chore(app-admin/sudo): bump from portage

Change-Id: I84749b4afb7be7f68b1326e4645ad9fa056af644

sdk_container/src/third_party/portage-stable/app-admin/sudo/Manifest

@@ -1 +1,22 @@
-DIST sudo-1.8.3p2.tar.gz 1536943 RMD160 5a6b8574d2245cc89d2ac982eae9cb6ca2414033 SHA1 37d70b133f809116ce631229fa0e727d9f5125ad SHA256 7edcf02ef4dc4f26f524726e8faaa90d7939772c186409ab150d2934e3a9ba31
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+DIST sudo-1.8.5p2.tar.gz 1746344 SHA256 c32ae2bc3faf83444c82ca75ccb10ad3684d8222e3535f164c4a4db7cdddf8cf SHA512 616967eea79f91cda2b0cd1d13ed453d20142521ecfca289432bdf5708ac0549c7873fd80170cc0481390e82f1e60fb0bffcfc7c6b70d5d721aa98d23361c5cb WHIRLPOOL ac0d2c040935c54947571a0d4671be70aaaf7a6f69cb097acd321718656d4c569b0db4191eaf943c6b642a1d641263429287241a236a0f2a0c9edf973710bf8b
+DIST sudo-1.8.6p3.tar.gz 1854962 SHA256 8130df04268f678880c3f423337c56e7d437a0f508a46b1dfefae16b0b20c92e SHA512 239cd838afba3aa9c7123d19017e997a332e6434b744bdac1cfbdf911595b642c2b7b635761e15c4835dfa15058df7d0e003892a501288bd793c4d676f746051 WHIRLPOOL a109beab4f9709fc00fe8050468a30e73de971db0e8c2bc4d4cdf82fdbcd8e47ed939b34dc675dc700e59c12a412af203ed75b71649157d2df48af3b51c08f10
+DIST sudo-1.8.6p6.tar.gz 1857449 SHA256 d600fee5cb2e843450263a2b8f133b9921ffa00cb6b841b0da82613447cefb7c SHA512 17b7ee567fb5e24766b42a80d668e4dd3f8f3da319661cb652b0d5b2d98b4cb2f8a0e2ada14013937799896c32caf9c7ff9de6515cf20cde28510a84b8b81264 WHIRLPOOL 40b7f5cac63360516cc4e893e598f06c0cf2ed2c714eed35db5242c535e2f1f95523db4dc46b5ded2df5d439b1fcbf3c14991d64aa411b89f240d955da1f09ed
+EBUILD sudo-1.8.5_p2.ebuild 5441 SHA256 6b4d10e763688690280377221132f63ea5fe622119768d1021a5fc29fa5f299c SHA512 6230aaa9ed2d9feca2a100de1d086f4cabcb5006d58865d20c7db97b597c0e1a69e2a390c9167331d79cc9ff0b9da168419a727cf2da84b8817fe498f43440cd WHIRLPOOL e217dd1e7ee40cd4939f6eade3ade8cd9ec4dc58abfccc3673333b17ddf25ee29b1519ad3d0c659c9d95f05bf149b55b777758482b8a78aab4448c6a909f92bf
+EBUILD sudo-1.8.6_p3.ebuild 5444 SHA256 2dbdfd842222aaa58d8278d3005984931c015e4809c3b198806ad0c54bb40e82 SHA512 75de9ada12b3f1659aa7707a02cbadf63eb16a4954ea171d2b697650070b62d04727b152931466e95a5270949e2bb3edacc6196a793d9f47d8616c5d01f20e1a WHIRLPOOL 5ea4cb05f23f46df63c7da1b77a4fed79efdf6cd4ee6321303d05f0bd6599a9bfd486632ce89f2b08c7f23d15ab63b5e22068cc392feb2bf83e904151fa27bc1
