top_srcdir=`dirname $0`
platform=`$top_srcdir/pp --probe` || exit 1
+osrelease=`echo "$platform" | sed -e 's/^[^0-9]*//' -e 's/-.*$//'`
# Default paths
prefix=/usr/local
case "$platform" in
centos*|rhel*)
prefix=/usr
- case "$platform" in
- centos[0-4].*|rhel[0-4].*)
- ;;
- *)
- # RHEL 5 and up build pies and have audit support
- export CFLAGS="$F_PIE" LDFLAGS="-pie"
- configure_opts="--with-linux-audit"
- ;;
- esac
+ if [ $osrelease -ge 50 ]; then
+ # RHEL 5 and up build pies and have audit support
+ export CFLAGS="$F_PIE" LDFLAGS="-pie"
+ configure_opts="--with-linux-audit"
+ fi
# Note, must indent with tabs, not spaces due to IFS trickery
configure_opts="$configure_opts
--prefix=$prefix
;;
sles*)
prefix=/usr
- case "$platform" in
- sles[0-9].*)
- ;;
- sles10.*)
- # SLES 10 and higher build pies
- export CFLAGS="$F_PIE" LDFLAGS="-pie"
- ;;
- *)
- # SLES 11 and higher has SELinux too
- export CFLAGS="$F_PIE" LDFLAGS="-pie"
+ if [ $osrelease -ge 10 ]; then
+ # SLES 10 and higher build pies
+ export CFLAGS="$F_PIE" LDFLAGS="-pie"
+ if [ $osrelease -ge 11 ]; then
+ # SLES 11 and higher has SELinux
configure_opts="--with-selinux"
- ;;
- esac
+ fi
+ fi
# SuSE doesn't have /usr/libexec
case "$platform" in
*64*) libexec=lib64;;
done
# If no copyright file is present add one. This is a debian requirement.
- # XXX - include the LICENSE file instead?
share_doc="/usr/share/doc/`pp_deb_cmp_full_name $cmp`"
if [ ! -f "$data/$share_doc/copyright" ]
then
;;
*)
# Remove trailing revision number and any dots
- #release=`echo $release | cut -dr -f1 | tr -d .`
- release=`echo $release | cut -dr -f1`
+ release=`echo $release | cut -dr -f1 | tr -d .`
;;
esac
/^SuSE SLES-[0-9]/ { print "sles" substr($2,6); exit; }
' /etc/SuSE-release`
fi
- #pp_rpm_distro=`echo $pp_rpm_distro | tr -d .`
+ pp_rpm_distro=`echo $pp_rpm_distro | tr -d .`
test -z "$pp_rpm_distro" &&
pp_warn "unknown distro"
}
%set [rpm]
# Add distro info to release
+ osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/-.*$//'`
case "$pp_rpm_distro" in
centos*|rhel*)
- d=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/[^0-9].*$//'`
- if test -n "$d"; then
- pp_rpm_release="$pp_rpm_release.el$d"
- fi
+ pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}"
;;
sles*)
- d=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/[^0-9].*$//'`
- if test -n "$d"; then
- pp_rpm_release="$pp_rpm_release.sles$d"
- fi
+ pp_rpm_release="$pp_rpm_release.sles$osrelease"
;;
esac
# Choose the correct PAM file by distro, must be tab indented for "<<-"
case "$pp_rpm_distro" in
- centos[0-4].*|rhel[0-4].*)
- mkdir -p ${pp_destdir}/etc/pam.d
- cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
- #%PAM-1.0
- auth required pam_stack.so service=system-auth
- account required pam_stack.so service=system-auth
- password required pam_stack.so service=system-auth
- session required pam_limits.so
- EOF
- ;;
centos*|rhel*)
mkdir -p ${pp_destdir}/etc/pam.d
- cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
- #%PAM-1.0
- auth include system-auth
- account include system-auth
- password include system-auth
- session optional pam_keyinit.so revoke
- session required pam_limits.so
- EOF
- cat > ${pp_destdir}/etc/pam.d/sudo-i <<-EOF
- #%PAM-1.0
- auth include sudo
- account include sudo
- password include sudo
- session optional pam_keyinit.so force revoke
- session required pam_limits.so
- EOF
- ;;
- sles9.*)
- mkdir -p ${pp_destdir}/etc/pam.d
- cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
- #%PAM-1.0
- auth required pam_unix2.so
- session required pam_limits.so
- EOF
+ if test $osrelease -lt 50; then
+ cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
+ #%PAM-1.0
+ auth required pam_stack.so service=system-auth
+ account required pam_stack.so service=system-auth
+ password required pam_stack.so service=system-auth
+ session required pam_limits.so
+ EOF
+ else
+ cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
+ #%PAM-1.0
+ auth include system-auth
+ account include system-auth
+ password include system-auth
+ session optional pam_keyinit.so revoke
+ session required pam_limits.so
+ EOF
+ cat > ${pp_destdir}/etc/pam.d/sudo-i <<-EOF
+ #%PAM-1.0
+ auth include sudo
+ account include sudo
+ password include sudo
+ session optional pam_keyinit.so force revoke
+ session required pam_limits.so
+ EOF
+ fi
;;
sles*)
mkdir -p ${pp_destdir}/etc/pam.d
- cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
- #%PAM-1.0
- auth include common-auth
- account include common-account
- password include common-password
- session include common-session
- # session optional pam_xauth.so
- EOF
+ if test $osrelease -lt 10; then
+ cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
+ #%PAM-1.0
+ auth required pam_unix2.so
+ session required pam_limits.so
+ EOF
+ else
+ cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF
+ #%PAM-1.0
+ auth include common-auth
+ account include common-account
+ password include common-password
+ session include common-session
+ # session optional pam_xauth.so
+ EOF
+ fi
;;
esac
projects / sudo / commitdiff