[sudo] - added patch for #635250 - /var/run/sudo -> /var/db/sudo in .spec

[Daniel Kopeček]

commit 9714d256ce40f1cb43b7c49e7d622f1c27e48860
Author: Daniel Kopecek <dkopecek at redhat.com>
Date:   Mon Sep 20 08:38:07 2010 +0200

    - added patch for #635250
    - /var/run/sudo -> /var/db/sudo in .spec

 sudo-1.7.4p4-sudoi.patch |   57 ++++++++++++++++++++++++++++++++++++++++++++++
 sudo.spec                |   11 +++++++-
 2 files changed, 66 insertions(+), 2 deletions(-)
---
diff --git a/sudo-1.7.4p4-sudoi.patch b/sudo-1.7.4p4-sudoi.patch
new file mode 100644
index 0000000..52b8d85
--- /dev/null
+++ b/sudo-1.7.4p4-sudoi.patch
@@ -0,0 +1,57 @@
+--- env.c	Wed Aug 18 15:27:03 2010
++++ env.c	Tue Sep 14 11:41:50 2010
+@@ -608,10 +608,16 @@
+ #ifdef ENV_DEBUG
+     memset(env.envp, 0, env.env_size * sizeof(char *));
+ #endif
+-    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+-	/* Reset HOME based on target user unless keeping old value. */
+-	reset_home = TRUE;
+ 
++    /* Reset HOME based on target user if configured to. */
++    if (ISSET(sudo_mode, MODE_RUN)) {
++	if (def_always_set_home ||
++	    ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) || 
++	    (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
++	    reset_home = TRUE;
++    }
++
++    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+ 	/* Pull in vars we want to keep from the old environment. */
+ 	for (ep = old_envp; *ep; ep++) {
+ 	    int keepit;
+@@ -696,6 +702,11 @@
+ 	    if (!ISSET(didvar, DID_USERNAME))
+ 		sudo_setenv("USERNAME", user_name, FALSE);
+ 	}
++
++	/* If we didn't keep HOME, reset it based on target user. */
++	if (!ISSET(didvar, KEPT_HOME))
++	    reset_home = TRUE;
++
+ 	/*
+ 	 * Set MAIL to target user in -i mode or if MAIL is not preserved
+ 	 * from user's environment.
+@@ -709,13 +720,6 @@
+ 	    sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
+ 	}
+     } else {
+-	/* Reset HOME based on target user if configured to. */
+-	if (ISSET(sudo_mode, MODE_RUN)) {
+-	    if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME) || 
+-		(ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+-		reset_home = TRUE;
+-	}
+-
+ 	/*
+ 	 * Copy environ entries as long as they don't match env_delete or
+ 	 * env_check.
+@@ -765,7 +769,7 @@
+     }
+ 
+     /* Set $HOME to target user if not preserving user's value. */
+-    if (reset_home && !ISSET(didvar, KEPT_HOME))
++    if (reset_home)
+ 	sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
+ 
+     /* Provide default values for $TERM and $PATH if they are not set. */
diff --git a/sudo.spec b/sudo.spec
index 431ce2d..5419701 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.7.4p4
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: ISC
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -30,6 +30,8 @@ Patch3: sudo-1.7.4p3-m4path.patch
 Patch4: sudo-1.7.4p3-sudolist.patch
 # getgrouplist() to determine group membership (#235915)
 Patch5: sudo-1.7.4p4-getgrouplist.patch
+# reset HOME when using the `-i' option (#635250)
+Patch6: sudo-1.7.4p4-sudoi.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -50,6 +52,7 @@ on many different machines.
 %patch3 -p1 -b .m4path
 %patch4 -p1 -b .sudolist
 %patch5 -p1 -b .getgrouplist
+%patch6 -p0 -b .sudoi
 
 %build
 # handle newer autoconf
@@ -90,7 +93,7 @@ make
 rm -rf $RPM_BUILD_ROOT
 make install DESTDIR="$RPM_BUILD_ROOT" install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
 chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/* 
-install -p -d -m 700 $RPM_BUILD_ROOT/var/run/sudo
+install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
 install -p -d -m 750 $RPM_BUILD_ROOT/etc/sudoers.d
 install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers
 
@@ -144,6 +147,10 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Mon Sep 20 2010 Daniel Kopecek <dkopecek at redhat.com> - 1.7.4p4-3
+- added patch for #635250
+- /var/run/sudo -> /var/db/sudo in .spec
+
 * Tue Sep  7 2010 Daniel Kopecek <dkopecek at redhat.com> - 1.7.4p4-2
 - sudo now uses /var/db/sudo for timestamps