226 lines
6.7 KiB
RPMSpec
226 lines
6.7 KiB
RPMSpec
ExcludeArch: i686
|
|
|
|
Summary: The tudo respect sudo
|
|
Name: utsudo
|
|
Version: 0.0.2
|
|
Release: 0.03
|
|
License: ISC
|
|
Group: Applications/System
|
|
URL: https://www.sudo.ws/
|
|
|
|
Source0: %{name}-%{version}.tar.gz
|
|
Source1: utsudoers
|
|
Source2: utsudo-ldap.conf
|
|
Source3: utsudo.conf
|
|
|
|
Requires: pam
|
|
Requires: vim-minimal
|
|
Requires(post): coreutils
|
|
Requires: sudo
|
|
|
|
BuildRequires: sendmail
|
|
BuildRequires: autoconf
|
|
BuildRequires: automake
|
|
BuildRequires: bison
|
|
BuildRequires: flex
|
|
BuildRequires: gettext
|
|
BuildRequires: groff
|
|
BuildRequires: libtool
|
|
BuildRequires: audit-libs-devel
|
|
BuildRequires: libcap-devel
|
|
BuildRequires: libgcrypt-devel
|
|
BuildRequires: libselinux-devel
|
|
BuildRequires: openldap-devel
|
|
BuildRequires: pam-devel
|
|
BuildRequires: zlib-devel
|
|
BuildRequires: cargo
|
|
BuildRequires: rust
|
|
BuildRequires: patchelf
|
|
|
|
Patch0001: 0001-fix-unable-to-callocate-memory.patch
|
|
Patch0002: 0002-fix-use_pty-function-error.patch
|
|
|
|
%description
|
|
Sudo (superuser do) allows a system administrator to give certain
|
|
users (or groups of users) the ability to run some (or all) commands
|
|
as root while logging all commands and arguments. Sudo operates on a
|
|
per-command basis. It is not a replacement for the shell. Features
|
|
include: the ability to restrict what commands a user may run on a
|
|
per-host basis, copious logging of each command (providing a clear
|
|
audit trail of who did what), a configurable timeout of the sudo
|
|
command, and the ability to use the same configuration file (sudoers)
|
|
on many different machines.
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch0001 -p1
|
|
%patch0002 -p1
|
|
|
|
%build
|
|
# Remove bundled copy of zlib
|
|
rm -rf zlib/
|
|
autoreconf -I m4 -fv --install
|
|
|
|
%ifarch s390 s390x sparc64
|
|
F_PIE=-fPIE
|
|
%else
|
|
F_PIE=-fpie
|
|
%endif
|
|
|
|
export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
|
|
|
|
%configure \
|
|
--prefix=%{_prefix} \
|
|
--sbindir=%{_sbindir} \
|
|
--libdir=%{_libdir} \
|
|
--docdir=%{_pkgdocdir} \
|
|
--disable-root-mailer \
|
|
--with-logging=syslog \
|
|
--with-logfac=authpriv \
|
|
--with-pam \
|
|
--with-pam-login \
|
|
--with-editor=/bin/vi \
|
|
--with-env-editor \
|
|
--with-ignore-dot \
|
|
--with-tty-tickets \
|
|
--with-ldap \
|
|
--with-ldap-conf-file="%{_sysconfdir}/utsudo-ldap.conf" \
|
|
--with-selinux \
|
|
--with-passprompt="[utsudo] password for %p: " \
|
|
--with-linux-audit \
|
|
--with-sssd
|
|
make
|
|
|
|
%check
|
|
## make check
|
|
|
|
%install
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
# Update README.LDAP (#736653)
|
|
sed -i 's|/etc/ldap\.conf|%{_sysconfdir}/utsudo-ldap.conf|g' README.LDAP
|
|
|
|
make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
|
|
install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
|
|
install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo/lectured
|
|
install -p -d -m 750 $RPM_BUILD_ROOT/etc/utsudoers.d
|
|
install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/utsudoers
|
|
install -p -c -m 0640 %{SOURCE3} $RPM_BUILD_ROOT/etc/utsudo.conf
|
|
install -p -c -m 0640 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/utsudo-ldap.conf
|
|
|
|
# Add sudo to protected packages
|
|
install -p -d -m 755 $RPM_BUILD_ROOT/etc/dnf/protected.d/
|
|
touch utsudo.conf
|
|
echo utsudo > utsudo.conf
|
|
install -p -c -m 0644 utsudo.conf $RPM_BUILD_ROOT/etc/dnf/protected.d/
|
|
rm -f utsudo.conf
|
|
rm -f $RPM_BUILD_ROOT%{_bindir}/cvtsudoers
|
|
rm -f $RPM_BUILD_ROOT%{_bindir}/sudoreplay
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/visudo
|
|
rm -f $RPM_BUILD_ROOT/etc/sudoers
|
|
|
|
chmod +x $RPM_BUILD_ROOT%{_libexecdir}/utsudo/*.so # for stripping, reset in %%files