+EBUILD sudo-1.8.6_p6.ebuild 5457 SHA256 697b68a17d5386832a7a2a10256f81b5d6e601e276a95fadb13dd2793e879f7e SHA512 5ab40f2493abd98b3b6d35019fbd8f92b052c9a92925c343eb7f2a2ec70f02f94f685824298741108877e6fbeff11a8e0669e6b08272054a70a34166e8a3f172 WHIRLPOOL 9afa16dddd2dd860f1ef139e80c6fa1fb99d238be2c1309a44e0339180ee39b6cdabc70695afc53668ab85993fae8adf4efc323eb93809a561db24ffd33866ad
+MISC ChangeLog 49051 SHA256 744b2ea56bd52a744c37347a3f6252dd2873e89ccc238924ea005de495374fab SHA512 f15eb9b7335f997046106760868ab50deea241b9b2c333782bbb33dc0512790a14b8ec376084d761c9a46a2a86ded261adfb978c38d585ce0cc5ac0ae56d41c2 WHIRLPOOL 2a7c2ade3128f2d7baa9d5947246cdf161eccfcd14585f4ebcc2d58e22aa439d316ac73afe7f374b3538a39a5f6c955aff87c9f9b20f037c7d08609c608e2f72
+MISC metadata.xml 560 SHA256 465d0ea14b7db3ecd0bad7c175f9e17003794145f5f59c4941f848960c91048a SHA512 97bdce0d3972fd6f8ae58ddcb87c002a0384a6f6392347f5035f4f16581e665f3121d5ab5abdea1a9ec87122b10310f0ff99697de1749b418f61cc92217c58be WHIRLPOOL a7cddcabfcb73965df21adbe163117549eea126d424e065f14ab0cec76ad608a6b4506be013e2709e071e2e1d370c7c4188a8eb0aafba9f9b16266373fc29f80
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.19 (GNU/Linux)
+
+iQEcBAEBCAAGBQJRC/iKAAoJEBzRPIrUMBNCWsMH/2lfqcuuM0K8iz1S+NqGEd4p
+QQWQanCUBmU4dZhUaPQs0Z8t+4vcOeWo2NV6jIg1aleZAFuUZ9uUpiqjQMcqoV53
+E7cQw4lP+f+yIl4bRTGT0NVhQyboF4AQdJp+ACmzJv8rfYVR0J3hIsoV/6zvA3Ha
+BIGpIaZ4kOdyVFs6jo4ZWkLdmjHNehwDm+CNJNA3Hzjb8hbTz3TLD7XCEOBsUXfS
+a9HLZfWlfcVWxHpHQheo8wcemQBkZqx/F210oa1o70J1MfV0PJXXdR+gAsAJt19u
+m83AIFTjryz5rsoVoSzX+gHh+yU15anZWnLh0siQ7UYl8RWEuos1d0MMGMJ4NWs=
+=52oH
+-----END PGP SIGNATURE-----

sdk_container/src/third_party/portage-stable/app-admin/sudo/metadata.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <herd>base-system</herd>
+  <longdescription lang="en">
+    Sudo (superuser do) allows a system administrator to give certain
+    users (or groups of users) the ability to run some (or all)
+    commands as root or another user while logging the commands and
+    arguments.
+  </longdescription>
+  <use>
+    <flag name='offensive'>
+      Let sudo print insults when the user types the wrong password.
