summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiego Elio Pettenò <flameeyes@gentoo.org>2011-08-18 15:58:35 +0000
committerDiego Elio Pettenò <flameeyes@gentoo.org>2011-08-18 15:58:35 +0000
commitd573beec0ef3589208aa8116969ece4136817706 (patch)
tree66063d604b40c00924ef67461831d46c46dcba0f /app-admin/sudo
parentFix Manifest (diff)
downloadgentoo-2-d573beec0ef3589208aa8116969ece4136817706.tar.gz
gentoo-2-d573beec0ef3589208aa8116969ece4136817706.tar.bz2
gentoo-2-d573beec0ef3589208aa8116969ece4136817706.zip
Version bump, and remove old.
(Portage version: 2.2.0_alpha51/cvs/Linux x86_64)
Diffstat (limited to 'app-admin/sudo')
-rw-r--r--app-admin/sudo/ChangeLog8
-rw-r--r--app-admin/sudo/sudo-1.8.2.ebuild (renamed from app-admin/sudo/sudo-1.7.4_p4.ebuild)103
2 files changed, 29 insertions, 82 deletions
diff --git a/app-admin/sudo/ChangeLog b/app-admin/sudo/ChangeLog
index ec183bb7c642..971f61004dc7 100644
--- a/app-admin/sudo/ChangeLog
+++ b/app-admin/sudo/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for app-admin/sudo
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.271 2011/08/11 10:58:35 ulm Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.272 2011/08/18 15:58:35 flameeyes Exp $
+
+*sudo-1.8.2 (18 Aug 2011)
+
+ 18 Aug 2011; Diego E. Pettenò <flameeyes@gentoo.org> -sudo-1.7.4_p4.ebuild,
+ +sudo-1.8.2.ebuild:
+ Version bump, and remove old.
11 Aug 2011; Ulrich Mueller <ulm@gentoo.org> sudo-1.7.4_p4.ebuild,
sudo-1.7.4_p5.ebuild, sudo-1.8.1_p2.ebuild:
diff --git a/app-admin/sudo/sudo-1.7.4_p4.ebuild b/app-admin/sudo/sudo-1.8.2.ebuild
index 2f2c3deeb1fe..0e443277a847 100644
--- a/app-admin/sudo/sudo-1.7.4_p4.ebuild
+++ b/app-admin/sudo/sudo-1.8.2.ebuild
@@ -1,8 +1,10 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.7.4_p4.ebuild,v 1.7 2011/08/11 10:58:35 ulm Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.2.ebuild,v 1.1 2011/08/18 15:58:35 flameeyes Exp $
-inherit eutils pam
+EAPI=4
+
+inherit eutils pam multilib libtool
MY_P=${P/_/}
MY_P=${MY_P/beta/b}
@@ -26,16 +28,15 @@ SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
LICENSE="as-is BSD"
SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ~ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
-IUSE="pam skey offensive ldap selinux"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
+IUSE="pam offensive ldap selinux skey"
DEPEND="pam? ( virtual/pam )
ldap? (
>=net-nds/openldap-2.1.30-r1
dev-libs/cyrus-sasl
)
- !pam? ( skey? ( >=sys-auth/skey-1.1.5-r1 ) )
- app-misc/editor-wrapper
+ >=app-misc/editor-wrapper-3
virtual/editor
virtual/mta"
RDEPEND="selinux? ( sec-policy/selinux-sudo )
@@ -47,66 +48,15 @@ DEPEND="${DEPEND}
S=${WORKDIR}/${MY_P}
-pkg_setup() {
- if use pam && use skey; then
- ewarn "You cannot enable both S/KEY and PAM at the same time, PAM will"
- ewarn "be used then."
- fi
-}
-
-src_unpack() {
- unpack ${A}; cd "${S}"
-
- # compatability fix.
- epatch "${FILESDIR}"/${PN}-skeychallengeargs.diff
-
- # additional variables to disallow, should user disable env_reset.
-
- # NOTE: this is not a supported mode of operation, these variables
- # are added to the blacklist as a convenience to administrators
- # who fail to heed the warnings of allowing untrusted users
- # to access sudo.
