mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-19 21:41:05 +02:00
app-admin/sudo: Sync with the latest stable version from Gentoo
This switches from /var/run to /run to silence tmpfiles warnings.
This commit is contained in:
David Michael
parent
2114cf6b0a
commit
8fa32174f7
@ -1 +1 @@
|
||||
DIST sudo-1.8.23.tar.gz 3150674 BLAKE2B 11b1c7bfa372005cda8baf651c4662f6fd15e94ca77f7705b23ca6573424796d5c1f8e47e2874c4b54017141d01a632885ac60c92346d932537048373cad0ede SHA512 a9d61850a4857bfd075547a13efb13b054e4736e3ebe3c8a98a90a090b1d9b9688354ec9725fc99d1d256999b6f9c6ae6215ce9770fcdebd7f24731107b48342
|
||||
DIST sudo-1.8.25p1.tar.gz 3189951 BLAKE2B ebfedaad62e60f625db8c46a5c8f19977a5ec0a86bab3b34d91096c08e8b8ece056ba312f9fecd4cdd704fc17d49a36681b41cd40269df7c67cd66d80c0d8efb SHA512 b1445be688d3c1dd7efbdfab68977a7a9b6fd6887191dc99ca717117eec0a550492642556cd55ca5873d054ddc5ccc2b87b2c34602e1ffc729ab6fbc4e523a72
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
<flag name="offensive">Let sudo print insults when the user types the wrong password</flag>
|
||||
<flag name="openssl">Use SHA2 from <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2</flag>
|
||||
<flag name="sendmail">Allow sudo to send emails with sendmail</flag>
|
||||
<flag name="sssd">Add System Security Services Daemon support</flag>
|
||||
</use>
|
||||
<upstream>
|
||||
<remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id>
|
||||
|
||||
@ -1,9 +1,13 @@
|
||||
# Copyright 1999-2018 Gentoo Foundation
|
||||
# Copyright 1999-2018 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=6
|
||||
|
||||
inherit eutils pam multilib libtool
|
||||
inherit eutils pam multilib libtool tmpfiles
|
||||
if [[ ${PV} == "9999" ]] ; then
|
||||
EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
|
||||
inherit mercurial
|
||||
fi
|
||||
|
||||
MY_P=${P/_/}
|
||||
MY_P=${MY_P/beta/b}
|
||||
@ -15,36 +19,40 @@ esac
|
||||
|
||||
DESCRIPTION="Allows users or groups to run commands as other users"
|
||||
HOMEPAGE="https://www.sudo.ws/"
|
||||
SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
|
||||
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
|
||||
if [[ ${PV} != "9999" ]] ; then
|
||||
SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
|
||||
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
|
||||
if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
|
||||
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Basic license is ISC-style as-is, some files are released under
|
||||
# 3-clause BSD license
|
||||
LICENSE="ISC BSD"
|
||||
SLOT="0"
|
||||
if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
|
||||
KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris"
|
||||
fi
|
||||
IUSE="gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey sssd"
|
||||
IUSE="gcrypt ldap nls offensive openssl pam sasl selinux +sendmail skey sssd"
|
||||
|
||||
CDEPEND="
|
||||
sys-libs/zlib:=
|
||||
gcrypt? ( dev-libs/libgcrypt:= )
|
||||
openssl? ( dev-libs/openssl:0= )
|
||||
pam? ( virtual/pam )
|
||||
sasl? ( dev-libs/cyrus-sasl )
|
||||
skey? ( >=sys-auth/skey-1.1.5-r1 )
|
||||
ldap? (
|
||||
>=net-nds/openldap-2.1.30-r1
|
||||
dev-libs/cyrus-sasl
|
||||
)
|
||||
sys-libs/zlib
|
||||
openssl? ( dev-libs/openssl:0= )
|
||||
pam? ( virtual/pam )
|
||||
sasl? ( dev-libs/cyrus-sasl )
|
||||
skey? ( >=sys-auth/skey-1.1.5-r1 )
|
||||
sssd? ( sys-auth/sssd[sudo] )
|
||||
"
|
||||
RDEPEND="
|
||||
${CDEPEND}
|
||||
selinux? ( sec-policy/selinux-sudo )
|
||||
pam? ( sys-auth/pambase )
|
||||
>=app-misc/editor-wrapper-3
|
||||
virtual/editor
|
||||
ldap? ( dev-lang/perl )
|
||||
pam? ( sys-auth/pambase )
|
||||
selinux? ( sec-policy/selinux-sudo )
|
||||
sendmail? ( virtual/mta )
|
||||
"
|
||||
DEPEND="
