Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 1490880 Details for
Bug 1630855
cronie silently terminates on SIGPIPE
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Backport of upstream patch
0001-Fix-crash-on-SIGPIPE.patch (text/plain), 8.54 KB, created by
Marcel Plch
on 2018-10-05 15:25:15 UTC
(
hide
)
Description:
Backport of upstream patch
Filename:
MIME Type:
Creator:
Marcel Plch
Created:
2018-10-05 15:25:15 UTC
Size:
8.54 KB
patch
obsolete
>From f6ffad046ebda88842a87f794ae07a5d120d7f7d Mon Sep 17 00:00:00 2001 >From: Marcel Plch <mplch@redhat.com> >Date: Fri, 5 Oct 2018 17:15:57 +0200 >Subject: [PATCH] Fix crash on SIGPIPE > >Resolves: rhbz#1630855 >--- > cronie-1.4.4-sigpipe-crash.patch | 212 +++++++++++++++++++++++++++++++ > cronie.spec | 8 +- > 2 files changed, 219 insertions(+), 1 deletion(-) > create mode 100644 cronie-1.4.4-sigpipe-crash.patch > >diff --git a/cronie-1.4.4-sigpipe-crash.patch b/cronie-1.4.4-sigpipe-crash.patch >new file mode 100644 >index 0000000..89417b5 >--- /dev/null >+++ b/cronie-1.4.4-sigpipe-crash.patch >@@ -0,0 +1,212 @@ >+diff -ru cronie-1.4.4/src/cron.c cronie-1.4.4_patched/src/cron.c >+--- cronie-1.4.4/src/cron.c 2018-10-05 15:26:44.116764816 +0200 >++++ cronie-1.4.4_patched/src/cron.c 2018-10-05 16:36:40.579998742 +0200 >+@@ -145,6 +145,7 @@ >+ #if defined WITH_INOTIFY >+ int i; >+ #endif >++ signal(SIGPIPE, SIG_IGN); >+ >+ ProgramName = argv[0]; >+ MailCmd[0] = '\0'; >+diff -ru cronie-1.4.4/src/do_command.c cronie-1.4.4_patched/src/do_command.c >+--- cronie-1.4.4/src/do_command.c 2018-10-05 15:26:44.117764821 +0200 >++++ cronie-1.4.4_patched/src/do_command.c 2018-10-05 17:06:14.893350108 +0200 >+@@ -21,11 +21,13 @@ >+ >+ #include <cron.h> >+ >+-static void child_process(entry *, user *); >++static int child_process(entry *, user *, char **); >+ static int safe_p(const char *, const char *); >+ >+ void do_command(entry * e, user * u) { >+ pid_t pid = getpid(); >++ int ev; >++ char **jobenv = 0L; >+ >+ Debug(DPROC, ("[%ld] do_command(%s, (%s,%ld,%ld))\n", >+ (long) pid, e->cmd, u->name, >+@@ -45,9 +47,16 @@ >+ case 0: >+ /* child process */ >+ acquire_daemonlock(1); >+- child_process(e, u); >+- Debug(DPROC, ("[%ld] child process done, exiting\n", (long) getpid())) >+- _exit(OK_EXIT); >++ /* Set up the Red Hat security context for both mail/minder and job processes: >++ */ >++ if (cron_set_job_security_context(e, u, &jobenv) != 0) { >++ _exit(ERROR_EXIT); >++ } >++ ev = child_process(e, u, jobenv); >++ cron_close_pam(); >++ env_free(jobenv); >++ Debug(DPROC, ("[%ld] child process done, exiting\n", (long) getpid()))Debug(DPROC, ("[%ld] child process done, exiting\n", (long) getpid())) >++ _exit(ev); >+ break; >+ default: >+ /* parent process */ >+@@ -56,20 +65,27 @@ >+ Debug(DPROC, ("[%ld] main process returning to work\n", (long) pid)) >+ } >+ >+-static void child_process(entry * e, user * u) { >++static int child_process(entry * e, user * u, char **jobenv) { >+ int stdin_pipe[2], stdout_pipe[2]; >+ char *input_data, *usernm, *mailto, *mailfrom; >+ int children = 0; >+- char **jobenv = 0L; >+ pid_t pid = getpid(); >+ pid_t jobpid; >++ struct sigaction sa; >++ /* Ignore SIGPIPE as we will be writing to pipes and do not want to terminate >++ prematurely */ >++ //signal(SIGPIPE, SIG_IGN); >++ memset(&sa, 0, sizeof(sa)); >++ sa.sa_handler = SIG_IGN; >++ sigaction(SIGPIPE, &sa, NULL); >+ >+- /* Set up the Red Hat security context for both mail/minder and job processes: >++ /* our parent is watching for our death by catching SIGCHLD. we >++ * do not care to watch for our children's deaths this way -- we >++ * use wait() explicitly. so we have to reset the signal (which >++ * was inherited from the parent). >+ */ >+- if (cron_set_job_security_context(e, u, &jobenv) != 0) { >+- //syslog(LOG_INFO, "CRON (%s) ERROR: cannot set security context", e->pwd->pw_name); >+- exit(ERROR_EXIT); >+- } >++ sa.sa_handler = SIG_DFL; >++ sigaction(SIGCHLD, &sa, NULL); >+ >+ Debug(DPROC, ("[%ld] child_process('%s')\n", (long) getpid(), e->cmd)) >+ #ifdef CAPITALIZE_FOR_PS >+@@ -90,23 +106,16 @@ >+ mailto = env_get("MAILTO", jobenv); >+ mailfrom = env_get("MAILFROM", e->envp); >+ >+- /* our parent is watching for our death by catching SIGCHLD. we >+- * do not care to watch for our children's deaths this way -- we >+- * use wait() explicitly. so we have to reset the signal (which >+- * was inherited from the parent). >+- */ >+- (void) signal(SIGCHLD, SIG_DFL); >+- >+ /* create some pipes to talk to our future child >+ */ >+ if (pipe(stdin_pipe) == -1) { /* child's stdin */ >+ log_it("CRON", pid, "pipe() failed", "stdin_pipe", errno); >+- return; >++ return ERROR_EXIT; >+ } >+ >+ if (pipe(stdout_pipe) == -1) { /* child's stdout */ >+ log_it("CRON", pid, "pipe() failed", "stdout_pipe", errno); >+- return; >++ return ERROR_EXIT; >+ } >+ >+ /* since we are a forked process, we can diddle the command string >+@@ -151,10 +160,10 @@ >+ switch ((jobpid = fork())) { >+ case -1: >+ log_it("CRON", pid, "can't fork", "child_process", errno); >+- cron_close_pam(); >+- exit(ERROR_EXIT); >+- /*NOTREACHED*/ case 0: >+- Debug(DPROC, ("[%ld] grandchild process fork()'ed\n", (long) getpid())) >++ return ERROR_EXIT; >++ /*NOTREACHED*/ >++ case 0: >++ Debug(DPROC, ("[%ld] grandchild process fork()'ed\n", (long) getpid())) >+ >+ if (cron_change_user_permanently(e->pwd, env_get("HOME", jobenv)) < 0) >+ _exit(ERROR_EXIT); >+@@ -179,6 +188,12 @@ >+ */ >+ (void) setsid(); >+ >++ /* reset the SIGPIPE back to default so the child will terminate >++ * if it tries to write to a closed pipe >++ */ >++ sa.sa_handler = SIG_DFL; >++ sigaction(SIGPIPE, &sa, NULL); >++ >+ /* close the pipe ends that we won't use. this doesn't affect >+ * the parent, who has to read and write them; it keeps the >+ * kernel from recording us as a potential client TWICE -- >+@@ -201,14 +216,6 @@ >+ } >+ dup2(STDOUT, STDERR); >+ >+- /* Our grandparent is watching for our parent's death by >+- * catching SIGCHLD. Meanwhile, our parent will use wait >+- * explicitly and so has disabled SIGCHLD. So now it's >+- * time to reset SIGCHLD handling. >+- */ >+- (void) signal(SIGCHLD, SIG_DFL); >+- >+- >+ /* >+ * Exec the