1ISC Cron V4
2
39.	[misc]		megapatch from tcmiller (posix compliance, etc).
48.	[bug]		fix stepsize 0 infinite loop.
57.	[evol]		"enum" version of freebsd fix to env-var settings.
66.	[evol]		changes #12-17 from tcmiller (for *BSD alignment).
75.	[feature]	give cron a version number and display it.
84.	[bug]		handle clock jumps (from freebsd pr# 24485)
93.	[feature]	add -n to cron (for nofork).
102.	[evol]		merge in many changes from *BSD and Linux.
111.	[port]		fixups for nextstep, plus a syslog configuration bug.
12
13--------
14
15Vixie Cron		V3.0 Patch 2 notes
16Paul Vixie
1712-Dec-1994
18
193. "Coherent" now supported.  All kinds of flock() damage was repaired.
202. gethostname() now available in compat.c for systems that need it.
211. There was a problem in the way the environment was being imported.
22
23Vixie Cron		Changes from V2 to V3
24Paul Vixie
2529-Dec-1993
26
27The crontab command now conforms to POSIX 1003.2.  This means that when you
28install it, if you have any "crontab" command lines floating around in shell
29scripts (such as /etc/rc or /etc/rc.local), you will need to change them.
30
31I have integrated several changes made by BSDi for their BSD/386 operating
32system; these were offerred to me before I started consulting for them, so
33it is safe to say that they were intended for publication.  Most notably,
34the name of the cron daemon has changed from "crond" to "cron".  This was
35done for compatibility with 4.3BSD.  Another change made for the same reason
36is the ability to read in an /etc/crontab file which has an extra field in
37each entry, between the time fields and the command.  This field is a user
38name, and it permits the /etc/crontab command to contain commands which are
39to be run by any user on the system.  /etc/crontab is not "installed" via
40the crontab(1) command; it is automatically read at startup time and it will
41be reread whenever it changes.
42
43I also added a "-e" option to crontab(1).  Nine people also sent me diffs
44to add this option, but I had already implemented it on my own.  I actually
45released an interrim version (V2.2, I think) for limited testing, and got a
46chance to fix a bad security bug in the "-e" option thanks to XXX.
47
48The daemon used to be extraordinarily sloppy in its use of file descriptors.
49A heck of a lot of them were left open in spawned jobs, which caused problems
50for the daemon and also caused problems with the spawned jobs if they were 
51shell scripts since "sh" and "csh" have traditionally used hidden file
52descriptors to pass information to subshells, and cron was causing them to
53think they were subshells.  If you had trouble with "sh" or "csh" scripts in
54V2, chances are good that V3 will fix your problems.
55
56About a dozen people have reminded me that I forgot to initialize
57"crontab_fd" in database.c.  Keith Cantrell was the first, so he gets the
58point.
59
60Steve Simmons reminded me that once an account has been deleted from the
61system, "crontab -u USER -d" will not work.  My solution is to suggest to
62all of you that before you delete a user's account, you first delete that
63user's crontab file if any.  From cron's point of view, usernames can never
64be treated as arbitrary strings.  Either they are valid user names, or they
65are not.  I will not make an exception for the "-d" case, for security
66reasons that I consider reasonable.  It is trivial for a root user to delete
67the entry by hand if necessary.
68
69Dan O'Neil reminded me that I forgot to reset "log_fd" in misc.c.  A lot of
70others also reminded me of this, but Dan gets the point.  I didn't fix it
71there, since the real bug was that it should have been open in the parent.
72
73Peter Kabal reminded me that I forgot to "#ifdef DEBUGGING" some code in
74misc.c.  Hans Trompert actually told me first, but Peter sent the patch so
75he gets the point.
76
77Russell Nelson told me that I'd forgotten to "#include <syslog.h>" in misc.c,
78which explains why a lot of other people complained that it wasn't using
79syslog even when they configured it that way :-).  Steve Simmons told me
80first, though, so he gets the point.
81
82An interrim version of the daemon tried to "stat" every file before
83executing it; this turned out to be a horribly bad idea since finding the
84name of a file from a shell command is a hard job (that's why we have
85shells, right?)  I removed this bogus code.  Dave Burgess gets the point.
86
87Dennis R. Conley sent a suggestion for MMDF systems, which I've added to the
88comments in cron.h.