|
||||
@ -67,16 +75,23 @@ src_prepare() {
|
||||
elibtoolize
|
||||
}
|
||||
|
||||
set_rootpath() {
|
||||
# FIXME: secure_path is a compile time setting. using ROOTPATH
|
||||
# is not perfect, env-update may invalidate this, but until it
|
||||
set_secure_path() {
|
||||
# FIXME: secure_path is a compile time setting. using PATH or
|
||||
# ROOTPATH is not perfect, env-update may invalidate this, but until it
|
||||
# is available as a sudoers setting this will have to do.
|
||||
einfo "Setting secure_path ..."
|
||||
|
||||
# first extract the default ROOTPATH from build env
|
||||
ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
|
||||
if [[ -z ${ROOTPATH} ]] ; then
|
||||
ewarn " Failed to find ROOTPATH, please report this"
|
||||
SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env;
|
||||
echo "${ROOTPATH}")
|
||||
case "${SECURE_PATH}" in
|
||||
*/usr/sbin*) ;;
|
||||
*) SECURE_PATH=$(unset PATH;
|
||||
. "${EPREFIX}"/etc/profile.env; echo "${PATH}")
|
||||
;;
|
||||
esac
|
||||
if [[ -z ${SECURE_PATH} ]] ; then
|
||||
ewarn " Failed to detect SECURE_PATH, please report this"
|
||||
fi
|
||||
|
||||
# then remove duplicate path entries
|
||||
@ -89,18 +104,18 @@ set_rootpath() {
|
||||
einfo " Duplicate entry ${thisp} removed..."
|
||||
fi
|
||||
done
|
||||
ROOTPATH=${newpath#:}
|
||||
SECURE_PATH=${newpath#:}
|
||||
}
|
||||
cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
|
||||
cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
|
||||
|
||||
# finally, strip gcc paths #136027
|
||||
rmpath() {
|
||||
local e newpath thisp IFS=:
