Split sudo_logsrvd and the python plugin into their own packages.

2020-04-07 14:03:58 -06:00
parent ab18c22ab4
commit 0a10c702be
7 changed files with 415 additions and 52 deletions
--- a/2
+++ b/2
@@ -61,6 +61,8 @@ etc/init.d/aix.sh.in
 etc/init.d/hpux.sh.in
 etc/init.d/sudo.conf.in
 etc/sudo.pp
+etc/sudo-logsrvd.pp
+etc/sudo-python.pp
 examples/Makefile.in
 examples/pam.conf
 examples/sudo.conf.in
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,7 +1,7 @@
 #
 # SPDX-License-Identifier: ISC
 #
-# Copyright (c) 2010-2015, 2017-2019 Todd C. Miller <Todd.Miller@sudo.ws>
+# Copyright (c) 2010-2015, 2017-2020 Todd C. Miller <Todd.Miller@sudo.ws>
 #
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
@@ -369,30 +369,30 @@ force-dist: ChangeLog $(srcdir)/MANIFEST
 	gzip -9f ../$(PACKAGE_TARNAME)-$(VERSION).tar && \
 	ls -l ../$(PACKAGE_TARNAME)-$(VERSION).tar.gz

-package: $(srcdir)/etc/sudo.pp
+package: @PPFILES@
 	DESTDIR=$(abs_top_builddir)/destdir; rm -rf $$DESTDIR; \
 	$(MAKE) install INSTALL_OWNER= DESTDIR=$$DESTDIR && \
-	$(SHELL) $(scriptdir)/pp $(PPFLAGS) \
-	    --destdir=$$DESTDIR \
-	    $(srcdir)/etc/sudo.pp \
-	    prefix=$(prefix) \
-	    bindir=$(bindir) \
-	    sbindir=$(sbindir) \
-	    libexecdir=$(libexecdir) \
-	    includedir=$(includedir) \
-	    vardir=$(vardir) \
-	    rundir=$(rundir) \
-	    mandir=$(mandir) \
-	    localedir=$(localedir) \
-	    docdir=$(docdir) \
-	    exampledir=$(exampledir) \
-	    sysconfdir=$(sysconfdir) \
-	    sudoersdir=$(sudoersdir) \
-	    sudoers_uid=$(sudoers_uid) \
-	    sudoers_gid=$(sudoers_gid) \
-	    sudoers_mode=$(sudoers_mode) \
-	    shlib_mode=$(shlib_mode) \
-	    version=$(VERSION) $(PPVARS)
+	for p in @PPFILES@; do \
+	    $(SHELL) $(scriptdir)/pp $(PPFLAGS) --destdir=$$DESTDIR $$p \
+		prefix=$(prefix) \
+		bindir=$(bindir) \
+		sbindir=$(sbindir) \
+		libexecdir=$(libexecdir) \
+		includedir=$(includedir) \
+		vardir=$(vardir) \
+		rundir=$(rundir) \
+		mandir=$(mandir) \
+		localedir=$(localedir) \
+		docdir=$(docdir) \
+		exampledir=$(exampledir) \
+		sysconfdir=$(sysconfdir) \
+		sudoersdir=$(sudoersdir) \
+		sudoers_uid=$(sudoers_uid) \
+		sudoers_gid=$(sudoers_gid) \
+		sudoers_mode=$(sudoers_mode) \
+		shlib_mode=$(shlib_mode) \
+		version=$(VERSION) $(PPVARS); \
+	    done

 clean: config.status
 	for d in $(SUBDIRS) $(SAMPLES); do \
--- a/7
+++ b/7
@@ -736,6 +736,7 @@ rundir
 logpath
 log_dir
 iolog_dir
+PPFILES
 LOGSRVD
 LIBLOGSRV
 LOGSRV
@@ -3121,6 +3122,7 @@ $as_echo "$as_me: Configuring Sudo version $PACKAGE_VERSION" >&6;}



+


 #
@@ -3171,6 +3173,7 @@ pam_login_service=sudo
 plugindir="$libexecdir/sudo"
 DIGEST=digest.lo
 devsearch="/dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev"
+PPFILES='$(srcdir)/etc/sudo.pp'
 #
 # End initial values for man page substitution
 #
@@ -6976,6 +6979,9 @@ if test X"$enable_log_server" = X"no" -a X"$enable_log_client" = X"no"; then
    LOGSRV=
    LIBLOGSRV=
 fi
+if test X"$LOGSRVD" != X""; then
+    PPFILES="$PPFILES "'$(srcdir)/etc/sudo-logsrvd.pp'
+fi

 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing strerror" >&5
 $as_echo_n "checking for library containing strerror... " >&6; }
@@ -19463,6 +19469,7 @@ $as_echo "$PYTHON_LIBS" >&6; }

 fi

+    PPFILES="$PPFILES "'$(srcdir)/etc/sudo-python.pp'
    PYTHON_PLUGIN_SRC=plugins/python
    ac_config_files="$ac_config_files $PYTHON_PLUGIN_SRC/Makefile"

--- a/configure.ac
+++ b/configure.ac
@@ -119,6 +119,7 @@ AC_SUBST([PYTHON_PLUGIN_SRC])
 AC_SUBST([LOGSRV])
 AC_SUBST([LIBLOGSRV])
 AC_SUBST([LOGSRVD])
+AC_SUBST([PPFILES])

 dnl
 dnl Variables that get substituted in docs (not overridden by environment)
@@ -213,6 +214,7 @@ pam_login_service=sudo
 plugindir="$libexecdir/sudo"
 DIGEST=digest.lo
 devsearch="/dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev"
+PPFILES='$(srcdir)/etc/sudo.pp'
 #
 # End initial values for man page substitution
 #
@@ -1681,6 +1683,9 @@ if test X"$enable_log_server" = X"no" -a X"$enable_log_client" = X"no"; then
    LOGSRV=
    LIBLOGSRV=
 fi
+if test X"$LOGSRVD" != X""; then
+    PPFILES="$PPFILES "'$(srcdir)/etc/sudo-logsrvd.pp'
+fi

 dnl
 dnl C compiler checks
@@ -2597,6 +2602,7 @@ if test ${USE_PYTHON-'no'} = "yes"; then
      AC_MSG_RESULT([$PYTHON_LIBS])
    ])

