=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sudo/Attic/configure.in,v retrieving revision 1.20 retrieving revision 1.21 diff -c -r1.20 -r1.21 *** src/usr.bin/sudo/Attic/configure.in 2004/01/12 19:13:20 1.20 --- src/usr.bin/sudo/Attic/configure.in 2004/09/28 15:10:51 1.21 *************** *** 1,23 **** dnl dnl Process this file with GNU autoconf to produce a configure script. ! dnl $Sudo: configure.in,v 1.383 2003/04/13 19:48:15 millert Exp $ dnl ! dnl Copyright (c) 1994-1996,1998-2003 Todd C. Miller dnl ! AC_INIT(sudo, 1.6.7p5) AC_CONFIG_HEADER(config.h pathnames.h) dnl dnl This won't work before AC_INIT() dnl ! AC_MSG_NOTICE([Configuring Sudo version 1.6.7p5]) dnl dnl Variables that get substituted in the Makefile and man pages dnl AC_SUBST(CFLAGS)dnl AC_SUBST(PROGS)dnl AC_SUBST(CPPFLAGS)dnl AC_SUBST(LDFLAGS)dnl AC_SUBST(SUDO_LDFLAGS)dnl AC_SUBST(LIBS)dnl AC_SUBST(SUDO_LIBS)dnl AC_SUBST(NET_LIBS)dnl --- 1,25 ---- dnl dnl Process this file with GNU autoconf to produce a configure script. ! dnl $Sudo: configure.in,v 1.420 2004/09/08 15:49:25 millert Exp $ dnl ! dnl Copyright (c) 1994-1996,1998-2004 Todd C. Miller dnl ! AC_INIT(sudo, 1.6.8) AC_CONFIG_HEADER(config.h pathnames.h) dnl dnl This won't work before AC_INIT() dnl ! AC_MSG_NOTICE([Configuring Sudo version 1.6.8]) dnl dnl Variables that get substituted in the Makefile and man pages dnl + AC_SUBST(LIBTOOL) AC_SUBST(CFLAGS)dnl AC_SUBST(PROGS)dnl AC_SUBST(CPPFLAGS)dnl AC_SUBST(LDFLAGS)dnl AC_SUBST(SUDO_LDFLAGS)dnl + AC_SUBST(SUDO_OBJS)dnl AC_SUBST(LIBS)dnl AC_SUBST(SUDO_LIBS)dnl AC_SUBST(NET_LIBS)dnl *************** *** 33,38 **** --- 35,43 ---- AC_SUBST(mansectsu) AC_SUBST(mansectform) AC_SUBST(mansrcdir) + AC_SUBST(NOEXECDIR) + AC_SUBST(noexec_file) + AC_SUBST(INSTALL_NOEXEC) dnl dnl Variables that get substituted in docs (not overridden by environment) dnl *************** *** 60,65 **** --- 65,71 ---- AC_SUBST(passwd_tries) AC_SUBST(tty_tickets) AC_SUBST(insults) + AC_SUBST(root_sudo) dnl dnl Initial values for above dnl *************** *** 68,74 **** sudo_umask=0022 passprompt="Password:" long_otp_prompt=off ! lecture=on logfac=local2 goodpri=notice badpri=alert --- 74,80 ---- sudo_umask=0022 passprompt="Password:" long_otp_prompt=off ! lecture=once logfac=local2 goodpri=notice badpri=alert *************** *** 86,91 **** --- 92,99 ---- passwd_tries=3 tty_tickets=off insults=off + root_sudo=on + INSTALL_NOEXEC= dnl dnl Initial values for Makefile variables listed above dnl May be overridden by environment variables.. *************** *** 119,125 **** AC_ARG_WITH(otp-only, [ --with-otp-only deprecated], [case $with_otp_only in yes) with_passwd=no ! AC_DEFINE(WITHOUT_PASSWD, 1, [Define to avoid using the passwd/shadow file for authentication.]) AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd]) ;; esac]) --- 127,133 ---- AC_ARG_WITH(otp-only, [ --with-otp-only deprecated], [case $with_otp_only in yes) with_passwd=no ! AC_DEFINE(WITHOUT_PASSWD) AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd]) ;; esac]) *************** *** 162,168 **** esac]) AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files], ! [case $with_incpath in yes) AC_MSG_ERROR(["must give --with-incpath an argument."]) ;; no) AC_MSG_ERROR(["--without-incpath not supported."]) --- 170,176 ---- esac]) AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files], ! [case $with_incpath in yes) AC_MSG_ERROR(["must give --with-incpath an argument."]) ;; no) AC_MSG_ERROR(["--without-incpath not supported."]) *************** *** 175,181 **** esac]) AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries], ! [case $with_libpath in yes) AC_MSG_ERROR(["must give --with-libpath an argument."]) ;; no) AC_MSG_ERROR(["--without-libpath not supported."]) --- 183,189 ---- esac]) AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries], ! [case $with_libpath in yes) AC_MSG_ERROR(["must give --with-libpath an argument."]) ;; no) AC_MSG_ERROR(["--without-libpath not supported."]) *************** *** 185,191 **** esac]) AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with], ! [case $with_libraries in yes) AC_MSG_ERROR(["must give --with-libraries an argument."]) ;; no) AC_MSG_ERROR(["--without-libraries not supported."]) --- 193,199 ---- esac]) AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with], ! [case $with_libraries in yes) AC_MSG_ERROR(["must give --with-libraries an argument."]) ;; no) AC_MSG_ERROR(["--without-libraries not supported."]) *************** *** 195,201 **** esac]) AC_ARG_WITH(devel, [ --with-devel add development options], ! [case $with_devel in yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc]) PROGS="${PROGS} testsudoers" OSDEFS="${OSDEFS} -DSUDO_DEVEL" --- 203,209 ---- esac]) AC_ARG_WITH(devel, [ --with-devel add development options], ! [case $with_devel in yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc]) PROGS="${PROGS} testsudoers" OSDEFS="${OSDEFS} -DSUDO_DEVEL" *************** *** 207,213 **** esac]) AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging], ! [case $with_efence in yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)]) LIBS="${LIBS} -lefence" if test -f /usr/local/lib/libefence.a; then --- 215,221 ---- esac]) AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging], ! [case $with_efence in yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)]) LIBS="${LIBS} -lefence" if test -f /usr/local/lib/libefence.a; then *************** *** 220,226 **** esac]) AC_ARG_WITH(csops, [ --with-csops add CSOps standard options], ! [case $with_csops in yes) AC_MSG_NOTICE([Adding CSOps standard options]) CHECKSIA=false with_ignore_dot=yes --- 228,234 ---- esac]) AC_ARG_WITH(csops, [ --with-csops add CSOps standard options], ! [case $with_csops in yes) AC_MSG_NOTICE([Adding CSOps standard options]) CHECKSIA=false with_ignore_dot=yes *************** *** 253,259 **** *) if test -n "$with_opie"; then AC_MSG_ERROR(["cannot use both S/Key and OPIE"]) fi ! AC_DEFINE(HAVE_SKEY, 1, [Define if you use S/Key.]) AC_MSG_CHECKING(whether to try S/Key authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} rfc1938.o" --- 261,267 ---- *) if test -n "$with_opie"; then AC_MSG_ERROR(["cannot use both S/Key and OPIE"]) fi ! AC_DEFINE(HAVE_SKEY) AC_MSG_CHECKING(whether to try S/Key authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} rfc1938.o" *************** *** 266,272 **** *) if test -n "$with_skey"; then AC_MSG_ERROR(["cannot use both S/Key and OPIE"]) fi ! AC_DEFINE(HAVE_OPIE, 1, [Define if you use NRL OPIE.]) AC_MSG_CHECKING(whether to try NRL OPIE authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} rfc1938.o" --- 274,280 ---- *) if test -n "$with_skey"; then AC_MSG_ERROR(["cannot use both S/Key and OPIE"]) fi ! AC_DEFINE(HAVE_OPIE) AC_MSG_CHECKING(whether to try NRL OPIE authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} rfc1938.o" *************** *** 275,281 **** AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt], [case $with_long_otp_prompt in ! yes) AC_DEFINE(LONG_OTP_PROMPT, 1, [Define if you want a two line OTP (S/Key or OPIE) prompt.]) AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication) AC_MSG_RESULT(yes) long_otp_prompt=on --- 283,289 ---- AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt], [case $with_long_otp_prompt in ! yes) AC_DEFINE(LONG_OTP_PROMPT) AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication) AC_MSG_RESULT(yes) long_otp_prompt=on *************** *** 289,295 **** AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support], [case $with_SecurID in no) with_SecurID="";; ! *) AC_DEFINE(HAVE_SECURID, 1, [Define if you use SecurID.]) AC_MSG_CHECKING(whether to use SecurID for authentication) AC_MSG_RESULT(yes) with_passwd=no --- 297,303 ---- AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support], [case $with_SecurID in no) with_SecurID="";; ! *) AC_DEFINE(HAVE_SECURID) AC_MSG_CHECKING(whether to use SecurID for authentication) AC_MSG_RESULT(yes) with_passwd=no *************** *** 299,305 **** AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support], [case $with_fwtk in no) with_fwtk="";; ! *) AC_DEFINE(HAVE_FWTK, 1, [Define if you use the FWTK authsrv daemon.]) AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication) AC_MSG_RESULT(yes) with_passwd=no --- 307,313 ---- AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support], [case $with_fwtk in no) with_fwtk="";; ! *) AC_DEFINE(HAVE_FWTK) AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication) AC_MSG_RESULT(yes) with_passwd=no *************** *** 325,331 **** AC_ARG_WITH(authenticate, [ --with-authenticate enable AIX general authentication support], [case $with_authenticate in ! yes) AC_DEFINE(HAVE_AUTHENTICATE, 1, [Define if you use AIX general authentication.]) AC_MSG_CHECKING(whether to use AIX general authentication) AC_MSG_RESULT(yes) with_passwd=no --- 333,339 ---- AC_ARG_WITH(authenticate, [ --with-authenticate enable AIX general authentication support], [case $with_authenticate in ! yes) AC_DEFINE(HAVE_AUTHENTICATE) AC_MSG_CHECKING(whether to use AIX general authentication) AC_MSG_RESULT(yes) with_passwd=no *************** *** 338,344 **** AC_ARG_WITH(pam, [ --with-pam enable PAM support], [case $with_pam in ! yes) AC_DEFINE(HAVE_PAM, 1, [Define if you use PAM.]) AC_MSG_CHECKING(whether to use PAM authentication) AC_MSG_RESULT(yes) with_passwd=no --- 346,352 ---- AC_ARG_WITH(pam, [ --with-pam enable PAM support], [case $with_pam in ! yes) AC_DEFINE(HAVE_PAM) AC_MSG_CHECKING(whether to use PAM authentication) AC_MSG_RESULT(yes) with_passwd=no *************** *** 351,357 **** AC_ARG_WITH(AFS, [ --with-AFS enable AFS support], [case $with_AFS in ! yes) AC_DEFINE(HAVE_AFS, 1, [Define if you use AFS.]) AC_MSG_CHECKING(whether to try AFS (kerberos) authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} afs.o" --- 359,365 ---- AC_ARG_WITH(AFS, [ --with-AFS enable AFS support], [case $with_AFS in ! yes) AC_DEFINE(HAVE_AFS) AC_MSG_CHECKING(whether to try AFS (kerberos) authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} afs.o" *************** *** 363,369 **** AC_ARG_WITH(DCE, [ --with-DCE enable DCE support], [case $with_DCE in ! yes) AC_DEFINE(HAVE_DCE, 1, [Define if you use OSF DCE.]) AC_MSG_CHECKING(whether to try DCE (kerberos) authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} dce.o" --- 371,377 ---- AC_ARG_WITH(DCE, [ --with-DCE enable DCE support], [case $with_DCE in ! yes) AC_DEFINE(HAVE_DCE) AC_MSG_CHECKING(whether to try DCE (kerberos) authentication) AC_MSG_RESULT(yes) AUTH_OBJS="${AUTH_OBJS} dce.o" *************** *** 391,419 **** AC_MSG_CHECKING(whether to lecture users the first time they run sudo) AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer], ! [case $with_lecture in ! yes|short) lecture=on ;; ! no|none) lecture=off ;; *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"]) ;; esac]) ! if test "$lecture" = "on"; then AC_MSG_RESULT(yes) else ! AC_DEFINE(NO_LECTURE, 1, [Define if you don't want users to get the lecture the first they user sudo.]) AC_MSG_RESULT(no) fi AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default) AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both], ! [case $with_logging in yes) AC_MSG_ERROR(["must give --with-logging an argument."]) ;; no) AC_MSG_ERROR(["--without-logging not supported."]) ;; ! syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.]) AC_MSG_RESULT(syslog) ;; file) AC_DEFINE(LOGGING, SLOG_FILE) --- 399,427 ---- AC_MSG_CHECKING(whether to lecture users the first time they run sudo) AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer], ! [case $with_lecture in ! yes|short|always) lecture=once ;; ! no|none|never) lecture=never ;; *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"]) ;; esac]) ! if test "$lecture" = "once"; then AC_MSG_RESULT(yes) else ! AC_DEFINE(NO_LECTURE) AC_MSG_RESULT(no) fi AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default) AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both], ! [case $with_logging in yes) AC_MSG_ERROR(["must give --with-logging an argument."]) ;; no) AC_MSG_ERROR(["--without-logging not supported."]) ;; ! syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog) ;; file) AC_DEFINE(LOGGING, SLOG_FILE) *************** *** 428,434 **** AC_MSG_CHECKING(which syslog facility sudo should log with) AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")], ! [case $with_logfac in yes) AC_MSG_ERROR(["must give --with-logfac an argument."]) ;; no) AC_MSG_ERROR(["--without-logfac not supported."]) --- 436,442 ---- AC_MSG_CHECKING(which syslog facility sudo should log with) AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")], ! [case $with_logfac in yes) AC_MSG_ERROR(["must give --with-logfac an argument."]) ;; no) AC_MSG_ERROR(["--without-logfac not supported."]) *************** *** 443,449 **** AC_MSG_CHECKING(at which syslog priority to log commands) AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")], ! [case $with_goodpri in yes) AC_MSG_ERROR(["must give --with-goodpri an argument."]) ;; no) AC_MSG_ERROR(["--without-goodpri not supported."]) --- 451,457 ---- AC_MSG_CHECKING(at which syslog priority to log commands) AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")], ! [case $with_goodpri in yes) AC_MSG_ERROR(["must give --with-goodpri an argument."]) ;; no) AC_MSG_ERROR(["--without-goodpri not supported."]) *************** *** 459,465 **** AC_MSG_CHECKING(at which syslog priority to log failures) AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")], ! [case $with_badpri in yes) AC_MSG_ERROR(["must give --with-badpri an argument."]) ;; no) AC_MSG_ERROR(["--without-badpri not supported."]) --- 467,473 ---- AC_MSG_CHECKING(at which syslog priority to log failures) AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")], ! [case $with_badpri