Marked 2.0.2 stable on hppa for bug 71311; removed vulnerable versions and respective patches.

8 files changed, 0 insertions, 303 deletions

diff --git a/sys-apps/fcron/files/digest-fcron-2.0.0-r4 b/sys-apps/fcron/files/digest-fcron-2.0.0-r4
deleted file mode 100644
index 45d732101fce..000000000000
--- a/sys-apps/fcron/files/digest-fcron-2.0.0-r4
+++ /dev/null
@@ -1 +0,0 @@
-MD5 b20c6bc5d9435a790e5500ecb7990df8 fcron-2.0.0.src.tar.gz 144069
diff --git a/sys-apps/fcron/files/digest-fcron-2.0.1 b/sys-apps/fcron/files/digest-fcron-2.0.1
deleted file mode 100644
index dce4ccae6572..000000000000
--- a/sys-apps/fcron/files/digest-fcron-2.0.1
+++ /dev/null
@@ -1 +0,0 @@
-MD5 8a5652f025ee81627f289162270a5bd0 fcron-2.0.1.src.tar.gz 145324
diff --git a/sys-apps/fcron/files/digest-fcron-2.9.4 b/sys-apps/fcron/files/digest-fcron-2.9.4
deleted file mode 100644
index 5e1329187072..000000000000
--- a/sys-apps/fcron/files/digest-fcron-2.9.4
+++ /dev/null
@@ -1 +0,0 @@
-MD5 4bfcff1002a7231f374591511bacadb2 fcron-2.9.4.src.tar.gz 378987
diff --git a/sys-apps/fcron/files/digest-fcron-2.9.5 b/sys-apps/fcron/files/digest-fcron-2.9.5
deleted file mode 100644
index 703808966c00..000000000000
--- a/sys-apps/fcron/files/digest-fcron-2.9.5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 73042f2666dff27444789d542bbcd607 fcron-2.9.5.src.tar.gz 396421
diff --git a/sys-apps/fcron/files/fcron-2.0.0-gcc34.diff b/sys-apps/fcron/files/fcron-2.0.0-gcc34.diff
deleted file mode 100644
index 1dc1a27a622d..000000000000
--- a/sys-apps/fcron/files/fcron-2.0.0-gcc34.diff
+++ /dev/null
@@ -1,10 +0,0 @@
-diff -ur fcron-2.0.0-orig/conf.c fcron-2.0.0/conf.c
---- fcron-2.0.0-orig/conf.c	2004-09-04 17:15:47.996231778 -0400
-+++ fcron-2.0.0/conf.c	2004-09-04 17:16:07.589818602 -0400
-@@ -1084,5 +1084,6 @@
- 	    break ;
- 
-       next_file:
-+      	;
-     }
- }
diff --git a/sys-apps/fcron/files/fcron-2.9.4-selinuxupdate.diff b/sys-apps/fcron/files/fcron-2.9.4-selinuxupdate.diff
deleted file mode 100644
index 2b697a103c08..000000000000
--- a/sys-apps/fcron/files/fcron-2.9.4-selinuxupdate.diff
+++ /dev/null
@@ -1,243 +0,0 @@
---- fcron-2.9.4.orig/job.c
-+++ fcron-2.9.4/job.c
-@@ -41,7 +41,7 @@
- char env_shell[PATH_LEN];
- #endif
- 
--#ifdef CONFIG_FLASK
-+#ifdef WITH_SELINUX
- extern char **environ;
- #endif
- 
-@@ -249,8 +249,8 @@
-  	int to_stdout = foreground && is_stdout(line->cl_option);
