commit 6852cb698a7b2038a711940c2641e56ad7ab9c23 Author: CentOS Sources Date: Tue Mar 28 09:15:48 2023 +0000 import logrotate-3.18.0-8.el9 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c15700d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/logrotate-3.18.0.tar.xz diff --git a/.logrotate.metadata b/.logrotate.metadata new file mode 100644 index 0000000..75ee47a --- /dev/null +++ b/.logrotate.metadata @@ -0,0 +1 @@ +6b9aa5efd4551377e9869e8d3303d90a946566f6 SOURCES/logrotate-3.18.0.tar.xz diff --git a/SOURCES/0001-logrotate-3.18.0-fix-resource-leaks.patch b/SOURCES/0001-logrotate-3.18.0-fix-resource-leaks.patch new file mode 100644 index 0000000..9bfbd71 --- /dev/null +++ b/SOURCES/0001-logrotate-3.18.0-fix-resource-leaks.patch @@ -0,0 +1,615 @@ +From 471cf0a6a90e5d45f116f404e1276ea730dbece6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Fri, 26 Mar 2021 17:18:09 +0100 +Subject: [PATCH 1/9] Do not report OOM incorrectly + +In case there is no file in the set to rotate `calloc(0, ...)` is called +, which might return NULL. + +Order the check for a zero number of files first, to void calling calloc +with a size of zero. + +Upstream-commit: 7b65b267d73970eb59061be907c8c35b4396ada9 +Signed-off-by: Kamil Dudka +--- + logrotate.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/logrotate.c b/logrotate.c +index 507c85a..a8c8480 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -2212,11 +2212,6 @@ static int rotateLogSet(const struct logInfo *log, int force) + struct logState **state; + struct logNames **rotNames; + +- logHasErrors = calloc(log->numFiles, sizeof(int)); +- if (!logHasErrors) { +- message_OOM(); +- return 1; +- } + message(MESS_DEBUG, "\nrotating pattern: %s ", log->pattern); + if (force) { + message(MESS_DEBUG, "forced from command line "); +@@ -2277,10 +2272,15 @@ static int rotateLogSet(const struct logInfo *log, int force) + + if (log->numFiles == 0) { + message(MESS_DEBUG, "No logs found. Rotation not needed.\n"); +- free(logHasErrors); + return 0; + } + ++ logHasErrors = calloc(log->numFiles, sizeof(int)); ++ if (!logHasErrors) { ++ message_OOM(); ++ return 1; ++ } ++ + if (log->flags & LOG_FLAG_SU) { + if (switch_user(log->suUid, log->suGid) != 0) { + free(logHasErrors); +-- +2.30.2 + + +From 96203f4cdc64e2df3d203231bd1247424a20875e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 19 Apr 2021 15:35:37 +0200 +Subject: [PATCH 2/9] Unify asprintf usage + +Unify the error checking of asprintf(3). + +Also reset the target string pointer to NULL on error, if it is non- +local, since the content is undefined according to the specification. + +Also fix potential NULL-pointer usage in sprintf(3): + +logrotate.c:1595: + rotNames->dirName = malloc(strlen(ld) + strlen(log->oldDir) + 2); + sprintf(rotNames->dirName, "%s/%s", ld, log->oldDir); + +Upstream-commit: 5afcdeecc5a3bfe07671a3c05c7a301da9206ccd +Signed-off-by: Kamil Dudka +--- + config.c | 28 +++++++++++++--------------- + logrotate.c | 9 ++++++--- + 2 files changed, 19 insertions(+), 18 deletions(-) + +diff --git a/config.c b/config.c +index df2d90b..19dcfce 100644 +--- a/config.c ++++ b/config.c +@@ -815,21 +815,19 @@ int readAllConfigPaths(const char **paths) + + + for (i = 0; i < defTabooCount; i++) { +- int bytes; + char *pattern = NULL; + + /* generate a pattern by concatenating star (wildcard) to the + * suffix literal + */ +- bytes = asprintf(&pattern, "*%s", defTabooExts[i]); +- if (bytes != -1) { +- tabooPatterns[i] = pattern; +- tabooCount++; +- } else { ++ if (asprintf(&pattern, "*%s", defTabooExts[i]) < 0) { + free_2d_array(tabooPatterns, tabooCount); + message_OOM(); + return 1; + } ++ ++ tabooPatterns[i] = pattern; ++ tabooCount++; + } + + for (file = paths; *file; file++) { +@@ -1421,7 +1419,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + } + + while (*endtag) { +- int bytes; + char *pattern = NULL; + + chptr = endtag; +@@ -1437,10 +1434,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + RAISE_ERROR(); + } + tabooPatterns = tmp; +- bytes = asprintf(&pattern, "*%.*s", (int)(chptr - endtag), endtag); ++ if (asprintf(&pattern, "*%.*s", (int)(chptr - endtag), endtag) < 0) { ++ message_OOM(); ++ RAISE_ERROR(); ++ } + +- /* should test for malloc() failure */ +- assert(bytes != -1); + tabooPatterns[tabooCount] = pattern; + tabooCount++; + } +@@ -1481,7 +1479,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + } + + while (*endtag) { +- int bytes; + char *pattern = NULL; + char **tmp; + +@@ -1496,10 +1493,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + RAISE_ERROR(); + } + tabooPatterns = tmp; +- bytes = asprintf(&pattern, "%.*s", (int)(chptr - endtag), endtag); ++ if (asprintf(&pattern, "%.*s", (int)(chptr - endtag), endtag) < 0) { ++ message_OOM(); ++ RAISE_ERROR(); ++ } + +- /* should test for malloc() failure */ +- assert(bytes != -1); + tabooPatterns[tabooCount] = pattern; + tabooCount++; + +@@ -1540,7 +1538,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + env_home = pwd->pw_dir; + } + +- if (asprintf(&new_key, "%s/%s", env_home, key + 2) == -1) { ++ if (asprintf(&new_key, "%s/%s", env_home, key + 2) < 0) { + message_OOM(); + RAISE_ERROR(); + } +diff --git a/logrotate.c b/logrotate.c +index a8c8480..e294352 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -1576,9 +1576,9 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + ld = dirname(logpath); + if (log->oldDir) { + if (log->oldDir[0] != '/') { +- rotNames->dirName = +- malloc(strlen(ld) + strlen(log->oldDir) + 2); +- sprintf(rotNames->dirName, "%s/%s", ld, log->oldDir); ++ if (asprintf(&rotNames->dirName, "%s/%s", ld, log->oldDir) < 0) { ++ rotNames->dirName = NULL; ++ } + } else + rotNames->dirName = strdup(log->oldDir); + } else +@@ -1983,6 +1983,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + if (asprintf(&(rotNames->finalName), "%s/%s%s%s", rotNames->dirName, + rotNames->baseName, dext_str, fileext) < 0) { + message_OOM(); ++ rotNames->finalName = NULL; + return 1; + } + if (asprintf(&destFile, "%s%s", rotNames->finalName, compext) < 0) { +@@ -2001,6 +2002,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + if (asprintf(&(rotNames->finalName), "%s/%s.%d%s", rotNames->dirName, + rotNames->baseName, logStart, fileext) < 0) { + message_OOM(); ++ rotNames->finalName = NULL; + } + } + +@@ -2084,6 +2086,7 @@ static int rotateSingleLog(const struct logInfo *log, unsigned logNum, + free(rotNames->disposeName); + if (asprintf(&rotNames->disposeName, "%s%s", rotNames->finalName, ext) < 0) { + message_OOM(); ++ rotNames->disposeName = NULL; + return 1; + } + +-- +2.30.2 + + +From 3cf921e0d58993b064cd6d52b44835008345f498 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 19 Apr 2021 15:40:19 +0200 +Subject: [PATCH 3/9] Update custom asprintf implementation + +Check for vsnprintf(3) failures. + +Silence conversion warnings. + +Do not call exit(2) on allocation failure, but return -1 like the +specification says. All callers check the return value, since they +need to handle standard asprintf(3) implementations. + +Upstream-commit: f917b31dbb47992bf5c5342c7312ddb2e64efc40 +Signed-off-by: Kamil Dudka +--- + config.c | 20 ++++++++------------ + 1 file changed, 8 insertions(+), 12 deletions(-) + +diff --git a/config.c b/config.c +index 19dcfce..0d79980 100644 +--- a/config.c ++++ b/config.c +@@ -61,24 +61,20 @@ int asprintf(char **string_ptr, const char *format, ...) + + va_start(arg, format); + size = vsnprintf(NULL, 0, format, arg); +- size++; + va_end(arg); +- va_start(arg, format); +- str = malloc(size); ++ if (size < 0) { ++ return -1; ++ } ++ str = malloc((size_t)size + 1); + if (str == NULL) { +- va_end(arg); +- /* +- * Strictly speaking, GNU asprintf doesn't do this, +- * but the caller isn't checking the return value. +- */ +- message_OOM(); +- exit(1); ++ return -1; + } +- rv = vsnprintf(str, size, format, arg); ++ va_start(arg, format); ++ rv = vsnprintf(str, (size_t)size + 1, format, arg); + va_end(arg); + + *string_ptr = str; +- return (rv); ++ return rv; + } + + #endif +-- +2.30.2 + + +From ace9818a606a0c96bb6e4da479ed151650b8fa3a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 19 Apr 2021 15:45:55 +0200 +Subject: [PATCH 4/9] Use asprintf instead of split malloc + sprintf + +Use asprintf(3) instead