in yes) AC_MSG_ERROR(["must give --with-badpri an argument."]) ;; no) AC_MSG_ERROR(["--without-badpri not supported."]) *************** *** 474,480 **** AC_MSG_RESULT($badpri) AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file], ! [case $with_logpath in yes) AC_MSG_ERROR(["must give --with-logpath an argument."]) ;; no) AC_MSG_ERROR(["--without-logpath not supported."]) --- 482,488 ---- AC_MSG_RESULT($badpri) AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file], ! [case $with_logpath in yes) AC_MSG_ERROR(["must give --with-logpath an argument."]) ;; no) AC_MSG_ERROR(["--without-logpath not supported."]) *************** *** 483,489 **** AC_MSG_CHECKING(how long a line in the log file should be) AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)], ! [case $with_loglen in yes) AC_MSG_ERROR(["must give --with-loglen an argument."]) ;; no) AC_MSG_ERROR(["--without-loglen not supported."]) --- 491,497 ---- AC_MSG_CHECKING(how long a line in the log file should be) AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)], ! [case $with_loglen in yes) AC_MSG_ERROR(["must give --with-loglen an argument."]) ;; no) AC_MSG_ERROR(["--without-loglen not supported."]) *************** *** 498,504 **** AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH) AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH], ! [case $with_ignore_dot in yes) ignore_dot=on ;; no) ignore_dot=off --- 506,512 ---- AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH) AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH], ! [case $with_ignore_dot in yes) ignore_dot=on ;; no) ignore_dot=off *************** *** 507,513 **** ;; esac]) if test "$ignore_dot" = "on"; then ! AC_DEFINE(IGNORE_DOT_PATH, 1, [Define if you want to ignore '.' and empty \$PATH elements]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) --- 515,521 ---- ;; esac]) if test "$ignore_dot" = "on"; then ! AC_DEFINE(IGNORE_DOT_PATH) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) *************** *** 515,521 **** AC_MSG_CHECKING(whether to send mail when a user is not in sudoers) AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers], ! [case $with_mail_if_no_user in yes) mail_no_user=on ;; no) mail_no_user=off --- 523,529 ---- AC_MSG_CHECKING(whether to send mail when a user is not in sudoers) AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers], ! [case $with_mail_if_no_user in yes) mail_no_user=on ;; no) mail_no_user=off *************** *** 524,530 **** ;; esac]) if test "$mail_no_user" = "on"; then ! AC_DEFINE(SEND_MAIL_WHEN_NO_USER, 1, [Define to send mail when the user is not in the sudoers file.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) --- 532,538 ---- ;; esac]) if test "$mail_no_user" = "on"; then ! AC_DEFINE(SEND_MAIL_WHEN_NO_USER) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) *************** *** 532,538 **** AC_MSG_CHECKING(whether to send mail when user listed but not for this host) AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host], ! [case $with_mail_if_no_host in yes) mail_no_host=on ;; no) mail_no_host=off --- 540,546 ---- AC_MSG_CHECKING(whether to send mail when user listed but not for this host) AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host], ! [case $with_mail_if_no_host in yes) mail_no_host=on ;; no) mail_no_host=off *************** *** 541,547 **** ;; esac]) if test "$mail_no_host" = "on"; then ! AC_DEFINE(SEND_MAIL_WHEN_NO_HOST, 1, [Define to send mail when the user is not allowed to run sudo on this host.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) --- 549,555 ---- ;; esac]) if test "$mail_no_host" = "on"; then ! AC_DEFINE(SEND_MAIL_WHEN_NO_HOST) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) *************** *** 549,555 **** AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command) AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command], ! [case $with_mail_if_noperms in yes) mail_noperms=on ;; no) mail_noperms=off --- 557,563 ---- AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command) AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command], ! [case $with_mail_if_noperms in yes) mail_noperms=on ;; no) mail_noperms=off *************** *** 558,564 **** ;; esac]) if test "$mail_noperms" = "on"; then ! AC_DEFINE(SEND_MAIL_WHEN_NOT_OK, 1, [Define to send mail when the user is not allowed to run a command.