diff options
Diffstat (limited to 'meta/recipes-extended/logrotate')
5 files changed, 299 insertions, 0 deletions
diff --git a/meta/recipes-extended/logrotate/logrotate/act-as-mv-when-rotate.patch b/meta/recipes-extended/logrotate/logrotate/act-as-mv-when-rotate.patch new file mode 100644 index 0000000000..ce64040d5f --- /dev/null +++ b/meta/recipes-extended/logrotate/logrotate/act-as-mv-when-rotate.patch | |||
@@ -0,0 +1,134 @@ | |||
1 | Act as the "mv" command when rotate log | ||
2 | |||
3 | Act as the "mv" command when rotate log, first rename, if failed, then | ||
4 | read and write. | ||
5 | |||
6 | Upstream-Status: Submitted | ||
7 | |||
8 | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | ||
9 | --- | ||
10 | logrotate.c | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++--------- | ||
11 | 1 file changed, 56 insertions(+), 9 deletions(-) | ||
12 | |||
13 | diff --git a/logrotate.c b/logrotate.c | ||
14 | index 174a26b..b18b629 100644 | ||
15 | --- a/logrotate.c | ||
16 | +++ b/logrotate.c | ||
17 | @@ -906,6 +906,53 @@ int findNeedRotating(struct logInfo *log, int logNum, int force) | ||
18 | return 0; | ||
19 | } | ||
20 | |||
21 | +/* Act as the "mv" command, if rename failed, then read the old file and | ||
22 | + * write to new file. The function which invokes the mvFile will use | ||
23 | + * the strerror(errorno) to handle the error message, so we don't have | ||
24 | + * to print the error message here */ | ||
25 | + | ||
26 | +int mvFile (char *oldName, char *newName, struct logInfo *log, acl_type acl) | ||
27 | +{ | ||
28 | + struct stat sbprev; | ||
29 | + int fd_old, fd_new, n; | ||
30 | + char buf[BUFSIZ]; | ||
31 | + | ||
32 | + /* Do the rename first */ | ||
33 | + if (!rename(oldName, newName)) | ||
34 | + return 0; | ||
35 | + | ||
36 | + /* If the errno is EXDEV, then read old file, write newfile and | ||
37 | + * remove the oldfile */ | ||
38 | + if (errno == EXDEV) { | ||
39 | + /* Open the old file to read */ | ||
40 | + if ((fd_old = open(oldName, O_RDONLY)) < 0) | ||
41 | + return 1; | ||
42 | + | ||
43 | + /* Create the file to write, keep the same attribute as the old file */ | ||
44 | + if (stat(oldName, &sbprev)) | ||
45 | + return 1; | ||
46 | + else { | ||
47 | + if ((fd_new = createOutputFile(newName, | ||
48 | + O_WRONLY | O_CREAT | O_TRUNC, &sbprev, acl, 0)) < 0 ) | ||
49 | + return 1; | ||
50 | + } | ||
51 | + | ||
52 | + /* Read and write */ | ||
53 | + while ((n = read(fd_old, buf, BUFSIZ)) > 0) | ||
54 | + if (write(fd_new, buf, n) != n) | ||
55 | + return 1; | ||
56 | + | ||
57 | + if ((close(fd_old) < 0) || | ||
58 | + removeLogFile(oldName, log) || | ||
59 | + (close(fd_new) < 0)) | ||
60 | + return 1; | ||
61 | + | ||
62 | + return 0; | ||
63 | + } | ||
64 | + | ||
65 | + return 1; | ||
66 | +} | ||
67 | + | ||
68 | int prerotateSingleLog(struct logInfo *log, int logNum, struct logState *state, | ||
69 | struct logNames *rotNames) | ||
70 | { | ||
71 | @@ -1268,15 +1315,15 @@ int prerotateSingleLog(struct logInfo *log, int logNum, struct logState *state, | ||
72 | } | ||
73 | |||
74 | message(MESS_DEBUG, | ||
75 | - "renaming %s to %s (rotatecount %d, logstart %d, i %d), \n", | ||
76 | + "moving %s to %s (rotatecount %d, logstart %d, i %d), \n", | ||
77 | oldName, newName, rotateCount, logStart, i); | ||
78 | |||
79 | - if (!debug && rename(oldName, newName)) { | ||
