This commit is contained in:
commit
2623be693e
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.osc
|
7
README.SUSE
Normal file
7
README.SUSE
Normal file
@ -0,0 +1,7 @@
|
||||
In the default (ie unconfigured) configuration sudo asks for root password.
|
||||
This allows to use an ordinary user account for administration of a freshly
|
||||
installed system. When configuring sudo, please make sure to delete the two
|
||||
following lines:
|
||||
|
||||
Defaults targetpw # ask for the password of the target user i.e. root
|
||||
%users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
|
10
sudo-1.6.8p12-__P.diff
Normal file
10
sudo-1.6.8p12-__P.diff
Normal file
@ -0,0 +1,10 @@
|
||||
--- compat.h
|
||||
+++ compat.h
|
||||
@@ -28,6 +28,7 @@
|
||||
*/
|
||||
|
||||
/* Deal with ANSI stuff reasonably. */
|
||||
+#undef __P
|
||||
#ifndef __P
|
||||
# if defined (__cplusplus) || defined (__STDC__)
|
||||
# define __P(args) args
|
65
sudo-1.6.8p12-conf.diff
Normal file
65
sudo-1.6.8p12-conf.diff
Normal file
@ -0,0 +1,65 @@
|
||||
--- aclocal.m4
|
||||
+++ aclocal.m4
|
||||
@@ -224,9 +224,9 @@
|
||||
rm -f core core.* *.core])dnl
|
||||
AC_MSG_RESULT($sudo_cv_func_fnmatch)
|
||||
if test $sudo_cv_func_fnmatch = yes; then
|
||||
- [$1]
|
||||
+ $1
|
||||
else
|
||||
- [$2]
|
||||
+ $2
|
||||
fi
|
||||
])
|
||||
|
||||
--- configure.in
|
||||
+++ configure.in
|
||||
@@ -1703,9 +1703,9 @@
|
||||
AC_CHECK_FUNCS(lockf flock, [break])
|
||||
AC_CHECK_FUNCS(waitpid wait3, [break])
|
||||
AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
|
||||
-AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], AC_LIBOBJ(lsearch), -), AC_LIBOBJ(lsearch))])
|
||||
+AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, [AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], [AC_LIBOBJ(lsearch)], -)], [AC_LIBOBJ(lsearch)])])
|
||||
AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
|
||||
-SUDO_FUNC_FNMATCH(AC_DEFINE(HAVE_FNMATCH), AC_LIBOBJ(fnmatch))
|
||||
+SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH, 1, [Define if you have the `fnmatch' function.])], [AC_LIBOBJ(fnmatch)])
|
||||
SUDO_FUNC_ISBLANK
|
||||
AC_REPLACE_FUNCS(strerror strcasecmp sigaction strlcpy strlcat closefrom)
|
||||
AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
|
||||
@@ -1739,15 +1739,15 @@
|
||||
dnl if crypt(3) not in libc, look elsewhere
|
||||
dnl
|
||||
if test -z "$LIB_CRYPT" -a "$with_pam" != "yes"; then
|
||||
- AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))])
|
||||
+ AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], [AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], [AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])])])])
|
||||
fi
|
||||
dnl
|
||||
dnl If socket(2) not in libc, check -lsocket and -linet
|
||||
dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
|
||||
dnl In this case we look for main(), not socket() to avoid using a cached value
|
||||
dnl
|
||||
-AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
|
||||
-AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
|
||||
+AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], [AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], [AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
|
||||
+AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)])])])
|
||||
dnl
|
||||
dnl If inet_addr(3) not in libc, check -lnsl and -linet
|
||||
dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
|
||||
@@ -1757,7 +1757,7 @@
|
||||
dnl
|
||||
dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
|
||||
dnl
|
||||
-AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
|
||||
+AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], [AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], [AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])])])])
|
||||
dnl
|
||||
dnl Bison and DCE use alloca(3), if not in libc, use the sudo one (from gcc)
|
||||
dnl (gcc includes its own alloca(3) but other compilers may not)
|
||||
@@ -2000,7 +2000,7 @@
|
||||
AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
|
||||
fi
|
||||
AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])])
|
||||
- AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
|
||||
+ AC_CHECK_LIB(skey, skeyaccess, [AC_DEFINE(HAVE_SKEYACCESS, 1, [Define if your S/Key library has skeyaccess().])])