+    PPFILES="$PPFILES "'$(srcdir)/etc/sudo-python.pp'
    PYTHON_PLUGIN_SRC=plugins/python
    AC_CONFIG_FILES([$PYTHON_PLUGIN_SRC/Makefile])
 fi
--- a/etc/sudo-logsrvd.pp
+++ b/etc/sudo-logsrvd.pp
@@ -0,0 +1,165 @@
+%set
+	name="sudo-logsrvd"
+	summary="Sudo event and I/O log server"
+	description="The sudo_logsrvd daemon collects event and I/O logs \
+from sudo clients.
+This makes it possible to have all sudo I/O logs on a central server."
+	vendor="Todd C. Miller"
+	copyright="(c) 2019-2020 Todd C. Miller"
+
+%if [aix]
+	# Convert to 4 part version for AIX, including patch level
+	pp_aix_version=`echo $version|sed -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)p\([0-9]*\)$/\1.\2/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)[^0-9\.].*$/\1/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)$/\1.0/'`
+
+	# Don't allow sudo to prompt for a password
+	pp_aix_sudo="sudo -n"
+%endif
+
+%if [sd]
+	pp_sd_vendor_tag="TCM"
+%endif
+
+%if [solaris]
+	pp_solaris_name="TCM${name}"
+	pp_solaris_pstamp=`/usr/bin/date "+%B %d, %Y"`
+%endif
+
+%if [rpm,deb]
+	# Convert patch level into release and remove from version
+	pp_rpm_release="`expr \( $version : '.*p\([0-9][0-9]*\)$' \| 0 \) + 1`"
+	pp_rpm_version="`expr \( $version : '\(.*\)p[0-9][0-9]*$' \| $version \)`"
+	pp_rpm_license="BSD"
+	pp_rpm_url="https://www.sudo.ws"
+	pp_rpm_group="Applications/System"
+	pp_rpm_packager="Todd C. Miller <Todd.Miller@sudo.ws>"
+%endif
+
+	# Stash original docdir and exampledir
+	odocdir="${docdir}"
+	oexampledir="${exampledir}"
+
+	# For RedHat the doc dir is expected to include version and release
+	case "$pp_rpm_distro" in
+	centos*|rhel*|f[0-9]*)
+		docdir="${docdir}-${pp_rpm_version}-${pp_rpm_release}"
+		exampledir="${docdir}/examples"
+		;;
+	esac
+
+	# docdir and exampledir are installed with "sudo" as the package
+	# name which may not be correct.
+	docdir="`echo \"${docdir}\" | sed \"s#/sudo#/${name}#g\"`"
+	exampledir="`echo \"${exampledir}\" | sed \"s#/sudo#/${name}#g\"`"
+
+	# Copy docdir and exampledir to new names if needed
+	if test ! -d "${pp_destdir}${docdir}"; then
+	    cp -R ${pp_destdir}${odocdir} ${pp_destdir}${docdir}
+	    find ${pp_destdir}${docdir} -depth | sed "s#^${pp_destdir}##" >> ${pp_wrkdir}/pp_cleanup
+	fi
+	if test ! -d "${pp_destdir}${exampledir}"; then
+	    cp -R ${pp_destdir}${oexampledir} ${pp_destdir}${exampledir}
+	    find ${pp_destdir}${exampledir} -depth | sed "s#^${pp_destdir}##" >> ${pp_wrkdir}/pp_cleanup
+	fi
+
+%if [deb]
+	pp_deb_maintainer="$pp_rpm_packager"
+	pp_deb_release="$pp_rpm_release"
+	pp_deb_version="$pp_rpm_version"
+	pp_deb_section=admin
+	install -D -m 644 ${pp_destdir}$docdir/LICENSE ${pp_wrkdir}/${name}/usr/share/doc/${name}/copyright
+	install -D -m 644 ${pp_destdir}$docdir/ChangeLog ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog
+	gzip -9f ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog
+	printf "$name ($pp_deb_version-$pp_deb_release) admin; urgency=low\n\n  * see upstream changelog\n\n -- $pp_deb_maintainer  `date '+%a, %d %b %Y %T %z'`\n" > ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
+	chmod 644 ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
+	gzip -9f ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
+	# Create lintian override file
+	mkdir -p ${pp_wrkdir}/${name}/usr/share/lintian/overrides
+	cat >${pp_wrkdir}/${name}/usr/share/lintian/overrides/${name} <<-EOF
+	# Sudo ships with debugging symbols
+	$name: unstripped-binary-or-object
+	EOF
+	chmod 644 ${pp_wrkdir}/${name}/usr/share/lintian/overrides/${name}
+%endif
+
+%if [rpm]
+	# Add distro info to release
+	osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/'`
+	case "$pp_rpm_distro" in
+	centos*|rhel*|f[0-9]*)
+		pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}"
+		;;
+	sles*)
+		pp_rpm_release="$pp_rpm_release.sles$osrelease"
+		;;
+	esac
+%endif
+
+%if [macos]
+	pp_macos_pkg_type=flat
+	pp_macos_bundle_id=ws.sudo.pkg.sudo