of split usage of malloc(3) and sprintf(3) to +reduce the chance of potential size inconsistencies. + +Upstream-commit: 001352baa924f021748513b6d09d37eca754d5cc +Signed-off-by: Kamil Dudka +--- + config.c | 5 ++--- + logrotate.c | 25 ++++++++++++------------- + 2 files changed, 14 insertions(+), 16 deletions(-) + +diff --git a/config.c b/config.c +index 0d79980..2905ff7 100644 +--- a/config.c ++++ b/config.c +@@ -1886,13 +1886,12 @@ duperror: + continue; + } + } +- ld = malloc(strlen(dirName) + strlen(newlog->oldDir) + 2); +- if (ld == NULL) { ++ if (asprintf(&ld, "%s/%s", dirName, newlog->oldDir) < 0) { + message_OOM(); + free(dirpath); + goto error; + } +- sprintf(ld, "%s/%s", dirName, newlog->oldDir); ++ + free(dirpath); + + if (newlog->oldDir[0] != '/') { +diff --git a/logrotate.c b/logrotate.c +index e294352..a72329e 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -1810,15 +1810,6 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + } + } + +- /* adding 2 due to / and \0 being added by snprintf */ +- rotNames->firstRotated = +- malloc(strlen(rotNames->dirName) + strlen(rotNames->baseName) + +- strlen(fileext) + strlen(compext) + DATEEXT_LEN + 2 ); +- if (rotNames->firstRotated == NULL) { +- message_OOM(); +- return 1; +- } +- + if (log->flags & LOG_FLAG_DATEEXT) { + /* glob for compressed files with our pattern + * and compress ext */ +@@ -1882,9 +1873,13 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + rotNames->disposeName = NULL; + } + /* firstRotated is most recently created/compressed rotated log */ +- sprintf(rotNames->firstRotated, "%s/%s%s%s%s", ++ if (asprintf(&rotNames->firstRotated, "%s/%s%s%s%s", + rotNames->dirName, rotNames->baseName, dext_str, fileext, +- (log->flags & LOG_FLAG_DELAYCOMPRESS) ? "" : compext); ++ (log->flags & LOG_FLAG_DELAYCOMPRESS) ? "" : compext) < 0) { ++ message_OOM(); ++ rotNames->firstRotated = NULL; ++ return 1; ++ } + globfree(&globResult); + free(glob_pattern); + } else { +@@ -1915,9 +1910,13 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + } + } + +- sprintf(rotNames->firstRotated, "%s/%s.%d%s%s", rotNames->dirName, ++ if (asprintf(&rotNames->firstRotated, "%s/%s.%d%s%s", rotNames->dirName, + rotNames->baseName, logStart, fileext, +- (log->flags & LOG_FLAG_DELAYCOMPRESS) ? "" : compext); ++ (log->flags & LOG_FLAG_DELAYCOMPRESS) ? "" : compext) < 0) { ++ message_OOM(); ++ rotNames->firstRotated = NULL; ++ return 1; ++ } + + for (i = rotateCount + logStart - 1; (i >= 0) && !hasErrors; i--) { + free(newName); +-- +2.30.2 + + +From e8a655ef1977add152d79c4dc8148fe7b1c9bca2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 19 Apr 2021 17:52:48 +0200 +Subject: [PATCH 5/9] Mark read-only string variable const + +Prevent it accidentally being passed to free(3) or similar. + +Upstream-commit: 2231aba823ff6e5a18d996e81ef63df0871224dd +Signed-off-by: Kamil Dudka +--- + logrotate.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/logrotate.c b/logrotate.c +index a72329e..7d49261 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -1567,7 +1567,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + state->lastRotated = now; + + { +- char *ld; ++ const char *ld; + char *logpath = strdup(log->files[logNum]); + if (logpath == NULL) { + message_OOM(); +-- +2.30.2 + + +From c06f20f781c74b2256e8f1757433db7e043b4ddf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 19 Apr 2021 17:59:21 +0200 +Subject: [PATCH 6/9] Limit scope of variable + +Limit the scope of a variable, by splitting it into several distinct +block scope variables. + +This makes some asprintf(3) calls obsolete, and improves readability by +splitting the purpose of the variable. + +Upstream-commit: b37fb75f569b3ddde30dd85184ea160f63abb7d5 +Signed-off-by: Kamil Dudka +--- + logrotate.c | 19 ++++++++----------- + 1 file changed, 8 insertions(+), 11 deletions(-) + +diff --git a/logrotate.c b/logrotate.c +index 7d49261..962ac55 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -1529,7 +1529,6 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + struct logState *state, struct logNames *rotNames) + { + struct tm now; +- char *oldName = NULL; + const char *compext = ""; + const char *fileext = ""; + int hasErrors = 0; +@@ -1770,11 +1769,8 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + sortGlobResult(&globResult, strlen(rotNames->dirName) + 1 + strlen(rotNames->baseName), dformat); + for (glob_count = 0; glob_count < globResult.gl_pathc && !hasErrors; glob_count++) { + struct stat sbprev; ++ const char *oldName = globResult.gl_pathv[glob_count]; + +- if (asprintf(&oldName, "%s", (globResult.gl_pathv)[glob_count]) < 0) { +- message_OOM(); +- return 1; +- } + if (stat(oldName, &sbprev)) { + if (errno == ENOENT) + message(MESS_DEBUG, "previous log %s does not exist\n", oldName); +@@ -1783,7 +1779,6 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + } else { + hasErrors = compressLogFile(oldName, log, &sbprev); + } +- free(oldName); + } + } else { + message(MESS_DEBUG, +@@ -1793,6 +1788,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + free(glob_pattern); + } else { + struct stat sbprev; ++ char *oldName; + if (asprintf(&oldName, "%s/%s.%d%s", rotNames->dirName, + rotNames->baseName, logStart, fileext) < 0) { + message_OOM(); +@@ -1853,16 +1849,14 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + } + if (mail_out != (size_t)-1) { + /* oldName is oldest Backup found (for unlink later) */ +- if (asprintf(&oldName, "%s", (globResult.gl_pathv)[mail_out]) < 0) { +- message_OOM(); +- return 1; +- } ++ const char *oldName = globResult.gl_pathv[mail_out]; + rotNames->disposeName = strdup(oldName); + if (rotNames->disposeName == NULL) { + message_OOM(); ++ globfree(&globResult); ++ free(glob_pattern); + return 1; + } +- free(oldName); + } else { + free(rotNames->disposeName); + rotNames->disposeName = NULL; +@@ -1878,6 +1872,8 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + (log->flags & LOG_FLAG_DELAYCOMPRESS) ? "" : compext) < 0) { + message_OOM(); + rotNames->firstRotated = NULL; ++ globfree(&globResult); ++ free(glob_pattern); + return 1; + } + globfree(&globResult); +@@ -1885,6 +1881,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + } else { + int i; + char *newName = NULL; ++ char *oldName; + + if (rotateCount == -1) { + rotateCount = findLastRotated(rotNames, fileext, compext); +-- +2.30.2 + + +From 1a1eb69e6c4ae403edceb411cb0bbc80473e2527 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Tue, 20 Apr 2021 17:41:16 +0200 +Subject: [PATCH 7/9] Free memory on noolddir configuration + +Consider the following configuration: + olddir /var/log/foo + noolddir + +Do not leak the memory of the initial olddir path. + +Upstream-commit: 59e8e321d3221a3beaf7b9c99b17d5cb7dbcfaf0 +Signed-off-by: Kamil Dudka +--- + config.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config.c b/config.c +index 2905ff7..b7406f5 100644 +--- a/config.c ++++ b/config.c +@@ -1134,7 +1134,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + if (newlog->dateformat == NULL) + continue; + } else if (!strcmp(key, "noolddir")) { +- newlog->oldDir = NULL; ++ freeLogItem(oldDir); + } else if (!strcmp(key, "mailfirst")) { + newlog->flags |= LOG_FLAG_MAILFIRST; + } else if (!strcmp(key, "maillast")) { +-- +2.30.2 + + +From 4aabfd0fe19832ba1df8919356d1d2d4b463937d Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Mon, 3 May 2021 15:14:09 +0200 +Subject: [PATCH 8/9] readConfigFile: release `globerr_msg` on all code paths + +This eliminates the following reports by Coverity: + +Error: RESOURCE_LEAK (CWE-772): +logrotate-3.18.0.18_7a4d/config.c:1798: alloc_arg: "asprintf" allocates memory that is stored into "globerr_msg". [Note: The source code implementation of the function has been overridden by a builtin model.] +logrotate-3.18.0.18_7a4d/config.c:2116: leaked_storage: Variable "globerr_msg" going out of scope leaks the storage it points to. + +Error: RESOURCE_LEAK (CWE-772): +logrotate-3.18.0.18_7a4d/config.c:1798: alloc_arg: "asprintf" allocates memory that is stored into "globerr_msg". [Note: The source code implementation of the function has been overridden by a builtin model.] +logrotate-3.18.0.18_7a4d/config.c:2122: leaked_storage: Variable "globerr_msg" going out of scope leaks the storage it points to. + +Closes: https://github.com/logrotate/logrotate/pull/387 + +Upstream-commit: 97f841be2bb52b9ac00cd564a6eb0a853d1017bd +Signed-off-by: Kamil Dudka +--- + config.