blob: 88bbfcd91db3f38095ef668924a767005ea4a890 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
# Created by: erich@rrnet.com
# $FreeBSD$
PORTNAME= sudo
DISTVERSION= 1.8.7
PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_SUDO}
MAINTAINER= wxs@FreeBSD.org
COMMENT= Allow others to run commands as root
LICENSE= sudo
LICENSE_NAME= Sudo license
LICENSE_FILE= ${WRKSRC}/doc/LICENSE
LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept
GNU_CONFIGURE= yes
LDFLAGS+= -lgcc
LDFLAGS+= -lssp_nonshared
CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \
--with-ignore-dot \
--with-tty-tickets \
--with-env-editor \
--with-logincap \
--with-long-otp-prompt
OPTIONS_DEFINE= LDAP INSULTS DISABLE_ROOT_SUDO DISABLE_AUTH NOARGS_SHELL \
AUDIT OPIE NLS
OPTIONS_DEFAULT= AUDIT NLS
INSULTS_DESC= Enable insults on failures
DISABLE_ROOT_SUDO_DESC= Do not allow root to run sudo
DISABLE_AUTH_DESC= Do not require authentication by default
NOARGS_SHELL_DESC= Run a shell if no arguments are given
AUDIT_DESC= Enable BSM audit support
OPIE_DESC= Enable one-time passwords (no PAM support)
LOGFAC?= local2
CONFIGURE_ARGS+= --with-logfac=${LOGFAC}
# This is intentionally not an option.
# SUDO_SECURE_PATH is a PATH string that will override the user's PATH.
# ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
.if defined(SUDO_SECURE_PATH)
CONFIGURE_ARGS+= --with-secure-path="${SUDO_SECURE_PATH}"
.endif
.include <bsd.port.options.mk>
.if ${ARCH} == "arm"
CONFIGURE_ARGS+= --disable-pie
.endif
.if ${PORT_OPTIONS:MNLS}
USES+= gettext
LDFLAGS+= -L${LOCALBASE}/lib -lintl
CFLAGS+= -I${LOCALBASE}/include
PLIST_SUB+= NLS=""
.else
CONFIGURE_ARGS+= --disable-nls
PLIST_SUB+= NLS="@comment "
.endif
.if ${PORT_OPTIONS:MINSULTS}
CONFIGURE_ARGS+= --with-insults
CONFIGURE_ARGS+= --with-all-insults
.endif
.if ${PORT_OPTIONS:MLDAP}
USE_OPENLDAP= yes
CONFIGURE_ARGS+= --with-ldap=${PREFIX}
SUDO_LDAP_CONF?= ldap.conf
CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF}
PLIST_SUB+= LDAP=""
MAN5+= sudoers.ldap.5
.else
PLIST_SUB+= LDAP="@comment "
.endif
.if ${PORT_OPTIONS:MDISABLE_ROOT_SUDO}
CONFIGURE_ARGS+=--disable-root-sudo
.endif
.if ${PORT_OPTIONS:MDISABLE_AUTH}
CONFIGURE_ARGS+= --disable-authentication
.endif
.if ${PORT_OPTIONS:MNOARGS_SHELL}
CONFIGURE_ARGS+= --enable-noargs-shell
.endif
.if ${PORT_OPTIONS:MAUDIT}
CONFIGURE_ARGS+= --with-bsm-audit
.endif
.if ${PORT_OPTIONS:MOPIE}
CONFIGURE_ARGS+= --with-opie
.else
CONFIGURE_ARGS+= --with-pam
.endif
MAN5+= sudoers.5 sudo.conf.5
MAN8= sudo.8 visudo.8 sudoreplay.8 sudo_plugin.8
MLINKS= sudo.8 sudoedit.8
post-patch:
@${REINPLACE_CMD} -E '/install-(binaries|noexec):/,/^$$/ \
s/\$$\(INSTALL\)/& ${STRIP}/;s/-b\~/-b ~/' \
${WRKSRC}/src/Makefile.in
@${REINPLACE_CMD} -e 's,$$(srcdir)/sudoers2ldif $$(DESTDIR)$$(docdir),$$(srcdir)/sudoers2ldif $$(DESTDIR)$$(bindir),' ${WRKSRC}/plugins/sudoers/Makefile.in
.if ! ${PORT_OPTIONS:MDOCS}
@${REINPLACE_CMD} -e 's/mkinstalldirs $$(DESTDIR)$$(docdir)/mkinstalldirs/' \
${WRKSRC}/doc/Makefile.in
@${REINPLACE_CMD} -e '/for f in $$(OTHER_DOCS); do/d;/@LDAP@for f in $$(OTHER_DOCS_LDAP); do/d' ${WRKSRC}/doc/Makefile.in
@${REINPLACE_CMD} -e 's/$$(DESTDIR)$$(sudoersdir) $$(DESTDIR)$$(docdir)/$$(DESTDIR)$$(sudoersdir)/' ${WRKSRC}/plugins/sudoers/Makefile.in
.endif
post-install:
${INSTALL_DATA} ${FILESDIR}/pam.conf ${PREFIX}/etc/pam.d/sudo.default
if [ ! -f ${PREFIX}/etc/pam.d/sudo ]; then \
${CP} -p ${PREFIX}/etc/pam.d/sudo.default \
${PREFIX}/etc/pam.d/sudo ; \
fi
if [ ! -f ${PREFIX}/etc/sudoers ]; then \
${CP} -p ${PREFIX}/etc/sudoers.sample ${PREFIX}/etc/sudoers; \
fi
${TOUCH} ${PREFIX}/etc/sudoers.d/.keep-me
.include <bsd.port.mk>
|