|
||||
LDFLAGS="$O_LDFLAGS"
|
||||
SUDO_LIBS="${SUDO_LIBS} -lskey"
|
||||
fi
|
124
sudo-1.6.8p12-configure.diff
Normal file
124
sudo-1.6.8p12-configure.diff
Normal file
@ -0,0 +1,124 @@
|
||||
--- configure.in
|
||||
+++ configure.in
|
||||
@@ -1281,7 +1281,7 @@
|
||||
;;
|
||||
*-*-hiuxmpp*)
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"; SECUREWARE=1]))
|
||||
+ AC_CHECK_LIB(sec, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1], [AC_CHECK_LIB(security, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"; SECUREWARE=1])])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
test -n "$mansectsu" || mansectsu=1m
|
||||
@@ -1324,13 +1324,13 @@
|
||||
;;
|
||||
*-*-hpux10.*)
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) AC_CHECK_LIB(sec, iscomsec, AC_DEFINE(HAVE_ISCOMSEC)) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1])
|
||||
+ AC_CHECK_LIB(sec, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) AC_CHECK_LIB(sec, iscomsec, [AC_DEFINE(HAVE_ISCOMSEC)]) SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
|
||||
+ AC_CHECK_LIB(sec, getspnam, [AC_DEFINE(HAVE_GETSPNAM) SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
;;
|
||||
@@ -1422,7 +1422,7 @@
|
||||
*-*-linux*)
|
||||
# Some Linux versions need to link with -lshadow
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_FUNCS(getspnam, , [AC_CHECK_LIB(shadow, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lshadow"; LIBS="${LIBS} -lshadow"])])
|
||||
+ AC_CHECK_FUNCS(getspnam, , [AC_CHECK_LIB(shadow, getspnam, [AC_DEFINE(HAVE_GETSPNAM) SUDO_LIBS="${SUDO_LIBS} -lshadow"; LIBS="${LIBS} -lshadow"])])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
;;
|
||||
@@ -1433,14 +1433,14 @@
|
||||
fi
|
||||
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"; OSDEFS="${OSDEFS} -D_AUDIT -D_ACL -DSecureWare"; SECUREWARE=1])
|
||||
+ AC_CHECK_LIB(sec, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"; OSDEFS="${OSDEFS} -D_AUDIT -D_ACL -DSecureWare"; SECUREWARE=1])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
;;
|
||||
*-*-ultrix*)
|
||||
OS="ultrix"
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(auth, getauthuid, AC_DEFINE(HAVE_GETAUTHUID) [SUDO_LIBS="${SUDO_LIBS} -lauth"; LIBS="${LIBS} -lauth"])
|
||||
+ AC_CHECK_LIB(auth, getauthuid, [AC_DEFINE(HAVE_GETAUTHUID) SUDO_LIBS="${SUDO_LIBS} -lauth"; LIBS="${LIBS} -lauth"])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
;;
|
||||
@@ -1458,7 +1458,7 @@
|
||||
LIBS="${LIBS} -lcrypt"
|
||||
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
|
||||
+ AC_CHECK_LIB(sec, getspnam, [AC_DEFINE(HAVE_GETSPNAM) SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
test -n "$mansectsu" || mansectsu=1m
|
||||
@@ -1466,8 +1466,8 @@
|
||||
;;
|
||||
*-*-sco*|*-sco-*)
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lprot -lx"; LIBS="${LIBS} -lprot -lx"; SECUREWARE=1], , -lx)
|
||||
- AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])
|
||||
+ AC_CHECK_LIB(prot, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) SUDO_LIBS="${SUDO_LIBS} -lprot -lx"; LIBS="${LIBS} -lprot -lx"; SECUREWARE=1], , -lx)
|
||||
+ AC_CHECK_LIB(gen, getspnam, [AC_DEFINE(HAVE_GETSPNAM) SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
test -n "$mansectsu" || mansectsu=1m
|
||||
@@ -1481,7 +1481,7 @@
|
||||
;;
|
||||
*-sequent-sysv*)
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
|
||||
+ AC_CHECK_LIB(sec, getspnam, [AC_DEFINE(HAVE_GETSPNAM) SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
|
||||
CHECKSHADOW="false"
|
||||
fi
|
||||
test -n "$mansectsu" || mansectsu=1m
|
||||
@@ -1489,7 +1489,7 @@
|
||||
test -n "$with_rpath" || with_rpath=yes
|
||||
;;
|
||||
*-ncr-sysv4*|*-ncr-sysvr4*)
|
||||
- AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
|
||||
+ AC_CHECK_LIB(c89, strcasecmp, [AC_DEFINE(HAVE_STRCASECMP) LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
|
||||
test -n "$mansectsu" || mansectsu=1m
|
||||
test -n "$mansectform" || mansectform=4
|
||||
test -n "$with_rpath" || with_rpath=yes
|
||||
@@ -1606,10 +1606,10 @@
|
||||
dnl We check for SVR4-style first and then SecureWare-style.
