## ## sudo.spec -- OpenPKG RPM Package Specification ## Copyright (c) 2000-2022 OpenPKG Project ## ## Permission to use, copy, modify, and distribute this software for ## any purpose with or without fee is hereby granted, provided that ## the above copyright notice and this permission notice appear in all ## copies. ## ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ## SUCH DAMAGE. ## # package information Name: sudo Summary: Flexible Switch User Command URL: http://www.sudo.ws/ Vendor: Todd Miller Packager: OpenPKG Project Distribution: OpenPKG Community Class: BASE Group: ShellUtils License: BSD Version: 1.9.8p2 Release: 20210921 # package options %option with_fsl yes %option with_pam no %option with_skey no %option with_opie no %option with_ldap no # list of sources Source0: http://www.sudo.ws/sudo/dist/sudo-%{version}.tar.gz Source1: rc.sudo Source2: fsl.sudo Source3: sudo.conf Source4: sudoers Patch0: sudo.patch # build information BuildPreReq: OpenPKG, openpkg >= 20160101, gawk PreReq: OpenPKG, openpkg >= 20160101 BuildPreReq: zlib PreReq: zlib %if "%{with_fsl}" == "yes" BuildPreReq: fsl PreReq: fsl %endif %if "%{with_pam}" == "yes" BuildPreReq: PAM PreReq: PAM %endif %if "%{with_skey}" == "yes" BuildPreReq: skey PreReq: skey %endif %if "%{with_opie}" == "yes" BuildPreReq: opie PreReq: opie %endif %if "%{with_ldap}" == "yes" BuildPreReq: openldap PreReq: openldap %endif %description Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while logging the commands and arguments. %track prog sudo = { version = %{version} url = http://www.sudo.ws/sudo/dist/ regex = sudo-(__VER__)\.tar\.gz } %prep %setup -q %patch -p0 case "%{l_platform -t}" in *-darwin* ) %{l_shtool} subst \ -e 's/\(\$(LIBTOOL).*sudo_noexec.lo.*$\)/\1; $(CC) -dynamiclib .libs\/sudo_noexec.o $(LDFLAGS) -o .libs\/sudo_noexec.dylib/' \ Makefile.in ;; *-sunos* ) %{l_shtool} subst \ -e 's;^(void)isblank(1);if ((int)isblank(0x20)) exit(0);' \ configure ;; esac %build # configure program libs="" case "%{l_platform -t}" in *-freebsd* ) libs="$libs -lutil" ;; esac CC="%{l_cc}" \ CFLAGS="%{l_cflags -O}" \ LDFLAGS="%{l_fsl_ldflags}" \ SUDO_LIBS="$libs %{l_fsl_libs}" \ %if "%{with_pam}" == "yes" CPPFLAGS="-I`%{l_rc} --query pam_incdir`" \ LDFLAGS="-L`%{l_rc} --query pam_libdir` ${LDFLAGS}" \ %endif true=`%{l_shtool} path true` \ ./configure \ --prefix=%{l_prefix} \ --mandir=%{l_prefix}/man \ --sysconfdir=%{l_prefix}/etc/sudo \ --libexecdir=%{l_prefix}/libexec/sudo \ --with-plugindir=%{l_prefix}/libexec/sudo/plugin \ --with-noexec=%{l_prefix}/libexec/sudo/helper/sudo_noexec.so \ --with-logpath=%{l_prefix}/var/sudo/sudo.log \ --with-rundir=%{l_prefix}/var/sudo \ --enable-zlib=%{l_prefix} \ %if "%{with_fsl}" == "yes" --with-logging=syslog \ %else --with-logging=file \ %endif --with-sudoers-mode=0400 \ --with-sudoers-uid=%{l_suid} \ --with-sudoers-gid=%{l_sgid} \ --with-sendmail=$true \ --with-ignore-dot \ %if "%{with_pam}" == "yes" --with-pam \ %else --without-pam \ %endif %if "%{with_skey}" == "yes" || "%{with_opie}" == "yes" --with-long-otp-prompt \ %endif %if "%{with_skey}" == "yes" --with-skey=%{l_prefix} \ %endif %if "%{with_opie}" == "yes" --with-opie=%{l_prefix} \ %endif %if "%{with_ldap}" == "yes" --with-ldap=%{l_prefix} \ --with-ldap-conf-file=%{l_prefix}/etc/sudo/ldap.conf \ %endif --enable-shell-sets-home \ --disable-root-sudo \ --with-env-editor \ --disable-path-info \ --disable-nls # build program %{l_make} %{l_mflags -O} %install # install program %{l_shtool} mkdir -f -p -m 755 \ $RPM_BUILD_ROOT%{l_prefix}/var/sudo %{l_shtool} subst \ -e "s;-M 4111;-M 4511;" \ -e "s;-M 0111;-M 0511;" \ -e "s;-[OG] [^ ]*;;g" \ Makefile %{l_make} %{l_mflags} install \ DESTDIR=$RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT%{l_prefix}/share # install run-command script %{l_shtool} mkdir -f -p -m 755 \ $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d %{l_shtool} install -c -m 755 %{l_value -s -a} \ %{SOURCE rc.sudo} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ # install OSSP fsl configuration %{l_shtool} mkdir -f -p -m 755 \ $RPM_BUILD_ROOT%{l_prefix}/etc/fsl %{l_shtool} install -c -m 644 %{l_value -s -a} \ %{SOURCE fsl.sudo} \ $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ # install default configuration file %{l_shtool} install -c -m 644 %{l_value -s -a} \ %{SOURCE sudo.conf} %{SOURCE sudoers} \ $RPM_BUILD_ROOT%{l_prefix}/etc/sudo/ # determine installation files %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ %{l_files_std} \ '%config %{l_prefix}/etc/fsl/fsl.sudo' \ '%attr(4111,%{l_susr},%{l_mgrp}) %{l_prefix}/bin/sudo' \ '%attr(4111,%{l_susr},%{l_mgrp}) %{l_prefix}/bin/sudoedit' \ '%attr(0111,%{l_susr},%{l_mgrp}) %{l_prefix}/sbin/visudo' \ '%attr(0755,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/sudo/plugin/sudoers.so' \ '%attr(0700,%{l_susr},%{l_mgrp}) %dir %{l_prefix}/var/sudo' \ '%config(noreplace) %attr(0400,%{l_susr},%{l_sgrp}) %{l_prefix}/etc/sudo/sudo.conf' \ '%config(noreplace) %attr(0400,%{l_susr},%{l_sgrp}) %{l_prefix}/etc/sudo/sudoers' \ '%attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/etc/sudo/sudoers.d' %files -f files %clean %post %if "%{with_pam}" == "yes" # add PAM configuration entry if [ $1 -eq 1 ]; then $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=sudo fi %endif %preun %if "%{with_pam}" == "yes" # remove PAM configuration entry if [ $1 -eq 0 ]; then $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=sudo fi %endif