2010-07-13 08:33:46 -04:00
% set
2010-07-26 11:15:50 -04:00
if test - n "$flavor" ; then
2010-07-27 18:22:47 -04:00
name = "sudo-$flavor"
2010-07-15 15:12:34 -04:00
else
name = "sudo"
fi
2011-07-13 11:41:26 -04:00
summary= "Provide limited super-user privileges to specific users"
2010-07-15 15:12:34 -04:00
description= " Sudo is a program designed to allow a sysadmin to give \
2010-07-13 08:33:46 -04:00
limited root privileges to users and log root activity. \
The basic philosophy is to give as few privileges as possible but \
still allow people to get their work done. "
2010-07-15 15:12:34 -04:00
vendor= "Todd C. Miller"
2021-01-08 19:52:45 -07:00
copyright= "(c) 1993-1996,1998-2021 Todd C. Miller"
2012-06-08 09:37:43 -04:00
sudoedit_man= ` echo $ {pp_destdir} $ mandir/ * / sudoedit. * | sed "s:^${pp_destdir}::" `
2012-05-31 15:50:16 -04:00
sudoedit_man_target= ` basename $ sudoedit_man | sed 's/edit//' `
2010-08-07 11:08:32 -04:00
2010-11-09 11:13:06 -05:00
% if [ aix]
# AIX package summary is limited to 4 0 characters
summary= "Configurable super-user privileges"
2010-08-07 11:08:32 -04:00
# Convert to 4 part version for AIX, including patch level
2011-04-12 11:50:20 -04:00
pp_aix_version= ` echo $ version| sed - e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)p\([0-9]*\)$/\1.\2/' - e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)[^0-9\.].*$/\1/' - e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)$/\1.0/' `
2020-04-07 14:03:58 -06:00
# Don' t allow sudo to prompt for a password
pp_aix_sudo= "sudo -n"
2010-11-09 11:13:06 -05:00
% endif
2010-08-07 11:08:32 -04:00
2010-11-09 11:13:06 -05:00
% if [ sd]
2010-08-07 14:29:09 -04:00
pp_sd_vendor_tag= "TCM"
2010-11-09 11:13:06 -05:00
% endif
% if [ solaris]
2010-08-07 11:08:32 -04:00
pp_solaris_name= "TCM${name}"
2010-11-09 11:13:06 -05:00
pp_solaris_pstamp= ` / usr/ bin/ date "+%B %d, %Y" `
% endif
2016-08-09 12:35:08 -06:00
% if [ macos]
2017-06-02 16:10:37 -06:00
# System Integrity Protection on macOS won' t allow us to write
2016-08-09 12:35:08 -06:00
# directly to / etc or / var . We must install in / private instead.
case "$sudoersdir" in
/ etc| / etc/ * )
mkdir - p $ {pp_destdir} / private
chmod 7 5 5 $ {pp_destdir} / private
if test - d $ {pp_destdir} / etc; then
mv $ {pp_destdir} / etc $ {pp_destdir} / private/ etc
fi
sudoersdir= "/private${sudoersdir}"
; ;
esac
2020-01-21 13:31:07 -07:00
case "$sysconfdir" in
/ etc| / etc/ * )
mkdir - p $ {pp_destdir} / private
chmod 7 5 5 $ {pp_destdir} / private
if test - d $ {pp_destdir} / etc; then
mv $ {pp_destdir} / etc $ {pp_destdir} / private/ etc
fi
sysconfdir= "/private${sysconfdir}"
; ;
esac
2016-08-09 12:35:08 -06:00
case "$vardir" in
/ var | / var/ * )
mkdir - p $ {pp_destdir} / private
chmod 7 5 5 $ {pp_destdir} / private
if test - d $ {pp_destdir} / var ; then
mv $ {pp_destdir} / var $ {pp_destdir} / private/ var
fi
vardir= "/private${vardir}"
; ;
esac
case "$rundir" in
/ var | / var/ * )
mkdir - p $ {pp_destdir} / private
chmod 7 5 5 $ {pp_destdir} / private
if test - d $ {pp_destdir} / var ; then
mv $ {pp_destdir} / var $ {pp_destdir} / private/ var
fi
rundir= "/private${rundir}"
; ;
esac
% endif
2010-08-07 11:08:32 -04:00
% if [ rpm, deb]
# Convert patch level into release and remove from version
2015-04-07 10:15:45 -06:00
pp_rpm_release= "`expr \( $version : '.*p\([0-9][0-9]*\)$' \| 0 \) + 1`"
pp_rpm_version= "`expr \( $version : '\(.*\)p[0-9][0-9]*$' \| $version \)`"
2010-07-15 15:12:34 -04:00
pp_rpm_license= "BSD"
2016-02-01 11:07:10 -07:00
pp_rpm_url= "https://www.sudo.ws"
2010-07-15 15:12:34 -04:00
pp_rpm_group= "Applications/System"
2017-12-03 17:53:40 -07:00
pp_rpm_packager= "Todd C. Miller <Todd.Miller@sudo.ws>"
2011-01-14 15:03:57 -05:00
if test - n "$linux_audit" ; then
pp_rpm_requires= "audit-libs >= $linux_audit"