- 	int pipe_fd[2];
- 	short int mailpos = 0;	/* 'empty mail file' size */
--#ifdef CONFIG_FLASK
--	int flask_enabled = is_flask_enabled();
-+#ifdef WITH_SELINUX
-+	int flask_enabled = is_selinux_enabled();
- #endif
-  
- 	/* */
-@@ -352,10 +352,9 @@
- 	    debug("Execing \"%s -c %s\"", curshell, line->cl_shell);
- #endif /* CHECKJOBS */
- 
--#ifdef CONFIG_FLASK
--	    if(flask_enabled)
--		execle_secure(shell, line->cl_file->cf_user_sid, shell, "-c", line->cl_shell, NULL, environ);
--	    else
-+#ifdef WITH_SELINUX
-+	    if(flask_enabled && setexeccon(line->cl_file->cf_user_context) )
-+		die_e("Can't set execute context \"%s\".", line->cl_file->cf_user_context);
- #endif
- 	    execl(curshell, curshell, "-c", line->cl_shell, NULL);
- 	    /* execl returns only on error */
---- fcron-2.9.4.orig/configure.in
-+++ fcron-2.9.4/configure.in
-@@ -44,7 +44,6 @@
- AC_CHECK_HEADERS(sys/types.h sys/socket.h sys/un.h)
- AC_CHECK_HEADERS(security/pam_appl.h pam/pam_appl.h crypt.h shadow.h)
- AC_CHECK_HEADERS(sys/resource.h)
--AC_CHECK_HEADERS(flask_util.h)
- 
- dnl Checks for typedefs, structures, and compiler characteristics.
- AC_C_CONST
-@@ -61,7 +60,7 @@
- AC_FUNC_STRFTIME
- AC_FUNC_WAIT3
- AC_CHECK_LIB(xnet, shutdown)
--AC_CHECK_LIB(secure, getsecsid, [flaskavail=1], [flaskavail=0])
-+AC_CHECK_LIB(selinux, getcon, [selinuxavail=1], [selinuxavail=0])
- AC_CHECK_FUNC(getloadavg, [getloadavg=1], [getloadavg=0])
- AC_CHECK_LIB(kstat, kstat_open, [kstat=1], [kstat=0])
- if test $getloadavg -eq 1; then
-@@ -925,7 +924,7 @@
-     AC_MSG_RESULT(no)
-     ;;
-   yes)
--    if test "$flaskavail" -eq 1; then
-+    if test "$selinuxavail" -eq 1; then
- 	useselinux=1
- 	AC_MSG_RESULT(yes)
-     else
-@@ -940,7 +939,7 @@
-     AC_MSG_ERROR(Must be set to either "yes" or "no".)
-     ;;
-   esac ],
--  if test "$useselinux" != "0" && test "$flaskavail" -eq 1; then
-+  if test "$useselinux" != "0" && test "$selinuxavail" -eq 1; then
-     useselinux=1
-     AC_MSG_RESULT(yes)
-   else
-@@ -949,8 +948,9 @@
-   fi
- )
- if test "$useselinux" -eq 1; then
--  LIBS="$LIBS -lsecure"
--  AC_DEFINE(CONFIG_FLASK)
-+  LIBS="$LIBS -lselinux"
-+  AC_DEFINE(WITH_SELINUX)
-+  CFLAGS="$CFLAGS -I/usr/include/selinux"
- fi
- 
- 
-@@ -1149,4 +1149,5 @@
- echo
- echo "You can now run 'make' to compile"
- echo "and then (as root) 'make install' to install fcron."
