pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc Update security/sudo to 1.6.8 and convert to use bsd.o...
details: https://anonhg.NetBSD.org/pkgsrc/rev/9b225b432bc5
branches: trunk
changeset: 479844:9b225b432bc5
user: xtraeme <xtraeme%pkgsrc.org@localhost>
date: Mon Aug 23 21:15:17 2004 +0000
description:
Update security/sudo to 1.6.8 and convert to use bsd.options.mk, which
adds two new options, ldap and pam.
Changes:
* Sudo now supports storing sudoers info in LDAP (optionally using TLS).
* There is a new -e option to edit files the with uid of the invoking
user. This makes it possible to give users to ability to safely edit
files without the possibility of editing other files or running commands
as the target user. If sudo is run as "sudoedit" the -e flag is implied.
* A new tag, NOEXEC, will prevent a dynamically-linked program being run
by sudo from executing another program (think shell escapes). Because
this uses LD_PRELOAD it has no effect on static binaries.
* A uid specified in sudoers now matches the user specified by the -u flag
even if the -u flag specified a name, not a uid.
* Added a -i option to simulate an initial login similar to "su -".
* If sudo is used to run as root shell, further sudo commands will be logged
as run by the user specified by the SUDO_USER environment variable. In -e
mode (sudoedit), SUDO_USER is used to determine what user to run the editor
when the real uid is 0.
* The sudoers file is now parsed as the runas user in all cases instead of
root. This fixes some issues with running NFS-mounted commands.
* If the target user == invoking user a password is no longer required.
* Sudo now produces a sensible error message when the targetpw Defaults option
is set and a non-existent uid is specified via the -u option.
* A negated user/uid in a runas list is now treated the same as a negated
command and overrides a previously allowed entry.
* PAM support now uses Use pam_acct_mgmt() to check for disabled accounts.
* Added a check in visudo for runas_default being used before it was set.
* Fixed several issues when closing all open descriptors. Sudo now uses
closefrom() if it exists, otherwise it uses /proc/$$/fd if that exists
with a fallback of closing all possible descriptors.
* Quoting globbing characters with a backslash now works as documented.
* Fixed a problem on FreeBSD (and perhaps others) when the user is only
listed in NIS (not master.passwd) and netgroups are used in the
master.passwd file.
* The username in a log entry is no longer truncated at 8 characters.
* Added a "sudo_lecture" option that can point to a file containing a
custom lecture.
* The timeout for password reading is now done via alarm(), not select().
* /tmp/.odus is no longer used for timestamps by default.
* Sudo now works on the nsr-tandem-nsk platform.
* Fixed the --with-stow configure option.
* TIS fwtk authentication now supports fwtk 2.0 and higher.
* Added Stan Lee / Uncle Ben quote to the lecture from RedHat.
* Added the --with-pc-insults configure to replace politically incorrect
insults with other ones.
diffstat:
doc/CHANGES | 3 ++-
