cron (3.0pl1-137) unstable; urgency=medium [ Laurent Combe ] * Add patch Add-MAILFROM-environment-variable.patch (Closes: #898177, #1750051) [ Christian Kastner ] * Modify the above patch to use cronie's safe_p() function for email validation * Remove myself from Uploaders -- Christian Kastner Mon, 22 Feb 2021 23:43:24 +0100 cron (3.0pl1-136) unstable; urgency=medium * Convert package to source format 3.0 (quilt). Finally. The conversion was mostly manual, and the process was documented in debian/source-format-3.md. (Closes: #806225) * Bump Standards-Version to 4.5.0 (no changes needed) -- Christian Kastner Mon, 10 Feb 2020 20:16:06 +0100 cron (3.0pl1-135) unstable; urgency=medium [ Laurent Bigonville ] * Stop using obsolete SELinux API (Closes: #924716) [ Christian Kastner ] * d/control: Bump Standards-Version to 4.4.0 (no changes needed) * cron.8: Add missing reference to .dpkg-old. Thanks, Vincent Lefevre! (Closes: #926713) [ Jakub Wilk ] * crontab.5: Fix misuse of en-dash in examples, and remove stray character from the LIMITATIONS example. (Closes: #934543) -- Christian Kastner Sun, 15 Sep 2019 09:13:43 +0200 cron (3.0pl1-134) unstable; urgency=medium * Increase maximum crontab length to 10,000 lines. The previous limit proved to be too low for users with edge cases. (Closes: #925276) * Add NEWS entry for crontab line limit increase. -- Christian Kastner Sun, 23 Jun 2019 19:49:01 +0200 cron (3.0pl1-133) unstable; urgency=medium * SECURITY: Fix bypass of /etc/cron.{allow,deny} on failure to open If these files exist, then they must be readable by the user executing crontab(1). Users will now be denied by default if they aren't. (LP: #1813833) * SECURITY: Fix for possible DoS by use-after-free A user reported a use-after-free condition in the cron daemon, leading to a possible Denial-of-Service scenario by crashing the daemon. (Closes: #809167) * SECURITY: DoS: Fix unchecked return of calloc() Florian Weimer discovered that a missing check for the return value of calloc() could crash the daemon, which could be triggered by a very large crontab created by a user. * Enforce maximum crontab line count of 1000 to prevent a malicious user from creating an excessivly large crontab. The daemon will log a warning for existing files, and crontab(1) will refuse to create new ones. * Add d/NEWS altering to the new 1000 lines limit. * Move /var/run/crond.reboot to /run/crond.reboot. * crontab.5: Reverse the info on tilde expansion. When setting PATH, most shells will not expand a tilde. Thanks, Tim Landscheidt, for the analysis. (Closes: #801328) * Fixes for numerous man page issues. Remove trailing whitespace, use proper escapes, etc. Thanks, Bjarni Ingi Gislason! (Closes: #893575, #893579) * crontab.1: Drop duplicate DIAGNOSTICS header. * daemon: Only support the 'x' debug option in debug builds. -- Christian Kastner Sun, 10 Mar 2019 17:49:18 +0100 cron (3.0pl1-132) unstable; urgency=medium [ Christian Kastner ] * postinst: Properly test for regular file cron.postinst checked for a regular file by parsing the stat output, instead of simply relying on test(1) * Mark package cron as Multi-Arch: foreign (Closes: #878363) [ Stéphane Blondon ] * Add forgotten '\n' to a line in the crontab header (Closes: #898119) -- Christian Kastner Sun, 24 Feb 2019 21:56:40 +0100 cron (3.0pl1-131) unstable; urgency=medium [ Boyuan Yang ] * debian/control: - Merge duplicated build-dependency entry for debhelper - Update Vcs-* fields and use git repo under Salsa Debian group (Closes: #913484) - Add dependency to sensible-utils (Closes: #913483) * debian/rules: Do not explicitly invoke dpkg-architecture for architecture variables. Instead we are now using /usr/share/dpkg/architecture.mk to provide them [ Bjarni Ingi Gislason ] * crontab.1: Some format fixes in the manual. (Closes: #893576) [ Christian Kastner ] * d/control: - Switch Build-Depends from debhelper to debhelper-compat - Add Rules-Requires-Root: no We don't need (fake)root for building the package - Drop ancient dpkg Pre-Depends and Breaks The versioned dependencies are older than oldoldstable - Bump debhelper compatibility level to 12 - Switch to https in Homepage field - Bump Standards-Version to 4.3.0 - binary package cron: + Add Pre-Depends: ${misc:Pre-Depends} for init-system-helpers + Switch cron MTA Recommends to default-mta | mail-transport-agent Recommend these virtual packages rather than specific MTAs + Move unqualified debhelper control files to from * to cron.* * Remove now obsolete d/compat * d/rules: - systemd sequence has been removed in compatibility level 11 - Drop override_dh_compress Examples are no longer compressed in compatibility level 12 * d/copyright: - Switch URL to official MRCF 1.0 policy - Ustream-Contact -> Upstream-Contact * Remove ancient cruft from maintainer scripts This cruft dealt with conffile tasks from before oldoldstable. As we don't provide a direct upgrade path from older releases, this is just maintenance overhead * Drop empty preinst maintainer script, as a result of the cruft removal * d/watch - Update to format version 4 - Switch to https * Remove trailing whitespace from changelog * Remove trailing whitespace from debian/control -- Christian Kastner Wed, 20 Feb 2019 17:44:49 +0100 cron (3.0pl1-130) unstable; urgency=medium * debian/postinst: Do not do check if /var/spool/cron/crontabs if empty (Closes: 892720, 892721, 892724) * debian/cron.service: - Add dependency on nss-user-lookup.target in the definition which properly fixes the issues when cron is started before centralised user repositories are available (e.g. LDAP or Active Directory). This should avoid errors in syslog similar to the following: "crond[PID]: (CRON) bad username (/etc/cron.d/JOBNAME)" (Closes: #767016, #801384, #783665) (LP: #1593317) - Also remove Type=idle change added in previous upload, which was not the correct fix to apply. - Add automatic restart on failure (Closes: #834728) * debian/cron.init: Revert previous change - instead of adding $all, add sssd to the services that should be started/stopped before/after cron. * crontab.5: - Add improvements and fixes to manpage provided by Philip Hands (Closes: #792572) - Document that system wide defaults run from 6 am to 7 am. (Closes: #757191) - Document how asterisks are processed in dom and dow fields using patch provided by Christian Pekeler (Closes: #840601) Also see https://treats.wdt.io/cron-bug.html * debian/crontab.main, crontab.5: Add documentation comments similarly as to how Fedora / Red Hat Enterprise Linux documents (crontab package). This comments more descriptive and provides inexperienced users with a better understanding of the syntax. (Closes: #705570) -- Javier Fernández-Sanguino Peña Mon, 12 Mar 2018 22:00:01 +0100 cron (3.0pl1-129) unstable; urgency=medium * Acknowledge NMU * debian/cron.init, debian/cron.service: Make sure cron is started last and stopped first, with patch provided by Harald Dunke (Closes: #767016, #801384, #783665) (LP: #1593317) * crontab.1: Document limitation due to account renaming as described in Ubuntu's bug 73398 * crontab.5: Document the need to set the DISPLAY environment when running scheduled tasks that interact with the user's desktop environment (LP: #891869) * cron.8: Fix typo (Closes: 819832) * debian/control: Replace dh-systemd dependency with debhelper (lintian fix) * debian/README.Debian: Update maintainer address [ Christian Kastner ] * debian/postinst: Fix for CVE-2017-9525: group crontab to root escalation via postinst as described by Alexander Peslyak (Solar Designer) in http://www.openwall.com/lists/oss-security/2017/06/08/3 (Closes: 864466) -- Javier Fernández-Sanguino Peña Sun, 11 Mar 2018 22:38:06 +0100 cron (3.0pl1-128.1) unstable; urgency=medium * Non-maintainer upload. * Properly transition system jobs to system_cronjob_t SELinux context and stop relying on refpolicy specific identifiers (Closes: #857662) * d/cron.service: Add a dependency on remote-fs.target (Closes: #815088) -- Laurent Bigonville Tue, 03 Oct 2017 15:38:27 +0200 cron (3.0pl1-128) unstable; urgency=medium * d/cron.service: Use KillMode=process to kill only the daemon. The default of KillMode=control-group kills all the processes in the control group, for example when restarting the daemon. This is a deviation from past behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683 -- Christian Kastner Sun, 03 May 2015 15:25:18 +0200 cron (3.0pl1-127) unstable; urgency=medium * Drop $READ_ENV from cron's command line. It does not belong there. Closes: #766779 -- Christian Kastner Sat, 25 Oct 2014 20:47:09 +0200 cron (3.0pl1-126) unstable; urgency=low * Packaging (general): removed unused files from the source that had been already removed in 3.0pl1-117 but got reintroduced due to a