+	pp_macos_pkg_license=${pp_destdir}$docdir/LICENSE
+	pp_macos_pkg_readme=${pp_wrkdir}/ReadMe.txt
+	perl -pe 'last if (/^What/i && $seen++)' ${pp_destdir}$docdir/NEWS > ${pp_wrkdir}/ReadMe.txt
+%endif
+
+%if X"$aix_freeware" = X"true"
+	# Create links from /opt/freeware/sbin -> /usr/sbin
+	mkdir -p ${pp_destdir}/usr/sbin
+	ln -s -f ${sbindir}/sudo_logsrvd ${pp_destdir}/usr/sbin
+%endif
+
+	# Package parent directories when not installing under /usr
+	if test "${prefix}" != "/usr"; then
+	    extradirs=`echo ${pp_destdir}${mandir}/[mc]* | sed "s#${pp_destdir}##g"`
+	    extradirs="$extradirs `dirname $docdir`"
+	    test "`dirname $exampledir`" != "$docdir" && extradirs="$extradirs `dirname $exampledir`"
+	    for dir in $sbindir $extradirs; do
+		    while test "$dir" != "/"; do
+			    parentdirs="${parentdirs}${parentdirs+ }$dir/"
+			    dir=`dirname $dir`
+		    done
+	    done
+	    parentdirs=`echo $parentdirs | tr " " "\n" | sort -u`
+	fi
+
+%depend [deb]
+	libc6, zlib1g, libssl1.1, sudo
+
+%fixup [deb]
+	echo "Homepage: https://www.sudo.ws" >> %{pp_wrkdir}/%{name}/DEBIAN/control
+	echo "Bugs: https://bugzilla.sudo.ws" >> %{pp_wrkdir}/%{name}/DEBIAN/control
+
+%fixup [rpm]
+	cat > %{pp_wrkdir}/${name}.spec.sed <<-'EOF'
+		/^%files/ {
+			i\
+			%clean\
+			:\
+
+		}
+	EOF
+	mv %{pp_wrkdir}/${name}.spec %{pp_wrkdir}/${name}.spec.bak
+	sed -f %{pp_wrkdir}/${name}.spec.sed %{pp_wrkdir}/${name}.spec.bak > %{pp_wrkdir}/${name}.spec
+
+%files
+	/**			ignore
+%if X"$parentdirs" != X""
+	$parentdirs		-    ignore-others
+%endif
+	$sbindir/sudo_logsrvd   0755 ignore-others
+	$mandir/man*/*logsrv*	0644 ignore-others
+	$docdir/		0755 ignore-others
+	$exampledir/		0755 ignore-others
+	$exampledir/*logsrv*	0644 ignore-others
+%if X"$aix_freeware" = X"true"
+	# Links for binaries from /opt/freeware to /usr
+	/usr/sbin/sudo_logsrvd  0755 root: symlink,ignore-others $sbindir/logsrvd
+%endif
+
+%service sudo_logsrvd
+%if [aix,macos]
+	cmd="${sbindir}/sudo_logsrvd -n"
+%else
+	cmd=${sbindir}/sudo_logsrvd
+	pidfile=${rundir}/sudo_logsrvd.pid
+%endif
--- a/etc/sudo-python.pp
+++ b/etc/sudo-python.pp
@@ -0,0 +1,146 @@
+%set
+	name="sudo-python"
+	summary="Sudo Python plugin framework"
+	description="The sudo Python plugin allows you to extend sudo using Python."
+	vendor="Todd C. Miller"
+	copyright="(c) 2019-2020 Todd C. Miller"
+
+%if [aix]
+	# Convert to 4 part version for AIX, including patch level
+	pp_aix_version=`echo $version|sed -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)p\([0-9]*\)$/\1.\2/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)[^0-9\.].*$/\1/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)$/\1.0/'`
+
+	# Don't allow sudo to prompt for a password
+	pp_aix_sudo="sudo -n"
+%endif
+
+%if [sd]
+	pp_sd_vendor_tag="TCM"
+%endif
+
+%if [solaris]
+	pp_solaris_name="TCM${name}"
+	pp_solaris_pstamp=`/usr/bin/date "+%B %d, %Y"`
+%endif
+
+%if [rpm,deb]
+	# Convert patch level into release and remove from version
+	pp_rpm_release="`expr \( $version : '.*p\([0-9][0-9]*\)$' \| 0 \) + 1`"
+	pp_rpm_version="`expr \( $version : '\(.*\)p[0-9][0-9]*$' \| $version \)`"
+	pp_rpm_license="BSD"
+	pp_rpm_url="https://www.sudo.ws"
+	pp_rpm_group="Applications/System"
+	pp_rpm_packager="Todd C. Miller <Todd.Miller@sudo.ws>"
+%endif
+
+	# Stash original docdir and exampledir
+	odocdir="${docdir}"
+	oexampledir="${exampledir}"
+
+	# For RedHat the doc dir is expected to include version and release
+	case "$pp_rpm_distro" in
+	centos*|rhel*|f[0-9]*)
+		docdir="${docdir}-${pp_rpm_version}-${pp_rpm_release}"
+		exampledir="${docdir}/examples"
+		;;
+	esac
+
+	# docdir and exampledir are installed with "sudo" as the package
+	# name which may not be correct.
+	docdir="`echo \"${docdir}\" | sed \"s#/sudo#/${name}#g\"`"
+	exampledir="`echo \"${exampledir}\" | sed \"s#/sudo#/${name}#g\"`"
+
+	# Copy docdir and exampledir to new names if needed
+	if test ! -d "${pp_destdir}${docdir}"; then
