logrotate: upgrade to 3.8.7

* Upgrade to 3.8.7
* Rename the patches dir from logrotate-3.8.1 -> logrotate
* Remove grotate-CVE-2011-1548.patch since it had been fixed
* Update act-as-mv-when-rotate.patch and update-the-manual.patch to make
  them work with the higher version, and send them to the upstream
* Fix the HOMEPAGE

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>

4 files changed, 243 insertions, 0 deletions

diff --git a/meta/recipes-extended/logrotate/logrotate/act-as-mv-when-rotate.patch b/meta/recipes-extended/logrotate/logrotate/act-as-mv-when-rotate.patch
new file mode 100644
index 0000000000..ce64040d5f
--- /dev/null
+++ b/meta/recipes-extended/logrotate/logrotate/act-as-mv-when-rotate.patch
@@ -0,0 +1,134 @@
+Act as the "mv" command when rotate log
+
+Act as the "mv" command when rotate log, first rename, if failed, then
+read and write.
+
+Upstream-Status: Submitted
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+---
+ logrotate.c |   65 ++++++++++++++++++++++++++++++++++++++++++++++++++---------
+ 1 file changed, 56 insertions(+), 9 deletions(-)
+
+diff --git a/logrotate.c b/logrotate.c
+index 174a26b..b18b629 100644
+--- a/logrotate.c
++++ b/logrotate.c
+@@ -906,6 +906,53 @@ int findNeedRotating(struct logInfo *log, int logNum, int force)
+     return 0;
+ }
+ 
++/* Act as the "mv" command, if rename failed, then read the old file and
++ * write to new file. The function which invokes the mvFile will use
++ * the strerror(errorno) to handle the error message, so we don't have
++ * to print the error message here */
++
++int mvFile (char *oldName, char *newName, struct logInfo *log, acl_type acl)
++{
++    struct stat sbprev;
++    int fd_old, fd_new, n;
++    char buf[BUFSIZ];
++
++    /* Do the rename first */
++    if (!rename(oldName, newName))
++        return 0;
++
++    /* If the errno is EXDEV, then read old file, write newfile and
++     * remove the oldfile */
++    if (errno == EXDEV) {
++        /* Open the old file to read */
++        if ((fd_old = open(oldName, O_RDONLY)) < 0)
++            return 1;
++
++        /* Create the file to write, keep the same attribute as the old file */
++        if (stat(oldName, &sbprev))
++            return 1;
++        else {
++            if ((fd_new = createOutputFile(newName,
++                O_WRONLY | O_CREAT | O_TRUNC, &sbprev, acl, 0)) < 0 )
++                return 1;
++        }
++
++        /* Read and write */
++        while ((n = read(fd_old, buf, BUFSIZ)) > 0)
++            if (write(fd_new, buf, n) != n)
++                return 1;
++
++        if ((close(fd_old) < 0) ||
++            removeLogFile(oldName, log) ||
++            (close(fd_new) < 0))
++            return 1;
++
++        return 0;
++    }
++
++    return 1;
++}
++
+ int prerotateSingleLog(struct logInfo *log, int logNum, struct logState *state,
+ 		       struct logNames *rotNames)
+ {
+@@ -1268,15 +1315,15 @@ int prerotateSingleLog(struct logInfo *log, int logNum, struct logState *state,
+ 		}
+ 
+ 	    message(MESS_DEBUG,
+-		    "renaming %s to %s (rotatecount %d, logstart %d, i %d), \n",
++		    "moving %s to %s (rotatecount %d, logstart %d, i %d), \n",
+ 		    oldName, newName, rotateCount, logStart, i);
+ 
+-	    if (!debug && rename(oldName, newName)) {
++	    if (!debug && mvFile(oldName, newName, log, prev_acl)) {
+ 		if (errno == ENOENT) {
+ 		    message(MESS_DEBUG, "old log %s does not exist\n",
+ 			    oldName);
+ 		} else {
+-		    message(MESS_ERROR, "error renaming %s to %s: %s\n",
++		    message(MESS_ERROR, "error moving %s to %s: %s\n",
+ 			    oldName, newName, strerror(errno));
+ 		    hasErrors = 1;
+ 		}
+@@ -1408,11 +1455,11 @@ int rotateSingleLog(struct logInfo *log, int logNum, struct logState *state,
+ 			}
+ 		}
+ #endif /* WITH_ACL */
+-		message(MESS_DEBUG, "renaming %s to %s\n", log->files[logNum],
++        message(MESS_DEBUG, "moving %s to %s\n", log->files[logNum],
+ 		    rotNames->finalName);
+ 	    if (!debug && !hasErrors &&
+-		rename(log->files[logNum], rotNames->finalName)) {
+-		message(MESS_ERROR, "failed to rename %s to %s: %s\n",
++        mvFile(log->files[logNum], rotNames->finalName, log, prev_acl)) {
++        message(MESS_ERROR, "failed to move %s to %s: %s\n",
+ 			log->files[logNum], rotNames->finalName,
+ 			strerror(errno));
+ 			hasErrors = 1;
+@@ -1775,7 +1822,7 @@ int rotateLogSet(struct logInfo *log, int force)
+     return hasErrors;
+ }
+ 
+-static int writeState(char *stateFilename)
++static int writeState(struct logInfo *log, char *stateFilename)
+ {
+ 	struct logState *p;
+ 	FILE *f;
+@@ -1939,7 +1986,7 @@ static int writeState(char *stateFilename)
+ 		fclose(f);
+ 
+ 	if (error == 0) {
+-		if (rename(tmpFilename, stateFilename)) {
++		if (mvFile(tmpFilename, stateFilename, log, prev_acl)) {
+ 			unlink(tmpFilename);
+ 			error = 1;
+ 			message(MESS_ERROR, "error renaming temp state file %s\n",
+@@ -2223,7 +2270,7 @@ int main(int argc, const char **argv)
+ 		rc |= rotateLogSet(log, force);
+ 
+ 	if (!debug)
+-		rc |= writeState(stateFile);
++		rc |= writeState(log, stateFile);
+ 
+ 	return (rc != 0);
+ }
+-- 
+1.7.10.4
+
diff --git a/meta/recipes-extended/logrotate/logrotate/disable-check-different-filesystems.patch b/meta/recipes-extended/logrotate/logrotate/disable-check-different-filesystems.patch
new file mode 100644
index 0000000000..43068bdbd7
--- /dev/null
+++ b/meta/recipes-extended/logrotate/logrotate/disable-check-different-filesystems.patch
@@ -0,0 +1,34 @@
+Disable the check for different filesystems
+
+The logrotate supports rotate log across different filesystems now, so
+disable the check for different filesystems.
+
+Upstream-Status: Submitted
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+---
+ config.c |    8 --------
+ 1 files changed, 0 insertions(+), 8 deletions(-)
+
+diff --git a/config.c b/config.c
+index a85d1df..24575b3 100644
+--- a/config.c
++++ b/config.c
+@@ -1453,14 +1453,6 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig)
+ 						dirName, strerror(errno));
+ 					goto error;
+ 					}
+-
+-					if (sb.st_dev != sb2.st_dev) {
+-					message(MESS_ERROR,
+-						"%s:%d olddir %s and log file %s "
+-						"are on different devices\n", configFile,
+-						lineNum, newlog->oldDir, newlog->files[i]);
+-					goto error;
+-					}
+ 				}
+ 				}
+ 
+-- 
+1.7.4.1
+
diff --git a/meta/recipes-extended/logrotate/logrotate/logrotate-CVE-2011-1548.patch b/meta/recipes-extended/logrotate/logrotate/logrotate-CVE-2011-1548.patch
new file mode 100644
index 0000000000..ed2750e9c3
--- /dev/null
+++ b/meta/recipes-extended/logrotate/logrotate/logrotate-CVE-2011-1548.patch
@@ -0,0 +1,43 @@
+Upstream-Status: Backport
+
+logrotate: fix for CVE-2011-1548
+
+If a logfile is a symlink, it may be read when being compressed, being
+copied (copy, copytruncate) or mailed. Secure data (eg. password files)
+may be exposed.
