From 63a8eea55923c74dad723e40f9702e4703f6a82b Mon Sep 17 00:00:00 2001
From: =?utf8?q?Elan=20Ruusam=C3=A4e?= <glen@pld-linux.org>
Date: Sun, 6 Mar 2011 09:40:52 +0000
Subject: [PATCH] - up to 1.7.5 - package default /var/log/sudo-io dir (for
 log_input/log_output io redirection) - force system zlib (used by sudo-io
 logs) - bug 440 patch applied here, seems working ok - ldap schema adds
 sudoNotAfter and sudoOrder attributes - cleanups

Changed files:
    bug-440.patch -> 1.2
    sudo-env.patch -> 1.3
    sudo.spec -> 1.178
---
 bug-440.patch  | 57 --------------------------------------------------
 sudo-env.patch | 12 ++++-------
 sudo.spec      | 43 ++++++++++++++++---------------------
 3 files changed, 22 insertions(+), 90 deletions(-)
 delete mode 100644 bug-440.patch

diff --git a/bug-440.patch b/bug-440.patch
deleted file mode 100644
index 57f255e..0000000
--- a/bug-440.patch
+++ /dev/null
@@ -1,57 +0,0 @@
---- 1.7.4p4/env.c	Wed Aug 18 15:27:03 2010
-+++ 1.7/env.c	Tue Sep 14 11:41:50 2010
-@@ -608,10 +608,16 @@
- #ifdef ENV_DEBUG
-     memset(env.envp, 0, env.env_size * sizeof(char *));
- #endif
--    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
--	/* Reset HOME based on target user unless keeping old value. */
--	reset_home = TRUE;
- 
-+    /* Reset HOME based on target user if configured to. */
-+    if (ISSET(sudo_mode, MODE_RUN)) {
-+	if (def_always_set_home ||
-+	    ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) || 
-+	    (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
-+	    reset_home = TRUE;
-+    }
-+
-+    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
- 	/* Pull in vars we want to keep from the old environment. */
- 	for (ep = old_envp; *ep; ep++) {
- 	    int keepit;
-@@ -696,6 +702,11 @@
- 	    if (!ISSET(didvar, DID_USERNAME))
- 		sudo_setenv("USERNAME", user_name, FALSE);
- 	}
-+
-+	/* If we didn't keep HOME, reset it based on target user. */
-+	if (!ISSET(didvar, KEPT_HOME))
-+	    reset_home = TRUE;
-+
- 	/*
- 	 * Set MAIL to target user in -i mode or if MAIL is not preserved
- 	 * from user's environment.
-@@ -709,13 +720,6 @@
- 	    sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
- 	}
-     } else {
--	/* Reset HOME based on target user if configured to. */
--	if (ISSET(sudo_mode, MODE_RUN)) {
--	    if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) || 
--		(ISSET(sudo_mode, MODE_SHELL) && def_set_home))
--		reset_home = TRUE;
--	}
--
- 	/*
- 	 * Copy environ entries as long as they don't match env_delete or
- 	 * env_check.
-@@ -765,7 +769,7 @@
-     }
- 
-     /* Set $HOME to target user if not preserving user's value. */
--    if (reset_home && !ISSET(didvar, KEPT_HOME))
-+    if (reset_home)
- 	sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
- 
-     /* Provide default values for $TERM and $PATH if they are not set. */
diff --git a/sudo-env.patch b/sudo-env.patch
index d4baa16..09122f6 100644
--- a/sudo-env.patch
+++ b/sudo-env.patch
@@ -1,6 +1,6 @@
---- sudo-1.6.9p6/env.c	2007-11-01 22:36:20.405065166 +0200
-+++ sudo-1.7.4p4/env.c	2010-09-15 00:12:17.263129568 +0300
-@@ -196,9 +196,11 @@
+--- sudo-1.7.5/env.c	2011-01-24 21:39:13.000000000 +0200
++++ sudo-1.7.5/env.c	2011-03-06 11:00:00.580457486 +0200
+@@ -196,12 +196,15 @@
  static const char *initial_keepenv_table[] = {
      "COLORS",
      "DISPLAY",
@@ -12,11 +12,7 @@
      "PATH",
      "PS1",
      "PS2",
-@@ -208,6 +210,7 @@
++    "SSH_AUTH_SOCK",
      "TZ",
      "XAUTHORITY",
      "XAUTHORIZATION",
-+    "SSH_AUTH_SOCK",
-     NULL
- };
- 
diff --git a/sudo.spec b/sudo.spec
index 61e547a..52ad860 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -20,19 +20,18 @@ Summary(pt_BR.UTF-8):	Permite que usuários específicos executem comandos como
 Summary(ru.UTF-8):	Позволяет определенным пользователям исполнять команды от имени root
 Summary(uk.UTF-8):	Дозволяє вказаним користувачам виконувати команди від імені root
 Name:		sudo
-Version:	1.7.4p6
+Version:	1.7.5
 Release:	1
 Epoch:		1
 License:	BSD
 Group:		Applications/System
 Source0:	ftp://ftp.sudo.ws/pub/sudo/%{name}-%{version}.tar.gz
-# Source0-md5:	1ae12d3d22e7ffedbf2db26f957676f0
+# Source0-md5:	50d39bd38bb2ef7efa05883c0b9f0f95
 Source1:	%{name}.pamd
 Source2:	%{name}-i.pamd
 Source3:	%{name}.logrotate
 Patch0:		%{name}-libtool.patch
 Patch1:		%{name}-env.patch
-Patch2:		bug-440.patch
 URL:		http://www.sudo.ws/sudo/
 BuildRequires:	autoconf >= 2.53
 BuildRequires:	automake
@@ -43,8 +42,9 @@ BuildRequires:	libtool >= 2:2.2.6
 %{?with_ldap:BuildRequires:	openldap-devel >= 2.3.0}
 %{?with_pam:BuildRequires:	pam-devel}
 BuildRequires:	rpm >= 4.4.9-56
-BuildRequires:	rpmbuild(macros) >= 1.402
+BuildRequires:	rpmbuild(macros) >= 1.595
 %{?with_skey:BuildRequires:	skey-devel >= 2.2-11}
+BuildRequires:	zlib-devel
 Requires:	pam >= %{pam_ver}
 Obsoletes:	cu-sudo
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -137,15 +137,13 @@ Ten pakiet zawiera sudo.schema dla pakietu openldap.
 %prep
 %setup -q
 # only local macros
-mv -f aclocal.m4 acinclude.m4
-# kill libtool.m4 copy
-rm -f acsite.m4
+mv aclocal.m4 acinclude.m4
 # do not load libtool macros from acinclude
+cp acinclude.m4 acinclude.m4.orig
 %{__sed} -i -e '/Pull in libtool macros/,$d' acinclude.m4
 
