pool/sudo
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8bde0fcc0b
sudo/sudo.spec
Vítězslav Čížek 8dd91c7580 Accepting request 108646 from home:vitezslav_cizek:branches:Base:System 
- update to 1.8.4p2
  Some of the changes:
  * The -D flag in sudo has been replaced with a more general
    debugging framework that is configured in sudo.conf.
  * Fixed a crash with sudo -i when a runas group was specified
    without a runas user.
  * New Serbian and Spanish translations for sudo from translationproject.org.
    LDAP-based sudoers may now access by group ID in addition to group name.
  * visudo will now fix the mode on the sudoers file even if no
    changes are made unless the -f option is specified.
  * On systems that use login.conf, sudo -i now sets environment
    variables based on login.conf
  * values in the LDAP search expression are now escaped as per RFC 4515
  * The deprecated "noexec_file" sudoers option is no longer supported.
  * Fixed a race condition when I/O logging is not enabled that could
    result in tty-generated signals (e.g. control-C) being received
    by the command twice.
  * visudo -c will now list any include files that were checked in
    addition to the main sudoers file when everything parses OK.
  * Users that only have read-only access to the sudoers file may
    now run visudo -c. Previously, write permissions were required
    even though no writing is down in check-only mode.

OBS-URL: https://build.opensuse.org/request/show/108646
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=39
2012-03-09 15:02:22 +00:00

150 lines
4.5 KiB
RPMSpec
Raw Blame History

#
# spec file for package sudo
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: sudo
Version: 1.8.4p2
Release: 0
Summary: Execute some commands as root
License: BSD-3-Clause
Group: System/Base
Url: http://www.sudo.ws/
Source0: http://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz
Source1: sudo.pamd
Source2: README.SUSE
Patch0: sudoers2ldif-env.patch
Patch1: sudo-sudoers.patch
# PATCH-FIX-OPENSUSE make sesh position-independent (bnc#743157)
Patch2: sudo-1.8.3p1-sesh-cflags.patch
BuildRequires: audit-devel
BuildRequires: libselinux-devel
BuildRequires: openldap2-devel
BuildRequires: pam-devel
Requires(pre): coreutils
Requires(pre): permissions
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Sudo is a command that allows users to execute some commands as root.
The /etc/sudoers file (edited with 'visudo') specifies which users have
access to sudo and which commands they can run. Sudo logs all its
activities to syslogd, so the system administrator can keep an eye on
things. Sudo asks for the password for initializing a check period of a
given time N (where N is defined at installation and is set to 5
minutes by default).
%package devel
Summary: Header files needed for sudo plugin development
Group: Development/Libraries/C and C++
%description devel
These header files are needed for building of sudo plugins.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
%ifarch s390 s390x %sparc
F_PIE=-fPIE
%else
F_PIE=-fpie
%endif
export CFLAGS="%{optflags} -Wall $F_PIE -DLDAP_DEPRECATED"
export LDFLAGS="-pie"
%configure \
--libexecdir=%{_libexecdir}/sudo \
--docdir=%{_docdir}/%{name} \
--with-noexec=%{_libexecdir}/sudo/sudo_noexec.so \
--with-pam \
--with-ldap \
--with-selinux \
--with-linux-audit \
--with-logfac=auth \
--with-insults \
--with-all-insults \
--with-ignore-dot \
--with-tty-tickets \
--enable-shell-sets-home \
--enable-warnings \
--with-sendmail=%{_sbindir}/sendmail \
--with-sudoers-mode=0440 \
--with-env-editor \
--without-secure-path \
--with-passprompt='%%p\x27s password:' \
--with-timedir=%{_localstatedir}/lib/sudo
make %{?_smp_mflags}
%install
%make_install
install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/sudo
mv %{buildroot}%{_docdir}/%{name}/sudoers2ldif %{buildroot}%{_sbindir}
rm -f %{buildroot}%{_bindir}/sudoedit
ln -sf %{_bindir}/sudo %{buildroot}%{_bindir}/sudoedit
install -d -m 755 %{buildroot}%{_sysconfdir}/openldap/schema
install -m 644 doc/schema.OpenLDAP %{buildroot}%{_sysconfdir}/openldap/schema/sudo.schema
install -m 644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/
rm -f %{buildroot}%{_docdir}/%{name}/sample.pam
rm -f %{buildroot}%{_docdir}/%{name}/sample.syslog.conf
rm -f %{buildroot}%{_docdir}/%{name}/schema.OpenLDAP
rm -f %{buildroot}%{_libexecdir}/%{name}/sudoers.la
%find_lang %{name}
%find_lang sudoers
cat sudoers.lang >> %{name}.lang
%post
chmod 0440 %{_sysconfdir}/sudoers
%if 0%{?suse_version} <= 1130
%run_permissions
%else
%set_permissions /usr/bin/sudo
%endif
%verifyscript
%verify_permissions -e /usr/bin/sudo
%clean
rm -rf %{buildroot}
%files -f %{name}.lang
%defattr(-,root,root)
%doc %{_docdir}/%{name}
%doc %{_mandir}/man?/*
%config(noreplace) %attr(0440,root,root) %{_sysconfdir}/sudoers
%dir %{_sysconfdir}/sudoers.d
%config %{_sysconfdir}/pam.d/sudo
%attr(4755,root,root) %{_bindir}/sudo
%dir %{_sysconfdir}/openldap
%dir %{_sysconfdir}/openldap/schema
%attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/sudo.schema
%{_bindir}/sudoedit
%{_bindir}/sudoreplay
%{_sbindir}/visudo
%attr(0755,root,root) %{_sbindir}/sudoers2ldif
%{_libexecdir}/sudo
%attr(0700,root,root) %dir %ghost %{_localstatedir}/lib/sudo
%files devel
%defattr(-,root,root)
%{_includedir}/sudo_plugin.h
%changelog
Reference in New Issue View Git Blame Copy Permalink