!15 Bring source file into correspondence with described in spec file

From: @wang--ge 
Reviewed-by: @small_leek 
Signed-off-by: @small_leek

README

@@ -0,0 +1,120 @@
+Introduction:
+=============
+
+rootsh is a wrapper for a shell which will make a copy of everything printed
+on your terminal. Its main purpose is to give ordinary users a shell with
+root privileges while keeping an eye on what they type. This is accomplished
+by allowing them to execute rootsh via the sudo command. Unlike a simple
+"sudo -s" which is the usual way doing this, "sudo rootsh" will send their
+terminal keystrokes and output to a logfile and eventually to a remote 
+syslog server, where they are out of reach and safe from manipulation.
+
+
+Motivation:
+===========
+
+Sometimes users need to perform tasks on a system which are too complex
+to be expressed in sudo rules. Sometimes there is management pressure
+to give a user a root shell. Sometimes you're just tired arguing with
+users who insist in having root privileges.
+With rootsh you can give your users access to a root shell while auditing
+their actions. 
+
+
+Usage:
+======
+
+rootsh will be mainly used to give normal users the privilege of a
+shell running under uid 0. This will mostly be accomplished by calling
+it via the sudo command. 
+If, for example you have to grant user usr1234 local root privileges
+on his workstation ws0001, you make an entry in your /etc/sudoers like this:
+
+usr1234     ws0001      = /bin/rootsh
+
+He will then have to type the following to become root:
+
+usr1234@ws0001:~> sudo rootsh
+Password:
+ws0001:~ # id
+uid=0(root) gid=0(root) groups=0(root)
+ws0001:~ # 
+ws0001:~ # exit
+exit
+usr1234@ws0001:~>
+
+
+If you compiled rootsh with the default settings, the keystrokes and output
+will be sent line by line to the syslog daemon using priority local5.info
+To collect the output coming from running rootsh commands in a specific file
+make an entry in your /etc/syslog.conf like this:
+
+local5.notice   /var/log/rootshell
+
+or maybe like this:
+
+local5.notice   @your_central_syslog_host
+
+Wherever you send your syslog data to, the resulting output will be
+like this:
+
+Jul  2 17:44:19 ws0001 rootsh-020a: usr1234=root,/dev/pts/0: logging new rootsh session (rootsh-020a) to /var/log/rootsh/usr1234.20040702174419.020a
+Jul  2 17:44:21 ws0001 rootsh-020a: 001: ws0001:~ # id 
+Jul  2 17:44:21 ws0001 rootsh-020a: 002: uid=0(root) gid=0(root) groups=0(root)
+Jul  2 17:44:22 ws0001 rootsh-020a: 003: ws0001:~ #  
+Jul  2 17:46:03 ws0001 rootsh-020a: 004: ws0001:~ # exit 
+Jul  2 17:46:03 ws0001 rootsh-020a: 005: exit 
+Jul  2 17:46:03 ws0001 rootsh-020a: 006: *** rootsh session ended by user
+Jul  2 17:46:03 ws0001 rootsh-020a: usr1234,/dev/pts/0: closing rootsh session (rootsh-020a) 
+
+where the rootsh-020a is an identifier created from the program's name and
+a 4 digit hex number which is the pid of the rootsh process. It will prepend
+every line sent to syslog and will help you to find all the entries in
+a logfile belonging to a specific session. 
+(first find the "logging new..." line for the session you're interested in,
+take the identifier like rootsh-020a in the example and grep all occurences
+of it from your logfile. If rootsh is running on many machines, there 
+may be collisions if two rootsh processes have the same pid. 
+Add the hostname to grep's pattern in this case.
+You will also find the same output locally on the ws0001 host in a file
+called like this <caller's username>.<timestamp>.<process id>
+Depending on your operating system and configuration parameter --with-logdir=
+these files can be found in /var/log/rootsh, /var/adm/rootsh or your own choice.
+The counter after the session identifier can help you find holes if you
+are not sure wether logging was incomplete (either due to manipulation
+or network problems).
+Finished session's logfiles get ".closed" appended to their names. This 
+helps you cleaning and archiving your logdir.
+If the main process thinks, the logfile was manipulated during the session,
+it tries to recreate the file and ".tampered" instead of ".closed" is attached.
+
+There is a parameter "-i", which tells rootsh to run the shell as a login shell.
+
+You can use the parameter -u if you want to run the shell as another non-root user.
+
+Better look at the manpage at http://people.consol.de/~lausser/rootsh/rootsh.html
+
+
+
+How it works:
+=============
+
+rootsh works very much like the script utility. It forks and creates
+a master/slave pseudo terminal pair. The slave pseudo terminal will
+become the controlling terminal of the child process which will
+execute a shell command. The parent process waits for input from the
+user's terminal and sends it down the master pty. Every output including
+the echoed input will be written to a logfile and to the syslog daemon.
+
+
+Warning:
+========
+There may be methods to escape the auditing. The abuser might then delete
+his traces oder manipulate the logfiles.
+With (per default) activated syslog logging you have at least a chance
+to seek out suspicious traces of misbehaviour.
+
+
+MAINTAINER:
+luanjianhai@huawei.com
+

