Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sam James <sam@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: app-admin/sudo/
Date: Fri, 23 Sep 2022 00:59:39
Message-Id: 1663894718.4a56cb83be37bab18e9941f58c226cfce97d08a1.sam@gentoo
1 commit: 4a56cb83be37bab18e9941f58c226cfce97d08a1
2 Author: Sam James <sam <AT> gentoo <DOT> org>
3 AuthorDate: Fri Sep 23 00:58:38 2022 +0000
4 Commit: Sam James <sam <AT> gentoo <DOT> org>
5 CommitDate: Fri Sep 23 00:58:38 2022 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a56cb83
7
8 app-admin/sudo: drop 1.9.10-r1, 1.9.11_p2
9
10 Signed-off-by: Sam James <sam <AT> gentoo.org>
11
12 app-admin/sudo/Manifest | 4 -
13 app-admin/sudo/sudo-1.9.10-r1.ebuild | 263 --------------------------------
14 app-admin/sudo/sudo-1.9.11_p2.ebuild | 281 -----------------------------------
15 3 files changed, 548 deletions(-)
16
17 diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
18 index 5f2abb112918..fd7558ec2a90 100644
19 --- a/app-admin/sudo/Manifest
20 +++ b/app-admin/sudo/Manifest
21 @@ -1,6 +1,2 @@
22 -DIST sudo-1.9.10.tar.gz 4516568 BLAKE2B 94d97379e31b41917616a829cbece3d3fce7dd6ab9d04791b928981c14249c306508298655c19dc59a054ccf7deed4e69e65367cbfe9f6d8b5aba8895cfa6064 SHA512 65cf92b67b64413cb807da8b9602fc90b75e5b30dd1402d682ca36f276a3d6209a8a59c14e463898abc9856bc56263e5ba4bb6d44774f56a2885a9eea4a35375
23 -DIST sudo-1.9.10.tar.gz.sig 566 BLAKE2B 808919c826faa4f63efc283461f9f2089fd745aaf7462bcc41c505e7f978e7d56307202f96548d95844c99236fec10cada8438b935a1e1b6ea3601ee857d6900 SHA512 4ea0b736783b8e7be47645f770d7684d99c31f901177d3527f1ff78f5126d41592a94d36c67762bf5cb941eed80b9f585637aaa81d7f4920576d31a83f447323
24 -DIST sudo-1.9.11p2.tar.gz 4825417 BLAKE2B b6b16f17ba8b6d5ab80f5515beebddf21579944376c2b0752111120d9fb6e2c3d3c40c8150a4f1c2c7165fb93e1f9ac3d03f77b0951a6f721e026a175cc948c4 SHA512 ca64ace6b663a61336a2aa45fb96eb585b5075a867e770b0b384aaf015479dfae48847226c83f824372e64f4697454e68c36305f7979f14b662185c284e1da67
25 -DIST sudo-1.9.11p2.tar.gz.sig 566 BLAKE2B 9ffe8ebf79f3d94c2df4ce18bb811f73854920b262774ef114ed77ff78a2f856765651c0408cd0cd71191b21840fa3c6a73ca7897baa7975dd7b655eead45ab1 SHA512 a452fb875b3f4a05cc8623df18f7b53192b8671cdd8fcdbb9360cc86160b9aadb1148a60f91f106fd381997b91a4dfcf06149f3cb43292284d27997a4d97473f
26 DIST sudo-1.9.11p3.tar.gz 4826520 BLAKE2B f8508f65b514abd9979a11628d8bc0e085b2625993281e7d1f8794a576e88970bda6939d2f2f50d9485f00276970aba3489b19c102eca5625e389c9610f338dd SHA512 ad5c3d623547d1e3016e1a721676fee6d6b7348e77b2c234041e0af40c7220e8934c8c27beef0d12fa6df11708d37de711dacfefc135d26de46abca7f91c55d1
27 DIST sudo-1.9.11p3.tar.gz.sig 566 BLAKE2B 8caf03b051222f0446eaf333b48563aa18d52acbd9f7e2d880f0a97043df1ec8d25d87cfd7b1b9543ab8f52f5dacff4cf031fe3e6b94593d576d1d351eb05aa4 SHA512 ea728cddbab50746a2cbb8ce6cb55df3def1c5e806a1d91ec6f2d65c8d246079bdb5799b961ab0da1cc2c347a36d93cc00d32c10856141a467b25e1224876e50
28
29 diff --git a/app-admin/sudo/sudo-1.9.10-r1.ebuild b/app-admin/sudo/sudo-1.9.10-r1.ebuild
30 deleted file mode 100644
31 index 2f7cd3f35838..000000000000
32 --- a/app-admin/sudo/sudo-1.9.10-r1.ebuild
33 +++ /dev/null
34 @@ -1,263 +0,0 @@
35 -# Copyright 1999-2022 Gentoo Authors
36 -# Distributed under the terms of the GNU General Public License v2
37 -
38 -EAPI=7
39 -
40 -inherit pam libtool tmpfiles toolchain-funcs
41 -
42 -MY_P="${P/_/}"
43 -MY_P="${MY_P/beta/b}"
44 -
45 -DESCRIPTION="Allows users or groups to run commands as other users"
46 -HOMEPAGE="https://www.sudo.ws/"
47 -if [[ ${PV} == "9999" ]] ; then
48 - inherit mercurial
49 - EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
50 -else
51 - inherit verify-sig
52 - VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/sudo.ws.asc
53 - BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-sudo )"
54 -
55 - uri_prefix=
56 - case ${P} in
57 - *_beta*|*_rc*) uri_prefix=beta/ ;;
58 - esac
59 -
60 - SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
61 - ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz
62 - verify-sig? (
63 - https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz.sig
64 - ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz.sig
65 - )"
66 - if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
67 - KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~sparc-solaris"
68 - fi
69 -fi
70 -
71 -# Basic license is ISC-style as-is, some files are released under
72 -# 3-clause BSD license
73 -LICENSE="ISC BSD"
74 -SLOT="0"
75 -IUSE="gcrypt ldap nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
76 -
77 -DEPEND="
78 - sys-libs/zlib:=
79 - virtual/libcrypt:=
80 - gcrypt? ( dev-libs/libgcrypt:= )
81 - ldap? (
82 - >=net-nds/openldap-2.1.30-r1:=
83 - sasl? (
84 - dev-libs/cyrus-sasl
85 - net-nds/openldap:=[sasl]
86 - )
87 - )
88 - pam? ( sys-libs/pam )
89 - sasl? ( dev-libs/cyrus-sasl )
90 - skey? ( >=sys-auth/skey-1.1.5-r1 )
91 - ssl? ( dev-libs/openssl:0= )
92 - sssd? ( sys-auth/sssd[sudo] )
93 -"
94 -RDEPEND="
95 - ${DEPEND}
96 - >=app-misc/editor-wrapper-3
97 - virtual/editor
98 - ldap? ( dev-lang/perl )
99 - pam? ( sys-auth/pambase )
100 - selinux? ( sec-policy/selinux-sudo )
101 - sendmail? ( virtual/mta )
102 -"
103 -BDEPEND+="
104 - sys-devel/bison
105 - virtual/pkgconfig
106 -"
107 -
108 -S="${WORKDIR}/${MY_P}"
109 -
110 -REQUIRED_USE="
111 - ?? ( pam skey )
112 - ?? ( gcrypt ssl )
113 -"
114 -
115 -MAKEOPTS+=" SAMPLES="
116 -
117 -src_prepare() {
118 - default
119 - elibtoolize
120 -}
121 -
122 -set_secure_path() {
123 - # first extract the default ROOTPATH from build env
124 - SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env;
125 - echo "${ROOTPATH}")
126 - case "${SECURE_PATH}" in
127 - */usr/sbin*) ;;
128 - *) SECURE_PATH=$(unset PATH;
129 - . "${EPREFIX}"/etc/profile.env; echo "${PATH}")
130 - ;;
131 - esac
132 - if [[ -z ${SECURE_PATH} ]] ; then
133 - ewarn " Failed to detect SECURE_PATH, please report this"
134 - fi
135 -
136 - # then remove duplicate path entries
137 - cleanpath() {
138 - local newpath thisp IFS=:
139 - for thisp in $1 ; do
140 - if [[ :${newpath}: != *:${thisp}:* ]] ; then
141 - newpath+=:${thisp}
142 - else
143 - einfo " Duplicate entry ${thisp} removed..."
