
+#else
+#include <syslog.h>
+#endif
+
#define SECONDS_PER_MINUTE 60
#define FIRST_MINUTE 0
@@ -238,7 +252,7 @@
free_entry __P((entry *)),
acquire_daemonlock __P((int)),
skip_comments __P((FILE *)),
- log_it __P((char *, int, char *, char *)),
+ log_it __P((int, char *, int, char *, char *)),
log_close __P((void)),
check_orphans __P((cron_db *));
diff -u -r orig/cron-3.0pl1/crontab.c cron-3.0pl1/crontab.c
--- orig/cron-3.0pl1/crontab.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/crontab.c 2022-07-19 14:24:39.000000000 +0200
@@ -119,7 +119,7 @@
"You (%s) are not allowed to use this program
(%s)\n",
User, ProgramName);
fprintf(stderr, "See crontab(1) for more
information\n");
- log_it(RealUser, Pid, "AUTH", "crontab command not
allowed");
+ log_it(LOG_NOTICE, RealUser, Pid, "AUTH", "crontab
command not allowed");
} else {
/* If the user is not allowed but root is running the
* program warn but do not log */
@@ -301,7 +301,7 @@
int x;
char *ctnh;
- log_it(RealUser, Pid, "LIST", User);
+ log_it(LOG_INFO, RealUser, Pid, "LIST", User);
(void) snprintf(n, MAX_FNAME, CRON_TAB(User));
if (!(f = fopen(n, "r"))) {
if (errno == ENOENT)
@@ -383,7 +383,7 @@
}
}
- log_it(RealUser, Pid, "DELETE", User);
+ log_it(LOG_INFO, RealUser, Pid, "DELETE", User);
if (unlink(n)) {
if (errno == ENOENT)
fprintf(stderr, "no crontab for %s\n", User);
@@ -551,7 +551,7 @@
mode_t um;
int add_help_text = 0;
- log_it(RealUser, Pid, "BEGIN EDIT", User);
+ log_it(LOG_INFO, RealUser, Pid, "BEGIN EDIT", User);
(void) snprintf(n, MAX_FNAME, CRON_TAB(User));
if (!(f = fopen(n, "r"))) {
if (errno != ENOENT) {
@@ -779,7 +779,7 @@
remove:
cleanup_tmp_crontab();
done:
- log_it(RealUser, Pid, "END EDIT", User);
+ log_it(LOG_INFO, RealUser, Pid, "END EDIT", User);
return;
fatal:
cleanup_tmp_crontab();
@@ -941,7 +941,7 @@
unlink(tn);
return (-2);
}
- log_it(RealUser, Pid, "REPLACE", User);
+ log_it(LOG_INFO, RealUser, Pid, "REPLACE", User);
poke_daemon();
diff -u -r orig/cron-3.0pl1/database.c cron-3.0pl1/database.c
--- orig/cron-3.0pl1/database.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/database.c 2022-07-19 14:24:39.000000000 +0200
@@ -78,14 +78,14 @@
* cached any of the database), we'll see the changes next time.
*/
if (stat(SPOOL_DIR, &statbuf) < OK) {
- log_it("CRON", getpid(), "STAT FAILED", SPOOL_DIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "STAT FAILED", SPOOL_DIR);
statbuf.st_mtime = 0;
}
/* track system crontab file
*/
if (stat(SYSCRONTAB, &syscron_stat) < OK) {
- log_it("CRON", getpid(), "STAT FAILED", SYSCRONTAB);
+ log_it(LOG_WARNING, "CRON", getpid(), "STAT FAILED",
SYSCRONTAB);
syscron_stat.st_mtime = 0;
}
@@ -94,7 +94,7 @@
* file check won't
*/
if (stat(SYSCRONDIR, &syscrond_stat) < OK) {
- log_it("CRON", getpid(), "STAT FAILED", SYSCRONDIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "STAT FAILED",
SYSCRONDIR);
syscrond_stat.st_mtime = 0;
}
@@ -168,7 +168,7 @@
/* Read all the package crontabs. */
if (!(dir = opendir(SYSCRONDIR))) {
- log_it("CRON", getpid(), "OPENDIR FAILED", SYSCRONDIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "OPENDIR FAILED",
SYSCRONDIR);
}
while (dir != NULL && NULL != (dp = readdir(dir))) {
@@ -209,7 +209,7 @@
* we fork a lot more often than the mtime of the dir changes.
*/
if (!(dir = opendir(SPOOL_DIR))) {
- log_it("CRON", getpid(), "OPENDIR FAILED", SPOOL_DIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "OPENDIR FAILED",
SPOOL_DIR);
}
while (dir != NULL && NULL != (dp = readdir(dir))) {
@@ -323,7 +323,7 @@
*/
if (strncmp(fname, "tmp.", 4)) {
/* don't log these temporary files */
- log_it(fname, getpid(), "ORPHAN", "no passwd entry");
+ log_it(LOG_NOTICE, fname, getpid(), "ORPHAN", "no
passwd entry");
add_orphan(uname, fname, tabname);
}
goto next_crontab;
@@ -334,39 +334,39 @@
if ((crontab_fd = open(tabname, O_RDONLY|O_NOFOLLOW, 0)) < OK) {
/* crontab not accessible?
*/
- log_it(fname, getpid(), "CAN'T OPEN", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "CAN'T OPEN",
tabname);
goto next_crontab;
}
if (fstat(crontab_fd, statbuf) < OK) {
- log_it(fname, getpid(), "FSTAT FAILED", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "FSTAT FAILED",
tabname);
goto next_crontab;
}
/* Check to make sure that the crontab is owned by the correct
user
(or root) */
if (statbuf->st_uid != pw->pw_uid && statbuf->st_uid !=
ROOT_UID) {
- log_it(fname, getpid(), "WRONG FILE OWNER", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "WRONG FILE OWNER",
tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
/* Check to make sure that the crontab is a regular file */
if (!S_ISREG(statbuf->st_mode)) {
- log_it(fname, getpid(), "NOT A REGULAR FILE", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "NOT A REGULAR
FILE", tabname);
goto next_crontab;
}
/* Check to make sure that the crontab's permissions are secure
*/
if ((statbuf->st_mode & 07777) != 0600) {
- log_it(fname, getpid(), "INSECURE MODE (mode 0600
expected)", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "INSECURE MODE
(mode 0600 expected)", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
/* Check to make sure that there are no hardlinks to the
crontab */
if (statbuf->st_nlink != 1) {
- log_it(fname, getpid(), "NUMBER OF HARD LINKS > 1",
tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "NUMBER OF HARD
LINKS > 1", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -374,11 +374,11 @@
/* System crontab path. These can be symlinks, but the
symlink and the target must be owned by root. */
if (lstat(tabname, statbuf) < OK) {
- log_it(fname, getpid(), "LSTAT FAILED", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "LSTAT FAILED",
tabname);
goto next_crontab;
}
if (S_ISLNK(statbuf->st_mode) && statbuf->st_uid != ROOT_UID) {
- log_it(fname, getpid(), "WRONG SYMLINK OWNER", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "WRONG SYMLINK
OWNER", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -392,29 +392,29 @@
* skip it instead.