89
90Mike Heisler noted that I use comments in the CONVERSION file which are
91documented as illegal in the man pages.  Thanks, Mike.
92
93Irving Wolfe sent me some very cheerful changes for a NeXT system, but I
94consider the system itself broken and I can't bring myself to #ifdef for
95something as screwed up as this system seems to be.  However, various others
96did send me smaller patches which appear to have cause cron to build and run
97correctly on (the latest) NeXT machines, with or without the "-posix" CFLAG.
98Irving also asked for a per-job MAILTO, and this was finally added later when
99I integrated the BSD/386 changes contributed by BSDi, and generalized some of
100the parsing.
101
102Lots of folks complained that the autogenerated "Date:" header wasn't in
103ARPA format.  I didn't understand this -- either folks will use Sendmail and
104not generate a Date:  at all (since Sendmail will do it), or folks will use
105something other than Sendmail which won't care about Date: formats.  But
106I've "fixed" it anyway...
107
108Several people suggested that "*" should be able to take a "/step".  One person
109suggested that "N/step" ought to mean "N-last/step", but that's stretching things
110a bit far.  "*/step" seems quite intuitive to me, so I've added it.  Colin Plumb
111sent in the first and most polite request for this feature.
112
113As with every release of Cron, BIND, and seemingly everything else I do, one
114user stands out with the most critical but also the most useful analysis.
115Cron V3's high score belongs to Peter Holzer, who sent in the nicest looking
116patch for the "%" interpretation problem and also helped me understand a
117tricky bit of badness in the "log_fd" problem.
118
119agulbra@flode.nvg.unit.no wins the honors for being the first to point out the
120nasty security hole in "crontab -r".  'Nuff said.
121
122Several folks pointed out that log_it() needed to exist even if logging was
123disabled.  Some day I will create a tool that will compile a subsystem with
124every possible combination and permutation of #ifdef options, but meanwhile
125thanks to everybody.
126
127job_runqueue() was using storage after freeing it, since Jordan told me back
128in 1983 that C let you do that, and I believed him in 1986 when I wrote all
129this junk.  Linux was the first to die from this error, and the Linux people
130sent me the most amazing, um, collection of patches for this problem.  Thanks
131for all the fish.
132
133Jeremy Bettis reminded me that popen() isn't safe.  I grabbed Ken Arnold's 
134version of popen/pclose from the ftpd and hacked it to taste.  We're safe now,
135from this at least.
136
137Branko Lankester sent me a very timely and helpful fix for a looming security
138problem in my "crontab -e" implementation.
139
140--------
141
142Vixie Cron		Changes from V1 to V2
143Paul Vixie
1448-Feb-1988
145
146Many changes were made in a rash of activity about six months ago, the exact
147list of which is no longer clear in my memory.  I know that V1 used a file
148called POKECRON in /usr/spool/cron to tell it that it was time to re-read
149all the crontab files; V2 uses the modtime the crontab directory as a flag to
150check out the crontab files; those whose modtime has changed will be re-read,
151and the others left alone.  Note that the crontab(1) command will do a utimes
152call to make sure the mtime of the dir changes, since the filename/inode will
153often remain the same after a replacement and the mtime wouldn't change in
154that case.
155
1568-Feb-88: made it possible to use much larger environment variable strings.
157	V1 allowed 100 characters; V2 allows 1000.  This was needed for PATH
158	variables on some systems.  Thanks to Toerless Eckert for this idea.
159	E-mail: UUCP: ...pyramid!fauern!faui10!eckert
160
16116-Feb-88: added allow/deny, moved /usr/spool/cron/crontabs to
162	/usr/lib/cron/tabs.  allow and deny are /usr/lib/cron/{allow,deny},
163	since the sysv naming for this depends on 'at' using the same
164	dir, which would be stupid (hint: use /usr/{lib,spool}/at).
165
16622-Feb-88: made it read the spool directory for crontabs and look each one
167	up using getpwnam() rather than reading all passwds with getpwent()
168	and trying to open each crontab.
169
1709-Dec-88: made it sync to :00 after the minute, makes cron predictable.
171	added logging to /var/cron/log.
172
17314-Apr-90: (actually, changes since December 1989)
174	fixed a number of bugs reported from the net and from John Gilmore.
175	added syslog per Keith Bostic.  security features including not
176	being willing to run a command owned or writable by other than
177	the owner of the crontab 9not working well yet)
178