[sudo] - added patch for #635250 - /var/run/sudo -> /var/db/sudo in .spec
Daniel Kopeček
mildew at fedoraproject.org
Mon Sep 20 06:38:14 UTC 2010
commit 9714d256ce40f1cb43b7c49e7d622f1c27e48860
Author: Daniel Kopecek <dkopecek at redhat.com>
Date: Mon Sep 20 08:38:07 2010 +0200
- added patch for #635250
- /var/run/sudo -> /var/db/sudo in .spec
sudo-1.7.4p4-sudoi.patch | 57 ++++++++++++++++++++++++++++++++++++++++++++++
sudo.spec | 11 +++++++-
2 files changed, 66 insertions(+), 2 deletions(-)
---
diff --git a/sudo-1.7.4p4-sudoi.patch b/sudo-1.7.4p4-sudoi.patch
new file mode 100644
index 0000000..52b8d85
--- /dev/null
+++ b/sudo-1.7.4p4-sudoi.patch
@@ -0,0 +1,57 @@
+--- env.c Wed Aug 18 15:27:03 2010
++++ env.c Tue Sep 14 11:41:50 2010
+@@ -608,10 +608,16 @@
+ #ifdef ENV_DEBUG
+ memset(env.envp, 0, env.env_size * sizeof(char *));
+ #endif
+- if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+- /* Reset HOME based on target user unless keeping old value. */
+- reset_home = TRUE;
+
++ /* Reset HOME based on target user if configured to. */
++ if (ISSET(sudo_mode, MODE_RUN)) {
++ if (def_always_set_home ||
++ ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) ||
++ (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
++ reset_home = TRUE;
++ }
++
++ if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+ /* Pull in vars we want to keep from the old environment. */
+ for (ep = old_envp; *ep; ep++) {
+ int keepit;
+@@ -696,6 +702,11 @@
+ if (!ISSET(didvar, DID_USERNAME))
+ sudo_setenv("USERNAME", user_name, FALSE);
+ }
++
++ /* If we didn't keep HOME, reset it based on target user. */
++ if (!ISSET(didvar, KEPT_HOME))
++ reset_home = TRUE;
++
+ /*
+ * Set MAIL to target user in -i mode or if MAIL is not preserved
+ * from user's environment.
+@@ -709,13 +720,6 @@
+ sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
+ }
+ } else {
+- /* Reset HOME based on target user if configured to. */
+- if (ISSET(sudo_mode, MODE_RUN)) {
+- if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) ||
+- (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+- reset_home = TRUE;
+- }
+-
+ /*
+ * Copy environ entries as long as they don't match env_delete or
+ * env_check.
+@@ -765,7 +769,7 @@
+ }
+
+ /* Set $HOME to target user if not preserving user's value. */
+- if (reset_home && !ISSET(didvar, KEPT_HOME))
++ if (reset_home)
+ sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
+
+ /* Provide default values for $TERM and $PATH if they are not set. */
diff --git a/sudo.spec b/sudo.spec
index 431ce2d..5419701 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
Summary: Allows restricted root access for specified users
Name: sudo
Version: 1.7.4p4
-Release: 2%{?dist}
+Release: 3%{?dist}
License: ISC
Group: Applications/System
URL: http://www.courtesan.com/sudo/
@@ -30,6 +30,8 @@ Patch3: sudo-1.7.4p3-m4path.patch
Patch4: sudo-1.7.4p3-sudolist.patch
# getgrouplist() to determine group membership (#235915)
Patch5: sudo-1.7.4p4-getgrouplist.patch
+# reset HOME when using the `-i' option (#635250)
+Patch6: sudo-1.7.4p4-sudoi.patch
%description
Sudo (superuser do) allows a system administrator to give certain
@@ -50,6 +52,7 @@ on many different machines.
%patch3 -p1 -b .m4path
%patch4 -p1 -b .sudolist
%patch5 -p1 -b .getgrouplist
+%patch6 -p0 -b .sudoi
%build
# handle newer autoconf
@@ -90,7 +93,7 @@ make
rm -rf $RPM_BUILD_ROOT
make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/*
-install -p -d -m 700 $RPM_BUILD_ROOT/var/run/sudo
+install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
install -p -d -m 750 $RPM_BUILD_ROOT/etc/sudoers.d
install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers
@@ -144,6 +147,10 @@ rm -rf $RPM_BUILD_ROOT
/bin/chmod 0440 /etc/sudoers || :
%changelog
+* Mon Sep 20 2010 Daniel Kopecek <dkopecek at redhat.com> - 1.7.4p4-3
+- added patch for #635250
+- /var/run/sudo -> /var/db/sudo in .spec
+
* Tue Sep 7 2010 Daniel Kopecek <dkopecek at redhat.com> - 1.7.4p4-2
- sudo now uses /var/db/sudo for timestamps
More information about the scm-commits
mailing list