parent
94269e7c20
commit
bb269d08fa
49
sudo.spec
49
sudo.spec
@ -1,16 +1,14 @@
|
||||
%global patchlevel b4
|
||||
%global upstream_version %{version}%{patchlevel}
|
||||
|
||||
Summary: Allows restricted root access for specified users
|
||||
Name: sudo
|
||||
Version: 1.9.0
|
||||
Release: 0.1.%{patchlevel}%{?dist}
|
||||
Release: 0.1.b1%{?dist}
|
||||
License: ISC
|
||||
URL: http://www.courtesan.com/sudo/
|
||||
Source0: https://www.sudo.ws/dist/beta/%{name}-%{upstream_version}.tar.gz
|
||||
Source0: https://www.sudo.ws/dist/beta/%{name}-%{version}b1.tar.gz
|
||||
Source1: sudoers
|
||||
Requires: pam
|
||||
Recommends: vim-minimal
|
||||
Requires(post): coreutils
|
||||
|
||||
BuildRequires: pam-devel
|
||||
BuildRequires: groff
|
||||
@ -47,7 +45,7 @@ The %{name}-devel package contains header files developing sudo
|
||||
plugins that use %{name}.
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{upstream_version}
|
||||
%setup -q -n sudo-1.9.0b1
|
||||
|
||||
%patch1 -p1 -b .strip
|
||||
|
||||
@ -94,7 +92,7 @@ make check
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
|
||||
|
||||
chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/*
|
||||
chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/*
|
||||
install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
|
||||
install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo/lectured
|
||||
install -p -d -m 750 $RPM_BUILD_ROOT/etc/sudoers.d
|
||||
@ -168,9 +166,7 @@ EOF
|
||||
%attr(0755,root,root) %{_libexecdir}/sudo/sesh
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/sudo_noexec.so
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/group_file.so
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/sample_approval.so
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
|
||||
%attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
|
||||
%{_libexecdir}/sudo/libsudo_util.so.?
|
||||
@ -201,17 +197,13 @@ EOF
|
||||
%{_mandir}/man8/sudo_plugin.8*
|
||||
|
||||
%changelog
|
||||
* Tue Mar 24 2020 Jens Petersen <petersen@redhat.com> - 1.9.0-0.1.b4
|
||||
- update to 1.9.0 beta4
|
||||
- https://www.sudo.ws/pipermail/sudo-workers/2020-March/001279.html
|
||||
|
||||
* Mon Feb 24 2020 Attila Lakatos <alakatos@redhat.com> - 1.9.0-0.1.b1
|
||||
- update to latest development version 1.9.0b1
|
||||
- added sudo_logsrvd and sudo_sendlog to files and their appropriate man pages
|
||||
Resolves: rhbz#1787823
|
||||
- Stack based buffer overflow in when pwfeedback is enabled
|
||||
Resolves: rhbz#1796945
|
||||
- fixes: CVE-2019-18634
|
||||
- fixes: CVE-2019-18634
|
||||
- By using ! character in the shadow file instead of a password hash can access to a run as all sudoer account
|
||||
Resolves: rhbz#1786709
|
||||
- fixes CVE-2019-19234
|
||||
@ -247,7 +239,7 @@ Resolves: rhbz#1761584
|
||||
|
||||
* Sun Mar 31 2019 Marek Tamaskovic <mtamasko@redhat.com> 1.8.27-2
|
||||
- resolves rhbz#1676925
|
||||
- Removed PS1, PS2 from sudoers
|
||||
- Removed PS1, PS2 from sudoers
|
||||
|
||||
* Mon Mar 11 2019 Radovan Sroka <rsroka@redhat.com> 1.8.27-1
|
||||
- rebase sudo to 1.8.27
|
||||
@ -283,7 +275,7 @@ Resolves: rhbz#1761584
|
||||
|
||||
* Thu Sep 21 2017 Marek Tamaskovic <mtamasko@redhat.com> - 1.8.21p2-1
|
||||
- update to 1.8.21p2
|
||||
- Moved libsudo_util.so from the -devel sub-package to main package (1481225)
|
||||
- Moved libsudo_util.so from the -devel sub-package to main package (1481225)
|
||||
|
||||
* Wed Sep 06 2017 Matthew Miller <mattdm@fedoraproject.org> - 1.8.20p2-4
|
||||
- replace file-based requirements with package-level ones:
|
||||
@ -372,7 +364,7 @@ Resolves: rhbz#1761584
|
||||
|
||||
* Mon Aug 24 2015 Radovan Sroka <rsroka@redhat.com> 1.8.14p3-2
|
||||
- add patch that resolves initialization problem before sudo_strsplit call
|
||||
- add patch that resolves deadcode in visudo.c
|
||||
- add patch that resolves deadcode in visudo.c
|
||||
- add patch that removes extra while in visudo.c and sudoers.c
|
||||
|
||||
* Mon Jul 27 2015 Radovan Sroka <rsroka@redhat.com> 1.8.14p3-1
|
||||
@ -408,9 +400,9 @@ Resolves: rhbz#1761584
|
||||
- major changes & fixes:
|
||||
- when running a command in the background, sudo will now forward
|
||||
SIGINFO to the command
|
||||
- the passwords in ldap.conf and ldap.secret may now be encoded in base64.
