From 7719973d9ba22a15548ec95c3fcbad3c8f76c7ae Mon Sep 17 00:00:00 2001
From: Daniel Kopecek <dkopecek@redhat.com>
Date: Nov 03 2014 12:23:04 +0000
Subject: update to 1.8.11p2


- added patch to fix upstream bug #671 -- exiting immediately
  when audit is disabled

---

diff --git a/.gitignore b/.gitignore
index 869dbfe..b8a25f7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,3 +13,4 @@ sudo-1.7.2p2-sudoers
 /sudo-1.8.8.tar.gz
 /sudo-1.8.8-sudoers
 /sudo-1.8.11.tar.gz
+/sudo-1.8.11p2.tar.gz
diff --git a/sources b/sources
index deff375..4762a29 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-9a642cf6aca5375f8569a2961f44d0f3  sudo-1.8.11.tar.gz
 775b863cdff3a2ee2a26c2d53b51aff5  sudo-1.8.8-sudoers
+84012b4871b6c775c957cd310d5bad87  sudo-1.8.11p2.tar.gz
diff --git a/sudo-1.8.11p2-auditfix.patch b/sudo-1.8.11p2-auditfix.patch
new file mode 100644
index 0000000..963ef4e
--- /dev/null
+++ b/sudo-1.8.11p2-auditfix.patch
@@ -0,0 +1,17 @@
+diff -up sudo-1.8.11p2/plugins/sudoers/linux_audit.c.auditfix sudo-1.8.11p2/plugins/sudoers/linux_audit.c
+--- sudo-1.8.11p2/plugins/sudoers/linux_audit.c.auditfix	2014-11-03 12:44:53.674230966 +0100
++++ sudo-1.8.11p2/plugins/sudoers/linux_audit.c	2014-11-03 12:45:13.407021599 +0100
+@@ -57,10 +57,10 @@ linux_audit_open(void)
+     au_fd = audit_open();
+     if (au_fd == -1) {
+ 	/* Kernel may not have audit support. */
+-	if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT) {
+-	    sudo_warn(U_("unable to open audit system"));
++	if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT)
+ 	    au_fd = AUDIT_NOT_CONFIGURED;
+-	}
++	else
++	    sudo_warn(U_("unable to open audit system"));
+     } else {
+ 	(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
+     }
diff --git a/sudo.spec b/sudo.spec
index 2da6fe3..f915365 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,6 +1,6 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.8.11
+Version: 1.8.11p2
 Release: 1%{?dist}
 License: ISC
 Group: Applications/System
@@ -28,6 +28,8 @@ BuildRequires: zlib-devel
 Patch1: sudo-1.6.7p5-strip.patch
 # Patch to read ldap.conf more closely to nss_ldap
 Patch2: sudo-1.8.11b4-ldapconfpatch.patch
+# Don't exit if audit is not supported by the kernel
+Patch3: sudo-1.8.11p2-auditfix.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -54,6 +56,7 @@ plugins that use %{name}.
 
 %patch1 -p1 -b .strip
 %patch2 -p1 -b .ldapconfpatch
+%patch3 -p1 -b .auditfix
 
 %build
 # Remove bundled copy of zlib
@@ -182,6 +185,11 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0644,root,root) %{_libexecdir}/sudo/*.la
 
 %changelog
+* Mon Nov  3 2014 Daniel Kopecek <dkopecek@redhat.com> - 1.8.11p2-1
+- update to 1.8.11p2
+- added patch to fix upstream bug #671 -- exiting immediately
+  when audit is disabled
+
 * Tue Sep 30 2014 Daniel Kopecek <dkopecek@redhat.com> - 1.8.11-1
 - update to 1.8.11
 - major changes & fixes: