Update sudo package to 1.6.9p14. pkgsrc changes: - Explict to depends security/heimdal package when kerberos option is specified. PR pkg/37999 should be fixed. Change: 646) Sudo will now set the nproc resource limit to unlimited on Linux systems to work around Linux's setuid() resource limit semantics. On PAM systems the resource limits will be reset by pam_limits.so before the command is executed. 647) SELinux support that can be used to implement role based access control (RBAC). A role and (optional) type may be specified in sudoers or on the command line. These are then used in the security context that the command is run as. 648) Fixed a Kerberos 5 compilation problem with MIT Kerberos. Sudo 1.6.9p13 released. 649) Fixed an invalid assumption in the PAM conversation function introduced in version 1.6.9p9. The conversation function may be called for non-password reading purposes as well. 650) Fixed freeing an uninitialized pointer in -l mode, introduced in version 1.6.9p13. 651) Check /etc/sudoers after LDAP even if the user was found in LDAP. This allows Defaults options in /etc/sudoers to take effect. 652) Add missing checks for enforcing mode in SELinux RBAC mode. Sudo 1.6.9p14 released.diff -r1.108 -r1.109 pkgsrc/security/sudo/Makefile
(taca)
@@ -1,28 +1,27 @@ | @@ -1,28 +1,27 @@ | |||
1 | # $NetBSD: Makefile,v 1.108 2008/01/22 12:45:24 taca Exp $ | 1 | # $NetBSD: Makefile,v 1.109 2008/03/11 15:52:51 taca Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | DISTNAME= sudo-1.6.9p12 | 4 | DISTNAME= sudo-1.6.9p14 | |
5 | PKGREVISION= 1 | |||
6 | CATEGORIES= security | 5 | CATEGORIES= security | |
7 | MASTER_SITES= http://www.courtesan.com/sudo/dist/ \ | 6 | MASTER_SITES= http://www.courtesan.com/sudo/dist/ \ | |
8 | ftp://ftp.courtesan.com/pub/sudo/ \ | 7 | ftp://ftp.courtesan.com/pub/sudo/ \ | |
9 | ftp://ftp.uwsg.indiana.edu/pub/security/sudo/ \ | 8 | ftp://ftp.uwsg.indiana.edu/pub/security/sudo/ \ | |
10 | ftp://ftp.twaren.net/Unix/Security/Sudo/ \ | 9 | ftp://ftp.twaren.net/Unix/Security/Sudo/ \ | |
11 | http://ftp.tux.org/pub/security/sudo/ \ | 10 | http://ftp.tux.org/pub/security/sudo/ \ | |
12 | http://netmirror.org/mirror/ftp.sudo.ws/ \ | 11 | http://netmirror.org/mirror/ftp.sudo.ws/ \ | |
13 | http://www.courtesan.com/sudo/dist/OLD/ \ | 12 | http://www.courtesan.com/sudo/dist/OLD/ \ | |
14 | http://www.courtesan.com/sudo/dist/beta/ | 13 | http://www.courtesan.com/sudo/dist/beta/ | |
15 | DIST_SUBDIR= ${DISTNAME}-20080122 | 14 | DIST_SUBDIR= ${DISTNAME}-200803090 | |
16 | 15 | |||
17 | MAINTAINER= kim@tac.nyc.ny.us | 16 | MAINTAINER= kim@tac.nyc.ny.us | |
18 | HOMEPAGE= http://www.courtesan.com/sudo/ | 17 | HOMEPAGE= http://www.courtesan.com/sudo/ | |
19 | COMMENT= Allow others to run commands as root | 18 | COMMENT= Allow others to run commands as root | |
20 | 19 | |||
21 | PKG_INSTALLATION_TYPES= overwrite pkgviews | 20 | PKG_INSTALLATION_TYPES= overwrite pkgviews | |
22 | 21 | |||
23 | USE_LIBTOOL= yes | 22 | USE_LIBTOOL= yes | |