--echo
-\ No newline at end of file
-+echo
-+
---- fcron-2.9.4.orig/global.h
-+++ fcron-2.9.4/global.h
-@@ -43,12 +43,11 @@
- #include <errno.h>
- #endif
- 
--#ifdef CONFIG_FLASK
--#include <flask_util.h>
--#include <fs_secure.h>
--#include <ss.h>
--#include <linux/flask/av_permissions.h>
--#include <get_sid_list.h>
-+#ifdef WITH_SELINUX
-+#include <selinux.h>
-+#include <get_context_list.h>
-+#include <selinux/flask.h>
-+#include <selinux/av_permissions.h>
- #endif
- 
- #ifdef HAVE_GETOPT_H
-@@ -167,9 +166,9 @@
-     struct env_t *cf_env_base;  /* list of all env variables to set          */
-     int		  cf_running;	/* number of jobs running                    */
-     signed char	  cf_tzdiff;    /* time diff between system and local hour   */
--#ifdef CONFIG_FLASK
--    security_id_t cf_user_sid;
--    security_id_t cf_file_sid;
-+#ifdef WITH_SELINUX
-+    security_context_t cf_user_context;
-+    security_context_t cf_file_context;
- #endif
- } cf_t;
- 
---- fcron-2.9.4.orig/conf.c
-+++ fcron-2.9.4/conf.c
-@@ -437,11 +437,10 @@
-     struct passwd *pass = NULL;
-     short int type = 0, size = 0;
-     int rc;
--#ifdef CONFIG_FLASK
--    int flask_enabled = is_flask_enabled();
--    struct security_query qry;
--    struct security_response rsp;
-+#ifdef WITH_SELINUX
-+    int flask_enabled = is_selinux_enabled();
-     int retval;
-+    struct av_decision avd;
-     const char *user_name;
- #endif
- 
-@@ -453,16 +452,18 @@
- 
-     /* check if this file is owned by root : otherwise, all runas fields
-      * of this field should be set to the owner */
--#ifdef CONFIG_FLASK
--    if(flask_enabled)
--	rc = fstat_secure(fileno(ff), &file_stat, &cf->cf_file_sid);
--    else
--#endif
-     rc = fstat(fileno(ff), &file_stat);
-     if ( rc != 0 ) {
- 	error_e("Could not stat %s", file_name);
- 	goto err;
-     }
-+#ifdef WITH_SELINUX
-+    if(flask_enabled && fgetfilecon(fileno(ff), &cf->cf_file_context) < 0 )
-+    {
-+	error_e("Could not get context of %s", file_name);
-+	goto err;
-+    }
-+#endif
- 
-     if ( strncmp(file_name,"new.", 4) == 0 ) {
- 	if ( file_stat.st_uid == ROOTUID ) {
-@@ -495,7 +496,7 @@
- 	}
-     }
- 
--#ifdef CONFIG_FLASK
-+#ifdef WITH_SELINUX
-     /*
-      * Since crontab files are not directly executed,
-      * crond must ensure that the crontab file has
-@@ -507,17 +508,19 @@
- 	user_name = "system_u";
-     else
- 	user_name = cf->cf_user;
--    if(get_default_sid(user_name, 0, &cf->cf_user_sid))
--	error_e("NO SID for user \"%s\"", cf->cf_user_sid);
--    qry.ssid = cf->cf_user_sid;
--    qry.tsid = cf->cf_file_sid;
--    qry.tclass = SECCLASS_FILE;
--    qry.requested = FILE__ENTRYPOINT;
--    retval = security_compute_av(&qry, &rsp);
--    if(retval || ((qry.requested & rsp.allowed) != qry.requested)) {
--	syslog(LOG_ERR, "ENTRYPOINT FAILED for \"%s\" (SID %u) for file SID %u"
--	       , cf->cf_user, cf->cf_user_sid, cf->cf_file_sid);
--	goto err;
-+    if(flask_enabled)
-+    {
-+	if(get_default_context(user_name, NULL, &cf->cf_user_context))
-+	    error_e("NO CONTEXT for user \"%s\"", cf->cf_user_context);
-+	retval = security_compute_av(cf->cf_user_context, cf->cf_file_context