fi
2017-04-26 13:52:49 -06:00
# The package manager will handle an existing sudoers file
rm - f $ {pp_destdir} $ sudoersdir/ sudoers. dist
2010-08-07 11:08:32 -04:00
% else
2017-04-26 13:52:49 -06:00
# For all but RPM and Debian we copy sudoers in a post- install script.
rm - f $ {pp_destdir} $ sudoersdir/ sudoers
2020-01-21 13:31:07 -07:00
# We install sudo. conf from the example dir in a post- install script.
rm - f $ {pp_destdir} $ sysconfdir/ sudo. conf
2010-07-22 13:47:32 -04:00
% endif
2010-07-13 08:33:46 -04:00
2020-04-07 14:03:58 -06:00
# Stash original docdir and exampledir
odocdir= "${docdir}"
oexampledir= "${exampledir}"
# For RedHat the doc dir is expected to include version and release
case "$pp_rpm_distro" in
2023-01-27 14:44:45 -07:00
alma* | centos* | rhel* | rocky* | f[ 0 - 9 ] * )
2020-04-07 14:03:58 -06:00
docdir= "${docdir}-${pp_rpm_version}-${pp_rpm_release}"
exampledir= "${docdir}/examples"
; ;
esac
if test - n "$flavor" ; then
# docdir and exampledir are installed with "sudo" as the package
# name which is not be correct for flavors.
docdir= "`echo \" $ {docdir} \ " | sed \" s# / sudo# / $ {name} # g\ "`"
exampledir= "`echo \" $ {exampledir} \ " | sed \" s# / sudo# / $ {name} # g\ "`"
fi
# Copy docdir and exampledir to new names if needed
if test ! - d "${pp_destdir}${docdir}" ; then
cp - R $ {pp_destdir} $ {odocdir} $ {pp_destdir} $ {docdir}
find $ {pp_destdir} $ {docdir} - depth | sed "s#^${pp_destdir}##" > > $ {pp_wrkdir} / pp_cleanup
fi
if test ! - d "${pp_destdir}${exampledir}" ; then
cp - R $ {pp_destdir} $ {oexampledir} $ {pp_destdir} $ {exampledir}
find $ {pp_destdir} $ {exampledir} - depth | sed "s#^${pp_destdir}##" > > $ {pp_wrkdir} / pp_cleanup
fi
2012-05-31 14:02:26 -04:00
% if [ deb]
pp_deb_maintainer= "$pp_rpm_packager"
pp_deb_release= "$pp_rpm_release"
pp_deb_version= "$pp_rpm_version"
pp_deb_section= admin
2021-12-05 21:02:04 -07:00
install - D - m 6 4 4 $ {pp_destdir} $d ocdir/ LICENSE. md $ {pp_wrkdir} / $ {name} / usr/ share/ doc/ $ {name} / copyright
2012-05-31 14:02:26 -04:00
install - D - m 6 4 4 $ {pp_destdir} $d ocdir/ ChangeLog $ {pp_wrkdir} / $ {name} / usr/ share/ doc/ $ {name} / changelog
gzip - 9 f $ {pp_wrkdir} / $ {name} / usr/ share/ doc/ $ {name} / changelog
printf "$name ($pp_deb_version-$pp_deb_release) admin; urgency=low\n\n * see upstream changelog\n\n -- $pp_deb_maintainer `date '+%a, %d %b %Y %T %z'`\n" > $ {pp_wrkdir} / $ {name} / usr/ share/ doc/ $ {name} / changelog. Debian
chmod 6 4 4 $ {pp_wrkdir} / $ {name} / usr/ share/ doc/ $ {name} / changelog. Debian
gzip - 9 f $ {pp_wrkdir} / $ {name} / usr/ share/ doc/ $ {name} / changelog. Debian
2022-12-27 09:18:26 -07:00
# Create lintian override file , must be tab indented for "<<-"
2012-05-31 14:26:16 -04:00
mkdir - p $ {pp_wrkdir} / $ {name} / usr/ share/ lintian/ overrides
cat > $ {pp_wrkdir} / $ {name} / usr/ share/ lintian/ overrides/ $ {name} < < - EOF
2012-05-31 15:50:16 -04:00
# The sudo binary must be setuid root
2012-05-31 14:26:16 -04:00
$ name : setuid- binary usr/ bin/ sudo 4 7 5 5 root/ root
# Sudo configuration and data dirs must not be world- readable
$ name : non- standard- file - perm etc/ sudoers 0 4 4 0 ! = 0 6 4 4
