diff --git a/sudo.spec b/sudo.spec
index 6e85c47ca14e7d72ad783113a6154a66d5ae9f5f..b028c49afd8eac4ab7c51bf26fd796743f6af6b0 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,5 +1,5 @@
-%define anolis_release 1
-Summary: Allows restricted root access for specified users
+%define anolis_release 2
+Summary: Grants restricted root access for specified users
 Name: sudo
 Version: 1.9.13p1
 Release: %{anolis_release}%{?dist}
@@ -9,126 +9,95 @@ Source0: https://www.sudo.ws/dist/%{name}-%{version}.tar.gz
 Source1: sudoers
 Requires: pam
 
-BuildRequires: make
-BuildRequires: pam-devel
-BuildRequires: groff
-BuildRequires: openldap-devel
-BuildRequires: flex
-BuildRequires: bison
-BuildRequires: libtool
-BuildRequires: audit-libs-devel
-BuildRequires: libcap-devel
-BuildRequires: libselinux-devel
-BuildRequires: sendmail
-BuildRequires: gettext
-BuildRequires: zlib-devel
+BuildRequires: make libtool
+BuildRequires: pam-devel audit-libs-devel openldap-devel libselinux-devel libcap-devel
+BuildRequires: flex bison groff sendmail gettext zlib-devel
 
 %description
-Sudo (superuser do) allows a system administrator to give certain
-users (or groups of users) the ability to run some (or all) commands
-as root while logging all commands and arguments. Sudo operates on a
-per-command basis.  It is not a replacement for the shell. Features
-include: the ability to restrict what commands a user may run on a
-per-host basis, copious logging of each command (providing a clear
-audit trail of who did what), a configurable timeout of the sudo
-command, and the ability to use the same configuration file (sudoers)
-on many different machines.
+Sudo (superuser do) enables a system administrator to grant specific users (or 
+groups of users) the capability to execute some (or all) commands as root while 
+logging all commands and arguments. Sudo operates on a per-command basis and 
+is not intended as a replacement for the shell. Features include: the ability 
+to limit which commands a user can execute on a per-host basis, extensive 
+logging of each command (providing an unambiguous audit trail of who executed 
+what), a configurable timeout for the sudo command, and the ability to use the 
+same configuration file (sudoers) across multiple machines.
 
 %package        devel
 Summary:        Development files for %{name}
 Requires:       %{name} = %{version}-%{release}
 
 %description    devel
-The %{name}-devel package contains header files developing sudo
-plugins that use %{name}.
-
+The %{name}-devel package contains header files for developing plugins that use %{name}.
 
 %package        logsrvd
 Summary:        High-performance log server for %{name}
 Requires:       %{name} = %{version}-%{release}
 BuildRequires:  pkgconfig(openssl) >= 1.0.1
 
-
 %description    logsrvd
 %{name}-logsrvd is a high-performance log server that accepts event and I/O logs from sudo.
-It can be used to implement centralized logging of sudo logs.
+User can implement centralized logging of sudo logs using this component.
 
 %package        python-plugin
 Summary:        Python plugin for %{name}
 Requires:       %{name} = %{version}-%{release}
 BuildRequires:  python3-devel
 
-
 %description    python-plugin
-%{name}-python-plugin allows using sudo plugins written in Python.
+%{name}-python-plugin enables using sudo plugins written in Python.
 
 %prep
 %setup -q -n %{name}-%{version}
 
 %build
-# Remove bundled copy of zlib
 rm -rf zlib/
-
-F_PIE=-fpie
-
-export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
-
+export CFLAGS="$RPM_OPT_FLAGS -fpie" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
 %configure \
         --prefix=%{_prefix} \
         --sbindir=%{_sbindir} \
         --libdir=%{_libdir} \
         --docdir=%{_pkgdocdir} \
-        --enable-openssl \
-        --disable-root-mailer \
-        --disable-intercept \
-        --with-logging=syslog \
-        --with-logfac=authpriv \
-        --with-pam \
-        --with-pam-login \
         --with-editor=%{_bindir}/vi \
-        --with-env-editor \
-        --with-ignore-dot \
         --with-tty-tickets \
-        --with-ldap \
-        --with-selinux \
+        --with-sssd \
+        --with-logfac=authpriv \
         --with-passprompt="[sudo] password for %p: " \
-        --enable-python \
+        --with-ignore-dot \
         --enable-zlib=system \
-        --with-linux-audit \
-        --with-sssd
-#       --without-kerb5 \
-#       --without-kerb4
+        --enable-python \
+        --with-ldap \
+        --with-logging=syslog \
+        --with-selinux \
+        --with-env-editor \
+        --disable-root-mailer \
+        --with-pam \
+        --with-pam-login \
+        --enable-openssl \
+        --disable-intercept \
+        --with-linux-audit 
 %make_build
 
 %check
 %make_build check
 
-%generate_compatibility_deps
-
 %install
 %make_install install_uid=`id -u` install_gid=`id -g` sudoers_uid=`id -u` sudoers_gid=`id -g`
 
 chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/*
-install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
-install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo/lectured
 install -p -d -m 750 $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.d
-install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sudoers
-#add sudo to protected packages
+install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo/lectured
+install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo
 install -p -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/dnf/protected.d/
+install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sudoers
 touch sudo.conf
 echo sudo > sudo.conf
 install -p -c -m 0644 sudo.conf $RPM_BUILD_ROOT%{_sysconfdir}/dnf/protected.d/
 rm -f sudo.conf
 
