commit: e92a9ca2153223fdbbf86216bf1c3f398cffc4c4
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Mon Mar 27 13:16:36 2017 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Mon Mar 27 13:37:51 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e92a9ca2
app-admin/sudo: Some ebuild overhaul.
- added "cgrypt" and "openssl" USE flags
- put econf args into an array
- Beautified dependencies a bit
Package-Manager: Portage-2.3.5, Repoman-2.3.2
app-admin/sudo/metadata.xml | 16 ++++--
app-admin/sudo/sudo-1.8.20_beta1.ebuild | 75 ++++++++++++++++-----------
app-admin/sudo/sudo-9999.ebuild | 92 ++++++++++++++++++++-------------
3 files changed, 113 insertions(+), 70 deletions(-)
diff --git a/app-admin/sudo/metadata.xml b/app-admin/sudo/metadata.xml
index de3a9b0123f..1625b901ce3 100644
--- a/app-admin/sudo/metadata.xml
+++ b/app-admin/sudo/metadata.xml
@@ -12,12 +12,20 @@
arguments.
</longdescription>
<use>
+ <flag name="gcrypt">
+ Use SHA2 from <pkg>dev-libs/libgcrypt</pkg>
+ instead of sudo's internal SHA2.
+ </flag>
+ <flag name="offensive">
+ Let sudo print insults when the user types the wrong password.
+ </flag>
+ <flag name="openssl">
+ Use SHA2 from <pkg>dev-libs/openssl</pkg>
+ instead of sudo's internal SHA2.
+ </flag>
<flag name="sendmail">
- Allow sudo to send emails with sendmail.
+ Allow sudo to send emails with sendmail.
</flag>
- <flag name="offensive">
- Let sudo print insults when the user types the wrong password.
- </flag>
</use>
<upstream>
<remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id>
diff --git a/app-admin/sudo/sudo-1.8.20_beta1.ebuild
b/app-admin/sudo/sudo-1.8.20_beta1.ebuild
index 5103d4888ee..163cd385023 100644
--- a/app-admin/sudo/sudo-1.8.20_beta1.ebuild
+++ b/app-admin/sudo/sudo-1.8.20_beta1.ebuild
@@ -10,7 +10,7 @@ MY_P=${MY_P/beta/b}
uri_prefix=
case ${P} in
-*_beta*|*_rc*) uri_prefix=beta/ ;;
+ *_beta*|*_rc*) uri_prefix=beta/ ;;
esac
DESCRIPTION="Allows users or groups to run commands as other users"
@@ -25,28 +25,40 @@ SLOT="0"
if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64
~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~sparc-solaris"
fi
-IUSE="ldap nls pam offensive selinux skey +sendmail"
+IUSE="gcrypt ldap nls pam offensive openssl selinux skey +sendmail"
-DEPEND="pam? ( virtual/pam )
+CDEPEND="
+ gcrypt? ( dev-libs/libgcrypt:= )
+ openssl? ( dev-libs/openssl:0= )
+ pam? ( virtual/pam )
skey? ( >=sys-auth/skey-1.1.5-r1 )
ldap? (
>=net-nds/openldap-2.1.30-r1
dev-libs/cyrus-sasl
)
- sys-libs/zlib"
-RDEPEND="${DEPEND}
+ sys-libs/zlib
+"
+RDEPEND="
+ ${CDEPEND}
selinux? ( sec-policy/selinux-sudo )
ldap? ( dev-lang/perl )
pam? ( sys-auth/pambase )
>=app-misc/editor-wrapper-3
virtual/editor
- sendmail? ( virtual/mta )"
-DEPEND="${DEPEND}
- sys-devel/bison"
+ sendmail? ( virtual/mta )
+"
+DEPEND="
+ ${CDEPEND}
+ sys-devel/bison
+"
-S=${WORKDIR}/${MY_P}
+S="${WORKDIR}/${MY_P}"
-REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
+REQUIRED_USE="
+ pam? ( !skey )
+ skey? ( !pam )
+ ?? ( gcrypt openssl )
+"
MAKEOPTS+=" SAMPLES="