logrotate-rootsh.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+DEFAULT_PATH="/var/log/rootsh/"
+MaxSize=0
+GSize=0
+
+# Get Max Size in Configure File
+function getmaxsize() {
+    size=`grep size /etc/logrotate.d/rootsh | head -1 | awk '{print $2}'`
+
+    unit=${size: -1}
+    case $unit in
+       'G' | 'g')
+           size=${size:0:-1}
+           size=$(($size*1024*1024))
+           ;;
+       'M' | 'm')
+           size=${size:0:-1}
+           size=$(($size*1024))
+           ;;
+       'K' | 'k')
+           size=${size:0:-1}
+           ;;
+        [[:digit:]])
+           ;;
+        *)
+           size=102400
+           ;;
+    esac
+
+    MaxSize=$size
+}
+
+function getsize() {
+    GSize=`du -d 1 $1 | awk '{print $1}'`
+}
+
+function logrotate_dir() {
+    path=$1
+    size=$2
+
+    getsize ${DEFAULT_PATH}
+    while [ $GSize -gt $size ]; do
+
+        file=`ls -ltr ${DEFAULT_PATH} | awk '{if(NR>1){print $9}}' | head -1`
+
+        # Do not delete the whole directory
+        if [ -n "$file" -a $file != "logrotate" ]; then
+        rm -rf ${DEFAULT_PATH}/$file
+        else
+            break
+        fi
+
+        getsize ${DEFAULT_PATH}
+    done
+}
+
+function lastaction() {
+    # Get Max Size in Configure File
+    getmaxsize
+
+    # Rotate /var/log/rootsh/*
+    logrotate_dir ${DEFAULT_PATH} $MaxSize
+
+    # Move rotated file to the monitor file
+    if [ -f "/var/log/rootsh/logrotate.1" ]; then
+        rm -f /var/log/rootsh/logrotate.1
+    fi
+}
+
+if [ $# -eq 1 ]; then
+    if [ $1 == "lastaction" ]; then
+        lastaction
+    fi
+fi
+

