embedaddon/sudo/sudo.pp - diff

Return to sudo.pp CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo

Diff for /embedaddon/sudo/sudo.pp between versions 1.1.1.2 and 1.1.1.4

version 1.1.1.2, 2012/05/29 12:26:49	version 1.1.1.4, 2013/07/22 10:46:11
Line 12 limited root privileges to users and log root activity	Line 12 limited root privileges to users and log root activity
The basic philosophy is to give as few privileges as possible but \	The basic philosophy is to give as few privileges as possible but \
still allow people to get their work done."	still allow people to get their work done."
vendor="Todd C. Miller"	vendor="Todd C. Miller"
copyright="(c) 1993-1996,1998-2012 Todd C. Miller"	copyright="(c) 1993-1996,1998-2013 Todd C. Miller"
	sudoedit_man=`echo ${pp_destdir}$mandir//sudoedit.\|sed "s:^${pp_destdir}::"`
	sudoedit_man_target=`basename $sudoedit_man \| sed 's/edit//'`

%if [aix]	%if [aix]
# AIX package summary is limited to 40 characters	# AIX package summary is limited to 40 characters
Line 44 still allow people to get their work done."	Line 46 still allow people to get their work done."
pp_rpm_license="BSD"	pp_rpm_license="BSD"
pp_rpm_url="http://www.sudo.ws/"	pp_rpm_url="http://www.sudo.ws/"
pp_rpm_group="Applications/System"	pp_rpm_group="Applications/System"
pp_rpm_packager="Todd.Miller@courtesan.com"	pp_rpm_packager="Todd C. Miller <Todd.Miller@courtesan.com>"
if test -n "$linux_audit"; then	if test -n "$linux_audit"; then
pp_rpm_requires="audit-libs >= $linux_audit"	pp_rpm_requires="audit-libs >= $linux_audit"
fi	fi

pp_deb_maintainer="$pp_rpm_packager"
pp_deb_release="$pp_rpm_release"
pp_deb_version="$pp_rpm_version"
%else	%else
# For all but RPM and Debian we need to install sudoers with a different	# For all but RPM and Debian we need to install sudoers with a different
# name and make a copy of it if there is no existing file.	# name and make a copy of it if there is no existing file.
mv ${pp_destdir}$sudoersdir/sudoers ${pp_destdir}$sudoersdir/sudoers.dist	mv ${pp_destdir}$sudoersdir/sudoers ${pp_destdir}$sudoersdir/sudoers.dist
%endif	%endif

	%if [deb]
	pp_deb_maintainer="$pp_rpm_packager"
	pp_deb_release="$pp_rpm_release"
	pp_deb_version="$pp_rpm_version"
	pp_deb_section=admin
	install -D -m 644 ${pp_destdir}$docdir/LICENSE ${pp_wrkdir}/${name}/usr/share/doc/${name}/copyright
	install -D -m 644 ${pp_destdir}$docdir/ChangeLog ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog
	gzip -9f ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog
	printf "$name ($pp_deb_version-$pp_deb_release) admin; urgency=low\n\n * see upstream changelog\n\n -- $pp_deb_maintainer `date '+%a, %d %b %Y %T %z'`\n" > ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
	chmod 644 ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
	gzip -9f ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
	# Create lintian override file
	mkdir -p ${pp_wrkdir}/${name}/usr/share/lintian/overrides
	cat >${pp_wrkdir}/${name}/usr/share/lintian/overrides/${name} <<-EOF
	# The sudo binary must be setuid root
	$name: setuid-binary usr/bin/sudo 4755 root/root
	# Sudo configuration and data dirs must not be world-readable
	$name: non-standard-file-perm etc/sudoers 0440 != 0644
	$name: non-standard-dir-perm etc/sudoers.d/ 0750 != 0755
	$name: non-standard-dir-perm var/lib/sudo/ 0700 != 0755
	# Sudo ships with debugging symbols
	$name: unstripped-binary-or-object
	EOF
	chmod 644 ${pp_wrkdir}/${name}/usr/share/lintian/overrides/${name}
	%endif