@@ -104,26 +116,29 @@ src_configure() {
# plugindir: autoconf code is crappy and does not delay evaluation
# until `make` time, so we have to use a full path here rather than
# basing off other values.
- econf \
- --enable-zlib=system \
- --with-secure-path="${ROOTPATH}" \
- --with-editor="${EPREFIX}"/usr/libexec/editor \
- --with-env-editor \
- $(use_with offensive insults) \
- $(use_with offensive all-insults) \
- $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
- $(use_with ldap) \
- $(use_enable nls) \
- $(use_with pam) \
- $(use_with skey) \
- $(use_with selinux) \
- $(use_with sendmail) \
- --without-opie \
- --without-linux-audit \
- --with-rundir="${EPREFIX}"/var/run/sudo \
- --with-vardir="${EPREFIX}"/var/db/sudo \
- --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
- --docdir="${EPREFIX}"/usr/share/doc/${PF}
+ myeconfargs=(
+ --enable-zlib=system
+ --with-editor="${EPREFIX}"/usr/libexec/editor
+ --with-env-editor
+ --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
+ --with-rundir="${EPREFIX}"/var/run/sudo
+ --with-secure-path="${ROOTPATH}"
+ --with-vardir="${EPREFIX}"/var/db/sudo
+ --without-linux-audit
+ --without-opie
+ $(use_enable gcrypt)
+ $(use_enable nls)
+ $(use_enable openssl)
+ $(use_with offensive insults)
+ $(use_with offensive all-insults)
+ $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
+ $(use_with ldap)
+ $(use_with pam)
+ $(use_with skey)
+ $(use_with selinux)
+ $(use_with sendmail)
+ )
+ econf "${myeconfargs[@]}"
}
src_install() {
diff --git a/app-admin/sudo/sudo-9999.ebuild b/app-admin/sudo/sudo-9999.ebuild
index 4b39080b529..d980106e414 100644
--- a/app-admin/sudo/sudo-9999.ebuild
+++ b/app-admin/sudo/sudo-9999.ebuild
@@ -14,7 +14,7 @@ MY_P=${MY_P/beta/b}
uri_prefix=
case ${P} in
-*_beta*|*_rc*) uri_prefix=beta/ ;;
+ *_beta*|*_rc*) uri_prefix=beta/ ;;
esac
DESCRIPTION="Allows users or groups to run commands as other users"
@@ -22,35 +22,49 @@ HOMEPAGE="http://www.sudo.ws/";
if [[ ${PV} != "9999" ]] ; then
SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz";
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64
~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~sparc-solaris"
+ if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips
~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd
~sparc-solaris"
+ fi
fi
# Basic license is ISC-style as-is, some files are released under
# 3-clause BSD license
LICENSE="ISC BSD"
SLOT="0"
-IUSE="ldap nls pam offensive selinux skey +sendmail"
+IUSE="gcrypt ldap nls openssl offensive pam selinux skey +sendmail"
-DEPEND="pam? ( virtual/pam )
- skey? ( >=sys-auth/skey-1.1.5-r1 )
+CDEPEND="
+ sys-libs/zlib
ldap? (
>=net-nds/openldap-2.1.30-r1
dev-libs/cyrus-sasl
)
- sys-libs/zlib"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-sudo )
- ldap? ( dev-lang/perl )
- pam? ( sys-auth/pambase )
+ gcrypt? ( dev-libs/libgcrypt:= )
+ openssl? ( dev-libs/openssl:0= )
+ pam? ( virtual/pam )
+ skey? ( >=sys-auth/skey-1.1.5-r1 )
+"
+RDEPEND="
+ ${CDEPEND}
>=app-misc/editor-wrapper-3
virtual/editor
- sendmail? ( virtual/mta )"
-DEPEND="${DEPEND}
- sys-devel/bison"
+ ldap? ( dev-lang/perl )
+ pam? ( sys-auth/pambase )
+ selinux? ( sec-policy/selinux-sudo )
+ sendmail? ( virtual/mta )
+"
+DEPEND="
+ ${CDEPEND}
+ sys-devel/bison
+"
-S=${WORKDIR}/${MY_P}
+S="${WORKDIR}/${MY_P}"
-REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
+REQUIRED_USE="
+ pam? ( !skey )
+ skey? ( !pam )
+ ?? ( gcrypt openssl )
+"
MAKEOPTS+=" SAMPLES="
@@ -108,33 +122,36 @@ src_configure() {
# plugindir: autoconf code is crappy and does not delay evaluation
# until `make` time, so we have to use a full path here rather than
# basing off other values.
- econf \
- --enable-zlib=system \
- --with-secure-path="${ROOTPATH}" \
- --with-editor="${EPREFIX}"/usr/libexec/editor \
- --with-env-editor \
- $(use_with offensive insults) \
- $(use_with offensive all-insults) \
- $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
- $(use_with ldap) \
- $(use_enable nls) \
- $(use_with pam) \
- $(use_with skey) \
- $(use_with selinux) \
- $(use_with sendmail) \
- --without-opie \
- --without-linux-audit \
- --with-rundir="${EPREFIX}"/var/run/sudo \
- --with-vardir="${EPREFIX}"/var/db/sudo \
- --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
- --docdir="${EPREFIX}"/usr/share/doc/${PF}
+ myeconfargs=(
+ --enable-zlib=system
+ --with-editor="${EPREFIX}"/usr/libexec/editor
+ --with-env-editor
+ --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
+ --with-rundir="${EPREFIX}"/var/run/sudo
+ --with-secure-path="${ROOTPATH}"
+ --with-vardir="${EPREFIX}"/var/db/sudo
+ --without-linux-audit
+ --without-opie
+ $(use_enable gcrypt)
+ $(use_enable nls)
+ $(use_enable openssl)
+ $(use_with offensive insults)
+ $(use_with offensive all-insults)
+ $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
+ $(use_with ldap)
+ $(use_with pam)
+ $(use_with skey)
+ $(use_with selinux)
+ $(use_with sendmail)
+ )
+ econf "${myeconfargs[@]}"
}
src_install() {
default
if use ldap ; then
- dodoc README.LDAP doc/schema.OpenLDAP
+ dodoc README.LDAP
dosbin plugins/sudoers/sudoers2ldif
cat <<-EOF > "${T}"/ldap.conf.sudo
@@ -149,6 +166,9 @@ src_install() {
insinto /etc
doins "${T}"/ldap.conf.sudo
fperms 0440 /etc/ldap.conf.sudo
+
+ insinto /etc/openldap/schema
+ newins doc/schema.OpenLDAP sudo.schema
fi
pamd_mimic system-auth sudo auth account session