merge. -- Javier Fernández-Sanguino Peña Fri, 24 Oct 2014 23:01:59 +0200 cron (3.0pl1-125) unstable; urgency=medium * Acknowledge NMUs. Thanks, Laurent Bigonville and Ansgar Burchardt. Closes: #749271 [ Christian Kastner ] * debian/control: - Bump Standards-Version to 3.9.6 (no changes needed) - Canonicalize Vcs-* URLs * debian/copyright: - Bump years - Don't use spaces in License short name * debian/source/lintian-overrides: - Drop overrides from pre-UTF-8 debian/control era * debian/rules: - Extend documentation * debian/cron.init: - Include winbind in Should-Start/Stop. Closes: #732203 * crontab.5: - Don't use hyphen as a minus sign * cron.8: - Drop stray words in cron.8. Thanks, Regid Ichira! Closes: #702091 - Fix misspelled 'sytem'. Thanks, green! Closes: #753775 * cron.c,crontab.c: - Use basename of argv[0] as syslog tag. Closes: #752750 * cron.c: - Use case-insensitive comparison in charset selection. Thanks, Malcolm Scott! LP: #1169160 * entry.c: - Detect invalid entry: step specified without a range. Thanks, Justin T. Pryzby! Closes: #733478 - Error out when a command field is too long instead of silently truncating it. Closes: #686223, LP: #826702 * do_command.c: - Fix initialization and increment of mailed bytes counter. Closes: #691488 * cron.c, do_command.c: - Add an option -n to include FQDN in mail subject. Closes: #570423 [ brian m. carlson ] * config.h, do_command.c: - Send proper 8-bit emails by including an appropriate MIME-Version and adjusting the Content-Transfer-Encoding header accordingly. Closes: #694686 [ Javier Fernández-Sanguino ] * Change systemd definition in order for the daemon to read an honor /etc/default/cron (Closes: #754279) -- Javier Fernández-Sanguino Peña Fri, 24 Oct 2014 16:17:56 +0200 cron (3.0pl1-124.2) unstable; urgency=medium * Non-maintainer upload. * debian/cron.service: Set IgnoreSIGPIPE=false. (Closes: #756047) * debian/cron.service: Add Documentation field. -- Ansgar Burchardt Mon, 04 Aug 2014 21:44:00 +0200 cron (3.0pl1-124.1) unstable; urgency=medium * Non-maintainer upload. * Add pam_loginuid module to the PAM session stack (Closes: #677443) * Add systemd service file. Thanks to Michael Stapelberg (Closes: #652440) -- Laurent Bigonville Sun, 25 May 2014 21:21:19 +0200 cron (3.0pl1-124) unstable; urgency=medium [ Release targeted to Wheezy including fixes for critical/important bugs ] * debian/{preinst,postinst,postrm}: remove obsolete /etc/cron.daily/standard on upgrade. (Closes: #679062) * debian/cron.init: Have the init.d file remove cron's pidfile if it exists after killing the process. The pidfile should be removed by cron itself (but it isn't) through its SIGhandler as done in later versions in cron (4.1 and cronie). This fix is, however, simpler and less intrusive. (Closes: 679106, 615855) * debian/control: - Reword last paragraph since cron does not provide any standard tasks anymore. (Closes: 674192) - Update to Standards-Version: 3.9.3 - which BTW includes an indication on which are the valid cron filenames. - Depend on debhelper >= 9 (lintian warning) -- Javier Fernández-Sanguino Peña Thu, 28 Jun 2012 12:08:09 +0200 cron (3.0pl1-123) unstable; urgency=low * debian/standard.daily: Apply patch from Steve Allison to prevent checking two times the same filesystem. This prevents bogus warnings about missing lost+found in schroot bind mounts (Closes: #660879) * debian/rules: Apply patch from Steve Langasek to add cross compiler support to cron (Closes: #666892) * debian/cron.default, debian/standard.daily, debian/rules: Remove the lost+found check as this is no longer required and causes issues with some filesystems (e.g. bind mounts, locally mounted USB drives). Additionally, in some filesystems the directory will be generated when required. (Closes: #620164, #658743, #662605, #660879, #579640, #473711) -- Javier Fernández-Sanguino Peña Sat, 23 Jun 2012 08:28:27 +0200 cron (3.0pl1-121) unstable; urgency=low * debian/control: - Put the maintainer address in UTF-8 encoding * debian/postinst: - Only go ahead when configuring the package (Closes: #653304, #657073) * debian/source/lintian-overrides: - Removed, no longer required * crontab.5: - Escape the '%' in the examples so that they can work when copied over to crontab (Closes: #642309) (LP: #1110147) - Remove tabs from manpage since they are not formatted properly in the nonfill area * cron.8, crontab.1, crontab.5: - Fix formatting errors in manual pages with patch provided by David Prévot (Closes: #643603) * debian/cron.default: - Fix typo (Closes: #643897) * debian/compat: - Set to compatibility version 9 to enable hardened build flags (Closes: #653720) -- Javier Fernández-Sanguino Peña Mon, 19 Sep 2011 00:20:17 +0200 cron (3.0pl1-120) unstable; urgency=low * do_command.c, cron.h, cron.8: - Change the behaviour when logging the information of the child processes. A new loglevel (8) is introduced and documented in cron.8. The previous log format is kept unless the sysadmin choses to select this new option. (Closes: #637295) * debian/examples/cron-stats.pl: - Adjust the script with the changes introduced in the logging behaviour. * cron.8: Fix minor formatting errors * debian/cron.bug-script: - Report properly on the EDITOR variable. Thanks to Jan Braun for the report. - Also report the contents of /etc/cron.* dirs. This is helpful when debugging syntax/mode/naming errors. Users that do not want to share this information should edit/delete before reporting bugs. * debian/changelog: Typo fixes and missing information * debian/control: - Update package description, removing the "backup of key system files" as a feature. The last of these responsibilities were transffered in -117. * crontab.5: - Document limitations of the periods that can be defined in crontab syntax and provide workarounds (Closes: #640086) - Document limitation of the use of @reboot due to the definition of the boot sequence as suggested by Regid Ichira. * debian/source/lintian-overrides: - Add overrides file for lintian required because the maintainer name in debian/changelog and in debian/control do not match due to encoding. [ Christian Kastner ] * debian/control: - Fix broken Vcs-* URLs * debian/NEWS: - Remove spurious NEWS entry (the entry for -110 was duplicated at the bottom) -- Javier Fernández-Sanguino Peña Fri, 09 Sep 2011 23:25:35 +0200 cron (3.0pl1-119) unstable; urgency=low * The development team has migrated from Subversion to git, with the latter becoming authoritative immediately. A log of the migration process can be found in debian/svn-git-migration.txt. [ Javier Fernandez-Sanguino ] * debian/NEWS: - Remove the entry introduced in the previous version until an agreement is reached on the desired behaviour (Reopens: #608774) * debian/standard.daily: - Work properly if mount points have a space (Closes: #633972) - Sanity check mount point value before generating an error * Add one new example script: - cron-tasks-review.sh: Reviews the files that exist in /etc/cron.d and in /etc/cron.{hourly,daily,weekly,monthly} to find those that will not be run by cron due to some error. * debian/copyright: - Adjust debian/copyright to acknowledge the (c) and license of the new example script. * debian/control: - Remove Steve from the Uploaders field, no longer needed there * cron.8: - Document the Debian specific changes in a separate section, describing how /etc/cron.{hourly,daily,weekly,monthly} and /etc/cron.d behave and should be used. [ Christian Kastner ] * debian/control: - Updated Vcs-* URLs to point to the new git repository * debian/cron.c, database.c: - Interpret the "-L" option of the daemon as a bitmask, and add initial support for three selectors: start, stop, end * database.c, cron.c, cron.h, debian/copyright: - Check orphaned crontabs for adoption. Fix taken from Fedora cronie. Closes: #634926 * do_command.c: - When logging a job run, prefix the command text with the PID of the process. Closes: #609780 * debian/NEWS: - Added entry documenting the change of the "-L" option as well as the dropping of LSBNAMES in -117. -- Javier Fernandez-Sanguino Pen~a Wed, 08 Jun 2011 20:44:49 +0200 cron (3.0pl1-118) unstable; urgency=low * debian/control - Limited Build-Depends for libaudit-dev to linux-any. I erroneously assumed it applied to other OSes as well. * debian/rules - DEB_BUILD_OPTIONS for audit support is limited to Linux platforms [ Javier Fernandez-Sanguino] * debian/NEWS - Document the new behaviour of cron regarding logging of non-zero exit status cronjobs (Closes: #608874) -- Christian Kastner Tue, 31 May 2011 14:50:34 +0200 cron (3.0pl1-117) unstable; urgency=low * Makefile: - Fixed integration of cron-internal debug code into the package building process. Instead of having to modify debian/rules, this can now driven by