 %patch0 -p1
 %patch1 -p1
-%patch2 -p1
 
 %build
 %{__mv} install-sh install-custom-sh
@@ -167,6 +165,7 @@ cp -f /usr/share/automake/config.sub .
 	--with-env-editor \
 	--with-secure-path="/bin:/sbin:/usr/bin:/usr/sbin" \
 	--with-loglen=320 \
+	--enable-zlib=system \
 	--with%{!?with_kerberos5:out}-kerb5 \
 	--with%{!?with_ldap:out}-ldap \
 	--with%{!?with_skey:out}-skey \
@@ -175,12 +174,12 @@ cp -f /usr/share/automake/config.sub .
 
 %{__make}
 
+# makefile broken?
+#touch .libs/sudo_noexec.so
+
 %install
 rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sysconfdir}/{sudoers.d,pam.d,logrotate.d},/var/{log,run/sudo},%{_mandir}/man8}
-
-# makefile broken?
-touch .libs/sudo_noexec.so
+install -d $RPM_BUILD_ROOT{%{_sysconfdir}/{sudoers.d,pam.d,logrotate.d},/var/{log/sudo-io,run/sudo},%{_mandir}/man8}
 
 %{__make} -j1 install \
 	DESTDIR=$RPM_BUILD_ROOT \
@@ -189,19 +188,16 @@ touch .libs/sudo_noexec.so
 	sudoers_uid=$(id -u) \
 	sudoers_gid=$(id -g)
 
-cp -a %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/sudo
-cp -a %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
+cp -p %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/sudo
+cp -p %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
+cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/sudo
 touch $RPM_BUILD_ROOT/var/log/sudo
-cp -a %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/sudo
 
-chmod -R +r $RPM_BUILD_ROOT%{_prefix}
-
-rm -f $RPM_BUILD_ROOT%{_libdir}/sudo_noexec.la
-rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}
+%{__rm} -r $RPM_BUILD_ROOT%{_docdir}/%{name}
 
 %if %{with ldap}
 install -d $RPM_BUILD_ROOT%{schemadir}
-cp -a schema.OpenLDAP $RPM_BUILD_ROOT%{schemadir}/sudo.schema
+cp -p schema.OpenLDAP $RPM_BUILD_ROOT%{schemadir}/sudo.schema
 %endif
 
 %clean
@@ -210,10 +206,7 @@ rm -rf $RPM_BUILD_ROOT
 %post -n openldap-schema-sudo
 %openldap_schema_register %{schemadir}/sudo.schema -d core
 %service -q ldap restart
-
-# banner on first install
-if [ "$1" = "1" ]; then
-%banner -e openldap-schema-sudo <<'EOF'
+%banner -o -e openldap-schema-sudo <<'EOF'
 NOTE:
 In order for sudoRole LDAP queries to be efficient, the server must index
 the attribute 'sudoUser', e.g.
@@ -221,7 +214,6 @@ the attribute 'sudoUser', e.g.
     # Indices to maintain
     index   sudoUser    eq
 EOF
-fi
 
 %postun -n openldap-schema-sudo
 if [ "$1" = "0" ]; then
@@ -250,6 +242,7 @@ fi
 %{_mandir}/man8/sudoreplay.8*
 %{_mandir}/man8/visudo.8*
 %attr(600,root,root) %ghost /var/log/sudo
+%attr(700,root,root) /var/log/sudo-io
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/sudo
 %attr(700,root,root) %dir /var/run/sudo
 
-- 
2.44.0