123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357 |
- Summary: Allows command execution as root for specified users
- Summary(ja): スーパーユーザ権限でのコマンドの実行
- Name: sudo
- Version: 1.8.31
- Release: 1%{?_dist_release}
- License: ISC-style
- Group: Applications/System
- URL: http://www.sudo.ws/sudo/
- # master is toooooooooooooooo slow.
- Source0: http://www.sudo.ws/sudo/dist/sudo-%{version}.tar.gz
- #Source0: http://core.ring.gr.jp/archives/misc/sudo/sudo-%{version}.tar.gz
- Source1: sudo-sudoers-vine
- # don't strip
- Patch1: sudo-1.6.7p5-strip.patch
- Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
- BuildRequires: pam-devel
- BuildRequires: groff
- BuildRequires: flex
- BuildRequires: bison
- BuildRequires: openldap-devel
- BuildRequires: automake autoconf libtool
- BuildRequires: libcap-devel
- BuildRequires: zlib-devel
- Vendor: Project Vine
- Distribution: Vine Linux
- %description
- Sudo (superuser do) allows a system administrator to give certain users
- (or groups of users) the ability to run some (or all) commands as root while
- logging all commands and arguments. Sudo operates on a per-command basis,
- it is not a replacement for the shell.
- %description -l ja
- sudo は、特定のユーザや特定のグループに所属するユーザが、スーパーユーザ権限で
- いくつかのコマンド操作を行うことを許可するためのプログラムです。
- %prep
- %setup -q
- %patch1 -p1 -b .strip
- rm -rf zlib/
- %build
- autoreconf -I m4 -fv --install
- F_PIE=-fpie
- export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
- %configure \
- --prefix=%{_prefix} \
- --sbindir=%{_sbindir} \
- --libdir=%{_libdir} \
- --sysconfdir=%{_sysconfdir} \
- --docdir=%{_datadir}/doc/%{name}-%{version} \
- --with-iologdir=/var/log/sudo-io \
- --with-pam \
- --with-pam-login \
- --with-logging=syslog \
- --with-logfac=authpriv \
- --with-tty-tickets \
- --with-ignore-dot \
- --with-editor=/bin/vi \
- --with-env-editor \
- --with-ldap \
- --with-passprompt="[sudo] password for %p: " \
- --with-secure-path="/sbin:/bin:/usr/sbin:/usr/bin" \
- --without-interfaces \
- --without-selinux
- make %{?_smp_mflags}
- %install
- rm -rf %{buildroot}
- mkdir %{buildroot}
- make install DESTDIR="%{buildroot}" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
- chmod 755 %{buildroot}%{_bindir}/* %{buildroot}%{_sbindir}/*
- install -p -d -m 700 %{buildroot}/var/run/sudo
- install -p -d -m 700 %{buildroot}/var/db/sudo/lectured
- install -p -d -m 700 %{buildroot}/var/log/sudo-io
- install -p -d -m 750 %{buildroot}/etc/sudoers.d
- install -p -c -m 0440 %{SOURCE1} %{buildroot}/etc/sudoers
- chmod +x %{buildroot}%{_libexecdir}/sudo/*.so # for stripping, reset in %%files
- mv -f %{buildroot}%{_docdir}/sudo-%{version} docdir
- mv -f %{buildroot}%{_sysconfdir}/sudoers.dist docdir/
- rm -f docdir/LICENSE
- #Remove all .la files
- find %{buildroot} -name '*.la' -exec rm -f {} ';'
- %find_lang sudo
- %find_lang sudoers
- cat sudo.lang sudoers.lang > sudo_all.lang
- rm sudo.lang sudoers.lang
- mkdir -p %{buildroot}/etc/pam.d
- cat > %{buildroot}/etc/pam.d/sudo << EOF
- #%PAM-1.0
- auth include system-auth
- account include system-auth
- password include system-auth
- session optional pam_keyinit.so revoke
- session required pam_limits.so
- session include system-auth
- EOF
- cat > %{buildroot}/etc/pam.d/sudo-i << EOF
- #%PAM-1.0
- auth include sudo
- account include sudo
- password include sudo
- session optional pam_keyinit.so force revoke
- session include sudo
- EOF
- %clean
- rm -rf %{buildroot}
- %files -f sudo_all.lang
- %defattr(-,root,root)
- %license doc/LICENSE
- %doc docdir/*
- %doc plugins/sample/sample_plugin.c
- %attr(0440,root,root) %config(noreplace) /etc/sudoers
- %attr(0750,root,root) %dir /etc/sudoers.d/
- %config(noreplace) /etc/pam.d/sudo
- %config(noreplace) /etc/pam.d/sudo-i
- %dir /var/run/sudo
- %dir /var/db/sudo
- %dir /var/db/sudo/lectured
- %attr(0750,root,root) %dir /var/log/sudo-io
- %{_bindir}/cvtsudoers
- %attr(4111,root,root) %{_bindir}/sudo
- %{_bindir}/sudoedit
- %attr(0111,root,root) %{_bindir}/sudoreplay
- %attr(0755,root,root) %{_sbindir}/visudo
- %dir %{_libexecdir}/sudo
- %attr(0644,root,root) %{_libexecdir}/sudo/sudo_noexec.so
- %attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
- %attr(0644,root,root) %{_libexecdir}/sudo/group_file.so
- %attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
- %attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
- %{_libexecdir}/sudo/libsudo_util.so.?
- %{_libexecdir}/sudo/libsudo_util.so
- %{_mandir}/man1/cvtsudoers.1*
- %{_mandir}/man5/sudoers*.5*
- %{_mandir}/man5/sudo.conf.5*
- %{_mandir}/man8/sudo.8*
- %{_mandir}/man8/sudoedit.8*
- %{_mandir}/man8/sudoreplay.8*
- %{_mandir}/man8/visudo.8*
- # should be splitted to -devel?
- %{_includedir}/sudo_plugin.h
- %{_mandir}/man8/sudo_plugin.8*
- %post
- /bin/chmod 0440 /etc/sudoers || :
- %changelog
- * Tue Feb 11 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.31-1
- - updated to 1.8.31.
- * Wed Jan 08 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.30-1
- - updated to 1.8.30.
- * Tue Oct 15 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.28-1
- - updated to 1.8.28.
- - dropped Patch2.
- * Sat Jul 23 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.17p1-1
- - updated to 1.8.17p1.
- - added Patch2.
- - dropped Patch4.
- * Mon Feb 3 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.8.6p8-1
- - update to 1.8.6p8
- * Mon Mar 04 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.8.6p7-3
- - fix permission of sudoreplay
- * Mon Mar 04 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.8.6p7-2
- - add /var/log/sudo-io
- - add some comments to default sudoers
- * Mon Mar 04 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.8.6p7-1
- - update to 1.8.6p7
- - drop unneeded patches.
- * Sat May 19 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-5
- - add patch120 for fix CVE-2012-2337 (netmask match)
- * Fri Jun 03 2011 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.2p7-4
- - update sudoers
- - enable "%wheel ALL=(ALL) ALL" by default.
- * Thu Feb 10 2011 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-3
- - add patch110,111 for fix CVE-2011-0010 ("-g" option)
- * Wed Sep 8 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-2
- - add Patch100 for fix CVE-2010-2956 (sudo Runas)
- - add _smp_mflags flag into make section
- - fix doc filelist (no longer exist BUGS, CHANGSE)
- * Sun Jun 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-1
- - new upstream release with security fix (CVE-2010-1646)
- - change specfile name (-vl)
- * Sun Apr 25 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p6-1
- - new upstream release with security fix (CVE-2010-1163)
- - add sudoers.ldap.5 into files section
- * Wed Feb 24 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p4-1
- - new upstream release with security fix (CVE-2010-0426)
- - update Patch3
- * Wed Jul 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.2-1
- - new upstream release
- * Wed Jun 17 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.1-1
- - new upstream release
- - update patches
- - disable "Defaults requiretty"
- * Fri Feb 13 2009 NAKAMURA Kenta <kenta@vinelinux.org> 1.6.9p20-2
- - rebuilt with openldap-2.4.11
- * Thu Feb 12 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.9p20-1
- - new upstream release with security fix (CVE 2009-0034)
- * Sat Aug 16 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.9p17-1
- - new upstream release
- - merge some changes from fedoraproject
- - include [sudo] in password prompt
- - compiled with secure path
- - also use getgrouplist() to determine group membership
- - add sudoers file
- - add command aliases, default environment config
- - build with openldap
- * Fri Aug 15 2008 Shu KONNO <owa@bg.wakwak.com> 1.6.8p12-1vl5
- - applied new versioning policy, spec in utf-8
- * Fri May 19 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p12-0vl2
- - change PAM configuration to use system-auth
- - add --with-ignore-dot, --with-editor and --with-env-editor to
- configure option.
