diff options
author | Tony Vroon <chainsaw@gentoo.org> | 2013-10-10 18:50:02 +0000 |
---|---|---|
committer | Tony Vroon <chainsaw@gentoo.org> | 2013-10-10 18:50:02 +0000 |
commit | f3c2cdd6168a8a161df7e67842b66649ca105524 (patch) | |
tree | 705572cd4a6ca840858de17dbc93bccd05196c77 /app-admin/sudo | |
parent | Adapt elog messages to systemd (diff) | |
download | historical-f3c2cdd6168a8a161df7e67842b66649ca105524.tar.gz historical-f3c2cdd6168a8a161df7e67842b66649ca105524.tar.bz2 historical-f3c2cdd6168a8a161df7e67842b66649ca105524.zip |
Version bump, as requested by "teidakankan" & "Ulenrich" in bug #481392. Now produces useful error messages if there is an error in the configuration file. Line continuation with backslashes is now supported. Improved HP-UX & Solaris support. No longer assumes BSD group semantics.
Package-Manager: portage-2.2.0/cvs/Linux x86_64
Manifest-Sign-Key: 0xB5058F9A
Diffstat (limited to 'app-admin/sudo')
-rw-r--r-- | app-admin/sudo/ChangeLog | 10 | ||||
-rw-r--r-- | app-admin/sudo/Manifest | 22 | ||||
-rw-r--r-- | app-admin/sudo/sudo-1.8.8.ebuild | 191 |
3 files changed, 207 insertions, 16 deletions
diff --git a/app-admin/sudo/ChangeLog b/app-admin/sudo/ChangeLog index 05a59a37c4d4..a43e467f98e0 100644 --- a/app-admin/sudo/ChangeLog +++ b/app-admin/sudo/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-admin/sudo # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.356 2013/06/05 00:06:21 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.357 2013/10/10 18:49:58 chainsaw Exp $ + +*sudo-1.8.8 (10 Oct 2013) + + 10 Oct 2013; Tony Vroon <chainsaw@gentoo.org> +sudo-1.8.8.ebuild: + Version bump, as requested by "teidakankan" & "Ulenrich" in bug #481392. Now + produces useful error messages if there is an error in the configuration + file. Line continuation with backslashes is now supported. Improved HP-UX & + Solaris support. No longer assumes BSD group semantics. 05 Jun 2013; Mike Frysinger <vapier@gentoo.org> metadata.xml: Add upstream CPE tag (security info) from ChromiumOS. diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest index 41a38653c002..5259ce0b65b6 100644 --- a/app-admin/sudo/Manifest +++ b/app-admin/sudo/Manifest @@ -4,25 +4,17 @@ Hash: SHA256 DIST sudo-1.8.5p2.tar.gz 1746344 SHA256 c32ae2bc3faf83444c82ca75ccb10ad3684d8222e3535f164c4a4db7cdddf8cf SHA512 616967eea79f91cda2b0cd1d13ed453d20142521ecfca289432bdf5708ac0549c7873fd80170cc0481390e82f1e60fb0bffcfc7c6b70d5d721aa98d23361c5cb WHIRLPOOL ac0d2c040935c54947571a0d4671be70aaaf7a6f69cb097acd321718656d4c569b0db4191eaf943c6b642a1d641263429287241a236a0f2a0c9edf973710bf8b DIST sudo-1.8.6p7.tar.gz 1858348 SHA256 301089edb22356f59d097f6abbe1303f03927a38691b02959d618546c2125036 SHA512 732bcbd53b77d329bbc77d3cd3644a595e938433053122fe3098385c0ad3a6a9cf4f4ab8709c7a79cad51dba77ffaa1be9ffde8e8834d3798822a1bd5b518d42 WHIRLPOOL 875984b44b571dc3765aab5ad8bd8859d0cd680e7da453109b5bee45aac336e3d0c05e1133ce0101a6dd2b9f19a26454d3e0b11c0edf32034f9fae04d3dfbb4d DIST sudo-1.8.6p8.tar.gz 1858612 SHA256 c0baaa87f59153967b650a0dde2f7d4147d358fa15f3fdabb47e84d0282fe625 SHA512 9c9d297e8cba4ae74a1358b23da15beea4649684afa09b3c3486bd25454008b4c7cd543266f8abc22aac48a56912d7174ccfc137a69670e737d6c9939708cb80 