$ name : non- standard- dir- perm etc/ sudoers. d/ 0 7 5 0 ! = 0 7 5 5
$ name : non- standard- dir- perm var/ lib/ sudo/ 0 7 0 0 ! = 0 7 5 5
# Sudo ships with debugging symbols
2012-06-04 15:06:04 -04:00
$ name : unstripped- binary- or - object
2012-05-31 14:26:16 -04:00
EOF
chmod 6 4 4 $ {pp_wrkdir} / $ {name} / usr/ share/ lintian/ overrides/ $ {name}
2021-04-13 10:00:57 -06:00
# If libssl_dep not passed in , try to figure it out
if test - z "$libssl_dep" ; then
libssl_dep= "`ldd $libexecdir/sudo/sudoers.so 2>&1 | sed -n 's/^[ ]*libssl\.so\([0-9.]*\).*/libssl\1/p'`"
fi
2012-05-31 14:02:26 -04:00
% endif
2010-11-09 11:13:06 -05:00
% if [ rpm]
2010-07-15 15:12:34 -04:00
# Add distro info to release
2014-08-26 15:47:48 -06:00
osrelease= ` echo "$pp_rpm_distro" | sed - e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/' `
2010-07-15 15:12:34 -04:00
case "$pp_rpm_distro" in
2023-01-27 14:44:45 -07:00
alma* | centos* | rhel* | rocky* | f[ 0 - 9 ] * )
2022-05-24 15:58:39 -06:00
# CentOS Stream has a single - digit version
if test $ osrelease - lt 1 0 ; then
osrelease= "${osrelease}0"
fi
2010-07-15 22:19:13 -04:00
pp_rpm_release= "$pp_rpm_release.el${osrelease%%[0-9]}"
2010-07-15 15:12:34 -04:00
; ;
sles* )
2010-07-15 22:19:13 -04:00
pp_rpm_release= "$pp_rpm_release.sles$osrelease"
2010-07-15 15:12:34 -04:00
; ;
esac
2010-07-22 13:47:32 -04:00
# Uncomment some Defaults in sudoers
2010-07-15 15:12:34 -04:00
case "$pp_rpm_distro" in
2016-02-01 11:07:10 -07:00
centos* | rhel* | f[ 0 - 9 ] * )
2022-12-27 09:18:26 -07:00
sed - e '/Locale settings/{ N;s/\(\n\)# /\1/; }' - e '/Desktop path settings/{ N;s/\(\n\)# /\1/; }' - e '/allow members of group wheel to execute any command/{ N;s/\(\n\)# /\1/; }' $ {pp_destdir} $ {sudoersdir} / sudoers > $ {pp_destdir} $ {sudoersdir} / sudoers. $ $
mv - f $ {pp_destdir} $ {sudoersdir} / sudoers. $ $ $ {pp_destdir} $ {sudoersdir} / sudoers
2010-07-15 15:12:34 -04:00
; ;
sles* )
2022-12-27 09:18:26 -07:00
sed - e '/Locale settings/{ N;s/\(\n\)# /\1/; }' - e '/ConsoleKit session/{ N;s/\(\n\)# /\1/; }' - e '/allow any user to run sudo if they know the password/{ N;N;N;s/\(\n\)# /\1/g; }' $ {pp_destdir} $ {sudoersdir} / sudoers > $ {pp_destdir} $ {sudoersdir} / sudoers. $ $
mv - f $ {pp_destdir} $ {sudoersdir} / sudoers. $ $ $ {pp_destdir} $ {sudoersdir} / sudoers
2010-07-15 15:12:34 -04:00
; ;
esac
# Choose the correct PAM file by distro, must be tab indented for "<<-"
case "$pp_rpm_distro" in
2016-02-01 11:07:10 -07:00
centos* | rhel* )
2010-07-15 15:12:34 -04:00
mkdir - p $ {pp_destdir} / etc/ pam. d
2010-07-15 22:19:13 -04:00
if test $ osrelease - lt 5 0 ; then
cat > $ {pp_destdir} / etc/ pam. d/ sudo < < - EOF
# % PAM- 1.0
auth required pam_stack. so service= system- auth
account required pam_stack. so service= system- auth
password required pam_stack. so service= system- auth
session required pam_limits. so
EOF
else
cat > $ {pp_destdir} / etc/ pam. d/ sudo < < - EOF
# % PAM- 1.0
auth include system- auth
account include system- auth
password include system- auth
session optional pam_keyinit. so revoke
session required pam_limits. so
EOF
cat > $ {pp_destdir} / etc/ pam. d/ sudo- i < < - EOF
# % PAM- 1.0
auth include sudo