*/
if (S_ISLNK(statbuf->st_mode)) {
- log_it(fname, getpid(), "CAN'T OPEN SYMLINK",
tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "CAN'T OPEN
SYMLINK", tabname);
force_rescan_user(old_db, new_db, fname, 0);
} else {
- log_it(fname, getpid(), "CAN'T OPEN", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "CAN'T
OPEN", tabname);
}
goto next_crontab;
}
if (fstat(crontab_fd, statbuf) < OK) {
- log_it(fname, getpid(), "FSTAT FAILED", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "FSTAT FAILED",
tabname);
goto next_crontab;
}
/* Check to make sure that the crontab is owned by root */
if (statbuf->st_uid != ROOT_UID) {
- log_it(fname, getpid(), "WRONG FILE OWNER", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "WRONG FILE OWNER",
tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
/* Check to make sure that the crontab is a regular file */
if (!S_ISREG(statbuf->st_mode)) {
- log_it(fname, getpid(), "NOT A REGULAR FILE", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "NOT A REGULAR
FILE", tabname);
goto next_crontab;
}
@@ -423,7 +423,7 @@
* (mode 0600). An upgrade path could be implemented for 4.1
*/
if ((statbuf->st_mode & S_IWGRP) || (statbuf->st_mode &
S_IWOTH)) {
- log_it(fname, getpid(), "INSECURE MODE (group/other
writable)", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "INSECURE MODE
(group/other writable)", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -436,7 +436,7 @@
/* Check to make sure that there are no hardlinks to the
crontab */
if (statbuf->st_nlink != 1) {
- log_it(fname, getpid(), "NUMBER OF HARD LINKS > 1",
tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "NUMBER OF HARD
LINKS > 1", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -473,7 +473,7 @@
Debug(DLOAD, (" [delete old data]"))
unlink_user(old_db, u);
free_user(u);
- log_it(fname, getpid(), "RELOAD", tabname);
+ log_it(LOG_INFO, fname, getpid(), "RELOAD", tabname);
}
u = load_user(crontab_fd, pw, uname, fname, tabname);
@@ -521,7 +521,7 @@
|| regcomp(&tradre, "^[a-z0-9][a-z0-9-]*$", REG_NOSUB)
|| regcomp(&classicalre, "^[a-zA-Z0-9_-]+$",
REG_EXTENDED | REG_NOSUB)) {
- log_it("CRON", getpid(), "REGEX FAILED", "valid_name");
+ log_it(LOG_NOTICE, "CRON", getpid(), "REGEX FAILED", "valid_name");
(void) exit(ERROR_EXIT);
}
}
diff -u -r orig/cron-3.0pl1/debian/changelog cron-3.0pl1/debian/changelog
--- orig/cron-3.0pl1/debian/changelog 2021-02-22 23:43:24.000000000 +0100
+++ cron-3.0pl1/debian/changelog 2022-07-19 12:37:40.866659216 +0200
@@ -1,3 +1,14 @@
+cron (3.0pl1-137+deb8u1.1) unstable; urgency=medium
+
+ [ Greek - greek64.m...@gmail.com ]
+ * log to STDOUT when running in foreground
+
+ [ Tomáš Pospíšek ]
+ * Non-maintainer upload.
+ * adapt Greek's patch to newer Debian cron
+
+ -- Tomáš Pospíšek <tpo_...@sourcepole.ch> Tue, 19 Jul 2022 12:35:17 +0200
+
cron (3.0pl1-137) unstable; urgency=medium
[ Laurent Combe ]
diff -u -r orig/cron-3.0pl1/debian/patches/series
cron-3.0pl1/debian/patches/series
--- orig/cron-3.0pl1/debian/patches/series 2021-02-22 23:43:24.000000000
+0100
+++ cron-3.0pl1/debian/patches/series 2022-07-19 14:24:39.013731786 +0200
@@ -68,3 +68,4 @@
features/Check-orphaned-crontabs-for-adoption.patch
features/Add-option-to-include-FQDN-in-email.patch
features/Add-MAILFROM-environment-variable.patch
+log-to-stdout-when-in-foreground
diff -u -r orig/cron-3.0pl1/do_command.c cron-3.0pl1/do_command.c
--- orig/cron-3.0pl1/do_command.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/do_command.c 2022-07-19 14:24:39.000000000 +0200
@@ -72,7 +72,11 @@
while ((cronvar = cronenv[count++])) {
if (!(jobenv = env_set(jobenv, cronvar))) {
- syslog(LOG_ERR, "Setting Cron environment variable %s
failed", cronvar);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Setting Cron environment variable %s failed\n",
+ cronvar);
+ log_it(LOG_ERR, "CRON", getpid(), "CRON ENVIROMENT
FAIL", buf);
return NULL;
}
}
@@ -97,7 +102,7 @@
*/
switch (fork()) {
case -1:
- log_it("CRON",getpid(),"error","can't fork");
+ log_it(LOG_ERR, "CRON",getpid(),"error","can't fork");
break;
case 0:
/* child process */
@@ -175,7 +180,7 @@
pipe(stdin_pipe); /* child's stdin */
/* child's stdout */
if ((tmpout = tmpfile()) == NULL) {
- log_it("CRON", getpid(), "error", "create tmpfile");
+ log_it(LOG_ERR, "CRON", getpid(), "error", "create tmpfile");
exit(ERROR_EXIT);
}
@@ -233,7 +238,7 @@
*/
switch (job_pid = fork()) {
case -1:
- log_it("CRON",getpid(),"error","can't fork");
+ log_it(LOG_ERR, "CRON",getpid(),"error","can't fork");
exit(ERROR_EXIT);
/*NOTREACHED*/
case 0:
@@ -247,7 +252,7 @@
*/
if ((log_level & CRON_LOG_JOBSTART) && ! (log_level &
CRON_LOG_JOBPID)) {
char *x = mkprints((u_char *)e->cmd, strlen(e->cmd));
- log_it(usernm, getpid(), "CMD", x);
+ log_it(LOG_INFO, usernm, getpid(), "CMD", x);
free(x);
}
/* nothing to log from now on. close the log files.