DEB_BUILD_OPTIONS=debug - Removed hard-coded compiler flags, honoring those provided by dpkg-buildflags instead * do_command.c: - When logging the end of cron jobs, log the PID of the actually exec'ed user command, not the PID of the parent. Closes: #609780 * database.c: - Split crontab security checks (type, owner, mode, links) into separate tests with individual error messages instead of the cryptic message "WRONG INODE INFO". Closes: #625493 - Extended the ability to recover from broken symlinks (added in -110) to also recover from failed security checks above. Fixes to these were not being detected as cron only looks at mtime. Closes: #625495 - Also recover from syntax errors. Fixes to these did change mtime, but were ignored as cron permanently removes broken crontabs from its database of files to check. Closes: #627859 * cron.8: - Documented the fact that /etc/crontab and files in /etc/cron.d must not be group- or other-writable. Closes: #625491, LP: #741979 * crontab.5: - Specify parse order of crontabs (thanks, Jonathan Amery). Closes: #622645 * debian/control: - Bumped Standards-Version to 3.9.2 (no changes needed) - Added missing Build-Depends on libaudit-dev - Removed Conflicts for nonexistent package suidmanager - Removed Conflicts for lockfile-progs (which should have been a Breaks anyway) as we no longer rely on it, we use flock from util-linux instead - Changed architecture-specific Build-Depends on libselinux1-dev to linux-any instead of negating all other OSes * debian/cron.default: - Merged the LSBNAMES option with EXTRA_OPTS. Both where used to pass options to the daemon, making one of them redundant - Added the ability to disable the daily lost+found check by setting the new variable CHECK_LOSTFOUND to "no". Closes: #579640 * debian/cron.init: - Don't call start-stop-daemon directly, use LSB init functions instead. Among other things, this works around the cron daemon not deleting its pidfile from /var/run/. Closes: #615855, 622348 - Added $network to Should-Start * debian/rules: - Converted to dh syntax. This included replacing some manually executed steps with debhelper file-automated ones (eg: cron.man, cron.examples) to lessen clutter - Completely rewrote the PAM/SELinux/audit integration parts. PAM support was being skipped on kfreebsd and hurd, and audit support was completely broken. From now on: + PAM is enabled by default on all platforms + SELinux is enabled by default on linux-any + audit is disabled by default on all platforms All of these can be driven by DEB_BUILD_OPTIONS (see debian/rules) - Do not compress example perl scripts * debian/{prerm,postrm,postinst}: - Let dh_installinit manage stopping/(re)starting of jobs instead of calling invoke-rc.d ourselves * debian/standard.daily: - Backup of /etc/{passd,group} is no longer performed by cron; the task was handed over to src:shadow (see #554170). In Squeeze, this task will be performed redundantly by both packages (as discussed on debian-release) (Closes: 333837) - Rewrite locking and lost+found-checking code, based on a submission to the BTS by Justin B. Rye. Closes: #478967, #537073, LP: #257367 - Parse /etc/mtab instead of /proc/mounts; the former makes handling bind mounts easier. Closes: #578856 - Pull in /etc/cron/default for CHECK_LOSTFOUND (see above) * debian/copyright: - Convert to DEP5 format (r173) * debian/watch: - Added watch file to silence a lintian warning, even though the last upstream release was in 2004 * Packaging (general): removed a lot of cruft which seems to have accumulated over time. This included all the cron-se stuff, which appears to have been a remnant from the SELinux integration process, and was either not being used anymore or completely broken. Also, the patches/ directory was removed, as that location has a specific meaning and the patches in there were no longer relevant. -- Christian Kastner Sun, 08 May 2011 01:21:15 +0200 cron (3.0pl1-116) unstable; urgency=high * Upload with approval from Release Team to get RC bug fixes in Squeeze (see http://lists.debian.org/debian-release/2010/12/msg00719.html) * do_command.c, popen.c: - Use fork() instead of vfork(). * do_command.c: - Close an unused stream in the fork()ed child prior to exec'ing the user's command, thereby avoiding an fd leak. Closes: #604181, LP: #665912 Previous to this, and in conjunction with LVM, the fd leak may have the effect of the user being spammed by warnings every time a cron job was executed. * crontab.5: - Fixed the example demonstrating how to run a job on a certain weekday of the month (date range was off-by-one). Also, the same example contained a superfluous escape, resulting in wrong output. Closes: #606325 * cron.init: - Added $named to Should-Start, in case @reboot jobs need DNS resolution. Closes: #602903 - Added nslcd to Should-Start. LP: #27520 -- Christian Kastner Wed, 10 Nov 2010 21:13:19 +0100 cron (3.0pl1-115) unstable; urgency=high * cron.c: set LC_COLLATE to 'C' in order to properly work when locales are set that change the collation order expected by the regular expressions used in load_database(). By setting locale we were skipping some crontabs unexpectedly due to [a-z] not matching all the ascii characters in some languages (such as Estonian). (Closes: #600310) Thanks to Michael Tokarev for spotting this issue and for Bastian Blank for pointing for the fix. * debian/cron.init: - Fix typo that prevented it from properly loading LC_CTYPE (Closes: #600082) - Force LC_COLLATE to 'C' regardless of user locale settings. -- Javier Fernandez-Sanguino Pen~a Sat, 16 Oct 2010 13:05:02 +0200 cron (3.0pl1-114) unstable; urgency=low * Cleanup of the package in preparation of the next Debian release. - Notice that only one change introduces new behaviour (debian/cron.pam), the other changes are just documentation fixes or cleanups to the packaging. * debian/cron.pam: - In addition to the reading /etc/security/pam_env.conf and /etc/environment (obsolete config file) previous default, cron will now also read /etc/default/locale in order to setup the proper localisation environment for tasks. [ Documentation fixes ] * debian/cron.{default,init}, cron.8, crontab.5: - Updated documentation (comments in scripts and manpages) regarding the reading and setting of locale information for the cron daemon and for cron tasks to document the new behaviour due to the above change. * debian/{preinst,postinst,postrm}: - Since /etc/cron.monthly/standard does not provide any worthwhile task anymore, remove obsolete /etc/cron.monthly/standard after upgrading (local changes are preserved, however). Closes: #585680 * crontab.1 - Minor typo fixes to the manpage. * crontab.5: - Added an example submitted by jidanni (thanks!), showing how to run a command on the second Saturday of the month. Closes: #584514 - Minor fixes [ Fixes to the packaging ] * debian/control: - Bumped Standards-Version to 3.9.1 (no changes needed) - Added Pre-Depends for dpkg (>= 1.15.7.2) for a dpkg-maintscript-helper with support for safely removing conffiles - Added Homepage: field - Added Vcs-* fields - Upgraded debhelper dependency version for dh_bugscripts * debian/rules: - Replace deprecated dh_clean -k with dh_prep * debian/NEWS: - Apply Steve Langasek's patch to remove non-newsworthy content, avoiding unnecessary output from apt-listchanges during upgrade. Closes: #591005 * debian/source/format: - Make source format explicit (1.0) -- Christian Kastner Sun, 18 Jul 2010 22:51:21 +0200 cron (3.0pl1-113) unstable; urgency=medium [ Christian Kastner / Javier Fernandez-Sanguino ] * debian/postinst: - Now that permissions and ownership of crontabs are changed unconditionally, do not attempt to chown user crontabs if none are present. Closes: #585636 - Only change permissions if the crontabs directory exist -- Christian Kastner Sat, 12 Jun 2010 18:25:59 +0200 cron (3.0pl1-112) unstable; urgency=low [ Christian Kastner ] * do_command.c: - Don't send mail when a job exits non-zero, only send mail if the job sent output to stderr. This behaviour was introduced erroneously; while it does have merit, it is completely against standard cron behaviour. Closes: #581612 * debian/compat: - Bumped debhelper compatibility to 7 * debian/control: - Bumped Standards-Version to 3.8.4 (no change needed) - Build-Depend on debhelper (>= 7.0.50~) - Added dependency on ${misc:Depends} to package cron * debian/cron.init: - Changed Default-Stop from (1) to (empty). rc0 and rc6 were removed in 3.0pl1-101 because the stop action -- sending SIGTERM/SIGKILL to cron on shutdown/reboot -- was redundant. This, however, also applies to rc1, because killprocs will do that for us. * debian/postinst: - Removed obsolete dpkg file backup code, this has been handed over to dpkg in 3.0pl1-109 - Removed last remaining