security/sudo/Makefile | 20 +++++---------------
security/sudo/PLIST.common | 5 +++--
security/sudo/distinfo | 9 ++++-----
security/sudo/options.mk | 24 ++++++++++++++++++++++++
security/sudo/patches/patch-aa | 16 ++++++++--------
security/sudo/patches/patch-ab | 13 -------------
7 files changed, 46 insertions(+), 44 deletions(-)
diffs (169 lines):
diff -r ef0d15c76f2d -r 9b225b432bc5 doc/CHANGES
--- a/doc/CHANGES Mon Aug 23 21:14:32 2004 +0000
+++ b/doc/CHANGES Mon Aug 23 21:15:17 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES,v 1.6982 2004/08/23 15:18:20 tv Exp $
+$NetBSD: CHANGES,v 1.6983 2004/08/23 21:15:17 xtraeme Exp $
Changes to the packages collection and infrastructure in 2004:
@@ -4030,3 +4030,4 @@
Added kkbswitch-1.4.1 [markd 2004-08-23]
Removed guavac [tv 2004-08-23]
Updated fidogate to 4.4.9nb1 [tv 2004-08-23]
+ Updated sudo to 1.6.8 [xtraeme 2004-08-23]
diff -r ef0d15c76f2d -r 9b225b432bc5 security/sudo/Makefile
--- a/security/sudo/Makefile Mon Aug 23 21:14:32 2004 +0000
+++ b/security/sudo/Makefile Mon Aug 23 21:15:17 2004 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.65 2004/08/22 19:32:52 jlam Exp $
+# $NetBSD: Makefile,v 1.66 2004/08/23 21:15:17 xtraeme Exp $
#
-DISTNAME= sudo-1.6.7p5
-PKGNAME= ${DISTNAME:S/p/./}
+DISTNAME= sudo-1.6.8
CATEGORIES= security
MASTER_SITES= http://www.courtesan.com/sudo/dist/ \
ftp://ftp.courtesan.com/pub/sudo/ \
@@ -18,6 +17,7 @@
PKG_INSTALLATION_TYPES= overwrite pkgviews
USE_BUILDLINK3= yes
+USE_LIBTOOL= yes
USE_PKGINSTALL= yes
GNU_CONFIGURE= yes
@@ -32,17 +32,7 @@
CONFIGURE_ARGS+= --without-skey
.endif
-PKG_OPTIONS_VAR= PKG_OPTIONS.sudo
-PKG_SUPPORTED_OPTIONS= kerberos
-.include "../../mk/bsd.options.mk"
-
-.if !empty(PKG_OPTIONS:Mkerberos)
-. include "../../mk/krb5.buildlink3.mk"
-CONFIGURE_ARGS+= --without-kerb4
-CONFIGURE_ARGS+= --with-kerb5
-.else
-CONFIGURE_ARGS+= --without-kerb5
-.endif
+.include "options.mk"
CONFIGURE_ARGS+= --with-nbsdops --disable-path-info
@@ -55,6 +45,6 @@
${INSTALL_DATA} ${WRKSRC}/UPGRADE ${DOCDIR}
${INSTALL_DATA_DIR} ${EGDIR}
${INSTALL_DATA} ${WRKSRC}/sudoers ${EGDIR}/sudoers
- ${INSTALL_DATA} ${WRKSRC}/sample.sudoers ${EGDIR}/sudoers.sample
+ ${INSTALL_DATA} ${WRKSRC}/README* ${DOCDIR}
.include "../../mk/bsd.pkg.mk"
diff -r ef0d15c76f2d -r 9b225b432bc5 security/sudo/PLIST.common
--- a/security/sudo/PLIST.common Mon Aug 23 21:14:32 2004 +0000
+++ b/security/sudo/PLIST.common Mon Aug 23 21:15:17 2004 +0000
@@ -1,8 +1,9 @@
-@comment $NetBSD: PLIST.common,v 1.1 2001/11/01 01:23:01 zuntum Exp $
+@comment $NetBSD: PLIST.common,v 1.2 2004/08/23 21:15:17 xtraeme Exp $
bin/sudo
sbin/visudo
+share/doc/sudo/README
+share/doc/sudo/README.LDAP
share/doc/sudo/UPGRADE
share/examples/sudo/sudoers
-share/examples/sudo/sudoers.sample
@dirrm share/examples/sudo
@dirrm share/doc/sudo
diff -r ef0d15c76f2d -r 9b225b432bc5 security/sudo/distinfo
--- a/security/sudo/distinfo Mon Aug 23 21:14:32 2004 +0000
+++ b/security/sudo/distinfo Mon Aug 23 21:15:17 2004 +0000
@@ -1,8 +1,7 @@
-$NetBSD: distinfo,v 1.20 2004/05/19 19:26:38 kim Exp $
+$NetBSD: distinfo,v 1.21 2004/08/23 21:15:17 xtraeme Exp $
