صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
vinelinux
/
specs
2
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 1b0e5e8955
شاخه‌ها تگ‌ها
specs
/
s
/
sudo
/
sudo-vl.spec

sudo-vl.spec 8.6 KB
تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285 
  1. Summary: Allows command execution as root for specified users
    2. 

  2. Summary(ja): スーパーユーザ権限でのコマンドの実行
    3. 

  3. Name: sudo
    4. 

  4. Version: 1.7.2p7
    5. 

  5. Release: 3%{?_dist_release}
    6. 

  6. License: ISC-style
    7. 

  7. Group: Applications/System
    8. 

  8. URL: http://www.sudo.ws/
    9. 

  9. 

  10. Source0: http://www.sudo.ws/sudo/dist/sudo-%{version}.tar.gz
    11. 

  11. Source1: sudo-sudoers-vine
    12. 

  12. 

  13. Patch1: sudo-1.6.7p5-strip.patch
    14. 

  14. Patch2: sudo-1.7.2-login.patch
    15. 

  15. Patch3: sudo-1.7.2p4-getgrouplist.patch
    16. 

  16. Patch4: sudo-1.7.1-envdebug.patch
    17. 

  17. Patch5: sudo-1.7.1-libtool.patch
    18. 

  18. # security
    19. 

  19. Patch100: sudo-1.7.2p7_CVE-2010-2956.patch
    20. 

  20. Patch110: sudo-1.7.2p7_CVE-2011-0010.patch
    21. 

  21. Patch111: sudo-1.7.2p7_user_in_group.patch
    22. 

  22. 

  23. Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
    24. 

  24. BuildRequires: pam-devel
    25. 

  25. BuildRequires: groff
    26. 

  26. BuildRequires: flex
    27. 

  27. BuildRequires: bison
    28. 

  28. BuildRequires: openldap-devel
    29. 

  29. BuildRequires: automake autoconf libtool
    30. 

  30. BuildRequires: libcap-devel
    31. 

  31. 

  32. Vendor: Project Vine
    33. 

  33. Distribution: Vine Linux
    34. 

  34. 

  35. %description
    36. 

  36. Sudo (superuser do) allows a system administrator to give certain users 
    37. 

  37. (or groups of users) the ability to run some (or all) commands as root while 
    38. 

  38. logging all commands and arguments. Sudo operates on a per-command basis, 
    39. 

  39. it is not a replacement for the shell. 
    40. 

  40. 

  41. %description -l ja
    42. 

  42. sudo は、特定のユーザや特定のグループに所属するユーザが、スーパーユーザ権限で
    43. 

  43. いくつかのコマンド操作を行うことを許可するためのプログラムです。
    44. 

  44. 

  45. %prep
    46. 

  46. %setup -q
    47. 

  47. %patch1 -p1 -b .strip
    48. 

  48. %patch2 -p1 -b .login
    49. 

  49. %patch3 -p1 -b .getgrouplist
    50. 

  50. %patch4 -p1 -b .envdebug
    51. 

  51. %patch5 -p1 -b .libtool
    52. 

  52. 

  53. %patch100 -p1 -b .CVE-2010-2956
    54. 

  54. %patch110 -p1 -b .CVE-2011-0010
    55. 

  55. %patch111 -p1 -b .user_in_group
    56. 

  56. 

  57. libtoolize --force && rm acsite.m4 && mv aclocal.m4 acinclude.m4 && autoreconf
    58. 

  58. 

  59. %build
    60. 

  60. %configure \
    61. 

  61.   --prefix=%{_prefix} \
    62. 

  62.   --sbindir=%{_sbindir} \
    63. 

  63.   --libdir=%{_libdir} \
    64. 

  64.   --sysconfdir=%{_sysconfdir} \
    65. 

  65.   --with-pam \
    66. 

  66.   --with-pam-login \
    67. 

  67.   --with-logging=syslog \
    68. 

  68.   --with-logfac=authpriv \
    69. 

  69.   --with-tty-tickets \
    70. 

  70.   --with-ignore-dot \
    71. 

  71.   --with-editor=/bin/vi \
    72. 

  72.   --with-env-editor \
    73. 

  73.   --with-ldap \
    74. 

  74.   --with-passprompt="[sudo] password for %p: " \
    75. 

  75.   --with-secure-path="/sbin:/bin:/usr/sbin:/usr/bin" \
    76. 

  76.   --without-interfaces
    77. 

  77. make %{?_smp_mflags}
    78. 

  78. 

  79. %install
    80. 

  80. rm -rf $RPM_BUILD_ROOT
    81. 

  81. mkdir $RPM_BUILD_ROOT
    82. 

  82. make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
    83. 

  83. chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/* 
    84. 

  84. install -p -d -m 700 $RPM_BUILD_ROOT/var/run/sudo
    85. 

  85. install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers
    86. 

  86. 

  87. mkdir -p $RPM_BUILD_ROOT/etc/pam.d
    88. 

  88. cat > $RPM_BUILD_ROOT/etc/pam.d/sudo << EOF
    89. 

  89. #%PAM-1.0
    90. 

  90. auth       include      system-auth
    91. 

  91. account    include      system-auth
    92. 

  92. password   include      system-auth
    93. 

  93. session    optional     pam_keyinit.so revoke
    94. 

  94. session    required     pam_limits.so
    95. 

  95. EOF
    96. 

  96. 

  97. cat > $RPM_BUILD_ROOT/etc/pam.d/sudo-i << EOF
    98. 

  98. #%PAM-1.0
    99. 

  99. auth       include      sudo
    100. 

  100. account    include      sudo
    101. 

  101. password   include      sudo
    102. 

  102. session    optional     pam_keyinit.so force revoke
    103. 

  103. session    required     pam_limits.so
    104. 

  104. EOF
    105. 

  105. 

  106. 

  107. %clean 
    108. 

  108. rm -rf $RPM_BUILD_ROOT
    109. 

  109. 

  110. %files
    111. 

  111. %defattr(-,root,root)
    112. 

  112. %doc HISTORY LICENSE README* TROUBLESHOOTING UPGRADE
    113. 

  113. %doc ChangeLog
    114. 

  114. %doc *.pod schema.* sudoers2ldif sample.*
    115. 

  115. %attr(0440,root,root) %config(noreplace) /etc/sudoers
    116. 

  116. %config(noreplace) /etc/pam.d/sudo
    117. 

  117. %config(noreplace) /etc/pam.d/sudo-i
    118. 

  118. %dir /var/run/sudo
    119. 

  119. %attr(4111,root,root) %{_bindir}/sudo
    120. 

  120. %attr(4111,root,root) %{_bindir}/sudoedit
    121. 

  121. %attr(0755,root,root) %{_sbindir}/visudo
    122. 

  122. %{_libexecdir}/sudo_noexec.*
    123. 

  123. %{_mandir}/man5/sudoers*.5*
    124. 

  124. %{_mandir}/man8/sudo.8*
    125. 

  125. %{_mandir}/man8/sudoedit.8*
    126. 

  126. %{_mandir}/man8/visudo.8*
    127. 

  127. 

  128. %post
    129. 

  129. /bin/chmod 0440 /etc/sudoers || :
    130. 

  130. 

  131. %changelog
    132. 

  132. * Thu Feb 10 2011 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-3
    133. 

  133. - add patch110,111 for fix CVE-2011-0010 ("-g" option)
    134. 

  134. 

  135. * Wed Sep  8 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-2
    136. 

  136. - add Patch100 for fix CVE-2010-2956 (sudo Runas)
    137. 

  137. - add _smp_mflags flag into make section
    138. 

  138. - fix doc filelist (no longer exist BUGS, CHANGSE)
    139. 

  139. 

  140. * Sun Jun 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-1
    141. 