stop action (for rc1) from upate-rc.d (see above) - Add dpkg-statoverride for /usr/bin/crontab, and unconditionally change permissions of /var/spool/cron/crontabs. Closes: #304036, #460095 * debian/standard.monthly: - Removed because it had been empty for years and therefore served no purpose * debian/cron.bug-{control,script} - Added to extend information submitted by reportbug * debian/rules: - Applied changes for standard.monthly and cron.bug-{control,script} above * debian/copyright: - Updated to reflect recent contributions * debian/README: - Updated ancient information with the current status (PAM support, SELinux support, etc.) * debian/TODO: - Added new entry regarding clarification of the purpose behind /etc/cron.d * debian/REFS: - Summary of links to relevant development threads; re-added for informational purposes. [ Javier Fernandez-Sanguino ] * debian/cron.init: - Fix typo (Closes: #585399) -- Christian Kastner Thu, 10 Jun 2010 15:21:39 +0200 cron (3.0pl1-111) unstable; urgency=low [ Christian Kastner ] * debian/cron.init: - When both /etc/environment and /etc/default/locale contain locale information, warn that variables from /etc/environment will be ignored. Closes: #543895, #580942 - Add autofs and NIS+ to Should-Starts, because especially NIS+ must be run before cron, if present. Closes: #512757 - init script should be stopped in runlevel 0 and 6, too [ Javier Fernandez-Sanguino ] * do_command.c: Revert change so that mails are not sent if MAILTO is null. Closes: #580938 -- Javier Fernandez-Sanguino Pen~a Sun, 16 May 2010 15:16:24 +0200 cron (3.0pl1-110) unstable; urgency=medium [ Christian Kastner ] * user.c - Fix broken parsing and handling of crontabs with no-newline-before-EOF - Refuse to install such crontabs via crontab(1). Closes: #79037 - Log crontabs missing newline before EOF to syslog. This is only relevant for crontabs not installed via crontab(1), ie. /etc/cron.d/* and /etc/crontab. Closes: #76625 - Add a log message explicitly stating that all jobs of crontabs with syntax errors will not be run (ie, all-or-nothing). See #555954 * crontab.c - Tell the user which chars are expected on retry, too * cron.c - Don't let the daemon die when directories disappear, eg. when moving directories around. Patch provided by Justin Pryzby (thanks!). Closes: #470564 * database.c - Recover from broken symlinks in /etc/cron.d/ (Closes: #433609) - Don't report wrong file owner in /etc/cron.d/ as wrong symlink owner - Check the permissions of symlink targets (writeable only by root) * do_command.c - Don't let long-running commands time out certain MTAs. Patch provided by Justin Pryzby, based on an analysis by Alexis Huxley (thanks!). Debian's default MTA, exim, does not time out, so it shouldn't have been affected. Closes: #155109, #443615 - Bypass mail generation/sending code when no MTA is installed. Previously, jobs with a lot of output would die once the pipe's buffer was filled. Closes: #577133 * popen.c - Check return value of setgid() call, also associated with the CVE-2006-2607 fix - Move signal handling away from ancient API. Patch provided by Justin Pryzby (thanks!). * misc.c - On startup, when recreating missing directories, do so with permissions reflecting Debian's SGID crontab vs upstream's SUID * entry.c - Explicitly check for valid ranges in range values instead of upstream's broken approach which misses certain combinations of ranges and steps. Closes: #533726 * env.c - Backport environment variable parser from 4.1. The 3.0 parser has a number of issues, especially with otherwise trivial matters such as whitespace. Closes: #437180 * cron.8 - Document symlink behaviour. * crontab.1 - Document the new EOF handling described above. * crontab.5 - Clarify parsing of empty variables (Closes: #497742) * debian/TODO - Remove obsolete entries; add a table of planned milestones * debian/NEWS - Briefly describe the most important changes since lenny's release * debian/control - Add Christian Kastner to the Maintainers list (Closes: #565143) [ Javier Fernandez-Sanguino Pen~a ] * debian/rules: Install the cron.default file properly * debian/standard.daily: - Do not indicate that lost+found does not exist if the filesystem is XFS (Closes: #577508 577536) -- Christian Kastner Thu, 29 Apr 2010 16:23:38 +0200 cron (3.0pl1-109) unstable; urgency=medium * cron.c: - Apply patch derived from OpenBSD's cron by Petya Kohts to handle properly DST and avoid running cron jobs twice, or skip cron jobs when there is a savings time change. Closes: #217836, #458123, #474157, LP: #36690 * crontab.c: - Revert the behaviour that prevented 'alias crontab="crontab -i"' from working. Now the -i flag is allowed regardless of other command line switches. (Closes: #513379) - Be more verbose in the example provided for first-time users than run 'crontab -e' - Check if the crontab exists before attempting its removal and before prompting the user (whe using -i) - When prompting, tell the user which chars are expected * crontab.1: - Change usage to match crontab's output - Clarify use of the cron.allow and cron.deny files (Closes: #511782) * crontab.5: - Describe a known limitation related to the lack of the cron daemon's per-user timezone support (Closes: #497741, 353246, 166533) - Describe the use of tilde (~) as a substitute for $HOME (Closes: 477198) - Describe the lack of replacements of variables (Closes: #493636) * popen.c: Check return call of initgroups(), associated with CVE-2006-2607 fix. Thanks to Christian Kastner for the heads up. * cron.8: - Describe how the environment is managed in Debian * debian/cron.init: Also use /etc/timezone to setup the timezone environment (TZ) if not set. * debian/standard.daily: - Do not make a backup copy of dpkg files anymore since dpkg (1.15.4) does this already (when #541412 was fixed) (Closes: #541415) - Fix a bug in lost+found reporting. Files in lost+found were never + actually reported. [ Patch from Teemu Kiviniemi ] - Added ext4 for lost+found searches. [ Patch from Teemu Kiviniemi ] Closes LP: #367383 * debian/control: - Add a Breaks dpkg (<< 1.15.4) to ensure that one always has the backup functionality either via cron or via dpkg. - Provides: cron-daemon, which was reinstated in the virtual package list in November 2009 (Closes: #349170) -- Javier Fernandez-Sanguino Pen~a Sat, 10 Apr 2010 12:48:42 +0200 cron (3.0pl1-108) unstable; urgency=high * Add a Depends: on libpam-runtime (>= 1.0.1-11) since this is required for the use of common-session-noninteractive (Closes: 575342) -- Javier Fernandez-Sanguino Pen~a Fri, 26 Mar 2010 00:17:02 +0100 cron (3.0pl1-107) unstable; urgency=low * debian/cron.pam: Use common-session-noninteractive in pam.d configuration instead of common-session so that libpam-ssh is not run. If libpam-ssh was installed the previous configuration resulted in cron spawning many ssh-agent processes (Closes: #572292) * debian/cron.init: Add Should-Start/Stop dependency to slapd so that cron * can start up tasks for users define in an LDAP (Closes: #557659, #546367) * Fix the use of perror so that the error message is correct when printing the reason why an operation failed. Thanks to Justin Pryzby for the patch. (Closes: 470587) * pathnames.h: Use /usr/bin/sensible-editor instead of /usr/bin/editor when calling crontab -e (Closes: #482284) * Fix debian/control description, thanks to Justin B Rye for the patch (Closes: #535227) * crontab.c: Produce a different warning message when root tries to setup a crontab for a user that is not allowed to do so, and do not log the action (Closes: #505288) * Only allow -i if -r has been specified previously (Closes: #513379) * Update debian/README.Debian to indicate that the package is being maintained at Alioth, thanks Tomas Pospisek for the patch (Closes: #511740) * crontab.c: Update the usage() call so that it refers to the use of -i when removing (-r) * crontab.1: Update the manpage: - Use the same option listing as in the crontab usage() call - Remove 'tweaked', explain what -u does in each context. - Remove V3, use 'Vixie Cron' instead (Closes: #572249) - Update the manpage years (Closes: #563296) - Describe the usage of the crontab group wrt /var/spool/cron/crontabs (Closes: #539182) * Use debhelper compatibility version 5 * Include cross build support with patch to debian/rules provided by Neil Williams (Closes: #465077) * Change maintainer's email address -- Javier Fernandez-Sanguino Pen~a Tue, 16 Mar 2010 22:55:26 +0100 cron (3.0pl1-106) unstable; urgency=high * SECURITY UPDATE: cron does not check the return code of setgid() and initgroups(), which under certain circumstances could cause applications to run with elevated group privileges. Note that the more serious issue of not checking the return code of setuid() was