- restore accidentally dropped suse-specific patches

OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=55
2013-07-02 16:30:47 +00:00 · 2013-07-02 16:30:47 +00:00 · 8c93addd58
commit 8c93addd58
parent 07a0c03b9a
4 changed files with 99 additions and 0 deletions
--- a/sudo-sudoers.patch
+++ b/sudo-sudoers.patch
@ -0,0 +1,80 @@
+Index: sudo-1.8.0/plugins/sudoers/sudoers.in
+===================================================================
+--- sudo-1.8.0.orig/plugins/sudoers/sudoers.in
+++ sudo-1.8.0/plugins/sudoers/sudoers.in
+@@ -31,37 +31,36 @@
+ ##
+ ## Defaults specification
+ ##
+-## You may wish to keep some of the following environment variables
+-## when running commands via sudo.
+-##
+-## Locale settings
+-# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
+-##
+-## Run X applications through sudo; HOME is used to find the
+-## .Xauthority file.  Note that other programs use HOME to find   
+-## configuration files and this may lead to privilege escalation!
+-# Defaults env_keep += "HOME"
+-##
+-## X11 resource path settings
+-# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
+-##
+-## Desktop path settings
+-# Defaults env_keep += "QTDIR KDEDIR"
+-##
+-## Allow sudo-run commands to inherit the callers' ConsoleKit session
+-# Defaults env_keep += "XDG_SESSION_COOKIE"
+-##
+-## Uncomment to enable special input methods.  Care should be taken as
+-## this may allow users to subvert the command being run via sudo.
+-# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
+## Prevent environment variables from influencing programs in an
+## unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
+Defaults always_set_home
+Defaults env_reset
+## Change env_reset to !env_reset in previous line to keep all environment variables
+## Following list will no longer be necessary after this change
+
+Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
+## Comment out the preceding line and uncomment the following one if you need
+## to use special input methods. This may allow users to compromise  the root
+## account if they are allowed to run commands without authentication.
+#Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
+
+## Do not insult users when they enter an incorrect password.
+Defaults !insults
+
+ ##
+ ## Uncomment to enable logging of a command's output, except for
+ ## sudoreplay and reboot.  Use sudoreplay to play back logged sessions.
+ # Defaults log_output
+ # Defaults!/usr/bin/sudoreplay !log_output
+-# Defaults!/usr/local/bin/sudoreplay !log_output
+ # Defaults!/sbin/reboot !log_output
+ 
+## In the default (unconfigured) configuration, sudo asks for the root password.
+## This allows use of an ordinary user account for administration of a freshly
+## installed system. When configuring sudo, delete the two
+## following lines:
+Defaults targetpw   # ask for the password of the target user i.e. root
+ALL	ALL=(ALL) ALL   # WARNING! Only use this together with 'Defaults targetpw'!
+
+ ##
+ ## Runas alias specification
+ ##
+@@ -77,14 +76,6 @@ root ALL=(ALL) ALL
+ ## Same thing without a password
+ # %wheel ALL=(ALL) NOPASSWD: ALL
+ 
+-## Uncomment to allow members of group sudo to execute any command
+-# %sudo	ALL=(ALL) ALL
+-
+-## Uncomment to allow any user to run sudo if they know the password
+-## of the user they are running the command as (root by default).
+-# Defaults targetpw  # Ask for the password of the target user
+-# ALL ALL=(ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'
+-
+ ## Read drop-in files from @sysconfdir@/sudoers.d
+ ## (the '#' here does not indicate a comment)
+ #includedir @sysconfdir@/sudoers.d
--- a/sudo.changes
+++ b/sudo.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue Jul  2 16:30:19 UTC 2013 - dmueller@suse.com
+
+- restore accidentally dropped suse-specific patches 
+
 -------------------------------------------------------------------
 Thu Jun 27 18:03:10 UTC 2013 - michael@stroeder.com

--- a/sudo.spec
+++ b/sudo.spec
@ -26,6 +26,8 @@ Url:            http://www.sudo.ws/
 Source0:        http://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz
 Source1:        sudo.pamd
 Source2:        README.SUSE
+Patch0:         sudoers2ldif-env.patch
+Patch1:         sudo-sudoers.patch
 BuildRequires:  audit-devel
 BuildRequires:  groff
 BuildRequires:  libselinux-devel
@ -53,6 +55,8 @@ These header files are needed for building of sudo plugins.

 %prep
 %setup -q
+%patch0 -p1 
+%patch1 -p1

 %build
 %ifarch s390 s390x %sparc
--- a/sudoers2ldif-env.patch
+++ b/sudoers2ldif-env.patch
@ -0,0 +1,10 @@
+Index: sudo-1.8.7/plugins/sudoers/sudoers2ldif
+===================================================================
+--- sudo-1.8.7.orig/plugins/sudoers/sudoers2ldif
+++ sudo-1.8.7/plugins/sudoers/sudoers2ldif
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
+#!/usr/bin/perl
+ #
+ # Copyright (c) 2007, 2010-2011, 2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ #