diff options
| author | Robert Schwebel <r.schwebel@pengutronix.de> | 2008-12-12 20:39:26 +0000 |
|---|---|---|
| committer | Robert Schwebel <r.schwebel@pengutronix.de> | 2008-12-12 20:39:26 +0000 |
| commit | 8b1c02f678043cdbb3ef7bb9f38733dd7a3e9197 (patch) | |
| tree | 44429087849c33410c26471e3396cf13cbc71bce /rules/sudo.make | |
| parent | dbb1e419f21bae1db5852c69bf5c1ff396443cbe (diff) | |
| download | ptxdist-8b1c02f678043cdbb3ef7bb9f38733dd7a3e9197.tar.gz ptxdist-8b1c02f678043cdbb3ef7bb9f38733dd7a3e9197.tar.xz | |
* sudo: cleanup; disable untested features
git-svn-id: https://svn.pengutronix.de/svn/ptxdist/trunks/ptxdist-trunk@9221 33e552b5-05e3-0310-8538-816dae2090ed
Diffstat (limited to 'rules/sudo.make')
| -rw-r--r-- | rules/sudo.make | 97 |
1 files changed, 79 insertions, 18 deletions
diff --git a/rules/sudo.make b/rules/sudo.make index 422caba0c..5fcbe733f 100644 --- a/rules/sudo.make +++ b/rules/sudo.make @@ -24,7 +24,6 @@ SUDO_URL = http://www.courtesan.com/sudo/dist/OLD/$(SUDO).$(SUDO_SUFFIX) SUDO_SOURCE = $(SRCDIR)/$(SUDO).$(SUDO_SUFFIX) SUDO_DIR = $(BUILDDIR)/$(SUDO) - # ---------------------------------------------------------------------------- # Get # ---------------------------------------------------------------------------- @@ -68,18 +67,74 @@ SUDO_ENV = \ # SUDO_AUTOCONF = \ $(CROSS_AUTOCONF_USR) \ + --disable-shadow \ + --enable-root-sudo \ + --disable-log-host \ + --enable-noargs-shell \ + --disable-path-info \ + --disable-sia \ + --without-AFS \ + --without-DCE \ + --without-logincap \ + --without-bsdauth \ + --without-project \ + --without-lecture \ + --with-ignore-dot \ --without-pam -ifdef PTXCONF_SUDO_DONT_SEND_MAILS +ifdef PTXCONF_SUDO__SENDMAIL +SUDO_AUTOCONF += --with-sendmail +else SUDO_AUTOCONF += --without-sendmail endif -ifndef PTXCONF_SUDO_USE_SENDMAIL -SUDO_AUTOCONF += --without-sendmail -endif -ifndef PTXCONF_SUDO_USE_PAM -SUDO_AUTOCONF += --without-pam -endif +# --disable-root-mailer Don't run the mailer as root, run as the user +# --disable-setreuid Don't try to use the setreuid() function +# --disable-setresuid Don't try to use the setresuid() function +# --enable-shell-sets-home set $HOME to target user in shell mode +# --with-AFS enable AFS support +# --with-logging log via syslog, file, or both +# --with-logfac syslog facility to log with (default is "local2") +# --with-goodpri syslog priority for commands (def is "notice") +# --with-badpri syslog priority for failures (def is "alert") +# --with-logpath path to the sudo log file +# --with-loglen maximum length of a log file line (default is 80) +# --without-mail-if-no-user do not send mail if user not in sudoers +# --with-mail-if-no-host send mail if user in sudoers but not for this host +# --with-mail-if-noperms send mail if user not allowed to run command +# --with-mailto who should get sudo mail (default is "root") +# --with-mailsubject subject of sudo mail +# --with-passprompt default password prompt +# --with-badpass-message message the user sees when the password is wrong +# --with-fqdn expect fully qualified hosts in sudoers +# --with-timedir path to the sudo timestamp dir +# --with-sudoers-mode mode of sudoers file (defaults to 0440) +# --with-sudoers-uid