fixed already in 3.0pl1-64. (Closes: #528434) - do_command.c: check return code of setgid() and initgroups() - This fixes (hopefully completely) CVE-2006-2607 * crontab.c: - close the temporary file after it is edited and before calling cleanup_tmp_crontab() to behave properly on NFS mounted / (Closes: #413962) - if crontab is run without argument then it will read stdin to replace the users crontab. This way it is POSIXLY_CORRECT. More information at http://www.opengroup.org/onlinepubs/9699919799/utilities/crontab.html (Closes: #514062) * crontab.5 : - Add details about multiple recipients in MAILTO (LP: #235464) (Closes: #502650) - Indicate that it also reads environment from /etc/environment - Substitute ATT for AT&T (Closes: #405474) * Proper fix for PAM configuration to make cron read the system environment (Closes: #511684) * debian/cron.init: - Add support for 'status' in the init.d (Closes: #514721) - Use 'cron' instead of 'crond' (Closes: #497699) * Change lockfile-progs from Suggests: to Recommends: and remove wording related to dselect, which is no longer relevant (Closes: #452460, #468262) * Add justification of checksecurity being in the Suggests: line * Change the (outdated) wording of the description based on an example provided by Justin B Rye (Closes: 485452) * Change the postinst so that update-rc.d is only run if /etc/init.d/cron is executable (Closes: #500610) -- Javier Fernandez-Sanguino Pen~a Wed, 13 May 2009 01:05:41 +0200 cron (3.0pl1-105) unstable; urgency=low * Non-maintainer upload with permission. * Fixes an uninitialised data problem in the SE Linux code, also fixes a similar compile warning in code which is not related to SE Linux which isn't a bug (to avoid confusion). Closes: #472938 * Updates the SE Linux patch to work with the new code base, the previous version was almost totally unusable with Lenny SE Linux. Closes: #499518 * Fixes inadequate security checks in the SE Linux code path, the previous code might be vulnerable to exploit at some future time. Closes: #499584 -- Russell Coker Sun, 28 Sep 2008 19:23:50 +1000 cron (3.0pl1-104) unstable; urgency=low * Discard errors from df in the standard daily cron task to prevent errors in user's systems that do not have ext2, ext3 or xfs filesystems (Closes: #462472, #394646, #463656, #463713, #464749, #504146) -- Javier Fernandez-Sanguino Pen~a Fri, 14 Mar 2008 01:03:03 +0100 cron (3.0pl1-103) unstable; urgency=low * Fix bug introduced in the init.d file with the changes in the previous version that makes the init.d not work properly when stopping cron due to the improper definition of PIDFILE (Closes: #460869, #460886) -- Javier Fernandez-Sanguino Pen~a Tue, 15 Jan 2008 19:50:37 +0100 cron (3.0pl1-102) unstable; urgency=low * Modify pathnames.h so that GNU/KFreeBSD is detected and /var/run is used instead of /etc/ to store the PID file (Closes: #460514) * Modify the init.d script so that it uses /etc/cron.pid as its pidfile if it exists, this will prevent the init.d script from failing if cron is compiled in a system which does not get to define _PATH_RUN as /var/run * Fix typo in changelog (Closes: 459952) -- Javier Fernandez-Sanguino Pen~a Sun, 13 Jan 2008 23:08:11 +0100 cron (3.0pl1-101) unstable; urgency=low * Init.d changes: - Add LSB dependencies on mounted /usr (Closes: #459489) - Remove 0 and 6 from Default-Stop LSB definition in the init script as sendsigs take care of stopping cron" debian/cron.init. Also change the postinst call to update-rc.d so no stop symlinks are added in those runlevels (Closes: #422785) [ Notice that the existing symlinks are not removed when upgrading it is up to the administrator to remove this himself so as to not break local changes ] - Parse system's locale to set the charset used to email cron tasks. This will affect tasks that expect a 'C' locale (for example to parse messages) and are running in systems with a non-C locale. (Closes: #410057, #405335, #309150) - Add support for /etc/default/cron and make it possible to add additional options and control if environment is parsed. (Closes: #396928, #471506) * cron.c: - Do not use ANSI_x3.4-1968 but US-ASCII instead since it is the preferred MIME name as per http://www.iana.org/assignments/character-sets" (Closes: #415302) * crontab.c: - Add an option to ask for confirmation when a crontab is to be removed, based on Fedora's patch for this same request. Users wanting this behaviour have to alias cron (just as rm is aliased to 'rm -i') (Closes: #117758, #289636, #324103, #414048) - Print the location of CRONDIR when printing files on the crontab dir so that the error messages have the absolute location of the files they refer to. (Closes: #391350) * Lintian fixes: - Modify debian/copyright to point to the location of the Artistic License. -- Javier Fernandez-Sanguino Pen~a Tue, 08 Jan 2008 22:13:35 +0100 cron (3.0pl1-100) unstable; urgency=low [ Last upload for etch fixing documentation in this package ] * Describe the -L option in cron's manpage. * Fix minor typos, and change Debian-specific content of manpages and default crontab that could lead to user's being confounded. Explicitly say that both /etc/crontab and files under /etc/cron.d/ can have users in the crontab lines. (Closes: #402934) -- Javier Fernandez-Sanguino Pen~a Wed, 20 Dec 2006 00:53:06 +0100 cron (3.0pl1-99) unstable; urgency=low * Fix the test for anacron in /etc/crontab that would make cron run the run-parts regardless of whether anacron was installed or not, thanks to Paul Kimoto for spotting the bug introduced in the fix to #383857 (Closes: #392600) * Fix lintian error by adding a comment line in the init.d script -- Javier Fernandez-Sanguino Pen~a Thu, 12 Oct 2006 20:49:50 +0200 cron (3.0pl1-98) unstable; urgency=low * Fix LSB-formatted init.d meta info, thanks to Petter Reinholdtsen (Closes: #386709) * Make crontab tasks run with CWD=/, to make SELinux happy, thanks to Erich Shubert (Closes: #383857) * Use latest lsb logging functions, thanks to David Hardeman (Closes: #384858, #389893) -- Javier Fernandez-Sanguino Pen~a Thu, 5 Oct 2006 21:03:19 +0200 cron (3.0pl1-97) unstable; urgency=high * Fix the behaviour of crontab so that in systems that do *not* have a cron.allow file users will be allowed to use crontab, change the behaviour of the previous version because it was contrary to the manpage (now a user that is in *both* cron.deny and cron.allow will be allowed access) (Closes: #383741) -- Javier Fernandez-Sanguino Pen~a Sat, 19 Aug 2006 10:36:48 +0200 cron (3.0pl1-96) unstable; urgency=low * Fix crontab.5 typo (changed quotes ' to ") that prevent a line from being presented (Closes: #379230) * Small typo fix in cron.8 * Introduce Steve Grubb's patch to emit audit log message on crontab denial based on the patch from Fedora, and adapted to Debian's cron version. The main difference is that audit logs are generated if cron is compiled to 'ALLOW_ONLY_ROOT'. This patch is currently disabled since LSPP's audit library is not yet available. * Change misc.c so that a user that is *both* in the cron.deny and cron.allow files will be denied access (previously he would be permitted access) * Add two example scripts: - stats-cron.pl: A script written by myself that can be used to audit the behaviour of cron and benefits from the new cron logging (-L 2) option to log the *end* of a cronjob. - crontab2english.pl: A script written by Sean M. Burke that translates the crontab notation to natural language. * Adjust debian/copyright to acknowledge the (c) and license of the above scripts. -- Javier Fernandez-Sanguino Pen~a Wed, 9 Aug 2006 01:07:40 +0200 cron (3.0pl1-95) unstable; urgency=low * Handle errors when reading crontabs so that it stops reading entries in a crontab file after a syntax error. This prevents a rogue user from dumping binary files in /etc/cron.d/ or /var/spool/cron/crontabs/ and have them executed by cron (but binary files under /etc/cron.