Update to sudo 1.9.1.
This adds a new sub-package for the optional Python plugin support, which can be disabled via the no_python pseudo-flavor. Thanks to sthen@ and ajacoutot@ for their help.
This commit is contained in:
parent
08ed0b9a37
commit
3052f16def
@ -1,18 +1,20 @@
|
||||
# $OpenBSD: Makefile,v 1.38 2020/01/30 18:47:11 millert Exp $
|
||||
# $OpenBSD: Makefile,v 1.39 2020/06/21 12:03:33 millert Exp $
|
||||
|
||||
COMMENT= execute a command as another user
|
||||
COMMENT-main= execute a command as another user
|
||||
COMMENT-python= sudo Python plugin
|
||||
|
||||
DISTNAME= sudo-1.8.31
|
||||
V= 1.9.1
|
||||
DISTNAME= sudo-${V}
|
||||
CATEGORIES= security
|
||||
|
||||
PKGNAME-main= sudo-${V}
|
||||
PKGNAME-python= sudo-python-${V}
|
||||
|
||||
MAINTAINER= Todd C. Miller <millert@openbsd.org>
|
||||
|
||||
# ISC-style license
|
||||
PERMIT_PACKAGE= Yes
|
||||
|
||||
WANTLIB+= c util z
|
||||
|
||||
|
||||
HOMEPAGE= https://www.sudo.ws/
|
||||
|
||||
MASTER_SITES= https://www.sudo.ws/dist/ \
|
||||
@ -27,24 +29,51 @@ CONFIGURE_ARGS+= --with-insults \
|
||||
--with-logfac=authpriv \
|
||||
--with-libtool=system \
|
||||
--disable-path-info \
|
||||
--enable-openssl \
|
||||
--enable-zlib=system
|
||||
|
||||
SHARED_LIBS= sudo_util 0.0
|
||||
|
||||
PSEUDO_FLAVORS= no_python
|
||||
FLAVORS= gettext ldap
|
||||
FLAVOR?=
|
||||
|
||||
MULTI_PACKAGES= -main -python
|
||||
MODPY_VERSION= ${MODPY_DEFAULT_VERSION_3}
|
||||
MODPY_RUNDEP= No
|
||||
|
||||
# All sub-packages depend on these libraries
|
||||
WANTLIB= util crypto
|
||||
|
||||
# The gettext flavor influences LIB_DEPENDS and WANTLIB for all sub-packages
|
||||
.if ${FLAVOR:Mgettext}
|
||||
CONFIGURE_ARGS += --enable-nls=${LOCALBASE}
|
||||
LIB_DEPENDS+= devel/gettext,-runtime
|
||||
WANTLIB+= iconv intl
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-nls
|
||||
.endif
|
||||
|
||||
# It is now safe to set sub-package WANTLIB and LIB_DEPENDS
|
||||
WANTLIB-main= ${WANTLIB} c z ssl
|
||||
WANTLIB-python= ${WANTLIB} libexec/sudo/sudo_util \
|
||||
${MODPY_WANTLIB} iconv intl m pthread
|
||||
|
||||
LIB_DEPENDS-main= ${LIB_DEPENDS}
|
||||
LIB_DEPENDS-python= ${LIB_DEPENDS} security/sudo,-main ${MODPY_LIB_DEPENDS}
|
||||
|
||||
.if ${FLAVOR:Mldap}
|
||||
CONFIGURE_ARGS+= --with-ldap=${LOCALBASE}
|
||||
LIB_DEPENDS+= databases/openldap
|
||||
WANTLIB+= crypto lber-2.4 ldap-2.4 sasl2 ssl
|
||||
LIB_DEPENDS-main+= databases/openldap
|
||||
WANTLIB-main+= lber ldap sasl2
|
||||
.endif
|
||||
.if ${FLAVOR:Mgettext}
|
||||
CONFIGURE_ARGS += --enable-nls=${LOCALBASE}
|
||||
LIB_DEPENDS+= devel/gettext,-runtime
|
||||
WANTLIB+= iconv intl
|
||||
|
||||
.include <bsd.port.arch.mk>
|
||||
.if !${BUILD_PACKAGES:M-python}
|
||||
CONFIGURE_ARGS+= --disable-python
