4 files changed, 19 insertions, 403 deletions

diff --git a/app-admin/sudo/ChangeLog b/app-admin/sudo/ChangeLog
index 436da6427f18..fb59bfd74098 100644
--- a/app-admin/sudo/ChangeLog
+++ b/app-admin/sudo/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for app-admin/sudo
 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.389 2015/04/11 15:06:13 zlogene Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.390 2015/06/06 16:59:32 polynomial-c Exp $
+
+  06 Jun 2015; Lars Wendler <polynomial-c@gentoo.org> -sudo-1.8.11_p1.ebuild,
+  -sudo-1.8.11_p2.ebuild:
+  Removed vulnerable versions.
 
   11 Apr 2015; Mikle Kolyada <zlogene@gentoo.org> sudo-1.8.12.ebuild:
   ia64/ppc stable wrt bug #539532
diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
index 11af9d088d32..0bb0bd78ba4f 100644
--- a/app-admin/sudo/Manifest
+++ b/app-admin/sudo/Manifest
@@ -2,23 +2,27 @@
 Hash: SHA256
 
 AUX sudo-1.8.12-include-sys-types-h.patch 5838 SHA256 c86bd2e0cee16ccda405cf2888097e60f9cc489c43e71482057a4049b6b2dd4a SHA512 d230420b04bd7a8335f67450bcb638caccb5ebba1ee7c96b43343df0ada867095fa931a8743d5b8f78d7cc96a3eb855863de1cfa4723315e705cbed1dc9bd51c WHIRLPOOL adb64000d54d9c7f1c35474feebc0333354b8207740abea2e3f9c6bd6d3f21d80489dcafcd47f4358e6133b8be8062341be30b1d59abb34ba2ae96fe7a10fbe1
-DIST sudo-1.8.11p1.tar.gz 2402012 SHA256 44c275772595a119185336164bb76b6e08f23d38aa0fe0d6bab48812e75d6a43 SHA512 47e49c854698268733d5a79e2ddcb8a23d6cf032fc5f79621318eddda6caac400d9db54b9239b605a1c2b11935e366177b0adadee5fbf1872ffbdc9b16c67cf2 WHIRLPOOL 451a86cf5046440ef7c5ee2640e2bf7d434c9f78748ae1ca2ac8433acb367f6148949b4b9ff4fbf22e5c9d6f834d45c525d749ee2cdc50bb3f5f7f1eb1c776be
-DIST sudo-1.8.11p2.tar.gz 2402235 SHA256 8133849418fa18cf6b6bb6893d1855ff7afe21db8923234a00bf045c90fba1ad SHA512 fdd6c14c3738cb7bafec9873c49f96270fdd36c72d14d3fc7e1ef3651275961bf17550ac1f56ed445b394985cbbf602b88f52cda1226e9007bed14a4d4fadbaa WHIRLPOOL a00fcdd34247f1efce2f22e98dea0be7b3109c7448ce749781ed9fe54c8d5f61a0fa922f09a5cda9c962eec230aa8e087b1fa118af6ff29d0f5db8929ccc1d34
 DIST sudo-1.8.12.tar.gz 2493373 SHA256 163b51841de8ad19276581a6782d61f5948f1f72a0a843371a1c167d3dc4f3b0 SHA512 1815343eceb7cfa6e37c961ce1c68cf96fc290356b92078d6d24a2c85d8b7a7236df78d3ff7f5e30eba492dc8407346d884e01c0b989eef4414156cfec80b67b WHIRLPOOL 0d9e618937a08b9bf74aaebf12f5b9f96afd827728f90fa95b6a2a4f932cc84240d56674aa903062247068ec5aa3369b14bad64130caeb313330286510c2d3f6