{daily,weekly,monthly} will still be processed as they are handled by run-parts). Thanks to Faidon Liambotis for the patch. (Closes: #378153) * Reuse vixie-cron-4.1-_51-bz180145-mail_i18n.patch from Fedora Core in order to setup a proper Content-Type when sending e-mails. The Content-Type will be set to the default system locale or cron's environment (if it modifies it). If the locale is undefined it will default to US ASCII (Closes: #338051) - There is no need to define a CHARSET variable now with the above patch (Closes: #309150) * Support kfreebsd-amd64 by modifying the Build-Depends for SElinux (Closes: #361458) * Fix typos in the crontab.1 manpage spotted by Jonas Koelker (Closes: #369153) * Add option to control logging (-L) with patch provided by Steve Fosdick. This makes it possible to log cron job finishing if you use -L 2 (Closes: #271747, #318247) * Change Steve's email in crontab.c error message to cron@packages.debian.org -- Javier Fernandez-Sanguino Pen~a Wed, 19 Jul 2006 21:31:13 +0200 cron (3.0pl1-94) unstable; urgency=low * Lsb-base is now priority 'required' (3.0-16) instead of 'extra' (3.0-15) so I'm moving the Suggests: up to a Depends: (Closes #360236) -- Javier Fernandez-Sanguino Pen~a Sat, 1 Apr 2006 03:41:55 +0200 cron (3.0pl1-93) unstable; urgency=low * Include patch from Ubuntu that incorporates LSB functions to the init. This should help have Ubuntu synchronise their changes easier. * Fix FTBFS on GNU/kFreeBSD with patch from Aurelien Jarno (Closes: #338246) * Add brackets to the initscript for bash completion (Closes: #350605) -- Javier Fernandez-Sanguino Pen~a Mon, 27 Feb 2006 22:39:24 +0100 cron (3.0pl1-92) unstable; urgency=low * Don't use SElinux on GNU/kFreeBSD, as it is Linux-specific, patch from Aurelien Jarno (Closes: #325404) * Added LSB formatted dependency info in init.d script (Closes: #335305) -- Javier Fernandez-Sanguino Pen~a Fri, 14 Oct 2005 14:29:40 +0200 cron (3.0pl1-91) unstable; urgency=low * Proper fix for #324017, the previous fix was dumb. This one includes fixes from Fedora which should prevent segfaults under other circumstances. -- Javier Fernandez-Sanguino Pen~a Sun, 21 Aug 2005 03:14:01 +0200 cron (3.0pl1-90) unstable; urgency=low * Fix SIGSEV due to a NULL free in the libselinux code, as a consequence cron dies before cronjobs are started (Closes: #324017) -- Javier Fernandez-Sanguino Pen~a Sun, 21 Aug 2005 02:25:10 +0200 cron (3.0pl1-89) unstable; urgency=low * Fix bashishm in cron.daily script (Closes: #323983) -- Javier Fernandez-Sanguino Pen~a Sun, 21 Aug 2005 00:12:26 +0200 cron (3.0pl1-88) unstable; urgency=low * Taken over maintainership of this package and made the "Let's clean up the bug list" release * Added a debian/TODO file with some tasks not done in this upload. * Use patch provided by Marc Dequenes to fix FTBFS on Hurd (due to the use of selinux) (Closes: #279429) * Enable pam_limits.so in the default configuration (Closes: #300725) * Fix standard.daily so it can cope with mount points with spaces (Closes: #198211) * Standard.daily now warns if no lost+found directory was found in a local ext2/3 filesystem (Closes: #46779) [as the other wishlists are checksecurity related] * Standard.daily now will also check xfs filesystems (Closes: #279613) * Fix crontab.5's example to prevent confusion to users, default shell is always /bin/sh (Closes: #231172) * SELinux related fixes: - Applied Russell Coker patches to fix three bugs that appear when using SELinux (Closes: #264320) - Applied Manoj Srivastava's patches to turn on SELinux support (Closes: #315509) * Add help text when creating new crontabs as suggested by Anthony Towns (Closes: #18733) * Use debhelper version 4 instead of the deprecated version 3, removed debian/conffiles as it is no longer needed. -- Javier Fernandez-Sanguino Pen~a Tue, 5 Jul 2005 16:39:29 +0200 cron (3.0pl1-87) unstable; urgency=low * Clarify wording about /etc/cron.d files in cron.8. * Make sure file descriptor 0==stdin at startup, so we don't accidentally use it for something else. (closes: #295589) -- Steve Greenland Wed, 16 Feb 2005 18:37:27 -0600 cron (3.0pl1-86) unstable; urgency=high * And yes, still needs urgency=high. -- Steve Greenland Wed, 28 Jul 2004 15:43:18 -0500 cron (3.0pl1-85) unstable; urgency=low * Umm, yeah, need the 'install' file in CVS. -- Steve Greenland Wed, 28 Jul 2004 15:31:28 -0500 cron (3.0pl1-84) unstable; urgency=high * Urgency "high" to make the sudden freeze. * Exit with failure status from crontab when action fails (thanks to Christoph Berg for noticing and the patch) (closes: #229604) * Require anacron to be executable (closes: #240822) * Set ttyname to prevent pam_access confusion. Problem and solution from Daniel Kobras (it's nice to get both!) (closes: #254845) * Fix reference to syslogd(8) in cron.8 (closes: #246580) * Fix awkward construction in crontab.5 (closes: #252420) * Cleanup explanation of LOGNAME in crontab.5 (closes: #257672) * Don't use --exec in start-stop-daemon calls. -- Steve Greenland Mon, 26 Jul 2004 10:40:22 -0500 cron (3.0pl1-83) unstable; urgency=low * Update default MTA from exim to exim4 (closes:#228561) -- Steve Greenland Mon, 19 Jan 2004 16:39:52 -0600 cron (3.0pl1-82) unstable; urgency=low * Added /etc/cron.d/.placeholder to prevent dpkg from removing the directory when all packages using /etc/cron.d are purged. Likewise to cron.weekly (which needs it), and cron.daily and cron.monthly (which don't, but I like consistency.) (closes: #217760) * Add '--retry 5' to the stop part of /etc/init.d/cron restart, so that cron is completely stopped before attempting restart. (closes: #223945) * Add cron.hourly directory (closes:#200848, #219338, #226710) * Support the LSB naming convention for /etc/cron.d (closes: #171587) * Move cron.d manual section out of DEBIAN SPECIFIC, since many distributions now support this. (closes:#2277770) * Clarify that environment setting are not re-expanded (closes: #223570) * Some crontab(5) man page fixups (closes: #200100) -- Steve Greenland Sun, 18 Jan 2004 16:20:59 -0600 cron (3.0pl1-81) unstable; urgency=low * Only protect owner/group setting on individual user crontabs by version, the setgid setting of /usr/bin/crontab needs to happen every time (unless the admin has set something with dpkg-statoverride. (closes: #210838) * Change cron init script so that '/etc/init.d/cron {stop,restart}' only kill off the parent daemon, not currently running cron jobs. Much thanks to Dean Gaudet for the patch. (closes: #211849) -- Steve Greenland Sun, 21 Sep 2003 16:37:16 -0500 cron (3.0pl1-80) unstable; urgency=low * Kill one last spurious syslog() (closes: #211117, #211245) * Allow system crontabs to be symlinks (closes: #210467) -- Steve Greenland Wed, 17 Sep 2003 19:15:55 -0500 cron (3.0pl1-79) unstable; urgency=low * Don't exit postinst when user is unkown (closes: #208432) * Remove spurious debug messages (closes: #211117) -- Steve Greenland Tue, 16 Sep 2003 08:26:17 -0500 cron (3.0pl1-78) unstable; urgency=low * Okay, I think the owner/group fixup in for setgid crontabs is finally as right as it's going to be. It will work for usernames with spaces, and if the user doesn't exist (e.g. old crontab for a deleted user), it will print an error message but not exit, which I think is okay. If you have a username with a newline in it, then you deserve to lose, and you will (closes: #210838). * Allow cron to run in foreground. Possibly useful for running it under monitoring tools like runit, monit, daemontools, etc. Thanks to Erich Schubert for the patch (closes: #108492) * Use the PAM environment settings, if so configured. (closes: #203737) -- Steve Greenland Sun, 14 Sep 2003 16:53:36 -0500 cron (3.0pl1-77) unstable; urgency=low * Smarter fix-up of crontabs groups (closes: #208555) * Add dependency for adduser (closes: #208848) * Support new PAM @includes for standard PAM configuration. * Move note about loss of checksecurity from debconf to NEWS.Debian.gz, the more appropriate place. Since that was the only use of debconf, this also (closes: #195887) * Add commented-out pam_limits support. (closes: 190556) -- Steve Greenland Sat, 6 Sep 2003 18:47:02 -0500 cron (3.0pl1-76) unstable; urgency=low * Fix postinst bug for no user crontabs (closes: #208433, #208435, #208448) -- Steve Greenland Tue, 2 Sep 2003 18:05:31 -0500 cron (3.0pl1-75) unstable; urgency=low * Make crontab setgid 'crontab' rather than setuid 'root' (closes: #18333) -- Steve Greenland Mon, 1 Sep 2003 18:57:14 -0500 cron (3.0pl1-74) unstable; urgency=low * Split out the checksecurity script et. al. to seperate package 'checksecurity' * Detect missing or stupid stepsize (e.g. */ or 7-9/0) (closes: #183650) * Allow for crontab editors that don't write to the same file. Finally. (closes: #149908) * Don't weird out if VISUAL or EDITOR is set to "" (closes: #148809) * Fixed several documentation/script typos and clarifications (closes: #149448) * Standards-Version 3.5.9 -- Steve Greenland Sun, 1 Jun 2003 15:02:23 -0500 cron (3.0pl1-73) unstable; urgency=low * Fixed spelling error in control file (Hi, Matt!) (closes: #124523) * Check for existence of /etc/init.d/cron in prerm (closes:#151006) * Added conflict for ancient version of lockfile-progs (closes: #123269) * Added Mosix FS to list of excluded FS types in checksecurity.conf (closes: #129177) * chmod group.bak instead of passwd.bak twice (closes: #130079) * Added ext3 for lost+found searches (closes:#135013) * Finally fixed longstanding bug where cron doesn't recognize crontab changes until 1 minute later. I don't know what I was looking at before, as it was