From: Bdale Garbee Date: Wed, 1 Dec 2010 17:59:20 +0000 (-0700) Subject: make sudoers a conffile, update postinsts to reflect that X-Git-Tag: debian/1.7.4p4-5~5 X-Git-Url: https://git.gag.com/?a=commitdiff_plain;h=202c474422229f06d161b2beb1cd416999ea33df;p=debian%2Fsudo make sudoers a conffile, update postinsts to reflect that use debhelper install support instead of explicit install calls in rules --- diff --git a/debian/changelog b/debian/changelog index d7c44b6..9cd401d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,7 +2,9 @@ sudo (1.7.4p4-5) UNRELEASED; urgency=low * patch from Jakub Wilk to add noopt and nostrip build option support, closes: #605580 + * make sudoers a conffile, closes: #605130 * add Vcs entries to the control file + * use debhelper install files instead of explicit installs in rules -- Bdale Garbee Wed, 01 Dec 2010 10:18:01 -0700 diff --git a/debian/rules b/debian/rules index 5011197..b5b5231 100755 --- a/debian/rules +++ b/debian/rules @@ -104,22 +104,6 @@ install: build-stamp debian/sudo-ldap/usr/share/doc/sudo-ldap/ rmdir debian/sudo-ldap/usr/share/doc/sudo - # and install things we do want that make install doesn't know about - install -o root -g root -m 0644 debian/sudo.pam \ - debian/sudo/etc/pam.d/sudo - install -o root -g root -m 0644 debian/sudo.pam \ - debian/sudo-ldap/etc/pam.d/sudo - - install -o root -g root -m 0644 debian/sudo.lintian \ - debian/sudo/usr/share/lintian/overrides/sudo - install -o root -g root -m 0644 debian/sudo-ldap.lintian \ - debian/sudo-ldap/usr/share/lintian/overrides/sudo-ldap - - install -o root -g root -m 0440 debian/README \ - debian/sudo/etc/sudoers.d/README - install -o root -g root -m 0440 debian/README \ - debian/sudo-ldap/etc/sudoers.d/README - binary-indep: build install binary-arch: build install @@ -127,6 +111,7 @@ binary-arch: build install dh_testroot dh_installdocs -A dh_installexamples -A sample.sudoers + dh_install -A dh_installinit -psudo -psudo-ldap --name=sudo dh_installman -A dh_installinfo -A diff --git a/debian/sudo-ldap.install b/debian/sudo-ldap.install new file mode 100644 index 0000000..9b4cbc2 --- /dev/null +++ b/debian/sudo-ldap.install @@ -0,0 +1,4 @@ +debian/sudo.pam etc/pam.d/sudo +debian/sudo-ldap.lintian usr/share/lintian/overrides/sudo-ldap +debian/README etc/sudoers.d/README +debian/sudoers etc/sudoers diff --git a/debian/sudo-ldap.postinst b/debian/sudo-ldap.postinst index aee102c..88e8c2c 100644 --- a/debian/sudo-ldap.postinst +++ b/debian/sudo-ldap.postinst @@ -4,30 +4,9 @@ unlink ("/etc/alternatives/sudo") if ( -l "/etc/alternatives/sudo"); -# make sure we have a sudoers file +# complain if no sudoers file is present if ( ! -f "/etc/sudoers") { - - print "No /etc/sudoers found... creating one for you.\n"; - - open (SUDOERS, "> /etc/sudoers"); - print SUDOERS "# /etc/sudoers\n", - "#\n", - "# This file MUST be edited with the 'visudo' command as root.\n", - "#\n", - "# See the man page for details on how to write a sudoers file.\n", - "#\n\nDefaults\tenv_reset\n\n", - "# Host alias specification\n\n", - "# User alias specification\n\n", - "# Cmnd alias specification\n\n", - "# User privilege specification\nroot\tALL=(ALL) ALL\n\n", - "# Allow members of group sudo to execute any command\n", - "# (Note that later entries override this, so you might need to move\n", - "# it further down)\n", - "%sudo ALL=(ALL) ALL\n", - "#\n", - "#includedir /etc/sudoers.d\n"; - close SUDOERS; - + print "WARNING: /etc/sudoers not present!\n"; } # handle state directory transition from /var/run/sudo to /var/lib/sudo, diff --git a/debian/sudo.install b/debian/sudo.install new file mode 100644 index 0000000..336f6e6 --- /dev/null +++ b/debian/sudo.install @@ -0,0 +1,4 @@ +debian/sudo.pam etc/pam.d/sudo +debian/sudo.lintian usr/share/lintian/overrides/sudo +debian/README etc/sudoers.d/README +debian/sudoers etc/sudoers diff --git a/debian/sudo.postinst b/debian/sudo.postinst index c78cf8d..33fd3d1 100644 --- a/debian/sudo.postinst +++ b/debian/sudo.postinst @@ -4,30 +4,9 @@ unlink ("/etc/alternatives/sudo") if ( -l "/etc/alternatives/sudo"); -# make sure we have a sudoers file +# complain if no sudoers file is present if ( ! -f "/etc/sudoers") { - - print "No /etc/sudoers found... creating one for you.\n"; - - open (SUDOERS, "> /etc/sudoers"); - print SUDOERS "# /etc/sudoers\n", - "#\n", - "# This file MUST be edited with the 'visudo' command as root.\n", - "#\n", - "# See the man page for details on how to write a sudoers file.\n", - "#\n\nDefaults\tenv_reset\n\n", - "# Host alias specification\n\n", - "# User alias specification\n\n", - "# Cmnd alias specification\n\n", - "# User privilege specification\nroot\tALL=(ALL) ALL\n\n", - "# Allow members of group sudo to execute any command\n", - "# (Note that later entries override this, so you might need to move\n", - "# it further down)\n", - "%sudo ALL=(ALL) ALL\n", - "#\n", - "#includedir /etc/sudoers.d\n"; - close SUDOERS; - + print "WARNING: /etc/sudoers not present!\n"; } # handle state directory transition from /var/run/sudo to /var/lib/sudo, diff --git a/debian/sudoers b/debian/sudoers index 354961e..7411b9b 100644 --- a/debian/sudoers +++ b/debian/sudoers @@ -1,19 +1,23 @@ # # This file MUST be edited with the 'visudo' command as root. # -# See the man page for details on how to write a sudoers file. +# Please consider adding local content in /etc/sudoers.d/ instead of +# directly modifying this file. # -# Note that modifying behavior defined here may also be done by -# adding content in the /etc/sudoers.d directory. +# See the man page for details on how to write a sudoers file. # - Defaults env_reset -# root can use sudo to do anything +# Host alias specification + +# User alias specification + +# Cmnd alias specification + +# User privilege specification root ALL=(ALL) ALL # Allow members of group sudo to execute any command -# (Note that later entries may override this) %sudo ALL=(ALL) ALL #includedir /etc/sudoers.d