rpms/sudo/F-11 sudo-1.7.1-auditfix.patch, NONE, 1.1 sudo.spec, 1.78, 1.79

Daniel Kopeček mildew at fedoraproject.org
Thu Jul 9 13:28:23 UTC 2009 

Author: mildew

Update of /cvs/pkgs/rpms/sudo/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30691

Modified Files:
	sudo.spec 
Added Files:
	sudo-1.7.1-auditfix.patch 
Log Message:
- moved the closefrom() call before audit_help_open()


sudo-1.7.1-auditfix.patch:

--- NEW FILE sudo-1.7.1-auditfix.patch ---
diff -up sudo-1.7.1/audit_help.c.auditfix sudo-1.7.1/audit_help.c
--- sudo-1.7.1/audit_help.c.auditfix	2009-07-09 15:05:14.000000000 +0200
+++ sudo-1.7.1/audit_help.c	2009-07-09 15:04:33.000000000 +0200
@@ -45,7 +45,7 @@
 #include <selinux/selinux.h>
 #endif
 
-int audit_fd;
+int audit_fd = -1;
 
 void audit_help_open (void)
 {
diff -up sudo-1.7.1/sudo.c.auditfix sudo-1.7.1/sudo.c
--- sudo-1.7.1/sudo.c.auditfix	2009-07-09 14:35:50.000000000 +0200
+++ sudo-1.7.1/sudo.c	2009-07-09 15:02:41.000000000 +0200
@@ -363,10 +363,6 @@ main(argc, argv, envp)
     }
     if (safe_cmnd == NULL)
 	safe_cmnd = estrdup(user_cmnd);
-
-#if defined(WITH_AUDIT)
-    audit_help_open ();
-#endif
     
 #ifdef HAVE_SETLOCALE
     setlocale(LC_ALL, "");
@@ -529,7 +525,12 @@ main(argc, argv, envp)
 	(void) sigaction(SIGINT, &saved_sa_int, NULL);
 	(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
 	(void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
+
+	closefrom(def_closefrom + 1);
 	
+#if defined(WITH_AUDIT)
+        audit_help_open ();
+#endif
         if (access(safe_cmnd, X_OK) != 0) {
 		warn ("unable to execute %s", safe_cmnd);
 #ifdef WITH_AUDIT
@@ -545,8 +546,6 @@ main(argc, argv, envp)
 	sudo_endpwent();
 	sudo_endgrent();
 
-	closefrom(def_closefrom + 1);
-
 #ifndef PROFILING
 	if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0) {
 	    syslog(LOG_AUTH|LOG_ERR, "fork");


Index: sudo.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sudo/F-11/sudo.spec,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -p -r1.78 -r1.79
--- sudo.spec	8 Jul 2009 12:08:13 -0000	1.78
+++ sudo.spec	9 Jul 2009 13:27:53 -0000	1.79
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.7.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: BSD
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -30,6 +30,7 @@ Patch4: sudo-1.7.1-libtool.patch
 Patch5: sudo-1.7.1-getgrouplist.patch
 Patch6: sudo-1.7.1-audit.patch
 Patch7: sudo-1.7.1-conffix.patch
+Patch8: sudo-1.7.1-auditfix.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -51,6 +52,7 @@ on many different machines.
 %patch5 -p1 -b .getgrouplist
 %patch6 -p1 -b .audit
 %patch7 -p1 -b .conffix
+%patch8 -p1 -b .auditfix
 
 %build
 #hande newer autoconf
@@ -137,6 +139,9 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Thu Jul 09 2009 Daniel Kopecek <dkopecek at redhat.com> 1.7.1-4
+- moved the closefrom() call before audit_help_open() (sudo-1.7.1-auditfix.patch)
+
 * Wed Jul 08 2009 Daniel Kopecek <dkopecek at redhat.com> 1.7.1-3
 - epoch number sync

More information about the fedora-extras-commits mailing list