- added patch for #635250

- /var/run/sudo -> /var/db/sudo in .spec
2010-09-20 08:38:07 +02:00 · 2010-09-20 08:38:07 +02:00 · 9714d256ce
commit 9714d256ce
parent 574273529d
2 changed files with 66 additions and 2 deletions
--- a/sudo-1.7.4p4-sudoi.patch
+++ b/sudo-1.7.4p4-sudoi.patch
@ -0,0 +1,57 @@
+--- env.c	Wed Aug 18 15:27:03 2010
+++ env.c	Tue Sep 14 11:41:50 2010
+@@ -608,10 +608,16 @@
+ #ifdef ENV_DEBUG
+     memset(env.envp, 0, env.env_size * sizeof(char *));
+ #endif
+-    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+-	/* Reset HOME based on target user unless keeping old value. */
+-	reset_home = TRUE;
+ 
+    /* Reset HOME based on target user if configured to. */
+    if (ISSET(sudo_mode, MODE_RUN)) {
+	if (def_always_set_home ||
+	    ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) || 
+	    (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+	    reset_home = TRUE;
+    }
+
+    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+ 	/* Pull in vars we want to keep from the old environment. */
+ 	for (ep = old_envp; *ep; ep++) {
+ 	    int keepit;
+@@ -696,6 +702,11 @@
+ 	    if (!ISSET(didvar, DID_USERNAME))
+ 		sudo_setenv("USERNAME", user_name, FALSE);
+ 	}
+
+	/* If we didn't keep HOME, reset it based on target user. */
+	if (!ISSET(didvar, KEPT_HOME))
+	    reset_home = TRUE;
+
+ 	/*
+ 	 * Set MAIL to target user in -i mode or if MAIL is not preserved
+ 	 * from user's environment.
+@@ -709,13 +720,6 @@
+ 	    sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
+ 	}
+     } else {
+-	/* Reset HOME based on target user if configured to. */
+-	if (ISSET(sudo_mode, MODE_RUN)) {
+-	    if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) || 
+-		(ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+-		reset_home = TRUE;
+-	}
+-
+ 	/*
+ 	 * Copy environ entries as long as they don't match env_delete or
+ 	 * env_check.
+@@ -765,7 +769,7 @@
+     }
+ 
+     /* Set $HOME to target user if not preserving user's value. */
+-    if (reset_home && !ISSET(didvar, KEPT_HOME))
+    if (reset_home)
+ 	sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
+ 
+     /* Provide default values for $TERM and $PATH if they are not set. */
--- a/sudo.spec
+++ b/sudo.spec
@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.7.4p4
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: ISC
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@ -30,6 +30,8 @@ Patch3: sudo-1.7.4p3-m4path.patch
 Patch4: sudo-1.7.4p3-sudolist.patch
 # getgrouplist() to determine group membership (#235915)
 Patch5: sudo-1.7.4p4-getgrouplist.patch
+# reset HOME when using the `-i' option (#635250)
+Patch6: sudo-1.7.4p4-sudoi.patch

 %description
 Sudo (superuser do) allows a system administrator to give certain
@ -50,6 +52,7 @@ on many different machines.
 %patch3 -p1 -b .m4path
 %patch4 -p1 -b .sudolist
 %patch5 -p1 -b .getgrouplist
+%patch6 -p0 -b .sudoi

 %build
 # handle newer autoconf
@ -90,7 +93,7 @@ make
 rm -rf $RPM_BUILD_ROOT
 make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
 chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/* 
-install -p -d -m 700 $RPM_BUILD_ROOT/var/run/sudo
+install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
 install -p -d -m 750 $RPM_BUILD_ROOT/etc/sudoers.d
 install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers

@ -144,6 +147,10 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :

 %changelog
+* Mon Sep 20 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.4p4-3
+- added patch for #635250
+- /var/run/sudo -> /var/db/sudo in .spec
+
 * Tue Sep  7 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.4p4-2
 - sudo now uses /var/db/sudo for timestamps