24 | OWN_DIRS+= ${VARBASE}/run | 23 | OWN_DIRS+= ${VARBASE}/run | |
25 | GNU_CONFIGURE= yes | 24 | GNU_CONFIGURE= yes | |
26 | BUILD_DEFS+= VARBASE | 25 | BUILD_DEFS+= VARBASE | |
27 | PKG_DESTDIR_SUPPORT= destdir | 26 | PKG_DESTDIR_SUPPORT= destdir | |
28 | 27 |
@@ -1,8 +1,9 @@ | @@ -1,8 +1,9 @@ | |||
1 | $NetBSD: distinfo,v 1.52 2008/01/22 12:45:24 taca Exp $ | 1 | $NetBSD: distinfo,v 1.53 2008/03/11 15:52:51 taca Exp $ | |
2 | 2 | |||
3 | SHA1 (sudo-1.6.9p12-20080122/sudo-1.6.9p12.tar.gz) = c2b07c68d2026fb3e7786b2c9a8fb0c519a830f8 | 3 | SHA1 (sudo-1.6.9p14-200803090/sudo-1.6.9p14.tar.gz) = 71ac10f51c1b3d6338ac936fe39be3009ea4dbb4 | |
4 | RMD160 (sudo-1.6.9p12-20080122/sudo-1.6.9p12.tar.gz) = fe07ead5c328b35fc0c84946d71469f4620ddd06 | 4 | RMD160 (sudo-1.6.9p14-200803090/sudo-1.6.9p14.tar.gz) = 8516c9f0a6468e07174ffda310f55013841e3fba | |
5 | Size (sudo-1.6.9p12-20080122/sudo-1.6.9p12.tar.gz) = 581936 bytes | 5 | Size (sudo-1.6.9p14-200803090/sudo-1.6.9p14.tar.gz) = 589298 bytes | |
6 | SHA1 (patch-aa) = 90e5a64fc621efc5f4bcb4bc3dc0dce44704391f | 6 | SHA1 (patch-aa) = a843d22064eb6008146443d9e9b7f0a3196705b3 | |
7 | SHA1 (patch-af) = c0a594c8b3a665dc0a84f40754a46bcd7e17ea49 | 7 | SHA1 (patch-af) = cd9eac03f4d78a5b9d2702bc7e1952a26ea8ca92 | |
8 | SHA1 (patch-ag) = c3442810139581c003e2c5d911df1bcbdcfc0008 | 8 | SHA1 (patch-ag) = a2eb0b1b0aef7325e14cbd5fed8d517b5b4eba2d | |
9 | SHA1 (patch-ai) = d28c1288955a443a726928723400b4d32d546b71 |
@@ -1,36 +1,38 @@ | @@ -1,36 +1,38 @@ | |||
1 | # $NetBSD: options.mk,v 1.14 2007/09/26 05:47:46 bjs Exp $ | 1 | # $NetBSD: options.mk,v 1.15 2008/03/11 15:52:51 taca Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | PKG_OPTIONS_VAR= PKG_OPTIONS.sudo | 4 | PKG_OPTIONS_VAR= PKG_OPTIONS.sudo | |
5 | PKG_SUPPORTED_OPTIONS= ldap | 5 | PKG_SUPPORTED_OPTIONS= ldap | |
6 | PKG_OPTIONS_OPTIONAL_GROUPS= auth | 6 | PKG_OPTIONS_OPTIONAL_GROUPS= auth | |
7 | PKG_OPTIONS_GROUP.auth= kerberos pam skey | 7 | PKG_OPTIONS_GROUP.auth= kerberos pam skey | |
8 | 8 | |||
9 | .if ${OPSYS} == "NetBSD" && exists(/usr/include/skey.h) | 9 | .if ${OPSYS} == "NetBSD" && exists(/usr/include/skey.h) | |
10 | PKG_SUGGESTED_OPTIONS= skey | 10 | PKG_SUGGESTED_OPTIONS= skey | |
11 | .endif | 11 | .endif | |
12 | 12 | |||
13 | .include "../../mk/bsd.options.mk" | 13 | .include "../../mk/bsd.options.mk" | |
14 | 14 | |||
15 | .if !empty(PKG_OPTIONS:Mpam) | 15 | .if !empty(PKG_OPTIONS:Mpam) | |
16 | . include "../../mk/pam.buildlink3.mk" | 16 | . include "../../mk/pam.buildlink3.mk" | |
17 | DL_AUTO_VARS= yes | 17 | DL_AUTO_VARS= yes | |
18 | CONFIGURE_ARGS+= --with-pam | 18 | CONFIGURE_ARGS+= --with-pam | |
19 | .else | 19 | .else | |
20 | CONFIGURE_ARGS+= --without-pam | 20 | CONFIGURE_ARGS+= --without-pam | |
21 | .endif | 21 | .endif | |
22 | 22 | |||
23 | .if !empty(PKG_OPTIONS:Mkerberos) | 23 | .if !empty(PKG_OPTIONS:Mkerberos) | |
24 | KRB5_ACCEPTED= heimdal | |||
25 | IS_BUILTIN.heimdal= no | |||
