| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
PR: 234504
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extend PAM integration beyond account checks to include credential
establishment and session management, allowing PAM modules to configure
the execution environment for user cron jobs.
Previously, cron only called pam_acct_mgmt() to verify account validity
but immediately terminated the PAM handle before job execution. This
prevented PAM modules from establishing sessions, setting credentials
(e.g., Kerberos tickets), or exporting environment variables needed by
jobs.
The PAM handle now persists in the intermediate process throughout the
job execution, enabling proper session open/close pairing. Credentials
are established and sessions opened while still running as root, before
dropping privileges in the grandchild. PAM environment variables are
exported in the job process with user crontab variables taking precedence.
A session rule (pam_permit.so) is added to /etc/pam.d/cron to enable
session support without changing default behavior. Administrators can
replace this with other modules as needed.
System crontab entries continue to bypass all PAM operations.
PR: bin/244844
Reviewed by: des
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D54415
|
| |
|
|
|
|
| |
Signed-off-by: Lakshmikanth Ayyadevara <lakshmikanth.a.ayyadevara@oracle.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1865
|
| |
|
|
|
|
|
|
| |
Apply OpenBSD env.c,v 1.24 and 1.25, which replaces manual size
calculations with reallocarray() to prevent possible integer
overflow.
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is referred to in the documentation as the system crontab, not root's
crontab.
PR: 289099
Reviewed by: emaste
Approved by: emaste (mentor)
Fixes: d33daab9348a ("Call /etc/crontab the "system crontab", not "root's crontab". While here, fix some other wording issues")
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D52503
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
TIL traceroute.8 has one of the oldest liceses, predating BSD-4-Clause!
The SPDX tag was not even on Wikipedia. These are all the files I could
find in the tree with git grep that look like the license reported on
the SPDX website, including one that was misfiled.
Ref: https://spdx.org/licenses/BSD-4.3TAHOE.html
MFC after: 3 days
Reported by: brooks
Reviewed by: brooks, carlavilla, imp, ivy
Approved by: carlavilla (mentor)
Differential Revision: https://reviews.freebsd.org/D50362
|
| |
|
|
|
|
|
| |
This is a residual of the $FreeBSD$ removal.
MFC After: 3 days (though I'll just run the command on the branches)
Sponsored by: Netflix
|
| |
|
|
|
|
|
|
| |
Add details on the format of system cron files, which are mentioned in
cron(8) which refers here but barely explained here.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1106
|
| |
|
|
|
| |
Reviewed by: imp, manu, Mina Galic
Pull Request: https://github.com/freebsd/freebsd-src/pull/1172
|
| |
|
|
|
|
|
|
| |
In FreeBSD the crontabs are stored in /var/cron/tabs directory and not
in /var directory.
Approved by: kevans
Differential Revision: https://reviews.freebsd.org/D43181
|
| |
|
|
|
|
|
|
|
|
|
| |
We've ifdef'd out the copyright strings for some time now. Go ahead and
remove the ifdefs. Plus whatever other detritis was left over from other
recent removals. These copyright strings are present in the comments and
are largely from CSRG's attempt at adding their copyright to every
binary file (which modern interpretations of the license doesn't
require).
Sponsored by: Netflix
|
| |
|
|
|
|
|
|
| |
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
|
| |
|
|
| |
Remove /^\s*\$FreeBSD\$$\n/
|
| |
|
|
| |
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
| |
|
|
|
|
| |
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/653
|
| |
|
|
|
|
| |
Fixes: fe590ffe40f49fe09d8275fbf29f0d46c5b99dc7
MFC after: on demand
Sponsored by: Dell EMC Isilon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifically, import the diff from commit e745bd4c10ab to
commit 83563783cc2 in https://github.com/vixie/cron.git
My sole motivation is changing to the common MIT license.
The old license, especially the "buildable source" clause,
is unfriendly for commercial users of this code. Simply
changing the license without importing [most of] the code
accompanying that license seemed legally dubious.
The most regrettable change is losing Paul's uucp path.
I partially atone for this loss by restoring the upstream
$Id$ tags, since $FreeBSD$ is no longer useful.
This is [intended to be] a complete list of the functional
changes in this commit. Some changes were made so that we
could consider vixie cron to be our upstream and reduce our
diffs against it, while others were simply a good idea.
- main() - use putenv instead of setenv for PATH
- open_pidfile no longer needs snprintf to build pidfile
- crontab main() - abort() on impossible errors
- check for truncation when building strings with snprintf
- getdtablesize() -> sysconf(_SC_OPEN_MAX)
These changes were not taken from upstream's 4.0 diff because
they [could] actually change behavior. Some of them might be
beneficial, but should be taken separately.