WHIRLPOOL f19c882a2b3de4f41ee97b1f26ebe284782c82500dfc2f86edd262b3ec9f10a2fb3c8b20f26cd1587910677b169ed0260a9672db4dc7b1ea8d5d817235f6197c +DIST sudo-1.8.8.tar.gz 2117145 SHA256 9f911c1e9297fb8006deb52fa81197a8d06b9d54e70672f723c467ecae992fc9 SHA512 e56ea849c2e6470a3d97fc76bde6af145938cf2df4d17f3faef00368262d8e2dd5bcc7e3adf490e853e23466b15638000a527156bd694ce4980003d751c896d5 WHIRLPOOL 74fad850b4f370775f3c5611235b7f20837267f599ace4350f6498ce21cf12e94c1efb98017656106305398496c2f1ff992700fe5fbde4fcf47ca5210cddfdc6 EBUILD sudo-1.8.5_p2.ebuild 5464 SHA256 5a647b0c4a2949e476277ead580f6a42747f7778b282dd1e034a2c010c784a9e SHA512 34cc788ee019ccaf8e2f74dbae5e668d8fb94dab066bea49f3a37f31210a66c9327686e5c5f44a966321f26e3ccc5e2aa47fdb46b35285e96f266eafbddbc741 WHIRLPOOL 532a4151b0acbec600552cca4b18b54afba14a48e91640dd85642c4571e993e1a8eb20e03e83ef3f901a8f6eb6c63c2a5aec7650020e5e58f0d7911790d419f5 EBUILD sudo-1.8.6_p7.ebuild 5464 SHA256 4f58dcb19ec413e99144a4806d5d7d68c5f9e3bbc4d8b0d77efb8df8dd147e57 SHA512 ed1575681e3e84d42d97f4465af3c3f33fa82d645d49a2219047728b22d0d7cbfb7c4e8a34ffce55da18ce67db84d6e40907c571231fa16acdef18bfa41cabc4 WHIRLPOOL a74177a5effbe3379a7da469f6cdaf5bd0263b777cbdecf8c02bf9956bc4cce3de35a2727f0e275f76ba94b1f0fff738d04d5102b83ac739bb99db624d919a1b EBUILD sudo-1.8.6_p8.ebuild 5474 SHA256 9a8b19e57ca0ed59d0b371352842c6539c714b8c163c97f81fbcf2f2d227cd9a SHA512 730229e13bb4b3591ab6a0a0ba3a9090d47b8cb3d425b4472ef33ca845b3522771443568fcf05f83b9cd7e465d8566a1e569de11ca0427693a74c9438118fbaf WHIRLPOOL ff4756e3505a293bbc67ae2933414b3c42b0cb5006bded4e280d97487f593cc288dddaa1b196137bebc03f97c928528226d52f06f170304dba3b868b0a8ef291 -MISC ChangeLog 51391 SHA256 b6cb3187985eee42b747cdf3afa38ef4f9d5a7402b3d083380f9402dabea3b42 SHA512 d25f7ff61e4d964639586efb95d9b66c8eabe86c4a5aa774939d293da34a161dbb9e42ffd52e9167c53795e2b2305fbdc72c9b578255bf0d07c8d855edf99e61 WHIRLPOOL c4344f741bd337657888090109ad3a1dfe793dc035e7cebc9953088f6111b9e63e5418abeed92450f49e480dce64db0e9de01b8e5775e495215567b9f4841b94 +EBUILD sudo-1.8.8.ebuild 5474 SHA256 597d3cfa588d3e47d07be11cd2aa6df137951167c27043ce5ac06f710f49fdaf SHA512 223c0b1caf6797242a0db709eef46a5951959ed83aaeb25624c47ca39b76d2922ea79e8b8b1204195ad6bf7ec1ab4985770552d26be2a57728767ece2ce9bd43 WHIRLPOOL 7dad9dfaaf610212bbc5c1d6f133f1761885757df32cc3bb1166a29910a68089281c84b256d2b61bf3bf150e3bd458081f7039ff697a9b20bc5e86d36d8c1309 +MISC ChangeLog 51779 SHA256 d7ec0e5184dd14c069fcbb0b06c701e29a6e977973d24c6201f30c2a465efa57 SHA512 c0c6a3b61873463cfe068429d4d35c5dbb5323c9353a55d2ea947d18e7a96a3e269985f630d6d953a6c227812d6bfb5777e67e103603466e7ea22879f8ddbd8f WHIRLPOOL bc553c84c36c1436b7dfcdec1813fe1b136ba1b79a5118ad2e15b0a5a1db472d515d14944d8339984c9aefb5e9ad48af1512969e3576006bb4235c29546dc225 MISC metadata.xml 726 SHA256 242e8a573d76b2163a928259e5226fff2c237b3e9c244860a1430fa79c5b390e SHA512 d0a7e5f53ec823d84e3c38c2bd64ba566d7cbd08c12ebf3e9b9fed10b77ce2e3e951e262f1a307aa8f0819a662559ca6f9bcf86cf05088480413e4534ce299d3 WHIRLPOOL b919b1825e68eb3285523f057fc42b5fde9e59a738ecdb1de0835af827db6284fc66848a10517a215389c4466f21b70e376f3fffc993aa338e47fca971d0af83 