rpms
/
sudo
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f37-riscv64
rpms:f37
rpms:main
rpms:f36
rpms:f35
rpms:f32
rpms:f33
rpms:f34
rpms:f31
rpms:f30
rpms:f29
rpms:f27
rpms:f28
rpms:f25
rpms:f26
rpms:f24
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f17
rpms:f18
rpms:f15
rpms:f16
rpms:f13
rpms:f14
rpms:f12
rpms:f11
rpms:f9
rpms:f10
rpms:f7
rpms:f8
rpms:sudo-1_7_2p6-2_fc11
rpms:sudo-1_7_2p6-2_fc12
rpms:sudo-1_7_2p6-2_fc13
rpms:sudo-1_7_2p6-2_fc14
rpms:sudo-1_7_2p6-1_fc11
rpms:sudo-1_7_2p6-1_fc12
rpms:sudo-1_7_2p6-1_fc13
rpms:sudo-1_7_2p6-1_fc14
rpms:sudo-1_7_2p5-1_fc13
rpms:sudo-1_7_2p5-1_fc11
rpms:sudo-1_7_2p5-1_fc12
rpms:sudo-1_7_2p5-2_fc14
rpms:sudo-1_7_2p5-1_fc14
rpms:sudo-1_7_2p2-4_fc12
rpms:sudo-1_7_2p2-5_fc13
rpms:F-13-start
rpms:F-13-split
rpms:sudo-1_7_2p2-4_fc13
rpms:sudo-1_7_2p2-3_fc13
rpms:sudo-1_7_2p2-3_fc12
rpms:sudo-1_7_2p2-2_fc13
rpms:sudo-1_7_2p2-2_fc12
rpms:sudo-1_7_2p2-1_fc12
rpms:sudo-1_7_2p2-1_fc13
rpms:sudo-1_7_1-7_fc12
rpms:F-12-start
rpms:F-12-split
rpms:sudo-1_7_1-6_fc12
rpms:sudo-1_7_1-5_fc12
rpms:sudo-1_7_1-4_fc12
rpms:sudo-1_7_1-4_fc11
rpms:sudo-1_7_1-4_fc10
rpms:sudo-1_7_1-3_fc11
rpms:sudo-1_7_1-3_fc10
rpms:sudo-1_7_1-2_fc11
rpms:sudo-1_7_1-1_fc12
rpms:sudo-1_7_1-2_fc10
rpms:sudo-1_7_1-1_fc10
rpms:sudo-1_7_1-1_fc11
rpms:sudo-1_6_9p17-6_fc11
rpms:F-11-start
rpms:F-11-split
rpms:sudo-1_6_9p17-4_fc11
rpms:sudo-1_6_9p17-5_fc10
rpms:sudo-1_6_9p17-3_fc11
rpms:sudo-1_6_9p17-4_fc10
rpms:sudo-1_6_9p13-8_fc9
rpms:sudo-1_6_9p17-3_fc10
rpms:sudo-1_6_9p13-7_fc9
rpms:sudo-1_6_9p17-2_fc10
rpms:F-10-start
rpms:F-10-split
rpms:sudo-1_6_9p17-1_fc10
rpms:sudo-1_6_9p13-7_fc10
rpms:sudo-1_6_9p13-5_fc9_1
rpms:sudo-1_6_9p13-6_fc9
rpms:sudo-1_6_9p13-6_fc10
rpms:sudo-1_6_9p4-6_fc8
rpms:sudo-1_6_9p13-5_fc9
rpms:sudo-1_6_9p13-4_fc9
rpms:F-9-start
rpms:F-9-split
rpms:sudo-1_6_9p13-3_fc9
rpms:sudo-1_6_9p4-4_fc8
rpms:sudo-1_6_9p13-1_fc9
rpms:sudo-1_6_9p12-1_fc9
rpms:sudo-1_6_9p4-6_fc9
rpms:sudo-1_6_9p4-3_fc8
rpms:sudo-1_6_9p4-5_fc9
rpms:sudo-1_6_9p4-4_fc9
rpms:sudo-1_6_9p4-3_fc9
rpms:F-8-start
rpms:F-8-split
rpms:sudo-1_6_9p4-2_fc8
rpms:sudo-1_6_9p4-1_fc8
rpms:sudo-1_6_8p12-14_fc7
rpms:F-7-start
rpms:F-7-split
rpms:sudo-1_6_8p12-13_fc7
rpms:sudo-1_6_8p12-12_fc7
rpms:sudo-1_6_8p12-11_fc7
rpms:sudo-1_6_8p12-10
rpms:FC-6-split