account include sudo
password include sudo
session optional pam_keyinit. so force revoke
session required pam_limits. so
EOF
fi
2010-07-15 15:12:34 -04:00
; ;
2016-02-01 11:07:10 -07:00
f[ 0 - 9 ] * )
# XXX - share with rhel
mkdir - p $ {pp_destdir} / etc/ pam. d
cat > $ {pp_destdir} / etc/ pam. d/ sudo < < - EOF
# % PAM- 1.0
auth include system- auth
account include system- auth
password include system- auth
session optional pam_keyinit. so revoke
session required pam_limits. so
EOF
cat > $ {pp_destdir} / etc/ pam. d/ sudo- i < < - EOF
# % PAM- 1.0
auth include sudo
account include sudo
password include sudo
session optional pam_keyinit. so force revoke
session required pam_limits. so
EOF
; ;
sles* )
2010-07-15 15:12:34 -04:00
mkdir - p $ {pp_destdir} / etc/ pam. d
2010-07-15 22:19:13 -04:00
if test $ osrelease - lt 1 0 ; then
cat > $ {pp_destdir} / etc/ pam. d/ sudo < < - EOF
# % PAM- 1.0
auth required pam_unix2. so
session required pam_limits. so
EOF
else
cat > $ {pp_destdir} / etc/ pam. d/ sudo < < - EOF
# % PAM- 1.0
auth include common- auth
account include common- account
password include common- password
session include common- session
# session optional pam_xauth. so
EOF
fi
2010-07-15 15:12:34 -04:00
; ;
esac
2010-11-09 11:13:06 -05:00
% endif
2010-07-13 08:33:46 -04:00
2010-11-09 11:13:06 -05:00
% if [ deb]
2010-07-22 13:47:32 -04:00
# Uncomment some Defaults and the % sudo rule in sudoers
2022-12-27 09:18:26 -07:00
sed - e '/Locale settings/{ N;s/\(\n\)# /\1/; }' - e '/X11 resource/{ N;s/\(\n\)# /\1/; }' - e 's/^# \(Defaults secure_path\)/\1/' - e 's/^# \(Defaults mail_badpass\)/\1/' - e 's/^# \(\%sudo\)/\1/' $ {pp_destdir} $ {sudoersdir} / sudoers > $ {pp_destdir} $ {sudoersdir} / sudoers. $ $
mv - f $ {pp_destdir} $ {sudoersdir} / sudoers. $ $ $ {pp_destdir} $ {sudoersdir} / sudoers
2010-07-15 15:12:34 -04:00
mkdir - p $ {pp_destdir} / etc/ pam. d
2022-12-27 09:18:26 -07:00
# Create Debian PAM file , must be tab indented for "<<-"
2010-07-13 17:52:50 -04:00
cat > $ {pp_destdir} / etc/ pam. d/ sudo < < - EOF
# % PAM- 1.0
2010-07-14 09:36:05 -04:00
2010-07-13 17:52:50 -04:00
@ include common- auth
@ include common- account
2010-07-14 09:36:05 -04:00
session required pam_permit. so
session required pam_limits. so
2010-07-13 17:52:50 -04:00
EOF
2010-11-09 11:13:06 -05:00
% endif
2010-07-13 08:33:46 -04:00
2012-02-10 16:22:21 -05:00
% if [ macos]
2012-02-16 11:27:22 -05:00
pp_macos_pkg_type= flat
2012-02-10 16:22:21 -05:00
pp_macos_bundle_id= ws. sudo. pkg. sudo
2021-11-19 12:26:31 -07:00
pp_macos_pkg_background= $ {srcdir} / etc/ macos- background. png
pp_macos_pkg_background_dark= $ {srcdir} / etc/ macos- background. png
2021-12-05 21:02:04 -07:00
pp_macos_pkg_license= $ {pp_destdir} $d ocdir/ LICENSE. md
2012-02-10 16:22:21 -05:00
pp_macos_pkg_readme= $ {pp_wrkdir} / ReadMe. txt
2017-08-23 11:54:13 -06:00
perl - pe 'last if (/^What/i && $seen++)' $ {pp_destdir} $d ocdir/ NEWS > $ {pp_wrkdir} / ReadMe. txt
2012-02-10 16:22:21 -05:00
% endif
2012-06-11 15:07:16 -04:00
% if X"$aix_freeware" = X"true"
2020-04-07 14:03:58 -06:00
# Create links from / opt/ freeware/ {bin,sbin} - > / usr/ {bin,sbin}
2012-06-11 15:07:16 -04:00
