commit leafnode for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package leafnode for openSUSE:Factory 
checked in at 2020-06-07 21:38:56
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/leafnode (Old)
 and      /work/SRC/openSUSE:Factory/.leafnode.new.3606 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "leafnode"

Sun Jun  7 21:38:56 2020 rev:13 rq:812113 version:2.0.0+git.1527241185.66da754

Changes:
--------
--- /work/SRC/openSUSE:Factory/leafnode/leafnode.changes        2020-06-02 
14:42:24.828237317 +0200
+++ /work/SRC/openSUSE:Factory/.leafnode.new.3606/leafnode.changes      
2020-06-07 21:39:03.981592372 +0200
@@ -1,0 +2,6 @@
+Sat Jun  6 21:54:51 UTC 2020 - Matej Cepl <mc...@suse.com>
+
+- Add sudoers droplet to allow users in newsadmin group to
+  run fetchnews.
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ leafnode.spec ++++++
--- /var/tmp/diff_new_pack.1xTg0m/_old  2020-06-07 21:39:04.721594718 +0200
+++ /var/tmp/diff_new_pack.1xTg0m/_new  2020-06-07 21:39:04.725594730 +0200
@@ -20,6 +20,8 @@
 %define confdir     %{_sysconfdir}/leafnode
 %define runas_user  news
 %define runas_group news
+%define admin_user  newsadmin
+%define admin_group newsadmin
 %define upname leafnode
 Name:           %{upname}
 Version:        2.0.0+git.1527241185.66da754
@@ -121,15 +123,24 @@
 # n - "No local postings are allowed, only articles from peers."
 EOS
 
+# Droplet for sudoers
+install -d -m 750 %{buildroot}/%{_sysconfdir}/sudoers.d
+echo "%"%{admin_group}"  ALL = (%{runas_user}) NOPASSWD:/usr/sbin/fetchnews" \
+    > %{buildroot}%{_sysconfdir}/sudoers.d/leafnode
+
 %pre
 %service_add_pre leafnode.service leafnode.socket leafnode@.service 
leafnode-daily.service leafnode-hourly.service leafnode-daily.timer 
leafnode-hourly.timer
 
 # create daemon group, if not existing
 getent group %{runas_group} >/dev/null || groupadd -r %{runas_group}  
2>/dev/null || :
+getent group %{admin_group} >/dev/null || groupadd -r %{admin_group}  
2>/dev/null || :
 # create daemon user, if not existing
 getent passwd %{runas_user} >/dev/null || \
     useradd -r -g %{runas_group} -s /bin/false -c "leafnode daemon" \
         -d %{spooldir} %{runas_user}  2>/dev/null || :
+getent passwd %{admin_user} >/dev/null || \
+    useradd -r -g %{admin_group} -s /bin/false -c "leafnode administration" \
+        -d %{spooldir} %{admin_user}  2>/dev/null || :
 exit 0
 
 %post
@@ -152,11 +163,13 @@
 %doc config.example filters.example CREDITS README-SUSE.rst
 %doc DEBUGGING ENVIRONMENT FAQ.tex CHANGES-FROM-LEAFNODE-1 NEWS
 %doc README-FQDN.tex TODO ChangeLog AUTHORS README-leaf.node README.html
-
-%config %{_sysconfdir}/leafnode/
 %attr(644,root,root) %{_unitdir}/%{upname}*
+%dir %{_sysconfdir}/leafnode/
+%config(noreplace) %attr(640,root,news) %{_sysconfdir}/leafnode/config
 %config(noreplace) %attr(640,root,news) %{_sysconfdir}/leafnode/uucp
 %config(noreplace) %attr(640,root,news) %{_sysconfdir}/leafnode/local.groups
+%dir %{_sysconfdir}/sudoers.d
+%config(noreplace) %attr(644,root,root) %{_sysconfdir}/sudoers.d/leafnode
 %attr(755,root,root) %{_bindir}/leafnode-version
 %attr(755,root,root) %{_bindir}/lsmac.pl
 %attr(755,root,root) %{_bindir}/newsq

++++++ README-SUSE.rst ++++++
--- /var/tmp/diff_new_pack.1xTg0m/_old  2020-06-07 21:39:04.761594844 +0200
+++ /var/tmp/diff_new_pack.1xTg0m/_new  2020-06-07 21:39:04.761594844 +0200
@@ -22,3 +22,8 @@
 records from leafnode-2 package in the originally leafnode-1 one. 
 They are all from me (mcepl@something) and they are marked as 
 ``[leafnode-2]`` in the first line of the record.
+
+There is a droplet for sudoers allowing an user in the group
+``newsadmin`` to run without a password command::
+
+    sudo -u news /usr/sbin/fetchnews -vvv -e