CentOS6 sudo漏洞修复 CVE-2021-3156

sudo又有漏洞啦,CVE-2021-3156。https://s.tencent.com/research/bsafe/1238.html

为了解决centos6无法直接yum update sudo的窘境,撸起袖子干吧

原料一、sudo源码包一份

下载地址:https://www.sudo.ws/dist/sudo-1.9.5p2.tar.gz

原料二、sudo spec一份

打包前不知道用什么编译参数合适,然后参考了一下os原版的内容

最终生成了自己的spec

Name:           sudo
Version:        1.9.5p2
Release:        1%{?dist}
Summary:        sudo-1.9.5p2 rpmbuild for centos6
License:        GPLv2
BuildRequires:  gcc,make
Source:         %{name}-%{version}.tar.gz

%description
sudo-1.9.5p2 rpmbuild for centos6 to fix CVE-2021-3156. 20210128

%prep
%setup -q

%install
./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --prefix=/usr --sbindir=/usr/sbin --libdir=/usr/lib64 --docdir=/usr/share/doc/sudo-1.8.6p3 --with-logging=syslog --with-logfac=authpriv --with-pam --with-pam-login --with-editor=/bin/vi --with-env-editor --with-ignore-dot --with-tty-tickets --with-ldap --with-ldap-conf-file=/etc/sudo-ldap.conf --with-selinux --with-passprompt=[sudo] password for %p:  --with-linux-audit --with-sssd
make
make install DESTDIR=%{buildroot}
tree %{buildroot} > /tmp/sudo.tree

%files
%defattr(-,root,root)
/

成品出炉,给自己一个赞

posted @ 2021-02-03 17:29  zw1027  阅读(741)  评论(0编辑  收藏  举报