source: projects/specs/trunk/s/sudo/sudo-vl.spec @ 12521

Revision 12521, 11.8 KB checked in by tomop, 3 years ago (diff)

updated 11 packages

dnsmasq-2.84-1

firefox-78.7.0-1

kernel-5.4.93-1

libmaxminddb-1.5.0-1

nsd-4.3.5-1

openldap-2.4.57-1

python-pillow-8.1.0-1

rust-1.49.0-1

samba-4.13.4-1

sudo-1.9.5p2-1

thunderbird-78.7.0-1

Line 
1Summary: Allows command execution as root for specified users
2Summary(ja): スーパーユーザ権限でのコマンドの実行
3Name: sudo
4Version: 1.9.5p2
5Release: 1%{?_dist_release}
6Group: system
7Vendor: Project Vine
8Distribution: Vine Linux
9
10License: ISC-style
11URL: https://www.sudo.ws/sudo/
12# master is toooooooooooooooo slow.
13Source0: http://www.sudo.ws/sudo/dist/sudo-%{version}.tar.gz
14#Source0: http://core.ring.gr.jp/archives/misc/sudo/sudo-%{version}.tar.gz
15Source1: sudo-sudoers-vine
16
17# don't strip
18Patch1: sudo-1.6.7p5-strip.patch
19
20Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
21BuildRequires: pam-devel
22BuildRequires: groff
23BuildRequires: flex
24BuildRequires: bison
25BuildRequires: openldap-devel
26BuildRequires: automake autoconf libtool
27BuildRequires: libcap-devel
28BuildRequires: zlib-devel
29
30%description
31Sudo (superuser do) allows a system administrator to give certain users
32(or groups of users) the ability to run some (or all) commands as root while
33logging all commands and arguments. Sudo operates on a per-command basis,
34it is not a replacement for the shell.
35
36%description -l ja
37sudo は、特定のユーザや特定のグループに所属するユーザが、スーパーユーザ権限で
38いくつかのコマンド操作を行うことを許可するためのプログラムです。
39
40
41%package        logsrvd
42Summary:        High-performance log server for %{name}
43Group:          system,servers
44Requires:       %{name} = %{version}-%{release}
45BuildRequires:  openssl-devel
46
47%description    logsrvd
48%{name}-logsrvd is a high-performance log server that accepts event and
49I/O logs from sudo.
50It can be used to implement centralized logging of sudo logs.
51
52
53%debug_package
54
55
56%prep
57%setup -q
58%patch1 -p1 -b .strip
59
60rm -rf zlib/
61
62
63%build
64autoreconf -I m4 -fv --install
65
66F_PIE=-fpie
67export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
68
69%configure \
70  --prefix=%{_prefix} \
71  --sbindir=%{_sbindir} \
72  --libdir=%{_libdir} \
73  --sysconfdir=%{_sysconfdir} \
74  --docdir=%{_datadir}/doc/%{name}-%{version} \
75  --with-iologdir=/var/log/sudo-io \
76  --with-pam \
77  --with-pam-login \
78  --with-logging=syslog \
79  --with-logfac=authpriv \
80  --with-tty-tickets \
81  --with-ignore-dot \
82  --with-editor=/bin/vi \
83  --with-env-editor \
84  --with-ldap \
85  --with-passprompt="[sudo] password for %p: " \
86  --with-secure-path="/sbin:/bin:/usr/sbin:/usr/bin" \
87  --without-interfaces \
88  --without-selinux
89make %{?_smp_mflags}
90
91
92%install
93rm -rf %{buildroot}
94mkdir %{buildroot}
95make install DESTDIR="%{buildroot}" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
96
97chmod 755 %{buildroot}%{_bindir}/* %{buildroot}%{_sbindir}/*
98install -p -d -m 700 %{buildroot}/var/run/sudo
99install -p -d -m 700 %{buildroot}/var/db/sudo/lectured
100install -p -d -m 700 %{buildroot}/var/log/sudo-io
101install -p -d -m 750 %{buildroot}/etc/sudoers.d
102install -p -c -m 0440 %{SOURCE1} %{buildroot}/etc/sudoers
103
104chmod +x %{buildroot}%{_libexecdir}/sudo/*.so # for stripping, reset in %%files
105
106mv -f %{buildroot}%{_docdir}/sudo-%{version} docdir
107mv -f %{buildroot}%{_sysconfdir}/sudoers.dist docdir/
108rm -f docdir/LICENSE
109
110#Remove all .la files
111find %{buildroot} -name '*.la' -exec rm -f {} ';'
112
113%find_lang sudo
114%find_lang sudoers
115
116cat sudo.lang sudoers.lang > sudo_all.lang
117rm sudo.lang sudoers.lang
118
119mkdir -p %{buildroot}/etc/pam.d
120cat > %{buildroot}/etc/pam.d/sudo << EOF
121#%PAM-1.0
122auth       include      system-auth
123account    include      system-auth
124password   include      system-auth
125session    optional     pam_keyinit.so revoke
126session    required     pam_limits.so
127session    include      system-auth
128EOF
129
130cat > %{buildroot}/etc/pam.d/sudo-i << EOF
131#%PAM-1.0
132auth       include      sudo
133account    include      sudo
134password   include      sudo
135session    optional     pam_keyinit.so force revoke
136session    include      sudo
137EOF
138
139
140%clean
141rm -rf %{buildroot}
142
143
144%post
145/bin/chmod 0440 /etc/sudoers || :
146
147
148%files -f sudo_all.lang
149%defattr(-,root,root)
150%license doc/LICENSE
151%doc docdir/*
152%doc plugins/sample/sample_plugin.c
153%attr(0640,root,root) %config(noreplace) /etc/sudo.conf
154%attr(0440,root,root) %config(noreplace) /etc/sudoers
155%attr(0750,root,root) %dir /etc/sudoers.d/
156%config(noreplace) /etc/pam.d/sudo
157%config(noreplace) /etc/pam.d/sudo-i
158%dir /var/run/sudo
159%dir /var/db/sudo
160%dir /var/db/sudo/lectured
161%attr(0750,root,root) %dir /var/log/sudo-io
162%{_bindir}/cvtsudoers
163%attr(4111,root,root) %{_bindir}/sudo
164%{_bindir}/sudoedit
165%attr(0111,root,root) %{_bindir}/sudoreplay
166%attr(0755,root,root) %{_sbindir}/visudo
167%dir %{_libexecdir}/sudo
168%attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so
169%attr(0644,root,root) %{_libexecdir}/sudo/sudo_noexec.so
170%attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
171%attr(0644,root,root) %{_libexecdir}/sudo/group_file.so
172%attr(0644,root,root) %{_libexecdir}/sudo/sample_approval.so
173%attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
174%attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
175%{_libexecdir}/sudo/libsudo_util.so.?
176%{_libexecdir}/sudo/libsudo_util.so
177%{_mandir}/man1/cvtsudoers.1*
178%{_mandir}/man5/sudoers*.5*
179%{_mandir}/man5/sudo.conf.5*
180%{_mandir}/man8/sudo.8*
181%{_mandir}/man8/sudoedit.8*
182%{_mandir}/man8/sudoreplay.8*
183%{_mandir}/man8/visudo.8*
184# should be splitted to -devel?
185%{_includedir}/sudo_plugin.h
186%{_mandir}/man8/sudo_plugin.8*
187
188%files logsrvd
189%attr(0640,root,root) %config(noreplace) /etc/sudo_logsrvd.conf
190%attr(0755,root,root) %{_sbindir}/sudo_logsrvd
191%attr(0755,root,root) %{_sbindir}/sudo_sendlog
192%{_mandir}/man5/sudo_logsrv.proto.5.gz
193%{_mandir}/man5/sudo_logsrvd.conf.5.gz
194%{_mandir}/man8/sudo_logsrvd.8.gz
195%{_mandir}/man8/sudo_sendlog.8.gz
196
197
198%changelog
199* Sat Jan 30 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.9.5p2-1
200- updated to 1.9.5p2.
201
202* Fri Jan 15 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.9.5p1-1
203- updated to 1.9.5p1.
204
205* Tue Feb 11 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.31-1
206- updated to 1.8.31.
207
208* Wed Jan 08 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.30-1
209- updated to 1.8.30.
210
211* Tue Oct 15 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.28-1
212- updated to 1.8.28.
213- dropped Patch2.
214
215* Sat Jul 23 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.17p1-1
216- updated to 1.8.17p1.
217- added Patch2.
218- dropped Patch4.
219
220* Mon Feb  3 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.8.6p8-1
221- update to 1.8.6p8
222
223* Mon Mar 04 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.8.6p7-3
224- fix permission of sudoreplay
225
226* Mon Mar 04 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.8.6p7-2
227- add /var/log/sudo-io
228- add some comments to default sudoers
229
230* Mon Mar 04 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.8.6p7-1
231- update to 1.8.6p7
232- drop unneeded patches.
233
234* Sat May 19 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-5
235- add patch120 for fix CVE-2012-2337 (netmask match)
236
237* Fri Jun 03 2011 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.2p7-4
238- update sudoers
239  - enable "%wheel ALL=(ALL) ALL" by default.
240
241* Thu Feb 10 2011 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-3
242- add patch110,111 for fix CVE-2011-0010 ("-g" option)
243
244* Wed Sep  8 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-2
245- add Patch100 for fix CVE-2010-2956 (sudo Runas)
246- add _smp_mflags flag into make section
247- fix doc filelist (no longer exist BUGS, CHANGSE)
248
249* Sun Jun 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-1
250- new upstream release with security fix (CVE-2010-1646)
251- change specfile name (-vl)
252
253* Sun Apr 25 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p6-1
254- new upstream release with security fix (CVE-2010-1163)
255- add sudoers.ldap.5 into files section
256
257* Wed Feb 24 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p4-1
258- new upstream release with security fix (CVE-2010-0426)
259- update Patch3
260
261* Wed Jul 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.2-1
262- new upstream release
263
264* Wed Jun 17 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.1-1
265- new upstream release
266- update patches
267- disable "Defaults requiretty"
268
269* Fri Feb 13 2009 NAKAMURA Kenta <kenta@vinelinux.org> 1.6.9p20-2