|
||||
dnl
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])])
|
||||
+ AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, [AC_DEFINE(HAVE_GETSPNAM) SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])])
|
||||
fi
|
||||
if test "$CHECKSHADOW" = "true"; then
|
||||
- AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))])
|
||||
+ AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1], [AC_CHECK_LIB(sec, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], [AC_CHECK_LIB(security, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], [AC_CHECK_LIB(prot, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])])])])
|
||||
fi
|
||||
|
||||
dnl
|
||||
@@ -1703,7 +1703,7 @@
|
||||
AC_CHECK_FUNCS(lockf flock, [break])
|
||||
AC_CHECK_FUNCS(waitpid wait3, [break])
|
||||
AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
|
||||
-AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, [AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], [AC_LIBOBJ(lsearch)], -)], [AC_LIBOBJ(lsearch)])])
|
||||
+AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, [AC_CHECK_HEADER(search.h, [AC_DEFINE(HAVE_LSEARCH) LIBS="${LIBS} -lcompat"], [AC_LIBOBJ(lsearch)], -)], [AC_LIBOBJ(lsearch)])])
|
||||
AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
|
||||
SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH, 1, [Define if you have the `fnmatch' function.])], [AC_LIBOBJ(fnmatch)])
|
||||
SUDO_FUNC_ISBLANK
|
||||
@@ -1752,8 +1752,8 @@
|
||||
dnl If inet_addr(3) not in libc, check -lnsl and -linet
|
||||
dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
|
||||
dnl
|
||||
-AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
|
||||
-AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
|
||||
+AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , [AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], [AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], [AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
|
||||
+AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)])])])])
|
||||
dnl
|
||||
dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
|
||||
dnl
|
12
sudo-1.6.8p12-defaults.diff
Normal file
12
sudo-1.6.8p12-defaults.diff
Normal file
@ -0,0 +1,12 @@
|
||||
--- defaults.c
|
||||
+++ defaults.c
|
||||
@@ -432,9 +432,6 @@
|
||||
#ifdef FQDN
|
||||
def_fqdn = TRUE;
|
||||
#endif
|
||||
-#ifdef USE_INSULTS
|
||||
- def_insults = TRUE;
|
||||
-#endif
|
||||
#ifdef ENV_EDITOR
|
||||
def_env_editor = TRUE;
|
||||
#endif
|
11
sudo-1.6.8p12-ldap.diff
Normal file
11
sudo-1.6.8p12-ldap.diff
Normal file
@ -0,0 +1,11 @@
|
||||
--- configure.in
|
||||
+++ configure.in
|
||||
@@ -2133,7 +2133,7 @@
|
||||
|
||||
SUDO_LIBS="${SUDO_LIBS}${LDAP_LIBS}"
|
||||
LIBS="$_LIBS"
|
||||
- LDFLAGS="$_LDFLAGS"
|
||||
+ LDFLAGS="${LDFLAGS} $_LDFLAGS"
|
||||
fi
|
||||
|
||||
dnl
|
42
sudo-1.6.8p12-prompt.diff
Normal file
42
sudo-1.6.8p12-prompt.diff
Normal file
@ -0,0 +1,42 @@
|
||||
--- check.c
|
||||
+++ check.c
|
||||
@@ -207,6 +207,11 @@
|
||||
len += strlen(*user_runas) - 2;
|
||||
subst = 1;
|
||||
break;
|
||||
+ case 'p':
|
||||
+ p++;
|
||||
+ len += strlen(auth_pw->pw_name) - 2;
|
||||
+ subst = 1;
|
||||
+ break;
|
||||
case '%':
|
||||
p++;
|
||||
len--;
|
||||
@@ -252,6 +257,13 @@
|
||||
goto oflow;
|
||||
np += n;
|
||||
continue;
|
||||
+ case 'p':
|
||||
+ p++;
|
||||
+ n = strlcpy(np, auth_pw->pw_name, np - endp);
|
||||
+ if (n >= np - endp)
|
||||
+ goto oflow;
|
||||
+ np += n;
|
||||
+ continue;
|
||||
case '%':
|
||||
/* convert %% -> % */
|
||||
p++;
|
||||
--- sudoers.man.in
|
||||
+++ sudoers.man.in
|
||||
@@ -663,6 +663,11 @@
|
||||
.IX Item "%U"
|
||||
expanded to the login name of the user the command will
|
||||
be run as (defaults to root)
|
||||
+.ie n .IP "%p" 8
|
||||
+.el .IP "\f(CW%p\fR" 8
|
||||
+.IX Item "%p"
|
||||
+expanded to the login name of the user whose password
|
||||
+is requested
|
||||
.ie n .IP "%h" 8
|
||||
.el .IP "\f(CW%h\fR" 8
|
||||
.IX Item "%h"
|
32
sudo-1.6.8p12-secure_path.diff
Normal file
32
sudo-1.6.8p12-secure_path.diff
Normal file
@ -0,0 +1,32 @@
|
||||
--- env.c
|
||||
+++ env.c
|
||||
@@ -487,7 +487,8 @@
|
||||
|
||||
#ifdef SECURE_PATH
|
||||
/* Replace the PATH envariable with a secure one. */
|
||||
- insert_env(format_env("PATH", SECURE_PATH, VNULL), 1);
|
||||
+ if (def_env_reset)
|
||||
+ insert_env(format_env("PATH", SECURE_PATH, VNULL), 1);
|
||||
#endif
|
||||
|
||||
/* Set $USER and $LOGNAME to target if "set_logname" is true. */
|
||||
--- find_path.c
|
||||
+++ find_path.c
|
||||
@@ -74,7 +74,7 @@
|
||||
char *result = NULL; /* result of path/file lookup */
|
||||
int checkdot = 0; /* check current dir? */
|
||||
int len; /* length parameter */
|
||||
-
|
||||
+
|
||||
if (strlen(infile) >= PATH_MAX)
|
||||
errx(1, "%s: File name too long", infile);
|
||||
|
||||
@@ -93,7 +93,7 @@
|
||||
|
||||
/* Use PATH passed in unless SECURE_PATH is in effect. */
|
||||
#ifdef SECURE_PATH
|
||||
- if (!user_is_exempt())
|
||||
+ if (!user_is_exempt() && def_env_reset)
|
||||
path = SECURE_PATH;
|
||||
#endif /* SECURE_PATH */
|
||||
if (path == NULL)
|
16
sudo-1.6.8p12-strip.diff
Normal file
16
sudo-1.6.8p12-strip.diff
Normal file
@ -0,0 +1,16 @@
|
||||
--- Makefile.in
|
||||
+++ Makefile.in
|
||||
@@ -301,11 +301,11 @@
|
||||
$(DESTDIR)$(noexecdir)
|
||||
|
||||
install-binaries: $(PROGS)
|
||||
- $(INSTALL) -O $(install_uid) -G $(install_gid) -M 4111 -s sudo $(DESTDIR)$(sudodir)/sudo
|
||||
+ $(INSTALL) -O $(install_uid) -G $(install_gid) -M 4111 sudo $(DESTDIR)$(sudodir)/sudo
|
||||
rm -f $(DESTDIR)$(sudodir)/sudoedit
|
||||
ln $(DESTDIR)$(sudodir)/sudo $(DESTDIR)$(sudodir)/sudoedit
|
||||
|
||||
- $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 -s visudo $(DESTDIR)$(visudodir)/visudo
|
||||
+ $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 visudo $(DESTDIR)$(visudodir)/visudo
|
||||
|
||||
install-noexec: sudo_noexec.la
|
||||
$(LIBTOOL) --mode=install $(INSTALL) sudo_noexec.la $(DESTDIR)$(noexecdir)
|
23
sudo-1.6.8p12-sudoers.diff
Normal file
23
sudo-1.6.8p12-sudoers.diff
Normal file
@ -0,0 +1,23 @@
|
||||
--- sudoers
|
||||
+++ sudoers
|
||||
@@ -13,6 +13,20 @@
|
||||
|
||||
# Defaults specification
|
||||
|
||||
+# prevent environment variables from influencing programs in an
|
||||
+# unexpected or harmful way (CVE-2005-2959, CVE-2005-4158,
|
||||
+# CVE-2006-0151)
|
||||
+Defaults always_set_home
|
||||
+Defaults env_reset
|
||||
+Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS"
|
||||
+
|
||||
+# In the default (unconfigured) configuration, sudo asks for the root password.