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/config.c b/config.c +index b7406f5..91fd412 100644 +--- a/config.c ++++ b/config.c +@@ -2086,12 +2086,14 @@ next_state: ; + + munmap(buf, length); + close(fd); ++ free(globerr_msg); + return logerror; + error: + /* free is a NULL-safe operation */ + free(key); + munmap(buf, length); + close(fd); ++ free(globerr_msg); + return 1; + } + +-- +2.30.2 + + +From b5610cd1b0bc2cf9ab887007a953fbf6340cb150 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Mon, 3 May 2021 15:17:59 +0200 +Subject: [PATCH 9/9] prerotateSingleLog: release `oldName` on all code paths + +This eliminates the following reports by Coverity: + +Error: RESOURCE_LEAK (CWE-772): +logrotate-3.18.0.18_7a4d/logrotate.c:1911: alloc_arg: "asprintf" allocates memory that is stored into "oldName". [Note: The source code implementation of the function has been overridden by a builtin model.] +logrotate-3.18.0.18_7a4d/logrotate.c:1919: noescape: Resource "oldName" is not freed or pointed-to in "strdup". +logrotate-3.18.0.18_7a4d/logrotate.c:1922: leaked_storage: Variable "oldName" going out of scope leaks the storage it points to. + +Error: RESOURCE_LEAK (CWE-772): +logrotate-3.18.0.18_7a4d/logrotate.c:1911: alloc_arg: "asprintf" allocates memory that is stored into "oldName". [Note: The source code implementation of the function has been overridden by a builtin model.] +logrotate-3.18.0.18_7a4d/logrotate.c:1919: noescape: Resource "oldName" is not freed or pointed-to in "strdup". +logrotate-3.18.0.18_7a4d/logrotate.c:1931: leaked_storage: Variable "oldName" going out of scope leaks the storage it points to. + +Closes: https://github.com/logrotate/logrotate/pull/387 + +Upstream-commit: 85bc130b19344a3d9c8b472142df14ddcd0a166d +Signed-off-by: Kamil Dudka +--- + logrotate.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/logrotate.c b/logrotate.c +index 962ac55..d3f2825 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -1903,6 +1903,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + rotNames->disposeName = strdup(oldName); + if (rotNames->disposeName == NULL) { + message_OOM(); ++ free(oldName); + return 1; + } + } +@@ -1911,6 +1912,7 @@ static int prerotateSingleLog(const struct logInfo *log, unsigned logNum, + rotNames->baseName, logStart, fileext, + (log->flags & LOG_FLAG_DELAYCOMPRESS) ? "" : compext) < 0) { + message_OOM(); ++ free(oldName); + rotNames->firstRotated = NULL; + return 1; + } +-- +2.30.2 + diff --git a/SOURCES/0002-logrotate-3.18.0-copytruncate-doc.patch b/SOURCES/0002-logrotate-3.18.0-copytruncate-doc.patch new file mode 100644 index 0000000..4c6e482 --- /dev/null +++ b/SOURCES/0002-logrotate-3.18.0-copytruncate-doc.patch @@ -0,0 +1,62 @@ +From 4810afca1223099c1546da8d73d653c0d1eff96e Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Tue, 27 Apr 2021 18:36:30 +0200 +Subject: [PATCH 1/2] logrotate.8: unify documentation of + copy/copytruncate/renamecopy + +Bug: https://bugzilla.redhat.com/1934629 + +Closes: https://github.com/logrotate/logrotate/pull/386 + +Upstream-commit: 6ac9fe5759678b4c2b312eea490ebbae25092213 +Signed-off-by: Kamil Dudka +--- + logrotate.8.in | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +diff --git a/logrotate.8.in b/logrotate.8.in +index f27c279..8064d68 100644 +--- a/logrotate.8.in ++++ b/logrotate.8.in +@@ -411,7 +411,8 @@ Make a copy of the log file, but don't change the original at all. + This option can be used, for instance, to make a snapshot of the current + log file, or when some other utility needs to truncate or parse the file. + When this option is used, the \fBcreate\fR option will have no effect, +-as the old log file stays in place. ++as the old log file stays in place. The \fBcopy\fR option allows storing ++rotated log files on the different devices using \fBolddir\fR directive. + + .TP + \fBnocopy\fR +@@ -427,7 +428,9 @@ and thus might continue writing (appending) to the previous log file forever. + Note that there is a very small time slice between copying the file and + truncating it, so some logging data might be lost. + When this option is used, the \fBcreate\fR option will have no effect, +-as the old log file stays in place. ++as the old log file stays in place. The \fBcopytruncate\fR option allows ++storing rotated log files on the different devices using \fBolddir\fR ++directive. + + .TP + \fBnocopytruncate\fR +@@ -438,9 +441,14 @@ Do not truncate the original log file in place after creating a copy + \fBrenamecopy\fR + Log file is renamed to temporary filename in the same directory by adding + ".tmp" extension to it. After that, \fBpostrotate\fR script is run +-and log file is copied from temporary filename to final filename. This allows +-storing rotated log files on the different devices using \fBolddir\fR +-directive. In the end, temporary filename is removed. ++and log file is copied from temporary filename to final filename. In the end, ++temporary filename is removed. The \fBrenamecopy\fR option allows storing ++rotated log files on the different devices using \fBolddir\fR directive. ++ ++.TP ++\fBnorenamecopy\fR ++Do not rename and copy the original log file ++(this overrides the \fBrenamecopy\fR option). + + .TP + \fBshred\fR +-- +2.30.2 + diff --git a/SOURCES/0003-logrotate-3.18.0-renamecopy-excl.patch b/SOURCES/0003-logrotate-3.18.0-renamecopy-excl.patch new file mode 100644 index 0000000..9cdf44a --- /dev/null +++ b/SOURCES/0003-logrotate-3.18.0-renamecopy-excl.patch @@ -0,0 +1,89 @@ +From 337eb1492f8b694542d704c7a4612e3211f717e5 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Tue, 27 Apr 2021 20:52:32 +0200 +Subject: [PATCH 2/2] make `renamecopy` and `copytruncate` override each other + +These option cannot work together. This rule prevents unnecessary +rotation failure in case one of the options comes from the global +configuration and the other one from log-specific configuration. + +Bug: https://bugzilla.redhat.com/1934601 + +Closes: https://github.com/logrotate/logrotate/pull/386 + +Upstream-commit: fe53a0efd21c11dbe9705564f92f5d9aa6bf855e +Signed-off-by: Kamil Dudka +--- + config.c | 2 ++ + logrotate.8.in | 3 ++- + test/test-config.24.in | 3 +++ + test/test-config.58.in | 3 +++ + 4 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/config.c b/config.c +index 91fd412..1bca9e4 100644 +--- a/config.c ++++ b/config.c +@@ -1106,10 +1106,12 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + newlog->flags &= ~LOG_FLAG_SHAREDSCRIPTS; + } else if (!strcmp(key, "copytruncate")) { + newlog->flags |= LOG_FLAG_COPYTRUNCATE; ++ newlog->flags &= ~LOG_FLAG_TMPFILENAME; + } else if (!strcmp(key, "nocopytruncate")) { + newlog->flags &= ~LOG_FLAG_COPYTRUNCATE; + } else if (!strcmp(key, "renamecopy")) { + newlog->flags |= LOG_FLAG_TMPFILENAME; ++ newlog->flags &= ~LOG_FLAG_COPYTRUNCATE; + } else if (!strcmp(key, "norenamecopy")) { + newlog->flags &= ~LOG_FLAG_TMPFILENAME; + } else if (!strcmp(key, "copy")) { +diff --git a/logrotate.8.in b/logrotate.8.in +index 8064d68..f0aa23f 100644 +--- a/logrotate.8.in ++++ b/logrotate.8.in +@@ -430,7 +430,7 @@ truncating it, so some logging data might be lost. + When this option is used, the \fBcreate\fR option will have no effect, + as the old log file stays in place. The \fBcopytruncate\fR option allows + storing rotated log files on the different devices using \fBolddir\fR +-directive. ++directive. The \fBcopytruncate\fR option implies \fBnorenamecopy\fR. + + .TP + \fBnocopytruncate\fR +@@ -444,6 +444,7 @@ Log file is renamed to temporary filename in the same directory by adding + and log file is copied from temporary filename to final filename. In the end, + temporary filename is removed. The \fBrenamecopy\fR option allows storing + rotated log files on the different devices using \fBolddir\fR directive. ++The \fBrenamecopy\fR option implies \fBnocopytruncate\fR. + + .TP + \fBnorenamecopy\fR +diff --git a/test/test-config.24.in b/test/test-config.24.in +index 35cfcd3..7a2a760 100644 +--- a/test/test-config.24.in ++++ b/test/test-config.24.in +@@ -1,5 +1,8 @@ + create + ++# will be overridden by copytruncate ++renamecopy ++ + &DIR&/test*.log { + daily + copytruncate +diff --git a/test/test-config.58.in b/test/test-config.58.in +index 34906da..79058be 100644 +--- a/test/test-config.58.in ++++ b/test/test-config.58.in +@@ -1,5 +1,8 @@ + create + ++# will be overridden by renamecopy ++copytruncate ++ + &DIR&/test.log { + renamecopy + weekly +-- +2.30.2 + diff --git a/SOURCES/0004-logrotate-3.18.0-CVE-2022-1348.patch b/SOURCES/0004-logrotate-3.18.0-CVE-2022-1348.patch new file mode 100644 index 0000000..332e4ee --- /dev/null +++ b/SOURCES/0004-logrotate-3.18.0-CVE-2022-1348.patch @@ -0,0 +1,253 @@ +From 53e0dc4a8ddcb169b0ba36472de03f4366f45159 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Tue, 29 Mar 2022 21:06:54 +0200 +Subject: [PATCH 1/3] skip locking if state file is world-readable + +Fixes: CVE-2022-1348 - potential DoS from unprivileged users via the state file +Bug: https://bugzilla.redhat.com/CVE-2022-1348 + +Upstream-commit: 1f76a381e2caa0603ae3dbc51ed0f1aa0d6658b9 +Signed-off-by: Kamil Dudka +--- + logrotate.c | 24 ++++++++++++++++++++++-- + logrotate.spec.in | 3 +-- + test/Makefile.am | 1 + + test/test-0087.sh | 1 + + test/test-0092.sh | 19 +++++++++++++++++++ + test/test-config.92.in | 4 ++++ + 6 files changed, 48 insertions(+), 4 deletions(-) + create mode 100755 test/test-0092.sh + create mode 100644 test/test-config.92.in + +diff --git a/logrotate.c b/logrotate.c +index d3f2825..78153b3 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -2565,6 +2565,9 @@ static int writeState(const char *stateFilename) + + close(fdcurr); + ++ /* drop world-readable flag to prevent others from locking */ ++ sb.st_mode &= ~(mode_t)S_IROTH; ++ + fdsave = createOutputFile(tmpFilename, O_RDWR | O_CREAT | O_TRUNC, &sb, prev_acl, 0); + #ifdef WITH_ACL + if (prev_acl) { +@@ -2898,15 +2901,16 @@ static int readState(const char *stateFilename) + + static int lockState(const char *stateFilename, int skip_state_lock) + { ++ struct stat sb; + int lockFd = open(stateFilename, O_RDWR | O_CLOEXEC); + if (lockFd == -1) { + if (errno == ENOENT) { + message(MESS_DEBUG, "Creating stub state file: %s\n", + stateFilename); + +- /* create a stub state file with mode 0644 */ ++ /* create a stub state file with mode 0640 */ + lockFd = open(stateFilename, O_CREAT | O_EXCL | O_WRONLY, +- S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH); ++ S_IWUSR | S_IRUSR | S_IRGRP); + if (lockFd == -1) { + message(MESS_ERROR, "error creating stub state file %s: %s\n", + stateFilename, strerror(errno)); +@@ -2926,6 +2930,22 @@ static int lockState(const char *stateFilename, int skip_state_lock) + return 0; + } + ++ if (fstat(lockFd, &sb) == -1) { ++ message(MESS_ERROR, "error stat()ing state file %s: %s\n", ++ stateFilename, strerror(errno)); ++ close(lockFd); ++ return 1; ++ } ++ ++ if (sb.st_mode & S_IROTH) { ++ message(MESS_ERROR, "state file %s is world-readable and thus can" ++ " be locked from other unprivileged users." ++ " Skipping lock acquisition...\n", ++ stateFilename); ++ close(lockFd); ++ return 0; ++ } ++ + if (flock(lockFd, LOCK_EX | LOCK_NB) == -1) { + if (errno == EWOULDBLOCK) { + message(MESS_ERROR, "state file %s is already locked\n" +diff --git a/logrotate.spec.in b/logrotate.spec.in +index 92e1d97..3caabf2 100644 +--- a/logrotate.spec.in ++++ b/logrotate.spec.in +@@ -41,7 +41,6 @@ install -p -m 644 examples/logrotate.conf $RPM_BUILD_ROOT%{_sysconfdir}/logrotat + install -p -m 644 examples/btmp $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/btmp + install -p -m 644 examples/wtmp $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/wtmp + install -p -m 755 examples/logrotate.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/logrotate +-touch $RPM_BUILD_ROOT%{_localstatedir}/lib/logrotate.status + + %clean + rm -rf $RPM_BUILD_ROOT +@@ -55,4 +54,4 @@ rm -rf $RPM_BUILD_ROOT + %attr(0755, root, root) %{_sysconfdir}/cron.daily/logrotate + %attr(0644, root, root) %config(noreplace) %{_sysconfdir}/logrotate.conf + %attr(0755, root, root) %{_sysconfdir}/logrotate.d +-%attr(0644, root, root) %verify(not size md5 mtime) %config(noreplace) %{_localstatedir}/lib/logrotate.status ++%ghost %attr(0640, root, root) %verify(not size md5 mtime) %{_localstatedir}/lib/logrotate.status +diff --git a/test/Makefile.am b/test/Makefile.am +index 914fe65..d6fb7c8 100644 +--- a/test/Makefile.am ++++ b/test/Makefile.am +@@ -87,6 +87,7 @@ TEST_CASES = \ + test-0086.sh \ + test-0087.sh \ + test-0088.sh \ ++ test-0092.sh \ + test-0100.sh \ + test-0101.sh + +diff --git a/test/test-0087.sh b/test/test-0087.sh +index 91e5266..aeff2c6 100755 +--- a/test/test-0087.sh ++++ b/test/test-0087.sh +@@ -8,6 +8,7 @@ cleanup 87 + preptest test.log 87 1 + + touch state ++chmod 0640 state + + $RLR test-config.87 -f & + +diff --git a/test/test-0092.sh b/test/test-0092.sh +new file mode 100755 +index 0000000..be52e14 +--- /dev/null ++++ b/test/test-0092.sh +@@ -0,0 +1,19 @@ ++#!/bin/sh ++ ++. ./test-common.sh ++ ++# check state file locking ++cleanup 92 ++ ++preptest test.log 92 1 ++ ++touch state ++chmod 0644 state ++flock state -c "sleep 10" & ++ ++$RLR -f test-config.92 || exit 23 ++ ++checkoutput < +Date: Wed, 25 May 2022 09:55:02 +0200 +Subject: [PATCH 2/3] drop world-readable permission on state file + +... even when ACLs are enabled. This is a follow-up to the fix +of CVE-2022-1348. It has no impact on security but makes the state +file locking work again in more cases. + +Closes: https://github.com/logrotate/logrotate/pull/446 + +Upstream-commit: addbd293242b0b78aa54f054e6c1d249451f137d +Signed-off-by: Kamil Dudka +--- + logrotate.c | 10 +++++++--- + test/test-0048.sh | 1 + + 2 files changed, 8 insertions(+), 3 deletions(-) + +diff --git a/logrotate.c b/logrotate.c +index 78153b3..8d49f26 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -2498,6 +2498,7 @@ static int writeState(const char *stateFilename) + struct tm now; + time_t now_time, last_time; + char *prevCtx; ++ int force_mode = 0; + + localtime_r(&nowSecs, &now); + +@@ -2565,10 +2566,13 @@ static int writeState(const char *stateFilename) + + close(fdcurr); + +- /* drop world-readable flag to prevent others from locking */ +- sb.st_mode &= ~(mode_t)S_IROTH; ++ if (sb.st_mode & (mode_t)S_IROTH) { ++ /* drop world-readable flag to prevent others from locking */ ++ sb.st_mode &= ~(mode_t)S_IROTH; ++ force_mode = 1; ++ } + +- fdsave = createOutputFile(tmpFilename, O_RDWR | O_CREAT | O_TRUNC, &sb, prev_acl, 0); ++ fdsave = createOutputFile(tmpFilename, O_RDWR | O_CREAT | O_TRUNC, &sb, prev_acl, force_mode); + #ifdef WITH_ACL + if (prev_acl) { + acl_free(prev_acl); +diff --git a/test/test-0048.sh b/test/test-0048.sh +index 62d606b..06b255a 100755 +--- a/test/test-0048.sh ++++ b/test/test-0048.sh +@@ -18,6 +18,7 @@ cat > state << EOF + logrotate state -- version 2 + EOF + ++chmod 0640 state + setfacl -m u:nobody:rwx state + + $RLR test-config.48 +-- +2.35.3 + + +From 105ed9f433a3aaf1aec93318aa9c8811b59d7b23 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Fri, 27 May 2022 09:56:07 +0200 +Subject: [PATCH 3/3] lockState: do not print `error:` when exit code is + unaffected + +Closes: https://github.com/logrotate/logrotate/pull/448 + +Upstream-commit: 31cf1099ab8514dfcae5a980bc77352edd5292f8 +Signed-off-by: Kamil Dudka +--- + logrotate.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/logrotate.c b/logrotate.c +index 27deaf3..77db8c2 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -2942,8 +2942,8 @@ static int lockState(const char *stateFilename, int skip_state_lock) + } + + if (sb.st_mode & S_IROTH) { +- message(MESS_ERROR, "state file %s is world-readable and thus can" +- " be locked from other unprivileged users." ++ message(MESS_NORMAL, "warning: state file %s is world-readable" ++ " and thus can be locked from other unprivileged users." + " Skipping lock acquisition...