| 1 |
# use fakeroot -ba sudo.spec to build! |
| 2 |
|
| 3 |
Name: sudo |
| 4 |
Version: 1.8.3p2 |
| 5 |
Release: %mkrel 1 |
| 6 |
Epoch: 1 |
| 7 |
Summary: Allows command execution as root for specified users |
| 8 |
License: GPLv2+ |
| 9 |
Group: System/Base |
| 10 |
URL: http://www.sudo.ws/sudo |
| 11 |
Source0: http://www.sudo.ws/sudo/dist/%name-%version%{?pre}.tar.gz |
| 12 |
Source1: http://www.sudo.ws/sudo/dist/%name-%version%{?pre}.tar.gz.sig |
| 13 |
Source2: sudo.pamd |
| 14 |
Source3: sudo-1.7.2p2-sudoers |
| 15 |
Patch1: sudo-1.6.7p5-strip.patch |
| 16 |
Patch2: sudo-1.7.2p1-envdebug.patch |
| 17 |
Patch3: sudo-1.7.4p3-m4path.patch |
| 18 |
# http://www.sudo.ws/repos/sudo/rev/172f29597bd2 |
| 19 |
# These two patches removed at version 1.8.2 :- |
| 20 |
# Patch4: sudo-1.8.0-fix-n-option.patch |
| 21 |
# Patch5: sudo_1.8.1_noexec.patch |
| 22 |
BuildRequires: audit-devel |
| 23 |
BuildRequires: bison |
| 24 |
BuildRequires: groff-for-man |
| 25 |
BuildRequires: libcap-devel |
| 26 |
BuildRequires: openldap-devel |
| 27 |
BuildRequires: pam-devel |
| 28 |
Requires(pre): openldap |
| 29 |
|
| 30 |
%description |
| 31 |
Sudo is a program designed to allow a sysadmin to give limited root |
| 32 |
privileges to users and log root activity. The basic philosophy is |
| 33 |
to give as few privileges as possible but still allow people to get |
| 34 |
their work done. |
| 35 |
|
| 36 |
%package devel |
| 37 |
Summary: Development files for sudo plugins |
| 38 |
Group: Development/C |
| 39 |
Requires: %{name} = %{EVRD} |
| 40 |
|
| 41 |
%description devel |
| 42 |
Development files for compiling sudo plugins. |
| 43 |
|
| 44 |
%prep |
| 45 |
%setup -q -n %{name}-%{version}%{?pre} |
| 46 |
%patch1 -p1 -b .strip |
| 47 |
%patch2 -p1 -b .envdebug |
| 48 |
%patch3 -p1 -b .m4path |
| 49 |
|
| 50 |
%build |
| 51 |
# handle newer autoconf |
| 52 |
rm -f acsite.m4 |
| 53 |
mv aclocal.m4 acinclude.m4 |
| 54 |
autoreconf -fv --install |
| 55 |
|
| 56 |
%serverbuild |
| 57 |
export CFLAGS="%{optflags} -D_GNU_SOURCE" |
| 58 |
|
| 59 |
%configure2_5x \ |
| 60 |
--without-rpath \ |
| 61 |
--with-logging=both \ |
| 62 |
--with-logfac=authpriv \ |
| 63 |
--with-logpath=%{_logdir}/sudo.log \ |
| 64 |
--with-editor=/bin/vi \ |
| 65 |
--enable-log-host \ |
| 66 |
--with-pam \ |
| 67 |
--with-pam-login \ |
| 68 |
--with-env-editor \ |
| 69 |
--with-noexec=no \ |
| 70 |
--with-linux-audit \ |
| 71 |
--with-ignore-dot \ |
| 72 |
--with-tty-tickets \ |
| 73 |
--with-ldap \ |
| 74 |
--with-ldap-conf-file=%{_sysconfdir}/ldap.conf \ |
| 75 |
--with-secure-path="/sbin:%{_sbindir}:/bin:%{_bindir}:/usr/local/bin:/usr/local/sbin" \ |
| 76 |
--with-passprompt="[sudo] password for %p: " |
| 77 |
|
| 78 |
%make |
| 79 |
|
| 80 |
%install |
| 81 |
rm -rf %{buildroot} |
| 82 |
|
| 83 |
install -d %{buildroot}/usr |
| 84 |
install -d %{buildroot}%{_sysconfdir}/logrotate.d |
| 85 |