|
||||
+# This allows use of an ordinary user account for administration of a freshly
|
||||
+# installed system. When configuring sudo, delete the two
|
||||
+# following lines:
|
||||
+Defaults targetpw # ask for the password of the target user i.e. root
|
||||
+ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
|
||||
+
|
||||
# Runas alias specification
|
||||
|
||||
# User privilege specification
|
5
sudo-1.6.8p12.pamd
Normal file
5
sudo-1.6.8p12.pamd
Normal file
@ -0,0 +1,5 @@
|
||||
#%PAM-1.0
|
||||
auth include common-auth
|
||||
account include common-account
|
||||
password include common-password
|
||||
session include common-session
|
3
sudo-1.6.8p12.tar.bz2
Normal file
3
sudo-1.6.8p12.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:fc1e96c9cd7333587184538acac09db7532295ae17518e8afce7b07e267ead34
|
||||
size 424499
|
262
sudo.changes
Normal file
262
sudo.changes
Normal file
@ -0,0 +1,262 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 30 14:12:34 CET 2006 - prusnak@suse.cz
|
||||
|
||||
- package /etc/sudoers as 0440 [Fate#300934]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 29 18:29:23 CET 2006 - prusnak@suse.cz
|
||||
|
||||
- protect locale-related environment variables from resetting (sudoers.diff) [#222728]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 4 19:35:18 CEST 2006 - mjancar@suse.cz
|
||||
|
||||
- enable LDAP support (#159774)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 14 16:55:52 CEST 2006 - schwab@suse.de
|
||||
|
||||
- Fix quoting in configure script.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 8 15:22:15 CET 2006 - mjancar@suse.cz
|
||||
|
||||
- don't limit access to local group users (#151938)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 27 09:23:26 CET 2006 - mjancar@suse.cz
|
||||
|
||||
- set environment and sudo search PATH to SECURE_PATH
|
||||
only when env_reset (#145687)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 26 13:28:28 CET 2006 - schwab@suse.de
|
||||
|
||||
- Fix syntax error in /etc/sudoers.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 26 12:03:48 CET 2006 - mjancar@suse.cz
|
||||
|
||||
- fix PATH always reset (#145687)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 25 21:41:52 CET 2006 - mls@suse.de
|
||||
|
||||
- converted neededforbuild to BuildRequires
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jan 15 20:40:26 CET 2006 - schwab@suse.de
|
||||
|
||||
- Don't strip binaries.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 10 16:31:46 CET 2006 - mjancar@suse.cz
|
||||
|
||||
- fix CVE-2005-4158 (#140300)
|
||||
* compile with --with-secure-path
|
||||
* use always_set_home and env_reset by default
|
||||
- document purpose of the default asking for root password
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Dec 21 19:55:27 CET 2005 - mjancar@suse.cz
|
||||
|
||||
- update to 1.6.8p12
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 9 10:01:27 CET 2005 - ro@suse.de
|
||||
|
||||
- disabled selinux
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 2 20:42:18 CEST 2005 - mjancar@suse.cz
|
||||
|
||||
- update to 1.6.8p9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 20 11:50:45 CEST 2005 - anicka@suse.cz
|
||||
|
||||
- build position independent binaries
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Feb 28 15:30:42 CET 2005 - ro@suse.de
|
||||
|
||||
- update to 1.6.8p7
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 15 14:58:45 CET 2004 - kukuk@suse.de
|
||||
|
||||
- Use common PAM config files
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 13 16:00:56 CEST 2004 - ro@suse.de
|
||||
|
||||
- undef __P first
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 6 07:12:34 CEST 2004 - kukuk@suse.de
|
||||
|
||||
- fix default permissions of sudo
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 26 01:18:52 CET 2004 - ro@suse.de
|
||||
|
||||
- added postfix to neededforbuild
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Feb 25 13:02:03 CET 2004 - lnussel@suse.de
|
||||
|
||||
- Add comment and warning for 'Defaults targetpw' to config file
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 29 15:57:53 CET 2004 - kukuk@suse.de
|
||||
|
||||
- Fix sudo configuration broken by last patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 28 10:55:29 CET 2004 - kukuk@suse.de
|
||||
|
||||
- Add SELinux patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 22 18:45:07 CET 2004 - ro@suse.de
|
||||
|
||||
- package /etc/sudoers as 0640
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 16 13:26:31 CET 2004 - kukuk@suse.de
|
||||
|
||||
- Add pam-devel to neededforbuild
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jan 11 09:29:32 CET 2004 - adrian@suse.de
|
||||
|
||||
- build as user
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 7 16:20:57 CET 2003 - schwab@suse.de
|
||||
|
||||
- Fix quoting in configure script.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 10 11:06:04 CEST 2003 - mjancar@suse.cz
|
||||
|
||||
- move the defaults to better place in /etc/sudoers (#30282)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 25 15:21:16 CEST 2003 - mjancar@suse.cz
|
||||
|
||||
- update to 1.6.7p5
|
||||
* Fixed a problem with large numbers
|
||||
of environment variables.