\n", + stateFilename); + close(lockFd); +-- +2.35.3 + diff --git a/SOURCES/0005-logrotate-3.18.0-stricter-config-parser.patch b/SOURCES/0005-logrotate-3.18.0-stricter-config-parser.patch new file mode 100644 index 0000000..282566b --- /dev/null +++ b/SOURCES/0005-logrotate-3.18.0-stricter-config-parser.patch @@ -0,0 +1,556 @@ +From 6db706b51af0a6f6ce28bceaefb4157347d2fa18 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Tue, 20 Apr 2021 17:41:10 +0200 +Subject: [PATCH 1/6] Log if keyword is not properly separated + +The man page states + Values are separated from directives by whitespace and/or an + optional =. + +But logrotate does accept no separator, like + rotate7 + +Log those occurrences with a normal severity, as this usage is not +intended. + +Upstream-commit: 2b588b5ec2e5c27bee857c4abeddafa6a9602ebc +Signed-off-by: Kamil Dudka +--- + config.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/config.c b/config.c +index 1bca9e4..8049211 100644 +--- a/config.c ++++ b/config.c +@@ -1088,6 +1088,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + key = isolateWord(&start, &buf, length); + if (key == NULL) + continue; ++ if (!isspace((unsigned char)*start)) { ++ message(MESS_NORMAL, "%s:%d keyword '%s' not properly" ++ " separated, found %#x\n", ++ configFile, lineNum, key, *start); ++ } + if (!strcmp(key, "compress")) { + newlog->flags |= LOG_FLAG_COMPRESS; + } else if (!strcmp(key, "nocompress")) { +-- +2.38.1 + + +From 2a22bf99b41e737fcd8c986be5c4fb761ab101c7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Tue, 20 Apr 2021 17:41:12 +0200 +Subject: [PATCH 2/6] Log error on keyword parse failure + +isolateWord() only fails on OOM and EOF. + +Upstream-commit: 326179a901b0a8d10e902cae0abab0c68d7abc98 +Signed-off-by: Kamil Dudka +--- + config.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/config.c b/config.c +index 8049211..fd6e026 100644 +--- a/config.c ++++ b/config.c +@@ -1086,8 +1086,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + if (isalpha((unsigned char)*start)) { + free(key); + key = isolateWord(&start, &buf, length); +- if (key == NULL) ++ if (key == NULL) { ++ message(MESS_ERROR, "%s:%d failed to parse keyword\n", ++ configFile, lineNum); + continue; ++ } + if (!isspace((unsigned char)*start)) { + message(MESS_NORMAL, "%s:%d keyword '%s' not properly" + " separated, found %#x\n", +-- +2.38.1 + + +From d3b2d0d058d41dd7efccadff8506285af791711c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Tue, 20 Apr 2021 17:41:20 +0200 +Subject: [PATCH 3/6] Fail on parse error of required option value + +Fail on a parse error of a required option value of the directives +include, extension, addextension, rotate, start, minage, maxage, +shredcycles and su. +Failing is better than silently skipping a directive and running with an +undesired configuration. + +Upstream-commit: 906ea11981cb1842538c4aaed395885fda693e47 +Signed-off-by: Kamil Dudka +--- + config.c | 49 ++++++++++++++++++++++++++++++------------------- + 1 file changed, 30 insertions(+), 19 deletions(-) + +diff --git a/config.c b/config.c +index fd6e026..227feec 100644 +--- a/config.c ++++ b/config.c +@@ -1154,8 +1154,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + mode_t tmp_mode = NO_MODE; + free(key); + key = isolateLine(&start, &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ message(MESS_ERROR, "%s:%d failed to parse su option value\n", ++ configFile, lineNum); ++ RAISE_ERROR(); ++ } + + rv = readModeUidGid(configFile, lineNum, key, "su", + &tmp_mode, &newlog->suUid, +@@ -1268,13 +1271,14 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "shred cycles", + &start, &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + newlog->shred_cycles = (int)strtoul(key, &chptr, 0); + if (*chptr || newlog->shred_cycles < 0) { + message(MESS_ERROR, "%s:%d bad shred cycles '%s'\n", + configFile, lineNum, key); +- goto error; ++ RAISE_ERROR(); + } + } else if (!strcmp(key, "hourly")) { + set_criterium(&newlog->criterium, ROT_HOURLY, &criterium_set); +@@ -1309,8 +1313,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "rotate count", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + newlog->rotateCount = (int)strtol(key, &chptr, 0); + if (*chptr || newlog->rotateCount < -1) { + message(MESS_ERROR, +@@ -1322,8 +1327,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "start count", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + newlog->logStart = (int)strtoul(key, &chptr, 0); + if (*chptr || newlog->logStart < 0) { + message(MESS_ERROR, "%s:%d bad start count '%s'\n", +@@ -1334,8 +1340,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "minage count", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + newlog->rotateMinAge = (int)strtoul(key, &chptr, 0); + if (*chptr || newlog->rotateMinAge < 0) { + message(MESS_ERROR, "%s:%d bad minimum age '%s'\n", +@@ -1346,8 +1353,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "maxage count", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + newlog->rotateAge = (int)strtoul(key, &chptr, 0); + if (*chptr || newlog->rotateAge < 0) { + message(MESS_ERROR, "%s:%d bad maximum age '%s'\n", +@@ -1519,8 +1527,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "include", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + + if (key[0] == '~' && key[1] == '/') { + /* replace '~' with content of $HOME cause low-level functions +@@ -1582,8 +1591,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "extension name", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + freeLogItem (extension); + newlog->extension = key; + key = NULL; +@@ -1593,8 +1603,9 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + free(key); + key = isolateValue(configFile, lineNum, "addextension name", &start, + &buf, length); +- if (key == NULL) +- continue; ++ if (key == NULL) { ++ RAISE_ERROR(); ++ } + freeLogItem (addextension); + newlog->addextension = key; + key = NULL; +-- +2.38.1 + + +From 69d2febc6e6e81e34d944b1652144df2e154965d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 26 Jul 2021 19:35:00 +0200 +Subject: [PATCH 4/6] Do not warn on key value pair separated by only an equal + sign + +Do not warn if a configuration directive is specified with the key and +value separated by just an equal sign, like: + + size=+2048k + +The warning is intended for the usage of: + + size2048k + +Fixes: 2b588b5e ("Log if keyword is not properly separated") +Fixes: #410 + +Upstream-commit: a98c38bc867ec59e00625b48262bb3334c8f5728 +Signed-off-by: Kamil Dudka +--- + config.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config.c b/config.c +index 227feec..6eb94d4 100644 +--- a/config.c ++++ b/config.c +@@ -1091,7 +1091,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + configFile, lineNum); + continue; + } +- if (!isspace((unsigned char)*start)) { ++ if (!isspace((unsigned char)*start) && *start != '=') { + message(MESS_NORMAL, "%s:%d keyword '%s' not properly" + " separated, found %#x\n", + configFile, lineNum, key, *start); +-- +2.38.1 + + +From 3a1f8e746b2753efe7472580b1db4395553b1d34 Mon Sep 17 00:00:00 2001 +From: Felix Wilhelm +Date: Thu, 21 Oct 2021 09:47:57 +0000 +Subject: [PATCH 5/6] config.c: enforce stricter parsing of config files + +Abort parsing of config files that contain invalid lines. +This makes it harder to abuse logrotate for privilege escalation +attacks where an attacker can partially control a privileged file write. + +Upstream-commit: 124e4ca6532b0fe823fa2ec145294547b3aaeb4b +Signed-off-by: Kamil Dudka +--- + config.c | 7 ++++--- + test/Makefile.am | 4 +++- + test/test-0102.sh | 16 ++++++++++++++++ + test/test-0103.sh | 16 ++++++++++++++++ + test/test-config.102.in | 10 ++++++++++ + test/test-config.103.in | 12 ++++++++++++ + 6 files changed, 61 insertions(+), 4 deletions(-) + create mode 100755 test/test-0102.sh + create mode 100755 test/test-0103.sh + create mode 100644 test/test-config.102.in + create mode 100644 test/test-config.103.in + +diff --git a/config.c b/config.c +index 6eb94d4..c0fd4ff 100644 +--- a/config.c ++++ b/config.c +@@ -1089,12 +1089,13 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig) + if (key == NULL) { + message(MESS_ERROR, "%s:%d failed to parse keyword\n", + configFile, lineNum); +- continue; ++ RAISE_ERROR(); + } + if (!isspace((unsigned char)*start) && *start != '=') { +- message(MESS_NORMAL, "%s:%d keyword '%s' not properly" ++ message(MESS_ERROR, "%s:%d keyword '%s' not properly" + " separated, found %#x\n", + configFile, lineNum, key, *start); ++ RAISE_ERROR(); + } + if (!strcmp(key, "compress")) { + newlog->flags |= LOG_FLAG_COMPRESS; +@@ -1973,7 +1974,7 @@ duperror: + message(MESS_ERROR, "%s:%d lines must begin with a keyword " + "or a filename (possibly in double quotes)\n", + configFile, lineNum); +- state = STATE_SKIP_LINE; ++ RAISE_ERROR(); + } + break; + case STATE_SKIP_LINE: +diff --git a/test/Makefile.am b/test/Makefile.am +index d6fb7c8..cd357e5 100644 +--- a/test/Makefile.am ++++ b/test/Makefile.am +@@ -89,7 +89,9 @@ TEST_CASES = \ + test-0088.sh \ + test-0092.sh \ + test-0100.sh \ +- test-0101.sh ++ test-0101.sh \ ++ test-0102.sh \ ++ test-0103.sh + + EXTRA_DIST = \ + compress \ +diff --git a/test/test-0102.sh b/test/test-0102.sh +new file mode 100755 +index 0000000..d2550a5 +--- /dev/null ++++ b/test/test-0102.sh +@@ -0,0 +1,16 @@ ++#!