[poky] [PATCH 2/5] cronie: enable multi-user crontab usage and make cron environment complete
Thu Jan 27 03:38:58 PST 2011
From: Kevin Tian <kevin.tian at intel.com>
several cron related test cases in LTP reveals that our current cron recipe
is not complete:
a) a complete cron hierarchy better have:
/etc/crontab
/etc/cron.d
/etc/cron.hourly
/etc/cron.daily
/etc/cron.weekly
/etc/cron.monthly
b) for a normal user to use crontab command:
add a new group - crontab
/usr/bin/crontab is setgid to root:crontab
/var/spool/cron is owned by root:crontab
below are optional, and thus not included in the default setup:
/etc/cron.deny
/etc/cron.allow
cronie by default only allows root user to use crontab, if neither cron.deny
nor cron.allow exists. They are controlled by final policy deployed on the
product.
Signed-off-by: Kevin Tian <kevin.tian at intel.com>
---
meta/recipes-extended/cronie/cronie/crontab | 10 ++++++++
meta/recipes-extended/cronie/cronie_1.4.6.bb | 33 ++++++++++++++++++++++++-
2 files changed, 41 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-extended/cronie/cronie/crontab
diff --git a/meta/recipes-extended/cronie/cronie/crontab b/meta/recipes-extended/cronie/cronie/crontab
new file mode 100644
index 0000000..cc9169e
--- /dev/null
+++ b/meta/recipes-extended/cronie/cronie/crontab
@@ -0,0 +1,10 @@
+# /etc/crontab: system-wide crontab
+# Unlike any other crontab you don't have to run the `crontab'
+# command to install the new version when you edit this file
+# and files in /etc/cron.d. These files also have username fields,
+# that none of the other crontabs do.
+
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+# m h dom mon dow user command
diff --git a/meta/recipes-extended/cronie/cronie_1.4.6.bb b/meta/recipes-extended/cronie/cronie_1.4.6.bb
index 6b4c64e..09714c7 100644
--- a/meta/recipes-extended/cronie/cronie_1.4.6.bb
+++ b/meta/recipes-extended/cronie/cronie_1.4.6.bb
@@ -14,10 +14,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=963ea0772a2adbdcd607a9b2ec320c11 \
SECTION = "utils"
-PR = "r0"
+PR = "r1"
SRC_URI = "https://fedorahosted.org/releases/c/r/cronie/cronie-${PV}.tar.gz \
- file://crond.init"
+ file://crond.init \
+ file://crontab"
SRC_URI[md5sum] = "968e3d3e7c8e1d0588d533883482d3fa"
SRC_URI[sha256sum] = "4435484c28a4452ee37db27182675660cdebf16d8956771b28c8a6f2e9c8048b"
@@ -32,4 +33,32 @@ do_install_append () {
install -d ${D}${sysconfdir}/init.d/
install -m 0644 ${S}/crond.sysconfig ${D}${sysconfdir}/sysconfig/crond
install -m 0755 ${WORKDIR}/crond.init ${D}${sysconfdir}/init.d/crond
+
+ # below are necessary for a complete cron environment
+ install -d ${D}${localstatedir}/spool/cron
+ install -m 0755 ${WORKDIR}/crontab ${D}${sysconfdir}/
+ mkdir -p ${D}${sysconfdir}/cron.d
+ mkdir -p ${D}${sysconfdir}/cron.hourly
+ mkdir -p ${D}${sysconfdir}/cron.daily
+ mkdir -p ${D}${sysconfdir}/cron.weekly
+ mkdir -p ${D}${sysconfdir}/cron.monthly
+}
+
+pkg_postinst_${PN} () {
+ if [ "x$D" != "x" ] ; then
+ exit 1
+ fi
+
+ # below setting is necessary to allow normal user using crontab
+
+ # add 'crontab' group and setgid for crontab binary
+ grep crontab /etc/group || addgroup crontab
+ chown root:crontab /usr/bin/crontab
+ chmod 2755 /usr/bin/crontab
+
+ # allow 'crontab' group write to /var/spool/cron
+ chown root:crontab /var/spool/cron
+ chmod 770 /var/spool/cron
+
+ chmod 600 /etc/crontab
}
--
1.6.0.4
More information about the poky
mailing list