- config.h - sendmail args: remove -oi and add -or0s
- call setlocale(LC_ALL, "") at the top of main()
- acquire_daemonlock - we already use pidfile
- cast getpid(), uid_t, and gid_t to long for printf
- remove unnecessary braces - I consider them beneficial
- BSDi support
- glue_strings() - use snprintf(), as we often already did
MFC after: on demand
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D40260
|
| | |
|
| |
|
|
|
| |
Reviewed by: zlei
Differential Revision: https://reviews.freebsd.org/D39529
|
| |
|
|
|
|
| |
- s/overriden/overridden/
MFC after: 3 days
|
| |
|
|
|
|
| |
- s/commmand/command/
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On system crontabs, multiple blanks are not being consumed after reading the
username. This change adds blank consumption before parsing any -[qn] options.
Without this change, an entry like:
* * * * * username -n true # Two spaces between username and option.
will fail, as the shell will try to execute (' -n true'), while an entry like:
* * * * * username -n true # One space between username and option.
works as expected (executes 'true').
For user crontabs, this is not an issue as the preceding (day of week
or @shortcut) processing consumes any leading whitespace.
PR: 253699
Submitted by: Eric A. Borisch <eborisch@gmail.com>
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
| |
Ranges use the function get_number, which means that ranges of names
are supported and indeed always have been, righ back to the initial
import.
PR: docs/253969
Reported by: Ben Bullock <benkasminbullock@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.
This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.
In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.
This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.
Reviewed by: imp
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D26942
Notes:
svn path=/head/; revision=367075
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a followup to the use of login.conf environment vars (other than PATH) in
cron, this patch adds PATH (and HOME) to the list of login.conf settings
respected.
The new logic is as follows:
1. SHELL is always _PATH_BSHELL unless explicitly overridden in the crontab
file itself; no other settings are respected. This is unchanged.
2. PATH is taken from the first of: crontab file, login.conf, _PATH_DEFPATH
3. HOME is taken from the first of: crontab file, login.conf, passwd entry,
unset
4. The current directory for invoking the command is taken from the crontab
file's value of HOME (existing behavior), or the passwd entry, but not
anywhere else (so it might not equal HOME if that was set in login.conf).
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
Reviewed by: sigsys_gmail.com
Differential Revision: https://reviews.freebsd.org/D23597
Notes:
svn path=/head/; revision=359434
|
| |
|
|
|
|
|
|
| |
This was an old Dynix hack, the function is a NOP on FreeBSD. We have no
need to retain this; Dynix was discontinued long ago.
Notes:
svn path=/head/; revision=357715
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
vfork() is error-prone, and the usage here definitely grew to not be
clearly OK given vfork-semantics; e.g. setusercontext(3) within the child.
Rip out vfork() and the rest of the references to it. fork is heavier, but
it's unclear that the difference will be all that obvious.
Reported by: Andrew Gierth and sigsys@gmail.com
Notes:
svn path=/head/; revision=357714
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to processing environment variable set in the crontab file as those
should be of higher precedent, pull in the user or login class environment.
This is another supporting feature for allowing one to configure system-wide
settings that may affect both regular cron jobs as well as services.
This is the final part of D21481.
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
Notes:
svn path=/head/; revision=357565
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While the mailer is normally opened/set if the mailto is set, this is not
the case if the grandchild actually didn't produce any output. This change
corrects the situation to only attempt to kill/close the mail process if it
was actually opened in the first place.
The reporter initially stumbled on the -n (suppress mail on success) flag
leading to a SIGKILL of the process group, but simultaneously
discovered/reported the behavior with !-n jobs if MAILTO was set and no
output happened.
All of these places that are checking mailto should actually be checking
whether mail is set, so do that for consistency+correctness.
This set of bugs were introduced by r352668.
Submitted by: sigsys@gmail.com
Reported by: sigsys@gmail.com
Notes:
svn path=/head/; revision=356103
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds two new extensions to crontab, ported from OpenBSD:
- -n: suppress mail on succesful run
- -q: suppress logging of command execution
The -q option appears decades old, but -n is relatively new. The
original proposal by Job Snijder can be found here [1], and gives very
convincing reasons for inclusion in base.
This patch is a nearly identical port of OpenBSD cron for -q and -n
features. It is written to follow existing conventions and style of the
existing codebase.
Example usage:
# should only send email, but won't show up in log
* * * * * -q date
# should not send email
* * * * * -n date
# should not send email or log
* * * * * -n -q date
# should send email because of ping failure
* * * * * -n -q ping -c 1 5.5.5.5
[1]: https://marc.info/?l=openbsd-tech&m=152874866117948&w=2
PR: 237538
Submitted by: Naveen Nathan <freebsd_t.lastninja.net>
Reviewed by: bcr (manpages)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D20046
Notes:
svn path=/head/; revision=352668
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Jobs using the @<second> syntax currently only get executed if they exist
when cron is started. The simplest reproducer of this is:
echo '@20 root echo "Hello!"' >> /etc/cron.d/myjob
myjob will get loaded at the next second==0, but this echo job will not
run until cron restarts. These jobs are normally handled in
run_reboot_jobs(), which sets e->lastexit of INTERVAL jobs to the startup
time so they run 'n' seconds later.