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) +Version: GnuPG v2.0.20 (GNU/Linux) -iQIcBAEBCAAGBQJRroEDAAoJELEHsLL7fEFWBBIQALeoyrm7KDdfFcmNv2Qpc9Go -FYYTHS1oIyJg7PzuQIkNm9u/GS3MpMFW6zPCEmeiJS4ISk/GhfwuMyICSvqBQWGh -2x+27xsMoQBcWDfU7wApgI0id3APjDYW7iUJXqJL0k1EhwoktKjpsEACmXVvGWDq -tStAchyOvz8kGgqbWZX61hNaXsl52p3sKetHJzSvyZi7mTWbrdomuBz9tzvxexqj -H12WC7ZfcSkyZPL32n1buh1/JZk9MDWOGTJt53NDYf6uJ92nDuN7PhwRrGsNoGJG -QQrGqAv8O+746qBbDkWqw3baVVct09U+CXo/sLVwdkA/dKkL8KjepCp3njW0IEnJ -JQxrtotU/pIBSvTxSm1m/Njb1hqmTDqTFP5u8SmTY5kAYgJ2DG8xrIb0cI+RCAh8 -6hhwpqWmzvK4gjlow2V0uulpV0PxSEzF6zrVBxHIa/kxlrk/FkCyzs3swiQJ3elI -9H1fguQH25C3rv9YvQBS1HuOsRgiAX+pqX7zzdkeyPokX8E2X771rWFphw7ObZTb -nMmRIvhrX1uJ+XpNEvB6SnPG7JtSeIic95/g5TtSlGs7BOl639ZmZ8lQmFcohY1P -nE2d9ybO3BJqi06lD8dpZ07dr9PK3CS9F0lRgXHmoHS4Sbs40x/O/Zib3AR7Y9RK -Q5Ke77QvcFfmYT1lOfBc -=DCj1 +iEYEAREIAAYFAlJW99AACgkQp5vW4rUFj5qOTgCgp7xTsQUeutJWX3PTPKTaVmgd +b5IAn1D/sArOGcpIMSzx/GLLrTmmqE2c +=P6rQ -----END PGP SIGNATURE----- diff --git a/app-admin/sudo/sudo-1.8.8.ebuild b/app-admin/sudo/sudo-1.8.8.ebuild new file mode 100644 index 000000000000..e4f42bd85811 --- /dev/null +++ b/app-admin/sudo/sudo-1.8.8.ebuild @@ -0,0 +1,191 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.8.ebuild,v 1.1 2013/10/10 18:49:58 chainsaw Exp $ + +EAPI=5 + +inherit eutils pam multilib libtool + +MY_P=${P/_/} +MY_P=${MY_P/beta/b} + +uri_prefix= +case ${P} in +*_beta*|*_rc*) uri_prefix=beta/ ;; +esac + +DESCRIPTION="Allows users or groups to run commands as other users" +HOMEPAGE="http://www.sudo.ws/" +SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz + ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz" + +# Basic license is ISC-style as-is, some files are released under +# 3-clause BSD license +LICENSE="ISC BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris" +IUSE="ldap nls pam offensive selinux skey +sendmail" + +DEPEND="pam? ( virtual/pam ) + skey? ( >=sys-auth/skey-1.1.5-r1 ) + ldap? ( + >=net-nds/openldap-2.1.30-r1 + dev-libs/cyrus-sasl + ) + sys-libs/zlib" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-sudo ) + ldap? ( dev-lang/perl ) + pam? ( sys-auth/pambase ) + >=app-misc/editor-wrapper-3 + virtual/editor + sendmail? ( virtual/mta )" +DEPEND="${DEPEND} + sys-devel/bison" + +S=${WORKDIR}/${MY_P} + +REQUIRED_USE="pam? ( !skey ) skey? ( !pam )" + +MAKEOPTS+=" SAMPLES=" + +src_prepare() { + elibtoolize +} + +set_rootpath() { + # FIXME: secure_path is a compile time setting. using ROOTPATH + # is not perfect, env-update may invalidate this, but until it + # is available as a sudoers setting this will have to do. + einfo "Setting secure_path ..." + + # first extract the default ROOTPATH from build env + ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}") + if [[ -z ${ROOTPATH} ]] ; then + ewarn " Failed to find ROOTPATH, please report this" + fi + + # then remove duplicate path entries + cleanpath() { + local newpath thisp IFS=: + for thisp in $1 ; do + if [[ :${newpath}: != *:${thisp}:* ]] ; then + newpath+=:$thisp + else + einfo " Duplicate entry ${thisp} removed..." + fi + done + ROOTPATH=${newpath#:} + } + cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}} + + # finally, strip gcc paths #136027 + rmpath() { + local e newpath thisp IFS=: + for thisp in ${ROOTPATH} ; do + for e ; do [[ $thisp == $e ]] && continue 2 ; done + newpath+=:$thisp + done + ROOTPATH=${newpath#:} + } + rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*' + + einfo "... done" +} + +src_configure() { + local ROOTPATH + set_rootpath + + # audit: somebody got to explain me how I can test this before I + # enable it.. - Diego + # plugindir: autoconf code is crappy and does not delay evaluation + # until `make` time, so we have to use a full path here rather than + # basing off other values. + econf \ + --enable-zlib=system \ + --with-secure-path="${ROOTPATH}" \ + --with-editor="${EPREFIX}"/usr/libexec/editor \ + --with-env-editor \ + $(use_with offensive insults) \ + $(use_with offensive all-insults) \ + $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \ + $(use_with ldap) \ + $(use_enable nls) \ + $(use_with pam) \ + $(use_with skey) \ + $(use_with selinux) \ + $(use_with sendmail) \ + --without-opie \ + --without-linux-audit \ + --with-timedir="${EPREFIX}"/var/db/sudo \ + --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \ + --docdir="${EPREFIX}"/usr/share/doc/${PF} +} + +src_install() { + default + + if use ldap ; then + dodoc README.LDAP doc/schema.OpenLDAP + dosbin plugins/sudoers/sudoers2ldif + + cat <<-EOF > "${T}"/ldap.conf.sudo + # See ldap.conf(5) and README.LDAP for details + # This file should only be readable by root + + # supported directives: host, port, ssl, ldap_version + # uri, binddn, bindpw, sudoers_base, sudoers_debug + # tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key + EOF + + insinto /etc + doins "${T}"/ldap.conf.sudo + fperms 0440 /etc/ldap.conf.sudo + fi + + pamd_mimic system-auth sudo auth account session + + keepdir /var/db/sudo + fperms 0700 /var/db/sudo +} + +pkg_postinst() { + if use ldap ; then + ewarn + ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration." + ewarn + if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then + ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly" + ewarn "configured in /etc/nsswitch.conf." + ewarn + ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:" + ewarn " sudoers: ldap files" + ewarn + fi + fi + if use prefix ; then + ewarn + ewarn "To use sudo, you need to change file ownership and permissions" + ewarn "with root privileges, as follows:" + ewarn + ewarn " # chown root:root ${EPREFIX}/usr/bin/sudo" + ewarn " # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so" + ewarn " # chown root:root ${EPREFIX}/etc/sudoers" + ewarn " # chown root:root ${EPREFIX}/etc/sudoers.d" + ewarn " # chown root:root ${EPREFIX}/var/db/sudo" + ewarn " # chmod 4111 ${EPREFIX}/usr/bin/sudo" + ewarn + fi + + elog "To use the -A (askpass) option, you need to install a compatible" + elog "password program from the following list. Starred packages will" + elog "automatically register for the use with sudo (but will not force" + elog "the -A option):" + elog "" + elog " [*] net-misc/ssh-askpass-fullscreen" + elog " net-misc/x11-ssh-askpass" + elog "" + elog "You can override the choice by setting the SUDO_ASKPASS environmnent" + elog "variable to the program you want to use." +} |