+    </flag>
+  </use>
+</pkgmetadata>

sdk_container/src/third_party/portage-stable/app-admin/sudo/sudo-1.8.5_p2.ebuild

@@ -0,0 +1,190 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.5_p2.ebuild,v 1.3 2012/09/29 10:17:44 ulm Exp $
+
+EAPI="4"
+
+inherit eutils pam multilib libtool
+
+MY_P=${P/_/}
+MY_P=${MY_P/beta/b}
+
+uri_prefix=
+case ${P} in
+*_beta*|*_rc*) uri_prefix=beta/ ;;
+esac
+
+DESCRIPTION="Allows users or groups to run commands as other users"
+HOMEPAGE="http://www.sudo.ws/"
+SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
+	ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
+
+# Basic license is ISC-style as-is, some files are released under
+# 3-clause BSD license
+LICENSE="ISC BSD"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
+IUSE="ldap nls pam offensive selinux skey"
+
+DEPEND="pam? ( virtual/pam )
+	skey? ( >=sys-auth/skey-1.1.5-r1 )
+	ldap? (
+		>=net-nds/openldap-2.1.30-r1
+		dev-libs/cyrus-sasl
+	)
+	sys-libs/zlib"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-sudo )
+	ldap? ( dev-lang/perl )
+	pam? ( sys-auth/pambase )
+	>=app-misc/editor-wrapper-3
+	virtual/editor
+	virtual/mta"
+DEPEND="${DEPEND}
+	sys-devel/bison"
+
+S=${WORKDIR}/${MY_P}
+
+REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
+
+MAKEOPTS+=" SAMPLES="
+
+src_prepare() {
+	elibtoolize
+}
+
+set_rootpath() {
+	# FIXME: secure_path is a compile time setting. using ROOTPATH
+	# is not perfect, env-update may invalidate this, but until it
+	# is available as a sudoers setting this will have to do.
+	einfo "Setting secure_path ..."
+
+	# first extract the default ROOTPATH from build env
+	ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
+	if [[ -z ${ROOTPATH} ]] ; then
+		ewarn "	Failed to find ROOTPATH, please report this"
+	fi
+
+	# then remove duplicate path entries
+	cleanpath() {
+		local newpath thisp IFS=:
+		for thisp in $1 ; do
+			if [[ :${newpath}: != *:${thisp}:* ]] ; then
+				newpath+=:$thisp
+			else
+				einfo "   Duplicate entry ${thisp} removed..."
+			fi
+		done
+		ROOTPATH=${newpath#:}
+	}
+	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
+
+	# finally, strip gcc paths #136027
+	rmpath() {
+		local e newpath thisp IFS=:
+		for thisp in ${ROOTPATH} ; do
+			for e ; do [[ $thisp == $e ]] && continue 2 ; done
+			newpath+=:$thisp
+		done
+		ROOTPATH=${newpath#:}
+	}
+	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
+
+	einfo "... done"
+}
+
+src_configure() {
+	local ROOTPATH
+	set_rootpath
+
+	# audit: somebody got to explain me how I can test this before I
+	# enable it.. - Diego
+	# plugindir: autoconf code is crappy and does not delay evaluation
+	# until `make` time, so we have to use a full path here rather than
+	# basing off other values.
+	econf \
+		--enable-zlib=system \
+		--with-secure-path="${ROOTPATH}" \
+		--with-editor="${EPREFIX}"/usr/libexec/editor \
+		--with-env-editor \
+		$(use_with offensive insults) \
+		$(use_with offensive all-insults) \
+		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
+		$(use_with ldap) \
+		$(use_enable nls) \
+		$(use_with pam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		--without-opie \
+		--without-linux-audit \
+		--with-timedir="${EPREFIX}"/var/db/sudo \
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
+		--docdir="${EPREFIX}"/usr/share/doc/${PF}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+
+	if use ldap ; then
+		dodoc README.LDAP doc/schema.OpenLDAP
+		dosbin plugins/sudoers/sudoers2ldif
+
+		cat <<-EOF > "${T}"/ldap.conf.sudo
+		# See ldap.conf(5) and README.LDAP for details
+		# This file should only be readable by root
+
+		# supported directives: host, port, ssl, ldap_version
+		# uri, binddn, bindpw, sudoers_base, sudoers_debug
+		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
+		EOF
+
+		insinto /etc
+		doins "${T}"/ldap.conf.sudo
+		fperms 0440 /etc/ldap.conf.sudo
+	fi
+
+	pamd_mimic system-auth sudo auth account session
+
+	keepdir /var/db/sudo
+	fperms 0700 /var/db/sudo
+}
+
+pkg_postinst() {
+	if use ldap ; then
+		ewarn
+		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
+		ewarn
+		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
+			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
+			ewarn "configured in /etc/nsswitch.conf."