|
||||
- more useful defaults (#28056)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 14 10:44:53 CEST 2003 - mjancar@suse.cz
|
||||
|
||||
- update to version 1.6.7p4
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 7 13:49:00 CET 2003 - kukuk@suse.de
|
||||
|
||||
- Use pam_unix2.so instead of pam_unix.so
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 5 15:18:21 CEST 2002 - pmladek@suse.cz
|
||||
|
||||
- updated to version 1.6.6
|
||||
- removed obsolete heap-overflow fix in prompt patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 22 14:56:46 CEST 2002 - pmladek@suse.cz
|
||||
|
||||
- fixed a heap-overflow (prompt patch)
|
||||
- fixed prompt behaviour, %% is always translated to % (prompt patch)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 12 12:23:08 CET 2002 - pmladek@suse.cz
|
||||
|
||||
- insults are really off by default now [#13134]
|
||||
- sudo.pamd moved from patch to sources
|
||||
- used %defattr(-,root,root)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 24 10:17:00 CET 2002 - postadal@suse.cz
|
||||
|
||||
- updated to version 1.6.5p2
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 17 18:47:02 CET 2002 - pmladek@suse.cz
|
||||
|
||||
- updated to version 1.6.5p1
|
||||
- removed obsolete security patch (to do not run mailer as root),
|
||||
sudo runs mailer again as root but with hard-coded environment
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 2 12:36:17 CET 2002 - pmladek@suse.cz
|
||||
|
||||
- aplied security patch from Sebastian Krahmer <krahmer@suse.de>
|
||||
to do not run mailer as root
|
||||
- NOTIFY_BY_EMAIL enabled
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 30 22:58:33 CET 2001 - bjacke@suse.de
|
||||
|
||||
- make /etc/sudoers (noreplace)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 15 16:17:35 CEST 2001 - pmladek@suse.cz
|
||||
|
||||
- updated to version 1.6.3p7
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 14 18:05:55 CEST 2001 - ro@suse.de
|
||||
|
||||
- Don't use absolute paths to PAM modules in PAM config files
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 27 11:17:10 CET 2001 - pblaha@suse.cz
|
||||
|
||||
- update on 1.6.3p6 for fix potential security problems
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 26 17:39:24 CEST 2000 - schwab@suse.de
|
||||
|
||||
- Add %suse_update_config.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu May 4 15:57:08 CEST 2000 - smid@suse.cz
|
||||
|
||||
- upgrade to 1.6.3
|
||||
- buildroot added
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 4 17:55:40 CEST 2000 - uli@suse.de
|
||||
|
||||
- added "--with-env-editor" to configure call
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 1 16:08:27 CET 2000 - schwab@suse.de
|
||||
|
||||
- Specfile cleanup, remove Makefile.Linux
|
||||
- /usr/man -> /usr/share/man
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
|
||||
|
||||
- ran old prepare_spec on spec file to switch to new prepare_spec.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 9 17:19:36 MEST 1999 - kukuk@suse.de
|
||||
|
||||
- update to version 1.5.9p1
|
||||
- enable PAM
|
||||
|
||||
----------------------------------------------------------------------------
|
||||
Wed Nov 6 00:13:26 CET 1996 - florian@suse.de
|
||||
|
||||
|
||||
- update to version 1.5.2
|
||||
|
||||
- sudo has changed a lot, please check the sudo documentation
|
||||
|
||||
|
234
sudo.spec
Normal file
234
sudo.spec
Normal file
@ -0,0 +1,234 @@
|
||||
#
|
||||
# spec file for package sudo (Version 1.6.8p12)
|
||||
#
|
||||
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# This file and all modifications and additions to the pristine
|
||||
# package are under the same license as the package itself.
|
||||
#
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
# norootforbuild
|
||||
|
||||
Name: sudo
|
||||
BuildRequires: openldap2-devel pam-devel postfix
|
||||
Version: 1.6.8p12
|
||||
Release: 40
|
||||
Autoreqprov: on
|
||||
Group: System/Base
|
||||
License: BSD License and BSD-like
|
||||
URL: http://www.courtesan.com/sudo
|
||||
Summary: Execute some commands as root
|
||||
Source0: %{name}-%{version}.tar.bz2
|
||||
Source1: %{name}-%{version}.pamd
|
||||
Source2: README.SUSE
|
||||
Patch0: %{name}-%{version}-defaults.diff
|
||||
Patch1: %{name}-%{version}-sudoers.diff
|
||||
Patch2: %{name}-%{version}-conf.diff
|
||||
Patch4: %{name}-%{version}-__P.diff
|
||||
Patch5: %{name}-%{version}-strip.diff
|
||||
Patch6: %{name}-%{version}-prompt.diff
|
||||
Patch7: %{name}-%{version}-secure_path.diff
|
||||
Patch8: %{name}-%{version}-configure.diff
|
||||
Patch9: %{name}-%{version}-ldap.diff
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%description
|
||||
Sudo is a command that allows users to execute some commands as root.
|
||||
The /etc/sudoers file (edited with 'visudo') specifies which users have
|
||||
access to sudo and which commands they can run. Sudo logs all its
|
||||
activities to syslogd, so the system administrator can keep an eye on
|
||||
things. Sudo asks for the password for initializing a check period of a
|
||||
given time N (where N is defined at installation and is set to 5
|
||||
minutes by default).