- #
- # there is *no possible way* to foresee all attack vectors in
- # all possible applications that could potentially be used via
- # sudo, these settings will just delay the inevitable.
- #
- # that said, I will accept suggestions for variables that can
- # be misused in _common_ interpreters or libraries, such as
- # perl, bash, python, ruby, etc., in the hope of dissuading
- # a casual attacker.
-
- # XXX: perl should be using suid_perl.
- # XXX: users can remove/add more via env_delete and env_check.
- # XXX: <?> = probably safe enough for most circumstances.
-
- einfo "Blacklisting common variables (env_delete)..."
- sudo_bad_var() {
- local target='env.c' marker='\*initial_badenv_table\[\]'
-
- ebegin " $1"
- sed -i 's#\(^.*'${marker}'.*$\)#\1\n\t"'${1}'",#' "${S}"/${target}
- eend $?
- }
+REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
- sudo_bad_var 'PERLIO_DEBUG' # perl, write debug to file.
- sudo_bad_var 'FPATH' # ksh, search path for functions.
- sudo_bad_var 'NULLCMD' # zsh, command on null-redir. <?>
- sudo_bad_var 'READNULLCMD' # zsh, command on null-redir. <?>
- sudo_bad_var 'GLOBIGNORE' # bash, glob paterns to ignore. <?>
- sudo_bad_var 'PYTHONHOME' # python, module search path.
- sudo_bad_var 'PYTHONPATH' # python, search path.
- sudo_bad_var 'PYTHONINSPECT' # python, allow inspection.
- sudo_bad_var 'RUBYLIB' # ruby, lib load path.
- sudo_bad_var 'RUBYOPT' # ruby, cl options.
- sudo_bad_var 'ZDOTDIR' # zsh, path to search for dotfiles.
- einfo "...done."
+MAKEOPTS="${MAKEOPTS} SAMPLES="
- # prevent binaries from being stripped.
- sed -i 's/\($(INSTALL).*\) -s \(.*[(sudo|visudo)]\)/\1 \2/g' Makefile.in
+src_prepare() {
+ elibtoolize
}
-src_compile() {
+src_configure() {
local line ROOTPATH
# FIXME: secure_path is a compile time setting. using ROOTPATH
@@ -154,40 +104,35 @@ src_compile() {
}
rmpath ROOTPATH '*/gcc-bin/*'
+ rmpath ROOTPATH '*/gnat-gcc-bin/*'
+ rmpath ROOTPATH '*/gnat-gcc/*'
einfo "...done."
- if use pam; then
- myconf="--with-pam --without-skey"
- elif use skey; then
- myconf="--without-pam --with-skey"
- else
- myconf="--without-pam --without-skey"
- fi
-
# audit: somebody got to explain me how I can test this before I
# enable it.. — Diego
econf --with-secure-path="${ROOTPATH}" \
- --with-editor=/usr/libexec/gentoo-editor \
+ --with-editor=/usr/libexec/editor \
--with-env-editor \
$(use_with offensive insults) \
$(use_with offensive all-insults) \
$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
$(use_with ldap) \
+ $(use_with pam) \
+ $(use_with skey) \
+ --without-opie \
--without-linux-audit \
--with-timedir=/var/db/sudo \
- --docdir=/usr/share/doc/${PF} \
- ${myconf}
-
- emake || die
+ --with-plugindir=/usr/$(get_libdir)/sudo \
+ --docdir=/usr/share/doc/${PF}
}
src_install() {
emake DESTDIR="${D}" install || die
if use ldap; then
- dodoc README.LDAP schema.OpenLDAP
- dosbin sudoers2ldif
+ dodoc README.LDAP doc/schema.OpenLDAP
+ dosbin plugins/sudoers/sudoers2ldif
cat - > "${T}"/ldap.conf.sudo <<EOF
# See ldap.conf(5) and README.LDAP for details\n"
@@ -204,10 +149,6 @@ EOF
pamd_mimic system-auth sudo auth account session
- insinto /etc
- doins "${S}"/sudoers
- fperms 0440 /etc/sudoers
-
keepdir /var/db/sudo
fperms 0700 /var/db/sudo
}