%if [rpm]	%if [rpm]
# Add distro info to release	# Add distro info to release
osrelease=`echo "$pp_rpm_distro" \| sed -e 's/^[^0-9]//' -e 's/-.$//'`	osrelease=`echo "$pp_rpm_distro" \| sed -e 's/^[^0-9]//' -e 's/-.$//'`
Line 190 still allow people to get their work done."	Line 214 still allow people to get their work done."
perl -pe 'last if (/^What/i && $seen++)' NEWS > ${pp_wrkdir}/ReadMe.txt	perl -pe 'last if (/^What/i && $seen++)' NEWS > ${pp_wrkdir}/ReadMe.txt
%endif	%endif

	%if X"$aix_freeware" = X"true"
	# Create links from /opt/freeware/{bin,sbin} -> /usr/{bin.sbin}
	mkdir -p ${pp_destdir}/usr/bin ${pp_destdir}/usr/sbin
	ln -s -f ${bindir}/sudo ${pp_destdir}/usr/bin
	ln -s -f ${bindir}/sudoedit ${pp_destdir}/usr/bin
	ln -s -f ${bindir}/sudoreplay ${pp_destdir}/usr/bin
	ln -s -f ${sbindir}/visudo ${pp_destdir}/usr/sbin
	%endif

# OS-level directories that should generally exist but might not.	# OS-level directories that should generally exist but might not.
extradirs=`echo ${pp_destdir}/${mandir}/[mc]* \| sed "s#${pp_destdir}/##g"`	extradirs=`echo ${pp_destdir}/${mandir}/[mc]* \| sed "s#${pp_destdir}/##g"`
extradirs="$extradirs `dirname $docdir` `dirname $timedir`"	extradirs="$extradirs `dirname $docdir` `dirname $timedir`"
	test -d ${pp_destdir}${localedir} && extradirs="$extradirs $localedir"
test -d ${pp_destdir}/etc/pam.d && extradirs="${extradirs} /etc/pam.d"	test -d ${pp_destdir}/etc/pam.d && extradirs="${extradirs} /etc/pam.d"
for dir in $bindir $sbindir $libexecdir $includedir $extradirs; do	for dir in $bindir $sbindir $libexecdir $includedir $extradirs; do
while test "$dir" != "/"; do	while test "$dir" != "/"; do
Line 202 still allow people to get their work done."	Line 236 still allow people to get their work done."
done	done
osdirs=`echo $osdirs \| tr " " "\n" \| sort -u`	osdirs=`echo $osdirs \| tr " " "\n" \| sort -u`

	%depend [deb]
	libc6, libpam0g, libpam-modules, zlib1g, libselinux1

	%fixup [deb]
	# Add Conflicts, Replaces headers and add libldap depedency as needed.
	if test -z "%{flavor}"; then
	echo "Conflicts: sudo-ldap" >> %{pp_wrkdir}/%{name}/DEBIAN/control
	echo "Replaces: sudo-ldap" >> %{pp_wrkdir}/%{name}/DEBIAN/control
	elif test "%{flavor}" = "ldap"; then
	echo "Conflicts: sudo" >> %{pp_wrkdir}/%{name}/DEBIAN/control
	echo "Replaces: sudo" >> %{pp_wrkdir}/%{name}/DEBIAN/control
	echo "Provides: sudo" >> %{pp_wrkdir}/%{name}/DEBIAN/control
	cp -p %{pp_wrkdir}/%{name}/DEBIAN/control %{pp_wrkdir}/%{name}/DEBIAN/control.$$
	sed 's/^$Depends:.$ $/\1, libldap-2.4-2/' %{pp_wrkdir}/%{name}/DEBIAN/control.$$ > %{pp_wrkdir}/%{name}/DEBIAN/control
	rm -f %{pp_wrkdir}/%{name}/DEBIAN/control.$$
	fi
	echo "Homepage: http://www.sudo.ws/sudo/" >> %{pp_wrkdir}/%{name}/DEBIAN/control
	echo "Bugs: http://www.sudo.ws/bugs/" >> %{pp_wrkdir}/%{name}/DEBIAN/control