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) --- 566,572 ---- ;; esac]) if test "$mail_noperms" = "on"; then ! AC_DEFINE(SEND_MAIL_WHEN_NOT_OK) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) *************** *** 566,572 **** AC_MSG_CHECKING(who should get the mail that sudo sends) AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")], ! [case $with_mailto in yes) AC_MSG_ERROR(["must give --with-mailto an argument."]) ;; no) AC_MSG_ERROR(["--without-mailto not supported."]) --- 574,580 ---- AC_MSG_CHECKING(who should get the mail that sudo sends) AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")], ! [case $with_mailto in yes) AC_MSG_ERROR(["must give --with-mailto an argument."]) ;; no) AC_MSG_ERROR(["--without-mailto not supported."]) *************** *** 578,584 **** AC_MSG_RESULT([$mailto]) AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail], ! [case $with_mailsubject in yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."]) ;; no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.]) --- 586,592 ---- AC_MSG_RESULT([$mailto]) AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail], ! [case $with_mailsubject in yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."]) ;; no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.]) *************** *** 592,598 **** AC_MSG_CHECKING(for bad password prompt) AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt], ! [case $with_passprompt in yes) AC_MSG_ERROR(["must give --with-passprompt an argument."]) ;; no) AC_MSG_WARN([Sorry, --without-passprompt not supported.]) --- 600,606 ---- AC_MSG_CHECKING(for bad password prompt) AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt], ! [case $with_passprompt in yes) AC_MSG_ERROR(["must give --with-passprompt an argument."]) ;; no) AC_MSG_WARN([Sorry, --without-passprompt not supported.]) *************** *** 604,610 **** AC_MSG_CHECKING(for bad password message) AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong], ! [case $with_badpass_message in yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."]) ;; no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.]) --- 612,618 ---- AC_MSG_CHECKING(for bad password message) AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong], ! [case $with_badpass_message in yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."]) ;; no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.]) *************** *** 617,623 **** AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers) AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers], ! [case $with_fqdn in yes) fqdn=on ;; no) fqdn=off --- 625,631 ---- AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers) AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers], ! [case $with_fqdn in yes) fqdn=on ;; no) fqdn=off *************** *** 626,639 **** ;; esac]) if test "$fqdn" = "on"; then ! AC_DEFINE(FQDN, 1, [Define if you want to require fully qualified hosts in sudoers.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir], ! [case $with_timedir in yes) AC_MSG_ERROR(["must give --with-timedir an argument."]) ;; no) AC_MSG_ERROR(["--without-timedir not supported."]) --- 634,647 ---- ;; esac]) if test "$fqdn" = "on"; then ! AC_DEFINE(FQDN) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir], ! [case $with_timedir in yes) AC_MSG_ERROR(["must give --with-timedir an argument."]) ;; no) AC_MSG_ERROR(["--without-timedir not supported."]) *************** *** 642,648 **** AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail --without-sendmail do not send mail at all], ! [case $with_sendmail in yes) with_sendmail="" ;; no) ;; --- 650,656 ---- AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail --without-sendmail do not send mail at all], ! [case $with_sendmail in yes) with_sendmail="" ;; no) ;; *************** *** 651,657 **** esac]) AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)], ! [case $with_sudoers_mode in yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."]) ;; no) AC_MSG_ERROR(["--without-sudoers-mode not supported."]) --- 659,665 ---- esac]) AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)], ! [case $with_sudoers_mode in yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."]) ;; no) AC_MSG_ERROR(["--without-sudoers-mode not supported."]) *************** *** 665,671 **** esac]) AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)], ! [case $with_sudoers_uid in yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."]) ;; no) AC_MSG_ERROR(["--without-sudoers-uid not supported."]) --- 673,679 ---- esac]) AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)], ! [case $with_sudoers_uid in yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."]) ;; no) AC_MSG_ERROR(["--without-sudoers-uid not supported."]) *************** *** 677,683 **** esac]) AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)], ! [case $with_sudoers_gid in yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."]) ;; no) AC_MSG_ERROR(["--without-sudoers-gid not supported."]) --- 685,691 ---- esac]) AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)], ! [case $with_sudoers_gid in yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."]) ;; no) AC_MSG_ERROR(["--without-sudoers-gid not supported."]) *************** *** 691,697 **** AC_MSG_CHECKING(for umask programs should be run with) AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022) --without-umask Preserves the umask of the user invoking sudo.], ! [case $with_umask in yes) AC_MSG_ERROR(["must give --with-umask an argument."]) ;; no) sudo_umask=0777 --- 699,705 ---- AC_MSG_CHECKING(for umask programs should be run with) AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022) --without-umask Preserves the umask of the user invoking sudo.], ! [case $with_umask in yes) AC_MSG_ERROR(["must give --with-umask an argument."]) ;; no) sudo_umask=0777 *************** *** 710,716 **** AC_MSG_CHECKING(for default user to run commands as) AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")], ! [case $with_runas_default in yes) AC_MSG_ERROR(["must give --with-runas-default an argument."]) ;; no) AC_MSG_ERROR(["--without-runas-default not supported."]) --- 718,724 ---- AC_MSG_CHECKING(for default user to run commands as) AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")], ! [case $with_runas_default in yes) AC_MSG_ERROR(["must give --with-runas-default an argument."]) ;; no) AC_MSG_ERROR(["--without-runas-default not supported."]) *************** *** 722,728 **** AC_MSG_RESULT([$runas_default]) AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group], ! [case $with_exempt in yes) AC_MSG_ERROR(["must give --with-exempt an argument."]) ;; no) AC_MSG_ERROR(["--without-exempt not supported."]) --- 730,736 ---- AC_MSG_RESULT([$runas_default]) AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group], ! [case $with_exempt in yes) AC_MSG_ERROR(["must give --with-exempt an argument."]) ;; no) AC_MSG_ERROR(["--without-exempt not supported."]) *************** *** 735,741 **** AC_MSG_CHECKING(for editor that visudo should use) AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)], ! [case $with_editor in yes) AC_MSG_ERROR(["must give --with-editor an argument."]) ;; no) AC_MSG_ERROR(["--without-editor not supported."]) --- 743,749 ---- AC_MSG_CHECKING(for editor that visudo should use) AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)], ! [case $with_editor in yes) AC_MSG_ERROR(["must give --with-editor an argument."]) ;; no) AC_MSG_ERROR(["--without-editor not supported."]) *************** *** 747,753 **** AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables) AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo], ! [case $with_env_editor in yes) env_editor=on ;; no) env_editor=off --- 755,761 ---- AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables) AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo], ! [case $with_env_editor in yes) env_editor=on ;; no) env_editor=off *************** *** 756,762 **** ;; esac]) if test "$env_editor" = "on"; then ! AC_DEFINE(ENV_EDITOR, 1, [Define if you want visudo to honor the EDITOR and VISUAL env variables.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) --- 764,770 ---- ;; esac]) if test "$env_editor" = "on"; then ! AC_DEFINE(ENV_EDITOR) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) *************** *** 764,770 **** AC_MSG_CHECKING(number of tries a user gets to enter their password) AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)], ! [case $with_passwd_tries in yes) ;; no) AC_MSG_ERROR(["--without-editor not supported."]) ;; --- 772,778 ---- AC_MSG_CHECKING(number of tries a user gets to enter their password) AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)], ! [case $with_passwd_tries in yes) ;; no) AC_MSG_ERROR(["--without-editor not supported."]) ;; *************** *** 778,784 **** AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again) AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)], ! [case $with_timeout in yes) ;; no) timeout=0 ;; --- 786,792 ---- AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again) AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)], ! [case $with_timeout in yes) ;; no) timeout=0 ;; *************** *** 792,798 **** AC_MSG_CHECKING(time in minutes after the password prompt will time out) AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)], ! [case $with_password_timeout in yes) ;; no) password_timeout=0 ;; --- 800,806 ---- AC_MSG_CHECKING(time in minutes after the password prompt will time out) AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)], ! [case $with_password_timeout in yes) ;; no) password_timeout=0 ;; *************** *** 805,814 **** AC_MSG_RESULT($password_timeout) AC_ARG_WITH(execv, [ --with-execv use execv() instead of execvp()], ! [case $with_execv in yes) AC_MSG_CHECKING(whether to use execvp or execv) AC_MSG_RESULT(execv) ! AC_DEFINE(USE_EXECV, 1, [Define if you wish to use execv() instead of execvp() when running programs.]) ;; no) ;; *) AC_MSG_ERROR(["--with-execv does not take an argument."]) --- 813,822 ---- AC_MSG_RESULT($password_timeout) AC_ARG_WITH(execv, [ --with-execv use execv() instead of execvp()], ! [case $with_execv in yes) AC_MSG_CHECKING(whether to use execvp or execv) AC_MSG_RESULT(execv) ! AC_DEFINE(USE_EXECV) ;; no) ;; *) AC_MSG_ERROR(["--with-execv does not take an argument."]) *************** *** 817,823 **** AC_MSG_CHECKING(whether to use per-tty ticket files) AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty], ! [case $with_tty_tickets in yes) tty_tickets=on ;; no) tty_tickets=off --- 825,831 ---- AC_MSG_CHECKING(whether to use per-tty ticket files) AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty], ! [case $with_tty_tickets in yes) tty_tickets=on ;; no) tty_tickets=off *************** *** 826,832 **** ;; esac]) if test "$tty_tickets" = "on"; then ! AC_DEFINE(USE_TTY_TICKETS, 1, [Define if you want a different ticket file for each tty.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) --- 834,840 ---- ;; esac]) if test "$tty_tickets" = "on"; then ! AC_DEFINE(USE_TTY_TICKETS) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) *************** *** 834,840 **** AC_MSG_CHECKING(whether to include insults) AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password], ! [case $with_insults in yes) insults=on with_classic_insults=yes with_csops_insults=yes --- 842,848 ---- AC_MSG_CHECKING(whether to include insults) AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password], ! [case $with_insults in yes) insults=on with_classic_insults=yes with_csops_insults=yes *************** *** 845,858 **** ;; esac]) if test "$insults" = "on"; then ! AC_DEFINE(USE_INSULTS, 1, [Define if you want to insult the user for entering an incorrect password.]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets], ! [case $with_all_insults in yes) with_classic_insults=yes with_csops_insults=yes with_hal_insults=yes --- 853,866 ---- ;; esac]) if test "$insults" = "on"; then ! AC_DEFINE(USE_INSULTS) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets], ! [case $with_all_insults in yes) with_classic_insults=yes with_csops_insults=yes with_hal_insults=yes *************** *** 864,871 **** esac]) AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo], ! [case $with_classic_insults in ! yes) AC_DEFINE(CLASSIC_INSULTS, 1, [Define if you want the insults from the "classic" version sudo.]) ;; no) ;; *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."]) --- 872,879 ---- esac]) AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo], ! [case $with_classic_insults in ! yes) AC_DEFINE(CLASSIC_INSULTS) ;; no) ;; *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."]) *************** *** 873,880 **** esac]) AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults], ! [case $with_csops_insults in ! yes) AC_DEFINE(CSOPS_INSULTS, 1, [Define if you want insults culled from the twisted minds of CSOps.]) ;; no) ;; *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."]) --- 881,888 ---- esac]) AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults], ! [case $with_csops_insults in ! yes) AC_DEFINE(CSOPS_INSULTS) ;; no) ;; *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."]) *************** *** 882,889 **** esac]) AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults], ! [case $with_hal_insults in ! yes) AC_DEFINE(HAL_INSULTS, 1, [Define if you want 2001-like insults.]) ;; no) ;; *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."]) --- 890,897 ---- esac]) AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults], ! [case $with_hal_insults in ! yes) AC_DEFINE(HAL_INSULTS) ;; no) ;; *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."]) *************** *** 891,904 **** esac]) AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"], ! [case $with_goons_insults in ! yes) AC_DEFINE(GOONS_INSULTS, 1, [Define if you want insults from the "Goon Show".]) ;; no) ;; *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."]) ;; esac]) dnl include all insult sets