--- embedaddon/sudo/sudo.pp 2012/02/21 16:23:02 1.1.1.1 +++ embedaddon/sudo/sudo.pp 2012/05/29 12:26:49 1.1.1.2 @@ -12,7 +12,7 @@ limited root privileges to users and log root activity The basic philosophy is to give as few privileges as possible but \ still allow people to get their work done." vendor="Todd C. Miller" - copyright="(c) 1993-1996,1998-2011 Todd C. Miller" + copyright="(c) 1993-1996,1998-2012 Todd C. Miller" %if [aix] # AIX package summary is limited to 40 characters @@ -74,14 +74,17 @@ still allow people to get their work done." # Note that the order must match that of sudoers. case "$pp_rpm_distro" in centos*|rhel*) + chmod u+w ${pp_destdir}${sudoersdir}/sudoers /bin/ed - ${pp_destdir}${sudoersdir}/sudoers <<-'EOF' /Locale settings/+1,s/^# // /Desktop path settings/+1,s/^# // w q EOF + chmod u-w ${pp_destdir}${sudoersdir}/sudoers ;; sles*) + chmod u+w ${pp_destdir}${sudoersdir}/sudoers /bin/ed - ${pp_destdir}${sudoersdir}/sudoers <<-'EOF' /Locale settings/+1,s/^# // /ConsoleKit session/+1,s/^# // @@ -90,6 +93,7 @@ still allow people to get their work done." w q EOF + chmod u-w ${pp_destdir}${sudoersdir}/sudoers ;; esac @@ -157,6 +161,7 @@ still allow people to get their work done." %if [deb] # Uncomment some Defaults and the %sudo rule in sudoers # Note that the order must match that of sudoers and be tab-indented. + chmod u+w ${pp_destdir}${sudoersdir}/sudoers /bin/ed - ${pp_destdir}${sudoersdir}/sudoers <<-'EOF' /Locale settings/+1,s/^# // /X11 resource/+1,s/^# // @@ -164,6 +169,7 @@ still allow people to get their work done." w q EOF + chmod u-w ${pp_destdir}${sudoersdir}/sudoers mkdir -p ${pp_destdir}/etc/pam.d cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF #%PAM-1.0 @@ -176,6 +182,14 @@ still allow people to get their work done." EOF %endif +%if [macos] + pp_macos_pkg_type=flat + pp_macos_bundle_id=ws.sudo.pkg.sudo + pp_macos_pkg_license=doc/LICENSE + pp_macos_pkg_readme=${pp_wrkdir}/ReadMe.txt + perl -pe 'last if (/^What/i && $seen++)' NEWS > ${pp_wrkdir}/ReadMe.txt +%endif + # OS-level directories that should generally exist but might not. extradirs=`echo ${pp_destdir}/${mandir}/[mc]* | sed "s#${pp_destdir}/##g"` extradirs="$extradirs `dirname $docdir` `dirname $timedir`" @@ -189,20 +203,21 @@ still allow people to get their work done." osdirs=`echo $osdirs | tr " " "\n" | sort -u` %files - $osdirs - - $bindir/sudo 4111 root: - $bindir/sudoedit 4111 root: - $sbindir/visudo 0111 - $bindir/sudoreplay 0111 - $includedir/sudo_plugin.h - $libexecdir/* optional + $osdirs - + $bindir/sudo 4111 root: + $bindir/sudoedit 4111 root: + $sbindir/visudo 0111 + $bindir/sudoreplay 0111 + $includedir/sudo_plugin.h 0444 + $libexecdir/* 0755 optional $sudoersdir/sudoers.d/ 0750 $sudoers_uid:$sudoers_gid $timedir/ 0700 root: - $docdir/ - $docdir/* - $localedir/ optional - $localedir/** optional - /etc/pam.d/* volatile,optional + $docdir/ 0755 + $docdir/sudoers2ldif 0555 optional,ignore-others + $docdir/* 0444 + $localedir/ - optional + $localedir/** 0444 optional + /etc/pam.d/* 0444 volatile,optional %if [rpm,deb] $sudoersdir/sudoers $sudoers_mode $sudoers_uid:$sudoers_gid volatile %else @@ -219,7 +234,11 @@ still allow people to get their work done." %post [!rpm,deb] # Don't overwrite an existing sudoers file +%if [solaris] + sudoersdir=${PKG_INSTALL_ROOT}%{sudoersdir} +%else sudoersdir=%{sudoersdir} +%endif if test ! -r $sudoersdir/sudoers; then cp $sudoersdir/sudoers.dist $sudoersdir/sudoers chmod %{sudoers_mode} $sudoersdir/sudoers