rootsh-1.5.3-fix-help-doc-and-version.patch

@@ -0,0 +1,126 @@
+From 529ee7929bf0adb2cdd6024323e29f5e4e6f8305 Mon Sep 17 00:00:00 2001
+From: wk333 <13474090681@163.com>
+Date: Wed, 9 Mar 2022 17:51:25 +0800
+Subject: [PATCH 1/1] fix help doc and version
+
+---
+ configure    | 20 ++++++++++----------
+ configure.in |  2 +-
+ src/rootsh.c |  4 ++--
+ 3 files changed, 13 insertions(+), 13 deletions(-)
+
+diff --git a/configure b/configure
+index c8d671e..027ecb2 100755
+--- a/configure
++++ b/configure
+@@ -1,6 +1,6 @@
+ #! /bin/sh
+ # Guess values for system-dependent variables and create Makefiles.
+-# Generated by GNU Autoconf 2.59 for rootsh 1.5.2.
++# Generated by GNU Autoconf 2.59 for rootsh 1.5.3.
+ #
+ # Copyright (C) 2003 Free Software Foundation, Inc.
+ # This configure script is free software; the Free Software Foundation
+@@ -267,8 +267,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
+ # Identity of this package.
+ PACKAGE_NAME='rootsh'
+ PACKAGE_TARNAME='rootsh'
+-PACKAGE_VERSION='1.5.2'
+-PACKAGE_STRING='rootsh 1.5.2'
++PACKAGE_VERSION='1.5.3'
++PACKAGE_STRING='rootsh 1.5.3'
+ PACKAGE_BUGREPORT=''
+ 
+ ac_unique_file="src"
+@@ -778,7 +778,7 @@ if test "$ac_init_help" = "long"; then
+   # Omit some internal or obsolete options to make the list less imposing.
+   # This message is too long to be a string in the A/UX 3.1 sh.
+   cat <<_ACEOF
+-\`configure' configures rootsh 1.5.2 to adapt to many kinds of systems.
++\`configure' configures rootsh 1.5.3 to adapt to many kinds of systems.
+ 
+ Usage: $0 [OPTION]... [VAR=VALUE]...
+ 
+@@ -844,7 +844,7 @@ fi
+ 
+ if test -n "$ac_init_help"; then
+   case $ac_init_help in
+-     short | recursive ) echo "Configuration of rootsh 1.5.2:";;
++     short | recursive ) echo "Configuration of rootsh 1.5.3:";;
+    esac
+   cat <<\_ACEOF
+ 
+@@ -973,7 +973,7 @@ fi
+ test -n "$ac_init_help" && exit 0
+ if $ac_init_version; then
+   cat <<\_ACEOF
+-rootsh configure 1.5.2
++rootsh configure 1.5.3
+ generated by GNU Autoconf 2.59
+ 
+ Copyright (C) 2003 Free Software Foundation, Inc.
+@@ -987,7 +987,7 @@ cat >&5 <<_ACEOF
+ This file contains any messages produced by compilers while
+ running configure, to aid debugging if configure makes a mistake.
+ 
+-It was created by rootsh $as_me 1.5.2, which was
++It was created by rootsh $as_me 1.5.3, which was
+ generated by GNU Autoconf 2.59.  Invocation command line was
+ 
+   $ $0 $@
+@@ -1635,7 +1635,7 @@ fi
+ 
+ # Define the identity of the package.
+  PACKAGE='rootsh'
+- VERSION='1.5.2'
++ VERSION='1.5.3'
+ 
+ 
+ cat >>confdefs.h <<_ACEOF
+@@ -6616,7 +6616,7 @@ _ASBOX
+ } >&5
+ cat >&5 <<_CSEOF
+ 
+-This file was extended by rootsh $as_me 1.5.2, which was
++This file was extended by rootsh $as_me 1.5.3, which was
+ generated by GNU Autoconf 2.59.  Invocation command line was
+ 
+   CONFIG_FILES    = $CONFIG_FILES
+@@ -6682,7 +6682,7 @@ _ACEOF
+ 
+ cat >>$CONFIG_STATUS <<_ACEOF
+ ac_cs_version="\\
+-rootsh config.status 1.5.2
++rootsh config.status 1.5.3
+ configured by $0, generated by GNU Autoconf 2.59,
+   with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
+ 
+diff --git a/configure.in b/configure.in
+index a80d4ea..4df0f6d 100644
+--- a/configure.in
++++ b/configure.in
+@@ -1,5 +1,5 @@
+ dnl  ----- Start off like we always need to
+-AC_INIT([rootsh],[1.5.2])
++AC_INIT([rootsh],[1.5.3])
+ AC_CONFIG_SRCDIR(src)
+ dnl ---- AC_CONFIG_HEADER(src/config.h)
+ AC_CONFIG_HEADERS([src/config.h])
+diff --git a/src/rootsh.c b/src/rootsh.c
+index 9d6ffc7..71bf837 100644
+--- a/src/rootsh.c
++++ b/src/rootsh.c
+@@ -1517,8 +1517,8 @@ void version() {
+ 
+ void usage() {
+   printf("Usage: %s [OPTION [ARG]] ...\n"
+-    " -?, --help            show this help statement\n"
+-    " -i, --login           start a (initial) login shell\n"
++    " -h, --help            show this help statement\n"
++    " -i, --initial         start a (initial) login shell\n"
+     " -u, --user=username   run shell as a different user\n"
+     " -f, --logfile=file    name of your logfile (standalone only)\n"
+     " -d, --logdir=DIR      directory for your logfile (standalone only)\n"
+-- 
+2.27.0
+

rootsh-1.5.3-open-needs-3-args.patch

@@ -0,0 +1,12 @@
+diff -up rootsh-1.5.3/src/rootsh.c.BAD rootsh-1.5.3/src/rootsh.c
+--- rootsh-1.5.3/src/rootsh.c.BAD	2008-05-14 16:38:30.000000000 -0400
++++ rootsh-1.5.3/src/rootsh.c	2008-05-14 16:38:37.000000000 -0400
+@@ -680,7 +680,7 @@ int beginlogging(void) {
+     //  Open the logfile 
+     */
+     if ((logFile = open(logFileName, O_RDWR|O_CREAT|O_SYNC|O_CREAT|O_APPEND|
+-        S_IRUSR|S_IWUSR)) == -1) {
++        S_IRUSR|S_IWUSR, 0777)) == -1) {
+       perror(logFileName);
+       return(0);
+     }

rootsh-1.5.3_change_permissions.patch

@@ -0,0 +1,13 @@
+diff -Nur rootsh-1.5.3.orig/src/rootsh.c rootsh-1.5.3/src/rootsh.c
+--- rootsh-1.5.3.orig/src/rootsh.c  2017-11-11 19:18:16.638430603 +0800
++++ rootsh-1.5.3/src/rootsh.c   2017-11-11 19:19:24.547425868 +0800
+@@ -680,7 +680,7 @@
+     //  Open the logfile 
+     */
+     if ((logFile = open(logFileName, O_RDWR|O_CREAT|O_SYNC|O_CREAT|O_APPEND|
+-        S_IRUSR|S_IWUSR, 0777)) == -1) {
++        S_IRUSR|S_IWUSR, 0666)) == -1) {
+       perror(logFileName);
+       return(0);
+     }
+