mkdir - p $ {pp_destdir} / usr/ bin $ {pp_destdir} / usr/ sbin
2018-01-26 12:26:59 -07:00
ln - s - f $ {bindir} / cvtsudoers $ {pp_destdir} / usr/ bin
2012-06-11 15:07:16 -04:00
ln - s - f $ {bindir} / sudo $ {pp_destdir} / usr/ bin
ln - s - f $ {bindir} / sudoedit $ {pp_destdir} / usr/ bin
ln - s - f $ {bindir} / sudoreplay $ {pp_destdir} / usr/ bin
2019-10-24 20:04:31 -06:00
ln - s - f $ {sbindir} / sudo_sendlog $ {pp_destdir} / usr/ sbin
2012-06-11 15:07:16 -04:00
ln - s - f $ {sbindir} / visudo $ {pp_destdir} / usr/ sbin
% endif
2021-03-30 12:49:20 -06:00
% if [ ! rpm, deb]
2014-07-11 15:32:17 -06:00
# Package parent directories when not installing under / usr
if test "${prefix}" ! = "/usr" ; then
2020-04-07 14:03:58 -06:00
extradirs= ` echo $ {pp_destdir} $ {mandir} / [ mc] * | sed "s#${pp_destdir}##g" `
2015-02-18 16:17:24 -07:00
extradirs= "$extradirs `dirname $docdir` `dirname $rundir` `dirname $vardir`"
2015-04-06 15:10:26 -06:00
test "`dirname $exampledir`" ! = "$docdir" & & extradirs= "$extradirs `dirname $exampledir`"
2014-07-11 15:32:17 -06:00
test - d $ {pp_destdir} $ {localedir} & & extradirs= "$extradirs $localedir"
for dir in $b indir $ sbindir $ libexecdir $ includedir $ex tradirs; do
while test "$dir" ! = "/" ; do
parentdirs= "${parentdirs}${parentdirs+ }$dir/"
dir= ` dirname $d ir`
done
done
parentdirs= ` echo $ parentdirs | tr " " "\n" | sort - u`
fi
2021-03-30 12:49:20 -06:00
% endif
2012-01-13 09:49:20 -05:00
2012-06-04 13:13:38 -04:00
% depend [ deb]
2023-01-26 19:42:52 +00:00
libc6, libpam0g, libpam- modules, zlib1g, libapparmor1
2012-06-04 13:13:38 -04:00
% fixup [ deb]
2020-05-06 09:27:43 -06:00
# Add Conflicts, Replaces headers and add libldap dependency as needed.
2015-07-09 11:06:03 -06:00
DEPENDS= "%{linux_audit}"
2012-06-04 13:13:38 -04:00
if test - z "%{flavor}" ; then
echo "Conflicts: sudo-ldap" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
echo "Replaces: sudo-ldap" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
elif test "%{flavor}" = "ldap" ; then
echo "Conflicts: sudo" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
echo "Replaces: sudo" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
2012-07-05 09:34:20 -04:00
echo "Provides: sudo" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
2020-05-04 13:03:51 -06:00
DEPENDS= "${DEPENDS}${DEPENDS:+, }libldap-2.4-2"
2012-06-04 13:13:38 -04:00
fi
2020-08-05 12:58:02 -06:00
if test - n "%{libssl_dep}" ; then
DEPENDS= "${DEPENDS}${DEPENDS:+, }%{libssl_dep}"
fi
2015-07-08 18:13:39 -06:00
cp - p % {pp_wrkdir} / % {name} / DEBIAN/ control % {pp_wrkdir} / % {name} / DEBIAN/ control. $ $
2020-05-04 12:36:35 -06:00
if test - n "${DEPENDS}" ; then
sed "s/^\(Depends:.*\) *$/\1, ${DEPENDS}/" % {pp_wrkdir} / % {name} / DEBIAN/ control. $ $ > % {pp_wrkdir} / % {name} / DEBIAN/ control
fi
2015-07-08 18:13:39 -06:00
rm - f % {pp_wrkdir} / % {name} / DEBIAN/ control. $ $
2016-02-01 11:07:10 -07:00
echo "Homepage: https://www.sudo.ws" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
2015-11-20 10:51:11 -07:00
echo "Bugs: https://bugzilla.sudo.ws" > > % {pp_wrkdir} / % {name} / DEBIAN/ control
2012-06-04 13:13:38 -04:00
2020-04-07 14:03:58 -06:00
% fixup [ rpm]