  141. - new upstream release with security fix (CVE-2010-1646) 
    142. 

  142. - change specfile name (-vl)
    143. 

  143. 

  144. * Sun Apr 25 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p6-1
    145. 

  145. - new upstream release with security fix (CVE-2010-1163)
    146. 

  146. - add sudoers.ldap.5 into files section
    147. 

  147. 

  148. * Wed Feb 24 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p4-1
    149. 

  149. - new upstream release with security fix (CVE-2010-0426)
    150. 

  150. - update Patch3
    151. 

  151. 

  152. * Wed Jul 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.2-1
    153. 

  153. - new upstream release
    154. 

  154. 

  155. * Wed Jun 17 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.7.1-1
    156. 

  156. - new upstream release
    157. 

  157. - update patches
    158. 

  158. - disable "Defaults requiretty"
    159. 

  159. 

  160. * Fri Feb 13 2009 NAKAMURA Kenta <kenta@vinelinux.org> 1.6.9p20-2
    161. 

  161. - rebuilt with openldap-2.4.11
    162. 

  162. 

  163. * Thu Feb 12 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.9p20-1
    164. 

  164. - new upstream release with security fix (CVE 2009-0034)
    165. 

  165. 

  166. * Sat Aug 16 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.9p17-1
    167. 

  167. - new upstream release
    168. 

  168. - merge some changes from fedoraproject
    169. 

  169.   - include [sudo] in password prompt
    170. 

  170.   - compiled with secure path
    171. 

  171.   - also use getgrouplist() to determine group membership
    172. 

  172.   - add sudoers file
    173. 

  173.     - add command aliases, default environment config
    174. 

  174. - build with openldap
    175. 

  175. 

  176. * Fri Aug 15 2008 Shu KONNO <owa@bg.wakwak.com> 1.6.8p12-1vl5
    177. 

  177. - applied new versioning policy, spec in utf-8
    178. 

  178. 

  179. * Fri May 19 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p12-0vl2
    180. 

  180. - change PAM configuration to use system-auth
    181. 

  181. - add --with-ignore-dot, --with-editor and --with-env-editor to
    182. 

  182.   configure option.
    183. 

  183. 

  184. * Mon Jan 23 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.6.8p12-0vl1
    185. 

  185. - new upstream release (included security fix)
    186. 

  186. - add patch1 for fix CVE-2006-0151
    187. 

  187. 

  188. * Mon May 09 2005 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.8p8-0vl1
    189. 

  189. - new upstream release
    190. 

  190. - use macros
    191. 

  191. - build with pam
    192. 

  192. 

  193. * Wed Jan 19 2005 IWAI, Masaharu <iwai@alib.jp> 1.6.8p6-0vl1
    194. 

  194. - new upstream release
    195. 

  195. 

  196. * Sun Oct 10 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8p1-0vl1
    197. 

  197. - SECURITY FIX: new upstream release
    198. 

  198. - update rpmnonroot.patch ( Patch0 )
    199. 

  199. - add new man page: sudoedit(8)
    200. 

  200. 

  201. * Wed Sep  1 2004 IWAI, Masaharu <iwai@alib.jp> 1.6.8-0vl1
    202. 

  202. - new upstream release
    203. 

  203. - update rpmnonroot.patch ( Patch0 )
    204. 

  204. - change Copyrigh tag to License tag
    205. 

  205. - update License
    206. 

  206. - update URL and Source0: official web site moved.
    207. 

  207. - new files: %%{_bindir}/sudoedit and %%{_libexecdir}/sudo_noexec.*
    208. 

  208. 

  209. * Mon Apr 14 2003 IWAI Masaharu <iwai@alib.jp> 1.6.7p3-0vl1
    210. 

  210. - upstream release
    211. 

  211. 

  212. * Wed May 08 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl3
    213. 

  213. - fixed changelog
    214. 

  214.         -- don't expand macros in changelog ;P
    215. 

  215. 		
    216. 