 DIST sudo-1.8.13.tar.gz 2515307 SHA256 e374e5edf2c11c00d6916a9f51cb0ad15e51c7b028370fa15169b07e61e05a25 SHA512 d5498ce8136e903a5ee9e6b1e9b69149b2268798f0678bf7fa82d56947c60d0dec1d7ee25df382e2ee05ecb660720af6b6bc24ad1b6493834e158ee3b186d03c WHIRLPOOL b06256020e5c21159f1b7ff7a9849053f89e95c58fce850653e60d625ad71f8cf9caf9421765398ed73d2ca4756483dcd9535dc856e681dc3b8d7c1206ae5553
-EBUILD sudo-1.8.11_p1.ebuild 5619 SHA256 7fe3889f35f4d05dcfb225444a07ee3febecdb17500ddf748a49679412b4808b SHA512 281274e107ac2d171a5c3806c1c69d858378aa1bc49d92ea83ff11d320f25c47c019b45d56bf260cb00193a5c2e225e410ca42b74fef70300bdb71595b11d2fc WHIRLPOOL 0fcdf075445d6d8302c23d1e8d51d6a2153fe5d80d9fb5c496807e1a2606c43a2a5c0058c847ba432b93c48f8e5886be7879cc2a557fc7b41ba802dd74502761
-EBUILD sudo-1.8.11_p2.ebuild 5637 SHA256 323373903e9c1dfe7ca033bad8ea257f50d34fb8dd0e03e277ad1a91e3b5b685 SHA512 8baa6413d284acc8ebde0e3c695451fd55b853870192c394f6175a99274edb6840aca318b3741476f195f98680b84e5de7824cd1a5a9f246795591b283389dc1 WHIRLPOOL 593ae254cb03a27a2480bf084f6d82a3247cf0c1c69437e1d63aed2ace76ad554c435e9e647baf55b060978a75f7d71cb5eac4704439cfa001ccbb4d39c21e30
 EBUILD sudo-1.8.12.ebuild 5677 SHA256 3b96b5383510f87a356d5111095fea7390526e89008c04a966e8dda5ac4cd581 SHA512 ae595af16db34e16c325c0696b42b8ec6fe4095327a2e84d69327e2c1d43fbfcb466e7a31f9269414af07b6288e3cd3cf9d1ab90552512ec28ad6b89fee90fbe WHIRLPOOL 092ae1f242683a36c9f38ae25870de4aa06d8de27725a0ccd5ea58a322e455b22cca6371ba8f929b67a848ee7c030bcec175d75fc11e830fc7d24bc191c72247
 EBUILD sudo-1.8.13.ebuild 5637 SHA256 e1451074e1055d96a8d3862a681a509e5085d7de809b12f7195f99fd2f3163ec SHA512 a80e61868555083f9453104bad3fbc6e2bfd1af641a07429c676c1e9c804cebe8cb080a0614aaf8ef13927644e59f8330f24b74b17d7b75e4700a247533d8330 WHIRLPOOL 6b0a641ccb091a03c673f0f4adfc4634d0877b862b6391b03bfb784e9cd722d0aa890ffc752175c3e7ec0556729332cfb4e2ef23f3a2701007086fc93f34a7e4
 EBUILD sudo-9999.ebuild 5769 SHA256 be272172f9631e9ad20879566907704ad71d3278b1309ac1bb88048737de98de SHA512 cb34bd3f056bb7e605fe2f357b52ef68ab63e0b98551aef0f34b06c78df8f045746aaf6956ac130c0966725ac25f5afcfe695098940a765d4993b15fb666b621 WHIRLPOOL 6d71be1cbfffb94939f36366d3386b809d0932edae0e2dbcc68e0cf1192a4fa247f44600d9d53e0eb0e6a1724ce6c2853ff6b6de041dead9b923d40e72573db2
