Version bump, and remove old ebuilds and patches.

(Portage version: 2.2_rc14/cvs/Linux 2.6.27-gentoo-r2 x86_64)
author: Diego Elio Pettenò <flameeyes@gentoo.org> 2008-11-13 01:46:09 +0000
committer: Diego Elio Pettenò <flameeyes@gentoo.org> 2008-11-13 01:46:09 +0000
commit: 8c8d62a02c2c58f926b6050b12a61d1beee4162b (patch)
tree: fe64b06b3e5f906756805af5c11959b9671275fa /app-admin
parent: Add the newest pre-release for libarchive, now supporting lzma. It comes with... (diff)
download: gentoo-2-8c8d62a02c2c58f926b6050b12a61d1beee4162b.tar.gz
gentoo-2-8c8d62a02c2c58f926b6050b12a61d1beee4162b.tar.bz2
gentoo-2-8c8d62a02c2c58f926b6050b12a61d1beee4162b.zip
5 files changed, 11 insertions, 290 deletions
diff --git a/app-admin/sudo/ChangeLog b/app-admin/sudo/ChangeLog
index c55a0ed4f643..3060196b1cec 100644
--- a/app-admin/sudo/ChangeLog
+++ b/app-admin/sudo/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for app-admin/sudo
 # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.142 2008/10/09 21:23:39 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.143 2008/11/13 01:46:09 flameeyes Exp $
+
+*sudo-1.7.0_rc5 (13 Nov 2008)
+
+  13 Nov 2008; Diego Pettenò <flameeyes@gentoo.org>
+  -files/sudo-1.6.8_p8-ldap-tls_cacert.diff,
+  -files/sudo-ldap_timelimit.diff, -sudo-1.6.8_p12-r1.ebuild,
+  -sudo-1.7.0_rc2.ebuild, +sudo-1.7.0_rc5.ebuild:
+  Version bump, and remove old ebuilds and patches.
 
   09 Oct 2008; Diego Pettenò <flameeyes@gentoo.org> sudo-1.7.0_rc2.ebuild:
   Add cyrus-sasl to dependencies (fixes bug #240618).
diff --git a/app-admin/sudo/files/sudo-1.6.8_p8-ldap-tls_cacert.diff b/app-admin/sudo/files/sudo-1.6.8_p8-ldap-tls_cacert.diff
deleted file mode 100644
index bb2570e86b5c..000000000000
--- a/app-admin/sudo/files/sudo-1.6.8_p8-ldap-tls_cacert.diff
+++ /dev/null
@@ -1,10 +0,0 @@
---- ldap.c.orig	2005-06-16 22:55:41.047152568 +0100
-+++ ldap.c	2005-06-16 22:56:49.707714576 +0100
-@@ -539,6 +539,7 @@
-     else MATCH_S("ssl",     ldap_conf.ssl)
-     else MATCH_B("tls_checkpeer",   ldap_conf.tls_checkpeer)
-     else MATCH_S("tls_cacertfile",  ldap_conf.tls_cacertfile)
-+    else MATCH_S("tls_cacert",      ldap_conf.tls_cacertfile)
-     else MATCH_S("tls_cacertdir",   ldap_conf.tls_cacertdir)
-     else MATCH_S("tls_randfile",    ldap_conf.tls_random_file)
-     else MATCH_S("tls_ciphers",     ldap_conf.tls_cipher_suite)
diff --git a/app-admin/sudo/files/sudo-ldap_timelimit.diff b/app-admin/sudo/files/sudo-ldap_timelimit.diff
deleted file mode 100644
index 2c13ba4ed4e6..000000000000
--- a/app-admin/sudo/files/sudo-ldap_timelimit.diff
+++ /dev/null
@@ -1,76 +0,0 @@
-diff -urN sudo-1.6.8p8/ldap.c sudo-1.6.8p8-patched/ldap.c
---- sudo-1.6.8p8/ldap.c	2004-12-01 03:28:46.000000000 +0000
-+++ sudo-1.6.8p8-patched/ldap.c	2005-06-22 08:14:59.000000000 +0000
-@@ -82,6 +82,8 @@
-   char *bindpw;
-   char *base;
-   char *ssl;
-+  int  bind_timelimit;
-+  int  timelimit;
-   int  tls_checkpeer;
-   char *tls_cacertfile;
-   char *tls_cacertdir;
-@@ -545,6 +547,8 @@
-     else MATCH_S("tls_cert",        ldap_conf.tls_certfile)
-     else MATCH_S("tls_key",         ldap_conf.tls_keyfile)
-     else MATCH_I("ldap_version", ldap_conf.version)
-+    else MATCH_I("bind_timelimit",  ldap_conf.bind_timelimit)
-+    else MATCH_I("timelimit",       ldap_conf.timelimit)
-     else MATCH_S("uri",     ldap_conf.uri)
-     else MATCH_S("binddn",  ldap_conf.binddn)
-     else MATCH_S("bindpw",  ldap_conf.bindpw)
-@@ -566,6 +570,8 @@
-   if (!ldap_conf.version) ldap_conf.version=3;
-   if (!ldap_conf.port) ldap_conf.port=389;
-   if (!ldap_conf.host) ldap_conf.host=estrdup("localhost");
-+  if (!ldap_conf.bind_timelimit) ldap_conf.bind_timelimit=30;
-+  if (!ldap_conf.timelimit) ldap_conf.timelimit=30;
- 
- 
-   if (ldap_conf.debug>1) {
-@@ -589,6 +595,10 @@
-                  ldap_conf.binddn : "(anonymous)");
-     printf("bindpw       %s\n", ldap_conf.bindpw ?
