* [ptxdist] [PATCH] sudo: version bump 1.7.2p6 -> 1.8.20p2
@ 2017-09-04 11:13 Denis OSTERLAND
2017-09-04 11:53 ` Juergen Borleis
0 siblings, 1 reply; 2+ messages in thread
From: Denis OSTERLAND @ 2017-09-04 11:13 UTC (permalink / raw)
To: ptxdist
Install new libsudo_util and plugins.
Update configure command line options.
Signed-off-by: Denis Osterland <Denis.Osterland@diehl.com>
---
.../0001-install-sh-disable-stripping.patch | 29 --------
patches/sudo-1.7.2p6/series | 1 -
.../0001-install-sh-disable-stripping.patch | 29 ++++++++
patches/sudo-1.8.20p2/series | 1 +
rules/sudo.make | 86 +++++++++-------------
5 files changed, 63 insertions(+), 83 deletions(-)
delete mode 100644 patches/sudo-1.7.2p6/0001-install-sh-disable-stripping.patch
delete mode 100644 patches/sudo-1.7.2p6/series
create mode 100644 patches/sudo-1.8.20p2/0001-install-sh-disable-stripping.patch
create mode 100644 patches/sudo-1.8.20p2/series
diff --git a/patches/sudo-1.7.2p6/0001-install-sh-disable-stripping.patch b/patches/sudo-1.7.2p6/0001-install-sh-disable-stripping.patch
deleted file mode 100644
index c8421a5..0000000
--- a/patches/sudo-1.7.2p6/0001-install-sh-disable-stripping.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 0c293e823cbe169ed09f1be263ff22e57b9d03ef Mon Sep 17 00:00:00 2001
-From: Marc Kleine-Budde <mkl@pengutronix.de>
-Date: Wed, 13 Jan 2010 09:29:27 +0100
-Subject: [PATCH] install-sh: disable stripping
-
-This patch disables stripping because the install-sh would use
-/usr/bin/strip which doesn't work during cross compilation.
-
-Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
----
- install-sh | 2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/install-sh b/install-sh
-index 5a6d399..e9a70b5 100755
---- a/install-sh
-+++ b/install-sh
-@@ -138,7 +138,7 @@ while ${MORETODO} ; do
- fi
- ;;
- X-s)
-- STRIPIT=true
-+ STRIPIT=false
- ;;
- X--)
- shift
---
-1.6.6
-
diff --git a/patches/sudo-1.7.2p6/series b/patches/sudo-1.7.2p6/series
deleted file mode 100644
index fab2261..0000000
--- a/patches/sudo-1.7.2p6/series
+++ /dev/null
@@ -1 +0,0 @@
-0001-install-sh-disable-stripping.patch
diff --git a/patches/sudo-1.8.20p2/0001-install-sh-disable-stripping.patch b/patches/sudo-1.8.20p2/0001-install-sh-disable-stripping.patch
new file mode 100644
index 0000000..c8421a5
--- /dev/null
+++ b/patches/sudo-1.8.20p2/0001-install-sh-disable-stripping.patch
@@ -0,0 +1,29 @@
+From 0c293e823cbe169ed09f1be263ff22e57b9d03ef Mon Sep 17 00:00:00 2001
+From: Marc Kleine-Budde <mkl@pengutronix.de>
+Date: Wed, 13 Jan 2010 09:29:27 +0100
+Subject: [PATCH] install-sh: disable stripping
+
+This patch disables stripping because the install-sh would use
+/usr/bin/strip which doesn't work during cross compilation.
+
+Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
+---
+ install-sh | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/install-sh b/install-sh
+index 5a6d399..e9a70b5 100755
+--- a/install-sh
++++ b/install-sh
+@@ -138,7 +138,7 @@ while ${MORETODO} ; do
+ fi
+ ;;
+ X-s)
+- STRIPIT=true
++ STRIPIT=false
+ ;;
+ X--)
+ shift
+--
+1.6.6
+
diff --git a/patches/sudo-1.8.20p2/series b/patches/sudo-1.8.20p2/series
new file mode 100644
index 0000000..fab2261
--- /dev/null
+++ b/patches/sudo-1.8.20p2/series
@@ -0,0 +1 @@
+0001-install-sh-disable-stripping.patch
diff --git a/rules/sudo.make b/rules/sudo.make
index c9ba61c..e4032ef 100644
--- a/rules/sudo.make
+++ b/rules/sudo.make
@@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_SUDO) += sudo
#
# Paths and names
#
-SUDO_VERSION := 1.7.2p6
-SUDO_MD5 := c4f1a43e8ba94f6bf06d2211442148c4
+SUDO_VERSION := 1.8.20p2
+SUDO_MD5 := 03da8e711caca6fd93e57751bfb74adc
SUDO := sudo-$(SUDO_VERSION)
SUDO_SUFFIX := tar.gz
SUDO_URL := \
@@ -58,7 +58,29 @@ SUDO_AUTOCONF = \
--without-project \
--without-lecture \
--with-ignore-dot \
- --without-pam
+ --without-pam \
+ --enable-env-reset \
+ --enable-warnings \
+ --enable-werror \
+ --enable-openssl \
+ --disable-gcrypt \
+ --enable-hardening \
+ --enable-pie \
+ --enable-asan \
+ --enable-poll \
+ --disable-admin-flag \
+ --disable-nls \
+ --enable-static-sudoers \
+ --enable-shared-libutil \
+ --enable-largefile \
+ --disable-kerb5-instance \
+ --without-linux-audit \
+ --without-solaris-audit \
+ --without-sssd \
+ --with-man \
+ --with-mdoc \
+ --without-umask-override \
+ --without-pam-login
ifdef PTXCONF_SUDO_USE_SENDMAIL
SUDO_AUTOCONF += --with-sendmail
@@ -76,54 +98,6 @@ else
SUDO_AUTOCONF += --without-env-editor
endif
-# --disable-root-mailer Don't run the mailer as root, run as the user
-# --disable-setreuid Don't try to use the setreuid() function
-# --disable-setresuid Don't try to use the setresuid() function
-# --enable-shell-sets-home set $HOME to target user in shell mode
-# --with-AFS enable AFS support
-# --with-logging log via syslog, file, or both
-# --with-logfac syslog facility to log with (default is "local2")
-# --with-goodpri syslog priority for commands (def is "notice")
-# --with-badpri syslog priority for failures (def is "alert")
-# --with-logpath path to the sudo log file
-# --with-loglen maximum length of a log file line (default is 80)
-# --without-mail-if-no-user do not send mail if user not in sudoers
-# --with-mail-if-no-host send mail if user in sudoers but not for this host
-# --with-mail-if-noperms send mail if user not allowed to run command
-# --with-mailto who should get sudo mail (default is "root")
-# --with-mailsubject subject of sudo mail
-# --with-passprompt default password prompt
-# --with-badpass-message message the user sees when the password is wrong
-# --with-fqdn expect fully qualified hosts in sudoers
-# --with-timedir path to the sudo timestamp dir
-# --with-sudoers-mode mode of sudoers file (defaults to 0440)
-# --with-sudoers-uid uid that owns sudoers file (defaults to 0)
-# --with-sudoers-gid gid that owns sudoers file (defaults to 0)
-# --with-umask umask with which the prog should run (default is 022)
-# --without-umask Preserves the umask of the user invoking sudo.
-# --with-runas-default User to run commands as (default is "root")
-# --with-exempt=group no passwd needed for users in this group
-# --with-editor=path Default editor for visudo (defaults to vi)
-# --with-env-editor Use the environment variable EDITOR for visudo
-# --with-passwd-tries number of tries to enter password (default is 3)
-# --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)
-# --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)
-# --with-tty-tickets use a different ticket file for each tty
-# --with-insults insult the user for entering an incorrect password
-# --with-all-insults include all the sudo insult sets
-# --with-classic-insults include the insults from the "classic" sudo
-# --with-csops-insults include CSOps insults
-# --with-hal-insults include 2001-like insults
-# --with-goons-insults include the insults from the "Goon Show"
-# --with-ldap[=DIR] enable LDAP support
-# --with-ldap-conf-file path to LDAP configuration file
-# --with-ldap-secret-file path to LDAP secret pasdword file
-# --with-pc-insults replace politically incorrect insults with less offensive ones
-# --with-secure-path override the user's path with a built-in one
-# --without-interfaces don't try to read the ip addr of ether interfaces
-# --with-stow properly handle GNU stow packaging
-# --with-pic try to use only PIC/non-PIC objects [default=use
-
# ----------------------------------------------------------------------------
# Target-Install
# ----------------------------------------------------------------------------
@@ -140,8 +114,14 @@ $(STATEDIR)/sudo.targetinstall:
@$(call install_copy, sudo, 0, 0, 7755, -, /usr/bin/sudo)
@$(call install_link, sudo, sudo, /usr/bin/sudoedit)
- @$(call install_copy, sudo, 0, 0, 0644, -, \
- /usr/libexec/sudo_noexec.so)
+ @$(call install_copy, sudo, 0, 0, 0644, -, /usr/libexec/sudo/sudo_noexec.so)
+ @$(call install_copy, sudo, 0, 0, 0644, -, /usr/libexec/sudo/group_file.so)
+ @$(call install_copy, sudo, 0, 0, 0644, -, /usr/libexec/sudo/sudoers.so)
+ @$(call install_copy, sudo, 0, 0, 0644, -, /usr/libexec/sudo/system_group.so)
+
+ @$(call install_copy, sudo, 0, 0, 0644, $(SUDO_PKGDIR)/usr/libexec/sudo/libsudo_util.so.0.0.0, /usr/lib/libsudo_util.so.0.0.0)
+ @$(call install_link, sudo, libsudo_util.so.0.0.0, /usr/lib/libsudo_util.so)
+ @$(call install_link, sudo, libsudo_util.so.0.0.0, /usr/lib/libsudo_util.so.0)
ifdef PTXCONF_SUDO_INSTALL_ETC_SUDOERS
@$(call install_alternative, sudo, 0, 0, 0440, /etc/sudoers, n)
--
2.7.4
Diehl AKO Stiftung & Co. KG, Pfannerstraße 75-83, 88239 Wangen im Allgäu
Bereichsvorstand: Dipl.-Ing. Michael Siedentop (Sprecher), Josef Fellner (Mitglied)
Sitz der Gesellschaft: Wangen i.A. – Registergericht: Amtsgericht Ulm HRA 620609 – Persönlich haftende Gesellschafterin: Diehl Verwaltungs-Stiftung – Sitz: Nürnberg – Registergericht: Amtsgericht Nürnberg HRA 11756 –
Vorstand: Dr.-Ing. E.h. Thomas Diehl (†) (Vorsitzender), Herr Dipl.-Wirtsch.-Ing. Wolfgang Weggen (stellvertretender Vorsitzender), Dipl.-Kfm. Claus Günther, Dipl.-Kfm. Frank Gutzeit, Dr.-Ing. Heinrich Schunk, Dr.-Ing. Michael Siedentop , Dipl.-Kfm. Dr.-Ing. Martin Sommer, Dipl.-Ing. (FH) Rainer von Borstel, Vorsitzender des Aufsichtsrates: Dr. Klaus Maier
___________________________________________________________________________________________________
Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten haben. Bitte loeschen Sie in diesem Fall die Nachricht. Jede unerlaubte Form der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation dieser E-Mail ist strengstens untersagt.
The contents of the above mentioned e-mail is not legally binding. This e-mail contains confidential and/or legally protected information. Please inform us if you have received this e-mail by mistake and delete it in such a case. Each unauthorized reproduction, disclosure, alteration, distribution and/or publication of this e-mail is strictly prohibited.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ptxdist] [PATCH] sudo: version bump 1.7.2p6 -> 1.8.20p2
2017-09-04 11:13 [ptxdist] [PATCH] sudo: version bump 1.7.2p6 -> 1.8.20p2 Denis OSTERLAND
@ 2017-09-04 11:53 ` Juergen Borleis
0 siblings, 0 replies; 2+ messages in thread
From: Juergen Borleis @ 2017-09-04 11:53 UTC (permalink / raw)
To: ptxdist; +Cc: Denis OSTERLAND
On Monday 04 September 2017 13:13:14 Denis OSTERLAND wrote:
> [...]
> @@ -58,7 +58,29 @@ SUDO_AUTOCONF = \
> --without-project \
> --without-lecture \
> --with-ignore-dot \
> - --without-pam
> + --without-pam \
> + --enable-env-reset \
> + --enable-warnings \
> + --enable-werror \
> + --enable-openssl \
> + --disable-gcrypt \
> + --enable-hardening \
> + --enable-pie \
> + --enable-asan \
> + --enable-poll \
> + --disable-admin-flag \
> + --disable-nls \
> + --enable-static-sudoers \
> + --enable-shared-libutil \
> + --enable-largefile \
> + --disable-kerb5-instance \
> + --without-linux-audit \
> + --without-solaris-audit \
> + --without-sssd \
> + --with-man \
> + --with-mdoc \
> + --without-umask-override \
> + --without-pam-login
Don't forget LARGE FILE SUPPORT. Refer my patch "sudo: upgrade to make it
large filesystem aware"
jb
--
Pengutronix e.K. | Juergen Borleis |
Industrial Linux Solutions | http://www.pengutronix.de/ |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-09-04 11:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-04 11:13 [ptxdist] [PATCH] sudo: version bump 1.7.2p6 -> 1.8.20p2 Denis OSTERLAND
2017-09-04 11:53 ` Juergen Borleis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox