Главная Обзор Помощь
Регистрация Вход
vinelinux
/
specs
2
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 9ea603b10b
Ветки Метки
specs
/
s
/
sudo
/
sudo-vl.spec

sudo-vl.spec 8.3 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279 
  1. Summary: Allows command execution as root for specified users
    2. 

  2. Summary(ja): スーパーユーザ権限でのコマンドの実行
    3. 

  3. Name: sudo
    4. 

  4. Version: 1.7.2p7
    5. 

  5. Release: 2%{?_dist_release}
    6. 

  6. License: ISC-style
    7. 

  7. Group: Applications/System
    8. 

  8. URL: http://www.sudo.ws/
    9. 

  9. 

  10. Source0: http://www.sudo.ws/sudo/dist/sudo-%{version}.tar.gz
    11. 

  11. Source1: sudo-sudoers-vine
    12. 

  12. 

  13. Patch1: sudo-1.6.7p5-strip.patch
    14. 

  14. Patch2: sudo-1.7.2-login.patch
    15. 

  15. Patch3: sudo-1.7.2p4-getgrouplist.patch
    16. 

  16. Patch4: sudo-1.7.1-envdebug.patch
    17. 

  17. Patch5: sudo-1.7.1-libtool.patch
    18. 

  18. # security
    19. 

  19. Patch100: sudo-1.7.2p7_CVE-2010-2956.patch
    20. 

  20. 

  21. 

  22. Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
    23. 

  23. BuildRequires: pam-devel
    24. 

  24. BuildRequires: groff
    25. 

  25. BuildRequires: flex
    26. 

  26. BuildRequires: bison
    27. 

  27. BuildRequires: openldap-devel
    28. 

  28. BuildRequires: automake autoconf libtool
    29. 

  29. BuildRequires: libcap-devel
    30. 

  30. 

  31. Vendor: Project Vine
    32. 

  32. Distribution: Vine Linux
    33. 

  33. 

  34. %description
    35. 

  35. Sudo (superuser do) allows a system administrator to give certain users 
    36. 

  36. (or groups of users) the ability to run some (or all) commands as root while 
    37. 

  37. logging all commands and arguments. Sudo operates on a per-command basis, 
    38. 

  38. it is not a replacement for the shell. 
    39. 

  39. 

  40. %description -l ja
    41. 

  41. sudo は、特定のユーザや特定のグループに所属するユーザが、スーパーユーザ権限で
    42. 

  42. いくつかのコマンド操作を行うことを許可するためのプログラムです。
    43. 

  43. 

  44. %prep
    45. 

  45. %setup -q
    46. 

  46. %patch1 -p1 -b .strip
    47. 

  47. %patch2 -p1 -b .login
    48. 

  48. %patch3 -p1 -b .getgrouplist
    49. 

  49. %patch4 -p1 -b .envdebug
    50. 

  50. %patch5 -p1 -b .libtool
    51. 

  51. 

  52. %patch100 -p1 -b .CVE-2010-2956
    53. 

  53. 

  54. libtoolize --force && rm acsite.m4 && mv aclocal.m4 acinclude.m4 && autoreconf
    55. 

  55. 

  56. %build
    57. 

  57. %configure \
    58. 

  58.   --prefix=%{_prefix} \
    59. 

  59.   --sbindir=%{_sbindir} \
    60. 

  60.   --libdir=%{_libdir} \
    61. 

  61.   --sysconfdir=%{_sysconfdir} \
    62. 

  62.   --with-pam \
    63. 

  63.   --with-pam-login \
    64. 

  64.   --with-logging=syslog \
    65. 

  65.   --with-logfac=authpriv \
    66. 

  66.   --with-tty-tickets \
    67. 

  67.   --with-ignore-dot \
    68. 

  68.   --with-editor=/bin/vi \
    69. 

  69.   --with-env-editor \
    70. 

  70.   --with-ldap \
    71. 

  71.   --with-passprompt="[sudo] password for %p: " \
    72. 

  72.   --with-secure-path="/sbin:/bin:/usr/sbin:/usr/bin" \
    73. 

  73.   --without-interfaces
    74. 

  74. make %{?_smp_mflags}
    75. 

  75. 

  76. %install
    77. 

  77. rm -rf $RPM_BUILD_ROOT
    78. 

  78. mkdir $RPM_BUILD_ROOT
    79. 

  79. make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
    80. 

  80. chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/* 
    81. 

  81. install -p -d -m 700 $RPM_BUILD_ROOT/var/run/sudo
    82. 

  82. install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers
    83. 

  83. 

  84. mkdir -p $RPM_BUILD_ROOT/etc/pam.d
    85. 

  85. cat > $RPM_BUILD_ROOT/etc/pam.d/sudo << EOF
    86. 

  86. #%PAM-1.0
    87. 

  87. auth       include      system-auth
    88. 

  88. account    include      system-auth
    89. 

  89. password   include      system-auth
    90. 

  90. session    optional     pam_keyinit.so revoke
    91. 

  91. session    required     pam_limits.so
    92. 

  92. EOF
    93. 

  93. 

  94. cat > $RPM_BUILD_ROOT/etc/pam.d/sudo-i << EOF
    95. 

  95. #%PAM-1.0
    96. 

  96. auth       include      sudo
    97. 

  97. account    include      sudo
    98. 

  98. password   include      sudo
    99. 

  99. session    optional     pam_keyinit.so force revoke
    100. 

  100. session    required     pam_limits.so
    101. 

  101. EOF
    102. 

  102. 

  103. 

  104. %clean 
    105. 

  105. rm -rf $RPM_BUILD_ROOT
    106. 

  106. 

  107. %files
    108. 

  108. %defattr(-,root,root)
    109. 

  109. %doc HISTORY LICENSE README* TROUBLESHOOTING UPGRADE
    110. 

  110. %doc ChangeLog
    111. 

  111. %doc *.pod schema.* sudoers2ldif sample.*
    112. 

  112. %attr(0440,root,root) %config(noreplace) /etc/sudoers
    113. 

  113. %config(noreplace) /etc/pam.d/sudo
    114. 

  114. %config(noreplace) /etc/pam.d/sudo-i
    115. 

  115. %dir /var/run/sudo
    116. 

  116. %attr(4111,root,root) %{_bindir}/sudo
    117. 

  117. %attr(4111,root,root) %{_bindir}/sudoedit
    118. 

  118. %attr(0755,root,root) %{_sbindir}/visudo
    119. 

  119. %{_libexecdir}/sudo_noexec.*
    120. 

  120. %{_mandir}/man5/sudoers*.5*
    121. 

  121. %{_mandir}/man8/sudo.8*
    122. 

  122. %{_mandir}/man8/sudoedit.8*
    123. 

  123. %{_mandir}/man8/visudo.8*
    124. 

  124. 

  125. %post
    126. 

  126. /bin/chmod 0440 /etc/sudoers || :
    127. 

  127. 

  128. %changelog
    129. 

  129. * Wed Sep  8 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-2
    130. 

  130. - add Patch100 for fix CVE-2010-2956 (sudo Runas)
    131. 

  131. - add _smp_mflags flag into make section
    132. 

  132. - fix doc filelist (no longer exist BUGS, CHANGSE)
    133. 

  133. 

  134. * Sun Jun 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-1
    135. 

  135. - new upstream release with security fix (CVE-2010-1646) 
    136. 

  136. - change specfile name (-vl)
    137. 

  137. 

  138. * Sun Apr 25 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p6-1
    139. 

  139. - new upstream release with security fix (CVE-2010-1163)
    140. 

  140. - add sudoers.ldap.5 into files section
    141. 

  141. 

  142. * Wed Feb 24 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p4-1
    143. 

  143. - new upstream release with security fix (CVE-2010-0426)
    144. 

  144. - update Patch3
    145. 

  145. 

  146. * Wed Jul 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.2-1
    147. 

  147. - new upstream release
    148. 

  148. 

  149. * Wed Jun 17 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.1-1
    150. 

  150. - new upstream release
    151. 

  151. - update patches
    152. 

  152. - disable "Defaults requiretty"
    153. 

  153. 

  154. * Fri Feb 13 2009 NAKAMURA Kenta <kenta@vinelinux.org> 1.6.9p20-2
    155. 

  155. - rebuilt with openldap-2.4.11
    156. 

  156. 

  157. * Thu Feb 12 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.9p20-1
    158. 

  158. - new upstream release with security fix (CVE 2009-0034)
    159. 

  159. 

  160. * Sat Aug 16 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.9p17-1
    161. 

  161. - new upstream release
    162. 

  162. - merge some changes from fedoraproject
    163. 

  163.   - include [sudo] in password prompt
    164. 

  164.   - compiled with secure path
    165. 

  165.   - also use getgrouplist() to determine group membership
    166. 

  166.   - add sudoers file
    167. 

  167.     - add command aliases, default environment config
    168. 

  168. - build with openldap
    169. 

  169. 

  170. * Fri Aug 15 2008 Shu KONNO <owa@bg.wakwak.com> 1.6.8p12-1vl5
    171. 

  171. - applied new versioning policy, spec in utf-8
    172. 

  172. 

  173. * Fri May 19 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p12-0vl2
    174. 

  174. - change PAM configuration to use system-auth
    175. 

  175. - add --with-ignore-dot, --with-editor and --with-env-editor to
    176. 

  176.   configure option.
    177. 

  177. 

  178. * Mon Jan 23 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.8p12-0vl1
    179. 

  179. - new upstream release (included security fix)
    180. 

  180. - add patch1 for fix CVE-2006-0151
    181. 

  181. 

  182. * Mon May 09 2005 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p8-0vl1
    183. 

  183. - new upstream release
    184. 

  184. - use macros
    185. 

  185. - build with pam
    186. 

  186. 

  187. * Wed Jan 19 2005 IWAI, Masaharu <iwai@alib.jp> 1.6.8p6-0vl1
    188. 

  188. - new upstream release
    189. 

  189. 

  190. * Sun Oct 10 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8p1-0vl1
    191. 

  191. - SECURITY FIX: new upstream release
    192. 

  192. - update rpmnonroot.patch ( Patch0 )
    193. 

  193. - add new man page: sudoedit(8)
    194. 

  194. 

  195. * Wed Sep  1 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8-0vl1
    196. 

  196. - new upstream release
    197. 

  197. - update rpmnonroot.patch ( Patch0 )
    198. 

  198. - change Copyrigh tag to License tag
    199. 

  199. - update License
    200. 

  200. - update URL and Source0: official web site moved.
    201. 

  201. - new files: %%{_bindir}/sudoedit and %%{_libexecdir}/sudo_noexec.*
    202. 

  202. 

  203. * Mon Apr 14 2003 IWAI Masaharu <iwai@alib.jp> 1.6.7p3-0vl1
    204. 

  204. - upstream release
    205. 

  205. 

  206. * Wed May 08 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl3
    207. 

  207. - fixed changelog
    208. 

  208.         -- don't expand macros in changelog ;P
    209. 

  209. 		
    210. 

  210. * Wed May 01 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl2
    211. 

  211. - changed to use configure in build section
    212. 

  212.         (can't build on sparc)
    213. 

  213. 

  214. * Fri Apr 26 2002 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.6-0vl1
    215. 

  215. - upstream release
    216. 

  216. - fix security hole : buffer over flow
    217. 

  217. 

  218. * Thu Jan 24 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p2-0vl1
    219. 

  219. - upstream release
    220. 

  220. - updated sudo.rpmnonroot.diff
    221. 

  221. 

  222. * Fri Jan 18 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p1-0vl1
    223. 

  223. - upstream release
    224. 

  224. - added configure script option '--disable-root-mailer'
    225. 

  225. 

  226. * Tue Jan 15 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4p1-0vl1
    227. 

  227. - upstream release
    228. 

  228. - eliminated FAQ from %doc
    229. 

  229. 

  230. * Mon Jan 14 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4-0vl1
    231. 

  231. - upstream release
    232. 

  232. - added noreplace flag (%{_sysconfdir}/sudoers file is not replaced)
    233. 

  233. - updated sudo.rpmnonroot.diff
    234. 

  234. 

  235. * Wed May 09 2001 <sagami@vinelinux.org>
    236. 

  236. - 1.6.3p7-0vl2: follow up 1.6.2p6-0.6vl1
    237. 

  237. 

  238. * Fri Mar 02 2001 sagami@vinelinux.org
    239. 

  239. - 1.6.3p7-0vl1
    240. 

  240. - use better macros
    241. 

  241. 

  242. * Tue Mar 1 2001 Kunio Murasawa <murasawa@marineroad.com>
    243. 

  243. - 1.6.3p6-0vl1
    244. 

  244. - changed sudo.rpmnonroot.diff for 1.6.3p6
    245. 

  245. 

  246. * Tue Sep 19 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
    247. 

  247. - 1.6.1-2vl5
    248. 

  248. - patch -p1 -> patch -p0
    249. 

  249. 

  250. * Mon Sep 18 2000 MATSUMOTO Shoji <shom@vinelinux.org>
    251. 

  251. - 1.6.1-2vl4
    252. 

  252. - fix uid/gid to root.root
    253. 

  253. - add sudo.rpmnonroot.diff to built by non-root users
    254. 

  254. 

  255. * Tue Sep 12 2000 Jun Nishii <jun@vinelinux.org>
    256. 

  256. - 1.6.1-2vl3
    257. 

  257. - fix attr
    258. 

  258. 

  259. * Sun Sep 10 2000 Jun Nishii <jun@vinelinux.org>
    260. 

  260. - 1.6.1-2vl2
    261. 

  261. - enable to build by non-root useres
    262. 

  262. 

  263. * Fri Sep 08 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
    264. 

  264. - 1.6.1-2vl1
    265. 

  265. - modified %files section to handle compressed man page(s)
    266. 

  266. 

  267. * Fri Jan  7 2000 Jun Nishii <jun@vinelinux.org>
    268. 

  268. - change group
    269. 

  269. 

  270. * Thu Dec 30 1999 Jun Nishii <jun@vinelinux.org>
    271. 

  271. - version 1.6.1
    272. 

  272. - build for Vine Linux 2.0
    273. 

  273. 

  274. * Fri May 14  1999 Takeda Eiji <keda@flatout.org>
    275. 

  275. - sudo reads $BuildRoot%{_sysconfdir}/sudoers. Make change to read /etc/sudoers.
    276. 

  276. 

  277. * Wed Apr 21 1999 Hiroto Watanabe <watanabe@cij.co.jp>
    278. 

  278. - Initial Release
    279. 

  279.