80 | + if (!debug && mvFile(oldName, newName, log, prev_acl)) { | ||
81 | if (errno == ENOENT) { | ||
82 | message(MESS_DEBUG, "old log %s does not exist\n", | ||
83 | oldName); | ||
84 | } else { | ||
85 | - message(MESS_ERROR, "error renaming %s to %s: %s\n", | ||
86 | + message(MESS_ERROR, "error moving %s to %s: %s\n", | ||
87 | oldName, newName, strerror(errno)); | ||
88 | hasErrors = 1; | ||
89 | } | ||
90 | @@ -1408,11 +1455,11 @@ int rotateSingleLog(struct logInfo *log, int logNum, struct logState *state, | ||
91 | } | ||
92 | } | ||
93 | #endif /* WITH_ACL */ | ||
94 | - message(MESS_DEBUG, "renaming %s to %s\n", log->files[logNum], | ||
95 | + message(MESS_DEBUG, "moving %s to %s\n", log->files[logNum], | ||
96 | rotNames->finalName); | ||
97 | if (!debug && !hasErrors && | ||
98 | - rename(log->files[logNum], rotNames->finalName)) { | ||
99 | - message(MESS_ERROR, "failed to rename %s to %s: %s\n", | ||
100 | + mvFile(log->files[logNum], rotNames->finalName, log, prev_acl)) { | ||
101 | + message(MESS_ERROR, "failed to move %s to %s: %s\n", | ||
102 | log->files[logNum], rotNames->finalName, | ||
103 | strerror(errno)); | ||
104 | hasErrors = 1; | ||
105 | @@ -1775,7 +1822,7 @@ int rotateLogSet(struct logInfo *log, int force) | ||
106 | return hasErrors; | ||
107 | } | ||
108 | |||
109 | -static int writeState(char *stateFilename) | ||
110 | +static int writeState(struct logInfo *log, char *stateFilename) | ||
111 | { | ||
112 | struct logState *p; | ||
113 | FILE *f; | ||
114 | @@ -1939,7 +1986,7 @@ static int writeState(char *stateFilename) | ||
115 | fclose(f); | ||
116 | |||
117 | if (error == 0) { | ||
118 | - if (rename(tmpFilename, stateFilename)) { | ||
119 | + if (mvFile(tmpFilename, stateFilename, log, prev_acl)) { | ||
120 | unlink(tmpFilename); | ||
121 | error = 1; | ||
122 | message(MESS_ERROR, "error renaming temp state file %s\n", | ||
123 | @@ -2223,7 +2270,7 @@ int main(int argc, const char **argv) | ||
124 | rc |= rotateLogSet(log, force); | ||
125 | |||
126 | if (!debug) | ||
127 | - rc |= writeState(stateFile); | ||
128 | + rc |= writeState(log, stateFile); | ||
129 | |||
130 | return (rc != 0); | ||
131 | } | ||
132 | -- | ||
133 | 1.7.10.4 | ||
134 | |||
diff --git a/meta/recipes-extended/logrotate/logrotate/disable-check-different-filesystems.patch b/meta/recipes-extended/logrotate/logrotate/disable-check-different-filesystems.patch new file mode 100644 index 0000000000..43068bdbd7 --- /dev/null +++ b/meta/recipes-extended/logrotate/logrotate/disable-check-different-filesystems.patch | |||
@@ -0,0 +1,34 @@ | |||
1 | Disable the check for different filesystems | ||
2 | |||
3 | The logrotate supports rotate log across different filesystems now, so | ||
4 | disable the check for different filesystems. | ||
5 | |||
6 | Upstream-Status: Submitted | ||
7 | |||
8 | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | ||
9 | --- | ||
10 | config.c | 8 -------- | ||
11 | 1 files changed, 0 insertions(+), 8 deletions(-) | ||
12 | |||
13 | diff --git a/config.c b/config.c | ||
14 | index a85d1df..24575b3 100644 | ||
15 | --- a/config.c | ||
16 | +++ b/config.c | ||
17 | @@ -1453,14 +1453,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) | ||
18 | dirName, strerror(errno)); | ||
19 | goto error; | ||
20 | } | ||
21 | - | ||
22 | - if (sb.st_dev != sb2.st_dev) { | ||
23 | - message(MESS_ERROR, | ||
24 | - "%s:%d olddir %s and log file %s " | ||