/bin/sh ++ ++. ./test-common.sh ++ ++cleanup 102 ++ ++# ------------------------------- Test 102 ------------------------------------ ++# test invalid config file with binary content ++preptest test.log 102 1 ++ ++$RLR test-config.102 --force ++ ++if [ $? -eq 0 ]; then ++ echo "No error, but there should be one." ++ exit 3 ++fi +diff --git a/test/test-0103.sh b/test/test-0103.sh +new file mode 100755 +index 0000000..bccd8ed +--- /dev/null ++++ b/test/test-0103.sh +@@ -0,0 +1,16 @@ ++#!/bin/sh ++ ++. ./test-common.sh ++ ++cleanup 103 ++ ++# ------------------------------- Test 103 ------------------------------------ ++# test invalid config file with unknown keywords ++preptest test.log 103 1 ++ ++$RLR test-config.103 --force ++ ++if [ $? -eq 0 ]; then ++ echo "No error, but there should be one." ++ exit 3 ++fi +diff --git a/test/test-config.102.in b/test/test-config.102.in +new file mode 100644 +index 0000000..cbca4c4 +--- /dev/null ++++ b/test/test-config.102.in +@@ -0,0 +1,10 @@ ++ELF ++ ++&DIR&/test.log { ++ daily ++ size=0 ++ ++firstaction ++ /bin/sh -c "echo test123" ++ endscript ++} +diff --git a/test/test-config.103.in b/test/test-config.103.in +new file mode 100644 +index 0000000..ef4d19c +--- /dev/null ++++ b/test/test-config.103.in +@@ -0,0 +1,12 @@ ++random noise ++a b c d ++a::x ++ ++&DIR&/test.log { ++ daily ++ size=0 ++ ++firstaction ++ /bin/sh -c "echo test123" ++ endscript ++} +-- +2.38.1 + + +From 2ad71221cd9e485e4d45df4f28b47072491df120 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 13 Dec 2021 21:47:16 +0100 +Subject: [PATCH 6/6] Add more testcases for stricter configuration parsing + +Upstream-commit: 9cbc22b91caff6cfbd1378737c62276bd9ffe3e7 +Signed-off-by: Kamil Dudka +--- + test/Makefile.am | 4 +++- + test/test-0102.sh | 5 +++++ + test/test-0103.sh | 5 +++++ + test/test-0104.sh | 19 +++++++++++++++++++ + test/test-0105.sh | 25 +++++++++++++++++++++++++ + test/test-config.104.in | 8 ++++++++ + test/test-config.105.in | 8 ++++++++ + 7 files changed, 73 insertions(+), 1 deletion(-) + create mode 100755 test/test-0104.sh + create mode 100755 test/test-0105.sh + create mode 100644 test/test-config.104.in + create mode 100644 test/test-config.105.in + +diff --git a/test/Makefile.am b/test/Makefile.am +index cd357e5..f1a0062 100644 +--- a/test/Makefile.am ++++ b/test/Makefile.am +@@ -91,7 +91,9 @@ TEST_CASES = \ + test-0100.sh \ + test-0101.sh \ + test-0102.sh \ +- test-0103.sh ++ test-0103.sh \ ++ test-0104.sh \ ++ test-0105.sh + + EXTRA_DIST = \ + compress \ +diff --git a/test/test-0102.sh b/test/test-0102.sh +index d2550a5..367bde9 100755 +--- a/test/test-0102.sh ++++ b/test/test-0102.sh +@@ -14,3 +14,8 @@ if [ $? -eq 0 ]; then + echo "No error, but there should be one." + exit 3 + fi ++ ++checkoutput <> .gitignore << EOF +/autom4te.cache +/build +/config.h.in~ +EOF +git add .gitignore +git commit -m "update .gitignore" + +autoreconf -fiv +git add --all +git commit -m "force autoreconf" --allow-empty + +%build +mkdir build && cd build +%global _configure ../configure +%configure --with-state-file-path=%{_localstatedir}/lib/logrotate/logrotate.status +%make_build + +%check +%make_build -C build -s check + +%install +%make_install -C build + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d +mkdir -p $RPM_BUILD_ROOT%{_unitdir} +mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/logrotate + +install -p -m 644 examples/logrotate.conf $RPM_BUILD_ROOT%{_sysconfdir}/ +install -p -m 644 examples/{b,w}tmp $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/ +install -p -m 644 examples/logrotate.{service,timer} $RPM_BUILD_ROOT%{_unitdir}/ + +# Make sure logrotate is able to run on read-only root +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d +install -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/logrotate + +%pre +# If /var/lib/logrotate/logrotate.status does not exist, create it and copy +# the /var/lib/logrotate.status in it (if it exists). We have to do that in pre +# script, otherwise the /var/lib/logrotate/logrotate.status would not be there, +# because during the update, it is removed/renamed. +if [ ! -d %{_localstatedir}/lib/logrotate/ -a -f %{_localstatedir}/lib/logrotate.status ]; then + mkdir -p %{_localstatedir}/lib/logrotate + cp -a %{_localstatedir}/lib/logrotate.status %{_localstatedir}/lib/logrotate +fi + +%post +%systemd_post logrotate.{service,timer} + +# If there is any cron daemon configured, enable the systemd timer to avoid +# breaking the configuration silently when upgrading from 3.14.0-4 or +# earlier versions +%triggerin -- logrotate < 3.14.0-5 +[ -e %{_sysconfdir}/crontab -o -e %{_sysconfdir}/anacrontab -o -e %{_sysconfdir}/fcrontab ] \ + && %{_bindir}/systemctl enable --now logrotate.timer &>/dev/null || : + +%preun +%systemd_preun logrotate.{service,timer} + +%files +%license COPYING +%doc ChangeLog.md +%{_sbindir}/logrotate +%{_unitdir}/logrotate.{service,timer} +%{_mandir}/man8/logrotate.8* +%{_mandir}/man5/logrotate.conf.5* +%config(noreplace) %{_sysconfdir}/logrotate.conf +%dir %{_sysconfdir}/logrotate.d +%config(noreplace) %{_sysconfdir}/logrotate.d/{b,w}tmp +%dir %{_localstatedir}/lib/logrotate +%ghost %verify(not size md5 mtime) %attr(0640, root, root) %{_localstatedir}/lib/logrotate/logrotate.status +%config(noreplace) %{_sysconfdir}/rwtab.d/logrotate + +%changelog +* Tue Dec 20 2022 Kamil Dudka - 3.18.0-8 +- enforce stricter parsing of config files (#2148925) + +* Fri May 27 2022 Kamil Dudka - 3.18.0-7 +- lockState: do not print `error:` when exit code is unaffected (#2090926) + +* Wed May 25 2022 Kamil Dudka - 3.18.0-6 +- fix potential DoS from unprivileged users via the state file (CVE-2022-1348) + +* Mon Aug 09 2021 Mohan Boddu +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Tue May 04 2021 Kamil Dudka - 3.18.0-4 +- make `renamecopy` and `copytruncate` override each other (#1934601) +- unify documentation of copy/copytruncate/renamecopy (#1934629) +- fix resource leaks reported by Coverity + +* Fri Apr 16 2021 Mohan Boddu - 3.18.0-3 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Tue Jan 26 2021 Fedora Release Engineering - 3.18.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Jan 08 2021 Kamil Dudka - 3.18.0-1 +- new upstream version 3.18.0 + +* Tue Jul 28 2020 Fedora Release Engineering - 3.17.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 13 2020 Tom Stellard - 3.17.0-2 +- Use make macros +- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro + +* Fri Jul 10 2020 Kamil Dudka - 3.17.0-1 +- new upstream version 3.17.0 + +* Fri Feb 28 2020 Kamil Dudka - 3.16.0-1 +- new upstream version 3.16.0 + +* Thu Jan 30 2020 Kamil Dudka - 3.15.1-3 +- make the code compile with gcc-10 + +* Wed Jan 29 2020 Fedora Release Engineering - 3.15.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Aug 30 2019 Kamil Dudka - 3.15.1-1 +- new upstream version 3.15.1 + +* Thu Jul 25 2019 Fedora Release Engineering - 3.15.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri Feb 01 2019 Fedora Release Engineering - 3.15.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Dec 04 2018 Kamil Dudka - 3.15.0-1 +- new upstream version 3.15.0 + +* Wed Nov 21 2018 Alejandro Domínguez Muñoz - 3.14.0-5 +- add make as a build dependency +- replace cron job with a systemd timer unit (#1502085, #1655153) + +* Fri Aug 10 2018 Kamil Dudka - 3.14.0-4 +- fix programming mistakes detected by Coverity Analysis +- document the --version option in the logrotate(8) man page (#1611498) + +* Fri Jul 13 2018 Fedora Release Engineering - 3.14.