rpms:sudo-1_6_8p12-9
rpms:sudo-1_6_8p12-8
rpms:sudo-1_6_8p12-7
rpms:sudo-1_6_8p12-6_1
rpms:sudo-1_6_8p12-6
rpms:sudo-1_6_8p12-5
rpms:sudo-1_6_8p12-4_1
rpms:FC-5-split
rpms:sudo-1_6_8p12-4
rpms:sudo-1_6_8p12-3_1
rpms:sudo-1_6_8p12-3
rpms:sudo-1_6_8p12-1_1
rpms:sudo-1_6_8p12-1
rpms:sudo-1_6_8p11-1
rpms:sudo-1_6_8p9-6
rpms:sudo-1_6_8p9-5
rpms:sudo-1_6_8p9-4
rpms:sudo-1_6_8p9-3
rpms:sudo-1_6_8p9-2
rpms:sudo-1_6_8p9-1
rpms:sudo-1_6_8p8-2
rpms:FC-4-split
rpms:sudo-1_6_8p8-1
rpms:sudo-1_6_7p5-31
rpms:sudo-1_6_7p5-30_1
rpms:RHEL-4-split
rpms:FC-3-split
rpms:sudo-1_6_7p5-30
rpms:sudo-1_6_7p5-29
rpms:sudo-1_6_7p5-28
rpms:present-on-devel
rpms:sudo-1_6_7p5-27
rpms:sudo-1_6_7p5-26
rpms:sudo-1_6_7p5-23
rpms:sudo-1_6_7p5-16
rpms:FC-2-split
rpms:sudo-1_6_7p5-2
rpms:FC-1-split
rpms:sudo-1_6_6-3
rpms:RHL-9-split
rpms:RHL-8-split
rpms:RHEL-3-split
rpms:sudo-1_6_6-1
rpms:sudo-1_6_5p2-4
rpms:sudo-1_6_5p2-2
rpms:RHL-7_3-split
rpms:sudo-1_6_5p2-1
rpms:sudo-1_6_4-0_7x_2
rpms:RHL-7_2-split
rpms:sudo-1_6_3p7-2
rpms:RHEL-2_1-split
rpms:sudo-1_6_3p7-1
rpms:sudo-1_6_3p6-2
rpms:RHL-7_1-split
rpms:sudo-1_6_3p6-1
rpms:RHL-7_0-split
rpms:sudo-1_6_3-4
...
pull from: rpms:f25
Branches Tags
rpms:f37-riscv64
rpms:f37
rpms:main
rpms:rawhide
rpms:f36
rpms:f35
rpms:f32
rpms:f33
rpms:f34
rpms:f31
rpms:f30
rpms:f29
rpms:f27
rpms:f28
rpms:f25
rpms:f26
rpms:f24
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f17
rpms:f18
rpms:f15
rpms:f16
rpms:f13
rpms:f14
rpms:f12
rpms:f11
rpms:f9
rpms:f10
rpms:f7
rpms:f8
rpms:sudo-1_7_2p6-2_fc11
rpms:sudo-1_7_2p6-2_fc12
rpms:sudo-1_7_2p6-2_fc13
rpms:sudo-1_7_2p6-2_fc14
rpms:sudo-1_7_2p6-1_fc11
rpms:sudo-1_7_2p6-1_fc12
rpms:sudo-1_7_2p6-1_fc13
rpms:sudo-1_7_2p6-1_fc14
rpms:sudo-1_7_2p5-1_fc13
rpms:sudo-1_7_2p5-1_fc11
rpms:sudo-1_7_2p5-1_fc12
rpms:sudo-1_7_2p5-2_fc14
rpms:sudo-1_7_2p5-1_fc14
rpms:sudo-1_7_2p2-4_fc12
rpms:sudo-1_7_2p2-5_fc13
rpms:F-13-start
rpms:F-13-split
rpms:sudo-1_7_2p2-4_fc13
rpms:sudo-1_7_2p2-3_fc13
rpms:sudo-1_7_2p2-3_fc12
rpms:sudo-1_7_2p2-2_fc13
rpms:sudo-1_7_2p2-2_fc12
rpms:sudo-1_7_2p2-1_fc12
rpms:sudo-1_7_2p2-1_fc13
rpms:sudo-1_7_1-7_fc12
rpms:F-12-start
rpms:F-12-split
rpms:sudo-1_7_1-6_fc12
rpms:sudo-1_7_1-5_fc12
rpms:sudo-1_7_1-4_fc12
rpms:sudo-1_7_1-4_fc11
rpms:sudo-1_7_1-4_fc10
rpms:sudo-1_7_1-3_fc11