- * Mon Jan 23 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.8p12-0vl1
- - new upstream release (included security fix)
- - add patch1 for fix CVE-2006-0151
- * Mon May 09 2005 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p8-0vl1
- - new upstream release
- - use macros
- - build with pam
- * Wed Jan 19 2005 IWAI, Masaharu <iwai@alib.jp> 1.6.8p6-0vl1
- - new upstream release
- * Sun Oct 10 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8p1-0vl1
- - SECURITY FIX: new upstream release
- - update rpmnonroot.patch ( Patch0 )
- - add new man page: sudoedit(8)
- * Wed Sep 1 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8-0vl1
- - new upstream release
- - update rpmnonroot.patch ( Patch0 )
- - change Copyrigh tag to License tag
- - update License
- - update URL and Source0: official web site moved.
- - new files: %%{_bindir}/sudoedit and %%{_libexecdir}/sudo_noexec.*
- * Mon Apr 14 2003 IWAI Masaharu <iwai@alib.jp> 1.6.7p3-0vl1
- - upstream release
- * Wed May 08 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl3
- - fixed changelog
- -- don't expand macros in changelog ;P
-
- * Wed May 01 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl2
- - changed to use configure in build section
- (can't build on sparc)
- * Fri Apr 26 2002 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.6-0vl1
- - upstream release
- - fix security hole : buffer over flow
- * Thu Jan 24 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p2-0vl1
- - upstream release
- - updated sudo.rpmnonroot.diff
- * Fri Jan 18 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p1-0vl1
- - upstream release
- - added configure script option '--disable-root-mailer'
- * Tue Jan 15 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4p1-0vl1
- - upstream release
- - eliminated FAQ from %doc
- * Mon Jan 14 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4-0vl1
- - upstream release
- - added noreplace flag (%{_sysconfdir}/sudoers file is not replaced)
- - updated sudo.rpmnonroot.diff
- * Wed May 09 2001 <sagami@vinelinux.org>
- - 1.6.3p7-0vl2: follow up 1.6.2p6-0.6vl1
- * Fri Mar 02 2001 sagami@vinelinux.org
- - 1.6.3p7-0vl1
- - use better macros
- * Thu Mar 1 2001 Kunio Murasawa <murasawa@marineroad.com>
- - 1.6.3p6-0vl1
- - changed sudo.rpmnonroot.diff for 1.6.3p6
- * Tue Sep 19 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
- - 1.6.1-2vl5
- - patch -p1 -> patch -p0
- * Mon Sep 18 2000 MATSUMOTO Shoji <shom@vinelinux.org>
- - 1.6.1-2vl4
- - fix uid/gid to root.root
- - add sudo.rpmnonroot.diff to built by non-root users
- * Tue Sep 12 2000 Jun Nishii <jun@vinelinux.org>
- - 1.6.1-2vl3
- - fix attr
- * Sun Sep 10 2000 Jun Nishii <jun@vinelinux.org>
- - 1.6.1-2vl2
- - enable to build by non-root useres
- * Fri Sep 08 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
- - 1.6.1-2vl1
- - modified %files section to handle compressed man page(s)
- * Fri Jan 7 2000 Jun Nishii <jun@vinelinux.org>
- - change group
- * Thu Dec 30 1999 Jun Nishii <jun@vinelinux.org>
- - version 1.6.1
- - build for Vine Linux 2.0
- * Fri May 14 1999 Takeda Eiji <keda@flatout.org>
- - sudo reads $BuildRoot%{_sysconfdir}/sudoers. Make change to read /etc/sudoers.
- * Wed Apr 21 1999 Hiroto Watanabe <watanabe@cij.co.jp>
- - Initial Release
|