-MISC ChangeLog 55939 SHA256 0b1b89dcf5d4b260322be30216b2ad10ce57aa35f3e6a3097ff3b18ddfc121e7 SHA512 51a21f8992071fd215465826461d6c7d6ac3e62b2029df5f58f1d84034a2e398077c52fc96b4e815986ed802f625626ae2e63b76a9aef50b7636add77371a9b2 WHIRLPOOL 2885b88c6796a5de0811f30b9fba09f89fe16903d23e2be86cd8ddcc3477ad967faf21ba3add6d2b80e93bf336d5efca68f5ad03399ef0c60ab039f6a4aff355
+MISC ChangeLog 56080 SHA256 1181bec5361253b19728adc2071181c4d66e17c0976fae90e830c1158c1d1021 SHA512 5e9182f6b325ea84666c856971a0e9208cbc758301ba9e46911737d7c2db45113086a43e0f3c3f46c58ec053372897547dc68d4c2ba22f2ae4474420c359e75d WHIRLPOOL ad2cd693cb8b86da6cd2aba299fb8ef3232ef855f87b88d8273a045156fdb19976552ace4cd2dbd839e9e9770139e933d2a4350103d1d7758a538c7b4c448d5c
 MISC metadata.xml 726 SHA256 242e8a573d76b2163a928259e5226fff2c237b3e9c244860a1430fa79c5b390e SHA512 d0a7e5f53ec823d84e3c38c2bd64ba566d7cbd08c12ebf3e9b9fed10b77ce2e3e951e262f1a307aa8f0819a662559ca6f9bcf86cf05088480413e4534ce299d3 WHIRLPOOL b919b1825e68eb3285523f057fc42b5fde9e59a738ecdb1de0835af827db6284fc66848a10517a215389c4466f21b70e376f3fffc993aa338e47fca971d0af83
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
-iJwEAQEIAAYFAlUpN/UACgkQG9wOWsQutdbwQAQAlHEmhtMTmMaAAYXGcofIKsOn
-fzPHx6Ud6xI9MA8FwrQEv0h53ffV2BmFF4bWZehwm8FIEGsXetSMrqa+TxphmbDc
-Vo6zRVoTI1Mg2VCbf+4Q3aN2Fjva35KCl0y7+I5RNv7WZHiaC+3cs9fzMN8HecyX
-NoQ8xcj6/r/mehA5C1U=
-=FDoe
+iQIcBAEBCAAGBQJVcyb1AAoJEPiazRVxLXTF0RcP/1YxuCe4U102ditMk1JuniK8
+qfbKKuX2JgFb7yNzaMc+sKNoWHQkUdVpP+0hU+ywwbWcnkk6ufOdZVXmd+8lVAyb
+l9yYtNM8xaXdFOBb2Ma1acMXvdZjY7/cNHGxJCwvo0L2rl+uXtCzoFE6WWK/GzQg
+xLc81z5oEOZYOQgiecgSB8uxqvCbUs1J1lcLIHrJa6aBKdvosgXnXYVzj/OZRvM2
+uCtJVwyAkYgzqz0rLaF1BTNQSc3AEa38b/HR9vdB25Ia076JZD7jMLxT23Kla381
+OalOSnHzwz4i//bWIW6R4CvSX4xwBftbRzyaTJ81y+85jT3jLW0tWmaPhUPeib6Z
+1yyrQeX7JNCCbBDzD1o2/twIU3sq6ea/ZsYPVcXT3+S4kvMRJGXiT1AEuPw6jCN2
+VIdGGgm/nBU715XNcoS0/ZlXB/8zbx7/K/8jK3lQHpUGAJTWEPcG7DnkdyqomqQa
+fUMRvZNulIzYf7t8slatKKg5P1Pz2HF+IDzAmZIRWXLBPOmJgu+dDLrwou7JJN5m
+Xoft8x762TBotXPUlLfumschHMPj5PcaZ7B57H7m31rvoU0cAO8Q7AwbtWbrBLAG
+t16+UCwNz0aRlmw//IvFjtEXQL4bjVgOwgVOV1CZ+ScgNe8nKD6n0m8ojhrwXMJR
+zsKp5L+3xy07ir9TPPH/
+=ijcY
 -----END PGP SIGNATURE-----
diff --git a/app-admin/sudo/sudo-1.8.11_p1.ebuild b/app-admin/sudo/sudo-1.8.11_p1.ebuild
deleted file mode 100644
index 24987812db43..000000000000
--- a/app-admin/sudo/sudo-1.8.11_p1.ebuild
+++ /dev/null
@@ -1,196 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.11_p1.ebuild,v 1.10 2014/11/02 08:54:56 ago Exp $