144 - fi
145 - done
146 - SECURE_PATH=${newpath#:}
147 - }
148 - cleanpath /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
149 -
150 - # finally, strip gcc paths #136027
151 - rmpath() {
152 - local e newpath thisp IFS=:
153 - for thisp in ${SECURE_PATH} ; do
154 - for e ; do [[ ${thisp} == ${e} ]] && continue 2 ; done
155 - newpath+=:${thisp}
156 - done
157 - SECURE_PATH=${newpath#:}
158 - }
159 - rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
160 -}
161 -
162 -src_configure() {
163 - local SECURE_PATH
164 - set_secure_path
165 - tc-export PKG_CONFIG #767712
166 -
167 - # audit: somebody got to explain me how I can test this before I
168 - # enable it.. - Diego
169 - # plugindir: autoconf code is crappy and does not delay evaluation
170 - # until `make` time, so we have to use a full path here rather than
171 - # basing off other values.
172 - myeconfargs=(
173 - # requires some python eclass
174 - --disable-python
175 - --enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
176 - --enable-zlib=system
177 - --with-editor="${EPREFIX}"/usr/libexec/editor
178 - --with-env-editor
179 - --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
180 - --with-rundir="${EPREFIX}"/run/sudo
181 - --with-vardir="${EPREFIX}"/var/db/sudo
182 - --without-linux-audit
183 - --without-opie
184 - $(use_enable gcrypt)
185 - $(use_enable nls)
186 - $(use_enable sasl)
187 - $(use_enable ssl openssl)
188 - $(use_with ldap)
189 - $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
190 - $(use_with offensive insults)
191 - $(use_with offensive all-insults)
192 - $(use_with pam)
193 - $(use_with pam pam-login)
194 - $(use_with secure-path secure-path "${SECURE_PATH}")
195 - $(use_with selinux)
196 - $(use_with sendmail)
197 - $(use_with skey)
198 - $(use_with sssd)
199 - )
200 -
201 - econf "${myeconfargs[@]}"
202 -}
203 -
204 -src_install() {
205 - default
206 -
207 - if use ldap ; then
208 - dodoc README.LDAP.md
209 -
210 - cat <<-EOF > "${T}"/ldap.conf.sudo
211 - # See ldap.conf(5) and README.LDAP.md for details
212 - # This file should only be readable by root
213 -
214 - # supported directives: host, port, ssl, ldap_version
215 - # uri, binddn, bindpw, sudoers_base, sudoers_debug
216 - # tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
217 - EOF
218 -
219 - if use sasl ; then
220 - cat <<-EOF >> "${T}"/ldap.conf.sudo
221 -
222 - # SASL directives: use_sasl, sasl_mech, sasl_auth_id
223 - # sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
224 - EOF
225 - fi
226 -
227 - insinto /etc
228 - doins "${T}"/ldap.conf.sudo
229 - fperms 0440 /etc/ldap.conf.sudo
230 -
231 - insinto /etc/openldap/schema
232 - newins docs/schema.OpenLDAP sudo.schema
233 - fi
234 -
235 - if use pam; then
236 - pamd_mimic system-auth sudo auth account session
237 - pamd_mimic system-auth sudo-i auth account session
238 - fi
239 -
240 - keepdir /var/db/sudo/lectured
241 - fperms 0700 /var/db/sudo/lectured
242 - fperms 0711 /var/db/sudo #652958
243 -
244 - # Don't install into /run as that is a tmpfs most of the time
245 - # (bug #504854)
246 - rm -rf "${ED}"/run || die
247 -
248 - find "${ED}" -type f -name "*.la" -delete || die #697812
249 -}
250 -
251 -pkg_postinst() {
252 - tmpfiles_process sudo.conf
253 -
254 - #652958
255 - local sudo_db="${EROOT}/var/db/sudo"
256 - if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
257 - chmod 711 "${sudo_db}" || die
258 - fi
259 -
260 - if use ldap ; then
261 - ewarn
262 - ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
263 - ewarn
264 - if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
265 - ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
266 - ewarn "configured in /etc/nsswitch.conf."