command. >+ */ >+@@ -268,6 +275,13 @@ >+ Debug(DPROC, ("[%ld] child2 sending data to grandchild\n", >+ (long) getpid())) >+ >++ /* reset the SIGPIPE back to default so the child will terminate >++ * if it tries to write to a closed pipe >++ */ >++ sa.sa_handler = SIG_DFL; >++ sigaction(SIGPIPE, &sa, NULL); >++ >++ >+ /* close the pipe we don't use, since we inherited it and >+ * are part of its reference count now. >+ */ >+@@ -306,7 +320,7 @@ >+ >+ Debug(DPROC, ("[%ld] child2 done sending to grandchild\n", >+ (long) getpid())) >+- exit(0); >++ _exit(0); >+ } >+ >+ /* close the pipe to the grandkiddie's stdin, since its wicked uncle >+@@ -559,10 +573,9 @@ >+ if (WIFSIGNALED(waiter) && WCOREDUMP(waiter)) >+ Debug(DPROC, (", dumped core")) >+ Debug(DPROC, ("\n")) >+- } >+- cron_close_pam(); >+- env_free(jobenv); >+ } >++ return OK_EXIT; >++} >+ >+ static int safe_p(const char *usernm, const char *s) { >+ static const char safe_delim[] = "@!:%-.,_+"; /* conservative! */ >+diff -ru cronie-1.4.4/src/popen.c cronie-1.4.4_patched/src/popen.c >+--- cronie-1.4.4/src/popen.c 2018-10-05 15:26:44.098764728 +0200 >++++ cronie-1.4.4_patched/src/popen.c 2018-10-05 15:27:25.933967539 +0200 >+@@ -55,6 +55,7 @@ >+ char *argv[MAX_ARGS]; >+ ssize_t out; >+ char buf[PIPE_BUF]; >++ struct sigaction sa; >+ >+ #ifdef __GNUC__ >+ (void) &iop; /* Avoid fork clobbering */ >+@@ -102,6 +103,11 @@ >+ (void) close(pdes[1]); >+ } >+ >++ /* reset SIGPIPE to default for the child */ >++ memset(&sa, 0, sizeof(sa)); >++ sa.sa_handler = SIG_DFL; >++ sigaction(SIGPIPE, &sa, NULL); >++ >+ if (cron_change_user_permanently(pw, pw->pw_dir) != 0) >+ _exit(2); >+ >diff --git a/cronie.spec b/cronie.spec >index 8628192..48a1973 100644 >--- a/cronie.spec >+++ b/cronie.spec >@@ -6,7 +6,7 @@ > Summary: Cron daemon for executing programs at set times > Name: cronie > Version: 1.4.4 >-Release: 17%{?dist} >+Release: 18%{?dist} > License: MIT and BSD and ISC and GPLv2 > Group: System Environment/Base > URL: https://fedorahosted.org/cronie >@@ -35,6 +35,7 @@ Patch20: cronie-1.4.4-getpwnam-error.patch > Patch21: cronie-1.4.4-temp-name.patch > Patch22: cronie-1.4.4-refresh-users.patch > Patch23: cronie-1.4.4-syslog-output.patch >+Patch24: cronie-1.4.4-sigpipe-crash.patch > > Requires: syslog, bash >= 2.0 > Requires: /usr/sbin/sendmail >@@ -117,6 +118,7 @@ Old style of {hourly,daily,weekly,monthly}.jobs without anacron. No features. > %patch21 -p1 -b .temp-name > %patch22 -p1 -b .refresh-users > %patch23 -p1 -b .syslog-output >+%patch24 -p1 > > %build > %configure \ >@@ -241,6 +243,10 @@ cp -a /var/lock/subsys/crond /var/lock/subsys/cronie > /dev/null 2>&1 ||: > %attr(0644,root,root) %{_sysconfdir}/cron.d/dailyjobs > > %changelog >+* Fri Oct 05 2018 Marcel Plch <mplch@redhat.com> - 1.4.4-18 >+- fix crash on SIGPIPE >+- Resolves: rhbz#1630855 >+ > * Thu Jul 21 2016 Tomáš Mráz <tmraz@redhat.com> - 1.4.4-17 > - fix support for syslogging of job output (#1237093) > >-- >2.17.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1490880">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1630855
: 1490880