@@ -292,7 +297,7 @@
char msg[256];
snprintf(msg, 256, "do_command:setgid(%lu) failed: %s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# if defined(BSD) || defined(POSIX)
@@ -300,7 +305,7 @@
char msg[256];
snprintf(msg, 256, "do_command:initgroups(%lu) failed:
%s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# endif
@@ -308,7 +313,7 @@
char msg[256];
snprintf(msg, 256, "do_command:setuid(%lu) failed: %s",
(unsigned long) e->uid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
chdir(env_get("HOME", e->envp));
@@ -359,7 +364,7 @@
char logcmd[MAX_COMMAND + 8];
snprintf(logcmd, sizeof(logcmd), "[%d] %s", (int)
job_pid, e->cmd);
char *x = mkprints((u_char *)logcmd, strlen(logcmd));
- log_it(usernm, getpid(), "CMD", x);
+ log_it(LOG_INFO, usernm, getpid(), "CMD", x);
free(x);
}
break;
@@ -468,13 +473,13 @@
status = waiter;
snprintf(msg, 256, "grandchild #%d failed with
exit "
"status %d", pid, WEXITSTATUS(waiter));
- log_it("CRON", getpid(), "error", msg);
+ log_it(LOG_ERR, "CRON", getpid(), "error", msg);
} else if (WIFSIGNALED(waiter)) {
status = waiter;
snprintf(msg, 256, "grandchild #%d terminated
by signal"
" %d%s", pid, WTERMSIG(waiter),
WCOREDUMP(waiter) ? ", dumped core" :
"");
- log_it("CRON", getpid(), "error", msg);
+ log_it(LOG_ERR, "CRON", getpid(), "error", msg);
}
}
}
@@ -511,7 +516,7 @@
if (stat(MAILCMD, &mcsb) != 0) {
Debug(DPROC|DEXT, ("%s not found, not sending mail\n", MAILCMD))
if (pos > 0) {
- log_it("CRON", getpid(), "info", "No MTA installed,
discarding output");
+ log_it(LOG_WARNING, "CRON", getpid(), "info", "No MTA
installed, discarding output");
}
goto mail_finished;
} else {
@@ -619,11 +624,11 @@
"mailed %d byte%s of output "
"but got status 0x%04x from MTA\n",
bytes, (bytes==1)?"":"s", status);
- log_it(usernm, getpid(), "MAIL", buf);
+ log_it(LOG_INFO, usernm, getpid(), "MAIL", buf);
}
if (ferror(tmpout)) {
- log_it(usernm, getpid(), "MAIL", "stream error reading output");
+ log_it(LOG_NOTICE, usernm, getpid(), "MAIL", "stream error
reading output");
}
mail_finished:
@@ -638,7 +643,7 @@
} else {
x = mkprints((u_char *)e->cmd, strlen(e->cmd));
}
- log_it(usernm, job_pid, "END", x);
+ log_it(LOG_INFO, usernm, job_pid, "END", x);
free(x);
}
@@ -696,7 +701,7 @@
if (isascii(ch) && isprint(ch) &&
(isalnum(ch) || (!first && strchr(safe_delim, ch))))
continue;
- log_it(usernm, getpid(), "UNSAFE MAIL", s);
+ log_it(LOG_WARNING, usernm, getpid(), "UNSAFE MAIL", s);
return (FALSE);
}
return (TRUE);
diff -u -r orig/cron-3.0pl1/entry.c cron-3.0pl1/entry.c
--- orig/cron-3.0pl1/entry.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/entry.c 2022-07-19 14:24:39.000000000 +0200
@@ -109,7 +109,7 @@
e = (entry *) calloc(sizeof(entry), sizeof(char));
if (e == NULL) {
- log_it("CRON", getpid(), "OOM", "Out of memory parsing
crontab");
+ log_it(LOG_ERR, "CRON", getpid(), "OOM", "Out of memory parsing
crontab");
return NULL;
}
diff -u -r orig/cron-3.0pl1/misc.c cron-3.0pl1/misc.c
--- orig/cron-3.0pl1/misc.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/misc.c 2022-07-19 14:24:39.000000000 +0200
@@ -303,7 +303,7 @@
snprintf(buf, MAX_TEMPSTR, "can't open or create %s:
%s",
pidfile, strerror(errno));
fprintf(stderr, "%s: %s\n", ProgramName, buf);
- log_it("CRON", getpid(), "DEATH", buf);
+ log_it(LOG_ERR, "CRON", getpid(), "DEATH", buf);
exit(ERROR_EXIT);
}
@@ -314,11 +314,11 @@
snprintf(buf, MAX_TEMPSTR, "can't lock %s, otherpid may
be %d: %s",
pidfile, otherpid, strerror(save_errno));
fprintf(stderr, "%s: %s\n", ProgramName, buf);
- log_it("CRON", getpid(), "DEATH", buf);
+ log_it(LOG_ERR, "CRON", getpid(), "DEATH", buf);
exit(ERROR_EXIT);
}
snprintf(buf, MAX_TEMPSTR, "pidfile fd = %d", fd);
- log_it("CRON", getpid(), "INFO", buf);
+ log_it(LOG_INFO, "CRON", getpid(), "INFO", buf);
(void) fcntl(fd, F_SETFD, 1);
}
@@ -523,7 +523,8 @@
void
-log_it(username, xpid, event, detail)
+log_it(priority, username, xpid, event, detail)
+ int priority;
char *username;
int xpid;
char *event;
@@ -531,6 +532,39 @@
{
PID_T pid = xpid;
#if defined(LOG_FILE)
+
+ /* Logging priority parsing */
+ char *prio;
+ switch(priority){
+ case LOG_EMERG:
+ prio = "EMERGENCY: ";
+ break;
+ case LOG_ALERT:
+ prio = "ALERT: ";
+ break;
+ case LOG_CRIT:
+ prio = "CRITICAL: ";
+ break;
+ case LOG_ERR:
+ prio = "ERROR: ";
+ break;
+ case LOG_WARNING:
+ prio = "WARNING: ";
+ break;
+ case LOG_NOTICE:
+ prio = "NOTICE: ";
+ break;
+ case LOG_INFO:
+ prio = "INFO: ";
+ break;
+ case LOG_DEBUG:
+ prio = "DEBUG: ";
+ break;
+ default:
+ prio = "INFO: ";
+ break;
+ }
+
char *msg;
TIME_T now = time((TIME_T) 0);
register struct tm *t = localtime(&now);
@@ -540,7 +574,7 @@
#if defined(LOG_FILE)
/* we assume that MAX_TEMPSTR will hold the date, time, &punctuation.
*/
- msg_size = strlen(username) + strlen(event) + strlen(detail) +
MAX_TEMPSTR;
+ msg_size = strlen(prio) + strlen(username) + strlen(event) +
strlen(detail) + MAX_TEMPSTR;
msg = malloc(msg_size);
if (msg == NULL) {
/* damn, out of mem and we did not test that before... */
@@ -562,8 +596,8 @@
* everything out in one chunk and this has to be atomically appended
* to the log file.
