41dc73c1f8
What's new in Sudo 1.7.10p7? * A time stamp file with the date set to the epoch by "sudo -k" is now completely ignored regardless of what the local clock is set to. Previously, if the local clock was set to a value between the epoch and the time stamp timeout value, a time stamp reset by "sudo -k" would be considered current. What's new in Sudo 1.7.10p6? * The tty-specific time stamp file now includes the session ID of the sudo process that created it. If a process with the same tty but a different session ID runs sudo, the user will now be prompted for a password (assuming authentication is required for the command). What's new in Sudo 1.7.10p5? * On systems where the controlling tty can be determined via /proc or sysctl(), sudo will no longer fall back to using ttyname() if the process has no controlling tty. This prevents sudo from using a non-controlling tty for logging and time stamp purposes. What's new in Sudo 1.7.10? * If the user is a member of the "exempt" group in sudoers, they will no longer be prompted for a password even if the -k flag is specified with the command. This makes "sudo -k command" consistent with the behavior one would get if the user ran "sudo -k" immediately before running the command. * The sudoers file may now be a symbolic link. Previously, sudo would refuse to read sudoers unless it was a regular file. * The user/group/mode checks on sudoers files have been relaxed. As long as the file is owned by the sudoers uid, not world-writable and not writable by a group other than the sudoers gid, the file is considered OK. Note that visudo will still set the mode to the value specified at configure time. * /etc/environment is no longer read directly on Linux systems when PAM is used. Sudo now merges the PAM environment into the user's environment which is typically set by the pam_env module. * The initial evironment created when env_reset is in effect now includes the contents of /etc/environment on AIX systems and the "setenv" and "path" entries from /etc/login.conf on BSD systems. * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo file is now uses to determine the controlling terminal, if possible. This allows tty-based tickets to work properly even when, e.g. standard input, output and error are redirected to /dev/null. * The sudoreplay command can now properly replay sessions where no tty was present. * Fixed a race condition that could cause sudo to receive SIGTTOU (and stop) when resuming a shell that was run via sudo when I/O logging (and use_pty) is not enabled.
56 lines
1.7 KiB
Makefile
56 lines
1.7 KiB
Makefile
# $NetBSD: Makefile,v 1.140 2013/03/01 14:24:57 kim Exp $
|
|
#
|
|
|
|
DISTNAME= sudo-1.7.10p7
|
|
CATEGORIES= security
|
|
MASTER_SITES= http://www.sudo.ws/dist/ \
|
|
ftp://ftp.sudo.ws/pub/sudo/ \
|
|
ftp://ftp.uwsg.indiana.edu/pub/security/sudo/ \
|
|
ftp://ftp.twaren.net/Unix/Security/Sudo/ \
|
|
http://ftp.tux.org/pub/security/sudo/
|
|
|
|
MAINTAINER= kim@tac.nyc.ny.us
|
|
HOMEPAGE= http://www.sudo.ws/
|
|
COMMENT= Allow others to run commands as root
|
|
LICENSE= isc AND modified-bsd
|
|
|
|
PKG_INSTALLATION_TYPES= overwrite pkgviews
|
|
|
|
USE_LIBTOOL= yes
|
|
OWN_DIRS+= ${VARBASE}/run
|
|
GNU_CONFIGURE= yes
|
|
BUILD_DEFS+= VARBASE
|
|
PLIST_VARS+= ldap
|
|
|
|
.include "../../mk/bsd.prefs.mk"
|
|
|
|
# to always install man instead of cat
|
|
CONFIGURE_ENV+= NROFFPROG=${CAT:Q}
|
|
CONFIGURE_ENV+= mansectsu=8
|
|
CONFIGURE_ENV+= mansectform=5
|
|
CONFIGURE_ARGS+= --disable-root-mailer --with-ignore-dot
|
|
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
|
|
CONFIGURE_ARGS+= --with-timedir=${VARBASE}/run/sudo
|
|
CONFIGURE_ARGS+= --with-logpath=${VARBASE}/log/sudo.log
|
|
|
|
.include "options.mk"
|
|
|
|
CONFIGURE_ARGS+= --with-nbsdops --disable-path-info
|
|
|
|
DOCDIR= share/doc/${PKGBASE}
|
|
EGDIR= share/examples/${PKGBASE}
|
|
CONF_FILES_PERMS= ${EGDIR}/sudoers ${PKG_SYSCONFDIR}/sudoers \
|
|
${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 0440
|
|
OWN_DIRS+= ${PKG_SYSCONFDIR}/sudoers.d
|
|
SPECIAL_PERMS+= bin/sudo ${SETUID_ROOT_PERMS}
|
|
SPECIAL_PERMS+= bin/sudoreplay ${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 511
|
|
|
|
INSTALLATION_DIRS+= ${DOCDIR} ${EGDIR}
|
|
|
|
post-install:
|
|
${INSTALL_DATA} ${WRKSRC}/UPGRADE ${DESTDIR}${PREFIX}/${DOCDIR}
|
|
${INSTALL_DATA} ${WRKSRC}/sudoers ${DESTDIR}${PREFIX}/${EGDIR}/sudoers
|
|
${INSTALL_DATA} ${WRKSRC}/README ${DESTDIR}${PREFIX}/${DOCDIR}
|
|
|
|
.include "../../devel/zlib/buildlink3.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|