From 0a2b1eeb31400e539041c83cc1a5952f1c880917 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 29 Aug 2013 03:06:29 -0700 Subject: Thu Aug 29 03:04:08 PDT 2013 --- community/fcron/PKGBUILD | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) (limited to 'community/fcron/PKGBUILD') diff --git a/community/fcron/PKGBUILD b/community/fcron/PKGBUILD index 3e60e52d5..f43d56671 100644 --- a/community/fcron/PKGBUILD +++ b/community/fcron/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 91897 2013-05-29 00:39:11Z seblu $ +# $Id: PKGBUILD 96423 2013-08-28 15:04:05Z seblu $ # Contributor: Giorgio Lando # Contributor: Sergej Pupykin # Contributor: Thomas Bächler @@ -7,13 +7,17 @@ pkgname=fcron pkgver=3.1.2 -pkgrel=7 +pkgrel=8 pkgdesc='Feature-rich cron implementation' arch=(i686 x86_64) url='http://fcron.free.fr' license=('GPL') depends=('pam' 'run-parts') -makedepends=('smtp-forwarder' 'vi') +makedepends=('smtp-forwarder' 'vi' 'fcron') +# use fcron as recursive deps to have user fcron installed during installation +# else add the following in build chroot +# groupadd -g 23 fcron +# useradd -r -d /var/spool/fcron -u 23 -g 23 fcron optdepends=('smtp-forwarder: to send mails from cron jobs' 'vi: default editor for fcrontab') provides=('cron') @@ -30,13 +34,14 @@ md5sums=('36bf213e15f3a480f2274f8e46cced0a' build() { cd $pkgname-$pkgver + # Don't use --username=root and --groupname=root, this completly break + # fcron security and allow local root escalation. + # Thanks to Anh K. Huynh for reporting it. ./configure --prefix=/usr \ --sbindir=/usr/bin \ --sysconfdir=/etc/fcron \ --with-answer-all=no \ --with-boot-install=no \ - --with-username=root \ - --with-groupname=root \ --datarootdir=/usr/share \ --datadir=/usr/share \ --with-docdir=/usr/share/doc \ @@ -44,22 +49,20 @@ build() { --with-systemdsystemunitdir=/usr/lib/systemd/system \ --with-piddir=/run \ --with-editor=/usr/bin/vi \ - --with-sendmail=/usr/sbin/sendmail + --with-sendmail=/usr/bin/sendmail make } package() { cd $pkgname-$pkgver - make DESTDIR="$pkgdir/" install - install -D -m644 "$srcdir/$pkgname-$pkgver/files/fcron.pam" "$pkgdir/etc/pam.d/fcron" - - install -D -m644 "$srcdir/$pkgname-$pkgver/files/fcrontab.pam" "$pkgdir/etc/pam.d/fcrontab" + install -Dm644 files/fcron.pam "$pkgdir/etc/pam.d/fcron" + install -Dm644 files/fcrontab.pam "$pkgdir/etc/pam.d/fcrontab" # Install a default fcrontab so that fcron can completely replace dcron # We doesn't use binary format which is incompatible between arch and may cause crash # We regenerate the binary format at each update - install -D -m640 "$srcdir/systab.orig" "$pkgdir/var/spool/fcron/systab.orig" + install -Dm640 "$srcdir/systab.orig" "$pkgdir/var/spool/fcron/systab.orig" # Add cron.* directories install -d -m755 "$pkgdir/etc/cron.daily" -- cgit v1.2.3-54-g00ecf