+			ewarn
+			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
+			ewarn "  sudoers: ldap files"
+			ewarn
+		fi
+	fi
+	if use prefix ; then
+		ewarn
+		ewarn "To use sudo, you need to change file ownership and permissions"
+		ewarn "with root privileges, as follows:"
+		ewarn
+		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
+		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
+		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
+		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
+		ewarn
+	fi
+
+	elog "To use the -A (askpass) option, you need to install a compatible"
+	elog "password program from the following list. Starred packages will"
+	elog "automatically register for the use with sudo (but will not force"
+	elog "the -A option):"
+	elog ""
+	elog " [*] net-misc/ssh-askpass-fullscreen"
+	elog "     net-misc/x11-ssh-askpass"
+	elog ""
+	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
+	elog "variable to the program you want to use."
+}

sdk_container/src/third_party/portage-stable/app-admin/sudo/sudo-1.8.6_p3.ebuild

@@ -0,0 +1,190 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.6_p3.ebuild,v 1.10 2013/01/22 17:34:33 ago Exp $
+
+EAPI=4
+
+inherit eutils pam multilib libtool
+
+MY_P=${P/_/}
+MY_P=${MY_P/beta/b}
+
+uri_prefix=
+case ${P} in
+*_beta*|*_rc*) uri_prefix=beta/ ;;
+esac
+
+DESCRIPTION="Allows users or groups to run commands as other users"
+HOMEPAGE="http://www.sudo.ws/"
+SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
+	ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
+
+# Basic license is ISC-style as-is, some files are released under
+# 3-clause BSD license
+LICENSE="ISC BSD"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
+IUSE="ldap nls pam offensive selinux skey"
+
+DEPEND="pam? ( virtual/pam )
+	skey? ( >=sys-auth/skey-1.1.5-r1 )
+	ldap? (
+		>=net-nds/openldap-2.1.30-r1
+		dev-libs/cyrus-sasl
+	)
+	sys-libs/zlib"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-sudo )
+	ldap? ( dev-lang/perl )
+	pam? ( sys-auth/pambase )
+	>=app-misc/editor-wrapper-3
+	virtual/editor
+	virtual/mta"
+DEPEND="${DEPEND}
+	sys-devel/bison"
+
+S=${WORKDIR}/${MY_P}
+
+REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
+
+MAKEOPTS+=" SAMPLES="
+
+src_prepare() {
+	elibtoolize
+}
+
+set_rootpath() {
+	# FIXME: secure_path is a compile time setting. using ROOTPATH
+	# is not perfect, env-update may invalidate this, but until it
+	# is available as a sudoers setting this will have to do.
+	einfo "Setting secure_path ..."
+
+	# first extract the default ROOTPATH from build env
+	ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
+	if [[ -z ${ROOTPATH} ]] ; then
+		ewarn "	Failed to find ROOTPATH, please report this"
+	fi
+
+	# then remove duplicate path entries
+	cleanpath() {
+		local newpath thisp IFS=:
+		for thisp in $1 ; do
+			if [[ :${newpath}: != *:${thisp}:* ]] ; then
+				newpath+=:$thisp
+			else
+				einfo "   Duplicate entry ${thisp} removed..."
+			fi
+		done
+		ROOTPATH=${newpath#:}
+	}
+	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
+
+	# finally, strip gcc paths #136027
+	rmpath() {
+		local e newpath thisp IFS=:
+		for thisp in ${ROOTPATH} ; do
+			for e ; do [[ $thisp == $e ]] && continue 2 ; done
+			newpath+=:$thisp
+		done
+		ROOTPATH=${newpath#:}
+	}
+	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
+
+	einfo "... done"
+}
+
+src_configure() {
+	local ROOTPATH
+	set_rootpath
+
+	# audit: somebody got to explain me how I can test this before I
+	# enable it.. - Diego
+	# plugindir: autoconf code is crappy and does not delay evaluation
+	# until `make` time, so we have to use a full path here rather than
+	# basing off other values.