|
||||
- the passwords in ldap.conf and ldap.secret may now be encoded in base64.
|
||||
- SELinux role changes are now audited. For sudoedit, we now audit
|
||||
the actual editor being run, instead of just the sudoedit command.
|
||||
the actual editor being run, instead of just the sudoedit command.
|
||||
- it is now possible to match an environment variable's value as well as
|
||||
its name using env_keep and env_check
|
||||
- new files created via sudoedit as a non-root user now have the proper group id
|
||||
@ -510,7 +502,7 @@ Resolves: rhbz#1761584
|
||||
* Thu May 17 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.8.5-1
|
||||
- update to 1.8.5
|
||||
- fixed CVE-2012-2337
|
||||
- temporarily disabled SSSD support
|
||||
- temporarily disabled SSSD support
|
||||
|
||||
* Wed Feb 29 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.8.3p1-6
|
||||
- fixed problems with undefined symbols (rhbz#798517)
|
||||
@ -529,7 +521,7 @@ Resolves: rhbz#1761584
|
||||
|
||||
* Thu Nov 10 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.8.3p1-1
|
||||
- update to 1.8.3p1
|
||||
- disable output word wrapping if the output is piped
|
||||
- disable output word wrapping if the output is piped
|
||||
|
||||
* Wed Sep 7 2011 Peter Robinson <pbrobinson@fedoraproject.org> - 1.8.1p2-2
|
||||
- Remove execute bit from sample script in docs so we don't pull in perl
|
||||
@ -664,7 +656,7 @@ Resolves: rhbz#1761584
|
||||
- sparc64 needs to be in the -fPIE list with s390
|
||||
|
||||
* Mon Jan 07 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.9p4-5
|
||||
- fix complains about audit_log_user_command(): Connection
|
||||
- fix complains about audit_log_user_command(): Connection
|
||||
refused (#401201)
|
||||
|
||||
* Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 1.6.9p4-4
|
||||
@ -766,7 +758,7 @@ Resolves: rhbz#1761584
|
||||
- rebuild
|
||||
|
||||
* Mon Oct 4 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-30.1
|
||||
- added missing BuildRequires for libselinux-devel (#132883)
|
||||
- added missing BuildRequires for libselinux-devel (#132883)
|
||||
|
||||
* Wed Sep 29 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-30
|
||||
- Fix missing param error in sesh
|
||||
@ -793,7 +785,7 @@ Resolves: rhbz#1761584
|
||||
exec of child with SELinux patch
|
||||
|
||||
* Thu Mar 18 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-23
|
||||
- change to default to sysadm_r
|
||||
- change to default to sysadm_r
|
||||
- Fix tty handling
|
||||
|
||||
* Thu Mar 18 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-22
|
||||
@ -801,7 +793,7 @@ Resolves: rhbz#1761584
|
||||
- replace /bin/bash -c with /bin/sesh
|
||||
|
||||
* Tue Mar 16 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-21
|
||||
- Hard code to use "/bin/bash -c" for selinux
|
||||
- Hard code to use "/bin/bash -c" for selinux
|
||||
|
||||
* Tue Mar 16 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-20
|
||||
- Eliminate closing and reopening of terminals, to match su.
|
||||
@ -826,7 +818,7 @@ Resolves: rhbz#1761584
|
||||
- Fix is_selinux_enabled call
|
||||
|
||||
* Tue Jan 13 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-13
|
||||
- Clean up patch on failure
|
||||
- Clean up patch on failure
|
||||
|
||||
* Tue Jan 6 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-12
|
||||
- Remove sudo.te for now.
|
||||
@ -949,7 +941,7 @@ Resolves: rhbz#1761584
|
||||
- fixed so it doesn't find /usr/bin/vi first, but instead /bin/vi (always installed)
|
||||
|
||||
* Thu Oct 08 1998 Michael Maher <mike@redhat.com>
|
||||
- built package for 5.2
|
||||
- built package for 5.2
|
||||
|
||||
* Mon May 18 1998 Michael Maher <mike@redhat.com>
|
||||
- updated SPEC file
|
||||
@ -961,9 +953,10 @@ Resolves: rhbz#1761584
|
||||
- built for glibc, no problems
|
||||
|
||||
* Fri Apr 25 1997 Michael Fulbright <msf@redhat.com>
|
||||
- Fixed for 4.2 PowerTools
|
||||
- Fixed for 4.2 PowerTools
|
||||
- Still need to be pamified
|
||||
- Still need to move stmp file to /var/log
|
||||
|
||||
* Mon Feb 17 1997 Michael Fulbright <msf@redhat.com>
|
||||
- First version for PowerCD.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user