270- rebuilt with openldap-2.4.11
271
272* Thu Feb 12 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.9p20-1
273- new upstream release with security fix (CVE 2009-0034)
274
275* Sat Aug 16 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.9p17-1
276- new upstream release
277- merge some changes from fedoraproject
278  - include [sudo] in password prompt
279  - compiled with secure path
280  - also use getgrouplist() to determine group membership
281  - add sudoers file
282    - add command aliases, default environment config
283- build with openldap
284
285* Fri Aug 15 2008 Shu KONNO <owa@bg.wakwak.com> 1.6.8p12-1vl5
286- applied new versioning policy, spec in utf-8
287
288* Fri May 19 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p12-0vl2
289- change PAM configuration to use system-auth
290- add --with-ignore-dot, --with-editor and --with-env-editor to
291  configure option.
292
293* Mon Jan 23 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.8p12-0vl1
294- new upstream release (included security fix)
295- add patch1 for fix CVE-2006-0151
296
297* Mon May 09 2005 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p8-0vl1
298- new upstream release
299- use macros
300- build with pam
301
302* Wed Jan 19 2005 IWAI, Masaharu <iwai@alib.jp> 1.6.8p6-0vl1
303- new upstream release
304
305* Sun Oct 10 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8p1-0vl1
306- SECURITY FIX: new upstream release
307- update rpmnonroot.patch ( Patch0 )
308- add new man page: sudoedit(8)
309
310* Wed Sep  1 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8-0vl1
311- new upstream release
312- update rpmnonroot.patch ( Patch0 )
313- change Copyrigh tag to License tag
314- update License
315- update URL and Source0: official web site moved.
316- new files: %%{_bindir}/sudoedit and %%{_libexecdir}/sudo_noexec.*
317
318* Mon Apr 14 2003 IWAI Masaharu <iwai@alib.jp> 1.6.7p3-0vl1
319- upstream release
320
321* Wed May 08 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl3
322- fixed changelog
323        -- don't expand macros in changelog ;P
324               
325* Wed May 01 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl2
326- changed to use configure in build section
327        (can't build on sparc)
328
329* Fri Apr 26 2002 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.6-0vl1
330- upstream release
331- fix security hole : buffer over flow
332
333* Thu Jan 24 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p2-0vl1
334- upstream release
335- updated sudo.rpmnonroot.diff
336
337* Fri Jan 18 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p1-0vl1
338- upstream release
339- added configure script option '--disable-root-mailer'
340
341* Tue Jan 15 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4p1-0vl1
342- upstream release
343- eliminated FAQ from %doc
344
345* Mon Jan 14 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4-0vl1
346- upstream release
347- added noreplace flag (%{_sysconfdir}/sudoers file is not replaced)
348- updated sudo.rpmnonroot.diff
349
350* Wed May 09 2001 <sagami@vinelinux.org>
351- 1.6.3p7-0vl2: follow up 1.6.2p6-0.6vl1
352
353* Fri Mar 02 2001 sagami@vinelinux.org
354- 1.6.3p7-0vl1
355- use better macros
356
357* Thu Mar 1 2001 Kunio Murasawa <murasawa@marineroad.com>
358- 1.6.3p6-0vl1
359- changed sudo.rpmnonroot.diff for 1.6.3p6
360
361* Tue Sep 19 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
362- 1.6.1-2vl5
363- patch -p1 -> patch -p0
364
365* Mon Sep 18 2000 MATSUMOTO Shoji <shom@vinelinux.org>
366- 1.6.1-2vl4
367- fix uid/gid to root.root
368- add sudo.rpmnonroot.diff to built by non-root users
369
370* Tue Sep 12 2000 Jun Nishii <jun@vinelinux.org>
371- 1.6.1-2vl3
372- fix attr
373
374* Sun Sep 10 2000 Jun Nishii <jun@vinelinux.org>
375- 1.6.1-2vl2
376- enable to build by non-root useres
377
378* Fri Sep 08 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
379- 1.6.1-2vl1
380- modified %files section to handle compressed man page(s)
381
382* Fri Jan  7 2000 Jun Nishii <jun@vinelinux.org>
383- change group
384
385* Thu Dec 30 1999 Jun Nishii <jun@vinelinux.org>
386- version 1.6.1
387- build for Vine Linux 2.0
388
389* Fri May 14  1999 Takeda Eiji <keda@flatout.org>
390- sudo reads $BuildRoot%{_sysconfdir}/sudoers. Make change to read /etc/sudoers.
391
392* Wed Apr 21 1999 Hiroto Watanabe <watanabe@cij.co.jp>
393- Initial Release
394
Note: See TracBrowser for help on using the repository browser.