rpms:sudo-1_7_1-3_fc10
rpms:sudo-1_7_1-2_fc11
rpms:sudo-1_7_1-1_fc12
rpms:sudo-1_7_1-2_fc10
rpms:sudo-1_7_1-1_fc10
rpms:sudo-1_7_1-1_fc11
rpms:sudo-1_6_9p17-6_fc11
rpms:F-11-start
rpms:F-11-split
rpms:sudo-1_6_9p17-4_fc11
rpms:sudo-1_6_9p17-5_fc10
rpms:sudo-1_6_9p17-3_fc11
rpms:sudo-1_6_9p17-4_fc10
rpms:sudo-1_6_9p13-8_fc9
rpms:sudo-1_6_9p17-3_fc10
rpms:sudo-1_6_9p13-7_fc9
rpms:sudo-1_6_9p17-2_fc10
rpms:F-10-start
rpms:F-10-split
rpms:sudo-1_6_9p17-1_fc10
rpms:sudo-1_6_9p13-7_fc10
rpms:sudo-1_6_9p13-5_fc9_1
rpms:sudo-1_6_9p13-6_fc9
rpms:sudo-1_6_9p13-6_fc10
rpms:sudo-1_6_9p4-6_fc8
rpms:sudo-1_6_9p13-5_fc9
rpms:sudo-1_6_9p13-4_fc9
rpms:F-9-start
rpms:F-9-split
rpms:sudo-1_6_9p13-3_fc9
rpms:sudo-1_6_9p4-4_fc8
rpms:sudo-1_6_9p13-1_fc9
rpms:sudo-1_6_9p12-1_fc9
rpms:sudo-1_6_9p4-6_fc9
rpms:sudo-1_6_9p4-3_fc8
rpms:sudo-1_6_9p4-5_fc9
rpms:sudo-1_6_9p4-4_fc9
rpms:sudo-1_6_9p4-3_fc9
rpms:F-8-start
rpms:F-8-split
rpms:sudo-1_6_9p4-2_fc8
rpms:sudo-1_6_9p4-1_fc8
rpms:sudo-1_6_8p12-14_fc7
rpms:F-7-start
rpms:F-7-split
rpms:sudo-1_6_8p12-13_fc7
rpms:sudo-1_6_8p12-12_fc7
rpms:sudo-1_6_8p12-11_fc7
rpms:sudo-1_6_8p12-10
rpms:FC-6-split
rpms:sudo-1_6_8p12-9
rpms:sudo-1_6_8p12-8
rpms:sudo-1_6_8p12-7
rpms:sudo-1_6_8p12-6_1
rpms:sudo-1_6_8p12-6
rpms:sudo-1_6_8p12-5
rpms:sudo-1_6_8p12-4_1
rpms:FC-5-split
rpms:sudo-1_6_8p12-4
rpms:sudo-1_6_8p12-3_1
rpms:sudo-1_6_8p12-3
rpms:sudo-1_6_8p12-1_1
rpms:sudo-1_6_8p12-1
rpms:sudo-1_6_8p11-1
rpms:sudo-1_6_8p9-6
rpms:sudo-1_6_8p9-5
rpms:sudo-1_6_8p9-4
rpms:sudo-1_6_8p9-3
rpms:sudo-1_6_8p9-2
rpms:sudo-1_6_8p9-1
rpms:sudo-1_6_8p8-2
rpms:FC-4-split
rpms:sudo-1_6_8p8-1
rpms:sudo-1_6_7p5-31
rpms:sudo-1_6_7p5-30_1
rpms:RHEL-4-split
rpms:FC-3-split
rpms:sudo-1_6_7p5-30
rpms:sudo-1_6_7p5-29
rpms:sudo-1_6_7p5-28
rpms:present-on-devel
rpms:sudo-1_6_7p5-27
rpms:sudo-1_6_7p5-26
rpms:sudo-1_6_7p5-23
rpms:sudo-1_6_7p5-16
rpms:FC-2-split
rpms:sudo-1_6_7p5-2
rpms:FC-1-split
rpms:sudo-1_6_6-3
rpms:RHL-9-split
rpms:RHL-8-split
rpms:RHEL-3-split
rpms:sudo-1_6_6-1
rpms:sudo-1_6_5p2-4
rpms:sudo-1_6_5p2-2
rpms:RHL-7_3-split
rpms:sudo-1_6_5p2-1
rpms:sudo-1_6_4-0_7x_2
rpms:RHL-7_2-split
rpms:sudo-1_6_3p7-2
rpms:RHEL-2_1-split
rpms:sudo-1_6_3p7-1
rpms:sudo-1_6_3p6-2
rpms:RHL-7_1-split
rpms:sudo-1_6_3p6-1
rpms:RHL-7_0-split
rpms:sudo-1_6_3-4