267 - ewarn
268 - ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
269 - ewarn " sudoers: ldap files"
270 - ewarn
271 - fi
272 - fi
273 - if use prefix ; then
274 - ewarn
275 - ewarn "To use sudo, you need to change file ownership and permissions"
276 - ewarn "with root privileges, as follows:"
277 - ewarn
278 - ewarn " # chown root:root ${EPREFIX}/usr/bin/sudo"
279 - ewarn " # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
280 - ewarn " # chown root:root ${EPREFIX}/etc/sudoers"
281 - ewarn " # chown root:root ${EPREFIX}/etc/sudoers.d"
282 - ewarn " # chown root:root ${EPREFIX}/var/db/sudo"
283 - ewarn " # chmod 4111 ${EPREFIX}/usr/bin/sudo"
284 - ewarn
285 - fi
286 -
287 - elog "To use the -A (askpass) option, you need to install a compatible"
288 - elog "password program from the following list. Starred packages will"
289 - elog "automatically register for the use with sudo (but will not force"
290 - elog "the -A option):"
291 - elog ""
292 - elog " [*] net-misc/ssh-askpass-fullscreen"
293 - elog " net-misc/x11-ssh-askpass"
294 - elog ""
295 - elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
296 - elog "variable to the program you want to use."
297 -}
298
299 diff --git a/app-admin/sudo/sudo-1.9.11_p2.ebuild b/app-admin/sudo/sudo-1.9.11_p2.ebuild
300 deleted file mode 100644
301 index afb8327d1680..000000000000
302 --- a/app-admin/sudo/sudo-1.9.11_p2.ebuild
303 +++ /dev/null
304 @@ -1,281 +0,0 @@
305 -# Copyright 1999-2022 Gentoo Authors
306 -# Distributed under the terms of the GNU General Public License v2
307 -
308 -EAPI=8
309 -
310 -inherit pam libtool tmpfiles toolchain-funcs
311 -
312 -MY_P="${P/_/}"
313 -MY_P="${MY_P/beta/b}"
314 -
315 -DESCRIPTION="Allows users or groups to run commands as other users"
316 -HOMEPAGE="https://www.sudo.ws/"
317 -if [[ ${PV} == 9999 ]] ; then
318 - inherit mercurial
319 - EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
320 -else
321 - VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/sudo.ws.asc
322 - inherit verify-sig
323 -
324 - uri_prefix=
325 - case ${P} in
326 - *_beta*|*_rc*) uri_prefix=beta/ ;;
327 - esac
328 -
329 - SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
330 - ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz
331 - verify-sig? (
332 - https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz.sig
333 - ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz.sig
334 - )"
335 - if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
336 - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~sparc-solaris"
337 - fi
338 -
339 - BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-sudo )"
340 -fi
341 -
342 -# Basic license is ISC-style as-is, some files are released under
343 -# 3-clause BSD license
344 -LICENSE="ISC BSD"
345 -SLOT="0"
346 -IUSE="gcrypt ldap nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
347 -
348 -DEPEND="
