/[gentoo-x86]/app-admin/sudo/sudo-1.8.12.ebuild
Gentoo

Contents of /app-admin/sudo/sudo-1.8.12.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.10 - (show annotations) (download)
Sat Apr 11 15:06:13 2015 UTC (4 years, 9 months ago) by zlogene
Branch: MAIN
CVS Tags: HEAD
Changes since 1.9: +2 -2 lines
ia64/ppc stable wrt bug #539532

(Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key 0xC42EB5D6)

1 # Copyright 1999-2015 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.12.ebuild,v 1.9 2015/04/10 21:54:14 blueness Exp $
4
5 EAPI=5
6
7 inherit eutils pam multilib libtool
8
9 MY_P=${P/_/}
10 MY_P=${MY_P/beta/b}
11
12 uri_prefix=
13 case ${P} in
14 *_beta*|*_rc*) uri_prefix=beta/ ;;
15 esac
16
17 DESCRIPTION="Allows users or groups to run commands as other users"
18 HOMEPAGE="http://www.sudo.ws/"
19 SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
20 ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
21
22 # Basic license is ISC-style as-is, some files are released under
23 # 3-clause BSD license
24 LICENSE="ISC BSD"
25 SLOT="0"
26 KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
27 IUSE="ldap nls pam offensive selinux skey +sendmail"
28
29 DEPEND="pam? ( virtual/pam )
30 skey? ( >=sys-auth/skey-1.1.5-r1 )
31 ldap? (
32 >=net-nds/openldap-2.1.30-r1
33 dev-libs/cyrus-sasl
34 )
35 sys-libs/zlib"
36 RDEPEND="${DEPEND}
37 selinux? ( sec-policy/selinux-sudo )
38 ldap? ( dev-lang/perl )
39 pam? ( sys-auth/pambase )
40 >=app-misc/editor-wrapper-3
41 virtual/editor
42 sendmail? ( virtual/mta )"
43 DEPEND="${DEPEND}
44 sys-devel/bison"
45
46 S=${WORKDIR}/${MY_P}
47
48 REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
49
50 MAKEOPTS+=" SAMPLES="
51
52 src_prepare() {
53 epatch "${FILESDIR}"/${P}-include-sys-types-h.patch
54 elibtoolize
55 }
56
57 set_rootpath() {
58 # FIXME: secure_path is a compile time setting. using ROOTPATH
59 # is not perfect, env-update may invalidate this, but until it
60 # is available as a sudoers setting this will have to do.
61 einfo "Setting secure_path ..."
62
63 # first extract the default ROOTPATH from build env
64 ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
65 if [[ -z ${ROOTPATH} ]] ; then
66 ewarn " Failed to find ROOTPATH, please report this"
67 fi
68
69 # then remove duplicate path entries
70 cleanpath() {
71 local newpath thisp IFS=:
72 for thisp in $1 ; do
73 if [[ :${newpath}: != *:${thisp}:* ]] ; then
74 newpath+=:$thisp
75 else
76 einfo " Duplicate entry ${thisp} removed..."
77 fi
78 done
79 ROOTPATH=${newpath#:}
80 }
81 cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
82
83 # finally, strip gcc paths #136027
84 rmpath() {
85 local e newpath thisp IFS=:
86 for thisp in ${ROOTPATH} ; do
87 for e ; do [[ $thisp == $e ]] && continue 2 ; done
88 newpath+=:$thisp
89 done
90 ROOTPATH=${newpath#:}
91 }
92 rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
93
94 einfo "... done"
95 }
96
97 src_configure() {
98 local ROOTPATH
99 set_rootpath
100
101 # audit: somebody got to explain me how I can test this before I
102 # enable it.. - Diego
103 # plugindir: autoconf code is crappy and does not delay evaluation
104 # until `make` time, so we have to use a full path here rather than
105 # basing off other values.
106 econf \
107 --enable-zlib=system \
108 --with-secure-path="${ROOTPATH}" \
109 --with-editor="${EPREFIX}"/usr/libexec/editor \
110 --with-env-editor \
111 $(use_with offensive insults) \
112 $(use_with offensive all-insults) \
113 $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
114 $(use_with ldap) \
115 $(use_enable nls) \
116 $(use_with pam) \
117 $(use_with skey) \
118 $(use_with selinux) \
119 $(use_with sendmail) \
120 --without-opie \
121 --without-linux-audit \
122 --with-rundir="${EPREFIX}"/var/run/sudo \
123 --with-vardir="${EPREFIX}"/var/db/sudo \
124 --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
125 --docdir="${EPREFIX}"/usr/share/doc/${PF}
126 }
127
128 src_install() {
129 default
130
131 if use ldap ; then
132 dodoc README.LDAP doc/schema.OpenLDAP
133 dosbin plugins/sudoers/sudoers2ldif
134
135 cat <<-EOF > "${T}"/ldap.conf.sudo
136 # See ldap.conf(5) and README.LDAP for details
137 # This file should only be readable by root
138
139 # supported directives: host, port, ssl, ldap_version
140 # uri, binddn, bindpw, sudoers_base, sudoers_debug
141 # tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
142 EOF
143
144 insinto /etc
145 doins "${T}"/ldap.conf.sudo
146 fperms 0440 /etc/ldap.conf.sudo
147 fi
148
149 pamd_mimic system-auth sudo auth account session
150
151 keepdir /var/db/sudo
152 fperms 0700 /var/db/sudo
153
154 # Don't install into /var/run as that is a tmpfs most of the time
155 # (bug #504854)
156 rm -rf "${D}"/var/run
157 }
158
159 pkg_postinst() {
160 if use ldap ; then
161 ewarn
162 ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
163 ewarn
164 if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
165 ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
166 ewarn "configured in /etc/nsswitch.conf."
167 ewarn
168 ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
169 ewarn " sudoers: ldap files"
170 ewarn
171 fi
172 fi
173 if use prefix ; then
174 ewarn
175 ewarn "To use sudo, you need to change file ownership and permissions"
176 ewarn "with root privileges, as follows:"
177 ewarn
178 ewarn " # chown root:root ${EPREFIX}/usr/bin/sudo"
179 ewarn " # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
180 ewarn " # chown root:root ${EPREFIX}/etc/sudoers"
181 ewarn " # chown root:root ${EPREFIX}/etc/sudoers.d"
182 ewarn " # chown root:root ${EPREFIX}/var/db/sudo"
183 ewarn " # chmod 4111 ${EPREFIX}/usr/bin/sudo"
184 ewarn
185 fi
186
187 elog "To use the -A (askpass) option, you need to install a compatible"
188 elog "password program from the following list. Starred packages will"
189 elog "automatically register for the use with sudo (but will not force"
190 elog "the -A option):"
191 elog ""
192 elog " [*] net-misc/ssh-askpass-fullscreen"
193 elog " net-misc/x11-ssh-askpass"
194 elog ""
195 elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
196 elog "variable to the program you want to use."
197 }

  ViewVC Help
Powered by ViewVC 1.1.20