6 Commits
rawhide ... f25

Author SHA1 Message Date
Marek Tamaskovic 5c63394874 Update to sudo-1.8.21p2 2017-10-04 15:37:49 +02:00
Daniel Kopeček 039140a51d update to 1.8.20p2 
added sudo to dnf/yum protected packages
 2017-06-01 13:07:20 +02:00
Daniel Kopeček 98199dc3ed update to 1.8.20p1 
fixes CVE-2017-1000367
  Resolves: rhbz#1456884
 2017-05-31 09:13:04 +02:00
Jiri Vymazal 90a132a69b * Mon Apr 03 2017 Jiri Vymazal <jvymazal@redhat.com> 1.8.19p2-1 
- update to 1.8.19p2
- updated URL and source0 as upstream changed domain
 2017-04-03 15:31:38 +02:00
Daniel Kopecek dcf541d6dd update to 1.8.18p1 
- fixes CVE-2016-7076
 2016-11-08 14:21:34 +01:00
Radovan Sroka 5cca8afb18 update to 1.8.18 
- dropped sudo-1.8.14p1-ldapconfpatch.patch
  upstreamed --> https://www.sudo.ws/pipermail/sudo-workers/2016-September/001006.html

- added --disable-root-mailer as configure option
  Resolves: rhbz#1324091
 2016-09-21 17:23:08 +02:00
4 changed files with 53 additions and 63 deletions
Show Stats Expand all files Collapse all files