+
+Portback nofollow.patch from:
+http://logrotate.sourcearchive.com/downloads/3.8.1-5/logrotate_3.8.1-5.debian.tar.gz
+
+Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
+
+---
+--- a/logrotate.c	2012-09-06 13:25:08.000000000 +0800
++++ b/logrotate.c	2012-09-06 13:35:57.000000000 +0800
+@@ -390,7 +390,7 @@
+     compressedName = alloca(strlen(name) + strlen(log->compress_ext) + 2);
+     sprintf(compressedName, "%s%s", name, log->compress_ext);
+ 
+-    if ((inFile = open(name, O_RDWR)) < 0) {
++    if ((inFile = open(name, O_RDWR | O_NOFOLLOW)) < 0) {
+ 	message(MESS_ERROR, "unable to open %s for compression\n", name);
+ 	return 1;
+     }
+@@ -470,7 +470,7 @@
+     char *mailArgv[] = { mailCommand, "-s", subject, address, NULL };
+     int rc = 0;
+ 
+-    if ((mailInput = open(logFile, O_RDONLY)) < 0) {
++    if ((mailInput = open(logFile, O_RDONLY | O_NOFOLLOW)) < 0) {
+ 	message(MESS_ERROR, "failed to open %s for mailing: %s\n", logFile,
+ 		strerror(errno));
+ 	return 1;
+@@ -561,7 +561,7 @@
+     message(MESS_DEBUG, "copying %s to %s\n", currLog, saveLog);
+ 
+     if (!debug) {
+-	if ((fdcurr = open(currLog, (flags & LOG_FLAG_COPY) ? O_RDONLY : O_RDWR)) < 0) {
++	if ((fdcurr = open(currLog, ((flags & LOG_FLAG_COPY) ? O_RDONLY : O_RDWR) | O_NOFOLLOW)) < 0) {
+ 	    message(MESS_ERROR, "error opening %s: %s\n", currLog,
+ 		    strerror(errno));
+ 	    return 1;
diff --git a/meta/recipes-extended/logrotate/logrotate/update-the-manual.patch b/meta/recipes-extended/logrotate/logrotate/update-the-manual.patch
new file mode 100644
index 0000000000..517acdd27e
--- /dev/null
+++ b/meta/recipes-extended/logrotate/logrotate/update-the-manual.patch
@@ -0,0 +1,32 @@
+Update the manual
+
+Update the manual for rotating on different filesystems.
+
+Upstream-Status: Submitted
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+---
+ logrotate.8 |    7 +++----
+ 1 files changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/logrotate.8 b/logrotate.8
+index 8b34167..5f15432 100644
+--- a/logrotate.8
++++ b/logrotate.8
+@@ -374,10 +374,9 @@ Do not rotate the log if it is empty (this overrides the \fBifempty\fR option).
+ .TP
+ \fBolddir \fIdirectory\fR
+ Logs are moved into \fIdirectory\fR for rotation. The \fIdirectory\fR
+-must be on the same physical device as the log file being rotated,
+-and is assumed to be relative to the directory holding the log file
+-unless an absolute path name is specified. When this option is used all
+-old versions of the log end up in \fIdirectory\fR.  This option may be
++is assumed to be relative to the directory holding the log file unless
++an absolute path name is specified. When this option is used all old
++versions of the log end up in \fIdirectory\fR. This option may be
+ overridden by the \fBnoolddir\fR option.
+ 
+ .TP
+-- 
+1.7.4.1
+