From 0d3e8f6618815759b14837fb66b44995ccd21997 Mon Sep 17 00:00:00 2001
From: David Michael <david.michael@coreos.com>
Date: Tue, 1 May 2018 14:31:23 -0400
Subject: [PATCH] app-admin/sudo: Apply CoreOS changes

Stabilize, adjust LDAP support, and add SSSD sudoers support.

This drops the Perl dependency for LDAP since it seems like it was
only pulled in for an optional script that is no longer present.
Also, the schema files are dropped from the installation since our
OpenLDAP package has USE=minimal which skips the schema directory.
(It still installs a default config file in /etc, but it contains
only comments since there are a few others like that already.)

Gentoo is leaving the SSSD option stalled in #525674 since 2014, so
maybe this can be moved back to portage-stable if that is merged.
Note that the proposed change there will depend on SSSD, so it will
have to be disabled in the arm64 profile in that case, unless the
SSSD packages are fixed by then.
---
 .../coreos-overlay/app-admin/sudo/sudo-1.8.23.ebuild     | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/sudo/sudo-1.8.23.ebuild b/sdk_container/src/third_party/coreos-overlay/app-admin/sudo/sudo-1.8.23.ebuild
index b67fefb0af..7378518071 100644
--- a/sdk_container/src/third_party/coreos-overlay/app-admin/sudo/sudo-1.8.23.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/app-admin/sudo/sudo-1.8.23.ebuild
@@ -23,9 +23,9 @@ SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
 LICENSE="ISC BSD"
 SLOT="0"
 if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
-	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
+	KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
 fi
-IUSE="gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey"
+IUSE="gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey sssd"
 
 CDEPEND="
 	gcrypt? ( dev-libs/libgcrypt:= )
@@ -42,7 +42,6 @@ CDEPEND="
 RDEPEND="
 	${CDEPEND}
 	selinux? ( sec-policy/selinux-sudo )
-	ldap? ( dev-lang/perl )
 	pam? ( sys-auth/pambase )
 	>=app-misc/editor-wrapper-3
 	virtual/editor
@@ -139,6 +138,7 @@ src_configure() {
 		$(use_with skey)
 		$(use_with selinux)
 		$(use_with sendmail)
+		$(use_with sssd)
 	)
 	econf "${myeconfargs[@]}"
 }
@@ -161,9 +161,6 @@ src_install() {
 		insinto /etc
 		doins "${T}"/ldap.conf.sudo
 		fperms 0440 /etc/ldap.conf.sudo
-
-		insinto /etc/openldap/schema
-		newins doc/schema.OpenLDAP sudo.schema
 	fi
 
 	pamd_mimic system-auth sudo auth account session