- moved the closefrom() call before audit_help_open()
- epoch number sync
This commit is contained in:
Daniel Kopeček
parent
6a836e9aac
commit
0b7f70f9e1
48
sudo-1.7.1-auditfix.patch
Normal file
48
sudo-1.7.1-auditfix.patch
Normal file
@ -0,0 +1,48 @@
|
||||
diff -up sudo-1.7.1/audit_help.c.auditfix sudo-1.7.1/audit_help.c
|
||||
--- sudo-1.7.1/audit_help.c.auditfix 2009-07-09 15:05:14.000000000 +0200
|
||||
+++ sudo-1.7.1/audit_help.c 2009-07-09 15:04:33.000000000 +0200
|
||||
@@ -45,7 +45,7 @@
|
||||
#include <selinux/selinux.h>
|
||||
#endif
|
||||
|
||||
-int audit_fd;
|
||||
+int audit_fd = -1;
|
||||
|
||||
void audit_help_open (void)
|
||||
{
|
||||
diff -up sudo-1.7.1/sudo.c.auditfix sudo-1.7.1/sudo.c
|
||||
--- sudo-1.7.1/sudo.c.auditfix 2009-07-09 14:35:50.000000000 +0200
|
||||
+++ sudo-1.7.1/sudo.c 2009-07-09 15:02:41.000000000 +0200
|
||||
@@ -363,10 +363,6 @@ main(argc, argv, envp)
|
||||
}
|
||||
if (safe_cmnd == NULL)
|
||||
safe_cmnd = estrdup(user_cmnd);
|
||||
-
|
||||
-#if defined(WITH_AUDIT)
|
||||
- audit_help_open ();
|
||||
-#endif
|
||||
|
||||
#ifdef HAVE_SETLOCALE
|
||||
setlocale(LC_ALL, "");
|
||||
@@ -529,7 +525,12 @@ main(argc, argv, envp)
|
||||
(void) sigaction(SIGINT, &saved_sa_int, NULL);
|
||||
(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
|
||||
(void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
|
||||
+
|
||||
+ closefrom(def_closefrom + 1);
|
||||
|
||||
+#if defined(WITH_AUDIT)
|
||||
+ audit_help_open ();
|
||||
+#endif
|
||||
if (access(safe_cmnd, X_OK) != 0) {
|
||||
warn ("unable to execute %s", safe_cmnd);
|
||||
#ifdef WITH_AUDIT
|
||||
@@ -545,8 +546,6 @@ main(argc, argv, envp)
|
||||
sudo_endpwent();
|
||||
sudo_endgrent();
|
||||
|
||||
- closefrom(def_closefrom + 1);
|
||||
-
|
||||
#ifndef PROFILING
|
||||
if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0) {
|
||||
syslog(LOG_AUTH|LOG_ERR, "fork");
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Allows restricted root access for specified users
|
||||
Name: sudo
|
||||
Version: 1.7.1
|
||||
Release: 1%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: BSD
|
||||
Group: Applications/System
|
||||
URL: http://www.courtesan.com/sudo/
|
||||
@ -30,6 +30,7 @@ Patch4: sudo-1.7.1-libtool.patch
|
||||
Patch5: sudo-1.7.1-getgrouplist.patch
|
||||
Patch6: sudo-1.7.1-audit.patch
|
||||
Patch7: sudo-1.7.1-conffix.patch
|
||||
Patch8: sudo-1.7.1-auditfix.patch
|
||||
|
||||
%description
|
||||
Sudo (superuser do) allows a system administrator to give certain
|
||||
@ -51,6 +52,7 @@ on many different machines.
|
||||
%patch5 -p1 -b .getgrouplist
|
||||
%patch6 -p1 -b .audit
|
||||
%patch7 -p1 -b .conffix
|
||||
%patch8 -p1 -b .auditfix
|
||||
|
||||
%build
|
||||
#hande newer autoconf
|
||||
@ -137,6 +139,10 @@ rm -rf $RPM_BUILD_ROOT
|
||||
/bin/chmod 0440 /etc/sudoers || :
|
||||
|
||||
%changelog
|
||||
* Thu Jul 09 2009 Daniel Kopecek <dkopecek@redhat.com> 1.7.1-4
|
||||
- moved the closefrom() call before audit_help_open() (sudo-1.7.1-auditfix.patch)
|
||||
- epoch number sync
|
||||
|
||||
* Mon Jun 22 2009 Daniel Kopecek <dkopecek@redhat.com> 1.7.1-1
|
||||
- updated sudo to version 1.7.1
|
||||
- fixed small bug in configure.in (sudo-1.7.1-conffix.patch)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user