-chmod +x $RPM_BUILD_ROOT%{_libexecdir}/sudo/*.so # for stripping, reset in %%files
-
-# Don't package LICENSE as a doc
+chmod +x $RPM_BUILD_ROOT%{_libexecdir}/sudo/*.so
 rm -rf $RPM_BUILD_ROOT%{_pkgdocdir}/LICENSE
-
-# Remove examples; Examples can be found in man pages too.
 rm -rf $RPM_BUILD_ROOT%{_datadir}/examples/sudo
-
-# Remove sudoers.dist
 rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.dist
 
 %find_lang sudo
@@ -157,40 +126,42 @@ session    optional     pam_keyinit.so force revoke
 session    include      sudo
 EOF
 
+%generate_compatibility_deps
+
 %files -f sudo_all.lang
+%{_bindir}/sudoedit
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/dnf/protected.d/sudo.conf
 %attr(0440,root,root) %config(noreplace) %{_sysconfdir}/sudoers
-%attr(0750,root,root) %dir %{_sysconfdir}/sudoers.d/
+%attr(0755,root,root) %{_sbindir}/visudo
 %config(noreplace) %{_sysconfdir}/pam.d/sudo
 %config(noreplace) %{_sysconfdir}/pam.d/sudo-i
-%attr(0644,root,root) %{_tmpfilesdir}/sudo.conf
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/dnf/protected.d/sudo.conf
-%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/sudo.conf
-%dir /var/db/sudo
+%attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
+%attr(0644,root,root) %{_libexecdir}/sudo/sudo_noexec.so
+%dir %{_libexecdir}/sudo
 %dir /var/db/sudo/lectured
-%attr(4111,root,root) %{_bindir}/sudo
-%{_bindir}/sudoedit
 %attr(0111,root,root) %{_bindir}/sudoreplay
-%attr(0755,root,root) %{_sbindir}/visudo
-%{_bindir}/cvtsudoers
-%dir %{_libexecdir}/sudo
-%attr(0755,root,root) %{_libexecdir}/sudo/sesh
-%attr(0644,root,root) %{_libexecdir}/sudo/sudo_noexec.so
-%attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
-%attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so
 %attr(0644,root,root) %{_libexecdir}/sudo/group_file.so
+%attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
+%attr(0755,root,root) %{_libexecdir}/sudo/sesh
+%{_bindir}/cvtsudoers
+%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/sudo.conf
+%attr(4111,root,root) %{_bindir}/sudo
+%attr(0644,root,root) %{_tmpfilesdir}/sudo.conf
+%attr(0750,root,root) %dir %{_sysconfdir}/sudoers.d/
 %attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
-%attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
+%dir /var/db/sudo
+%attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so
 %{_libexecdir}/sudo/libsudo_util.so.?
 %{_libexecdir}/sudo/libsudo_util.so
+%{_mandir}/man8/sudo.8*
+%{_mandir}/man1/cvtsudoers.1*
 %{_mandir}/man5/sudoers.5*
-%{_mandir}/man5/sudoers.ldap.5*
+%{_mandir}/man8/visudo.8*
+%{_mandir}/man5/sudoers_timestamp.5*
 %{_mandir}/man5/sudo.conf.5*
-%{_mandir}/man8/sudo.8*
+%{_mandir}/man5/sudoers.ldap.5*
 %{_mandir}/man8/sudoedit.8*
 %{_mandir}/man8/sudoreplay.8*
-%{_mandir}/man8/visudo.8*
-%{_mandir}/man1/cvtsudoers.1*
-%{_mandir}/man5/sudoers_timestamp.5*
 %dir %{_pkgdocdir}/
 %{_pkgdocdir}/*
 %license LICENSE.md
@@ -208,12 +179,11 @@ EOF
 %{_mandir}/man5/sudo_plugin.5*
 
 %files logsrvd
-%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/sudo_logsrvd.conf
-%attr(0755,root,root) %{_sbindir}/sudo_logsrvd
 %attr(0755,root,root) %{_sbindir}/sudo_sendlog
-%{_mandir}/man5/sudo_logsrv.proto.5*
-%{_mandir}/man5/sudo_logsrvd.conf.5*
-%{_mandir}/man8/sudo_logsrvd.8*
+%attr(0755,root,root) %{_sbindir}/sudo_logsrvd
+%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/sudo_logsrvd.conf
+%{_mandir}/man5/sudo_logsrv*
+%{_mandir}/man8/sudo_logsrv*
 %{_mandir}/man8/sudo_sendlog.8*
 
 %files python-plugin
@@ -222,6 +192,9 @@ EOF
 %{abidir}/python_plugin.dump
 
 %changelog
+* Mon Apr 10 2023 Zhongling <zhonglingh@linux.alibaba.com> - 1.9.13p1-2
+- Refactor rpm spec
+
 * Sat Feb 18 2023 Funda Wang <fundawang@yeah.net> - 1.9.13p1-1
 - New version 1.9.13p1