  216. * Wed May 01 2002 Satoshi MACHINO <machino@vinelinux.org> 1.6.6-0vl2
    217. 

  217. - changed to use configure in build section
    218. 

  218.         (can't build on sparc)
    219. 

  219. 

  220. * Fri Apr 26 2002 Daisuke SUZUKI <daisuke@linux.or.jp> 1.6.6-0vl1
    221. 

  221. - upstream release
    222. 

  222. - fix security hole : buffer over flow
    223. 

  223. 

  224. * Thu Jan 24 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p2-0vl1
    225. 

  225. - upstream release
    226. 

  226. - updated sudo.rpmnonroot.diff
    227. 

  227. 

  228. * Fri Jan 18 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.5p1-0vl1
    229. 

  229. - upstream release
    230. 

  230. - added configure script option '--disable-root-mailer'
    231. 

  231. 

  232. * Tue Jan 15 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4p1-0vl1
    233. 

  233. - upstream release
    234. 

  234. - eliminated FAQ from %doc
    235. 

  235. 

  236. * Mon Jan 14 2002 IWAI Masaharu <iwaim@cc.mbn.or.jp> 1.6.4-0vl1
    237. 

  237. - upstream release
    238. 

  238. - added noreplace flag (%{_sysconfdir}/sudoers file is not replaced)
    239. 

  239. - updated sudo.rpmnonroot.diff
    240. 

  240. 

  241. * Wed May 09 2001 <sagami@vinelinux.org>
    242. 

  242. - 1.6.3p7-0vl2: follow up 1.6.2p6-0.6vl1
    243. 

  243. 

  244. * Fri Mar 02 2001 sagami@vinelinux.org
    245. 

  245. - 1.6.3p7-0vl1
    246. 

  246. - use better macros
    247. 

  247. 

  248. * Tue Mar 1 2001 Kunio Murasawa <murasawa@marineroad.com>
    249. 

  249. - 1.6.3p6-0vl1
    250. 

  250. - changed sudo.rpmnonroot.diff for 1.6.3p6
    251. 

  251. 

  252. * Tue Sep 19 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
    253. 

  253. - 1.6.1-2vl5
    254. 

  254. - patch -p1 -> patch -p0
    255. 

  255. 

  256. * Mon Sep 18 2000 MATSUMOTO Shoji <shom@vinelinux.org>
    257. 

  257. - 1.6.1-2vl4
    258. 

  258. - fix uid/gid to root.root
    259. 

  259. - add sudo.rpmnonroot.diff to built by non-root users
    260. 

  260. 

  261. * Tue Sep 12 2000 Jun Nishii <jun@vinelinux.org>
    262. 

  262. - 1.6.1-2vl3
    263. 

  263. - fix attr
    264. 

  264. 

  265. * Sun Sep 10 2000 Jun Nishii <jun@vinelinux.org>
    266. 

  266. - 1.6.1-2vl2
    267. 

  267. - enable to build by non-root useres
    268. 

  268. 

  269. * Fri Sep 08 2000 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
    270. 

  270. - 1.6.1-2vl1
    271. 

  271. - modified %files section to handle compressed man page(s)
    272. 

  272. 

  273. * Fri Jan  7 2000 Jun Nishii <jun@vinelinux.org>
    274. 

  274. - change group
    275. 

  275. 

  276. * Thu Dec 30 1999 Jun Nishii <jun@vinelinux.org>
    277. 

  277. - version 1.6.1
    278. 

  278. - build for Vine Linux 2.0
    279. 

  279. 

  280. * Fri May 14  1999 Takeda Eiji <keda@flatout.org>
    281. 

  281. - sudo reads $BuildRoot%{_sysconfdir}/sudoers. Make change to read /etc/sudoers.
    282. 

  282. 

  283. * Wed Apr 21 1999 Hiroto Watanabe <watanabe@cij.co.jp>
    284. 

  284. - Initial Release
    285. 

  285.