+	econf \
+		--enable-zlib=system \
+		--with-secure-path="${ROOTPATH}" \
+		--with-editor="${EPREFIX}"/usr/libexec/editor \
+		--with-env-editor \
+		$(use_with offensive insults) \
+		$(use_with offensive all-insults) \
+		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
+		$(use_with ldap) \
+		$(use_enable nls) \
+		$(use_with pam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		--without-opie \
+		--without-linux-audit \
+		--with-timedir="${EPREFIX}"/var/db/sudo \
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
+		--docdir="${EPREFIX}"/usr/share/doc/${PF}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+
+	if use ldap ; then
+		dodoc README.LDAP doc/schema.OpenLDAP
+		dosbin plugins/sudoers/sudoers2ldif
+
+		cat <<-EOF > "${T}"/ldap.conf.sudo
+		# See ldap.conf(5) and README.LDAP for details
+		# This file should only be readable by root
+
+		# supported directives: host, port, ssl, ldap_version
+		# uri, binddn, bindpw, sudoers_base, sudoers_debug
+		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
+		EOF
+
+		insinto /etc
+		doins "${T}"/ldap.conf.sudo
+		fperms 0440 /etc/ldap.conf.sudo
+	fi
+
+	pamd_mimic system-auth sudo auth account session
+
+	keepdir /var/db/sudo
+	fperms 0700 /var/db/sudo
+}
+
+pkg_postinst() {
+	if use ldap ; then
+		ewarn
+		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
+		ewarn
+		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
+			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
+			ewarn "configured in /etc/nsswitch.conf."
+			ewarn
+			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
+			ewarn "  sudoers: ldap files"
+			ewarn
+		fi
+	fi
+	if use prefix ; then
+		ewarn
+		ewarn "To use sudo, you need to change file ownership and permissions"
+		ewarn "with root privileges, as follows:"
+		ewarn
+		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
+		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
+		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
+		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
+		ewarn
+	fi
+
+	elog "To use the -A (askpass) option, you need to install a compatible"
+	elog "password program from the following list. Starred packages will"
+	elog "automatically register for the use with sudo (but will not force"
+	elog "the -A option):"
+	elog ""
+	elog " [*] net-misc/ssh-askpass-fullscreen"
+	elog "     net-misc/x11-ssh-askpass"
+	elog ""
+	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
+	elog "variable to the program you want to use."
+}

sdk_container/src/third_party/portage-stable/app-admin/sudo/sudo-1.8.6_p6.ebuild

@@ -0,0 +1,190 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.8.6_p6.ebuild,v 1.1 2013/02/01 17:16:32 flameeyes Exp $
+
+EAPI=4
+
+inherit eutils pam multilib libtool
+
+MY_P=${P/_/}
+MY_P=${MY_P/beta/b}
+
+uri_prefix=
+case ${P} in
+*_beta*|*_rc*) uri_prefix=beta/ ;;
+esac
+
+DESCRIPTION="Allows users or groups to run commands as other users"
+HOMEPAGE="http://www.sudo.ws/"
+SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
+	ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
+
+# Basic license is ISC-style as-is, some files are released under
+# 3-clause BSD license
+LICENSE="ISC BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
+IUSE="ldap nls pam offensive selinux skey"
+
+DEPEND="pam? ( virtual/pam )
+	skey? ( >=sys-auth/skey-1.1.5-r1 )
+	ldap? (
+		>=net-nds/openldap-2.1.30-r1
+		dev-libs/cyrus-sasl
+	)
+	sys-libs/zlib"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-sudo )
+	ldap? ( dev-lang/perl )
+	pam? ( sys-auth/pambase )
+	>=app-misc/editor-wrapper-3
+	virtual/editor
+	virtual/mta"
+DEPEND="${DEPEND}
+	sys-devel/bison"
+
+S=${WORKDIR}/${MY_P}
+
+REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
+
+MAKEOPTS+=" SAMPLES="
+
+src_prepare() {
+	elibtoolize
+}
+
+set_rootpath() {
+	# FIXME: secure_path is a compile time setting. using ROOTPATH
+	# is not perfect, env-update may invalidate this, but until it
+	# is available as a sudoers setting this will have to do.
