blob: 9ebd4955eec8d050d7f2e37fbefffb738e82434f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
# Created by: erich@rrnet.com
# $FreeBSD$
PORTNAME= sudo
PORTVERSION= 1.8.19p2
CATEGORIES= security
MASTER_SITES= SUDO
MAINTAINER= garga@FreeBSD.org
COMMENT= Allow others to run commands as root
LICENSE= sudo
LICENSE_NAME= Sudo license
LICENSE_FILE= ${WRKSRC}/doc/LICENSE
LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept
USES= cpe libtool
CPE_VENDOR= todd_miller
USE_LDCONFIG= yes
GNU_CONFIGURE= yes
LDFLAGS+= -lgcc
CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \
--with-ignore-dot \
--with-tty-tickets \
--with-env-editor \
--with-logincap \
--with-long-otp-prompt
OPTIONS_DEFINE= LDAP INSULTS DISABLE_ROOT_SUDO DISABLE_AUTH NOARGS_SHELL \
AUDIT OPIE NLS SSSD DOCS
OPTIONS_DEFAULT= AUDIT
OPTIONS_SUB= yes
INSULTS_DESC= Enable insults on failures
DISABLE_ROOT_SUDO_DESC= Do not allow root to run sudo
DISABLE_AUTH_DESC= Do not require authentication by default
NOARGS_SHELL_DESC= Run a shell if no arguments are given
AUDIT_DESC= Enable BSM audit support
OPIE_DESC= Enable one-time passwords (no PAM support)
SSSD_DESC= Enable SSSD backend support.
LOGFAC?= authpriv
CONFIGURE_ARGS+= --with-logfac=${LOGFAC}
# This is intentionally not an option.
# SUDO_SECURE_PATH is a PATH string that will override the user's PATH.
# ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
.if defined(SUDO_SECURE_PATH)
CONFIGURE_ARGS+= --with-secure-path="${SUDO_SECURE_PATH}"
.endif
NLS_USES= gettext
NLS_CONFIGURE_ENABLE= nls
NLS_LDFLAGS= -L${LOCALBASE}/lib -lintl
NLS_CFLAGS= -I${LOCALBASE}/include
INSULTS_CONFIGURE_ON= --with-insults
INSULTS_CONFIGURE_ON+= --with-all-insults
LDAP_USE= OPENLDAP=yes
LDAP_CONFIGURE_ON= --with-ldap=${PREFIX}
SUDO_LDAP_CONF?= ldap.conf
LDAP_CONFIGURE_ON+= --with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF}
DISABLE_ROOT_SUDO_CONFIGURE_ON= --disable-root-sudo
DISABLE_AUTH_CONFIGURE_ON= --disable-authentication
NOARGS_SHELL_CONFIGURE_ENABLE= noargs-shell
AUDIT_CONFIGURE_WITH= bsm-audit
OPIE_CONFIGURE_ON= --with-opie
OPIE_CONFIGURE_OFF= --with-pam
SSSD_CONFIGURE_ON= --with-sssd
SSSD_RUN_DEPENDS= sssd:security/sssd
.include <bsd.port.options.mk>
.if ${ARCH} == "arm"
CONFIGURE_ARGS+= --disable-pie
.endif
post-patch:
@${REINPLACE_CMD} -E '/install-(binaries|noexec):/,/^$$/ \
s/\$$\(INSTALL\)/& ${STRIP}/;s/-b\~/-b ~/' \
${WRKSRC}/src/Makefile.in
@${REINPLACE_CMD} -e 's,$$(srcdir)/sudoers2ldif $$(DESTDIR)$$(docdir),$$(srcdir)/sudoers2ldif $$(DESTDIR)$$(bindir),' \
${WRKSRC}/plugins/sudoers/Makefile.in
post-install:
${INSTALL_DATA} ${FILESDIR}/pam.conf ${STAGEDIR}${PREFIX}/etc/pam.d/sudo.default
${TOUCH} ${STAGEDIR}${PREFIX}/etc/sudoers.d/.keep-me
${MV} ${STAGEDIR}${PREFIX}/etc/sudoers ${STAGEDIR}${PREFIX}/etc/sudoers.sample
${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/sudoreplay
${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/visudo
.for f in group_file.so libsudo_util.so sudoers.so system_group.so
${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/sudo/${f}
.endfor
.include <bsd.port.mk>
|