24 | . include "../../mk/krb5.buildlink3.mk" | 26 | . include "../../mk/krb5.buildlink3.mk" | |
25 | CONFIGURE_ARGS+= --without-kerb4 | 27 | CONFIGURE_ARGS+= --without-kerb4 | |
26 | CONFIGURE_ARGS+= --with-kerb5 | 28 | CONFIGURE_ARGS+= --with-kerb5 | |
27 | .else | 29 | .else | |
28 | CONFIGURE_ARGS+= --without-kerb5 | 30 | CONFIGURE_ARGS+= --without-kerb5 | |
29 | .endif | 31 | .endif | |
30 | 32 | |||
31 | .if !empty(PKG_OPTIONS:Mldap) | 33 | .if !empty(PKG_OPTIONS:Mldap) | |
32 | . include "../../databases/openldap-client/buildlink3.mk" | 34 | . include "../../databases/openldap-client/buildlink3.mk" | |
33 | DL_AUTO_VARS= yes | 35 | DL_AUTO_VARS= yes | |
34 | CONFIGURE_ARGS+= --with-ldap=${BUILDLINK_PREFIX.openldap-client} | 36 | CONFIGURE_ARGS+= --with-ldap=${BUILDLINK_PREFIX.openldap-client} | |
35 | CONFIGURE_ARGS+= --with-ldap-conf-file=${PKG_SYSCONFDIR}/ldap.conf | 37 | CONFIGURE_ARGS+= --with-ldap-conf-file=${PKG_SYSCONFDIR}/ldap.conf | |
36 | .endif | 38 | .endif |
@@ -1,52 +1,53 @@ | @@ -1,52 +1,53 @@ | |||
1 | $NetBSD: patch-aa,v 1.17 2008/01/03 23:17:48 rillig Exp $ | 1 | $NetBSD: patch-aa,v 1.18 2008/03/11 15:52:51 taca Exp $ | |
2 | 2 | |||
3 | --- Makefile.in.orig 2007-10-26 00:52:02.000000000 +0900 | 3 | --- Makefile.in.orig 2008-03-05 21:41:08.000000000 +0900 | |
4 | +++ Makefile.in | 4 | +++ Makefile.in | |
5 | @@ -186,7 +186,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c | 5 | @@ -187,7 +187,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c | |
6 | $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c | 6 | $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c | |
7 | 7 | |||
8 | sudo_noexec.la: sudo_noexec.lo | 8 | sudo_noexec.la: sudo_noexec.lo | |
9 | - $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) | 9 | - $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) | |
10 | + $(LIBTOOL) --mode=link $(CC) -module $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) | 10 | + $(LIBTOOL) --mode=link $(CC) -module $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) | |
11 | 11 | |||
12 | # Uncomment the following if you want "make distclean" to clean the parser | 12 | # Uncomment the following if you want "make distclean" to clean the parser | |
13 | @DEV@PARSESRCS = sudo.tab.h sudo.tab.c lex.yy.c def_data.c def_data.h | 13 | @DEV@PARSESRCS = sudo.tab.h sudo.tab.c lex.yy.c def_data.c def_data.h | |
14 | @@ -301,20 +301,20 @@ sudoers.man:: sudoers.man.in | 14 | @@ -303,20 +303,20 @@ sudoers.man:: sudoers.man.in | |
15 | 15 | |||
16 | sudoers.cat: sudoers.man | 16 | sudoers.cat: sudoers.man | |
17 | 17 | |||
18 | -install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man | 18 | -install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man | |
19 | +install: install-dirs install-binaries @INSTALL_NOEXEC@ install-man | 19 | +install: install-dirs install-binaries @INSTALL_NOEXEC@ install-man | |
20 | 20 | |||
21 | install-dirs: | 21 | install-dirs: | |
22 | $(SHELL) $(srcdir)/mkinstalldirs $(DESTDIR)$(sudodir) \ | 22 | $(SHELL) $(srcdir)/mkinstalldirs $(DESTDIR)$(sudodir) \ | |