Fix this by special-casing TargetTime > 0 in the database load. Preexisting
jobs will be handled at startup during run_reboot_jobs as normal, but if
we've reloaded a database during runtime we'll hit this case and set
e->lastexit to the current time when we process it. They will then run every
'n' seconds from that point, and a full restart of cron is no longer
required to make these jobs work.
Reported by: Juraj Lutter (otis_sk.freebsd.org)
Reviewed by: allanjude, bapt, bjk (earlier version), Juraj Lutter
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D19924
Notes:
svn path=/head/; revision=346427
|
| |
|
|
|
|
|
|
|
|
| |
This changes the sender mail address in a similar fashion to how MAILTO may
change the recipient. The default from address remains unchanged.
MFC after: 1 week
Notes:
svn path=/head/; revision=346252
|
| |
|
|
|
|
|
|
| |
Approved by: re (gjb), will (mentor)
Differential Revision: https://reviews.freebsd.org/D16786
Notes:
svn path=/head/; revision=338497
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We no longer need to od these things conditionally, and the fallbacks
are to 4.2BSD era defaults, which nobody uses anymore. Vixie cron has
diverged from upstream anyway in our tree, and it's not clear there's
actually a viable upstream anymore. Plus, we don't follow the
vendor-supplied code pattern here.
I'm doing this to reduce false positives from grep.
Notes:
svn path=/head/; revision=334910
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
given interval, which is counted in seconds since exit of the previous
invocation of the job. Example user crontab entry:
@25 sleep 10
The example will launch 'sleep 10' every 35 seconds. This is a rather
useless example above, but clearly explains the functionality.
The practical goal here is to avoid overlap of previous job invocation
to a new one, or to avoid too short interval(s) for jobs that last long
and doesn't have any point of immediate launch soon after previous run.
Another useful effect of interval jobs can be noticed when a cluster of
machines periodically communicates with a single node. Running the task
time based creates too much load on the node. Running interval based
spreads invocations across machines in cluster. Note that -j/-J won't
help in this case.
Sponsored by: Netflix
Notes:
svn path=/head/; revision=334817
|
| |
|
|
|
|
|
|
|
|
| |
We're about to use the result of fstat(2) either way, so don't do that if it
fails...
X-MFC-With: r332429
Notes:
svn path=/head/; revision=332431
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Directory mtime will only change if a file is added or removed, not
modified. For /var/cron/tabs, this is fine because of how crontab(1) manages
it using temp files so all crontab(1) changes will trigger a reload of the
database.
For /etc/cron.d and /usr/local/etc/cron.d, this is not necessarily the case.
Instead of checking their mtime, we should descend into them and check mtime
on all jobs also.
Reported by: des
Reviewed by: bapt
MFC after: 1 week
Notes:
svn path=/head/; revision=332429
|
| |
|
|
|
|
|
| |
Sponsored by: Dell EMC Isilon
Notes:
svn path=/head/; revision=325188
|
| |
|
|
|
|
|
|
|
|
|
| |
- Document /etc/cron.d and /usr/local/etc/cron.d under FILES.
- Reword documentation for -n: add appropriate soft-stop and remove
contraction to appease igor.
MFC after: 3 days
Notes:
svn path=/head/; revision=321240
|
| |
|
|
|
|
|
|
|
| |
support (r304570).
MFC after: now
Notes:
svn path=/head/; revision=321235
|
| |
|
|
|
|
|
|
|
|
| |
This simplifies make logic/output
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Notes:
svn path=/head/; revision=314659
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add a '-f' option to force crontab '-r' to be non-interactive.
Submitted by: Sam Gwydir <sam at samgwydir.com>
Reviewed by: me, wblock (previous version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8815
Notes:
svn path=/head/; revision=310329
|
| |
|
|
|
|
|
|
|
| |
regular files on NFS
Reported by: jilles
Notes:
svn path=/head/; revision=308158
|
| |
|
|
|
|
|
| |
Reported by: jilles
Notes:
svn path=/head/; revision=308157
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For automation tools it is way easier to maintain files in directories rather
than modifying /etc/crontab.
The files in those directories are in the same format as /etc/crontab
Reviewed by: adrian
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D8400
Notes:
svn path=/head/; revision=308139
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously cron had its own maximum username length limit, which was
smaller than the system's MAXLOGNAME. This could lead to crontab -u
updating the wrong user's crontab (if the name was truncated, and
matched another user).
PR: 212305
Reported by: Andrii Kuzik
Reviewed by: allanjude, jilles
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7747
Notes:
svn path=/head/; revision=305269
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes it possible to use it with external supervisors.
The "-n" flag name is compatible with Linux, NetBSD, and OpenBSD.
Reviewed by: jilles, pfg, wblock
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D7581
Notes:
svn path=/head/; revision=304570
|
| |
|
|
|
|
|
| |
No functional change.
Notes:
svn path=/head/; revision=298886
|
| |
|
|
|
|
|
| |
Obtained from: OpenBSD (CVS rev. 1.47)
Notes:
svn path=/head/; revision=295672
|