25 | - "are on different devices\n", configFile, | ||
26 | - lineNum, newlog->oldDir, newlog->files[i]); | ||
27 | - goto error; | ||
28 | - } | ||
29 | } | ||
30 | } | ||
31 | |||
32 | -- | ||
33 | 1.7.4.1 | ||
34 | |||
diff --git a/meta/recipes-extended/logrotate/logrotate/logrotate-CVE-2011-1548.patch b/meta/recipes-extended/logrotate/logrotate/logrotate-CVE-2011-1548.patch new file mode 100644 index 0000000000..ed2750e9c3 --- /dev/null +++ b/meta/recipes-extended/logrotate/logrotate/logrotate-CVE-2011-1548.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | Upstream-Status: Backport | ||
2 | |||
3 | logrotate: fix for CVE-2011-1548 | ||
4 | |||
5 | If a logfile is a symlink, it may be read when being compressed, being | ||
6 | copied (copy, copytruncate) or mailed. Secure data (eg. password files) | ||
7 | may be exposed. | ||
8 | |||
9 | Portback nofollow.patch from: | ||
10 | http://logrotate.sourcearchive.com/downloads/3.8.1-5/logrotate_3.8.1-5.debian.tar.gz | ||
11 | |||
12 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | ||
13 | |||
14 | --- | ||
15 | --- a/logrotate.c 2012-09-06 13:25:08.000000000 +0800 | ||
16 | +++ b/logrotate.c 2012-09-06 13:35:57.000000000 +0800 | ||
17 | @@ -390,7 +390,7 @@ | ||
18 | compressedName = alloca(strlen(name) + strlen(log->compress_ext) + 2); | ||
19 | sprintf(compressedName, "%s%s", name, log->compress_ext); | ||
20 | |||
21 | - if ((inFile = open(name, O_RDWR)) < 0) { | ||
22 | + if ((inFile = open(name, O_RDWR | O_NOFOLLOW)) < 0) { | ||
23 | message(MESS_ERROR, "unable to open %s for compression\n", name); | ||
24 | return 1; | ||
25 | } | ||
26 | @@ -470,7 +470,7 @@ | ||
27 | char *mailArgv[] = { mailCommand, "-s", subject, address, NULL }; | ||
28 | int rc = 0; | ||
29 | |||
30 | - if ((mailInput = open(logFile, O_RDONLY)) < 0) { | ||
31 | + if ((mailInput = open(logFile, O_RDONLY | O_NOFOLLOW)) < 0) { | ||
32 | message(MESS_ERROR, "failed to open %s for mailing: %s\n", logFile, | ||
33 | strerror(errno)); | ||
34 | return 1; | ||
35 | @@ -561,7 +561,7 @@ | ||
36 | message(MESS_DEBUG, "copying %s to %s\n", currLog, saveLog); | ||
37 | |||
38 | if (!debug) { | ||
39 | - if ((fdcurr = open(currLog, (flags & LOG_FLAG_COPY) ? O_RDONLY : O_RDWR)) < 0) { | ||
40 | + if ((fdcurr = open(currLog, ((flags & LOG_FLAG_COPY) ? O_RDONLY : O_RDWR) | O_NOFOLLOW)) < 0) { | ||
41 | message(MESS_ERROR, "error opening %s: %s\n", currLog, | ||
42 | strerror(errno)); | ||
43 | return 1; | ||
diff --git a/meta/recipes-extended/logrotate/logrotate/update-the-manual.patch b/meta/recipes-extended/logrotate/logrotate/update-the-manual.patch new file mode 100644 index 0000000000..517acdd27e --- /dev/null +++ b/meta/recipes-extended/logrotate/logrotate/update-the-manual.patch | |||
@@ -0,0 +1,32 @@ | |||
1 | Update the manual | ||
2 | |||
3 | Update the manual for rotating on different filesystems. | ||
4 | |||
5 | Upstream-Status: Submitted | ||
6 | |||
7 | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | ||
8 | --- | ||
9 | logrotate.8 | 7 +++---- | ||
10 | 1 files changed, 3 insertions(+), 4 deletions(-) | ||
11 | |||
12 | diff --git a/logrotate.8 b/logrotate.8 | ||
13 | index 8b34167..5f15432 100644 | ||
14 | --- a/logrotate.8 | ||
15 | +++ b/logrotate.8 | ||
16 | @@ -374,10 +374,9 @@ Do not rotate the log if it is empty (this overrides the \fBifempty\fR option). | ||
17 | .TP | ||
18 | \fBolddir \fIdirectory\fR | ||