|
||||
.else
|
||||
CONFIGURE_ARGS += --disable-nls
|
||||
CONFIGURE_ARGS+= --enable-python
|
||||
MODULES= lang/python
|
||||
.endif
|
||||
|
||||
# Don't set owner on install in fake mode
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (sudo-1.8.31.tar.gz) = fqjZejzuTIROCIfqehvYDrVMyY/XeWZ3bLGoBlOtRU8=
|
||||
SIZE (sudo-1.8.31.tar.gz) = 3350674
|
||||
SHA256 (sudo-1.9.1.tar.gz) = KUEWzv4QoCdzkX/HRA2DhLkllVvJam4Oqhl3yDs0rf8=
|
||||
SIZE (sudo-1.9.1.tar.gz) = 3834744
|
||||
|
@ -2,5 +2,3 @@ Sudo (su "do") allows a system administrator to delegate authority
|
||||
to give certain users (or groups of users) the ability to run some
|
||||
(or all) commands as root or another user while providing an audit
|
||||
trail of the commands and their arguments.
|
||||
|
||||
Sudo is free software, distributed under an ISC-style license.
|
3
security/sudo/pkg/DESCR-python
Normal file
3
security/sudo/pkg/DESCR-python
Normal file
@ -0,0 +1,3 @@
|
||||
The sudo Python plugin can be used to write sudo 1.9 plugins in
|
||||
Python instead of C. The API closely follows the C sudo plugin API
|
||||
described by sudo_plugin(5).
|
@ -1,20 +0,0 @@
|
||||
Please see the ${PREFIX}/share/doc/sudo/UPGRADE file for important
|
||||
information about upgrading from a previous version of sudo.
|
||||
|
||||
Important user-visible changes compared to the version of sudo that
|
||||
used to be in OpenBSD base (1.7.2p8) include:
|
||||
|
||||
o The tty_tickets sudoers option is now enabled by default.
|
||||
To restore the old behavior (single time stamp per user),
|
||||
add a line like:
|
||||
Defaults !tty_tickets
|
||||
to sudoers.
|
||||
|
||||
o The HOME and MAIL environment variables are now reset based on the
|
||||
target user's password database entry when the env_reset sudoers option
|
||||
is enabled (which is the case in the default configuration). Users
|
||||
wishing to preserve the original values should use a sudoers line like:
|
||||
Defaults env_keep += HOME
|
||||
to preserve the old value of HOME and
|
||||
Defaults env_keep += MAIL
|
||||
to preserve the old value of MAIL.
|
@ -1,4 +1,4 @@
|
||||
@comment $OpenBSD: PFRAG.gettext,v 1.1 2015/07/10 15:16:03 espie Exp $
|
||||
@comment $OpenBSD: PFRAG.gettext-main,v 1.1 2020/06/21 12:03:34 millert Exp $
|
||||
share/locale/ca/LC_MESSAGES/sudo.mo
|
||||
share/locale/ca/LC_MESSAGES/sudoers.mo
|
||||
share/locale/cs/LC_MESSAGES/sudo.mo
|
@ -1,4 +1,5 @@
|
||||
@comment $OpenBSD: PLIST,v 1.7 2019/12/31 21:54:25 millert Exp $
|
||||
@comment $OpenBSD: PLIST-main,v 1.1 2020/06/21 12:03:34 millert Exp $
|
||||
@rcscript ${RCDIR}/sudo_logsrvd
|
||||
@bin bin/cvtsudoers
|
||||
@mode 04555
|
||||
@bin bin/sudo
|
||||
@ -7,10 +8,14 @@ bin/sudoedit
|
||||