+	einfo "Setting secure_path ..."
+
+	# first extract the default ROOTPATH from build env
+	ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
+	if [[ -z ${ROOTPATH} ]] ; then
+		ewarn "	Failed to find ROOTPATH, please report this"
+	fi
+
+	# then remove duplicate path entries
+	cleanpath() {
+		local newpath thisp IFS=:
+		for thisp in $1 ; do
+			if [[ :${newpath}: != *:${thisp}:* ]] ; then
+				newpath+=:$thisp
+			else
+				einfo "   Duplicate entry ${thisp} removed..."
+			fi
+		done
+		ROOTPATH=${newpath#:}
+	}
+	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
+
+	# finally, strip gcc paths #136027
+	rmpath() {
+		local e newpath thisp IFS=:
+		for thisp in ${ROOTPATH} ; do
+			for e ; do [[ $thisp == $e ]] && continue 2 ; done
+			newpath+=:$thisp
+		done
+		ROOTPATH=${newpath#:}
+	}
+	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
+
+	einfo "... done"
+}
+
+src_configure() {
+	local ROOTPATH
+	set_rootpath
+
+	# audit: somebody got to explain me how I can test this before I
+	# enable it.. - Diego
+	# plugindir: autoconf code is crappy and does not delay evaluation
+	# until `make` time, so we have to use a full path here rather than
+	# basing off other values.
+	econf \
+		--enable-zlib=system \
+		--with-secure-path="${ROOTPATH}" \
+		--with-editor="${EPREFIX}"/usr/libexec/editor \
+		--with-env-editor \
+		$(use_with offensive insults) \
+		$(use_with offensive all-insults) \
+		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
+		$(use_with ldap) \
+		$(use_enable nls) \
+		$(use_with pam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		--without-opie \
+		--without-linux-audit \
+		--with-timedir="${EPREFIX}"/var/db/sudo \
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
+		--docdir="${EPREFIX}"/usr/share/doc/${PF}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+
+	if use ldap ; then
+		dodoc README.LDAP doc/schema.OpenLDAP
+		dosbin plugins/sudoers/sudoers2ldif
+
+		cat <<-EOF > "${T}"/ldap.conf.sudo
+		# See ldap.conf(5) and README.LDAP for details
+		# This file should only be readable by root
+
+		# supported directives: host, port, ssl, ldap_version
+		# uri, binddn, bindpw, sudoers_base, sudoers_debug
+		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
+		EOF
+
+		insinto /etc
+		doins "${T}"/ldap.conf.sudo
+		fperms 0440 /etc/ldap.conf.sudo
+	fi
+
+	pamd_mimic system-auth sudo auth account session
+
+	keepdir /var/db/sudo
+	fperms 0700 /var/db/sudo
+}
+
+pkg_postinst() {
+	if use ldap ; then
+		ewarn
+		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
+		ewarn
+		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
+			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
+			ewarn "configured in /etc/nsswitch.conf."
+			ewarn
+			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
+			ewarn "  sudoers: ldap files"
+			ewarn
+		fi
+	fi
+	if use prefix ; then
+		ewarn
+		ewarn "To use sudo, you need to change file ownership and permissions"
+		ewarn "with root privileges, as follows:"
+		ewarn
+		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
+		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
+		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
+		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
+		ewarn
+	fi
+
+	elog "To use the -A (askpass) option, you need to install a compatible"
+	elog "password program from the following list. Starred packages will"
+	elog "automatically register for the use with sudo (but will not force"
+	elog "the -A option):"
+	elog ""
+	elog " [*] net-misc/ssh-askpass-fullscreen"
+	elog "     net-misc/x11-ssh-askpass"
+	elog ""
+	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
+	elog "variable to the program you want to use."
+}