+	    cp -R ${pp_destdir}${odocdir} ${pp_destdir}${docdir}
+	    find ${pp_destdir}${docdir} -depth | sed "s#^${pp_destdir}##" >> ${pp_wrkdir}/pp_cleanup
+	fi
+	if test ! -d "${pp_destdir}${exampledir}"; then
+	    cp -R ${pp_destdir}${oexampledir} ${pp_destdir}${exampledir}
+	    find ${pp_destdir}${exampledir} -depth | sed "s#^${pp_destdir}##" >> ${pp_wrkdir}/pp_cleanup
+	fi
+
+%if [deb]
+	pp_deb_maintainer="$pp_rpm_packager"
+	pp_deb_release="$pp_rpm_release"
+	pp_deb_version="$pp_rpm_version"
+	pp_deb_section=admin
+	install -D -m 644 ${pp_destdir}$docdir/LICENSE ${pp_wrkdir}/${name}/usr/share/doc/${name}/copyright
+	install -D -m 644 ${pp_destdir}$docdir/ChangeLog ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog
+	gzip -9f ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog
+	printf "$name ($pp_deb_version-$pp_deb_release) admin; urgency=low\n\n  * see upstream changelog\n\n -- $pp_deb_maintainer  `date '+%a, %d %b %Y %T %z'`\n" > ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
+	chmod 644 ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
+	gzip -9f ${pp_wrkdir}/${name}/usr/share/doc/${name}/changelog.Debian
+	# Create lintian override file
+	mkdir -p ${pp_wrkdir}/${name}/usr/share/lintian/overrides
+	cat >${pp_wrkdir}/${name}/usr/share/lintian/overrides/${name} <<-EOF
+	# Sudo ships with debugging symbols
+	$name: unstripped-binary-or-object
+	EOF
+	chmod 644 ${pp_wrkdir}/${name}/usr/share/lintian/overrides/${name}
+%endif
+
+%if [rpm]
+	# Add distro info to release
+	osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/'`
+	case "$pp_rpm_distro" in
+	centos*|rhel*|f[0-9]*)
+		pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}"
+		;;
+	sles*)
+		pp_rpm_release="$pp_rpm_release.sles$osrelease"
+		;;
+	esac
+%endif
+
+%if [macos]
+	pp_macos_pkg_type=flat
+	pp_macos_bundle_id=ws.sudo.pkg.sudo
+	pp_macos_pkg_license=${pp_destdir}$docdir/LICENSE
+	pp_macos_pkg_readme=${pp_wrkdir}/ReadMe.txt
+	perl -pe 'last if (/^What/i && $seen++)' ${pp_destdir}$docdir/NEWS > ${pp_wrkdir}/ReadMe.txt
+%endif
+
+	# Package parent directories when not installing under /usr
+	if test "${prefix}" != "/usr"; then
+	    extradirs=`echo ${pp_destdir}${mandir}/[mc]* | sed "s#${pp_destdir}##g"`
+	    extradirs="$extradirs `dirname $docdir`"
+	    test "`dirname $exampledir`" != "$docdir" && extradirs="$extradirs `dirname $exampledir`"
+	    for dir in $libexecdir $extradirs; do
+		    while test "$dir" != "/"; do
+			    parentdirs="${parentdirs}${parentdirs+ }$dir/"
+			    dir=`dirname $dir`
+		    done
+	    done
+	    parentdirs=`echo $parentdirs | tr " " "\n" | sort -u`
+	fi
+
+%depend [deb]
+	libc6, libpython3.6, sudo
+
+%fixup [deb]
+	echo "Homepage: https://www.sudo.ws" >> %{pp_wrkdir}/%{name}/DEBIAN/control
+	echo "Bugs: https://bugzilla.sudo.ws" >> %{pp_wrkdir}/%{name}/DEBIAN/control
+
+%fixup [rpm]
+	cat > %{pp_wrkdir}/${name}.spec.sed <<-'EOF'
+		/^%files/ {
+			i\
+			%clean\
+			:\
+
+		}
+	EOF
+	mv %{pp_wrkdir}/${name}.spec %{pp_wrkdir}/${name}.spec.bak
+	sed -f %{pp_wrkdir}/${name}.spec.sed %{pp_wrkdir}/${name}.spec.bak > %{pp_wrkdir}/${name}.spec
+
+%files
+	/**			ignore
+%if X"$parentdirs" != X""
+	$parentdirs		-    ignore-others
+%endif
+	$libexecdir/sudo/	0755 ignore-others
+	$libexecdir/sudo/python* $shlib_mode ignore-others
+	$docdir/		0755 ignore-others
+	$exampledir/		0755 ignore-others
+	$exampledir/*.py	0644 ignore-others
+	$mandir/man*/*python*	0644 ignore-others
--- a/etc/sudo.pp
+++ b/etc/sudo.pp
@@ -10,7 +10,7 @@ limited root privileges to users and log root activity.  \
 The basic philosophy is to give as few privileges as possible but \
 still allow people to get their work done."
 	vendor="Todd C. Miller"
-	copyright="(c) 1993-1996,1998-2019 Todd C. Miller"
+	copyright="(c) 1993-1996,1998-2020 Todd C. Miller"
 	sudoedit_man=`echo ${pp_destdir}$mandir/*/sudoedit.*|sed "s:^${pp_destdir}::"`
 	sudoedit_man_target=`basename $sudoedit_man | sed 's/edit//'`