rootsh.logrotate

@@ -0,0 +1,12 @@
+/var/log/rootsh/logrotate
+{
+    size 100M
+    daily
+    missingok
+    nocompress
+    lastaction
+        /bin/logrotate-rootsh.sh lastaction
+    endscript
+    create 0600 root root
+}
+

rootsh.spec

@@ -0,0 +1,93 @@
+Name:       rootsh
+Summary:    Shell wrapper for auditing
+Version:    1.5.3
+Release:    19
+License:    GPLv3+
+Source0:    https://github.com/jpschewe/rootsh/archive/v%{version}/%{name}-%{version}.tar.gz
+Source1:    rootsh.logrotate
+Source2:    logrotate-rootsh.sh
+Patch0:     rootsh-1.5.3-open-needs-3-args.patch
+Patch1:     rootsh-1.5.3_change_permissions.patch
+Patch2:     rootsh-1.5.3-fix-help-doc-and-version.patch
+URL:        http://sourceforge.net/projects/rootsh
+BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+Buildrequires:  gcc
+
+%description
+Rootsh is a wrapper for shells which logs all echoed keystrokes and 
+terminal output to a file and/or to syslog. Its main purpose is the 
+auditing of users who need a shell with root privileges. They start 
+rootsh through the sudo mechanism.
+
+%package_help
+
+%prep
+%autosetup -n %{name}-%{version} -p1
+
+%build
+%configure
+%make_build
+
+%install
+rm -rf $RPM_BUILD_ROOT
+%make_install
+mkdir -p $RPM_BUILD_ROOT/var/log/rootsh
+touch $RPM_BUILD_ROOT/var/log/rootsh/logrotate
+
+# Logrotate script
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
+install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/rootsh
+install -m 500 %{SOURCE2} $RPM_BUILD_ROOT%{_bindir}/logrotate-rootsh.sh
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(-,root,root)
+%doc README AUTHORS ChangeLog THANKS INSTALL COPYING
+%{_bindir}/rootsh
+%attr(500,root,root) %{_bindir}/logrotate-rootsh.sh
+%config(noreplace) %{_sysconfdir}/logrotate.d/rootsh
+/var/log/rootsh/
+
+%files help
+%{_mandir}/man1/rootsh.1.gz
+
+%changelog
+* Fri Mar 29 2024 Ge Wang <wang__ge@126.com> - 1.5.3-19
+- Rebuild for next release
+
+* Fri Mar 29 2024 Ge Wang <wang__ge@126.com> - 1.5.3-18
+- Bring source file into correspondence with described in spec file
+
+* Fri Mar 11 2022 wangkai <wangkai385@huawei.com> - 1.5.3-17
+- Fix help doc and version
+
+* Wed Jun 23 2021 yuanxin<yuanxin24@huawei.com> - 1.5.3-16
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:add buildrequires gcc
+
+* Wed Feb 12 2020 openEuler Buildteam <buildteam@openeuler.org> - 1.5.3-15
+- Package init
+
+* Wed Nov 29 2017 Jianhai Luan <luanjianhai@huawei.com> - 1.5.3-15.h6
+- Do not delete /var/log/rootsh/ and /varlog/rootsh/logrotate
+
+* Fri Nov 24 2017 Jiahai Luan <luanjianhai@huawei.com> - 1.5.3-14.h5
+- Modify the attribute of /bin/logrotate-rootsh.sh to 500
+
+* Fri Nov 24 2017 Jiahai Luan <luanjianhai@huawei.com> - 1.5.3-14.h4
+- Rotate /var/log/rootsh/* and limit the size of directory
+
+* Fri Nov 24 2017 Jiahai Luan <luanjianhai@huawei.com> - 1.5.3-14.h3
+- Add rootsh.back to avoid endless loop compress in logrotate
+
+* Fri Nov 24 2017 Jiahai Luan <luanjianhai@huawei.com> - 1.5.3-14.h2
+- Change rootsh log to meet the security code of Huawei
+
+* Thu Nov 2 2017 Jianhai Luan <luanjianhai@huawei.com> - 1.5.3-14.h1
+- Add the logrotate configure file to limit log size
+

rootsh.yaml

@@ -0,0 +1,4 @@
+version_control: git
+src_repo: https://git.code.sf.net/p/rootsh/code
+tag_prefix: ^v
+seperator: .