2022-12-27 09:18:26 -07:00
# Must be tab indented for "<<-" .
2020-04-07 14:03:58 -06:00
cat > % {pp_wrkdir} / $ {name} . spec. sed < < - 'EOF'
/ ^ % files/ {
i\
% clean\
: \
}
EOF
mv % {pp_wrkdir} / $ {name} . spec % {pp_wrkdir} / $ {name} . spec. bak
sed - f % {pp_wrkdir} / $ {name} . spec. sed % {pp_wrkdir} / $ {name} . spec. bak > % {pp_wrkdir} / $ {name} . spec
2010-07-13 08:33:46 -04:00
% files
2014-07-14 06:32:21 -06:00
% if X"$parentdirs" ! = X""
2014-07-11 15:32:17 -06:00
$ parentdirs -
2020-04-07 14:03:58 -06:00
% endif
% if X"$odocdir" ! = X"$docdir"
$ odocdir/ ignore
$ odocdir/ * * ignore
% endif
% if X"$oexampledir" ! = X"$exampledir" - a X"$exampledir" ! = X"$docdir/examples"
$ oexampledir/ ignore
$ oexampledir/ * * ignore
2014-07-11 15:32:17 -06:00
% endif
2018-01-26 12:26:59 -07:00
$b indir/ cvtsudoers 0 7 5 5 root:
2012-07-02 08:24:57 -04:00
$b indir/ sudo 4 7 5 5 root:
2012-06-08 13:27:16 -04:00
$b indir/ sudoedit 0 7 5 5 root: symlink sudo
2012-05-31 14:26:16 -04:00
$b indir/ sudoreplay 0 7 5 5
2019-10-24 20:04:31 -06:00
$ sbindir/ sudo_sendlog 0 7 5 5
2020-04-07 14:03:58 -06:00
$ sbindir/ sudo_logsrvd optional, ignore
2018-01-26 12:26:59 -07:00
$ sbindir/ visudo 0 7 5 5
2012-05-31 14:02:26 -04:00
$ includedir/ sudo_plugin. h 0 6 4 4
2013-02-06 14:06:51 -05:00
$ libexecdir/ sudo/ 0 7 5 5
$ libexecdir/ sudo/ sesh 0 7 5 5 optional, ignore- others
2020-04-07 14:03:58 -06:00
$ libexecdir/ sudo/ python* optional, ignore, ignore- others
2013-02-06 14:06:51 -05:00
$ libexecdir/ sudo/ * $ shlib_mode optional
2010-07-15 15:12:34 -04:00
$ sudoersdir/ sudoers. d/ 0 7 5 0 $ sudoers_uid: $ sudoers_gid
2014-02-01 05:57:34 -07:00
$ rundir/ 0 7 1 1 root:
2014-02-02 06:39:05 -07:00
$ vardir/ 0 7 1 1 root: ignore- others
2015-02-25 16:45:12 -07:00
$ vardir/ lectured/ 0 7 0 0 root:
2012-05-01 13:47:14 -04:00
$d ocdir/ 0 7 5 5
2020-04-07 14:03:58 -06:00
$d ocdir/ * * 0 6 4 4
2012-05-31 14:02:26 -04:00
% if [ deb]
2021-12-05 21:02:04 -07:00
$d ocdir/ LICENSE. md ignore, ignore- others
2012-05-31 14:02:26 -04:00
$d ocdir/ ChangeLog ignore, ignore- others
% endif
2015-04-06 15:10:26 -06:00
$exa mpledir/ 0 7 5 5 ignore- others
2022-12-27 12:27:29 -07:00
% if X"$exampledir" ! = X"$docdir/examples"
2020-04-07 14:03:58 -06:00
$exa mpledir/ * 0 6 4 4
% endif
$exa mpledir/ sudo_logsrv* optional, ignore, ignore- others
$exa mpledir/ * . py optional, ignore, ignore- others
2012-06-12 13:52:20 -04:00
$ localedir/ * / - optional
$ localedir/ * / LC_MESSAGES/ - optional
$ localedir/ * / LC_MESSAGES/ * 0 6 4 4 optional
2012-05-31 14:02:26 -04:00
/ etc/ pam. d/ * 0 6 4 4 volatile, optional
2010-07-22 13:47:32 -04:00
% if [ rpm, deb]
$ sudoersdir/ sudoers $ sudoers_mode $ sudoers_uid: $ sudoers_gid volatile
2020-01-21 13:31:07 -07:00
$ sysconfdir/ sudo. conf 0 6 4 4 root: volatile
2010-07-22 13:47:32 -04:00
% else
2018-02-08 09:14:12 -07:00
$ sudoersdir/ sudoers. dist $ sudoers_mode $ sudoers_uid: $ sudoers_gid
2010-07-22 13:47:32 -04:00
% endif
2022-12-27 12:27:29 -07:00
$ sysconfdir/ sudo_logsrvd. conf optional, ignore, ignore- others
2012-06-11 15:07:16 -04:00
% if X"$aix_freeware" = X"true"
# Links for binaries from / opt/ freeware to / usr
2018-01-26 12:26:59 -07:00
/ usr/ bin/ cvtsudoers 0 7 5 5 root: symlink $b indir/ cvtsudoers
2012-06-11 15:07:16 -04:00
/ usr/ bin/ sudo 0 7 5 5 root: symlink $b indir/ sudo
/ usr/ bin/ sudoedit 0 7 5 5 root: symlink $b indir/ sudoedit
/ usr/ bin/ sudoreplay 0 7 5 5 root: symlink $b indir/ sudoreplay
2019-10-24 20:04:31 -06:00
/ usr/ sbin/ sudo_sendlog 0 7 5 5 root: symlink $ sbindir/ sendlog
2012-06-11 15:07:16 -04:00
/ usr/ sbin/ visudo 0 7 5 5 root: symlink $ sbindir/ visudo
% endif
2014-02-17 09:02:06 -07:00
% if [ rpm]
/ etc/ rc. d/ init. d/ sudo 0 7 5 5 root: optional
% endif
2014-02-16 10:22:43 -07:00
% if [ aix]
2014-02-16 11:00:41 -07:00
/ etc/ rc. d/ ignore
/ etc/ rc. d/ rc2. d/ ignore
/ etc/ rc. d/ rc2. d/ * * ignore
/ etc/ rc. d/ init. d/ ignore
2014-02-16 10:22:43 -07:00