@@ -20,6 +20,9 @@ still allow people to get their work done."

 	# Convert to 4 part version for AIX, including patch level
 	pp_aix_version=`echo $version|sed -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)p\([0-9]*\)$/\1.\2/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)[^0-9\.].*$/\1/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)$/\1.0/'`
+
+	# Don't allow sudo to prompt for a password
+	pp_aix_sudo="sudo -n"
 %endif

 %if [sd]
@@ -96,6 +99,35 @@ still allow people to get their work done."
 	rm -f ${pp_destdir}$sysconfdir/sudo.conf
 %endif

+	# Stash original docdir and exampledir
+	odocdir="${docdir}"
+	oexampledir="${exampledir}"
+
+	# For RedHat the doc dir is expected to include version and release
+	case "$pp_rpm_distro" in
+	centos*|rhel*|f[0-9]*)
+		docdir="${docdir}-${pp_rpm_version}-${pp_rpm_release}"
+		exampledir="${docdir}/examples"
+		;;
+	esac
+
+	if test -n "$flavor"; then
+	    # docdir and exampledir are installed with "sudo" as the package
+	    # name which is not be correct for flavors.
+	    docdir="`echo \"${docdir}\" | sed \"s#/sudo#/${name}#g\"`"
+	    exampledir="`echo \"${exampledir}\" | sed \"s#/sudo#/${name}#g\"`"
+	fi
+
+	# Copy docdir and exampledir to new names if needed
+	if test ! -d "${pp_destdir}${docdir}"; then
+	    cp -R ${pp_destdir}${odocdir} ${pp_destdir}${docdir}
+	    find ${pp_destdir}${docdir} -depth | sed "s#^${pp_destdir}##" >> ${pp_wrkdir}/pp_cleanup
+	fi
+	if test ! -d "${pp_destdir}${exampledir}"; then
+	    cp -R ${pp_destdir}${oexampledir} ${pp_destdir}${exampledir}
+	    find ${pp_destdir}${exampledir} -depth | sed "s#^${pp_destdir}##" >> ${pp_wrkdir}/pp_cleanup
+	fi
+
 %if [deb]
 	pp_deb_maintainer="$pp_rpm_packager"
 	pp_deb_release="$pp_rpm_release"
@@ -162,18 +194,6 @@ still allow people to get their work done."
 		;;
 	esac

-	# For RedHat the doc dir is expected to include version and release
-	case "$pp_rpm_distro" in
-	centos*|rhel*|f[0-9]*)
-		rhel_docdir="${docdir}-${pp_rpm_version}-${pp_rpm_release}"
-		if test "`dirname ${exampledir}`" = "${docdir}"; then
-		    exampledir="${rhel_docdir}/`basename ${exampledir}`"
-		fi
-		mv "${pp_destdir}/${docdir}" "${pp_destdir}/${rhel_docdir}"
-		docdir="${rhel_docdir}"
-		;;
-	esac
-
 	# Choose the correct PAM file by distro, must be tab indented for "<<-"
 	case "$pp_rpm_distro" in
 	centos*|rhel*)
@@ -282,20 +302,19 @@ still allow people to get their work done."
 %endif

 %if X"$aix_freeware" = X"true"
-	# Create links from /opt/freeware/{bin,sbin} -> /usr/{bin.sbin}
+	# Create links from /opt/freeware/{bin,sbin} -> /usr/{bin,sbin}
 	mkdir -p ${pp_destdir}/usr/bin ${pp_destdir}/usr/sbin
 	ln -s -f ${bindir}/cvtsudoers ${pp_destdir}/usr/bin
 	ln -s -f ${bindir}/sudo ${pp_destdir}/usr/bin
 	ln -s -f ${bindir}/sudoedit ${pp_destdir}/usr/bin
 	ln -s -f ${bindir}/sudoreplay ${pp_destdir}/usr/bin
-	ln -s -f ${sbindir}/sudo_logsrvd ${pp_destdir}/usr/sbin
 	ln -s -f ${sbindir}/sudo_sendlog ${pp_destdir}/usr/sbin
 	ln -s -f ${sbindir}/visudo ${pp_destdir}/usr/sbin
 %endif

 	# Package parent directories when not installing under /usr
 	if test "${prefix}" != "/usr"; then
-	    extradirs=`echo ${pp_destdir}/${mandir}/[mc]* | sed "s#${pp_destdir}/##g"`
+	    extradirs=`echo ${pp_destdir}${mandir}/[mc]* | sed "s#${pp_destdir}##g"`
 	    extradirs="$extradirs `dirname $docdir` `dirname $rundir` `dirname $vardir`"
 	    test "`dirname $exampledir`" != "$docdir" && extradirs="$extradirs `dirname $exampledir`"
 	    test -d ${pp_destdir}${localedir} && extradirs="$extradirs $localedir"
@@ -309,7 +328,7 @@ still allow people to get their work done."
 	fi

 %depend [deb]
-	libc6, libpam0g, libpam-modules, zlib1g, libselinux1
+	libc6, libpam0g, libpam-modules, zlib1g, libselinux1, libssl1.1

 %fixup [deb]
 	# Add Conflicts, Replaces headers and add libldap depedency as needed.
@@ -329,33 +348,58 @@ still allow people to get their work done."
 	echo "Homepage: https://www.sudo.ws" >> %{pp_wrkdir}/%{name}/DEBIAN/control
 	echo "Bugs: https://bugzilla.sudo.ws" >> %{pp_wrkdir}/%{name}/DEBIAN/control