-                  ldap_conf.bindpw : "(anonymous)");
-+    printf("bind_timelimit  %d\n", ldap_conf.bind_timelimit ?
-+                 ldap_conf.bind_timelimit : 30);
-+    printf("timelimit    %d\n", ldap_conf.timelimit ?
-+                 ldap_conf.timelimit : 30);
- #ifdef HAVE_LDAP_START_TLS_S
-     printf("ssl          %s\n", ldap_conf.ssl ?
-                  ldap_conf.ssl    : "(no)");
-@@ -772,6 +782,34 @@
-   }
- #endif /* LDAP_OPT_X_TLS_REQUIRE_CERT */
- 
-+  /* setup timelimit options */
-+
-+SET_OPTI(LDAP_OPT_TIMELIMIT, "TIMELIMIT", timelimit);
-+
-+#ifdef LDAP_X_OPT_CONNECT_TIMEOUT
-+  int timeout;
-+  timeout = ldap_conf.bind_timelimit * 1000;
-+
-+  SET_OPTI(LDAP_X_OPT_CONNECT_TIMEOUT, "X_OPT_CONNECT_TIMEOUT", timeout);
-+#endif  
-+
-+#ifdef LDAP_OPT_NETWORK_TIMEOUT
-+  if (ldap_conf.debug>1) fprintf(stderr, "setting bind_timelimit to %d\n", \
-+      ldap_conf.bind_timelimit);
-+
-+  struct timeval tv;
-+
-+  tv.tv_sec = ldap_conf.bind_timelimit;
-+  tv.tv_usec = 0;
-+
-+  rc = ldap_set_option (ld, LDAP_OPT_NETWORK_TIMEOUT, &tv);
-+    
-+  if (rc != LDAP_OPT_SUCCESS) {
-+    fprintf(stderr, "bind_timelimit ldap_set_option failed: %s\n", ldap_err2string(rc));
-+    return VALIDATE_ERROR;
-+  }
-+#endif  
-+
-   /* attempt connect */
- #ifdef HAVE_LDAP_INITIALIZE
-   if (ldap_conf.uri) {
diff --git a/app-admin/sudo/sudo-1.6.8_p12-r1.ebuild b/app-admin/sudo/sudo-1.6.8_p12-r1.ebuild
deleted file mode 100644
index 93de7ebb0023..000000000000
--- a/app-admin/sudo/sudo-1.6.8_p12-r1.ebuild
+++ /dev/null
@@ -1,201 +0,0 @@
-# Copyright 1999-2008 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.6.8_p12-r1.ebuild,v 1.19 2008/05/11 13:13:11 ulm Exp $
-
-inherit eutils pam
-
-# TODO: Fix support for krb4 and krb5
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="http://www.sudo.ws/"
-SRC_URI="ftp://ftp.sudo.ws/pub/sudo/${P/_/}.tar.gz"
-LICENSE="Sudo"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd"
-IUSE="pam skey offensive ldap selinux"
-
-DEPEND="pam? ( || ( virtual/pam sys-libs/pam ) )
-	ldap? ( >=net-nds/openldap-2.1.30-r1 )
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	virtual/editor
-	virtual/mta"
-RDEPEND="selinux? ( sec-policy/selinux-sudo )
-	ldap? ( dev-lang/perl )
-	${DEPEND}"
-DEPEND="${RDEPEND} sys-devel/bison"
-
-S=${WORKDIR}/${P/_/}
-
-src_unpack() {
-	unpack ${A}; cd "${S}"
-
-	# ldap failover patch
-	epatch "${FILESDIR}"/${PN}-ldap_timelimit.diff
-
-	# compatability fix.