*/
- snprintf(msg, msg_size, "%s (%02d/%02d-%02d:%02d:%02d-%d) %s (%s)\n",
- username,
+ snprintf(msg, msg_size, "%s%s (%02d/%02d-%02d:%02d:%02d-%d) %s (%s)\n",
+ prio, username,
t->tm_mon+1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec, pid,
event, detail);
@@ -586,13 +620,13 @@
openlog(ProgramName, LOG_PID);
# endif
- syslog(LOG_INFO, "(%s) %s (%s)", username, event, detail);
+ syslog(priority, "(%s) %s (%s)", username, event, detail);
#endif /*SYSLOG*/
#if DEBUGGING
if (DebugFlags) {
- fprintf(stderr, "log_it: (%s %d) %s (%s)\n",
+ fprintf(stderr, "log_it: priority %d (%s %d) %s (%s)\n",
username, xpid, event, detail);
}
#endif
diff -u -r orig/cron-3.0pl1/.pc/applied-patches cron-3.0pl1/.pc/applied-patches
--- orig/cron-3.0pl1/.pc/applied-patches 2022-07-19 12:18:36.185796305
+0200
+++ cron-3.0pl1/.pc/applied-patches 2022-07-19 14:24:39.029731419 +0200
@@ -68,3 +68,4 @@
features/Check-orphaned-crontabs-for-adoption.patch
features/Add-option-to-include-FQDN-in-email.patch
features/Add-MAILFROM-environment-variable.patch
+log-to-stdout-when-in-foreground
diff -u -r orig/cron-3.0pl1/popen.c cron-3.0pl1/popen.c
--- orig/cron-3.0pl1/popen.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/popen.c 2022-07-19 14:24:39.000000000 +0200
@@ -128,7 +128,7 @@
char msg[256];
snprintf(msg, 256, "popen:setgid(%lu) failed: %s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# if defined(BSD) || defined(POSIX)
@@ -136,7 +136,7 @@
char msg[256];
snprintf(msg, 256, "popen:initgroups(%lu) failed: %s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# endif
@@ -144,7 +144,7 @@
char msg[256];
snprintf(msg, 256, "popen: setuid(%lu) failed: %s",
(unsigned long) e->uid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
chdir(env_get("HOME", e->envp));
diff -u -r orig/cron-3.0pl1/user.c cron-3.0pl1/user.c
--- orig/cron-3.0pl1/user.c 2022-07-19 12:18:36.000000000 +0200
+++ cron-3.0pl1/user.c 2022-07-19 14:24:39.000000000 +0200
@@ -23,7 +23,9 @@
*/
+#if defined(SYSLOG)
#include <syslog.h>
+#endif
#include <string.h>
#include "cron.h"
@@ -46,20 +48,20 @@
int i;
if (getcon(¤t_con)) {
- log_it(name, getpid(), "Can't get current context", tabname);
+ log_it(LOG_ERR, name, getpid(), "Can't get current context",
tabname);
return -1;
}
if (name != NULL) {
if (getseuserbyname(name, &seuser, &level)) {
- log_it(name, getpid(), "getseuserbyname FAILED",
tabname);
+ log_it(LOG_ERR, name, getpid(), "getseuserbyname
FAILED", tabname);
freecon(current_con);
return (security_getenforce() > 0);
}
} else {
context_t temp_con = context_new(current_con);
if (temp_con == NULL) {
- log_it(name, getpid(), "context_new FAILED", tabname);
+ log_it(LOG_ERR, name, getpid(), "context_new FAILED",
tabname);
freecon(current_con);
return (security_getenforce() > 0);
}
@@ -74,10 +76,10 @@
free(level);
if (list_count == -1) {
if (security_getenforce() > 0) {
- log_it(name, getpid(), "No SELinux security context",
tabname);
+ log_it(LOG_ERR, name, getpid(), "No SELinux security
context", tabname);
return -1;
} else {
- log_it(name, getpid(),
+ log_it(LOG_NOTICE, name, getpid(),
"No security context but SELinux in permissive
mode,"
" continuing", tabname);
return 0;
@@ -86,11 +88,11 @@
if (fgetfilecon(crontab_fd, &file_context) < OK) {
if (security_getenforce() > 0) {
- log_it(name, getpid(), "getfilecon FAILED", tabname);
+ log_it(LOG_ERR, name, getpid(), "getfilecon FAILED",
tabname);
freeconary(context_list);
return -1;
} else {
- log_it(name, getpid(), "getfilecon FAILED but SELinux
in "
+ log_it(LOG_NOTICE, name, getpid(), "getfilecon FAILED
but SELinux in "
"permissive mode, continuing", tabname);
*rcontext = strdup(context_list[0]);
freeconary(context_list);
@@ -108,7 +110,7 @@
security_class_t tclass = string_to_security_class("file");
if (!tclass) {
- log_it(name, getpid(), "Failed to translate security class
file", tabname);
+ log_it(LOG_ERR, name, getpid(), "Failed to translate security
class file", tabname);
freeconary(context_list);
if (security_deny_unknown() == 0) {
return 0;
@@ -119,7 +121,7 @@
access_vector_t bit = string_to_av_perm(tclass, "entrypoint");
if (!bit) {
- log_it(name, getpid(), "Failed to translate av perm
entrypoint", tabname);
+ log_it(LOG_ERR, name, getpid(), "Failed to translate av perm
entrypoint", tabname);
freeconary(context_list);
if (security_deny_unknown() == 0) {
return 0;
@@ -143,11 +145,11 @@
}
freecon(file_context);
if (security_getenforce() > 0) {
- log_it(name, getpid(), "ENTRYPOINT FAILED", tabname);
+ log_it(LOG_ERR, name, getpid(), "ENTRYPOINT FAILED", tabname);
freeconary(context_list);
return -1;
} else {
- log_it(name, getpid(), "ENTRYPOINT FAILED but SELinux in
permissive mode, continuing", tabname);
+ log_it(LOG_NOTICE, name, getpid(), "ENTRYPOINT FAILED but
SELinux in permissive mode, continuing", tabname);
*rcontext = strdup(context_list[0]);
freeconary(context_list);
}
@@ -168,14 +170,25 @@
const char *fn;
/* Figure out the file name from the username */
if (0 == strcmp(err_user, "*system*")) {
- syslog(LOG_ERR|LOG_CRON, "Error: %s; while reading %s", msg,
SYSCRONTAB);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Error: %s; while reading %s",
+ msg, SYSCRONTAB);
+ log_it(LOG_ERR, err_user, getpid(), "ERROR", buf);
} else if (0 == strncmp(err_user,"*system*",8)) {
fn = err_user+8;
- syslog(LOG_ERR|LOG_CRON, "Error: %s; while reading %s/%s", msg,
- SYSCRONDIR,fn);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Error: %s; while reading %s/%s",
+ msg, SYSCRONDIR, fn);
+ log_it(LOG_ERR, err_user, getpid(), "ERROR", buf);
+
} else {
- syslog(LOG_ERR|LOG_CRON, "Error: %s; while reading crontab for
user %s",
- msg, err_user);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Error: %s; while reading crontab for user %s",
+ msg, err_user);
+ log_it(LOG_ERR, err_user, getpid(), "ERROR", buf);
}
}
@@ -274,7 +287,7 @@
* newline, so we bail out
*/
if (envstr[0] != '\0') {
- log_it(u->name, getpid(), "ERROR", "Missing "
+ log_it(LOG_WARNING, u->name, getpid(), "ERROR",
"Missing "
"newline before EOF, this crontab file will be "
"ignored");
free_user(u);
@@ -290,7 +303,7 @@
u->crontab = e;
} else {
/* stop processing on syntax error */
- log_it(u->name, getpid(), "ERROR", "Syntax "
+ log_it(LOG_WARNING, u->name, getpid(), "ERROR",
"Syntax "
"error, this crontab file will be "
"ignored");
free_user(u);
@@ -314,7 +327,7 @@
} while (status >= OK && LineNumber < MAX_TAB_LINES + NHEADER_LINES +
2);
if (LineNumber >= MAX_TAB_LINES + NHEADER_LINES + 2) {
- log_it(fname, getpid(), "ERROR", "crontab must not be longer "
+ log_it(LOG_WARNING, fname, getpid(), "ERROR", "crontab must not
be longer "
"than " Stringify(MAX_TAB_LINES) " lines, "
"this crontab file will be ignored");
free_user(u);
Description: <short summary of the patch>
cron (3.0pl1-137+deb8u1.1) unstable; urgency=medium
.
[ Greek - greek64.m...@gmail.com ]
* log to STDOUT when running in foreground
.
[ Tomáš Pospíšek ]
* Non-maintainer upload.
