diff options
author | Kevin Tian <kevin.tian@intel.com> | 2011-01-26 19:09:14 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2011-02-01 23:59:40 +0000 |
commit | ede0009e7c30e22b0c41a648ec082b1fad013000 (patch) | |
tree | 0684a1e9142d79ddbf7471b14188cd91d0b5496f | |
parent | d0bf83cc9b6cc34fd3cc7fe95fb3edd9a0e4c231 (diff) | |
download | openembedded-core-ede0009e7c30e22b0c41a648ec082b1fad013000.tar.gz openembedded-core-ede0009e7c30e22b0c41a648ec082b1fad013000.tar.bz2 openembedded-core-ede0009e7c30e22b0c41a648ec082b1fad013000.zip |
cronie: enable multi-user crontab usage and make cron environment complete
fix [BUGID #673]
several cron related test cases in LTP reveals that our current cron recipe
is not complete:
a) a complete cron hierarchy better have:
/etc/crontab
/etc/cron.d
/etc/cron.hourly
/etc/cron.daily
/etc/cron.weekly
/etc/cron.monthly
b) for a normal user to use crontab command:
add a new group - crontab
/usr/bin/crontab is setgid to root:crontab
/var/spool/cron is owned by root:crontab
below are optional, and thus not included in the default setup:
/etc/cron.deny
/etc/cron.allow
cronie by default only allows root user to use crontab, if neither cron.deny
nor cron.allow exists. They are controlled by final policy deployed on the
product.
Signed-off-by: Kevin Tian <kevin.tian@intel.com>
-rw-r--r-- | meta/recipes-extended/cronie/cronie/crontab | 10 | ||||
-rw-r--r-- | meta/recipes-extended/cronie/cronie_1.4.6.bb | 33 |
2 files changed, 41 insertions, 2 deletions
diff --git a/meta/recipes-extended/cronie/cronie/crontab b/meta/recipes-extended/cronie/cronie/crontab new file mode 100644 index 0000000000..cc9169eda9 --- /dev/null +++ b/meta/recipes-extended/cronie/cronie/crontab @@ -0,0 +1,10 @@ +# /etc/crontab: system-wide crontab +# Unlike any other crontab you don't have to run the `crontab' +# command to install the new version when you edit this file +# and files in /etc/cron.d. These files also have username fields, +# that none of the other crontabs do. + +SHELL=/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +# m h dom mon dow user command diff --git a/meta/recipes-extended/cronie/cronie_1.4.6.bb b/meta/recipes-extended/cronie/cronie_1.4.6.bb index 6b4c64e3b1..09714c7f74 100644 --- a/meta/recipes-extended/cronie/cronie_1.4.6.bb +++ b/meta/recipes-extended/cronie/cronie_1.4.6.bb @@ -14,10 +14,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=963ea0772a2adbdcd607a9b2ec320c11 \ SECTION = "utils" -PR = "r0" +PR = "r1" SRC_URI = "https://fedorahosted.org/releases/c/r/cronie/cronie-${PV}.tar.gz \ - file://crond.init" + file://crond.init \ + file://crontab" SRC_URI[md5sum] = "968e3d3e7c8e1d0588d533883482d3fa" SRC_URI[sha256sum] = "4435484c28a4452ee37db27182675660cdebf16d8956771b28c8a6f2e9c8048b" @@ -32,4 +33,32 @@ do_install_append () { install -d ${D}${sysconfdir}/init.d/ install -m 0644 ${S}/crond.sysconfig ${D}${sysconfdir}/sysconfig/crond install -m 0755 ${WORKDIR}/crond.init ${D}${sysconfdir}/init.d/crond + + # below are necessary for a complete cron environment + install -d ${D}${localstatedir}/spool/cron + install -m 0755 ${WORKDIR}/crontab ${D}${sysconfdir}/ + mkdir -p ${D}${sysconfdir}/cron.d + mkdir -p ${D}${sysconfdir}/cron.hourly + mkdir -p ${D}${sysconfdir}/cron.daily + mkdir -p ${D}${sysconfdir}/cron.weekly + mkdir -p ${D}${sysconfdir}/cron.monthly +} + +pkg_postinst_${PN} () { + if [ "x$D" != "x" ] ; then + exit 1 + fi + + # below setting is necessary to allow normal user using crontab + + # add 'crontab' group and setgid for crontab binary + grep crontab /etc/group || addgroup crontab + chown root:crontab /usr/bin/crontab + chmod 2755 /usr/bin/crontab + + # allow 'crontab' group write to /var/spool/cron + chown root:crontab /var/spool/cron + chmod 770 /var/spool/cron + + chmod 600 /etc/crontab } |