From ede0009e7c30e22b0c41a648ec082b1fad013000 Mon Sep 17 00:00:00 2001 From: Kevin Tian Date: Wed, 26 Jan 2011 19:09:14 +0800 Subject: cronie: enable multi-user crontab usage and make cron environment complete fix [BUGID #673] several cron related test cases in LTP reveals that our current cron recipe is not complete: a) a complete cron hierarchy better have: /etc/crontab /etc/cron.d /etc/cron.hourly /etc/cron.daily /etc/cron.weekly /etc/cron.monthly b) for a normal user to use crontab command: add a new group - crontab /usr/bin/crontab is setgid to root:crontab /var/spool/cron is owned by root:crontab below are optional, and thus not included in the default setup: /etc/cron.deny /etc/cron.allow cronie by default only allows root user to use crontab, if neither cron.deny nor cron.allow exists. They are controlled by final policy deployed on the product. Signed-off-by: Kevin Tian --- meta/recipes-extended/cronie/cronie/crontab | 10 +++++++++ meta/recipes-extended/cronie/cronie_1.4.6.bb | 33 ++++++++++++++++++++++++++-- 2 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-extended/cronie/cronie/crontab (limited to 'meta/recipes-extended/cronie') diff --git a/meta/recipes-extended/cronie/cronie/crontab b/meta/recipes-extended/cronie/cronie/crontab new file mode 100644 index 0000000000..cc9169eda9 --- /dev/null +++ b/meta/recipes-extended/cronie/cronie/crontab @@ -0,0 +1,10 @@ +# /etc/crontab: system-wide crontab +# Unlike any other crontab you don't have to run the `crontab' +# command to install the new version when you edit this file +# and files in /etc/cron.d. These files also have username fields, +# that none of the other crontabs do. + +SHELL=/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +# m h dom mon dow user command diff --git a/meta/recipes-extended/cronie/cronie_1.4.6.bb b/meta/recipes-extended/cronie/cronie_1.4.6.bb index 6b4c64e3b1..09714c7f74 100644 --- a/meta/recipes-extended/cronie/cronie_1.4.6.bb +++ b/meta/recipes-extended/cronie/cronie_1.4.6.bb @@ -14,10 +14,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=963ea0772a2adbdcd607a9b2ec320c11 \ SECTION = "utils" -PR = "r0" +PR = "r1" SRC_URI = "https://fedorahosted.org/releases/c/r/cronie/cronie-${PV}.tar.gz \ - file://crond.init" + file://crond.init \ + file://crontab" SRC_URI[md5sum] = "968e3d3e7c8e1d0588d533883482d3fa" SRC_URI[sha256sum] = "4435484c28a4452ee37db27182675660cdebf16d8956771b28c8a6f2e9c8048b" @@ -32,4 +33,32 @@ do_install_append () { install -d ${D}${sysconfdir}/init.d/ install -m 0644 ${S}/crond.sysconfig ${D}${sysconfdir}/sysconfig/crond install -m 0755 ${WORKDIR}/crond.init ${D}${sysconfdir}/init.d/crond + + # below are necessary for a complete cron environment + install -d ${D}${localstatedir}/spool/cron + install -m 0755 ${WORKDIR}/crontab ${D}${sysconfdir}/ + mkdir -p ${D}${sysconfdir}/cron.d + mkdir -p ${D}${sysconfdir}/cron.hourly + mkdir -p ${D}${sysconfdir}/cron.daily + mkdir -p ${D}${sysconfdir}/cron.weekly + mkdir -p ${D}${sysconfdir}/cron.monthly +} + +pkg_postinst_${PN} () { + if [ "x$D" != "x" ] ; then + exit 1 + fi + + # below setting is necessary to allow normal user using crontab + + # add 'crontab' group and setgid for crontab binary + grep crontab /etc/group || addgroup crontab + chown root:crontab /usr/bin/crontab + chmod 2755 /usr/bin/crontab + + # allow 'crontab' group write to /var/spool/cron + chown root:crontab /var/spool/cron + chmod 770 /var/spool/cron + + chmod 600 /etc/crontab } -- cgit v1.2.3-54-g00ecf