* adapt Greek's patch to newer Debian cron
Author: Tomáš Pospíšek <tpo_...@sourcepole.ch>
---
The information above should follow the Patch Tagging Guidelines, please
checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
are templates for supplementary fields that you might want to add:
Origin: other,
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=887035;filename=cron-syslog-fix-and-foreground-stdout.patch;msg=5
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887035
Reviewed-By: Tomáš Pospíšek <tpo_...@sourcepole.ch>
Last-Update: 2022-07-19
--- cron-3.0pl1.orig/cron.c
+++ cron-3.0pl1/cron.c
@@ -122,12 +122,12 @@ main(argc, argv)
} else if (!stay_foreground) {
switch (fork()) {
case -1:
- log_it("CRON",getpid(),"DEATH","can't fork");
+ log_it(LOG_ERR, "CRON",getpid(),"DEATH","can't fork");
exit(0);
break;
case 0:
/* child process */
- log_it("CRON",getpid(),"STARTUP","fork ok");
+ log_it(LOG_INFO, "CRON",getpid(),"STARTUP","fork ok");
(void) setsid();
freopen("/dev/null", "r", stdin);
freopen("/dev/null", "w", stdout);
@@ -281,18 +281,18 @@ run_reboot_jobs(db)
/* Run on actual reboot, rather than cron restart */
if (access(REBOOT_FILE, F_OK) == 0) {
/* File exists, return */
- log_it("CRON", getpid(),"INFO",
+ log_it(LOG_INFO, "CRON", getpid(),"INFO",
"Skipping @reboot jobs -- not system startup");
return;
}
/* Create the file */
if ((rbfd = creat(REBOOT_FILE, S_IRUSR & S_IWUSR)) < 0) {
/* Bad news, bail out */
- log_it("CRON",getpid(),"DEATH","Can't create reboot check
file");
+ log_it(LOG_ERR, "CRON",getpid(),"DEATH","Can't create reboot
check file");
exit(0);
} else {
close(rbfd);
- log_it("CRON", getpid(),"INFO", "Running @reboot jobs");
+ log_it(LOG_INFO, "CRON", getpid(),"INFO", "Running @reboot
jobs");
}
Debug(DMISC, ("[%d], running reboot jobs\n", getpid()));
for (u = db->head; u != NULL; u = u->next) {
--- cron-3.0pl1.orig/cron.h
+++ cron-3.0pl1/cron.h
@@ -144,6 +144,20 @@ typedef int time_min;
#define CRON_LOG_JOBFAILED 0x04
#define CRON_LOG_JOBPID 0x08
+/* Log priorities */
+#if !defined(SYSLOG)
+#define LOG_EMERG 0
+#define LOG_ALERT 1
+#define LOG_CRIT 2
+#define LOG_ERR 3
+#define LOG_WARNING 4
+#define LOG_NOTICE 5
+#define LOG_INFO 6
+#define LOG_DEBUG 7
+#else
+#include <syslog.h>
+#endif
+
#define SECONDS_PER_MINUTE 60
#define FIRST_MINUTE 0
@@ -238,7 +252,7 @@ void set_cron_uid __P((void)),
free_entry __P((entry *)),
acquire_daemonlock __P((int)),
skip_comments __P((FILE *)),
- log_it __P((char *, int, char *, char *)),
+ log_it __P((int, char *, int, char *, char *)),
log_close __P((void)),
check_orphans __P((cron_db *));
--- cron-3.0pl1.orig/crontab.c
+++ cron-3.0pl1/crontab.c
@@ -119,7 +119,7 @@ main(argc, argv)
"You (%s) are not allowed to use this program
(%s)\n",
User, ProgramName);
fprintf(stderr, "See crontab(1) for more
information\n");
- log_it(RealUser, Pid, "AUTH", "crontab command not
allowed");
+ log_it(LOG_NOTICE, RealUser, Pid, "AUTH", "crontab
command not allowed");
} else {
/* If the user is not allowed but root is running the
* program warn but do not log */
@@ -301,7 +301,7 @@ list_cmd() {
int x;
char *ctnh;
- log_it(RealUser, Pid, "LIST", User);
+ log_it(LOG_INFO, RealUser, Pid, "LIST", User);
(void) snprintf(n, MAX_FNAME, CRON_TAB(User));
if (!(f = fopen(n, "r"))) {
if (errno == ENOENT)
@@ -383,7 +383,7 @@ delete_cmd() {
}
}
- log_it(RealUser, Pid, "DELETE", User);
+ log_it(LOG_INFO, RealUser, Pid, "DELETE", User);
if (unlink(n)) {
if (errno == ENOENT)
fprintf(stderr, "no crontab for %s\n", User);
@@ -551,7 +551,7 @@ edit_cmd() {
mode_t um;
int add_help_text = 0;
- log_it(RealUser, Pid, "BEGIN EDIT", User);
+ log_it(LOG_INFO, RealUser, Pid, "BEGIN EDIT", User);
(void) snprintf(n, MAX_FNAME, CRON_TAB(User));
if (!(f = fopen(n, "r"))) {
if (errno != ENOENT) {
@@ -779,7 +779,7 @@ again: /* Loop point for retrying edit a
remove:
cleanup_tmp_crontab();
done:
- log_it(RealUser, Pid, "END EDIT", User);
+ log_it(LOG_INFO, RealUser, Pid, "END EDIT", User);
return;
fatal:
cleanup_tmp_crontab();
@@ -941,7 +941,7 @@ replace_cmd() {
unlink(tn);
return (-2);
}
- log_it(RealUser, Pid, "REPLACE", User);
+ log_it(LOG_INFO, RealUser, Pid, "REPLACE", User);
poke_daemon();
--- cron-3.0pl1.orig/database.c
+++ cron-3.0pl1/database.c
@@ -78,14 +78,14 @@ load_database(old_db)
* cached any of the database), we'll see the changes next time.
*/
if (stat(SPOOL_DIR, &statbuf) < OK) {
- log_it("CRON", getpid(), "STAT FAILED", SPOOL_DIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "STAT FAILED", SPOOL_DIR);
statbuf.st_mtime = 0;
}
/* track system crontab file
*/
if (stat(SYSCRONTAB, &syscron_stat) < OK) {
- log_it("CRON", getpid(), "STAT FAILED", SYSCRONTAB);
+ log_it(LOG_WARNING, "CRON", getpid(), "STAT FAILED",
SYSCRONTAB);
syscron_stat.st_mtime = 0;
}
@@ -94,7 +94,7 @@ load_database(old_db)
* file check won't
*/
if (stat(SYSCRONDIR, &syscrond_stat) < OK) {
- log_it("CRON", getpid(), "STAT FAILED", SYSCRONDIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "STAT FAILED",
SYSCRONDIR);
syscrond_stat.st_mtime = 0;
}
@@ -168,7 +168,7 @@ load_database(old_db)
/* Read all the package crontabs. */
if (!(dir = opendir(SYSCRONDIR))) {
- log_it("CRON", getpid(), "OPENDIR FAILED", SYSCRONDIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "OPENDIR FAILED",
SYSCRONDIR);
}
while (dir != NULL && NULL != (dp = readdir(dir))) {
@@ -209,7 +209,7 @@ load_database(old_db)
* we fork a lot more often than the mtime of the dir changes.
*/
if (!(dir = opendir(SPOOL_DIR))) {
- log_it("CRON", getpid(), "OPENDIR FAILED", SPOOL_DIR);
+ log_it(LOG_WARNING, "CRON", getpid(), "OPENDIR FAILED",
SPOOL_DIR);
}
while (dir != NULL && NULL != (dp = readdir(dir))) {
@@ -323,7 +323,7 @@ process_crontab(uname, fname, tabname, s
*/
if (strncmp(fname, "tmp.", 4)) {
/* don't log these temporary files */
- log_it(fname, getpid(), "ORPHAN", "no passwd entry");
+ log_it(LOG_NOTICE, fname, getpid(), "ORPHAN", "no
passwd entry");
add_orphan(uname, fname, tabname);
}
goto next_crontab;
@@ -334,39 +334,39 @@ process_crontab(uname, fname, tabname, s
if ((crontab_fd = open(tabname, O_RDONLY|O_NOFOLLOW, 0)) < OK) {
/* crontab not accessible?