9
.gitignore vendored
View File

@ -1,2 +1,11 @@
/sudo-1.8.16.tar.gz
/sudo-1.8.17p1.tar.gz
/sudo-1.8.18b2.tar.gz
/sudo-1.8.18rc2.tar.gz
/sudo-1.8.18rc4.tar.gz
/sudo-1.8.18.tar.gz
/sudo-1.8.18p1.tar.gz
/sudo-1.8.19p2.tar.gz
/sudo-1.8.20p1.tar.gz
/sudo-1.8.20p2.tar.gz
/sudo-1.8.21p2.tar.gz

2
sources
View File

@ -1 +1 @@
50a840a688ceb6fa3ab24fc0adf4fa23 sudo-1.8.17p1.tar.gz
SHA512 (sudo-1.8.21p2.tar.gz) = f04bbff54ad74ba73c078e15c75d2f41332d4912078ed66157ba7346b7fff914bd0747460cb4cd0c472af2d3b344fa72f5c62c95169df68a9cac74d7245c720c

55
sudo-1.8.14p1-ldapconfpatch.patch
View File

@ -1,55 +0,0 @@
diff -up sudo-1.8.14b3/plugins/sudoers/ldap.c.ldapconfpatch sudo-1.8.14b3/plugins/sudoers/ldap.c
--- sudo-1.8.14b3/plugins/sudoers/ldap.c.ldapconfpatch 2015-07-07 18:51:11.000000000 +0200
+++ sudo-1.8.14b3/plugins/sudoers/ldap.c 2015-07-09 11:03:25.686645581 +0200
@@ -1922,6 +1922,33 @@ sudo_check_krb5_ccname(const char *ccnam
}
#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+/*
+ * Read a line of input, remove whole line comments and strip off leading
+ * and trailing spaces. Returns static storage that is reused.
+ */
+static char *
+sudo_ldap_parseln(fp)
+ FILE *fp;
+{
+ size_t len;
+ char *cp = NULL;
+ static char buf[LINE_MAX];
+
+ if (fgets(buf, sizeof(buf), fp) != NULL) {
+ /* Remove comments */
+ if (*buf == '#')
+ *buf = '\0';
+
+ /* Trim leading and trailing whitespace/newline */
+ len = strlen(buf);
+ while (len > 0 && isspace((unsigned char)buf[len - 1]))
+ buf[--len] = '\0';
+ for (cp = buf; isblank(*cp); cp++)
+ continue;
+ }
+ return(cp);
+}
+
static bool
sudo_ldap_read_config(void)
{
@@ -1955,7 +1982,7 @@ sudo_ldap_read_config(void)
if ((fp = fopen(path_ldap_conf, "r")) == NULL)
debug_return_bool(false);
- while (sudo_parseln(&line, &linesize, NULL, fp) != -1) {
+ while ((line = sudo_ldap_parseln(fp)) != NULL) {
if (*line == '\0')
continue; /* skip empty line */
@@ -1975,7 +2002,7 @@ sudo_ldap_read_config(void)
if (!sudo_ldap_parse_keyword(keyword, value, ldap_conf_global))
sudo_ldap_parse_keyword(keyword, value, ldap_conf_conn);
}
- free(line);
+
fclose(fp);
if (!ldap_conf.host) {