-
-EAPI=5
-
-inherit eutils pam multilib libtool
-
-MY_P=${P/_/}
-MY_P=${MY_P/beta/b}
-
-uri_prefix=
-case ${P} in
-*_beta*|*_rc*) uri_prefix=beta/ ;;
-esac
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="http://www.sudo.ws/"
-SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
-	ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
-IUSE="ldap nls pam offensive selinux skey +sendmail"
-
-DEPEND="pam? ( virtual/pam )
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	ldap? (
-		>=net-nds/openldap-2.1.30-r1
-		dev-libs/cyrus-sasl
-	)
-	sys-libs/zlib"
-RDEPEND="${DEPEND}
-	selinux? ( sec-policy/selinux-sudo )
-	ldap? ( dev-lang/perl )
-	pam? ( sys-auth/pambase )
-	>=app-misc/editor-wrapper-3
-	virtual/editor
-	sendmail? ( virtual/mta )"
-DEPEND="${DEPEND}
-	sys-devel/bison"
-
-S=${WORKDIR}/${MY_P}
-
-REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
-
-MAKEOPTS+=" SAMPLES="
-
-src_prepare() {
-	elibtoolize
-}
-
-set_rootpath() {
-	# FIXME: secure_path is a compile time setting. using ROOTPATH
-	# is not perfect, env-update may invalidate this, but until it
-	# is available as a sudoers setting this will have to do.
-	einfo "Setting secure_path ..."
-
-	# first extract the default ROOTPATH from build env
-	ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
-	if [[ -z ${ROOTPATH} ]] ; then
-		ewarn "	Failed to find ROOTPATH, please report this"
-	fi
-
-	# then remove duplicate path entries
-	cleanpath() {
-		local newpath thisp IFS=:
-		for thisp in $1 ; do
-			if [[ :${newpath}: != *:${thisp}:* ]] ; then
-				newpath+=:$thisp
-			else
-				einfo "   Duplicate entry ${thisp} removed..."
-			fi
-		done
-		ROOTPATH=${newpath#:}
-	}
-	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
-
-	# finally, strip gcc paths #136027
-	rmpath() {
-		local e newpath thisp IFS=:
-		for thisp in ${ROOTPATH} ; do
-			for e ; do [[ $thisp == $e ]] && continue 2 ; done
-			newpath+=:$thisp
-		done
-		ROOTPATH=${newpath#:}
-	}
-	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-
-	einfo "... done"
-}
-
-src_configure() {
-	local ROOTPATH
-	set_rootpath
-
-	# audit: somebody got to explain me how I can test this before I
-	# enable it.. - Diego
-	# plugindir: autoconf code is crappy and does not delay evaluation
-	# until `make` time, so we have to use a full path here rather than
-	# basing off other values.
