auto-import changelog data from sudo-1.6.7p5-16.src.rpm

Tue Jan 27 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-16 - Eliminate interfaces call, since this requires big SELinux privs - and it seems to be useless. Tue Jan 27 2004 Karsten Hopp <karsten@redhat.de> 1.6.7p5-15 - visudo requires vim-minimal or setting EDITOR to something useful (#68605) Mon Jan 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-14 - Fix is_selinux_enabled call Tue Jan 13 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-13 - Clean up patch on failure Tue Jan 06 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-12 - Remove sudo.te for now. Fri Jan 02 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-11 - Fix usage message Mon Dec 22 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-10 - Clean up sudo.te to not blow up if pam.te not present Thu Dec 18 2003 Thomas Woerner <twoerner@redhat.com> - added missing BuildRequires for groff Tue Dec 16 2003 Jeremy Katz <katzj@redhat.com> 1.6.7p5-9 - remove left-over debugging code Tue Dec 16 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-8 - Fix terminal handling that caused Sudo to exit on non selinux machines. Mon Dec 15 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-7 - Remove sudo_var_run_t which is now pam_var_run_t Fri Dec 12 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-6 - Fix terminal handling and policy Thu Dec 11 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-5 - Fix policy Thu Nov 13 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-4.sel - Turn on SELinux support Tue Jul 29 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-3 - Add support for SELinux
2004-09-09 12:51:15 +00:00 · 2004-09-09 12:51:15 +00:00 · cadae3b7d2
commit cadae3b7d2
parent ec26ed9440
1 changed files with 81 additions and 5 deletions
--- a/sudo.spec
+++ b/sudo.spec
@ -1,14 +1,20 @@
+%if %{?WITH_SELINUX:0}%{!?WITH_SELINUX:1}
+%define WITH_SELINUX 1
+%endif
 Summary: Allows restricted root access for specified users.
 Name: sudo
 Version: 1.6.7p5
-Release: 2
+Release: 16
 License: BSD
 Group: Applications/System
 Source: http://www.courtesan.com/sudo/dist/sudo-%{version}.tar.gz
+Patch1: sudo-selinux.patch
 URL: http://www.courtesan.com/sudo/
 BuildRoot: %{_tmppath}/%{name}-root
-Requires: /etc/pam.d/system-auth
-BuildRequires: pam-devel
+Requires: /etc/pam.d/system-auth, vim-minimal
+BuildRequires: pam-devel, groff
+Source1: sudo.te
+Source2: sudo.fc

 %description
 Sudo (superuser do) allows a system administrator to give certain
@ -23,6 +29,10 @@ on many different machines.

 %prep
 %setup -q
+%if %{WITH_SELINUX}
+#SELinux
+%patch1 -p1 -b .selinux
+%endif

 %build
 %configure \
@ -34,12 +44,12 @@ on many different machines.
 	--with-editor=/bin/vi \
 	--with-env-editor \
 	--with-ignore-dot \
-	--with-tty-tickets
+	--with-tty-tickets \
+	--without-interfaces
 make

 %install
 rm -rf $RPM_BUILD_ROOT
-
 mkdir $RPM_BUILD_ROOT
 %{makeinstall} install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
 chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/* 
@ -53,6 +63,14 @@ account    required	pam_stack.so service=system-auth
 password   required	pam_stack.so service=system-auth
 session    required	pam_stack.so service=system-auth
 EOF
+%if %{WITH_SELINUX}
+#SELinux
+#mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/security/selinux/src/policy/domains/program/
+#install -c -m644 %SOURCE1 ${RPM_BUILD_ROOT}%{_sysconfdir}/security/selinux/src/policy/domains/program/
+#mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/security/selinux/src/policy/file_contexts/program
+#install -c -m644 %SOURCE2 ${RPM_BUILD_ROOT}%{_sysconfdir}/security/selinux/src/policy/file_contexts/program
+%endif
+

 %clean 
 rm -rf $RPM_BUILD_ROOT
@ -68,12 +86,70 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man5/sudoers.5*
 %{_mandir}/man8/sudo.8*
 %{_mandir}/man8/visudo.8*
+%if %{WITH_SELINUX}
+#%{_sysconfdir}/security/selinux/src/policy/domains/program/sudo.te
+#%{_sysconfdir}/security/selinux/src/policy/file_contexts/program/sudo.fc
+%endif 

 # Make sure permissions are ok even if we're updating
 %post
 /bin/chmod 0440 /etc/sudoers || :
+%if %{WITH_SELINUX}
+#if test -x /usr/bin/selinuxenabled  && `/usr/bin/selinuxenabled`; then
+#	cd /etc/security/selinux/src/policy
+#	make reload
+#	make file_contexts/file_contexts
+#	setfiles file_contexts/file_contexts /etc/sudoers %{_bindir}/sudo %{_sbindir}/visudo /var/run/sudo
+#fi
+%endif

 %changelog
+* Tue Jan 27 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-16
+- Eliminate interfaces call, since this requires big SELinux privs
+- and it seems to be useless.
+
+* Tue Jan 27 2004 Karsten Hopp <karsten@redhat.de> 1.6.7p5-15
+- visudo requires vim-minimal or setting EDITOR to something useful (#68605)
+
+* Mon Jan 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-14
+- Fix is_selinux_enabled call
+
+* Tue Jan 13 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-13
+- Clean up patch on failure 
+
+* Tue Jan 6 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-12
+- Remove sudo.te for now.
+
+* Fri Jan 2 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-11
+- Fix usage message
+
+* Mon Dec 22 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-10
+- Clean up sudo.te to not blow up if pam.te not present
+
+* Thu Dec 18 2003 Thomas Woerner <twoerner@redhat.com>
+- added missing BuildRequires for groff
+
+* Tue Dec 16 2003 Jeremy Katz <katzj@redhat.com> 1.6.7p5-9
+- remove left-over debugging code
+
+* Tue Dec 16 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-8
+- Fix terminal handling that caused Sudo to exit on non selinux machines.
+
+* Mon Dec 15 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-7
+- Remove sudo_var_run_t which is now pam_var_run_t
+
+* Fri Dec 12 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-6
+- Fix terminal handling and policy
+
+* Thu Dec 11 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-5
+- Fix policy
+
+* Thu Nov 13 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-4.sel
+- Turn on SELinux support
+
+* Tue Jul 29 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-3
+- Add support for SELinux
+
 * Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
 - rebuilt