@bin bin/sudoreplay
|
||||
include/sudo_plugin.h
|
||||
libexec/sudo/
|
||||
libexec/sudo/audit_json.la
|
||||
@so libexec/sudo/audit_json.so
|
||||
libexec/sudo/group_file.la
|
||||
@so libexec/sudo/group_file.so
|
||||
libexec/sudo/libsudo_util.la
|
||||
@lib libexec/sudo/libsudo_util.so.${LIBsudo_util_VERSION}
|
||||
libexec/sudo/sample_approval.la
|
||||
@so libexec/sudo/sample_approval.so
|
||||
libexec/sudo/sudo_noexec.la
|
||||
@so libexec/sudo/sudo_noexec.so
|
||||
libexec/sudo/sudoers.la
|
||||
@ -19,13 +24,19 @@ libexec/sudo/system_group.la
|
||||
@so libexec/sudo/system_group.so
|
||||
@man man/man1/cvtsudoers.1
|
||||
@man man/man5/sudo.conf.5
|
||||
@man man/man5/sudo_logsrv.proto.5
|
||||
@man man/man5/sudo_logsrvd.conf.5
|
||||
@man man/man5/sudoers.5
|
||||
@man man/man5/sudoers_timestamp.5
|
||||
@man man/man8/sudo.8
|
||||
@man man/man8/sudo_logsrvd.8
|
||||
@man man/man8/sudo_plugin.8
|
||||
@man man/man8/sudo_sendlog.8
|
||||
@man man/man8/sudoedit.8
|
||||
@man man/man8/sudoreplay.8
|
||||
@man man/man8/visudo.8
|
||||
@bin sbin/sudo_logsrvd
|
||||
@bin sbin/sudo_sendlog
|
||||
@bin sbin/visudo
|
||||
share/doc/sudo/
|
||||
share/doc/sudo/CONTRIBUTORS
|
||||
@ -38,10 +49,13 @@ share/doc/sudo/TROUBLESHOOTING
|
||||
share/doc/sudo/UPGRADE
|
||||
share/examples/sudo/
|
||||
share/examples/sudo/sudo.conf
|
||||
share/examples/sudo/sudo_logsrvd.conf
|
||||
share/examples/sudo/sudoers
|
||||
share/examples/sudo/sudoers.OpenBSD
|
||||
share/examples/sudo/syslog.conf
|
||||
@mode 0440
|
||||
@sample ${SYSCONFDIR}/sudoers
|
||||
@mode
|
||||
share/examples/sudo/syslog.conf
|
||||
@sample ${SYSCONFDIR}/sudo.conf
|
||||
@sample ${SYSCONFDIR}/sudo_logsrvd.conf
|
||||
%%gettext%%
|
11
security/sudo/pkg/PLIST-python
Normal file
11
security/sudo/pkg/PLIST-python
Normal file
@ -0,0 +1,11 @@
|
||||
@comment $OpenBSD: PLIST-python,v 1.1 2020/06/21 12:03:34 millert Exp $
|
||||
libexec/sudo/python_plugin.la
|
||||
@so libexec/sudo/python_plugin.so
|
||||
@man man/man8/sudo_plugin_python.8
|
||||
share/examples/sudo/example_approval_plugin.py
|
||||
share/examples/sudo/example_audit_plugin.py
|
||||
share/examples/sudo/example_conversation.py
|
||||
share/examples/sudo/example_debugging.py
|
||||
share/examples/sudo/example_group_plugin.py
|
||||
share/examples/sudo/example_io_plugin.py
|
||||
share/examples/sudo/example_policy_plugin.py
|
9
security/sudo/pkg/sudo_logsrvd.rc
Normal file
9
security/sudo/pkg/sudo_logsrvd.rc
Normal file
@ -0,0 +1,9 @@
|
||||
#!/bin/ksh
|
||||
#
|
||||
# $OpenBSD: sudo_logsrvd.rc,v 1.1 2020/06/21 12:03:34 millert Exp $
|
||||
|
||||
daemon="${TRUEPREFIX}/sbin/sudo_logsrvd"
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_cmd $1
|
Loading…
Reference in New Issue
Block a user