/ etc/ rc. d/ init. d/ sudo 0 7 5 5 root:
% endif
% if [ sd]
2014-02-16 14:49:15 -07:00
/ sbin/ ignore
2014-02-16 11:00:41 -07:00
/ sbin/ rc2. d/ ignore
/ sbin/ rc2. d/ * * ignore
/ sbin/ init. d/ ignore
2014-02-16 10:22:43 -07:00
/ sbin/ init. d/ sudo 0 7 5 5 root:
% endif
2012-05-31 15:50:16 -04:00
$ mandir/ man* / * 0 6 4 4
2020-04-07 14:03:58 -06:00
$ mandir/ man* / sudo_logsrv* ignore, ignore- others
$ mandir/ man* / * python* ignore, ignore- others
2014-10-24 14:25:10 -06:00
$ sudoedit_man 0 6 4 4 symlink, ignore- others $ sudoedit_man_target
2010-07-13 08:33:46 -04:00
2012-06-25 16:16:25 -04:00
% pre [ aix]
if rpm - q % {name} > / dev/ null 2 > & 1 ; then
echo "Another version of sudo is currently installed via rpm." 2 > & 1
echo "Please either uninstall the rpm version of sudo by running \" rpm - e sudo\ "" 2 > & 1
echo "or upgrade the existing version of sudo using the .rpm packagae instead" 2 > & 1
echo "instead of the .bff package." 2 > & 1
echo "" 2 > & 1
echo "Note that you may need to pass rpm the --oldpackage flag when upgrading" 2 > & 1
echo "the AIX Toolbox version of sudo to the latest sudo rpm from sudo.ws." 2 > & 1
echo "" 2 > & 1
exit 1
fi
2010-07-22 13:47:32 -04:00
% post [ ! rpm, deb]
2020-01-21 13:31:07 -07:00
# Don' t overwrite existing sudoers or sudo. conf files
2012-03-13 17:38:03 -04:00
% if [ solaris]
sudoersdir= $ {PKG_INSTALL_ROOT} % {sudoersdir}
2020-01-21 13:31:07 -07:00
sysconfdir= $ {PKG_INSTALL_ROOT} % {sysconfdir}
exampledir= $ {PKG_INSTALL_ROOT} % {exampledir}
2012-03-13 17:38:03 -04:00
% else
2010-07-15 15:12:34 -04:00
sudoersdir= % {sudoersdir}
2020-01-21 13:31:07 -07:00
sysconfdir= % {sysconfdir}
exampledir= % {exampledir}
2012-03-13 17:38:03 -04:00
% endif
2010-07-15 15:12:34 -04:00
if test ! - r $ sudoersdir/ sudoers; then
2011-06-10 15:26:35 -04:00
cp $ sudoersdir/ sudoers. dist $ sudoersdir/ sudoers
chmod % {sudoers_mode} $ sudoersdir/ sudoers
chown % {sudoers_uid} $ sudoersdir/ sudoers
chgrp % {sudoers_gid} $ sudoersdir/ sudoers
2010-07-15 15:12:34 -04:00
fi
2020-01-21 13:31:07 -07:00
if test ! - r $ sysconfdir/ sudo. conf; then
cp $exa mpledir/ sudo. conf $ sysconfdir/ sudo. conf
chmod 6 4 4 $ sysconfdir/ sudo. conf
chown root $ sysconfdir/ sudo. conf
fi
2010-07-13 08:33:46 -04:00
% post [ deb]
2012-05-31 16:10:44 -04:00
set - e
2010-07-15 15:12:34 -04:00
# dpkg- deb does not maintain the mode on the sudoers file , and
# installs it 0 6 4 0 when sudo requires 0 4 4 0
chmod % {sudoers_mode} % {sudoersdir} / sudoers
# create symlink to ease transition to new path for ldap config
# if old config file exists and new one doesn' t
2010-07-26 11:15:50 -04:00
if test X"%{flavor}" = X"ldap" - a \
2010-07-15 15:12:34 -04:00
- r / etc/ ldap/ ldap. conf - a ! - r / etc/ sudo- ldap. conf; then
ln - s / etc/ ldap/ ldap. conf / etc/ sudo- ldap. conf
fi
# Debian uses a sudo group in its default sudoers file
perl - e '
exit 0 if getgrnam( "sudo" ) ;
$ gid = 2 7 ; # default debian sudo gid
setgrent( ) ;
while ( getgrgid( $ gid) ) { $gid++; }
if ( $ gid ! = 2 7 ) {
print "On Debian we normally use gid 27 for \" sudo\ ".\n" ;
$ gname = getgrgid( 2 7 ) ;
print "However, on your system gid 27 is group \" $ gname\ ".\n\n" ;
2021-08-19 15:48:01 +00:00
print "Would you like me to stop configuring sudo so that you can change this? [n] " ;
2010-07-15 15:12:34 -04:00
$a ns = < STDIN> ;
if ( $a ns = ~ / ^ [ yY] / ) {
print "\" dpkg - - pending - - configure\ " will restart the configuration.\n\n" ;
exit 1 ;
}
}
print "Creating group \" sudo\ " with gid = $gid\n" ;
system( "groupadd -g $gid sudo" ) ;
exit 0 ;
'
2014-02-17 09:02:06 -07:00
% post [ rpm]
case "%{pp_rpm_distro}" in
aix* )
2017-04-26 15:49:10 -06:00
# Create / etc/ rc. d/ rc2. d/ S90sudo link if possible
if [ - d / etc/ rc. d/ rc2. d ] ; then
2014-02-17 09:02:06 -07:00
rm - f / etc/ rc. d/ rc2. d/ S90sudo
ln - s / etc/ rc. d/ init. d/ sudo / etc/ rc. d/ rc2. d/ S90sudo
fi
; ;
esac
2015-02-25 16:45:12 -07:00
% post [ rpm, deb]
