cronie: enable multi-user crontab usage and make cron environment complete

fix [BUGID #673]

several cron related test cases in LTP reveals that our current cron recipe
is not complete:

a) a complete cron hierarchy better have:
     /etc/crontab
     /etc/cron.d
     /etc/cron.hourly
     /etc/cron.daily
     /etc/cron.weekly
     /etc/cron.monthly

b) for a normal user to use crontab command:
     add a new group - crontab
     /usr/bin/crontab is setgid to root:crontab
     /var/spool/cron is owned by root:crontab

below are optional, and thus not included in the default setup:
     /etc/cron.deny
     /etc/cron.allow

cronie by default only allows root user to use crontab, if neither cron.deny
nor cron.allow exists. They are controlled by final policy deployed on the
product.

Signed-off-by: Kevin Tian <kevin.tian@intel.com>

diff --git a/meta/recipes-extended/cronie/cronie/crontab b/meta/recipes-extended/cronie/cronie/crontab
new file mode 100644 (file)
index 0000000..cc9169e
--- /dev/null
+++ b/meta/recipes-extended/cronie/cronie/crontab
@@ -0,0 +1,10 @@
+# /etc/crontab: system-wide crontab
+# Unlike any other crontab you don't have to run the `crontab'
+# command to install the new version when you edit this file
+# and files in /etc/cron.d. These files also have username fields,
+# that none of the other crontabs do.
+
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+# m h dom mon dow user command

diff --git a/meta/recipes-extended/cronie/cronie_1.4.6.bb b/meta/recipes-extended/cronie/cronie_1.4.6.bb
index 6b4c64e3b1db813249939556c8d4bf7e959dc58f..09714c7f74038d7554e05c092ddc9a5866a56f79 100644 (file)
--- a/meta/recipes-extended/cronie/cronie_1.4.6.bb
+++ b/meta/recipes-extended/cronie/cronie_1.4.6.bb
@@ -14,10 +14,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=963ea0772a2adbdcd607a9b2ec320c11 \
 
 SECTION = "utils"
 
-PR = "r0"
+PR = "r1"
 
 SRC_URI = "https://fedorahosted.org/releases/c/r/cronie/cronie-${PV}.tar.gz \
-           file://crond.init"
+           file://crond.init \
+           file://crontab"
 
 SRC_URI[md5sum] = "968e3d3e7c8e1d0588d533883482d3fa"
 SRC_URI[sha256sum] = "4435484c28a4452ee37db27182675660cdebf16d8956771b28c8a6f2e9c8048b"
@@ -32,4 +33,32 @@ do_install_append () {
        install -d ${D}${sysconfdir}/init.d/
        install -m 0644 ${S}/crond.sysconfig ${D}${sysconfdir}/sysconfig/crond
        install -m 0755 ${WORKDIR}/crond.init ${D}${sysconfdir}/init.d/crond
+
+       # below are necessary for a complete cron environment
+       install -d ${D}${localstatedir}/spool/cron
+       install -m 0755 ${WORKDIR}/crontab ${D}${sysconfdir}/
+        mkdir -p ${D}${sysconfdir}/cron.d
+       mkdir -p ${D}${sysconfdir}/cron.hourly
+       mkdir -p ${D}${sysconfdir}/cron.daily
+       mkdir -p ${D}${sysconfdir}/cron.weekly
+       mkdir -p ${D}${sysconfdir}/cron.monthly
+}
+
+pkg_postinst_${PN} () {
+       if [ "x$D" != "x" ] ; then
+               exit 1
+       fi
+
+       # below setting is necessary to allow normal user using crontab
+
+       # add 'crontab' group and setgid for crontab binary
+       grep crontab /etc/group || addgroup crontab
+       chown root:crontab /usr/bin/crontab
+       chmod 2755 /usr/bin/crontab
+
+       # allow 'crontab' group write to /var/spool/cron
+       chown root:crontab /var/spool/cron
+       chmod 770 /var/spool/cron
+
+       chmod 600 /etc/crontab
 }