From b4b19abeaa627372d20bb25a3756ec69680fd76e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Jul 2010 17:10:07 -0400 Subject: [PATCH] Use http://rc.quest.com/topics/polypkg/ for packaging --HG-- branch : 1.7 --- sudo.pp | 135 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100644 sudo.pp diff --git a/sudo.pp b/sudo.pp new file mode 100644 index 000000000..e4cedfb8c --- /dev/null +++ b/sudo.pp @@ -0,0 +1,135 @@ +%set + name="sudo" + summary="Provide limited super-user priveleges to specific users" + description="Sudo is a program designed to allow a sysadmin to give \ +limited root privileges to users and log root activity. \ +The basic philosophy is to give as few privileges as possible but \ +still allow people to get their work done." + vendor="Todd C. Miller" + copyright="(c) 1993-1996,1998-2010 Todd C. Miller" + pp_rpm_release="1" + pp_rpm_license="BSD" + pp_rpm_url="http://www.sudo.ws/" + pp_rpm_group="Applications/System" + pp_rpm_packager="Todd.Miller@courtesan.com" + pp_deb_maintainer="Todd.Miller@courtesan.com" + pp_sd_vendor_tag="TCM" + pp_solaris_name="TCMsudo" + +%set [rpm] + # Add distro info to release + case "$pp_rpm_distro" in + centos*|rhel*) + d=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/[^0-9].*$//'` + if test -n "$d"; then + pp_rpm_release="$pp_rpm_release.el$d" + fi + ;; + sles*) + d=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/[^0-9].*$//'` + if test -n "$d"; then + pp_rpm_release="$pp_rpm_release.sles$d" + fi + ;; + esac + + # For RedHat the doc dir is expected to include version and release + case "$pp_rpm_distro" in + centos*|rhel*) + mv ${pp_destdir}/${docdir} ${pp_destdir}/${docdir}-${version}-1 + docdir=${docdir}-${version}-1 + ;; + esac + + # Choose the correct PAM file by distro + case "$pp_rpm_distro" in + centos4*|rhel4*) + mkdir -p ${pp_destdir}/etc/pam.d + cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF + #%PAM-1.0 + auth required pam_stack.so service=system-auth + account required pam_stack.so service=system-auth + password required pam_stack.so service=system-auth + session required pam_limits.so + EOF + ;; + centos5*|rhel5*) + mkdir -p ${pp_destdir}/etc/pam.d + cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF + #%PAM-1.0 + auth include system-auth + account include system-auth + password include system-auth + session optional pam_keyinit.so revoke + session required pam_limits.so + EOF + cat > ${pp_destdir}/etc/pam.d/sudo-i <<-EOF + #%PAM-1.0 + auth include sudo + account include sudo + password include sudo + session optional pam_keyinit.so force revoke + session required pam_limits.so + EOF + ;; + sles9*) + mkdir -p ${pp_destdir}/etc/pam.d + cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF + #%PAM-1.0 + auth required pam_unix2.so + session required pam_limits.so + EOF + ;; + sles10*|sles11*) + mkdir -p ${pp_destdir}/etc/pam.d + cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF + #%PAM-1.0 + auth include common-auth + account include common-account + password include common-password + session include common-session + # session optional pam_xauth.so + EOF + ;; + esac + +%set [aix] + pp_aix_version=`echo $version | sed -e 's,\([0-9][0-9]*\)\.\([0-9][0-9]*\)\.\([0-9][0-9]*\)p\([0-9][0-9]*\)q\([0-9][0-9]*\),\1.\2.\3.\4,'` + summary="Configurable super-user privileges" + +%files + $bindir/sudo 4111 root: + $bindir/sudoedit 4111 root: + $sbindir/visudo 0111 + $bindir/sudoreplay 0111 + $libexecdir/* + $sudoersdir/sudoers.dist $sudoers_mode $sudoers_uid:$sudoers_gid volatile + $sudoersdir/sudoers.d/ 0750 $sudoers_uid:$sudoers_gid + $timedir/ 0700 root: + $docdir/ + $docdir/* + +%files [!aix] + $mandir/man*/* + +%files [aix] + # Some versions use catpages, some use manpages. + $mandir/cat*/* optional + $mandir/man*/* optional + +%files [rpm] + /etc/pam.d/* volatile,optional + +%post + # Don't overwrite an existing sudoers file + sysconfdir=%{sysconfdir} + if test ! -r $sysconfdir/sudoers; then + cp -p $sysconfdir/sudoers.dist $sysconfdir/sudoers + fi + +%post [deb] + # dpkg-deb does not maintain the mode on the sudoers file, and + # installs it 0640 when sudo requires 0440 + chmod %{sudoers_mode} %{sudoersdir}/sudoers + +# vim:ts=2:sw=2:et -- 2.50.1