summaryrefslogtreecommitdiff
path: root/app-admin
diff options
context:
space:
mode:
Diffstat (limited to 'app-admin')
-rw-r--r--app-admin/mysudo/Manifest2
-rw-r--r--app-admin/mysudo/mysudo-1.8.23-r1.ebuild (renamed from app-admin/mysudo/mysudo-1.8.22.ebuild)60
2 files changed, 37 insertions, 25 deletions
diff --git a/app-admin/mysudo/Manifest b/app-admin/mysudo/Manifest
index 23af960..db97359 100644
--- a/app-admin/mysudo/Manifest
+++ b/app-admin/mysudo/Manifest
@@ -1 +1 @@
-DIST sudo-1.8.22.tar.gz 3029051 SHA256 7256cb27c20883b14360eddbd17f98922073d104b214cf65aeacf1d9c9b9fd02 SHA512 5ce10a9302d25bb726e347499d26a0b3697446cfcdf0fd9094ee35198db7b023d5250a53fdcb4184d1a09f5fd2a78fc645bc8e80f265666b05a91f62f49b0695 WHIRLPOOL 85d58217c4af33a6281b31008aad14407cacc13421437f0756acff5f8eefb14d8d0038391ee968e8abdeb07d7876c870ebc3f67c28dda04c6af4a142be6f16c5
+DIST sudo-1.8.23.tar.gz 3150674 BLAKE2B 11b1c7bfa372005cda8baf651c4662f6fd15e94ca77f7705b23ca6573424796d5c1f8e47e2874c4b54017141d01a632885ac60c92346d932537048373cad0ede SHA512 a9d61850a4857bfd075547a13efb13b054e4736e3ebe3c8a98a90a090b1d9b9688354ec9725fc99d1d256999b6f9c6ae6215ce9770fcdebd7f24731107b48342
diff --git a/app-admin/mysudo/mysudo-1.8.22.ebuild b/app-admin/mysudo/mysudo-1.8.23-r1.ebuild
index af69dfc..4fa51c3 100644
--- a/app-admin/mysudo/mysudo-1.8.22.ebuild
+++ b/app-admin/mysudo/mysudo-1.8.23-r1.ebuild
@@ -1,6 +1,3 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
EAPI=6
inherit eutils pam multilib libtool
@@ -15,8 +12,8 @@ case ${P} in
esac
DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="http://www.sudo.ws/"
-SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
+HOMEPAGE="https://www.sudo.ws/"
+SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
# Basic license is ISC-style as-is, some files are released under
@@ -24,14 +21,15 @@ SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
LICENSE="ISC BSD"
SLOT="0"
if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
- KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~sparc-solaris"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
fi
-IUSE="with-secure-path gcrypt ldap nls pam offensive openssl selinux skey +sendmail"
+IUSE="with-secure-path gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey"
CDEPEND="
gcrypt? ( dev-libs/libgcrypt:= )
openssl? ( dev-libs/openssl:0= )
pam? ( virtual/pam )
+ sasl? ( dev-libs/cyrus-sasl )
skey? ( >=sys-auth/skey-1.1.5-r1 )
ldap? (
>=net-nds/openldap-2.1.30-r1
@@ -68,16 +66,23 @@ src_prepare() {
elibtoolize
}
-set_rootpath() {
- # FIXME: secure_path is a compile time setting. using ROOTPATH
- # is not perfect, env-update may invalidate this, but until it
+set_secure_path() {
+ # FIXME: secure_path is a compile time setting. using PATH or
+ # ROOTPATH is not perfect, env-update may invalidate this, but until it
# is available as a sudoers setting this will have to do.
einfo "Setting secure_path ..."
# first extract the default ROOTPATH from build env
- ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
- if [[ -z ${ROOTPATH} ]] ; then
- ewarn " Failed to find ROOTPATH, please report this"
+ SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env;
+ echo "${ROOTPATH}")
+ case "${SECURE_PATH}" in
+ */usr/sbin*) ;;
+ *) SECURE_PATH=$(unset PATH;
+ . "${EPREFIX}"/etc/profile.env; echo "${PATH}")
+ ;;
+ esac
+ if [[ -z ${SECURE_PATH} ]] ; then
+ ewarn " Failed to detect SECURE_PATH, please report this"
fi
# then remove duplicate path entries
@@ -90,18 +95,18 @@ set_rootpath() {
einfo " Duplicate entry ${thisp} removed..."
fi
done
- ROOTPATH=${newpath#:}
+ SECURE_PATH=${newpath#:}
}
- cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
+ cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
# finally, strip gcc paths #136027
rmpath() {
local e newpath thisp IFS=:
- for thisp in ${ROOTPATH} ; do
+ for thisp in ${SECURE_PATH} ; do
for e ; do [[ $thisp == $e ]] && continue 2 ; done
newpath+=:$thisp
done
- ROOTPATH=${newpath#:}
+ SECURE_PATH=${newpath#:}
}
rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
@@ -109,8 +114,8 @@ set_rootpath() {
}
src_configure() {
- local ROOTPATH
- set_rootpath
+ local SECURE_PATH
+ set_secure_path
# audit: somebody got to explain me how I can test this before I
# enable it.. - Diego
@@ -123,13 +128,14 @@ src_configure() {
--with-env-editor
--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
--with-rundir="${EPREFIX}"/var/run/sudo
- $(use_with with-secure-path with-secure-path ${ROOTPATH})
+ $(use_with with-secure-path with-secure-path ${SECURE_PATH})
--with-vardir="${EPREFIX}"/var/db/sudo
--without-linux-audit
--without-opie
$(use_enable gcrypt)
$(use_enable nls)
$(use_enable openssl)
+ $(use_enable sasl)
$(use_with offensive insults)
$(use_with offensive all-insults)
$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
@@ -147,7 +153,6 @@ src_install() {
if use ldap ; then
dodoc README.LDAP
- dosbin plugins/sudoers/sudoers2ldif
cat <<-EOF > "${T}"/ldap.conf.sudo
# See ldap.conf(5) and README.LDAP for details
@@ -168,15 +173,22 @@ src_install() {
pamd_mimic system-auth sudo auth account session
- keepdir /var/db/sudo
- fperms 0700 /var/db/sudo
+ keepdir /var/db/sudo/lectured
+ fperms 0700 /var/db/sudo/lectured
+ fperms 0711 /var/db/sudo #652958
# Don't install into /var/run as that is a tmpfs most of the time
# (bug #504854)
- rm -rf "${D}"/var/run
+ rm -rf "${ED}"/var/run
}
pkg_postinst() {
+ #652958
+ local sudo_db="${EROOT}/var/db/sudo"
+ if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
+ chmod 711 "${sudo_db}" || die
+ fi
+
if use ldap ; then
ewarn
ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."