-	econf \
-		--enable-zlib=system \
-		--with-secure-path="${ROOTPATH}" \
-		--with-editor="${EPREFIX}"/usr/libexec/editor \
-		--with-env-editor \
-		$(use_with offensive insults) \
-		$(use_with offensive all-insults) \
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
-		$(use_with ldap) \
-		$(use_enable nls) \
-		$(use_with pam) \
-		$(use_with skey) \
-		$(use_with selinux) \
-		$(use_with sendmail) \
-		--without-opie \
-		--without-linux-audit \
-		--with-rundir="${EPREFIX}"/var/run/sudo \
-		--with-vardir="${EPREFIX}"/var/db/sudo \
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
-		--docdir="${EPREFIX}"/usr/share/doc/${PF}
-}
-
-src_install() {
-	default
-
-	if use ldap ; then
-		dodoc README.LDAP doc/schema.OpenLDAP
-		dosbin plugins/sudoers/sudoers2ldif
-
-		cat <<-EOF > "${T}"/ldap.conf.sudo
-		# See ldap.conf(5) and README.LDAP for details
-		# This file should only be readable by root
-
-		# supported directives: host, port, ssl, ldap_version
-		# uri, binddn, bindpw, sudoers_base, sudoers_debug
-		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
-		EOF
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-	fi
-
-	pamd_mimic system-auth sudo auth account session
-
-	keepdir /var/db/sudo
-	fperms 0700 /var/db/sudo
-
-	# Don't install into /var/run as that is a tmpfs most of the time
-	# (bug #504854)
-	rm -rf "${D}"/var/run
-}
-
-pkg_postinst() {
-	if use ldap ; then
-		ewarn
-		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
-		ewarn
-		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
-			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
-			ewarn "configured in /etc/nsswitch.conf."
-			ewarn
-			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
-			ewarn "  sudoers: ldap files"
-			ewarn
-		fi
-	fi
-	if use prefix ; then
-		ewarn
-		ewarn "To use sudo, you need to change file ownership and permissions"
-		ewarn "with root privileges, as follows:"
-		ewarn
-		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
-		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
-		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
-		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
-		ewarn
-	fi
-
-	elog "To use the -A (askpass) option, you need to install a compatible"
-	elog "password program from the following list. Starred packages will"
-	elog "automatically register for the use with sudo (but will not force"
-	elog "the -A option):"
-	elog ""
-	elog " [*] net-misc/ssh-askpass-fullscreen"
-	elog "     net-misc/x11-ssh-askpass"
-	elog ""
-	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
-	elog "variable to the program you want to use."
-}
diff --git a/app-admin/sudo/sudo-1.8.11_p2.ebuild b/app-admin/sudo/sudo-1.8.11_p2.ebuild
deleted file mode 100644
index 7c03dff724d8..000000000000
--- a/app-admin/sudo/sudo-1.8.11_p2.ebuild
+++ /dev/null
@@ -1,196 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.11_p2.ebuild,v 1.1 2014/10/30 16:22:39 flameeyes Exp $
-
-EAPI=5
-
-inherit eutils pam multilib libtool
-
-MY_P=${P/_/}
-MY_P=${MY_P/beta/b}
-
-uri_prefix=
-case ${P} in
-*_beta*|*_rc*) uri_prefix=beta/ ;;
-esac
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="http://www.sudo.ws/"
-SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
-	ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
-IUSE="ldap nls pam offensive selinux skey +sendmail"
-
-DEPEND="pam? ( virtual/pam )
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	ldap? (
-		>=net-nds/openldap-2.1.30-r1
-		dev-libs/cyrus-sasl
-	)
-	sys-libs/zlib"
-RDEPEND="${DEPEND}
-	selinux? ( sec-policy/selinux-sudo )
-	ldap? ( dev-lang/perl )
-	pam? ( sys-auth/pambase )
-	>=app-misc/editor-wrapper-3
-	virtual/editor
-	sendmail? ( virtual/mta )"
-DEPEND="${DEPEND}
-	sys-devel/bison"
-
-S=${WORKDIR}/${MY_P}
-
-REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
-
-MAKEOPTS+=" SAMPLES="
-
-src_prepare() {
-	elibtoolize
-}
-
-set_rootpath() {
-	# FIXME: secure_path is a compile time setting. using ROOTPATH
-	# is not perfect, env-update may invalidate this, but until it
-	# is available as a sudoers setting this will have to do.
-	einfo "Setting secure_path ..."