uid that owns sudoers file (defaults to 0) +# --with-sudoers-gid gid that owns sudoers file (defaults to 0) +# --with-umask umask with which the prog should run (default is 022) +# --without-umask Preserves the umask of the user invoking sudo. +# --with-runas-default User to run commands as (default is "root") +# --with-exempt=group no passwd needed for users in this group +# --with-editor=path Default editor for visudo (defaults to vi) +# --with-env-editor Use the environment variable EDITOR for visudo +# --with-passwd-tries number of tries to enter password (default is 3) +# --with-timeout minutes before sudo asks for passwd again (def is 5 minutes) +# --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes) +# --with-tty-tickets use a different ticket file for each tty +# --with-insults insult the user for entering an incorrect password +# --with-all-insults include all the sudo insult sets +# --with-classic-insults include the insults from the "classic" sudo +# --with-csops-insults include CSOps insults +# --with-hal-insults include 2001-like insults +# --with-goons-insults include the insults from the "Goon Show" +# --with-ldap[=DIR] enable LDAP support +# --with-ldap-conf-file path to LDAP configuration file +# --with-ldap-secret-file path to LDAP secret pasdword file +# --with-pc-insults replace politically incorrect insults with less offensive ones +# --with-secure-path override the user's path with a built-in one +# --without-interfaces don't try to read the ip addr of ether interfaces +# --with-stow properly handle GNU stow packaging +# --with-pic try to use only PIC/non-PIC objects [default=use $(STATEDIR)/sudo.prepare: $(sudo_prepare_deps_default) @$(call targetinfo, $@) @@ -119,7 +174,7 @@ sudo_targetinstall: $(STATEDIR)/sudo.targetinstall $(STATEDIR)/sudo.targetinstall: $(sudo_targetinstall_deps_default) @$(call targetinfo, $@) - @$(call install_init, sudo) + @$(call install_init, sudo) @$(call install_fixup, sudo,PACKAGE,sudo) @$(call install_fixup, sudo,PRIORITY,optional) @$(call install_fixup, sudo,VERSION,$(SUDO_VERSION)) @@ -131,16 +186,22 @@ $(STATEDIR)/sudo.targetinstall: $(sudo_targetinstall_deps_default) @$(call install_copy, sudo, 0, 0, 7755, $(SUDO_DIR)/sudo, /usr/bin/sudo) @$(call install_link, sudo, sudo, /usr/bin/sudoedit) - @$(call install_copy, sudo, 0, 0, 0755, $(SUDO_DIR)/.libs/sudo_noexec.so, /usr/libexec/sudo_noexec.so) + @$(call install_copy, sudo, 0, 0, 0755, \ + $(SUDO_DIR)/.libs/sudo_noexec.so, \ + /usr/libexec/sudo_noexec.so) - ifdef PTXCONF_SUDO_ETC_SUDOERS - ifdef PTXCONF_SUDO_ETC_SUDOERS_DEFAULT - @$(call install_copy, sudo, 0, 0, 0440, $(SUDO_DIR)/sudoers, /etc/sudoers,n) - endif - ifdef PTXCONF_SUDO_ETC_SUDOERS_USER - @$(call install_copy, sudo, 0, 0, 0440, ${PTXDIST_WORKSPACE}/projectroot/etc/sudoers, /etc/sudoers,n) - endif - endif +ifdef PTXCONF_SUDO__ETC_SUDOERS +ifdef PTXCONF_SUDO__ETC_SUDOERS_DEFAULT + @$(call install_copy, sudo, 0, 0, 0440, \ + $(SUDO_DIR)/sudoers, \ + /etc/sudoers, n) +endif +ifdef PTXCONF_SUDO__ETC_SUDOERS_USER + @$(call install_copy, sudo, 0, 0, 0440, \ + ${PTXDIST_WORKSPACE}/projectroot/etc/sudoers, \ + /etc/sudoers, n) +endif +endif @$(call install_finish, sudo) @$(call touch, $@) |