%files	%files
$osdirs -	$osdirs -
$bindir/sudo 4111 root:	$bindir/sudo 4755 root:
$bindir/sudoedit 4111 root:	$bindir/sudoedit 0755 root: symlink sudo
$sbindir/visudo 0111	$sbindir/visudo 0755
$bindir/sudoreplay 0111	$bindir/sudoreplay 0755
$includedir/sudo_plugin.h 0444	$includedir/sudo_plugin.h 0644
$libexecdir/* 0755 optional	$libexecdir/sudo/ 0755
	$libexecdir/sudo/sesh 0755 optional,ignore-others
	$libexecdir/sudo/* $shlib_mode optional
$sudoersdir/sudoers.d/ 0750 $sudoers_uid:$sudoers_gid	$sudoersdir/sudoers.d/ 0750 $sudoers_uid:$sudoers_gid
$timedir/ 0700 root:	$timedir/ 0700 root:
$docdir/ 0755	$docdir/ 0755
$docdir/sudoers2ldif 0555 optional,ignore-others	$docdir/sudoers2ldif 0755 optional,ignore-others
$docdir/* 0444	%if [deb]
$localedir/ - optional	$docdir/LICENSE ignore,ignore-others
$localedir/** 0444 optional	$docdir/ChangeLog ignore,ignore-others
/etc/pam.d/* 0444 volatile,optional	%endif
	$docdir/* 0644
	$localedir/*/ - optional
	$localedir/*/LC_MESSAGES/ - optional
	$localedir//LC_MESSAGES/ 0644 optional
	/etc/pam.d/* 0644 volatile,optional
%if [rpm,deb]	%if [rpm,deb]
$sudoersdir/sudoers $sudoers_mode $sudoers_uid:$sudoers_gid volatile	$sudoersdir/sudoers $sudoers_mode $sudoers_uid:$sudoers_gid volatile
%else	%else
$sudoersdir/sudoers.dist $sudoers_mode $sudoers_uid:$sudoers_gid volatile	$sudoersdir/sudoers.dist $sudoers_mode $sudoers_uid:$sudoers_gid volatile
%endif	%endif
	%if X"$aix_freeware" = X"true"
	# Links for binaries from /opt/freeware to /usr
	/usr/bin/sudo 0755 root: symlink $bindir/sudo
	/usr/bin/sudoedit 0755 root: symlink $bindir/sudoedit
	/usr/bin/sudoreplay 0755 root: symlink $bindir/sudoreplay
	/usr/sbin/visudo 0755 root: symlink $sbindir/visudo
	%endif

%files [!aix]	%files [!aix]
$mandir/man/	$sudoedit_man 0644 symlink,ignore-others $sudoedit_man_target
	$mandir/man/ 0644

%files [aix]	%files [aix]
# Some versions use catpages, some use manpages.	# Some versions use catpages, some use manpages.
$mandir/cat/ optional	$sudoedit_man 0644 symlink,ignore-others $sudoedit_man_target
$mandir/man/ optional	$mandir/cat/ 0644 optional
	$mandir/man/ 0644 optional

	%pre [aix]
	if rpm -q %{name} >/dev/null 2>&1; then
	echo "Another version of sudo is currently installed via rpm." 2>&1
	echo "Please either uninstall the rpm version of sudo by running \"rpm -e sudo\"" 2>&1
	echo "or upgrade the existing version of sudo using the .rpm packagae instead" 2>&1
	echo "instead of the .bff package." 2>&1
	echo "" 2>&1
	echo "Note that you may need to pass rpm the --oldpackage flag when upgrading" 2>&1
	echo "the AIX Toolbox version of sudo to the latest sudo rpm from sudo.ws." 2>&1
	echo "" 2>&1
	exit 1
	fi

%post [!rpm,deb]	%post [!rpm,deb]
# Don't overwrite an existing sudoers file	# Don't overwrite an existing sudoers file
%if [solaris]	%if [solaris]
Line 247 still allow people to get their work done."	Line 329 still allow people to get their work done."
fi	fi

%post [deb]	%post [deb]
	set -e

# dpkg-deb does not maintain the mode on the sudoers file, and	# dpkg-deb does not maintain the mode on the sudoers file, and
# installs it 0640 when sudo requires 0440	# installs it 0640 when sudo requires 0440
chmod %{sudoers_mode} %{sudoersdir}/sudoers	chmod %{sudoers_mode} %{sudoersdir}/sudoers
Line 281 still allow people to get their work done."	Line 365 still allow people to get their work done."
'	'

%preun [deb]	%preun [deb]
	set -e

# Remove the /etc/ldap/ldap.conf -> /etc/sudo-ldap.conf symlink if	# Remove the /etc/ldap/ldap.conf -> /etc/sudo-ldap.conf symlink if
# it matches what we created in the postinstall script.	# it matches what we created in the postinstall script.
if test X"%{flavor}" = X"ldap" -a \	if test X"%{flavor}" = X"ldap" -a \

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.2
changed lines
	Added in v.1.1.1.4