mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-19 21:41:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

app-admin/sudo: Sync with the latest stable version from Gentoo

Browse Source 
This switches from /var/run to /run to silence tmpfiles warnings.
This commit is contained in:
David Michael 2019-01-07 17:06:08 +00:00
parent 2114cf6b0a
commit 8fa32174f7
5 changed files with 69 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/app-admin/sudo/Manifest vendored
View File

@ -1 +1 @@
DIST sudo-1.8.23.tar.gz 3150674 BLAKE2B 11b1c7bfa372005cda8baf651c4662f6fd15e94ca77f7705b23ca6573424796d5c1f8e47e2874c4b54017141d01a632885ac60c92346d932537048373cad0ede SHA512 a9d61850a4857bfd075547a13efb13b054e4736e3ebe3c8a98a90a090b1d9b9688354ec9725fc99d1d256999b6f9c6ae6215ce9770fcdebd7f24731107b48342 DIST sudo-1.8.25p1.tar.gz 3189951 BLAKE2B ebfedaad62e60f625db8c46a5c8f19977a5ec0a86bab3b34d91096c08e8b8ece056ba312f9fecd4cdd704fc17d49a36681b41cd40269df7c67cd66d80c0d8efb SHA512 b1445be688d3c1dd7efbdfab68977a7a9b6fd6887191dc99ca717117eec0a550492642556cd55ca5873d054ddc5ccc2b87b2c34602e1ffc729ab6fbc4e523a72

1
sdk_container/src/third_party/coreos-overlay/app-admin/sudo/metadata.xml vendored
View File

@ -16,6 +16,7 @@
<flag name="offensive">Let sudo print insults when the user types the wrong password</flag> <flag name="offensive">Let sudo print insults when the user types the wrong password</flag>
<flag name="openssl">Use SHA2 from <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2</flag> <flag name="openssl">Use SHA2 from <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2</flag>
<flag name="sendmail">Allow sudo to send emails with sendmail</flag> <flag name="sendmail">Allow sudo to send emails with sendmail</flag>
<flag name="sssd">Add System Security Services Daemon support</flag>
</use> </use>
<upstream> <upstream>
<remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id> <remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id>

85
sdk_container/src/third_party/coreos-overlay/app-admin/sudo/sudo-1.8.23.ebuild → sdk_container/src/third_party/coreos-overlay/app-admin/sudo/sudo-1.8.25_p1-r1.ebuild vendored
View File