trivial. I apologize to all those bothered by this problem. (closes: #74524, #13952) * Remove debian/preinst, used only for a fix for a pre-slink development release. * Added support for invoke-rc.d, patch from Andreas Metzler (closes:#162676) * Finally figured out why some error messages weren't getting printed for the system crontabs (/etc/crontab, /etc/cron.d/*). Added new error printing function and use it when user.c calls load_entry(). (closes:#79037, #122358) * Remove -odi option from invocation of /usr/sbin/sendmail. (closes:#146224) * Don't run @monthly jobs every day. (closes: #150591). Ditto @yearly. (Isn't it funny that despite the big whinefest about how critically important the @whatever timespecs are, nobody previously noticed this serious bug in the entire 7+ years I've been maintaining cron?) * Fix grammatical here in the cron(8) manpage. (closes: 147277) * Fix spelling error in checksecurity.conf. (closes: #151601) * Fix check for nfs/afs mounts in checksecurity. (closes: #157822) * Replaced some tabs with spaces in crontab.5. (closes: #159912) * Fix cron Makefile to not hardcode '-s' in $(INSTALL) commands. (closes: #164966) -- Steve Greenland Mon, 4 Nov 2002 18:14:45 -0600 cron (3.0pl1-72) unstable; urgency=low * Add type usbdevfs to skipped "file systems" (this is /proc/bus/usb) (closes: #113186,#113187) * Removed 'xfs' from list of skipped file system types. Unfortunately, it appears to be used by both the arla network file system and the SGI XFS filesystem, and I must make the conservative choice. (closes: #113234) * Remove extra diff in checksecurity. (closes: 113950) * Add type none to skipped "file systems" (--bind mounts) (closes: #111395) -- Steve Greenland Mon, 1 Oct 2001 07:46:34 -0500 cron (3.0pl1-71) unstable; urgency=medium * Fixed nasty typo in checksecurity. (closes: #112156) * Note to release manager: either -71 should go into woody, or only -69. -- Steve Greenland Thu, 13 Sep 2001 16:39:25 -0500 cron (3.0pl1-70) unstable; urgency=medium * Catch full disk when writing new crontab. (closes: #110612) * Don't modify backup file modes if no change (to prevent misleading time mods). (closes: #104093) * Remove obsolete reference to /bin/mail in crontab.5. (closes: #110962) * Add Marc Merlin's checksecurity patches with more configuration options. (closes: #89547, #63445) * Make all setuid.{today,yesterday,etc.} files group adm. (closes: #109520) -- Steve Greenland Fri, 7 Sep 2001 18:27:37 -0500 cron (3.0pl1-69) unstable; urgency=low * Don't run checksecurity on any partition mount nosuid or noexec. (closes:#98160) * Don't run on devpts, either. -- Steve Greenland Sun, 20 May 2001 13:48:15 -0500 cron (3.0pl1-68) unstable; urgency=low * Finally tracked down the problem with @{reboot,hourly,etc.} commands in the root crontabs (/etc/crontab, /etc/cron.d/*) (closes:#62141, #84727) * Minor cosmetic cleanup in lost+found output, from Matthijs Melchior (closes:#88861) -- Steve Greenland Sat, 19 May 2001 17:37:52 -0500 cron (3.0pl1-67) unstable; urgency=high * With crontab -e, don't give uid root on re-edit. -- Steve Greenland Sun, 6 May 2001 11:41:50 -0500 cron (3.0pl1-66) unstable; urgency=low * The "Julian Gilbey has been spending too much time proofreading" release. Remove hyphens in cron.init (closes:#91323) * change log_it() to open and close syslog every time, remove SIGPIPE catcher, etc., all in attempt to keep PAM happy. * Added original location to copyright file (closes:#88507) * Allocate username dynamically in crontab.c (closes:#89040,#62268) * Remove pam_limits.so from cron.pam file. -- Steve Greenland Tue, 27 Mar 2001 18:04:16 -0600 cron (3.0pl1-65) unstable; urgency=high * Close reboot file /var/run/crond.reboot after creating it, duh. Leaving it open allowed possible writes from cron jobs. -- Steve Greenland Mon, 26 Feb 2001 09:47:34 -0600 cron (3.0pl1-64) unstable; urgency=high * The "President's Birthday" release. * Add checks for setuid() failures, to avoid running user jobs as root. (closes:#85609, #86775) * Add portability flag -P to df (in /etc/cron.daily/standard) to avoid problem with long device names. (closes:#86851) * Convert from suidmanager to dpkg --statoverride. * Remove unnecessary dependency on bsdutils (it's Essential) * Change compat.h to not cause inclusion of sys/time.h (instead of time.h), due to recent change in glibc. Why it was doing this, I have no idea. -- Steve Greenland Wed, 21 Feb 2001 16:26:57 -0600 cron (3.0pl1-63) unstable; urgency=medium * Fix mistaken diagnostic in crontab ("Reached end of file while reading environment"). * Fix "Too many arguments to [" error in postinst. (closes:#79725) -- Steve Greenland Sun, 28 Jan 2001 12:00:55 -0600 cron (3.0pl1-62) unstable; urgency=medium * Change tracking of crontab directory mod times to deal with directories with mtimes in the future. Thanks to Florian Lohoff for tracking down the cause of this rare yet long-standing bug. (closes:#51202, #57356, #64198, #77353) * Run @reboot jobs only on reboot instead of cron restart. (closes:#74762, #77563) * Clarify which directory the lost+found files are in. * Protect against reading other people's crontabs via temp file symlink in crontab -e. -- Steve Greenland Sat, 27 Jan 2001 17:01:43 -0600 cron (3.0pl1-61) unstable; urgency=high * Fix usage message in cron.init. * Use pam only on non-Hurd. (closes:#75408) * Move dpkg status backups to /var/backups. * Apply security fix for temp file attack, thanks to Daniel Jacobowitz. * Made /etc/pam.d/cron a conffile. -- Steve Greenland Fri, 17 Nov 2000 16:06:03 -0600 cron (3.0pl1-60) unstable; urgency=low * Re-set log to LOG_CRON after PAM changes it to LOG_AUTH.(closes:#70028) -- Steve Greenland Thu, 31 Aug 2000 14:37:44 -0500 cron (3.0pl1-59) unstable; urgency=low * Fixed typo of @cmp in standard.daily (closes:#69921,#69937,#69956) * Add /etc/pam.d/cron, using standard Unix authorizations (closes:#69939) -- Steve Greenland Fri, 25 Aug 2000 14:02:47 -0500 cron (3.0pl1-58) unstable; urgency=low * Fix use of PATH_MAX/MAXPATHLEN in database.c and other HURD issues (closes:#64382) * Look in all (ext2) lost+found directories, not just /lost+found (closes:#66629) * Cosmetic changes to daily/standard (closes:#65078) * Use diff -u0 in checksecurity to avoid useless context (closes:#60919) * Note uppercasing of child processes in cron.8 (closes:#62103) * Added Topi Mitterands PAM support patch - Thanks! (closes:#68366,#67586) * Fix segfault in crontab -l (closes:#53735) * Added Build-Depends. * Added support for DEB_BUILD_OPTIONS, changed default compile to '-02 -Wall' * Fixed various complaints generated by -Wall :-), except 'rcsid unused' -- Steve Greenland Wed, 23 Aug 2000 16:20:39 -0500 cron (3.0pl1-57) frozen unstable; urgency=low * Release Manager: 61296 is RC bug; * Change lockfile-progs "Depends" to "Suggests" (policy violation), only try to use lockfile-create in /etc/cron.daily/standard if it is installed (closes:#61296) -- Steve Greenland Wed, 29 Mar 2000 20:12:06 -0600 cron (3.0pl1-56) frozen unstable; urgency=medium * Release Manager: 59115 is RC bug. * set backup password files to root-only rw (closes:#59115) * Fixed missing ntfs in checksecurity.conf (closes:#56939) -- Steve Greenland Mon, 28 Feb 2000 19:16:20 -0600 cron (3.0pl1-55) unstable; urgency=low * Changed __linux feature checks to __linux__ (closes:#50240) * Added '-u' to diff in checksecurity (closes:#51679) * Moved checksecurity LOGDIR (formerly LOG) setting to config file (closes:#49683) * Fixed removal of lockfile in cron.daily/standard. -- Steve Greenland Sat, 18 Dec 1999 18:53:29 -0600 cron (3.0pl1-54) unstable; urgency=low * Fixed spelling in checksecurity.8 (closes:#45281) * Only look in /lost+found if it exists (closes:#46389) * Only run @weekly jobs once a week (was looking at dom with OR rather than AND.) (closes:#49437) * Don't run more than one instance of /etc/cron.daily/standard (closes:#45487) * Removed extra generation of TSTP in crontab -e. (closes:#48542) -- Steve Greenland Sun, 7 Nov 1999 15:09:48 -0600 cron (3.0pl1-53) unstable; urgency=medium * Applied OpenBSD patches supplied Topi Miettinen. Big change is better handling of timekeeping (in particular, changes to/from daylight savings time) (closes:#8499). * Redirect stdin, stdout, and stderr to /dev/null. (closes:#37189, #23231, #30653). * Fixed bit_set()/bit_nset() confusion that caused @hourly to not work, so that functionality is now documented (closes:#43282). * Changed warrantee to warranty in debian/copyright (but it's still misspelled in the source files) (closes:#40312) * Adjust checksecurity and cron_daily/standard to get consistent owner/perms on /var/log/setuid* files. (closes:#15295) * Add 'coda' to the list of nfs/afs like file systems in checksecurity.conf (closes:#29909) * Fix version comparison to use dpkg --compare-versions, which is what I should have done in the first place (closes:#42454) * Add 'xfs' to the list of nfs/afs like file systems in checksecurity.conf, as it appears that xfs==arla and arla==xfs. If there are other file systems that show up as 'xfs', please let me know (closes:#37523) * Don't rotate wtmp and btmp (closes:#42301). -- Steve Greenland Sat, 11 Sep 1999 18:42:37 -0500 cron (3.0pl1-52) unstable; urgency=high * Patch to fix "Reverse DoS": user could send arbitrary options to sendmail via MAILTO variable. Fix by not allowing spaces or leading dashes in MAILTO, and run sendmail as user, not root. -- Steve Greenland Sun, 29 Aug 1999 21:50:28 -0500 cron (3.0pl1-51) unstable; urgency=low * Changed default of "crontab -l" to NOT list the extra header lines. May obtain original behaviour by setting "CRONTAB_NOHEADER=N". * Fixed comment in misc.c that accidentally cause the SIGPIPE handler to be reset more often than necessary. * Don't checksecurity on ntfs file systems (closes:#33079) * Added '-i' flag to sendmail command (closes:#36338) * Added check for files in /lost+found (closes:#29791) * Added preferential invocation of anacron for cron.