Hello community, here is the log from the commit of package sudo for openSUSE:Factory checked in at 2018-04-23 15:24:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sudo (Old) and /work/SRC/openSUSE:Factory/.sudo.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sudo" Mon Apr 23 15:24:41 2018 rev:95 rq:597343 version:1.8.22 Changes: -------- --- /work/SRC/openSUSE:Factory/sudo/sudo.changes 2018-04-16 12:43:14.881644644 +0200 +++ /work/SRC/openSUSE:Factory/.sudo.new/sudo.changes 2018-04-23 15:24:41.585094951 +0200 @@ -1,0 +2,13 @@ +Mon Apr 16 15:18:12 UTC 2018 - kstreit...@suse.com + +- integrate pam_keyinit pam module [bsc#1081947] + * add sudo-i.pamd PAM configuration file and install it as + /etc/pam.d/sudo-i + * add "session optional pam_keyinit.so revoke" to sudo.pamd and + "session optional pam_keyinit.so force revoke" to sudo-i.pamd + * add "--with-pam-login" build option to enable specific PAM + session for "sudo -i" +- make pam configuration files (noreplace) +- reorganize Sources + +------------------------------------------------------------------- New: ---- sudo-i.pamd ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sudo.spec ++++++ --- /var/tmp/diff_new_pack.inXWzr/_old 2018-04-23 15:24:42.185073158 +0200 +++ /var/tmp/diff_new_pack.inXWzr/_new 2018-04-23 15:24:42.185073158 +0200 @@ -24,12 +24,13 @@ Group: System/Base Url: https://www.sudo.ws/ Source0: https://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz -Source1: sudo.pamd -Source2: README.SUSE -Source3: fate_313276_test.sh -Source4: README_313276.test -Source5: https://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz.sig -Source6: %{name}.keyring +Source1: https://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz.sig +Source2: %{name}.keyring +Source3: sudo.pamd +Source4: sudo-i.pamd +Source5: README.SUSE +Source6: fate_313276_test.sh +Source7: README_313276.test Patch0: sudoers2ldif-env.patch # PATCH-OPENSUSE: the "SUSE" branding of the default sudo config Patch1: sudo-sudoers.patch @@ -88,6 +89,7 @@ --with-noexec=%{_libexecdir}/sudo/sudo_noexec.so \ --enable-tmpfiles.d=%{_tmpfilesdir} \ --with-pam \ + --with-pam-login \ --with-ldap \ --with-selinux \ --with-linux-audit \ @@ -109,13 +111,14 @@ %install %make_install install_uid=`id -u` install_gid=`id -g` install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d -install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/sudo +install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/sudo +install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/sudo-i mv %{buildroot}%{_docdir}/%{name}/sudoers2ldif %{buildroot}%{_sbindir} rm -f %{buildroot}%{_bindir}/sudoedit ln -sf %{_bindir}/sudo %{buildroot}%{_bindir}/sudoedit install -d -m 755 %{buildroot}%{_sysconfdir}/openldap/schema install -m 644 doc/schema.OpenLDAP %{buildroot}%{_sysconfdir}/openldap/schema/sudo.schema -install -m 644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/ +install -m 644 %{SOURCE5} %{buildroot}%{_docdir}/%{name}/ rm -f %{buildroot}%{_docdir}/%{name}/sample.pam rm -f %{buildroot}%{_docdir}/%{name}/sample.syslog.conf rm -f %{buildroot}%{_docdir}/%{name}/schema.OpenLDAP @@ -126,8 +129,8 @@ cat sudoers.lang >> %{name}.lang # tests install -d -m 755 %{buildroot}%{_localstatedir}/lib/tests/sudo -install -m 755 %{SOURCE3} %{buildroot}%{_localstatedir}/lib/tests/sudo -install -m 755 %{SOURCE4} %{buildroot}%{_localstatedir}/lib/tests/sudo +install -m 755 %{SOURCE6} %{buildroot}%{_localstatedir}/lib/tests/sudo +install -m 755 %{SOURCE7} %{buildroot}%{_localstatedir}/lib/tests/sudo install -d %{buildroot}%{_docdir}/%{name}-test install -m 644 %{buildroot}%{_docdir}/%{name}/LICENSE %{buildroot}%{_docdir}/%{name}-test/LICENSE rm -fv %{buildroot}%{_docdir}/%{name}/LICENSE @@ -158,7 +161,8 @@ %config(noreplace) %attr(0440,root,root) %{_sysconfdir}/sudoers %dir %{_sysconfdir}/sudoers.d -%config %{_sysconfdir}/pam.d/sudo +%config(noreplace) %{_sysconfdir}/pam.d/sudo +%config(noreplace) %{_sysconfdir}/pam.d/sudo-i %attr(4755,root,root) %{_bindir}/sudo %dir %{_sysconfdir}/openldap %dir %{_sysconfdir}/openldap/schema ++++++ sudo-i.pamd ++++++ #%PAM-1.0 auth include common-auth account include common-account password include common-password session optional pam_keyinit.so force revoke session include common-session # session optional pam_xauth.so ++++++ sudo.pamd ++++++ --- /var/tmp/diff_new_pack.inXWzr/_old 2018-04-23 15:24:42.297069091 +0200 +++ /var/tmp/diff_new_pack.inXWzr/_new 2018-04-23 15:24:42.297069091 +0200 @@ -2,5 +2,6 @@ auth include common-auth account include common-account password include common-password +session optional pam_keyinit.so revoke session include common-session # session optional pam_xauth.so