-
-	# first extract the default ROOTPATH from build env
-	ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
-	if [[ -z ${ROOTPATH} ]] ; then
-		ewarn "	Failed to find ROOTPATH, please report this"
-	fi
-
-	# then remove duplicate path entries
-	cleanpath() {
-		local newpath thisp IFS=:
-		for thisp in $1 ; do
-			if [[ :${newpath}: != *:${thisp}:* ]] ; then
-				newpath+=:$thisp
-			else
-				einfo "   Duplicate entry ${thisp} removed..."
-			fi
-		done
-		ROOTPATH=${newpath#:}
-	}
-	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
-
-	# finally, strip gcc paths #136027
-	rmpath() {
-		local e newpath thisp IFS=:
-		for thisp in ${ROOTPATH} ; do
-			for e ; do [[ $thisp == $e ]] && continue 2 ; done
-			newpath+=:$thisp
-		done
-		ROOTPATH=${newpath#:}
-	}
-	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-
-	einfo "... done"
-}
-
-src_configure() {
-	local ROOTPATH
-	set_rootpath
-
-	# audit: somebody got to explain me how I can test this before I
-	# enable it.. - Diego
-	# plugindir: autoconf code is crappy and does not delay evaluation
-	# until `make` time, so we have to use a full path here rather than
-	# basing off other values.
-	econf \
-		--enable-zlib=system \
-		--with-secure-path="${ROOTPATH}" \
-		--with-editor="${EPREFIX}"/usr/libexec/editor \
-		--with-env-editor \
-		$(use_with offensive insults) \
-		$(use_with offensive all-insults) \
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
-		$(use_with ldap) \
-		$(use_enable nls) \
-		$(use_with pam) \
-		$(use_with skey) \
-		$(use_with selinux) \
-		$(use_with sendmail) \
-		--without-opie \
-		--without-linux-audit \
-		--with-rundir="${EPREFIX}"/var/run/sudo \
-		--with-vardir="${EPREFIX}"/var/db/sudo \
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
-		--docdir="${EPREFIX}"/usr/share/doc/${PF}
-}
-
-src_install() {
-	default
-
-	if use ldap ; then
-		dodoc README.LDAP doc/schema.OpenLDAP
-		dosbin plugins/sudoers/sudoers2ldif
-
-		cat <<-EOF > "${T}"/ldap.conf.sudo
-		# See ldap.conf(5) and README.LDAP for details
-		# This file should only be readable by root
-
-		# supported directives: host, port, ssl, ldap_version
-		# uri, binddn, bindpw, sudoers_base, sudoers_debug
-		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
-		EOF
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-	fi
-
-	pamd_mimic system-auth sudo auth account session
-
-	keepdir /var/db/sudo
-	fperms 0700 /var/db/sudo
-
-	# Don't install into /var/run as that is a tmpfs most of the time
-	# (bug #504854)
-	rm -rf "${D}"/var/run
-}
-
-pkg_postinst() {
-	if use ldap ; then
-		ewarn
-		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
-		ewarn
-		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
-			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
-			ewarn "configured in /etc/nsswitch.conf."
-			ewarn
-			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
-			ewarn "  sudoers: ldap files"
-			ewarn
-		fi
-	fi
-	if use prefix ; then
-		ewarn
-		ewarn "To use sudo, you need to change file ownership and permissions"
-		ewarn "with root privileges, as follows:"
-		ewarn
-		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
-		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
-		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
-		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
-		ewarn
-	fi
-
-	elog "To use the -A (askpass) option, you need to install a compatible"
-	elog "password program from the following list. Starred packages will"
-	elog "automatically register for the use with sudo (but will not force"
-	elog "the -A option):"
-	elog ""
-	elog " [*] net-misc/ssh-askpass-fullscreen"
-	elog "     net-misc/x11-ssh-askpass"
-	elog ""
-	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
-	elog "variable to the program you want to use."
-}