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Jul 11 2018 Kamil Dudka - 3.14.0-2 +- fix license tag to match the source code license + +* Fri Mar 09 2018 Kamil Dudka - 3.14.0-1 +- new upstream version 3.14.0 + +* Mon Feb 19 2018 Kamil Dudka - 3.13.0-3 +- add explicit BR for the gcc compiler + +* Thu Feb 08 2018 Fedora Release Engineering - 3.13.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Oct 13 2017 Kamil Dudka - 3.13.0-1 +- new upstream version 3.13.0 + +* Thu Aug 03 2017 Fedora Release Engineering - 3.12.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 3.12.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Jun 30 2017 Kamil Dudka - 3.12.3-1 +- new upstream version 3.12.3 + +* Tue May 02 2017 Kamil Dudka - 3.12.2-1 +- new upstream version 3.12.2 + +* Fri Apr 21 2017 Kamil Dudka - 3.12.1-1 +- new upstream version 3.12.1 + +* Fri Feb 10 2017 Fedora Release Engineering - 3.11.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Jan 25 2017 Kamil Dudka - 3.11.0-3 +- mark cron.daily/logrotate as config file (#1174207) + +* Thu Dec 08 2016 Kamil Dudka - 3.11.0-2 +- make the package build on RHEL-6, too + +* Fri Dec 02 2016 Kamil Dudka - 3.11.0-1 +- build out of source tree +- new upstream version 3.11.0 + +* Thu Nov 24 2016 Kamil Dudka - 3.10.0-4 +- make /var/lib/logrotate/logrotate.status the default state file (#1381719) + +* Fri Nov 11 2016 Kamil Dudka - 3.10.0-3 +- fix migration of state file from its previous location (#1393247) + +* Tue Aug 23 2016 Kamil Dudka - 3.10.0-2 +- own /etc/cron.daily because no dependency of logrotate installs it +- do not explicitly declare mode for each single installed file + +* Wed Aug 03 2016 Kamil Dudka - 3.10.0-1 +- document default state file used by logrotate cron job (#1357215) +- modernize spec file +- new upstream version 3.10.0 + +* Wed Jul 20 2016 Kamil Dudka - 3.9.2-5 +- do not log to syslog by default (#1304828) + +* Thu Jul 14 2016 Kamil Dudka - 3.9.2-4 +- make the /var/lib/logrotate directory owned by logrotate + +* Tue Feb 16 2016 Marcin Juszkiewicz - 3.9.2-3 +- Fix code indentation to get it build with gcc6. +- Fixed dates in changelog. + +* Thu Feb 04 2016 Fedora Release Engineering - 3.9.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jan 20 2016 Jan Kaluza - 3.9.2-1 +- new upstream version 3.9.2 +- log to syslog + +* Wed Jun 17 2015 Jan Kaluza - 3.9.1-2 +- move logrotate.status to /var/lib/logrotate and add it to rwtab.d (#1127415) + +* Fri Apr 03 2015 Jan Kaluza - 3.9.1-1 +- new upstream version 3.9.1 + +* Fri Apr 03 2015 Jan Kaluza - 3.9.0-1 +- new upstream version 3.9.0 + +* Fri Feb 13 2015 Jan Kaluza - 3.8.9-1 +- new upstream version 3.8.9 + +* Thu Oct 16 2014 Jan Kaluza - 3.8.8-1 +- new upstream version 3.8.8 + +* Sun Aug 17 2014 Fedora Release Engineering - 3.8.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Jul 18 2014 Tom Callaway - 3.8.7-3 +- fix license handling + +* Sat Jun 07 2014 Fedora Release Engineering - 3.8.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Oct 10 2013 Jan Kaluza - 3.8.7-1 +- new usptream version 3.8.7 + +* Wed Jul 31 2013 Jan Kaluza - 3.8.6-1 +- new upstream version 3.8.6 + +* Wed Jul 10 2013 Jan Kaluza - 3.8.5-2 +- fix #982409 - do not crash when no logs are rotated and "sharedscripts" and + "prerotate" is used + +* Mon Jun 10 2013 Jan Kaluza - 3.8.5-1 +- new upstream version 3.8.5 + +* Tue May 14 2013 Jan Kaluza - 3.8.4-2 +- do not try to parse config files bigger than 16MB +- remove unused patches + +* Tue Apr 30 2013 Jan Kaluza - 3.8.4-1 +- new upstream version 3.8.4 + +* Thu Feb 14 2013 Fedora Release Engineering - 3.8.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Oct 04 2012 Jan Kaluza 3.8.3-1 +- new upstream version 3.8.3 + +* Thu Jul 19 2012 Jan Kaluza 3.8.2-1 +- new upstream version 3.8.2 +- tests are enabled during build + +* Thu Jul 19 2012 Fedora Release Engineering - 3.8.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jan 04 2012 Jan Kaluza 3.8.1-3 +- fix #736054 - check for missing '{' in config file + +* Mon Oct 03 2011 Jan Kaluza 3.8.1-2 +- fix #742731 - man page syntax, formatting, and spelling fixes + +* Tue Sep 06 2011 Jan Kaluza 3.8.1-1 +- new upstream version 3.8.1 + +* Mon Aug 08 2011 Jan Kaluza 3.8.0-5 +- fix #723797 - added maxsize option + +* Mon Aug 01 2011 Jan Kaluza 3.8.0-4 +- fix #726980 - work properly when acl_get_fd is supported, + but acl_set_fd is not + +* Fri Jul 22 2011 Jan Kaluza 3.8.0-3 +- fix #723547 - fixed size directive parsing + +* Wed Jul 20 2011 Jan Kaluza 3.8.0-2 +- fix #722825 - do not redirect logrotate output in cron script + +* Tue Jun 21 2011 Jan Kaluza 3.8.0-1 +- new upstream version 3.8.0 +- removed unused patches + +* Tue May 31 2011 Jan Kaluza 3.7.9-11 +- fix #709034 - work properly when ACLs are not supported + +* Mon May 30 2011 Jan Kaluza 3.7.9-10 +- fix #708367 - fixed mail directive parsing + +* Mon Mar 28 2011 Jan Kaluza 3.7.9-9 +- fix #689061 - added Url + +* Mon Mar 21 2011 Jan Kaluza 3.7.9-8 +- fix #688520 - fixed CVE-2011-1154, CVE-2011-1155 and CVE-2011-1098 + +* Tue Feb 08 2011 Fedora Release Engineering - 3.7.9-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Feb 02 2011 Jan Kaluza 3.7.9-6 +- fix #671926 - fixed crash when tabooext is used in config file + +* Wed Dec 15 2010 Jan Kaluza 3.7.9-5 +- fix #661181 - fixed SIGBUS when config file is empty or 4096 bytes +- fix #666677 - preserve ACLs when rotating files + +* Tue Oct 19 2010 Jan Kaluza 3.7.9-4 +- fix #644309 - mention all logrotate params in man page + +* Wed Sep 29 2010 Jan Kaluza 3.7.9-3 +- fix #638629 - better size directive description + +* Mon Aug 09 2010 Jan Kaluza 3.7.9-2 +- fixed AUTHORS in man page + +* Mon Jun 28 2010 Jan Kaluza 3.7.9-1 +- new upstream version 3.7.9 + +* Tue Jun 22 2010 Jan Kaluza 3.7.8-12 +- fix #602643 - update manpage to reflect scripts changes +- fix #606675 - pass currently rotated file as argument to + postrotate/prerotate script in nosharedscripts mode + +* Tue Jun 15 2010 Jan Kaluza 3.7.8-11 +- fix #603040 - do not remove log if there is an error in + rotate process + +* Tue Apr 20 2010 Jan Kaluza 3.7.8-10 +- fix #602643 - logrotate "size" directive cannot exceed + 1895825408 bytes + +* Tue Apr 20 2010 Daniel Novotny 3.7.8-9 +- revert the "create 0640 root adm" permission change (#489038) + +* Tue Apr 06 2010 Daniel Novotny 3.7.8-8 +- fix #578115 - missingok problem with globs + +* Mon Jan 11 2010 Daniel Novotny 3.7.8-7 +- fix #489038 - RFE: useful permissions on log files + +* Wed Dec 09 2009 Henrique Martins 3.7.8-6 +- fix #545919 (rotate non-writable files when copy is set) + +* Tue Sep 29 2009 Daniel Novotny 3.7.8-5 +- fix #525659 (man page for logrotate.conf) + +* Thu Sep 17 2009 Daniel Novotny 3.7.8-4 +- fix #517321 (logrotate blocking anacron) + +* Sat Jul 25 2009 Fedora Release Engineering - 3.7.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Feb 25 2009 Fedora Release Engineering - 3.7.8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Feb 02 2009 Daniel Novotny 3.7.8-1 +- new upstream version 3.7.8 + +* Fri Nov 21 2008 Daniel Novotny 3.7.7-4 +- fix #468926 (segfault with very large /var/log/messages) + +* Thu Nov 20 2008 Daniel Novotny 3.7.7-3 +- less aggressive approach to the fix + +* Thu Nov 20 2008 Daniel Novotny 3.7.7-2 +- fix #471463 (selinux problems with logrotate) + +* Mon May 19 2008 Tomas Smetana 3.7.7-1 +- new upstream version + +* Wed Apr 23 2008 Tomas Smetana 3.7.6-4 +- improve patch for #432330 +- fix #437748 - don't forget to close log files + +* Mon Feb 11 2008 Tomas Smetana 3.7.6-3 +- fix #432330 segfault on corrupted status file + +* Mon Jan 21 2008 Tomas Smetana 3.7.6-2.2 +- fix #429454 - logrotate fails due to invalid pointer + +* Wed Jan 09 2008 Tomas Smetana 3.7.6-2.1 +- fix the selinux patch + +* Wed Jan 09 2008 Tomas Smetana 3.7.6-2 +- fix #427274 - logrotate fails to preserve SELinux file contexts +- fix #427661 - SELinux stops vsftpd from working correctly + +* Thu Sep 27 2007 Tomas Smetana 3.7.6-1.3 +- popt-devel dependency was still missing + +* Thu Sep 27 2007 Tomas Smetana 3.7.6-1.2 +- add missing dependencies to spec file + +* Thu Aug 23 2007 Tomas Smetana 3.7.6-1.1 +- rebuild + +* Tue Aug 07 2007 Tomas Smetana 3.7.6-1 +- new