packages: sudo/sudo.spec - add openldap-schema-sudo package - use rpm build...

glen glen at pld-linux.org
Mon Jun 7 14:06:21 CEST 2010 

Author: glen                         Date: Mon Jun  7 12:06:22 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- add openldap-schema-sudo package
- use rpm build macros for man symlinks to man links
- rel 3

---- Files affected:
packages/sudo:
   sudo.spec (1.156 -> 1.157) 

---- Diffs:

================================================================
Index: packages/sudo/sudo.spec
diff -u packages/sudo/sudo.spec:1.156 packages/sudo/sudo.spec:1.157
--- packages/sudo/sudo.spec:1.156	Mon Jun  7 13:43:26 2010
+++ packages/sudo/sudo.spec	Mon Jun  7 14:06:14 2010
@@ -22,7 +22,7 @@
 Summary(uk.UTF-8):	Дозволяє вказаним користувачам виконувати команди від імені root
 Name:		sudo
 Version:	1.7.2p7
-Release:	2
+Release:	3
 Epoch:		1
 License:	BSD
 Group:		Applications/System
@@ -43,11 +43,14 @@
 %{?with_ldap:BuildRequires:	openldap-devel >= 2.3.0}
 %{?with_pam:BuildRequires:	pam-devel}
 BuildRequires:	rpm >= 4.4.9-56
+BuildRequires:	rpmbuild(macros) >= 1.402
 %{?with_skey:BuildRequires:	skey-devel >= 2.2-11}
 Requires:	pam >= %{pam_ver}
 Obsoletes:	cu-sudo
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
+%define		schemadir	/usr/share/openldap/schema
+
 %description
 Sudo (superuser do) allows a permitted user to execute a command as
 the superuser (real and effective uid and gid are set to 0 and root's
@@ -117,6 +120,19 @@
 пам'ятає пароль; використання одного конфігураційного файлу (sudoers)
 на багатьох машинах.
 
+%package -n openldap-schema-sudo
+Summary:	Sudo LDAP schema
+Group:		Networking/Daemons
+Requires(post,postun):	sed >= 4.0
+Requires:	openldap-servers
+Requires:	sed >= 4.0
+
+%description -n openldap-schema-sudo
+This package contains sudo.schema for openldap.
+
+%description -n openldap-schema-sudo -l pl.UTF-8
+Ten pakiet zawiera sudo.schema dla pakietu openldap.
+
 %prep
 %setup -q
 # only local macros
@@ -162,31 +178,54 @@
 
 %{__make} -j1 install \
 	DESTDIR=$RPM_BUILD_ROOT \
-	install_uid=`id -u` \
-	install_gid=`id -g` \
-	sudoers_uid=`id -u` \
-	sudoers_gid=`id -g`
+	install_uid=$(id -u) \
+	install_gid=$(id -g) \
+	sudoers_uid=$(id -u) \
+	sudoers_gid=$(id -g)
 
-install %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/sudo
-install %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
+cp -a %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/sudo
+cp -a %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
 touch $RPM_BUILD_ROOT/var/log/sudo
-install %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/sudo
+cp -a %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/sudo
 
 chmod -R +r $RPM_BUILD_ROOT%{_prefix}
 
 rm -f $RPM_BUILD_ROOT%{_libdir}/sudo_noexec.la
 
-# replace hardlinks with symlinks
-ln -sf %{_bindir}/sudo $RPM_BUILD_ROOT%{_bindir}/sudoedit
-rm -f $RPM_BUILD_ROOT%{_mandir}/man8/sudoedit.8
-echo '.so sudo.8' > $RPM_BUILD_ROOT%{_mandir}/man8/sudoedit.8
+%if %{with ldap}
+install -d $RPM_BUILD_ROOT%{schemadir}
+cp -a schema.OpenLDAP $RPM_BUILD_ROOT%{schemadir}/sudo.schema
+%endif
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
+%post -n openldap-schema-sudo
+%openldap_schema_register %{schemadir}/sudo.schema -d core
+%service -q ldap restart
+
+%banner -e openldap-schema-sudo <<'EOF'
+# banner on first install
+if [ "$1" = "1" ]; the
+NOTE:
+In order for sudoRole LDAP queries to be efficient, the server must index
+the attribute 'sudoUser', e.g.
+
+    # Indices to maintain
+    index   sudoUser    eq
+EOF
+fi
+
+%postun -n openldap-schema-sudo
+if [ "$1" = "0" ]; then
+	%openldap_schema_unregister %{schemadir}/sudo.schema
+	%service -q ldap restart
+fi
+
 %files
 %defattr(644,root,root,755)
 %doc HISTORY README TROUBLESHOOTING sample.sudoers
+%{?with_ldap:%doc README.LDAP sudoers2ldif}
 %attr(440,root,root) %verify(not md5 mtime size) %config(noreplace) %{_sysconfdir}/sudoers
 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/sudo
 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/sudo-i
@@ -204,12 +243,21 @@
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/sudo
 %attr(700,root,root) %dir /var/run/sudo
 
+%files -n openldap-schema-sudo
+%defattr(644,root,root,755)
+%{schemadir}/*.schema
+
 %define date	%(echo `LC_ALL="C" date +"%a %b %d %Y"`)
 %changelog
 * %{date} PLD Team <feedback at pld-linux.org>
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.157  2010/06/07 12:06:14  glen
+- add openldap-schema-sudo package
+- use rpm build macros for man symlinks to man links
+- rel 3
+
 Revision 1.156  2010/06/07 11:43:26  glen
 - ac deps, fix without ldap
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/sudo/sudo.spec?r1=1.156&r2=1.157&f=u

More information about the pld-cvs-commit mailing list