23 | - $(DESTDIR)$(visudodir) $(DESTDIR)$(sudoersdir) \ | 23 | - $(DESTDIR)$(visudodir) $(DESTDIR)$(sudoersdir) \ | |
24 | + $(DESTDIR)$(visudodir) \ | 24 | + $(DESTDIR)$(visudodir) \ | |
25 | $(DESTDIR)$(mandirsu) $(DESTDIR)$(mandirform) \ | 25 | $(DESTDIR)$(mandirsu) $(DESTDIR)$(mandirform) \ | |
26 | $(DESTDIR)$(noexecdir) | 26 | $(DESTDIR)$(noexecdir) | |
27 | 27 | |||
28 | install-binaries: $(PROGS) | 28 | install-binaries: $(PROGS) | |
29 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 4111 -s sudo $(DESTDIR)$(sudodir)/sudo | 29 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 4111 -s sudo $(DESTDIR)$(sudodir)/sudo | |
30 | + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 4511 -s sudo $(DESTDIR)$(sudodir)/sudo | 30 | + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 4511 -s sudo $(DESTDIR)$(sudodir)/sudo | |
31 | rm -f $(DESTDIR)$(sudodir)/sudoedit | 31 | rm -f $(DESTDIR)$(sudodir)/sudoedit | |
32 | ln $(DESTDIR)$(sudodir)/sudo $(DESTDIR)$(sudodir)/sudoedit | 32 | ln $(DESTDIR)$(sudodir)/sudo $(DESTDIR)$(sudodir)/sudoedit | |
33 | ||||
34 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 -s visudo $(DESTDIR)$(visudodir)/visudo | 33 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 -s visudo $(DESTDIR)$(visudodir)/visudo | |
34 | -@SELINUX@ $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 -s sesh $(DESTDIR)$(libexecdir)/sesh | |||
35 | + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0511 -s visudo $(DESTDIR)$(visudodir)/visudo | 35 | + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0511 -s visudo $(DESTDIR)$(visudodir)/visudo | |
36 | +@SELINUX@ $(INSTALL) -o $(install_uid) -g $(install_gid) -M 0111 -s sesh $(DESTDIR)$(libexecdir)/sesh | |||
36 | 37 | |||
37 | install-noexec: sudo_noexec.la | 38 | install-noexec: sudo_noexec.la | |
38 | $(LIBTOOL) --mode=install $(INSTALL) sudo_noexec.la $(DESTDIR)$(noexecdir) | 39 | $(LIBTOOL) --mode=install $(INSTALL) sudo_noexec.la $(DESTDIR)$(noexecdir) | |
39 | @@ -324,15 +324,15 @@ bininst-noexec: sudo_noexec.la | 40 | @@ -326,15 +326,15 @@ bininst-noexec: sudo_noexec.la | |
40 | 41 | |||
41 | install-sudoers: | 42 | install-sudoers: | |
42 | test -f $(DESTDIR)$(sudoersdir)/sudoers || \ | 43 | test -f $(DESTDIR)$(sudoersdir)/sudoers || \ | |
43 | - $(INSTALL) -O $(sudoers_uid) -G $(sudoers_gid) -M $(sudoers_mode) \ | 44 | - $(INSTALL) -O $(sudoers_uid) -G $(sudoers_gid) -M $(sudoers_mode) \ | |
44 | + $(INSTALL) -o $(sudoers_uid) -g $(sudoers_gid) -m $(sudoers_mode) \ | 45 | + $(INSTALL) -o $(sudoers_uid) -g $(sudoers_gid) -m $(sudoers_mode) \ | |
45 | $(srcdir)/sudoers $(DESTDIR)$(sudoersdir)/sudoers | 46 | $(srcdir)/sudoers $(DESTDIR)$(sudoersdir)/sudoers | |
46 | 47 | |||
47 | install-man: | 48 | install-man: | |
48 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) | 49 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) | |