|
|
|
|
# Don't package LICENSE as a doc
|
|
rm -rf $RPM_BUILD_ROOT%{_pkgdocdir}/LICENSE
|
|
|
|
# Remove examples; Examples can be found in man pages too.
|
|
rm -rf $RPM_BUILD_ROOT%{_datadir}/examples/sudo
|
|
|
|
# Remove all .la files
|
|
find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
|
|
|
|
# Remove sudoers.dist
|
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.dist
|
|
|
|
# Remove sudo_plugin.h -add by uos
|
|
rm -f $RPM_BUILD_ROOT%{_includedir}/sudo_plugin.h
|
|
|
|
%find_lang utsudo
|
|
%find_lang utsudoers
|
|
|
|
cat utsudo.lang utsudoers.lang > utsudo_all.lang
|
|
rm utsudo.lang utsudoers.lang
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/etc/pam.d
|
|
mkdir -p $RPM_BUILD_ROOT/usr/share/doc/utsudo
|
|
cat > $RPM_BUILD_ROOT/etc/pam.d/utsudo << EOF
|
|
#%%PAM-1.0
|
|
auth include system-auth
|
|
account include system-auth
|
|
password include system-auth
|
|
session include system-auth
|
|
EOF
|
|
|
|
cat > $RPM_BUILD_ROOT/etc/pam.d/utsudo-i << EOF
|
|
#%%PAM-1.0
|
|
auth include sudo
|
|
account include sudo
|
|
password include sudo
|
|
session optional pam_keyinit.so force revoke
|
|
session include sudo
|
|
EOF
|
|
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
%files -f utsudo_all.lang
|
|
%defattr(-,root,root)
|
|
%attr(0440,root,root) %config(noreplace) /etc/utsudoers
|
|
%attr(0640,root,root) %config(noreplace) /etc/utsudo.conf
|
|
%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/utsudo-ldap.conf
|
|
%attr(0750,root,root) %dir /etc/utsudoers.d/
|
|
%config(noreplace) /etc/pam.d/utsudo
|
|
%config(noreplace) /etc/pam.d/utsudo-i
|
|
%attr(0644,root,root) %{_tmpfilesdir}/utsudo.conf
|
|
%attr(0644,root,root) /etc/dnf/protected.d/utsudo.conf
|
|
%dir /var/db/sudo
|
|
%dir /var/db/sudo/lectured
|
|
%attr(4111,root,root) %{_bindir}/utsudo
|
|
%{_bindir}/utsudoedit
|
|
%dir %{_libexecdir}/utsudo
|
|
%attr(0755,root,root) %{_libexecdir}/utsudo/sesh
|
|
%attr(0644,root,root) %{_libexecdir}/utsudo/utsudo_noexec.so
|
|
%attr(0644,root,root) %{_libexecdir}/utsudo/sudoers.so
|
|
%attr(0644,root,root) %{_libexecdir}/utsudo/group_file.so
|
|
%attr(0644,root,root) %{_libexecdir}/utsudo/system_group.so
|
|
%{_libexecdir}/utsudo/libutsudo_util.so
|
|
%{_libexecdir}/utsudo/libutsudo_util.so.?
|
|
%{_libexecdir}/utsudo/libutsudo_variadic.so
|
|
%attr(0644,root,root) %{_libexecdir}/utsudo/libutsudo_util.so.?.?.?
|
|
%dir %{_pkgdocdir}/
|
|
%{!?_licensedir:%global license %%doc}
|
|
%license doc/LICENSE
|
|
|
|
# Make sure permissions are ok even if we're updating
|
|
%post
|
|
/bin/chmod 0440 /etc/utsudoers || :
|
|
|
|
%changelog
|
|
* Sun Apr 28 2024 binlingyu <binlingyu@uniontech.com> - 0.0.2-0.03
|
|
- Add Patch: 0002-fix-use_pty-function-error.patch
|
|
|
|
* Fri Apr 12 2024 bianguangze <bianguangze@uniontech.com> - 0.0.2-0.02
|
|
- fix unable to callocate memory.
|
|
|
|
* Sun Apr 7 2024 bianguangze <bianguangze@uniontech.com> - 0.0.2-0.01
|
|
- 升级至0.0.2大版本,解决部分编译报错.
|
|
|
|
* Wed Sep 06 2023 Lujun <wanglujun@uniontech.com> - 0.0.1-0.04
|
|
- Add Patch: 0002-change-struct-stat-for-arm-and-loongarch.patch
|
|
|
|
* Mon Sep 04 2023 Lujun <wanglujun@uniontech.com> - 0.0.1-0.03
|
|
- Add Requires: sudo
|
|
- Del /etc/pam.d/sudo and /etc/pam.d/sudo-i fix file conflict.
|
|
|
|
* Sat Aug 19 2023 senlin <xiasenlin1@huawei.com> - 0.0.1-0.02
|
|
- Replace command file with rpm to avoid the build-system being unable to recognize it
|
|
|
|
* Mon Aug 07 2023 Lujun <wanglujun@uniontech.com> - 0.0.1-0.01
|
|
- Add Patch: 0001-fix-compile-error-undefined-reference-to-sys_sigabbr.patch
|
|
|
|
* Tue May 10 2022 Lujun <wanglujun@uniontech.com> - 0.0.1
|
|
- init.
|