*/
- log_it(fname, getpid(), "CAN'T OPEN", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "CAN'T OPEN",
tabname);
goto next_crontab;
}
if (fstat(crontab_fd, statbuf) < OK) {
- log_it(fname, getpid(), "FSTAT FAILED", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "FSTAT FAILED",
tabname);
goto next_crontab;
}
/* Check to make sure that the crontab is owned by the correct
user
(or root) */
if (statbuf->st_uid != pw->pw_uid && statbuf->st_uid !=
ROOT_UID) {
- log_it(fname, getpid(), "WRONG FILE OWNER", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "WRONG FILE OWNER",
tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
/* Check to make sure that the crontab is a regular file */
if (!S_ISREG(statbuf->st_mode)) {
- log_it(fname, getpid(), "NOT A REGULAR FILE", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "NOT A REGULAR
FILE", tabname);
goto next_crontab;
}
/* Check to make sure that the crontab's permissions are secure
*/
if ((statbuf->st_mode & 07777) != 0600) {
- log_it(fname, getpid(), "INSECURE MODE (mode 0600
expected)", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "INSECURE MODE
(mode 0600 expected)", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
/* Check to make sure that there are no hardlinks to the
crontab */
if (statbuf->st_nlink != 1) {
- log_it(fname, getpid(), "NUMBER OF HARD LINKS > 1",
tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "NUMBER OF HARD
LINKS > 1", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -374,11 +374,11 @@ process_crontab(uname, fname, tabname, s
/* System crontab path. These can be symlinks, but the
symlink and the target must be owned by root. */
if (lstat(tabname, statbuf) < OK) {
- log_it(fname, getpid(), "LSTAT FAILED", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "LSTAT FAILED",
tabname);
goto next_crontab;
}
if (S_ISLNK(statbuf->st_mode) && statbuf->st_uid != ROOT_UID) {
- log_it(fname, getpid(), "WRONG SYMLINK OWNER", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "WRONG SYMLINK
OWNER", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -392,29 +392,29 @@ process_crontab(uname, fname, tabname, s
* skip it instead.
*/
if (S_ISLNK(statbuf->st_mode)) {
- log_it(fname, getpid(), "CAN'T OPEN SYMLINK",
tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "CAN'T OPEN
SYMLINK", tabname);
force_rescan_user(old_db, new_db, fname, 0);
} else {
- log_it(fname, getpid(), "CAN'T OPEN", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "CAN'T
OPEN", tabname);
}
goto next_crontab;
}
if (fstat(crontab_fd, statbuf) < OK) {
- log_it(fname, getpid(), "FSTAT FAILED", tabname);
+ log_it(LOG_WARNING, fname, getpid(), "FSTAT FAILED",
tabname);
goto next_crontab;
}
/* Check to make sure that the crontab is owned by root */
if (statbuf->st_uid != ROOT_UID) {
- log_it(fname, getpid(), "WRONG FILE OWNER", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "WRONG FILE OWNER",
tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
/* Check to make sure that the crontab is a regular file */
if (!S_ISREG(statbuf->st_mode)) {
- log_it(fname, getpid(), "NOT A REGULAR FILE", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "NOT A REGULAR
FILE", tabname);
goto next_crontab;
}
@@ -423,7 +423,7 @@ process_crontab(uname, fname, tabname, s
* (mode 0600). An upgrade path could be implemented for 4.1
*/
if ((statbuf->st_mode & S_IWGRP) || (statbuf->st_mode &
S_IWOTH)) {
- log_it(fname, getpid(), "INSECURE MODE (group/other
writable)", tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "INSECURE MODE
(group/other writable)", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -436,7 +436,7 @@ process_crontab(uname, fname, tabname, s
/* Check to make sure that there are no hardlinks to the
crontab */
if (statbuf->st_nlink != 1) {
- log_it(fname, getpid(), "NUMBER OF HARD LINKS > 1",
tabname);
+ log_it(LOG_NOTICE, fname, getpid(), "NUMBER OF HARD
LINKS > 1", tabname);
force_rescan_user(old_db, new_db, fname, 0);
goto next_crontab;
}
@@ -473,7 +473,7 @@ process_crontab(uname, fname, tabname, s
Debug(DLOAD, (" [delete old data]"))
unlink_user(old_db, u);
free_user(u);
- log_it(fname, getpid(), "RELOAD", tabname);
+ log_it(LOG_INFO, fname, getpid(), "RELOAD", tabname);
}
u = load_user(crontab_fd, pw, uname, fname, tabname);
@@ -521,7 +521,7 @@ valid_name(char *filename)
|| regcomp(&tradre, "^[a-z0-9][a-z0-9-]*$", REG_NOSUB)
|| regcomp(&classicalre, "^[a-zA-Z0-9_-]+$",
REG_EXTENDED | REG_NOSUB)) {
- log_it("CRON", getpid(), "REGEX FAILED", "valid_name");
+ log_it(LOG_NOTICE, "CRON", getpid(), "REGEX FAILED", "valid_name");
(void) exit(ERROR_EXIT);
}
}
--- cron-3.0pl1.orig/do_command.c
+++ cron-3.0pl1/do_command.c
@@ -72,7 +72,11 @@ static char **build_env(char **cronenv)
while ((cronvar = cronenv[count++])) {
if (!(jobenv = env_set(jobenv, cronvar))) {
- syslog(LOG_ERR, "Setting Cron environment variable %s
failed", cronvar);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Setting Cron environment variable %s failed\n",
+ cronvar);
+ log_it(LOG_ERR, "CRON", getpid(), "CRON ENVIROMENT
FAIL", buf);
return NULL;
}
}
@@ -97,7 +101,7 @@ do_command(e, u)
*/
switch (fork()) {
case -1:
- log_it("CRON",getpid(),"error","can't fork");
+ log_it(LOG_ERR, "CRON",getpid(),"error","can't fork");
break;
case 0:
/* child process */
@@ -175,7 +179,7 @@ child_process(e, u)
pipe(stdin_pipe); /* child's stdin */
/* child's stdout */
if ((tmpout = tmpfile()) == NULL) {
- log_it("CRON", getpid(), "error", "create tmpfile");
+ log_it(LOG_ERR, "CRON", getpid(), "error", "create tmpfile");
exit(ERROR_EXIT);
}
@@ -233,7 +237,7 @@ child_process(e, u)
*/
switch (job_pid = fork()) {
case -1:
- log_it("CRON",getpid(),"error","can't fork");
+ log_it(LOG_ERR, "CRON",getpid(),"error","can't fork");
exit(ERROR_EXIT);
/*NOTREACHED*/
case 0:
@@ -247,7 +251,7 @@ child_process(e, u)
*/
if ((log_level & CRON_LOG_JOBSTART) && ! (log_level &
CRON_LOG_JOBPID)) {
char *x = mkprints((u_char *)e->cmd, strlen(e->cmd));
- log_it(usernm, getpid(), "CMD", x);
+ log_it(LOG_INFO, usernm, getpid(), "CMD", x);
free(x);
}
/* nothing to log from now on. close the log files.