49 | + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) | 50 | + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) | |
50 | @rm -f $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu) | 51 | @rm -f $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu) | |
51 | ln $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu) | 52 | ln $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu) | |
52 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu) | 53 | - $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu) |
@@ -1,41 +1,41 @@ | @@ -1,41 +1,41 @@ | |||
1 | $NetBSD: patch-af,v 1.19 2007/11/12 11:12:16 taca Exp $ | 1 | $NetBSD: patch-af,v 1.20 2008/03/11 15:52:51 taca Exp $ | |
2 | 2 | |||
3 | --- configure.in.orig 2007-10-25 01:43:25.000000000 +0900 | 3 | --- configure.in.orig 2008-02-20 03:27:32.000000000 +0900 | |
4 | +++ configure.in | 4 | +++ configure.in | |
5 | @@ -129,7 +129,6 @@ dnl | 5 | @@ -142,7 +142,6 @@ else | |
6 | test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man' | 6 | fi | |
7 | test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin' | 7 | test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin' | |
8 | test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin' | 8 | test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin' | |
9 | -test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc' | 9 | -test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc' | |
10 | 10 | |||
11 | dnl | 11 | dnl | |
12 | dnl Deprecated --with options (these all warn or generate an error) | 12 | dnl Deprecated --with options (these all warn or generate an error) | |
13 | @@ -252,6 +251,19 @@ AC_ARG_WITH(csops, [ --with-csops | 13 | @@ -265,6 +264,19 @@ AC_ARG_WITH(csops, [ --with-csops | |
14 | ;; | 14 | ;; | |
15 | esac]) | 15 | esac]) | |
16 | 16 | |||
17 | +AC_ARG_WITH(nbsdops, [ --with-nbsdops add NetBSD standard options], | 17 | +AC_ARG_WITH(nbsdops, [ --with-nbsdops add NetBSD standard options], | |
18 | +[case $with_nbsdops in | 18 | +[case $with_nbsdops in | |
19 | + yes) echo 'Adding NetBSD standard options' | 19 | + yes) echo 'Adding NetBSD standard options' | |
20 | + CHECKSIA=false | 20 | + CHECKSIA=false | |
21 | + with_ignore_dot=yes | 21 | + with_ignore_dot=yes | |
22 | + with_env_editor=yes | 22 | + with_env_editor=yes | |
23 | + with_tty_tickets=yes | 23 | + with_tty_tickets=yes | |
24 | + ;; | 24 | + ;; | |
25 | + no) ;; | 25 | + no) ;; | |
26 | + *) echo "Ignoring unknown argument to --with-nbsdops: $with_nbsdops" | 26 | + *) echo "Ignoring unknown argument to --with-nbsdops: $with_nbsdops" | |
27 | + ;; | 27 | + ;; | |
28 | +esac]) | 28 | +esac]) | |
29 | + | 29 | + | |
30 | AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication], | 30 | AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication], | |
31 | [case $with_passwd in | 31 | [case $with_passwd in | |
32 | yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication) | 32 | yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication) | |
