rpm/sudo
SHA256
1
0
Fork 0
forked from pool/sudo
Code Pull Requests Activity
sudo/sudo.spec
Marcus Meissner 5b4fbad316 Accepting request 121223 from home:vitezslav_cizek:branches:Base:System 
- update to 1.8.5
  Some of the changes:
  * /etc/environment is no longer read directly on Linux systems when
    PAM is used. Sudo now merges the PAM environment into the user's
    environment which is typically set by the pam_env module.
  * The plugin API has been extended
  * The policy plugin's init_session function is now called by the
    parent sudo process, not the child process that executes the command
    This allows the PAM session to be open and closed in the same process,
    which some PAM modules require.
  * A new group provider plugin, system_group, is included
  * Fixed a potential security issue in the matching of hosts against
    an IPv4 network specified in sudoers.The flaw may allow a user who
    is authorized to run commands on hosts belonging to one IPv4
    network to run commands on a different host (CVE-2012-2337)

OBS-URL: https://build.opensuse.org/request/show/121223
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=41
2012-05-16 21:13:33 +00:00

146 lines
4.4 KiB
RPMSpec
Raw Blame History

#
# spec file for package sudo
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: sudo
Version: 1.8.5
Release: 0
Summary: Execute some commands as root
License: BSD-3-Clause
Group: System/Base
Url: http://www.sudo.ws/
Source0: http://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz
Source1: sudo.pamd
Source2: README.SUSE
Patch0: sudoers2ldif-env.patch
Patch1: sudo-sudoers.patch
BuildRequires: audit-devel
BuildRequires: libselinux-devel
BuildRequires: openldap2-devel
BuildRequires: pam-devel
Requires(pre): coreutils
Requires(pre): permissions
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Sudo is a command that allows users to execute some commands as root.
The /etc/sudoers file (edited with 'visudo') specifies which users have
access to sudo and which commands they can run. Sudo logs all its
activities to syslogd, so the system administrator can keep an eye on
things. Sudo asks for the password for initializing a check period of a
given time N (where N is defined at installation and is set to 5
minutes by default).
%package devel
Summary: Header files needed for sudo plugin development
Group: Development/Libraries/C and C++
%description devel
These header files are needed for building of sudo plugins.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%build
%ifarch s390 s390x %sparc
F_PIE=-fPIE
%else
F_PIE=-fpie
%endif
export CFLAGS="%{optflags} -Wall $F_PIE -DLDAP_DEPRECATED"
export LDFLAGS="-pie"
%configure \
--libexecdir=%{_libexecdir}/sudo \
--docdir=%{_docdir}/%{name} \
--with-noexec=%{_libexecdir}/sudo/sudo_noexec.so \
--with-pam \
--with-ldap \
--with-selinux \
--with-linux-audit \
--with-logfac=auth \
--with-insults \
--with-all-insults \
--with-ignore-dot \
--with-tty-tickets \
--enable-shell-sets-home \
--enable-warnings \
--with-sendmail=%{_sbindir}/sendmail \
--with-sudoers-mode=0440 \
--with-env-editor \
--without-secure-path \
--with-passprompt='%%p\x27s password:' \
--with-timedir=%{_localstatedir}/lib/sudo
make %{?_smp_mflags}
%install
%make_install
install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/sudo
mv %{buildroot}%{_docdir}/%{name}/sudoers2ldif %{buildroot}%{_sbindir}
rm -f %{buildroot}%{_bindir}/sudoedit
ln -sf %{_bindir}/sudo %{buildroot}%{_bindir}/sudoedit
install -d -m 755 %{buildroot}%{_sysconfdir}/openldap/schema
install -m 644 doc/schema.OpenLDAP %{buildroot}%{_sysconfdir}/openldap/schema/sudo.schema
install -m 644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/
rm -f %{buildroot}%{_docdir}/%{name}/sample.pam
rm -f %{buildroot}%{_docdir}/%{name}/sample.syslog.conf
rm -f %{buildroot}%{_docdir}/%{name}/schema.OpenLDAP
rm -f %{buildroot}%{_libexecdir}/%{name}/sudoers.la
%find_lang %{name}
%find_lang sudoers
cat sudoers.lang >> %{name}.lang
%post
chmod 0440 %{_sysconfdir}/sudoers
%if 0%{?suse_version} <= 1130
%run_permissions
%else
%set_permissions /usr/bin/sudo
%endif
%verifyscript
%verify_permissions -e /usr/bin/sudo
%clean
rm -rf %{buildroot}
%files -f %{name}.lang
%defattr(-,root,root)
%doc %{_docdir}/%{name}
%doc %{_mandir}/man?/*
%config(noreplace) %attr(0440,root,root) %{_sysconfdir}/sudoers
%dir %{_sysconfdir}/sudoers.d
%config %{_sysconfdir}/pam.d/sudo
%attr(4755,root,root) %{_bindir}/sudo
%dir %{_sysconfdir}/openldap
%dir %{_sysconfdir}/openldap/schema
%attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/sudo.schema
%{_bindir}/sudoedit
%{_bindir}/sudoreplay
%{_sbindir}/visudo
%attr(0755,root,root) %{_sbindir}/sudoers2ldif
%{_libexecdir}/sudo
%attr(0700,root,root) %dir %ghost %{_localstatedir}/lib/sudo
%files devel
%defattr(-,root,root)
%{_includedir}/sudo_plugin.h
%changelog
View Git Blame Copy Permalink