{daily,weekly,monthly} -- Steve Greenland Thu, 27 May 1999 17:37:54 -0500 cron (3.0pl1-50) frozen unstable; urgency=low * Fixed rules file *again* so that crontab suidness doesn't get stepped on by debhelper under certain kernel versions. -- Steve Greenland Sat, 9 Jan 1999 14:17:09 -0600 cron (3.0pl1-49) frozen unstable; urgency=low * Check for /etc/shadow and /etc/gshadow separately (closes:Bug#30232) -- Steve Greenland Wed, 2 Dec 1998 21:30:00 -0600 cron (3.0pl1-48) frozen unstable; urgency=low * Fixed rules file so that crontab doesn't get suid bit removed by latest version of debhelper. (closes:Bug#29683) -- Steve Greenland Mon, 30 Nov 1998 21:10:00 -0600 cron (3.0pl1-47) frozen unstable; urgency=high * Removed close of {stdin,stdout,stderr}, as it appears that some cron users expect it. -- Steve Greenland Mon, 2 Nov 1998 09:25:44 -0600 Cron (3.0pl1-46) frozen unstable; urgency=medium * changed mention of /var/spool/crontabs to /var/spool/cron/crontabs, and added example /etc/crontab. (closes:Bug#28458,Bug#23101) * Incorporated buffer overflow patches. (closes:Bug#26705,Bug#26749) * Added backup of /etc/shadow and /etc/gshadow in cron.daily/standard. (closes:Bug#25853) * Better daemonization (close stdin,stdout,stderr). (closes:Bug#23231) * Do cron.daily a little earlier, try to avoid overlap with cron.weekly. (closes:Bug#23023) * Added note in crontab.1 and crontab.5 about trailing newline requirement. (closes:Bug#16132) -- Steve Greenland Sun, 1 Nov 1998 19:10:45 -0600 cron (3.0pl1-45) frozen unstable; urgency=high * Updated README and README.Debian w.r.t. file locations. * Updated crontab.1 w.r.t. location of allow and deny files. * Fixed problem in postinst when new install (instead of upgrade) (closes:Bug#21426) * Smarter algorithm for checking /etc/cron.d for changes, no longer spins up laptop disks every minute. Thanks to Alexander "Shurik" Shumakovitch for the fix. * Re-did checksecurity to only report NFS/AFS insecure mounts instead of running find on them (suggestion from Gregory Stark). -- Steve Greenland Sun, 26 Apr 1998 13:41:51 -0500 cron (3.0pl1-44) unstable; urgency=low * Fixed standards version reference. * Fixed init script "comment", sigh. Let this be a warning to you: NEVER EVER change a file with doing a complete test, even if it is "just a comment". (closes:Bug#19466,Bug#19492,Bug#19479,Bug#19595,Bug#19725,Bug#19840, Bug#19845,Bug19852). Sheesh. -- Steve Greenland Tue, 17 Mar 1998 21:55:03 -0600 cron (3.0pl1-43) unstable; urgency=medium * Removed support for TMPDIR. This is due to the problem it causes with emacs -- emacs does different things with it's backup files depending on whether or not the file is in /tmp. Emacs probably ought to use TMPDIR instead of /tmp in its check. I've opened a "wishlist" bug for crontab to support TMPDIR. (closes: Bug#15985) * When USE_SIGCHLD is defined, before running user process, set handling for SIGCHLD to SIG_DFL, not SIG_IGN. Despite documentation that the default for SIGCHLD is ignore, the behaviour is different. (closes:Bug#17564,Bug#9075,Bug#16436,Bug#17814) * Moved allow and deny files from /var/spool/cron to /etc/cron.{allow,deny} (closes:Bug#14970) * filenames in /etc/cron.d must comply with run-parts naming convention - alpha-numeric, underscore, or hyphen. This ensures that conffile remains (e.g. package.dpkg-dist) files don't get run. * removed cronanacron command from /etc/crontab and distribution -- replaced by /etc/cron.d/anacron file (from anacron package, not cron). * Documented /etc/cron.d dir in manpage and readme.debian * modified checksecurity.conf to not check auto file systems. (closes:Bug#8702) * crontab -u `whoami` now works. (closes:Bug#8702) * documented CRONTAB_NOHEADER in crontab.1 * /etc/crontab now uses run-parts(8) --report switch. (closes:Bug#18273) * fixed initialization of oact in misc.c. (closes:Bug#17134) * converted to use debhelper rather than debmake. * changed date format in checksecurity so that we don't get false positives after six months. (closes:Bug#19025) * remove /etc/cron.{allow,deny} on purge -- Steve Greenland Mon, 9 Mar 1998 01:31:13 -0600 cron (3.0pl1-42) unstable; urgency=low * Don't output header on 'crontab -l' if CRONTAB_NOHEADER is 'Y' (Bug#15642) * Read files in /etc/cron.d in addition to /etc/crontab (Bug#16628, Bug#16617) -- Steve Greenland Sun, 11 Jan 1998 18:32:26 -0600 cron (3.0pl1-41) unstable; urgency=low * Updated crontab to use /usr/bin/editor if EDITOR and VISUAL undefined. * Added support for TMPDIR from crontab (Bug#9309) * Compress /usr/doc/cron/changelog.Debian -- this time for sure! (Bug#15296) -- Steve Greenland Fri, 28 Nov 1997 13:47:03 -0600 cron (3.0pl1-40) unstable; urgency=low * Correct directory reference in standard.monthly to /var/log (Bug#12315, Bug#13466) * Added -DUSE_SIGCHLD to defs, needed for alpha (Bug#12855,Bug#8611). May also fix Bug#9075. * Changed check for suidmanager (Bug#9326) * Checksecurity no longer checks fat or vfat filesystems (Bug#8845, Bug#13574) * Changed spaces in crontab to , appearance only (Bug#13369) * Removed bashism from standard.daily and checksecurity (Bug#9908, Bug#9909) * Added CHECKSECURITY_DISABLE flag to checksecurity.conf. * Get the changelog names correct (Bug#14618) * Correct day-of-month and month ranges in crontab.5 (Bug#15073) -- Steve Greenland Sun, 23 Nov 1997 22:58:05 -0600 cron (3.0pl1-39) unstable; urgency=low * Added configuration variable to eliminate error messages from checksecurity's find command * Better integration with anacron: suggest anacron, call anacron on a regular basis so that it can keeps it's status up-to-date. New file /usr/sbin/cronanacron. * Call savelog for /var/adm/btmp from /etc/cron.monthly/standard. -- Steve Greenland Sun, 24 Aug 1997 18:52:55 -0500 cron (3.0pl1-38) stable unstable; urgency=low * When upgrading from -36 or -36.1, stop old cron daemon in preinst, because the prerm's in those versions doesn't. * Follow console message standard. -- Steve Greenland Sat, 18 Jan 1997 15:34:42 -0600 cron (3.0pl1-37) stable unstable; urgency=medium * Corrected postinst,prerm, and postrm scripts -- Installs and removes rc.d links, and re-starts cron after install. * More fixes from the BSD crew, sent to me by Marek Michalkiewicz: mostly checks for null pointers, but also a few Makefile fixes, and at least one potential buffer overrun (but I know of no exploits). * Left in suidmanager stuff, but corrected default permission to 4755, per Debian standards. * Added CHANGES file (as /usr/doc/cron/changelog.upstream.gz) to distribution. Added upstream README to distribution. * Moved files out of ./debian/extra into ./debian because dpkg-source cannot deal with createing directories. Hmmph. * Removed filereaper reference from standard.daily -- Steve Greenland Sun, 5 Jan 1997 18:23:14 -0600 cron (3.0pl1-36.1) stable unstable; urgency=HIGH * Mended `find' invocation in debian/rules. * Serious security hole (buffer overrun) fixed. * Silly suidmanager stuff added by debmake. Pah. -- Jon Rabone Wed, 18 Dec 1996 21:38:33 +0000 cron (3.0pl1-36) frozen unstable; urgency=low * Removed DEBUG logging about SIGPIPE -- it's generated by every child once syslogd has been restarted. -- Steve Greenland Mon, 2 Dec 1996 01:41:16 -0600 cron (3.0pl1-35) frozen unstable; urgency=low * Converted to new source format * Added code in misc.c to catch SIGPIPE and re-open syslog. This is all in #if defined(DEBIAN), and should be removed when syslog(3) is fixed. Also added -DDEBIAN to build commands in Makefile. -- Steve Greenland Sun, 1 Dec 1996 16:21:52 -0600