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Jeff Nieusma <nieusma@rootgroup.com>
|
||||
David Hieb <davehieb@rootgroup.com>
|
||||
Ian McCloghrie <ian@ucsd.edu>
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0
|
||||
%patch1
|
||||
%patch2
|
||||
%patch4
|
||||
%patch5
|
||||
%patch6
|
||||
%patch7
|
||||
%patch8
|
||||
%patch9
|
||||
cp %{S:1} %{S:2} .
|
||||
|
||||
%build
|
||||
%{suse_update_config -f}
|
||||
#autoreconf --force --install
|
||||
autoconf
|
||||
%ifarch s390 s390x
|
||||
F_PIE=-fPIE
|
||||
%else
|
||||
F_PIE=-fpie
|
||||
%endif
|
||||
CFLAGS="$RPM_OPT_FLAGS -Wall $F_PIE -DLDAP_DEPRECATED" \
|
||||
LDFLAGS="-pie" \
|
||||
./configure --prefix=%{_prefix} \
|
||||
--sbindir=%{_prefix}/sbin \
|
||||
--libexecdir=%{_prefix}/lib/sudo \
|
||||
--mandir=%{_mandir} \
|
||||
--with-logfac=auth \
|
||||
--with-insults \
|
||||
--with-all-insults \
|
||||
--with-ignore-dot \
|
||||
--with-tty-tickets \
|
||||
--enable-shell-sets-home \
|
||||
--with-sudoers-mode=0440 \
|
||||
--with-pam \
|
||||
--with-ldap \
|
||||
--with-env-editor \
|
||||
--with-secure-path=/usr/sbin:/bin:/usr/bin:/sbin:/usr/X11R6/bin \
|
||||
--with-passprompt="%%p's password:"
|
||||
make %{?jobs:-j%jobs}
|
||||
|
||||
%install
|
||||
make DESTDIR=$RPM_BUILD_ROOT install
|
||||
install -d -m 700 $RPM_BUILD_ROOT/var/run/sudo
|
||||
install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
|
||||
install -m 644 sudo-%{version}.pamd $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/sudo
|
||||
rm -f $RPM_BUILD_ROOT/usr/bin/sudoedit
|
||||
ln -sf /usr/bin/sudo $RPM_BUILD_ROOT/usr/bin/sudoedit
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%config(noreplace) %attr(0440,root,root) %{_sysconfdir}/sudoers
|
||||
%config %{_sysconfdir}/pam.d/sudo
|
||||
%doc BUGS CHANGES HISTORY LICENSE PORTING README RUNSON README.SUSE
|
||||
%doc TODO TROUBLESHOOTING *.pod
|
||||
%doc %{_mandir}/man?/*
|
||||
%attr(4755,root,root) %{_bindir}/sudo
|
||||
%{_bindir}/sudoedit
|
||||
%{_sbindir}/*
|
||||
%{_prefix}/lib/sudo
|
||||
/var/run/sudo
|
||||
|
||||
%changelog -n sudo
|
||||
* Thu Nov 30 2006 - prusnak@suse.cz
|
||||
- package /etc/sudoers as 0440 [Fate#300934]
|
||||
* Wed Nov 29 2006 - prusnak@suse.cz
|
||||
- protect locale-related environment variables from resetting (sudoers.diff) [#222728]
|
||||
* Wed Oct 04 2006 - mjancar@suse.cz
|
||||
- enable LDAP support (#159774)
|
||||
* Wed Jun 14 2006 - schwab@suse.de
|
||||
- Fix quoting in configure script.
|
||||
* Wed Mar 08 2006 - mjancar@suse.cz
|
||||
- don't limit access to local group users (#151938)
|
||||
* Fri Jan 27 2006 - mjancar@suse.cz
|
||||
- set environment and sudo search PATH to SECURE_PATH
|
||||
only when env_reset (#145687)
|
||||
* Thu Jan 26 2006 - schwab@suse.de
|
||||
- Fix syntax error in /etc/sudoers.
|
||||
* Thu Jan 26 2006 - mjancar@suse.cz
|
||||
- fix PATH always reset (#145687)
|
||||
* Wed Jan 25 2006 - mls@suse.de
|
||||
- converted neededforbuild to BuildRequires
|
||||
* Sun Jan 15 2006 - schwab@suse.de
|
||||
- Don't strip binaries.