install -d %{buildroot}%{_sysconfdir}/sudoers.d |
| 86 |
install -d %{buildroot}%{_sysconfdir}/pam.d |
| 87 |
install -d %{buildroot}%{_var}/db/sudo |
| 88 |
install -d %{buildroot}%{_logdir}/sudo |
| 89 |
install -d %{buildroot}%{_logdir}/sudo-io |
| 90 |
|
| 91 |
%makeinstall_std install_uid=$UID install_gid=$(id -g) sudoers=uid=$UID sudoers_gid=$(id -g) |
| 92 |
|
| 93 |
install -m0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/sudo |
| 94 |
install -m0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sudoers |
| 95 |
install -m0755 plugins/sudoers/sudoers2ldif %{buildroot}%{_bindir} |
| 96 |
|
| 97 |
# Installing logrotated file |
| 98 |
cat <<END >%{buildroot}%{_sysconfdir}/logrotate.d/sudo |
| 99 |
%{_logdir}/sudo.log { |
| 100 |
missingok |
| 101 |
monthly |
| 102 |
compress |
| 103 |
} |
| 104 |
END |
| 105 |
|
| 106 |
cat > %{buildroot}%{_sysconfdir}/pam.d/sudo << EOF |
| 107 |
#%PAM-1.0 |
| 108 |
auth include system-auth |
| 109 |
account include system-auth |
| 110 |
password include system-auth |
| 111 |
session optional pam_keyinit.so revoke |
| 112 |
session required pam_limits.so |
| 113 |
EOF |
| 114 |
|
| 115 |
cat > %{buildroot}%{_sysconfdir}/pam.d/sudo-i << EOF |
| 116 |
#%PAM-1.0 |
| 117 |
auth include sudo |
| 118 |
account include sudo |
| 119 |
password include sudo |
| 120 |
session optional pam_keyinit.so force revoke |
| 121 |
session required pam_limits.so |
| 122 |
EOF |
| 123 |
|
| 124 |
# so that strip can touch it... |
| 125 |
chmod 755 %{buildroot}%{_bindir}/* |
| 126 |
chmod 755 %{buildroot}%{_sbindir}/* |
| 127 |
|
| 128 |
# (tpg) create the missing log file |
| 129 |
touch %{buildroot}%{_logdir}/sudo.log |
| 130 |
|
| 131 |
%check |
| 132 |
make check |
| 133 |
|
| 134 |
%post |
| 135 |
/bin/chmod 0440 %{_sysconfdir}/sudoers || : |
| 136 |
%create_ghostfile %{_logdir}/sudo.log root root 600 |
| 137 |
|
| 138 |
%files |
| 139 |
%doc doc/HISTORY README README.LDAP |
| 140 |
%doc doc/TROUBLESHOOTING doc/UPGRADE doc/sample.sudoers |
| 141 |
%attr(0440,root,root) %config(noreplace) %{_sysconfdir}/sudoers |
| 142 |
%attr(0750,root,root) %dir %{_sysconfdir}/sudoers.d/ |
| 143 |
%config(noreplace) %{_sysconfdir}/logrotate.d/sudo |
| 144 |
%config(noreplace) %{_sysconfdir}/pam.d/sudo |
| 145 |
%config(noreplace) %{_sysconfdir}/pam.d/sudo-i |
| 146 |
%attr(0755,root,root) %{_bindir}/sudoers2ldif |
| 147 |
%attr(4111,root,root) %{_bindir}/sudo |
| 148 |
%attr(4111,root,root) %{_bindir}/sudoedit |
| 149 |
%attr(0111,root,root) %{_bindir}/sudoreplay |
| 150 |
%attr(0755,root,root) %{_sbindir}/visudo |
| 151 |
%ghost %{_logdir}/sudo.log |
| 152 |
%{_mandir}/*/* |
| 153 |
%attr(0700,root,root) %dir %{_var}/db/sudo |
| 154 |
%attr(0750,root,root) %dir %{_logdir}/sudo-io |
| 155 |
%{_libdir}/sudoers.so |
| 156 |
%{_datadir}/locale/*/LC_MESSAGES/* |
| 157 |
|
| 158 |
%files devel |
| 159 |
%{_includedir}/sudo_plugin.h |
Parent Directory
| 
Revision Log