diff options
author | Tzafrir Cohen <tzafrir.cohen@xorcom.com> | 2011-12-19 16:39:43 +0000 |
---|---|---|
committer | Tzafrir Cohen <tzafrir.cohen@xorcom.com> | 2011-12-19 16:39:43 +0000 |
commit | b002651ff9c2e3dd6ed8764823ae7d96322513ed (patch) | |
tree | b37fcc5a7c204d860971cc7f0a25503bb479e63a /rapid-tunneling.spec | |
parent | 3f90630218a0789627f0085489f081d62a2b4983 (diff) |
rapid-tunneling: no more rapid-tunneling "user"
* suders entry runs as root.
* use a sudoers.d file if possible (only thing in Debian).
* Version bumped to 1.12.
git-svn-id: svn+ssh://xorcom/home/svn/debs/components/rapid-tunneling@10209 283159da-0705-0410-b60c-f2062b4bb6ad
Diffstat (limited to 'rapid-tunneling.spec')
-rw-r--r-- | rapid-tunneling.spec | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/rapid-tunneling.spec b/rapid-tunneling.spec index 77adfa6..4773cb8 100644 --- a/rapid-tunneling.spec +++ b/rapid-tunneling.spec @@ -1,6 +1,6 @@ Summary: Xorcom RapidTunneling (tm) Name: rapid-tunneling -Version: 1.11 +Version: 1.12 Release: 1 License: GPLv2+ Group: Applications/Internet @@ -73,19 +73,17 @@ fi SUDOERS=/etc/sudoers user="asterisk" TEXT="Defaults>$user !lecture -$user ALL=(rapid-tunneling) NOPASSWD:/usr/sbin/rapid-tunneling -$user ALL=(rapid-tunneling) NOPASSWD:/usr/sbin/rapid-tunneling-status" +$user ALL= NOPASSWD:/usr/sbin/rapid-tunneling +$user ALL= NOPASSWD:/usr/sbin/rapid-tunneling-status" if ! fgrep -q "$TEXT" $SUDOERS; then echo "$TEXT" >> $SUDOERS; fi service httpd reload %postun gui if [ "$1" = 0 ]; then + # Not optimal, but better than nothing. Only proper fix + # is suddoers.d: SUDOERS=/etc/sudoers - user="asterisk" - TEXT="Defaults>$user !lecture -$user ALL=(rapid-tunneling) NOPASSWD:/usr/sbin/rapid-tunneling -$user ALL=(rapid-tunneling) NOPASSWD:/usr/sbin/rapid-tunneling-status" - fgrep -v "$TEXT" $SUDOERS > ${SUDOERS}.tmp && cp ${SUDOERS}.tmp $SUDOERS && rm ${SUDOERS}.tmp + sed -i -e "/NOPASSWD:\/usr\/sbin\/rapid-tunneling/d" /etc/sudoers fi service httpd reload @@ -113,8 +111,14 @@ service httpd reload %{_datadir}/rapid-tunneling/www %config(noreplace) /etc/rapid-tunneling/gui.htpasswd %config /etc/httpd/conf.d/rapid-tunneling.conf +%config /etc/sudoers.d/rapid-tunneling %changelog +* Mon Dec 19 2011 Tzafrir Cohen <tzafrir.cohen@xorcom.com> 1.12-1 +- Removed separate rapid-tunneling "user". +- Work around a bug in centos5 sudo: no more permanent "connecting". +- Separate sudoers file added for e.g. Centos6. + * Tue Jun 14 2011 Tzafrir Cohen <tzafrir.cohen@xorcom.com> 1.11-1 - Only create rapid-tunneling user in scripts of -gui - Don't delete created users (rpmlint, Elad) |