349 - sys-libs/zlib:=
350 - virtual/libcrypt:=
351 - gcrypt? ( dev-libs/libgcrypt:= )
352 - ldap? (
353 - >=net-nds/openldap-2.1.30-r1:=
354 - sasl? (
355 - dev-libs/cyrus-sasl
356 - net-nds/openldap:=[sasl]
357 - )
358 - )
359 - pam? ( sys-libs/pam )
360 - sasl? ( dev-libs/cyrus-sasl )
361 - skey? ( >=sys-auth/skey-1.1.5-r1 )
362 - ssl? ( dev-libs/openssl:0= )
363 - sssd? ( sys-auth/sssd[sudo] )
364 -"
365 -RDEPEND="
366 - ${DEPEND}
367 - >=app-misc/editor-wrapper-3
368 - virtual/editor
369 - ldap? ( dev-lang/perl )
370 - pam? ( sys-auth/pambase )
371 - selinux? ( sec-policy/selinux-sudo )
372 - sendmail? ( virtual/mta )
373 -"
374 -BDEPEND+="
375 - sys-devel/bison
376 - virtual/pkgconfig
377 -"
378 -
379 -S="${WORKDIR}/${MY_P}"
380 -
381 -REQUIRED_USE="
382 - ?? ( pam skey )
383 - ?? ( gcrypt ssl )
384 -"
385 -
386 -MAKEOPTS+=" SAMPLES="
387 -
388 -src_prepare() {
389 - default
390 -
391 - elibtoolize
392 -}
393 -
394 -set_secure_path() {
395 - # First extract the default ROOTPATH from build env
396 - SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
397 -
398 - case "${SECURE_PATH}" in
399 - */usr/sbin*)
400 - ;;
401 - *)
402 - SECURE_PATH=$(unset PATH; . "${EPREFIX}"/etc/profile.env; echo "${PATH}")
403 - ;;
404 - esac
405 -
406 - if [[ -z ${SECURE_PATH} ]] ; then
407 - ewarn " Failed to detect SECURE_PATH, please report this"
408 - fi
409 -
410 - # Then remove duplicate path entries
411 - cleanpath() {
412 - local newpath thisp IFS=:
413 - for thisp in $1 ; do
414 - if [[ :${newpath}: != *:${thisp}:* ]] ; then
415 - newpath+=:${thisp}
416 - else
417 - einfo " Duplicate entry ${thisp} removed..."
418 - fi
419 - done
420 - SECURE_PATH=${newpath#:}
421 - }
422 - cleanpath /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
423 -
424 - # Finally, strip gcc paths, bug #136027
425 - rmpath() {
426 - local e newpath thisp IFS=:
427 - for thisp in ${SECURE_PATH} ; do
428 - for e ; do
429 - [[ ${thisp} == ${e} ]] && continue 2 ;
430 - done
431 - newpath+=:${thisp}
432 - done
433 - SECURE_PATH=${newpath#:}
434 - }
435 - rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
436 -}
437 -
438 -src_configure() {
439 - local SECURE_PATH
440 -
441 - set_secure_path
442 -
443 - # bug #767712
444 - tc-export PKG_CONFIG
445 -
446 - # - audit: somebody got to explain me how I can test this before I
447 - # enable it.. - Diego
448 - # - plugindir: autoconf code is crappy and does not delay evaluation
449 - # until `make` time, so we have to use a full path here rather than
450 - # basing off other values.
451 - local myeconfargs=(
452 - # We set all of the relevant options by ourselves (patched
453 - # into the toolchain) and setting these in the build system
454 - # actually causes a downgrade when using e.g. -D_FORTIFY_SOURCE=3
455 - # (it'll downgrade to =2). So, this has no functional effect on
456 - # the hardening for users. It's safe.