50
sudo.spec
View File

@ -1,11 +1,11 @@
Summary: Allows restricted root access for specified users
Name: sudo
Version: 1.8.17p1
Version: 1.8.21p2
Release: 1%{?dist}
License: ISC
Group: Applications/System
URL: http://www.courtesan.com/sudo/
Source0: http://www.courtesan.com/sudo/dist/sudo-%{version}.tar.gz
URL: https://www.sudo.ws/
Source0: https://www.sudo.ws/dist/%{name}-%{version}.tar.gz
Source1: sudoers
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: /etc/pam.d/system-auth
@ -26,8 +26,6 @@ BuildRequires: zlib-devel
# don't strip
Patch1: sudo-1.6.7p5-strip.patch
# Patch to read ldap.conf more closely to nss_ldap
Patch2: sudo-1.8.14p1-ldapconfpatch.patch
%description
Sudo (superuser do) allows a system administrator to give certain
@ -53,7 +51,6 @@ plugins that use %{name}.
%setup -q
%patch1 -p1 -b .strip
%patch2 -p1 -b .ldapconfpatch
%build
# Remove bundled copy of zlib
@ -73,6 +70,7 @@ export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
--sbindir=%{_sbindir} \
--libdir=%{_libdir} \
--docdir=%{_pkgdocdir} \
--disable-root-mailer \
--with-logging=syslog \
--with-logfac=authpriv \
--with-pam \
@ -102,6 +100,12 @@ install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo/lectured
install -p -d -m 750 $RPM_BUILD_ROOT/etc/sudoers.d
install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers
#add sudo to protected packages
install -p -d -m 755 $RPM_BUILD_ROOT/etc/yum/protected.d/
touch sudo.conf
echo sudo > sudo.conf
install -p -c -m 0644 sudo.conf $RPM_BUILD_ROOT/etc/yum/protected.d/
rm -f sudo.conf
chmod +x $RPM_BUILD_ROOT%{_libexecdir}/sudo/*.so # for stripping, reset in %%files
@ -117,6 +121,9 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/examples/sudo
#Remove all .la files
find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
# Remove sudoers.dist
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.dist
%find_lang sudo
%find_lang sudoers
@ -154,6 +161,7 @@ rm -rf $RPM_BUILD_ROOT
%config(noreplace) /etc/pam.d/sudo
%config(noreplace) /etc/pam.d/sudo-i
%attr(0644,root,root) %{_tmpfilesdir}/sudo.conf
%attr(0644,root,root) /etc/yum/protected.d/sudo.conf
%dir /var/db/sudo
%dir /var/db/sudo/lectured
%attr(4111,root,root) %{_bindir}/sudo
@ -168,6 +176,7 @@ rm -rf $RPM_BUILD_ROOT
%attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
%attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
%{_libexecdir}/sudo/libsudo_util.so.?
%{_libexecdir}/sudo/libsudo_util.so
%{_mandir}/man5/sudoers.5*
%{_mandir}/man5/sudoers.ldap.5*
%{_mandir}/man5/sudo.conf.5*
@ -191,9 +200,36 @@ rm -rf $RPM_BUILD_ROOT
%doc plugins/sample/sample_plugin.c
%{_includedir}/sudo_plugin.h
%{_mandir}/man8/sudo_plugin.8*
%{_libexecdir}/sudo/libsudo_util.so
%changelog
* Thu Sep 21 2017 Marek Tamaskovic <mtamasko@redhat.com> - 1.8.21p2-1
- update to 1.8.21p2
- Moved libsudo_util.so from the -devel sub-package to main package (1481225)
* Thu Jun 01 2017 Daniel Kopecek <dkopecek@redhat.com> 1.8.20p2-1
- update to 1.8.20p2
- added sudo to dnf/yum protected packages
* Wed May 31 2017 Daniel Kopecek <dkopecek@redhat.com> 1.8.20p1-1
- update to 1.8.20p1
- fixes CVE-2017-1000367
Resolves: rhbz#1456884
* Mon Apr 03 2017 Jiri Vymazal <jvymazal@redhat.com> 1.8.19p2-1
- update to 1.8.19p2
- updated URL and source0 as upstream changed domain
* Tue Nov 08 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.18p1-1
- update to 1.8.18p1
- fixes CVE-2016-7076
* Wed Sep 21 2016 Radovan Sroka <rsroka@redhat.com> 1.8.18-1
- update to 1.8.18
- dropped sudo-1.8.14p1-ldapconfpatch.patch
upstreamed --> https://www.sudo.ws/pipermail/sudo-workers/2016-September/001006.html
- added --disable-root-mailer as configure option
Resolves: rhbz#1324091
* Fri Jun 24 2016 Daniel Kopecek <dkopecek@redhat.com> 1.8.17p1-1
- update to 1.8.17p1
- install the /var/db/sudo/lectured