|
||||
for thisp in ${ROOTPATH} ; do
|
||||
for thisp in ${SECURE_PATH} ; do
|
||||
for e ; do [[ $thisp == $e ]] && continue 2 ; done
|
||||
newpath+=:$thisp
|
||||
done
|
||||
ROOTPATH=${newpath#:}
|
||||
SECURE_PATH=${newpath#:}
|
||||
}
|
||||
rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
|
||||
|
||||
@ -108,8 +123,8 @@ set_rootpath() {
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
local ROOTPATH
|
||||
set_rootpath
|
||||
local SECURE_PATH
|
||||
set_secure_path
|
||||
|
||||
# audit: somebody got to explain me how I can test this before I
|
||||
# enable it.. - Diego
|
||||
@ -118,11 +133,12 @@ src_configure() {
|
||||
# basing off other values.
|
||||
myeconfargs=(
|
||||
--enable-zlib=system
|
||||
--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
|
||||
--with-editor="${EPREFIX}"/usr/libexec/editor
|
||||
--with-env-editor
|
||||
--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
|
||||
--with-rundir="${EPREFIX}"/var/run/sudo
|
||||
--with-secure-path="${ROOTPATH}"
|
||||
--with-rundir="${EPREFIX}"/run/sudo
|
||||
--with-secure-path="${SECURE_PATH}"
|
||||
--with-vardir="${EPREFIX}"/var/db/sudo
|
||||
--without-linux-audit
|
||||
--without-opie
|
||||
@ -136,9 +152,9 @@ src_configure() {
|
||||
$(use_with ldap)
|
||||
$(use_with pam)
|
||||
$(use_with skey)
|
||||
$(use_with sssd)
|
||||
$(use_with selinux)
|
||||
$(use_with sendmail)
|
||||
$(use_with sssd)
|
||||
)
|
||||
econf "${myeconfargs[@]}"
|
||||
}
|
||||
@ -161,6 +177,9 @@ src_install() {
|
||||
insinto /etc
|
||||
doins "${T}"/ldap.conf.sudo
|
||||
fperms 0440 /etc/ldap.conf.sudo
|
||||
|
||||
insinto /etc/openldap/schema
|
||||
newins doc/schema.OpenLDAP sudo.schema
|
||||
fi
|
||||
|
||||
pamd_mimic system-auth sudo auth account session
|
||||
@ -169,12 +188,14 @@ src_install() {
|
||||
fperms 0700 /var/db/sudo/lectured
|
||||
fperms 0711 /var/db/sudo #652958
|
||||
|
||||
# Don't install into /var/run as that is a tmpfs most of the time
|
||||
# Don't install into /run as that is a tmpfs most of the time
|
||||
# (bug #504854)
|
||||
rm -rf "${ED}"/var/run
|
||||
rm -rf "${ED%/}"/run
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
tmpfiles_process sudo.conf
|
||||
|
||||
#652958
|
||||
local sudo_db="${EROOT}/var/db/sudo"
|
||||
if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
|
||||
@ -1,14 +0,0 @@
|
||||
DEFINED_PHASES=configure install postinst prepare
|
||||
DEPEND=gcrypt? ( dev-libs/libgcrypt:= ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) sys-libs/zlib sys-devel/bison >=app-portage/elt-patches-20170815
|
||||
DESCRIPTION=Allows users or groups to run commands as other users
|
||||
EAPI=6
|
||||
HOMEPAGE=https://www.sudo.ws/
|
||||
IUSE=gcrypt ldap nls pam offensive openssl sasl selinux +sendmail skey sssd
|
||||
KEYWORDS=~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris
|
||||
LICENSE=ISC BSD
|
||||
RDEPEND=gcrypt? ( dev-libs/libgcrypt:= ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) sys-libs/zlib selinux? ( sec-policy/selinux-sudo ) pam? ( sys-auth/pambase ) >=app-misc/editor-wrapper-3 virtual/editor sendmail? ( virtual/mta )
|
||||
REQUIRED_USE=pam? ( !skey ) skey? ( !pam ) ?? ( gcrypt openssl )
|
||||
SLOT=0
|
||||
SRC_URI=https://www.sudo.ws/sudo/dist/sudo-1.8.23.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.23.tar.gz
|
||||
_eclasses_=desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 pam 3e788d86170dfcd5b06824d898315e18 preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
|
||||
_md5_=56028a79359e8e73d5e9c152ae1eaa31
|
||||
14
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/sudo-1.8.25_p1-r1
vendored
Normal file
14
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/sudo-1.8.25_p1-r1
vendored
Normal file
@ -0,0 +1,14 @@
|
||||
DEFINED_PHASES=configure install postinst prepare
|
||||
DEPEND=sys-libs/zlib:= gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) sys-devel/bison >=app-portage/elt-patches-20170815
|
||||
DESCRIPTION=Allows users or groups to run commands as other users
|
||||
EAPI=6
|
||||
HOMEPAGE=https://www.sudo.ws/
|
||||
IUSE=gcrypt ldap nls offensive openssl pam sasl selinux +sendmail skey sssd
|
||||
KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~sparc-solaris
|
||||
LICENSE=ISC BSD
|
||||
RDEPEND=sys-libs/zlib:= gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) >=app-misc/editor-wrapper-3 virtual/editor ldap? ( dev-lang/perl ) pam? ( sys-auth/pambase ) selinux? ( sec-policy/selinux-sudo ) sendmail? ( virtual/mta ) virtual/tmpfiles
|
||||
REQUIRED_USE=pam? ( !skey ) skey? ( !pam ) ?? ( gcrypt openssl )
|
||||
SLOT=0
|
||||
SRC_URI=https://www.sudo.ws/sudo/dist/sudo-1.8.25p1.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.25p1.tar.gz
|
||||
_eclasses_=desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 pam 3e788d86170dfcd5b06824d898315e18 preserve-libs ef207dc62baddfddfd39a164d9797648 tmpfiles c8f9ea76ade103890e42d0f339afb64c toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
|
||||
_md5_=5895eb5b166b6d00d59ca99d0d95558a
|
||||
Loading…
x
Reference in New Issue
Block a user