-SHA1 (sudo-1.6.7p5.tar.gz) = 6814bd874c5d42781757b5cbab1961c05cc26c8f
-Size (sudo-1.6.7p5.tar.gz) = 349785 bytes
-SHA1 (patch-aa) = 23c35edd2aad78cc94881a8b03e2ade66dc7c993
-SHA1 (patch-ab) = f2c3a6a10568a6bd394504360a1f53f2fcfc5123
+SHA1 (sudo-1.6.8.tar.gz) = 3f761fd7457ad0efb3f8efa68495ac95c825ca81
+Size (sudo-1.6.8.tar.gz) = 577564 bytes
+SHA1 (patch-aa) = 464d92a06528fd7af2bc6a1b768b8a097900204a
SHA1 (patch-af) = a28c974dc854ca21cf2da8addbe98eac13c612a2
SHA1 (patch-ag) = 3703932e134ae90281179d0a4ae4760fa420264b
diff -r ef0d15c76f2d -r 9b225b432bc5 security/sudo/options.mk
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/sudo/options.mk Mon Aug 23 21:15:17 2004 +0000
@@ -0,0 +1,24 @@
+# $NetBSD: options.mk,v 1.1 2004/08/23 21:15:17 xtraeme Exp $
+#
+
+PKG_OPTIONS_VAR= PKG_OPTIONS.sudo
+PKG_SUPPORTED_OPTIONS= kerberos ldap pam
+.include "../../mk/bsd.options.mk"
+
+.if !empty(PKG_OPTIONS:Mkerberos)
+. include "../../mk/krb5.buildlink3.mk"
+CONFIGURE_ARGS+= --without-kerb4
+CONFIGURE_ARGS+= --with-kerb5
+.else
+CONFIGURE_ARGS+= --without-kerb5
+.endif
+
+.if !empty(PKG_OPTIONS:Mldap)
+. include "../../databases/openldap/buildlink3.mk"
+CONFIGURE_ARGS+= --with-ldap=${BUILDLINK_PREFIX.openldap}
+.endif
+
+.if !empty(PKG_OPTIONS:Mpam)
+. include "../../security/PAM/buildlink3.mk"
+CONFIGURE_ARGS+= --with-pam
+.endif
diff -r ef0d15c76f2d -r 9b225b432bc5 security/sudo/patches/patch-aa
--- a/security/sudo/patches/patch-aa Mon Aug 23 21:14:32 2004 +0000
+++ b/security/sudo/patches/patch-aa Mon Aug 23 21:15:17 2004 +0000
@@ -1,18 +1,18 @@
-$NetBSD: patch-aa,v 1.10 2003/05/03 18:27:46 jmmv Exp $
+$NetBSD: patch-aa,v 1.11 2004/08/23 21:15:17 xtraeme Exp $
---- Makefile.in.orig 2003-04-16 02:39:10.000000000 +0200
-+++ Makefile.in
-@@ -294,11 +294,11 @@ sudoers.man:: sudoers.man.in
+--- Makefile.in.orig 2004-08-23 22:47:51.000000000 +0200
++++ Makefile.in 2004-08-23 22:48:20.000000000 +0200
+@@ -292,11 +292,11 @@
sudoers.cat: sudoers.man
--install: install-dirs install-binaries install-sudoers install-man
-+install: install-dirs install-binaries install-man
+-install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man
++install: install-dirs install-binaries @INSTALL_NOEXEC@ install-man
install-dirs:
$(SHELL) $(srcdir)/mkinstalldirs $(DESTDIR)$(sudodir) \
- $(DESTDIR)$(visudodir) $(DESTDIR)$(sudoersdir) \
+ $(DESTDIR)$(visudodir) \
- $(DESTDIR)$(mandirsu) $(DESTDIR)$(mandirform)
+ $(DESTDIR)$(mandirsu) $(DESTDIR)$(mandirform) \
+ $(DESTDIR)$(noexecdir)
- install-binaries: $(PROGS)
diff -r ef0d15c76f2d -r 9b225b432bc5 security/sudo/patches/patch-ab
--- a/security/sudo/patches/patch-ab Mon Aug 23 21:14:32 2004 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-$NetBSD: patch-ab,v 1.9 2004/03/22 08:45:56 jlam Exp $
-
---- auth/kerb5.c.orig Mon Apr 21 17:19:15 2003
-+++ auth/kerb5.c Mon Mar 22 03:34:44 2004
-@@ -88,7 +88,7 @@
- } sudo_krb5_data = { NULL, NULL, NULL };
- typedef struct _sudo_krb5_data *sudo_krb5_datap;
-
--extern krb5_cc_ops krb5_mcc_ops;
-+extern const krb5_cc_ops krb5_mcc_ops;
-
- int
- kerb5_init(pw, promptp, auth)
Home |
Main Index |
Thread Index |
Old Index