-+		, SECCLASS_FILE, FILE__ENTRYPOINT, &avd);
-+
-+	if(retval || ((FILE__ENTRYPOINT & avd.allowed) != FILE__ENTRYPOINT))
-+	{
-+	    syslog(LOG_ERR, "ENTRYPOINT FAILED for user \"%s\" (CONTEXT %s) for file CONTEXT %s"
-+		, cf->cf_user, cf->cf_user_context, cf->cf_file_context);
-+	    goto err;
-+	}
-     }
- #endif
- 
---- fcron-2.9.4.orig/config.h.in
-+++ fcron-2.9.4/config.h.in
-@@ -393,7 +393,7 @@
- #undef HAVE_LIBSHADOW
- 
- /* Have SE Linux support */
--#undef CONFIG_FLASK
-+#undef WITH_SELINUX
- 
- /* Define if you have the xnet library (-lxnet).  */
- #undef HAVE_LIBXNET
---- fcron-2.9.4.orig/save.c
-+++ fcron-2.9.4/save.c
-@@ -298,12 +298,18 @@
-     int fd;
- 
-     /* open file */
--#ifdef CONFIG_FLASK
--    if ( is_flask_enabled() )
--	fd = open_secure(filename, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, S_IRUSR | S_IWUSR, file->cf_file_sid);
--    else
-+#ifdef WITH_SELINUX
-+    if ( is_selinux_enabled() && setfscreatecon(file->cf_file_context) )
-+    {
-+	error_e("Could not set create context for file %s", filename);
-+	return ERR;
-+    }
- #endif
-     fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, S_IRUSR|S_IWUSR);
-+#ifdef WITH_SELINUX
-+    if ( is_selinux_enabled() )
-+	setfscreatecon(NULL);
-+#endif
-     if ( fd == -1 ) {
- 	error_e("Could not open %s", filename);
- 	return ERR;
diff --git a/sys-apps/fcron/files/fcron.conf-2.9.4 b/sys-apps/fcron/files/fcron.conf-2.9.4
deleted file mode 100644
index 24bb86a81b48..000000000000
--- a/sys-apps/fcron/files/fcron.conf-2.9.4
+++ /dev/null
@@ -1,23 +0,0 @@
-# fcron.conf - Configuration file for fcron(8) and fcrontab(1).
-#	See fcron.conf(5) for syntax and explanations.
-#
-# WARNING : this file must be owned by root:cron and 640.
-#
-
-# The spool directory where fcron stores its files
-fcrontabs	=	/var/spool/cron/fcrontabs
-
-# The locations of the pid file and the fifo file
-pidfile		=	/var/run/fcron.pid
-fifofile	=	/var/run/fcron.fifo
-
-# allow/deny files to determine which users are allowed to use fcrontab
-fcronallow	=	/etc/fcron/fcron.allow
-fcrondeny	=	/etc/fcron/fcron.deny
-
-# Location of the programs used by fcron
-shell		=	/bin/sh
-sendmail	=	/usr/sbin/sendmail
-
-# Location of the default editor for "fcrontab -e"
-editor		=	/bin/nano
diff --git a/sys-apps/fcron/files/fcron.conf-2.9.5 b/sys-apps/fcron/files/fcron.conf-2.9.5
deleted file mode 100644
index 24bb86a81b48..000000000000
--- a/sys-apps/fcron/files/fcron.conf-2.9.5
+++ /dev/null
@@ -1,23 +0,0 @@
-# fcron.conf - Configuration file for fcron(8) and fcrontab(1).
-#	See fcron.conf(5) for syntax and explanations.
-#
-# WARNING : this file must be owned by root:cron and 640.
-#
-
-# The spool directory where fcron stores its files
-fcrontabs	=	/var/spool/cron/fcrontabs
-
-# The locations of the pid file and the fifo file
-pidfile		=	/var/run/fcron.pid
-fifofile	=	/var/run/fcron.fifo
-
-# allow/deny files to determine which users are allowed to use fcrontab
-fcronallow	=	/etc/fcron/fcron.allow
-fcrondeny	=	/etc/fcron/fcron.deny
-
-# Location of the programs used by fcron
-shell		=	/bin/sh
-sendmail	=	/usr/sbin/sendmail
-
-# Location of the default editor for "fcrontab -e"
-editor		=	/bin/nano