[750] | 1 | Summary: nsswitch proxy module to prevent local account spoofing |
---|
| 2 | Group: System Environment/Libraries |
---|
| 3 | Name: nss_nonlocal |
---|
[1553] | 4 | Version: 1.11 |
---|
[1508] | 5 | Release: 1 |
---|
[750] | 6 | URL: http://debathena.mit.edu/nss_nonlocal/ |
---|
[782] | 7 | BuildRequires: autoconf |
---|
| 8 | BuildRequires: automake |
---|
| 9 | BuildRequires: libtool |
---|
[1554] | 10 | License: LGPLv2+ |
---|
[750] | 11 | Source: %{name}.tar.gz |
---|
| 12 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
---|
| 13 | |
---|
| 14 | %description |
---|
| 15 | This nsswitch module acts as a proxy for other nsswitch modules like hesiod, |
---|
| 16 | but prevents non-local users from potentially gaining local privileges by |
---|
| 17 | spoofing local UIDs and GIDs. |
---|
| 18 | |
---|
| 19 | %prep |
---|
| 20 | %setup -q -n %{name} |
---|
| 21 | |
---|
[782] | 22 | cat >find_requires.sh <<EOF |
---|
| 23 | #!/bin/sh |
---|
| 24 | %{__find_requires} | grep -v GLIBC_PRIVATE |
---|
| 25 | exit 0 |
---|
| 26 | EOF |
---|
| 27 | chmod +x find_requires.sh |
---|
| 28 | %define _use_internal_dependency_generator 0 |
---|
| 29 | %define __find_requires %{_builddir}/%{buildsubdir}/find_requires.sh |
---|
| 30 | |
---|
[750] | 31 | %build |
---|
[782] | 32 | autoreconf -i |
---|
| 33 | %configure --libdir=/%{_lib} |
---|
| 34 | make |
---|
[750] | 35 | |
---|
| 36 | %install |
---|
| 37 | [ $RPM_BUILD_ROOT != / ] && rm -rf $RPM_BUILD_ROOT |
---|
[782] | 38 | make install DESTDIR=$RPM_BUILD_ROOT |
---|
[750] | 39 | |
---|
| 40 | %clean |
---|
| 41 | [ $RPM_BUILD_ROOT != / ] && rm -rf $RPM_BUILD_ROOT |
---|
| 42 | |
---|
| 43 | %files |
---|
| 44 | %defattr(-, root, root) |
---|
| 45 | %doc README |
---|
[782] | 46 | /%{_lib}/libnss_nonlocal.so.* |
---|
[750] | 47 | |
---|
| 48 | %pre |
---|
| 49 | groupadd -r nss-local-users || : |
---|
| 50 | groupadd -r nss-nonlocal-users || : |
---|
| 51 | |
---|
| 52 | %post |
---|
| 53 | /sbin/ldconfig |
---|
| 54 | |
---|
| 55 | %postun |
---|
| 56 | /sbin/ldconfig |
---|
| 57 | |
---|
| 58 | %changelog |
---|
| 59 | |
---|
[1553] | 60 | * Sun May 2 2010 Anders Kaseorg <andersk@mit.edu> 1.11-1 |
---|
| 61 | - New upstream version. |
---|
| 62 | |
---|
[1508] | 63 | * Fri Mar 12 2010 Mitchell Berger <mitchb@mit.edu> 1.9-1 |
---|
| 64 | - Per Fedora packaging guidelines, don't ever remove groups. |
---|
| 65 | - Rebuild to ensure that the nss-nonlocal-users group is added, even if it was |
---|
| 66 | previously rejected by a buggy groupadd with an incorrect name length limit. |
---|
| 67 | |
---|
[750] | 68 | * Thu May 8 2008 Anders Kaseorg <andersk@mit.edu> 1.6-0 |
---|
| 69 | - Initial RPM release. |
---|