@@ -292,7 +296,7 @@ child_process(e, u)
char msg[256];
snprintf(msg, 256, "do_command:setgid(%lu) failed: %s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# if defined(BSD) || defined(POSIX)
@@ -300,7 +304,7 @@ child_process(e, u)
char msg[256];
snprintf(msg, 256, "do_command:initgroups(%lu) failed:
%s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# endif
@@ -308,7 +312,7 @@ child_process(e, u)
char msg[256];
snprintf(msg, 256, "do_command:setuid(%lu) failed: %s",
(unsigned long) e->uid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
chdir(env_get("HOME", e->envp));
@@ -359,7 +363,7 @@ child_process(e, u)
char logcmd[MAX_COMMAND + 8];
snprintf(logcmd, sizeof(logcmd), "[%d] %s", (int)
job_pid, e->cmd);
char *x = mkprints((u_char *)logcmd, strlen(logcmd));
- log_it(usernm, getpid(), "CMD", x);
+ log_it(LOG_INFO, usernm, getpid(), "CMD", x);
free(x);
}
break;
@@ -468,13 +472,13 @@ child_process(e, u)
status = waiter;
snprintf(msg, 256, "grandchild #%d failed with
exit "
"status %d", pid, WEXITSTATUS(waiter));
- log_it("CRON", getpid(), "error", msg);
+ log_it(LOG_ERR, "CRON", getpid(), "error", msg);
} else if (WIFSIGNALED(waiter)) {
status = waiter;
snprintf(msg, 256, "grandchild #%d terminated
by signal"
" %d%s", pid, WTERMSIG(waiter),
WCOREDUMP(waiter) ? ", dumped core" :
"");
- log_it("CRON", getpid(), "error", msg);
+ log_it(LOG_ERR, "CRON", getpid(), "error", msg);
}
}
}
@@ -511,7 +515,7 @@ child_process(e, u)
if (stat(MAILCMD, &mcsb) != 0) {
Debug(DPROC|DEXT, ("%s not found, not sending mail\n", MAILCMD))
if (pos > 0) {
- log_it("CRON", getpid(), "info", "No MTA installed,
discarding output");
+ log_it(LOG_WARNING, "CRON", getpid(), "info", "No MTA
installed, discarding output");
}
goto mail_finished;
} else {
@@ -619,11 +623,11 @@ child_process(e, u)
"mailed %d byte%s of output "
"but got status 0x%04x from MTA\n",
bytes, (bytes==1)?"":"s", status);
- log_it(usernm, getpid(), "MAIL", buf);
+ log_it(LOG_INFO, usernm, getpid(), "MAIL", buf);
}
if (ferror(tmpout)) {
- log_it(usernm, getpid(), "MAIL", "stream error reading output");
+ log_it(LOG_NOTICE, usernm, getpid(), "MAIL", "stream error
reading output");
}
mail_finished:
@@ -638,7 +642,7 @@ mail_finished:
} else {
x = mkprints((u_char *)e->cmd, strlen(e->cmd));
}
- log_it(usernm, job_pid, "END", x);
+ log_it(LOG_INFO, usernm, job_pid, "END", x);
free(x);
}
@@ -696,7 +700,7 @@ static int safe_p(const char *usernm, co
if (isascii(ch) && isprint(ch) &&
(isalnum(ch) || (!first && strchr(safe_delim, ch))))
continue;
- log_it(usernm, getpid(), "UNSAFE MAIL", s);
+ log_it(LOG_WARNING, usernm, getpid(), "UNSAFE MAIL", s);
return (FALSE);
}
return (TRUE);
--- cron-3.0pl1.orig/entry.c
+++ cron-3.0pl1/entry.c
@@ -109,7 +109,7 @@ load_entry(file, error_func, pw, envp)
e = (entry *) calloc(sizeof(entry), sizeof(char));
if (e == NULL) {
- log_it("CRON", getpid(), "OOM", "Out of memory parsing
crontab");
+ log_it(LOG_ERR, "CRON", getpid(), "OOM", "Out of memory parsing
crontab");
return NULL;
}
--- cron-3.0pl1.orig/misc.c
+++ cron-3.0pl1/misc.c
@@ -303,7 +303,7 @@ acquire_daemonlock(closeflag)
snprintf(buf, MAX_TEMPSTR, "can't open or create %s:
%s",
pidfile, strerror(errno));
fprintf(stderr, "%s: %s\n", ProgramName, buf);
- log_it("CRON", getpid(), "DEATH", buf);
+ log_it(LOG_ERR, "CRON", getpid(), "DEATH", buf);
exit(ERROR_EXIT);
}
@@ -314,11 +314,11 @@ acquire_daemonlock(closeflag)
snprintf(buf, MAX_TEMPSTR, "can't lock %s, otherpid may
be %d: %s",
pidfile, otherpid, strerror(save_errno));
fprintf(stderr, "%s: %s\n", ProgramName, buf);
- log_it("CRON", getpid(), "DEATH", buf);
+ log_it(LOG_ERR, "CRON", getpid(), "DEATH", buf);
exit(ERROR_EXIT);
}
snprintf(buf, MAX_TEMPSTR, "pidfile fd = %d", fd);
- log_it("CRON", getpid(), "INFO", buf);
+ log_it(LOG_INFO, "CRON", getpid(), "INFO", buf);
(void) fcntl(fd, F_SETFD, 1);
}
@@ -523,7 +523,8 @@ allowed(username)
void
-log_it(username, xpid, event, detail)
+log_it(priority, username, xpid, event, detail)
+ int priority;
char *username;
int xpid;
char *event;
@@ -531,6 +532,39 @@ log_it(username, xpid, event, detail)
{
PID_T pid = xpid;
#if defined(LOG_FILE)
+
+ /* Logging priority parsing */
+ char *prio;
+ switch(priority){
+ case LOG_EMERG:
+ prio = "EMERGENCY: ";
+ break;
+ case LOG_ALERT:
+ prio = "ALERT: ";
+ break;
+ case LOG_CRIT:
+ prio = "CRITICAL: ";
+ break;
+ case LOG_ERR:
+ prio = "ERROR: ";
+ break;
+ case LOG_WARNING:
+ prio = "WARNING: ";
+ break;
+ case LOG_NOTICE:
+ prio = "NOTICE: ";
+ break;
+ case LOG_INFO:
+ prio = "INFO: ";
+ break;
+ case LOG_DEBUG:
+ prio = "DEBUG: ";
+ break;
+ default:
+ prio = "INFO: ";
+ break;
+ }
+
char *msg;
TIME_T now = time((TIME_T) 0);
register struct tm *t = localtime(&now);
@@ -540,7 +574,7 @@ log_it(username, xpid, event, detail)
#if defined(LOG_FILE)
/* we assume that MAX_TEMPSTR will hold the date, time, &punctuation.
*/
- msg_size = strlen(username) + strlen(event) + strlen(detail) +
MAX_TEMPSTR;
+ msg_size = strlen(prio) + strlen(username) + strlen(event) +
strlen(detail) + MAX_TEMPSTR;
msg = malloc(msg_size);
if (msg == NULL) {
/* damn, out of mem and we did not test that before... */
@@ -562,8 +596,8 @@ log_it(username, xpid, event, detail)
* everything out in one chunk and this has to be atomically appended
* to the log file.