33 | @@ -1634,7 +1646,7 @@ fi | 33 | @@ -1661,7 +1673,7 @@ fi | |
34 | if test ${with_logincap-'no'} != "no"; then | 34 | if test ${with_logincap-'no'} != "no"; then | |
35 | AC_CHECK_HEADERS(login_cap.h, [ | 35 | AC_CHECK_HEADERS(login_cap.h, [LCMAN="" | |
36 | case "$OS" in | 36 | case "$OS" in | |
37 | - freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil" | 37 | - freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil" | |
38 | + dragonfly*|freebsd*|netbsd*) SUDO_LIBS="${SUDO_LIBS} -lutil" | 38 | + dragonfly*|freebsd*|netbsd*) SUDO_LIBS="${SUDO_LIBS} -lutil" | |
39 | ;; | 39 | ;; | |
40 | esac | 40 | esac | |
41 | ]) | 41 | ]) |
@@ -1,62 +1,62 @@ | @@ -1,62 +1,62 @@ | |||
1 | $NetBSD: patch-ag,v 1.11 2007/11/12 11:12:16 taca Exp $ | 1 | $NetBSD: patch-ag,v 1.12 2008/03/11 15:52:51 taca Exp $ | |
2 | 2 | |||
3 | --- configure.orig 2007-10-24 02:19:18.000000000 +0900 | 3 | --- configure.orig 2008-02-20 03:27:07.000000000 +0900 | |
4 | +++ configure | 4 | +++ configure | |
5 | @@ -1436,7 +1436,7 @@ Fine tuning of the installation director | 5 | @@ -1441,7 +1441,7 @@ Fine tuning of the installation director | |
6 | --bindir=DIR user executables [EPREFIX/bin] | 6 | --bindir=DIR user executables [EPREFIX/bin] | |
7 | --sbindir=DIR system admin executables [EPREFIX/sbin] | 7 | --sbindir=DIR system admin executables [EPREFIX/sbin] | |
8 | --libexecdir=DIR program executables [EPREFIX/libexec] | 8 | --libexecdir=DIR program executables [EPREFIX/libexec] | |
9 | - --sysconfdir=DIR read-only single-machine data [etc] | 9 | - --sysconfdir=DIR read-only single-machine data [etc] | |
10 | + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] | 10 | + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] | |
11 | --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] | 11 | --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] | |
12 | --localstatedir=DIR modifiable single-machine data [PREFIX/var] | 12 | --localstatedir=DIR modifiable single-machine data [PREFIX/var] | |
13 | --libdir=DIR object code libraries [EPREFIX/lib] | 13 | --libdir=DIR object code libraries [EPREFIX/lib] | |
14 | @@ -1506,6 +1506,7 @@ Optional Packages: | 14 | @@ -1511,6 +1511,7 @@ Optional Packages: | |
15 | --with-devel add development options | 15 | --with-devel add development options | |
16 | --with-efence link with -lefence for malloc() debugging | 16 | --with-efence link with -lefence for malloc() debugging | |
17 | --with-csops add CSOps standard options | 17 | --with-csops add CSOps standard options | |
18 | + --with-nbsdops add NetBSD standard options | 18 | + --with-nbsdops add NetBSD standard options | |
19 | --without-passwd don't use passwd/shadow file for authentication | 19 | --without-passwd don't use passwd/shadow file for authentication | |
20 | --with-skey=DIR enable S/Key support | 20 | --with-skey=DIR enable S/Key support | |
21 | --with-opie=DIR enable OPIE support | 21 | --with-opie=DIR enable OPIE support | |
22 | @@ -2119,7 +2120,6 @@ shadow_libs_optional= | 22 | @@ -2138,7 +2139,6 @@ else | |