upstream version +- fix #248565 logrotate never rotates /var/log/btmp +- fix compile warnings +- tabooext accepts wildcards (related #247816) +- fix minor errors and update man page (related #250059) +- fix handling of size directive (related #247410) + +* Thu May 31 2007 Tomas Smetana 3.7.5-5 +- fix ignoring pre/postrotate arguments (related #241766) + +* Wed May 23 2007 Tomas Smetana 3.7.5-4 +- use dateext in the default config file (#240292) +- add options to use shred for deleting files -- adapt patch sent by + Peter Eckersley (#239934) +- ignore .cfsaved files by default (#223476) + +* Sat Mar 31 2007 Peter Vrabec 3.7.5-3 +- add error checking before running prerotate and postrotate scripts + +* Thu Mar 29 2007 Peter Vrabec 3.7.5-2 +- fix error hadnling after prerotate, postrotate, firstaction + script failure. (http://qa.mandriva.com/show_bug.cgi?id=29979) + +* Thu Mar 01 2007 Peter Vrabec 3.7.5-1 +- new upstream release. + +* Fri Feb 09 2007 Peter Vrabec 3.7.4-13 +- another spec file fixes (#226104) + +* Thu Feb 08 2007 Peter Vrabec 3.7.4-12 +- fix problem with compress_options_list (#227706) +- fix spec file to meet Fedora standards (#226104) + +* Tue Jan 23 2007 Peter Vrabec 3.7.4-11 +- logrotate won't stop if there are some errors in configuration + or glob failures (#166510, #182062) + +* Wed Jan 10 2007 Peter Vrabec 3.7.4-10 +- fix some rpmlint issues + +* Tue Jan 09 2007 Peter Vrabec 3.7.4-9 +- allow multibyte characters in readPath() (#122145) + +* Fri Jan 05 2007 Peter Vrabec 3.7.4-8 +- "size" option was ignored in config files (#221341) + +* Sun Oct 01 2006 Jesse Keating - 3.7.4-7 +- rebuilt for unwind info generation, broken in gcc-4.1.1-21 + +* Tue Sep 26 2006 Peter Vrabec 3.7.4-6 +- fix leaking file descriptor (#205072) + +* Wed Aug 09 2006 Dan Walsh 3.7.4-5 +- Use selinux raw functions + +* Mon Jul 24 2006 Peter Vrabec 3.7.4-4 +- make error message, about ignoring certain config files, + a debug message instead (#196052) + +* Wed Jul 12 2006 Jesse Keating - 3.7.4-3.1 +- rebuild + +* Tue Jun 13 2006 Peter Vrabec 3.7.4-3 +- rename ENOSUP to ENOTSUP + +* Tue Jun 13 2006 Peter Vrabec 3.7.4-2 +- clean up a couple of SELinux problems. Patch from Daniel J. Walsh. + +* Wed May 17 2006 Peter Vrabec 3.7.4-1 +- add new "minsize" option (#173088) + +* Tue Mar 28 2006 Peter Vrabec 3.7.3-3 +- correct man page "extension" option description (#185318) + +* Fri Feb 10 2006 Jesse Keating - 3.7.3-2.2.1 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 3.7.3-2.2 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Sun Nov 13 2005 Peter Vrabec 3.7.3-2 +- fix_free_segfaults (#172918) + +* Sat Nov 12 2005 Peter Vrabec 3.7.3-1 +- new upstream release +- indent sources + +* Fri Nov 11 2005 Peter Vrabec 3.7.2-12 +- fix_free_segfaults (#172918) + +* Mon Nov 07 2005 Peter Vrabec 3.7.2-11 +- man description for "nodateext" option (#171577) +- remove not working "pattern" option (#171577) + +* Tue Oct 25 2005 Peter Vrabec 3.7.2-10 +- some more clean up (#171587) + +* Thu Oct 20 2005 Peter Vrabec 3.7.2-9 +- fix_free_segfaults (#171093) + +* Tue Oct 18 2005 Peter Vrabec 3.7.2-8 +- fix leaks of tabooExts + +* Sat Oct 15 2005 Peter Vrabec 3.7.2-7 +- fix_free_segfaults (#170904) + +* Wed Oct 12 2005 Peter Vrabec 3.7.2-6 +- code clean up (#169885) + +* Mon Oct 10 2005 Peter Vrabec 3.7.2-5 +- fix bug introduced in logrotate 3.7.2-3(#169858) +- fix some memory leaks (#169888) + +* Fri Sep 23 2005 Peter Vrabec 3.7.2-4 +- do not run compression program in debug mode (#166912) + +* Wed Sep 07 2005 Peter Vrabec 3.7.2-3 +- even when sharedscript option used, do postrotate + script before compress (#167575) + +* Wed Aug 17 2005 Peter Vrabec 3.7.2-2 +- allow yearly rotations(#134612) + +* Mon Aug 01 2005 Peter Vrabec 3.7.2-1 +- new upstream release + +* Tue Jul 26 2005 Peter Vrabec 3.7.1-14 +- fix some "error running script" messages + +* Tue Jul 26 2005 Peter Vrabec 3.7.1-13 +- fix man page (#163458,#163366) + +* Wed Jun 22 2005 Peter Vrabec 3.7.1-12 +- enhance logrotate with "dateext", "maxage" + +* Thu Mar 31 2005 Dan Walsh 3.7.1-10 +- use security_getenforce() instead of selinux_getenforcemode + +* Thu Mar 17 2005 Dan Walsh 3.7.1-9 +- Add selinux_getenforce() calls to work when not in enforcing mode + +* Thu Mar 17 2005 Peter Vrabec 3.7.1-8 +- rebuild + +* Tue Feb 22 2005 Peter Vrabec +- do not use tmpfile to run script anymore (#149270) + +* Fri Feb 18 2005 Peter Vrabec +- remove logrotate-3.7.1-share.patch, it doesn't solve (#140353) + +* Mon Dec 13 2004 Peter Vrabec - 3.7.1-5 +- Add section to logrotate.conf for "/var/log/btmp" (#117844) + +* Mon Dec 13 2004 Peter Vrabec - 3.7.1-4 +- Typo and missing information in man page (#139346) + +* Mon Dec 06 2004 Peter Vrabec - 3.7.1-3 +- compressed logfiles and logrotate (#140353) + +* Tue Oct 19 2004 Miloslav Trmac - 3.7.1-2 +- Fix sending mails (#131583) +- Preserve file attributes when compressing files (#121523, original patch by + Daniel Himler) + +* Fri Jul 16 2004 Elliot Lee 3.7.1-1 +- Fix #126490 typo + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Mon Jan 26 2004 Dan Walsh 3.6.10-4 +- fix is_selinux_enabled call + +* Fri Sep 5 2003 Dan Walsh 3.6.10-3 +- Turn off selinux + +* Fri Sep 5 2003 Dan Walsh 3.6.10-2.sel +- Turn on selinux + +* Wed Aug 06 2003 Erik Troan +- always use compressext for the extension for compressed + files; before compresscmd and compressext had to agree +- moved all compression to one code block +- compression, scripts don't use system() anymore +- compress and maillast didn't work together properly +- delaycompress and mailfirst didn't work properly +- don't use system() for mailing (or uncompressing) logs anymore +- use "-s" for speciying the subjected of mailed logs + +* Thu Jul 24 2003 Elliot Lee 3.6.10-1 +- Fix #100546, change selinux port. + +* Fri Jul 18 2003 Dan Walsh 3.6.9-2 +- Port to SELinux 2.5 + +* Wed Jul 09 2003 Elliot Lee 3.6.9-1 +- Fix #90229, #90274, #89458, #91408 + +* Mon Jan 20 2003 Elliot Lee 3.6.8-1 +- Old patch from pm@debian.org + +* Tue Jan 14 2003 Elliot Lee 3.6.7-1 +- Fixes from bugzilla + +* Fri Nov 15 2002 Elliot Lee 3.6.6-1 +- Commit patch from Fidelis Assis + +* Thu Jun 20 2002 Elliot Lee 3.6.5-1 +- Commit fix for #65299 + +* Mon Apr 15 2002 Elliot Lee 3.6.4-1 +- Commit fix for #62560 + +* Wed Mar 13 2002 Elliot Lee 3.6.3-1 +- Apply various bugfix patches from the openwall people + +* Tue Jan 29 2002 Elliot Lee 3.6.2-1 +- Fix bug #55809 (include logrotate.status in "files") +- Fix bug #58328 (incorrect error detection when reading state file) +- Allow 'G' size specifier from bug #57242 + +* Mon Dec 10 2001 Preston Brown +- noreplace config file + +* Wed Nov 28 2001 Preston Brown 3.6-1 +- patch from Alexander Kourakos to stop the shared + postrotate/prerotate scripts from running if none of the log(s) need + rotating. All log files are now checked for rotation in one batch, + rather than sequentially. +- more fixes from Paul Martin + +* Thu Nov 8 2001 Preston Brown 3.5.10-1 +- fix from paul martin for zero-length state files + +* Tue Sep 4 2001 Preston Brown +- fix segfault when logfile is in current directory. + +* Tue Aug 21 2001 Preston Brown +- fix URL for source location + +* Thu Aug 2 2001 Preston Brown +- man page cleanups, check for negative rotation counts + +* Mon Jul 2 2001 Preston Brown +- more minor manpage updates (#45625) + +* Thu Jun 21 2001 Preston Brown 3.5.6-1 +- enable LFS support (debian bug #100810) +- quote filenames for running compress commands or pre/postrotate cmds (#21348) +- deprecate "errors" directive (see bug #16544 for explanation) +- update man page +- configurable compression command by Colm Buckley + +* Fri Jun 1 2001 Preston Brown 3.5.5-1 +- be less strict about whitespace near filenames. Patch from Paul Martin . + +* Thu Jan 4 2001 Bill Nottingham +- %%defattr + +* Wed Jan 03 2001 Preston Brown +- see CHANGES + +* Tue Aug 15 2000 Erik Troan +- see CHANGES + +* Sun Jul 23 2000 Erik Troan +- see CHANGES + +* Tue Jul 11 2000 Erik Troan +- support spaces in filenames +- added sharedscripts + +* Sun Jun 18 2000 Matt Wilson +- use %%{_mandir} for man pages + +* Thu Feb 24 2000 Erik Troan +- don't rotate lastlog + +* Thu Feb 03 2000 Erik Troan +- gzipped manpages