-	epatch "${FILESDIR}"/${PN}-skeychallengeargs.diff
-
-	# make tls_cacert synonymous with tls_cacertfile.
-	epatch "${FILESDIR}"/${PN}-1.6.8_p8-ldap-tls_cacert.diff
-
-	# additional variables to disallow, should user disable env_reset.
-
-	# NOTE: this is not a supported mode of operation, these variables
-	#       are added to the blacklist as a convenience to administrators
-	#       who fail to heed the warnings of allowing untrusted users
-	#       to access sudo.
-	#
-	#       there is *no possible way* to foresee all attack vectors in
-	#       all possible applications that could potentially be used via
-	#       sudo, these settings will just delay the inevitable.
-	#
-	#       that said, I will accept suggestions for variables that can
-	#       be misused in _common_ interpreters or libraries, such as
-	#       perl, bash, python, ruby, etc., in the hope of dissuading
-	#       a casual attacker.
-
-	# XXX: perl should be using suid_perl.
-	# XXX: users can remove/add more via env_delete and env_check.
-	# XXX: <?> = probably safe enough for most circumstances.
-
-	einfo "Blacklisting common variables (env_delete)..."
-		sudo_bad_var 'PERLIO_DEBUG'   # perl, write debug to file.
-		sudo_bad_var 'FPATH'          # ksh, search path for functions.
-		sudo_bad_var 'NULLCMD'        # zsh, command on null-redir. <?>
-		sudo_bad_var 'READNULLCMD'    # zsh, command on null-redir. <?>
-#		sudo_bad_var 'TMPPREFIX'      # zsh, prefix for tmp files. <?>
-		sudo_bad_var 'GLOBIGNORE'     # bash, glob paterns to ignore. <?>
-		sudo_bad_var 'PYTHONHOME'     # python, module search path.
-		sudo_bad_var 'PYTHONPATH'     # python, search path.
-		sudo_bad_var 'PYTHONINSPECT'  # python, allow inspection.
-		sudo_bad_var 'RUBYLIB'        # ruby, lib load path.
-		sudo_bad_var 'RUBYOPT'        # ruby, cl options.
-#		sudo_bad_var 'RUBYPATH'       # ruby, script search path. <?>
-		sudo_bad_var 'ZDOTDIR'        # zsh, path to search for dotfiles.
-	einfo "...done."
-
-	# prevent binaries from being stripped.
-	sed -i 's/\($(INSTALL).*\) -s \(.*[(sudo|visudo)]\)/\1 \2/g' Makefile.in
-
-	# remove useless c++ checks
-	epunt_cxx
-}
-
-src_compile() {
-	local line ROOTPATH
-
-	# FIXME: secure_path is a compile time setting. using ROOTPATH
-	# is not perfect, env-update may invalidate this, but until it
-	# is available as a sudoers setting this will have to do.
-	einfo "Setting secure_path..."
-
-		# why not use grep? variable might be expanded from other variables
-		# declared in that file. cannot just source the file, would override
-		# any variables already set.
-		eval `PS4= bash -x /etc/profile.env 2>&1 | \
-			while read line; do
-				case $line in
-					ROOTPATH=*) echo $line; break;;
-					*) continue;;
-				esac
-			done`  && einfo "	Found ROOTPATH..." || \
-				ewarn "	Failed to find ROOTPATH, please report this."
-
-		# remove any duplicate entries
-		ROOTPATH=$(cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}})
-
-		# strip gcc path (bug #136027)
-		rmpath ROOTPATH '*/gcc-bin/*'
-
-	einfo "...done."
-
-	# XXX: --disable-path-info closes an info leak, but may be confusing.
-	# XXX: /bin/vi may not be available, make nano visudo's default.