@ -1,9 +1,13 @@
# Copyright 1999-2018 Gentoo Foundation # Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
EAPI=6 EAPI=6
inherit eutils pam multilib libtool inherit eutils pam multilib libtool tmpfiles
if [[ ${PV} == "9999" ]] ; then
EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
inherit mercurial
fi
MY_P=${P/_/} MY_P=${P/_/}
MY_P=${MY_P/beta/b} MY_P=${MY_P/beta/b}
@ -15,36 +19,40 @@ esac
DESCRIPTION="Allows users or groups to run commands as other users" DESCRIPTION="Allows users or groups to run commands as other users"
HOMEPAGE="https://www.sudo.ws/" HOMEPAGE="https://www.sudo.ws/"
SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz if [[ ${PV} != "9999" ]] ; then
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz" SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
fi
fi
# Basic license is ISC-style as-is, some files are released under # Basic license is ISC-style as-is, some files are released under
# 3-clause BSD license # 3-clause BSD license
LICENSE="ISC BSD" LICENSE="ISC BSD"
SLOT="0" SLOT="0"
if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then IUSE="gcrypt ldap nls offensive openssl pam sasl selinux +sendmail skey sssd"
KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
fi
IUSE="gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey sssd"
CDEPEND=" CDEPEND="
sys-libs/zlib:=
gcrypt? ( dev-libs/libgcrypt:= ) gcrypt? ( dev-libs/libgcrypt:= )
openssl? ( dev-libs/openssl:0= )
pam? ( virtual/pam )
sasl? ( dev-libs/cyrus-sasl )
skey? ( >=sys-auth/skey-1.1.5-r1 )
ldap? ( ldap? (
>=net-nds/openldap-2.1.30-r1 >=net-nds/openldap-2.1.30-r1
dev-libs/cyrus-sasl dev-libs/cyrus-sasl
) )
sys-libs/zlib openssl? ( dev-libs/openssl:0= )
pam? ( virtual/pam )
sasl? ( dev-libs/cyrus-sasl )
skey? ( >=sys-auth/skey-1.1.5-r1 )
sssd? ( sys-auth/sssd[sudo] )
" "
RDEPEND=" RDEPEND="
${CDEPEND} ${CDEPEND}
selinux? ( sec-policy/selinux-sudo )
pam? ( sys-auth/pambase )
>=app-misc/editor-wrapper-3 >=app-misc/editor-wrapper-3
virtual/editor virtual/editor
ldap? ( dev-lang/perl )
pam? ( sys-auth/pambase )
selinux? ( sec-policy/selinux-sudo )
sendmail? ( virtual/mta ) sendmail? ( virtual/mta )
" "
DEPEND=" DEPEND="
@ -67,16 +75,23 @@ src_prepare() {
elibtoolize elibtoolize
} }
set_rootpath() { set_secure_path() {
# FIXME: secure_path is a compile time setting. using ROOTPATH # FIXME: secure_path is a compile time setting. using PATH or
# is not perfect, env-update may invalidate this, but until it # ROOTPATH is not perfect, env-update may invalidate this, but until it
# is available as a sudoers setting this will have to do. # is available as a sudoers setting this will have to do.
einfo "Setting secure_path ..." einfo "Setting secure_path ..."
# first extract the default ROOTPATH from build env # first extract the default ROOTPATH from build env
ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}") SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env;
if [[ -z ${ROOTPATH} ]] ; then echo "${ROOTPATH}")
ewarn " Failed to find ROOTPATH, please report this" case "${SECURE_PATH}" in
*/usr/sbin*) ;;
*) SECURE_PATH=$(unset PATH;
. "${EPREFIX}"/etc/profile.env; echo "${PATH}")
;;
esac
if [[ -z ${SECURE_PATH} ]] ; then
ewarn " Failed to detect SECURE_PATH, please report this"
fi fi
# then remove duplicate path entries # then remove duplicate path entries
@ -89,18 +104,18 @@ set_rootpath() {
einfo " Duplicate entry ${thisp} removed..." einfo " Duplicate entry ${thisp} removed..."
fi fi
done done
ROOTPATH=${newpath#:} SECURE_PATH=${newpath#:}
} }
cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}} cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
# finally, strip gcc paths #136027 # finally, strip gcc paths #136027
rmpath() { rmpath() {
local e newpath thisp IFS=: local e newpath thisp IFS=:
for thisp in ${ROOTPATH} ; do for thisp in ${SECURE_PATH} ; do
for e ; do [[ $thisp == $e ]] && continue 2 ; done for e ; do [[ $thisp == $e ]] && continue 2 ; done
newpath+=:$thisp newpath+=:$thisp
done done
ROOTPATH=${newpath#:} SECURE_PATH=${newpath#:}
} }
rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*' rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
@ -108,8 +123,8 @@ set_rootpath() {
} }
src_configure() { src_configure() {
local ROOTPATH local SECURE_PATH
set_rootpath set_secure_path
# audit: somebody got to explain me how I can test this before I # audit: somebody got to explain me how I can test this before I
# enable it.. - Diego # enable it.. - Diego
@ -118,11 +133,12 @@ src_configure() {
# basing off other values. # basing off other values.
myeconfargs=( myeconfargs=(
--enable-zlib=system --enable-zlib=system
--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
--with-editor="${EPREFIX}"/usr/libexec/editor --with-editor="${EPREFIX}"/usr/libexec/editor
--with-env-editor --with-env-editor
--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
--with-rundir="${EPREFIX}"/var/run/sudo --with-rundir="${EPREFIX}"/run/sudo
--with-secure-path="${ROOTPATH}" --with-secure-path="${SECURE_PATH}"
--with-vardir="${EPREFIX}"/var/db/sudo --with-vardir="${EPREFIX}"/var/db/sudo
--without-linux-audit --without-linux-audit
--without-opie --without-opie
@ -136,9 +152,9 @@ src_configure() {
$(use_with ldap) $(use_with ldap)
$(use_with pam) $(use_with pam)
$(use_with skey) $(use_with skey)
$(use_with sssd)
$(use_with selinux) $(use_with selinux)
$(use_with sendmail) $(use_with sendmail)
$(use_with sssd)
) )
econf "${myeconfargs[@]}" econf "${myeconfargs[@]}"
} }
@ -161,6 +177,9 @@ src_install() {
insinto /etc insinto /etc
doins "${T}"/ldap.conf.sudo doins "${T}"/ldap.conf.sudo
fperms 0440 /etc/ldap.conf.sudo fperms 0440 /etc/ldap.conf.sudo
insinto /etc/openldap/schema
newins doc/schema.OpenLDAP sudo.schema
fi fi
pamd_mimic system-auth sudo auth account session pamd_mimic system-auth sudo auth account session
@ -169,12 +188,14 @@ src_install() {
fperms 0700 /var/db/sudo/lectured fperms 0700 /var/db/sudo/lectured
fperms 0711 /var/db/sudo #652958 fperms 0711 /var/db/sudo #652958
# Don't install into /var/run as that is a tmpfs most of the time # Don't install into /run as that is a tmpfs most of the time
# (bug #504854) # (bug #504854)
rm -rf "${ED}"/var/run rm -rf "${ED%/}"/run
} }
pkg_postinst() { pkg_postinst() {
tmpfiles_process sudo.conf
#652958 #652958
local sudo_db="${EROOT}/var/db/sudo" local sudo_db="${EROOT}/var/db/sudo"
if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then