+%fixup [rpm]
+	cat > %{pp_wrkdir}/${name}.spec.sed <<-'EOF'
+		/^%files/ {
+			i\
+			%clean\
+			:\
+
+		}
+	EOF
+	mv %{pp_wrkdir}/${name}.spec %{pp_wrkdir}/${name}.spec.bak
+	sed -f %{pp_wrkdir}/${name}.spec.sed %{pp_wrkdir}/${name}.spec.bak > %{pp_wrkdir}/${name}.spec
+
 %files
 %if X"$parentdirs" != X""
 	$parentdirs		-
+%endif
+%if X"$odocdir" != X"$docdir"
+	$odocdir/		ignore
+	$odocdir/**		ignore
+%endif
+%if X"$oexampledir" != X"$exampledir" -a X"$exampledir" != X"$docdir/examples"
+	$oexampledir/		ignore
+	$oexampledir/**		ignore
 %endif
 	$bindir/cvtsudoers  	0755 root:
 	$bindir/sudo        	4755 root:
 	$bindir/sudoedit    	0755 root: symlink sudo
 	$bindir/sudoreplay  	0755
-	$sbindir/sudo_logsrvd   0755
 	$sbindir/sudo_sendlog   0755
+	$sbindir/sudo_logsrvd        optional,ignore
 	$sbindir/visudo     	0755
 	$includedir/sudo_plugin.h 0644
 	$libexecdir/sudo/	0755
 	$libexecdir/sudo/sesh	0755 optional,ignore-others
+	$libexecdir/sudo/python*     optional,ignore,ignore-others
 	$libexecdir/sudo/*	$shlib_mode optional
 	$sudoersdir/sudoers.d/	0750 $sudoers_uid:$sudoers_gid
 	$rundir/		0711 root:
 	$vardir/		0711 root: ignore-others
 	$vardir/lectured/	0700 root:
 	$docdir/		0755
+	$docdir/**		0644
 %if [deb]
 	$docdir/LICENSE		ignore,ignore-others
 	$docdir/ChangeLog	ignore,ignore-others
 %endif
+%if X"$exampledir" != X"$docdir/examples"
 	$exampledir/		0755 ignore-others
-	$exampledir/*		0644 ignore-others
-	$docdir/**		0644
+	$exampledir/*		0644
+%endif
+	$exampledir/sudo_logsrv*     optional,ignore,ignore-others
+	$exampledir/*.py             optional,ignore,ignore-others
 	$localedir/*/		-    optional
 	$localedir/*/LC_MESSAGES/ -    optional
 	$localedir/*/LC_MESSAGES/* 0644    optional
@@ -372,7 +416,6 @@ still allow people to get their work done."
 	/usr/bin/sudo    	0755 root: symlink $bindir/sudo
 	/usr/bin/sudoedit    	0755 root: symlink $bindir/sudoedit
 	/usr/bin/sudoreplay    	0755 root: symlink $bindir/sudoreplay
-	/usr/sbin/sudo_logsrvd  0755 root: symlink $sbindir/logsrvd
 	/usr/sbin/sudo_sendlog  0755 root: symlink $sbindir/sendlog
 	/usr/sbin/visudo    	0755 root: symlink $sbindir/visudo
 %endif
@@ -394,16 +437,10 @@ still allow people to get their work done."
 	/sbin/init.d/sudo	0755 root:
 %endif
 	$mandir/man*/*		0644
+	$mandir/man*/sudo_logsrv*    ignore,ignore-others
+	$mandir/man*/*python*        ignore,ignore-others
 	$sudoedit_man		0644 symlink,ignore-others $sudoedit_man_target

-%service sudo_logsrvd
-%if [aix,macos]
-	cmd="${sbindir}/sudo_logsrvd -n"
-%else
-	cmd=${sbindir}/sudo_logsrvd
-	pidfile=${rundir}/sudo_logsrvd.pid
-%endif
-
 %pre [aix]
 	if rpm -q %{name} >/dev/null 2>&1; then
 		echo "Another version of sudo is currently installed via rpm." 2>&1