-	econf --with-secure-path="${ROOTPATH}" \
-		--with-editor=/bin/nano \
-		--with-env-editor \
-		$(use_with offensive insults) \
-		$(use_with offensive all-insults) \
-		$(use_with pam) \
-		$(use_with skey) \
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
-		$(use_with ldap) || die
-
-	emake || die
-}
-
-src_install() {
-	einstall || die
-	dodoc BUGS CHANGES HISTORY PORTING README RUNSON TODO \
-		TROUBLESHOOTING UPGRADE sample.*
-
-	if use ldap; then
-		dodoc README.LDAP
-		dosbin sudoers2ldif
-
-		printf "# See ldap.conf(5) and README.LDAP for details\n" 					> "${T}"/ldap.conf.sudo
-		printf "# This file should only be readable by root\n\n" 					>> "${T}"/ldap.conf.sudo
-		printf "# supported directives: host, port, ssl, ldap_version\n" 			>> "${T}"/ldap.conf.sudo
-		printf "# uri, binddn, bindpw, sudoers_base, sudoers_debug\n" 				>> "${T}"/ldap.conf.sudo
-		printf "# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}\n"	>> "${T}"/ldap.conf.sudo
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-	fi
-
-	if has_version virtual/pam; then
-		pamd_mimic system-auth sudo auth account password session
-	else
-		dopamd "${FILESDIR}"/sudo
-	fi
-
-	insinto /etc
-	doins "${FILESDIR}"/sudoers
-	fperms 0440 /etc/sudoers
-}
-
-# remove duplicate path entries from $1
-cleanpath() {
-	local i=1 x n IFS=:
-	local -a paths;	paths=($1)
-
-	for ((n=${#paths[*]}-1;i<=n;i++)); do
-		for ((x=0;x<i;x++)); do
-			test "${paths[i]}" == "${paths[x]}" && {
-				einfo "	Duplicate entry ${paths[i]} removed..." 1>&2
-				unset paths[i]; continue 2; }
-		done; # einfo "	Adding ${paths[i]}..." 1>&2
-	done; echo "${paths[*]}"
-}
-
-# add $1 to default env_delete list.
-sudo_bad_var() {
-	local target='env.c' marker='\*initial_badenv_table\[\]'
-
-	ebegin "	$1"
-		sed -i 's#\(^.*'${marker}'.*$\)#\1\n\t"'${1}'",#' "${S}"/${target}
-	eend $?
-}
-
-rmpath() {
-	declare e newpath oldpath=${!1} PATHvar=$1 thisp IFS=:
-	shift
-	for thisp in $oldpath; do
-		for e; do [[ $thisp == $e ]] && continue 2; done
-		newpath=$newpath:$thisp
-	done
-	eval $PATHvar='${newpath#:}'
-}
-
-pkg_postinst() {
-	use skey && use pam && {
-		ewarn "sudo will not use skey authentication when compiled with"
-		ewarn "pam support."
-		ewarn "To allow users to authenticate with one time passwords,"
-		ewarn "you should unset the pam USE flag for sudo."
-	}
-	use ldap && {
-		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
-	}
-}
diff --git a/app-admin/sudo/sudo-1.7.0_rc2.ebuild b/app-admin/sudo/sudo-1.7.0_rc5.ebuild
index 444de1a23331..6091cc992eb0 100644
--- a/app-admin/sudo/sudo-1.7.0_rc2.ebuild
+++ b/app-admin/sudo/sudo-1.7.0_rc5.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.7.0_rc2.ebuild,v 1.2 2008/10/09 21:23:39 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.7.0_rc5.ebuild,v 1.1 2008/11/13 01:46:09 flameeyes Exp $
 
 inherit eutils pam confutils
 
@@ -168,7 +168,7 @@ src_compile() {
 src_install() {
 	emake -j1 DESTDIR="${D}" install || die
 	dodoc ChangeLog HISTORY PORTING README TROUBLESHOOTING \
-		UPGRADE sample.sudoers sample.syslog.conf
+		UPGRADE WHATSNEW sample.sudoers sample.syslog.conf
 
 	if use ldap; then
 		dodoc README.LDAP schema.OpenLDAP
author	Diego Elio Pettenò <flameeyes@gentoo.org>	2008-11-13 01:46:09 +0000
committer	Diego Elio Pettenò <flameeyes@gentoo.org>	2008-11-13 01:46:09 +0000
commit	8c8d62a02c2c58f926b6050b12a61d1beee4162b (patch)
tree	fe64b06b3e5f906756805af5c11959b9671275fa /app-admin
parent	Add the newest pre-release for libarchive, now supporting lzma. It comes with... (diff)
download	gentoo-2-8c8d62a02c2c58f926b6050b12a61d1beee4162b.tar.gz gentoo-2-8c8d62a02c2c58f926b6050b12a61d1beee4162b.tar.bz2 gentoo-2-8c8d62a02c2c58f926b6050b12a61d1beee4162b.zip