2015-02-26 09:55:01 -07:00
# Create / usr/ lib/ tmpfiles. d/ sudo. conf if systemd is configured.
2022-12-27 09:18:26 -07:00
# Must be tab indented for "<<-" .
2015-04-07 15:35:01 -06:00
if [ - f / usr/ lib/ tmpfiles. d/ systemd. conf ] ; then
2015-02-25 16:45:12 -07:00
cat > / usr/ lib/ tmpfiles. d/ sudo. conf < < - EOF
2015-04-10 09:03:15 -06:00
# Create an empty sudo time stamp directory on OSes using systemd.
# Sudo will create the directory itself but this can cause problems
# on systems that have SELinux enabled since the directories will be
# created with the user' s security context.
2015-02-25 16:45:12 -07:00
d % {rundir} 0 7 1 1 root root
2015-02-26 09:21:18 -07:00
D % {rundir} / ts 0 7 0 0 root root
2015-02-25 16:45:12 -07:00
EOF
fi
2014-02-16 10:22:43 -07:00
% post [ aix]
# Create / etc/ rc. d/ rc2. d/ S90sudo link if / etc/ rc. d exists
if [ - d / etc/ rc. d ] ; then
rm - f / etc/ rc. d/ rc2. d/ S90sudo
ln - s / etc/ rc. d/ init. d/ sudo / etc/ rc. d/ rc2. d/ S90sudo
fi
2014-02-16 11:00:41 -07:00
2014-02-16 10:22:43 -07:00
% post [ sd]
# Create / sbin/ rc2. d/ S900sudo link
rm - f / sbin/ rc2. d/ S900sudo
ln - s / sbin/ init. d/ sudo / sbin/ rc2. d/ S900sudo
2014-02-16 11:00:41 -07:00
2014-02-01 06:30:40 -07:00
% preun
# Remove the time stamp dir and its contents
# We currently leave the lecture status files installed
rm - rf % {rundir} / ts
% if [ deb]
2012-05-31 16:10:44 -04:00
set - e
2010-07-15 15:12:34 -04:00
# Remove the / etc/ ldap/ ldap. conf - > / etc/ sudo- ldap. conf symlink if
# it matches what we created in the postinstall script.
2010-07-26 11:15:50 -04:00
if test X"%{flavor}" = X"ldap" - a \
2010-07-15 15:12:34 -04:00
X"`readlink /etc/sudo-ldap.conf 2>/dev/null`" = X"/etc/ldap/ldap.conf" ; then
rm - f / etc/ sudo- ldap. conf
fi
2015-02-25 16:45:12 -07:00
# Remove systemd tmpfile config
rm - f / usr/ lib/ tmpfiles. d/ sudo. conf
2014-02-01 06:30:40 -07:00
% endif
2014-02-17 09:02:06 -07:00
% if [ rpm]
case "%{pp_rpm_distro}" in
aix* )
# Remove / etc/ rc. d/ rc2. d/ S90sudo link
rm - f / etc/ rc. d/ rc2. d/ S90sudo
; ;
2015-02-25 16:45:12 -07:00
* )
# Remove systemd tmpfile config
rm - f / usr/ lib/ tmpfiles. d/ sudo. conf
; ;
2014-02-17 09:02:06 -07:00
esac
% endif
2014-02-16 10:22:43 -07:00
% if [ aix]
# Remove / etc/ rc. d/ rc2. d/ S90sudo link
rm - f / etc/ rc. d/ rc2. d/ S90sudo
% endif
% if [ sd]
# Remove / sbin/ rc2. d/ S900sudo link
rm - f / sbin/ rc2. d/ S900sudo
% endif