457 - --disable-hardening
458 -
459 - # requires some python eclass
460 - --disable-python
461 - --enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
462 - --enable-zlib=system
463 - --with-editor="${EPREFIX}"/usr/libexec/editor
464 - --with-env-editor
465 - --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
466 - --with-rundir="${EPREFIX}"/run/sudo
467 - --with-vardir="${EPREFIX}"/var/db/sudo
468 - --without-linux-audit
469 - --without-opie
470 - $(use_enable gcrypt)
471 - $(use_enable nls)
472 - $(use_enable sasl)
473 - $(use_enable ssl openssl)
474 - $(use_with ldap)
475 - $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
476 - $(use_with offensive insults)
477 - $(use_with offensive all-insults)
478 - $(use_with pam)
479 - $(use_with pam pam-login)
480 - $(use_with secure-path secure-path "${SECURE_PATH}")
481 - $(use_with selinux)
482 - $(use_with sendmail)
483 - $(use_with skey)
484 - $(use_with sssd)
485 - )
486 -
487 - econf "${myeconfargs[@]}"
488 -}
489 -
490 -src_install() {
491 - default
492 -
493 - if use ldap ; then
494 - dodoc README.LDAP.md
495 -
496 - cat <<-EOF > "${T}"/ldap.conf.sudo
497 - # See ldap.conf(5) and README.LDAP.md for details
498 - # This file should only be readable by root
499 -
500 - # supported directives: host, port, ssl, ldap_version
501 - # uri, binddn, bindpw, sudoers_base, sudoers_debug
502 - # tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
503 - EOF
504 -
505 - if use sasl ; then
506 - cat <<-EOF >> "${T}"/ldap.conf.sudo
507 -
508 - # SASL directives: use_sasl, sasl_mech, sasl_auth_id
509 - # sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
510 - EOF
511 - fi
512 -
513 - insinto /etc
514 - doins "${T}"/ldap.conf.sudo
515 - fperms 0440 /etc/ldap.conf.sudo
516 -
517 - insinto /etc/openldap/schema
518 - newins docs/schema.OpenLDAP sudo.schema
519 - fi
520 -
521 - if use pam ; then
522 - pamd_mimic system-auth sudo auth account session
523 - pamd_mimic system-auth sudo-i auth account session
524 - fi
525 -
526 - keepdir /var/db/sudo/lectured
527 - fperms 0700 /var/db/sudo/lectured
528 - # bug #652958
529 - fperms 0711 /var/db/sudo
530 -
531 - # Don't install into /run as that is a tmpfs most of the time
532 - # (bug #504854)
533 - rm -rf "${ED}"/run || die
534 -
535 - # bug #697812
536 - find "${ED}" -type f -name "*.la" -delete || die
537 -}
538 -
539 -pkg_postinst() {
540 - tmpfiles_process sudo.conf
541 -
542 - # bug #652958
543 - local sudo_db="${EROOT}/var/db/sudo"
544 - if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
545 - chmod 711 "${sudo_db}" || die
546 - fi
547 -
548 - if use ldap ; then
549 - ewarn
550 - ewarn "sudo uses the ${ROOT}/etc/ldap.conf.sudo file for ldap configuration."
551 - ewarn
552 - if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
553 - ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
554 - ewarn "configured in ${ROOT}/etc/nsswitch.conf."
555 - ewarn
556 - ewarn "To make use of LDAP, add this line to your ${ROOT}/etc/nsswitch.conf:"
557 - ewarn " sudoers: ldap files"
558 - ewarn
559 - fi
560 - fi
561 - if use prefix ; then
562 - ewarn
563 - ewarn "To use sudo on Prefix, you need to change file ownership and permissions"
564 - ewarn "with root privileges, as follows:"
565 - ewarn
566 - ewarn " # chown root:root ${EPREFIX}/usr/bin/sudo"
567 - ewarn " # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
568 - ewarn " # chown root:root ${EPREFIX}/etc/sudoers"
569 - ewarn " # chown root:root ${EPREFIX}/etc/sudoers.d"
570 - ewarn " # chown root:root ${EPREFIX}/var/db/sudo"
571 - ewarn " # chmod 4111 ${EPREFIX}/usr/bin/sudo"
572 - ewarn
573 - fi
574 -
575 - elog "To use the -A (askpass) option, you need to install a compatible"
576 - elog "password program from the following list. Starred packages will"
577 - elog "automatically register for the use with sudo (but will not force"
578 - elog "the -A option):"
579 - elog ""
580 - elog " [*] net-misc/ssh-askpass-fullscreen"
581 - elog " net-misc/x11-ssh-askpass"
582 - elog ""
583 - elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
584 - elog "variable to the program you want to use."
585 -}
Report Message
Find on MARC Find on Google Groups