|
||||
* Tue Jan 10 2006 - mjancar@suse.cz
|
||||
- fix CVE-2005-4158 (#140300)
|
||||
* compile with --with-secure-path
|
||||
* use always_set_home and env_reset by default
|
||||
- document purpose of the default asking for root password
|
||||
* Wed Dec 21 2005 - mjancar@suse.cz
|
||||
- update to 1.6.8p12
|
||||
* Fri Dec 09 2005 - ro@suse.de
|
||||
- disabled selinux
|
||||
* Tue Aug 02 2005 - mjancar@suse.cz
|
||||
- update to 1.6.8p9
|
||||
* Mon Jun 20 2005 - anicka@suse.cz
|
||||
- build position independent binaries
|
||||
* Mon Feb 28 2005 - ro@suse.de
|
||||
- update to 1.6.8p7
|
||||
* Mon Nov 15 2004 - kukuk@suse.de
|
||||
- Use common PAM config files
|
||||
* Mon Sep 13 2004 - ro@suse.de
|
||||
- undef __P first
|
||||
* Tue Apr 06 2004 - kukuk@suse.de
|
||||
- fix default permissions of sudo
|
||||
* Fri Mar 26 2004 - ro@suse.de
|
||||
- added postfix to neededforbuild
|
||||
* Wed Feb 25 2004 - lnussel@suse.de
|
||||
- Add comment and warning for 'Defaults targetpw' to config file
|
||||
* Thu Jan 29 2004 - kukuk@suse.de
|
||||
- Fix sudo configuration broken by last patch
|
||||
* Wed Jan 28 2004 - kukuk@suse.de
|
||||
- Add SELinux patch
|
||||
* Thu Jan 22 2004 - ro@suse.de
|
||||
- package /etc/sudoers as 0640
|
||||
* Fri Jan 16 2004 - kukuk@suse.de
|
||||
- Add pam-devel to neededforbuild
|
||||
* Sun Jan 11 2004 - adrian@suse.de
|
||||
- build as user
|
||||
* Fri Nov 07 2003 - schwab@suse.de
|
||||
- Fix quoting in configure script.
|
||||
* Wed Sep 10 2003 - mjancar@suse.cz
|
||||
- move the defaults to better place in /etc/sudoers (#30282)
|
||||
* Mon Aug 25 2003 - mjancar@suse.cz
|
||||
- update to 1.6.7p5
|
||||
* Fixed a problem with large numbers
|
||||
of environment variables.
|
||||
- more useful defaults (#28056)
|
||||
* Wed May 14 2003 - mjancar@suse.cz
|
||||
- update to version 1.6.7p4
|
||||
* Fri Feb 07 2003 - kukuk@suse.de
|
||||
- Use pam_unix2.so instead of pam_unix.so
|
||||
* Wed Jun 05 2002 - pmladek@suse.cz
|
||||
- updated to version 1.6.6
|
||||
- removed obsolete heap-overflow fix in prompt patch
|
||||
* Mon Apr 22 2002 - pmladek@suse.cz
|
||||
- fixed a heap-overflow (prompt patch)
|
||||
- fixed prompt behaviour, %% is always translated to %% (prompt patch)
|
||||
* Tue Feb 12 2002 - pmladek@suse.cz
|
||||
- insults are really off by default now [#13134]
|
||||
- sudo.pamd moved from patch to sources
|
||||
- used %%defattr(-,root,root)
|
||||
* Thu Jan 24 2002 - postadal@suse.cz
|
||||
- updated to version 1.6.5p2
|
||||
* Thu Jan 17 2002 - pmladek@suse.cz
|
||||
- updated to version 1.6.5p1
|
||||
- removed obsolete security patch (to do not run mailer as root),
|
||||
sudo runs mailer again as root but with hard-coded environment
|
||||
* Wed Jan 02 2002 - pmladek@suse.cz
|
||||
- aplied security patch from Sebastian Krahmer <krahmer@suse.de>
|
||||
to do not run mailer as root
|
||||
- NOTIFY_BY_EMAIL enabled
|
||||
* Tue Oct 30 2001 - bjacke@suse.de
|
||||
- make /etc/sudoers (noreplace)
|
||||
* Wed Aug 15 2001 - pmladek@suse.cz
|
||||
- updated to version 1.6.3p7
|
||||
* Tue Aug 14 2001 - ro@suse.de
|
||||
- Don't use absolute paths to PAM modules in PAM config files
|
||||
* Tue Feb 27 2001 - pblaha@suse.cz
|
||||
- update on 1.6.3p6 for fix potential security problems
|
||||
* Mon Jun 26 2000 - schwab@suse.de
|
||||
- Add %%suse_update_config.
|
||||
* Thu May 04 2000 - smid@suse.cz
|
||||
- upgrade to 1.6.3
|
||||
- buildroot added
|
||||
* Tue Apr 04 2000 - uli@suse.de
|
||||
- added "--with-env-editor" to configure call
|
||||
* Wed Mar 01 2000 - schwab@suse.de
|
||||
- Specfile cleanup, remove Makefile.Linux
|
||||
- /usr/man -> /usr/share/man
|
||||
* Mon Sep 13 1999 - bs@suse.de
|
||||
- ran old prepare_spec on spec file to switch to new prepare_spec.
|
||||
* Wed Jun 09 1999 - kukuk@suse.de
|
||||
- update to version 1.5.9p1
|
||||
- enable PAM
|
||||
* Thu Jan 02 1997 - florian@suse.de
|
||||
- update to version 1.5.2
|
||||
- sudo has changed a lot, please check the sudo documentation
|
Loading…
Reference in New Issue
Block a user