*/
- snprintf(msg, msg_size, "%s (%02d/%02d-%02d:%02d:%02d-%d) %s (%s)\n",
- username,
+ snprintf(msg, msg_size, "%s%s (%02d/%02d-%02d:%02d:%02d-%d) %s (%s)\n",
+ prio, username,
t->tm_mon+1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec, pid,
event, detail);
@@ -586,14 +620,14 @@ log_it(username, xpid, event, detail)
openlog(ProgramName, LOG_PID);
# endif
- syslog(LOG_INFO, "(%s) %s (%s)", username, event, detail);
+ syslog(priority, "(%s) %s (%s)", username, event, detail);
#endif /*SYSLOG*/
#if DEBUGGING
if (DebugFlags) {
- fprintf(stderr, "log_it: (%s %d) %s (%s)\n",
- username, xpid, event, detail);
+ fprintf(stderr, "log_it: priority %d (%s %d) %s (%s)\n",
+ priority, username, xpid, event, detail);
}
#endif
}
--- cron-3.0pl1.orig/popen.c
+++ cron-3.0pl1/popen.c
@@ -128,7 +128,7 @@ cron_popen(program, type, e)
char msg[256];
snprintf(msg, 256, "popen:setgid(%lu) failed: %s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# if defined(BSD) || defined(POSIX)
@@ -136,7 +136,7 @@ cron_popen(program, type, e)
char msg[256];
snprintf(msg, 256, "popen:initgroups(%lu) failed: %s",
(unsigned long) e->gid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
# endif
@@ -144,7 +144,7 @@ cron_popen(program, type, e)
char msg[256];
snprintf(msg, 256, "popen: setuid(%lu) failed: %s",
(unsigned long) e->uid, strerror(errno));
- log_it("CRON",getpid(),"error",msg);
+ log_it(LOG_ERR, "CRON",getpid(),"error",msg);
exit(ERROR_EXIT);
}
chdir(env_get("HOME", e->envp));
--- cron-3.0pl1.orig/user.c
+++ cron-3.0pl1/user.c
@@ -23,7 +23,9 @@ static char rcsid[] = "$Id: user.c,v 2.8
*/
+#if defined(SYSLOG)
#include <syslog.h>
+#endif
#include <string.h>
#include "cron.h"
@@ -46,20 +48,20 @@ static int get_security_context(char *na
int i;
if (getcon(¤t_con)) {
- log_it(name, getpid(), "Can't get current context", tabname);
+ log_it(LOG_ERR, name, getpid(), "Can't get current context",
tabname);
return -1;
}
if (name != NULL) {
if (getseuserbyname(name, &seuser, &level)) {
- log_it(name, getpid(), "getseuserbyname FAILED",
tabname);
+ log_it(LOG_ERR, name, getpid(), "getseuserbyname
FAILED", tabname);
freecon(current_con);
return (security_getenforce() > 0);
}
} else {
context_t temp_con = context_new(current_con);
if (temp_con == NULL) {
- log_it(name, getpid(), "context_new FAILED", tabname);
+ log_it(LOG_ERR, name, getpid(), "context_new FAILED",
tabname);
freecon(current_con);
return (security_getenforce() > 0);
}
@@ -74,10 +76,10 @@ static int get_security_context(char *na
free(level);
if (list_count == -1) {
if (security_getenforce() > 0) {
- log_it(name, getpid(), "No SELinux security context",
tabname);
+ log_it(LOG_ERR, name, getpid(), "No SELinux security
context", tabname);
return -1;
} else {
- log_it(name, getpid(),
+ log_it(LOG_NOTICE, name, getpid(),
"No security context but SELinux in permissive
mode,"
" continuing", tabname);
return 0;
@@ -86,11 +88,11 @@ static int get_security_context(char *na
if (fgetfilecon(crontab_fd, &file_context) < OK) {
if (security_getenforce() > 0) {
- log_it(name, getpid(), "getfilecon FAILED", tabname);
+ log_it(LOG_ERR, name, getpid(), "getfilecon FAILED",
tabname);
freeconary(context_list);
return -1;
} else {
- log_it(name, getpid(), "getfilecon FAILED but SELinux
in "
+ log_it(LOG_NOTICE, name, getpid(), "getfilecon FAILED
but SELinux in "
"permissive mode, continuing", tabname);
*rcontext = strdup(context_list[0]);
freeconary(context_list);
@@ -108,7 +110,7 @@ static int get_security_context(char *na
security_class_t tclass = string_to_security_class("file");
if (!tclass) {
- log_it(name, getpid(), "Failed to translate security class
file", tabname);
+ log_it(LOG_ERR, name, getpid(), "Failed to translate security
class file", tabname);
freeconary(context_list);
if (security_deny_unknown() == 0) {
return 0;
@@ -119,7 +121,7 @@ static int get_security_context(char *na
access_vector_t bit = string_to_av_perm(tclass, "entrypoint");
if (!bit) {
- log_it(name, getpid(), "Failed to translate av perm
entrypoint", tabname);
+ log_it(LOG_ERR, name, getpid(), "Failed to translate av perm
entrypoint", tabname);
freeconary(context_list);
if (security_deny_unknown() == 0) {
return 0;
@@ -143,11 +145,11 @@ static int get_security_context(char *na
}
freecon(file_context);
if (security_getenforce() > 0) {
- log_it(name, getpid(), "ENTRYPOINT FAILED", tabname);
+ log_it(LOG_ERR, name, getpid(), "ENTRYPOINT FAILED", tabname);
freeconary(context_list);
return -1;
} else {
- log_it(name, getpid(), "ENTRYPOINT FAILED but SELinux in
permissive mode, continuing", tabname);
+ log_it(LOG_NOTICE, name, getpid(), "ENTRYPOINT FAILED but
SELinux in permissive mode, continuing", tabname);
*rcontext = strdup(context_list[0]);
freeconary(context_list);
}
@@ -168,14 +170,25 @@ crontab_error(msg)
const char *fn;
/* Figure out the file name from the username */
if (0 == strcmp(err_user, "*system*")) {
- syslog(LOG_ERR|LOG_CRON, "Error: %s; while reading %s", msg,
SYSCRONTAB);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Error: %s; while reading %s",
+ msg, SYSCRONTAB);
+ log_it(LOG_ERR, err_user, getpid(), "ERROR", buf);
} else if (0 == strncmp(err_user,"*system*",8)) {
fn = err_user+8;
- syslog(LOG_ERR|LOG_CRON, "Error: %s; while reading %s/%s", msg,
- SYSCRONDIR,fn);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Error: %s; while reading %s/%s",
+ msg, SYSCRONDIR, fn);
+ log_it(LOG_ERR, err_user, getpid(), "ERROR", buf);
+
} else {
- syslog(LOG_ERR|LOG_CRON, "Error: %s; while reading crontab for
user %s",
- msg, err_user);
+ char buf[MAX_TEMPSTR];
+ snprintf(buf, MAX_TEMPSTR,
+ "Error: %s; while reading crontab for user %s",
+ msg, err_user);
+ log_it(LOG_ERR, err_user, getpid(), "ERROR", buf);
}
}
@@ -274,7 +287,7 @@ load_user(crontab_fd, pw, uname, fname,
* newline, so we bail out
*/
if (envstr[0] != '\0') {
- log_it(u->name, getpid(), "ERROR", "Missing "
+ log_it(LOG_WARNING, u->name, getpid(), "ERROR",
"Missing "
"newline before EOF, this crontab file will be "
"ignored");
free_user(u);
@@ -290,7 +303,7 @@ load_user(crontab_fd, pw, uname, fname,
u->crontab = e;
} else {
/* stop processing on syntax error */
- log_it(u->name, getpid(), "ERROR", "Syntax "
+ log_it(LOG_WARNING, u->name, getpid(), "ERROR",
"Syntax "
"error, this crontab file will be "
"ignored");
free_user(u);
@@ -314,7 +327,7 @@ load_user(crontab_fd, pw, uname, fname,
} while (status >= OK && LineNumber < MAX_TAB_LINES + NHEADER_LINES +
2);
if (LineNumber >= MAX_TAB_LINES + NHEADER_LINES + 2) {
- log_it(fname, getpid(), "ERROR", "crontab must not be longer "
+ log_it(LOG_WARNING, fname, getpid(), "ERROR", "crontab must not
be longer "
"than " Stringify(MAX_TAB_LINES) " lines, "
"this crontab file will be ignored");
free_user(u);