19 | Logs are moved into \fIdirectory\fR for rotation. The \fIdirectory\fR | ||
20 | -must be on the same physical device as the log file being rotated, | ||
21 | -and is assumed to be relative to the directory holding the log file | ||
22 | -unless an absolute path name is specified. When this option is used all | ||
23 | -old versions of the log end up in \fIdirectory\fR. This option may be | ||
24 | +is assumed to be relative to the directory holding the log file unless | ||
25 | +an absolute path name is specified. When this option is used all old | ||
26 | +versions of the log end up in \fIdirectory\fR. This option may be | ||
27 | overridden by the \fBnoolddir\fR option. | ||
28 | |||
29 | .TP | ||
30 | -- | ||
31 | 1.7.4.1 | ||
32 | |||
diff --git a/meta/recipes-extended/logrotate/logrotate_3.8.7.bb b/meta/recipes-extended/logrotate/logrotate_3.8.7.bb new file mode 100644 index 0000000000..faa8e0264f --- /dev/null +++ b/meta/recipes-extended/logrotate/logrotate_3.8.7.bb | |||
@@ -0,0 +1,56 @@ | |||
1 | SUMMARY = "Rotates, compresses, removes and mails system log files" | ||
2 | SECTION = "console/utils" | ||
3 | HOMEPAGE = "https://fedorahosted.org/logrotate/" | ||
4 | LICENSE = "GPLv2" | ||
5 | |||
6 | DEPENDS="coreutils popt" | ||
7 | |||
8 | LIC_FILES_CHKSUM = "file://COPYING;md5=18810669f13b87348459e611d31ab760" | ||
9 | |||
10 | SRC_URI = "https://fedorahosted.org/releases/l/o/logrotate/logrotate-${PV}.tar.gz \ | ||
11 | file://act-as-mv-when-rotate.patch \ | ||
12 | file://disable-check-different-filesystems.patch \ | ||
13 | file://update-the-manual.patch \ | ||
14 | " | ||
15 | |||
16 | SRC_URI[md5sum] = "99e08503ef24c3e2e3ff74cc5f3be213" | ||
17 | SRC_URI[sha256sum] = "f6ba691f40e30e640efa2752c1f9499a3f9738257660994de70a45fe00d12b64" | ||
18 | |||
19 | PACKAGECONFIG ?= "\ | ||
20 | ${@base_contains('DISTRO_FEATURES', 'acl', 'acl', '', d)} \ | ||
21 | ${@base_contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \ | ||
22 | " | ||
23 | |||
24 | # If RPM_OPT_FLAGS is unset, it adds -g itself rather than obeying our | ||
25 | # optimization variables, so use it rather than EXTRA_CFLAGS. | ||
26 | EXTRA_OEMAKE = "\ | ||
27 | LFS= \ | ||
28 | OS_NAME='${OS_NAME}' \ | ||
29 | \ | ||
30 | 'CC=${CC}' \ | ||
31 | 'RPM_OPT_FLAGS=${CFLAGS}' \ | ||
32 | 'EXTRA_LDFLAGS=${LDFLAGS}' \ | ||
33 | \ | ||
34 | ${@base_contains('PACKAGECONFIG', 'acl', 'WITH_ACL=yes', '', d)} \ | ||
35 | ${@base_contains('PACKAGECONFIG', 'selinux', 'WITH_SELINUX=yes', '', d)} \ | ||
36 | " | ||
37 | |||
38 | # OS_NAME in the makefile defaults to `uname -s`. The behavior for | ||
39 | # freebsd/netbsd is questionable, so leave it as Linux, which only sets | ||
40 | # INSTALL=install and BASEDIR=/usr. | ||
41 | OS_NAME = "Linux" | ||
42 | |||
43 | do_compile_prepend() { | ||
44 | # Make sure the recompile is OK | ||
45 | rm -f ${B}/.depend | ||
46 | } | ||
47 | |||
48 | do_install(){ | ||
49 | oe_runmake install DESTDIR=${D} PREFIX=${D} MANDIR=${mandir} BINDIR=${bindir} | ||
50 | mkdir -p ${D}${sysconfdir}/logrotate.d | ||
51 | mkdir -p ${D}${sysconfdir}/cron.daily | ||
52 | mkdir -p ${D}${localstatedir}/lib | ||
53 | install -p -m 644 examples/logrotate-default ${D}${sysconfdir}/logrotate.conf | ||
54 | install -p -m 755 examples/logrotate.cron ${D}${sysconfdir}/cron.daily/logrotate | ||
55 | touch ${D}${localstatedir}/lib/logrotate.status | ||
56 | } | ||