23 | test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man' | 23 | fi | |
24 | test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin' | 24 | test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin' | |
25 | test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin' | 25 | test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin' | |
26 | -test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc' | 26 | -test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc' | |
27 | 27 | |||
28 | 28 | |||
29 | 29 | |||
30 | @@ -2311,6 +2311,23 @@ fi | 30 | @@ -2330,6 +2330,23 @@ fi | |
31 | 31 | |||
32 | 32 | |||
33 | 33 | |||
34 | +# Check whether --with-nbsdops or --without-nbsdops was given. | 34 | +# Check whether --with-nbsdops or --without-nbsdops was given. | |
35 | +if test "${with_nbsdops+set}" = set; then | 35 | +if test "${with_nbsdops+set}" = set; then | |
36 | + withval="$with_nbsdops" | 36 | + withval="$with_nbsdops" | |
37 | + case $with_nbsdops in | 37 | + case $with_nbsdops in | |
38 | + yes) echo 'Adding NetBSD standard options' | 38 | + yes) echo 'Adding NetBSD standard options' | |
39 | + CHECKSIA=false | 39 | + CHECKSIA=false | |
40 | + with_ignore_dot=yes | 40 | + with_ignore_dot=yes | |
41 | + with_env_editor=yes | 41 | + with_env_editor=yes | |
42 | + with_tty_tickets=yes | 42 | + with_tty_tickets=yes | |
43 | + ;; | 43 | + ;; | |
44 | + no) ;; | 44 | + no) ;; | |
45 | + *) echo "Ignoring unknown argument to --with-nbsdops: $with_nbsdops" | 45 | + *) echo "Ignoring unknown argument to --with-nbsdops: $with_nbsdops" | |
46 | + ;; | 46 | + ;; | |
47 | +esac | 47 | +esac | |
48 | +fi; | 48 | +fi; | |
49 | + | 49 | + | |
50 | + | 50 | + | |
51 | # Check whether --with-passwd was given. | 51 | # Check whether --with-passwd was given. | |
52 | if test "${with_passwd+set}" = set; then | 52 | if test "${with_passwd+set}" = set; then | |
53 | withval=$with_passwd; case $with_passwd in | 53 | withval=$with_passwd; case $with_passwd in | |
54 | @@ -13675,7 +13692,7 @@ if test `eval echo '${'$as_ac_Header'}'` | 54 | @@ -13717,7 +13734,7 @@ if test `eval echo '${'$as_ac_Header'}'` | |
55 | _ACEOF | 55 | _ACEOF | |
56 | 56 | LCMAN="" | ||
57 | case "$OS" in | 57 | case "$OS" in | |
58 | - freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil" | 58 | - freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil" | |
59 | + dragonfly*|freebsd*|netbsd*) SUDO_LIBS="${SUDO_LIBS} -lutil" | 59 | + dragonfly*|freebsd*|netbsd*) SUDO_LIBS="${SUDO_LIBS} -lutil" | |
60 | ;; | 60 | ;; | |
61 | esac | 61 | esac | |
62 | 62 |
$NetBSD: patch-ai,v 1.4 2008/03/11 15:52:51 taca Exp $
--- auth/kerb5.c.orig 2008-02-14 07:17:41.000000000 +0900
+++ auth/kerb5.c
@@ -220,11 +220,7 @@ kerb5_verify(pw, pass, auth)
done:
if (opts) {
-#ifdef HAVE_HEIMDAL
- krb5_get_init_creds_opt_free(opts);
-#else
krb5_get_init_creds_opt_free(sudo_context, opts);
-#endif
}
if (creds)
krb5_free_cred_contents(sudo_context, creds);