None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
The RPM permissions have been set at `0440` for a long, long time. This
`%post` invocation dates beyond the import from CVS in 2004. Further,
this change will actually *undo* local admin changes to use e.g. `0600`
or something if they want to harden it further.
This is similar to: https://src.fedoraproject.org/rpms/nfs-utils/pull-request/1
I'm just making this change as it shows up as error spew when doing
`rpm-ostree compose tree`.
- /etc/pam.d/system-auth to 'pam'
- /bin/chmod to 'coreutils' (bug #1488934)
- /usr/bin/vi to vim-minimal
- ... and make vim-minimal "recommends" instead of "requires", because
other editors can be configured.
- this commit changes only version, nothing else
- we were not able to update from rc and beta versions to stable
one in fedora rawhide
- so this is a new snapshot package which resolves it
- major changes & fixes:
- when running a command in the background, sudo will now forward
SIGINFO to the command
- the passwords in ldap.conf and ldap.secret may now be encoded in base64.
- SELinux role changes are now audited. For sudoedit, we now audit
the actual editor being run, instead of just the sudoedit command.
- it is now possible to match an environment variable's value as well as
its name using env_keep and env_check
- new files created via sudoedit as a non-root user now have the proper group id
- sudoedit now works correctly in conjunction with sudo's SELinux RBAC support
- it is now possible to disable network interface probing in sudo.conf by
changing the value of the probe_interfaces setting
- when listing a user's privileges (sudo -l), the sudoers plugin will now prompt
for the user's password even if the targetpw, rootpw or runaspw options are set.
- the new use_netgroups sudoers option can be used to explicitly enable or disable
netgroups support
- visudo can now export a sudoers file in JSON format using the new -x flag
- added patch to read ldap.conf more closely to nss_ldap
- require /usr/bin/vi instead of vim-minimal
- include pam.d/system-auth in PAM session phase from pam.d/sudo
- include pam.d/sudo in PAM session phase from pam.d/sudo-i
Daniel Kopeček
Igor Gnatenko
Fedora Release Engineering
Colin Walters
Radovan Sroka
Rachel Sibley
Marek Tamaskovic
Matthew Miller
Jiri Vymazal
Tomas Sykora
Daniel Kopecek
Dennis Gilmore
Peter Robinson
Tom Callaway
Peter Robinson
Ville Skyttä