14
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/sudo-1.8.23 vendored
View File

@ -1,14 +0,0 @@
DEFINED_PHASES=configure install postinst prepare
DEPEND=gcrypt? ( dev-libs/libgcrypt:= ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) sys-libs/zlib sys-devel/bison >=app-portage/elt-patches-20170815
DESCRIPTION=Allows users or groups to run commands as other users
EAPI=6
HOMEPAGE=https://www.sudo.ws/
IUSE=gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey sssd
KEYWORDS=~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris
LICENSE=ISC BSD
RDEPEND=gcrypt? ( dev-libs/libgcrypt:= ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) sys-libs/zlib selinux? ( sec-policy/selinux-sudo ) pam? ( sys-auth/pambase ) >=app-misc/editor-wrapper-3 virtual/editor sendmail? ( virtual/mta )
REQUIRED_USE=pam? ( !skey ) skey? ( !pam ) ?? ( gcrypt openssl )
SLOT=0
SRC_URI=https://www.sudo.ws/sudo/dist/sudo-1.8.23.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.23.tar.gz
_eclasses_=desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 pam 3e788d86170dfcd5b06824d898315e18 preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=56028a79359e8e73d5e9c152ae1eaa31

14
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/sudo-1.8.25_p1-r1 vendored Normal file
View File

@ -0,0 +1,14 @@
DEFINED_PHASES=configure install postinst prepare
DEPEND=sys-libs/zlib:= gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) sys-devel/bison >=app-portage/elt-patches-20170815
DESCRIPTION=Allows users or groups to run commands as other users
EAPI=6
HOMEPAGE=https://www.sudo.ws/
IUSE=gcrypt ldap nls offensive openssl pam sasl selinux +sendmail skey sssd
KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris
LICENSE=ISC BSD
RDEPEND=sys-libs/zlib:= gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) >=app-misc/editor-wrapper-3 virtual/editor ldap? ( dev-lang/perl ) pam? ( sys-auth/pambase ) selinux? ( sec-policy/selinux-sudo ) sendmail? ( virtual/mta ) virtual/tmpfiles
REQUIRED_USE=pam? ( !skey ) skey? ( !pam ) ?? ( gcrypt openssl )
SLOT=0
SRC_URI=https://www.sudo.ws/sudo/dist/sudo-1.8.25p1.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.25p1.tar.gz
_eclasses_=desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 pam 3e788d86170dfcd5b06824d898315e18 preserve-libs ef207dc62baddfddfd39a164d9797648 tmpfiles c8f9ea76ade103890e42d0f339afb64c toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=5895eb5b166b6d00d59ca99d0d95558a