on one line if test "$insults" = "on"; then AC_MSG_CHECKING(which insult sets to include) --- 899,932 ---- esac]) AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"], ! [case $with_goons_insults in ! yes) AC_DEFINE(GOONS_INSULTS) ;; no) ;; *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."]) ;; esac]) + AC_ARG_WITH(ldap, [ --with-ldap[[=DIR]] enable LDAP support], + [case $with_ldap in + no) with_ldap="";; + *) AC_DEFINE(HAVE_LDAP) + AC_MSG_CHECKING(whether to use sudoers from LDAP) + AC_MSG_RESULT(yes) + ;; + esac]) + AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file], + [AC_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "$with_ldap_conf_file", [Path to the ldap.conf file])]) + + AC_ARG_WITH(pc-insults, [ --with-pc-insults replace politically incorrect insults with less offensive ones], + [case $with_pc_insults in + yes) AC_DEFINE(PC_INSULTS) + ;; + no) ;; + *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."]) + ;; + esac]) + dnl include all insult sets on one line if test "$insults" = "on"; then AC_MSG_CHECKING(which insult sets to include) *************** *** 912,919 **** AC_MSG_CHECKING(whether to override the user's path) AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a built-in one], ! [case $with_secure_path in ! yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc", [Define to override the user's path with a built-in one.]) AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc]) ;; no) AC_MSG_RESULT(no) --- 940,947 ---- AC_MSG_CHECKING(whether to override the user's path) AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a built-in one], ! [case $with_secure_path in ! yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc") AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc]) ;; no) AC_MSG_RESULT(no) *************** *** 925,934 **** AC_MSG_CHECKING(whether to get ip addresses from the network interfaces) AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces], ! [case $with_interfaces in yes) AC_MSG_RESULT(yes) ;; ! no) AC_DEFINE(STUB_LOAD_INTERFACES, 1, [Define if the code in interfaces.c does not compile for you.]) AC_MSG_RESULT(no) ;; *) AC_MSG_ERROR(["--with-interfaces does not take an argument."]) --- 953,962 ---- AC_MSG_CHECKING(whether to get ip addresses from the network interfaces) AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces], ! [case $with_interfaces in yes) AC_MSG_RESULT(yes) ;; ! no) AC_DEFINE(STUB_LOAD_INTERFACES) AC_MSG_RESULT(no) ;; *) AC_MSG_ERROR(["--with-interfaces does not take an argument."]) *************** *** 939,945 **** AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging], [case $with_stow in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(USE_STOW, 1, [Define if you use stow packaging.]) ;; no) AC_MSG_RESULT(no) ;; --- 967,973 ---- AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging], [case $with_stow in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(USE_STOW) ;; no) AC_MSG_RESULT(no) ;; *************** *** 959,965 **** yes) AC_MSG_RESULT(yes) ;; no) AC_MSG_RESULT(no) ! AC_DEFINE(NO_AUTHENTICATION, 1, [Define if you don't want sudo to prompt for a password by default.]) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval]) --- 987,993 ---- yes) AC_MSG_RESULT(yes) ;; no) AC_MSG_RESULT(no) ! AC_DEFINE(NO_AUTHENTICATION) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval]) *************** *** 974,980 **** yes) AC_MSG_RESULT(no) ;; no) AC_MSG_RESULT(yes) ! AC_DEFINE(NO_ROOT_MAILER, 1, [Define to avoid runing the mailer as root.]) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval]) --- 1002,1008 ---- yes) AC_MSG_RESULT(no) ;; no) AC_MSG_RESULT(yes) ! AC_DEFINE(NO_ROOT_MAILER) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval]) *************** *** 1007,1013 **** yes) AC_MSG_RESULT(no) ;; no) AC_MSG_RESULT(yes) ! AC_DEFINE(NO_SAVED_IDS, 1, [Define to avoid using POSIX saved ids.]) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-saved-ids: $enableval]) --- 1035,1041 ---- yes) AC_MSG_RESULT(no) ;; no) AC_MSG_RESULT(yes) ! AC_DEFINE(NO_SAVED_IDS) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-saved-ids: $enableval]) *************** *** 1033,1043 **** AC_MSG_CHECKING(whether root should be allowed to use sudo) AC_ARG_ENABLE(root-sudo, [ --disable-root-sudo Don't allow root to run sudo], ! [ case "$enableval" in yes) AC_MSG_RESULT(yes) ;; ! no) AC_DEFINE(NO_ROOT_SUDO, 1, [Define if root should not be allowed to use sudo.]) AC_MSG_RESULT(no) ;; *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."]) ;; --- 1061,1072 ---- AC_MSG_CHECKING(whether root should be allowed to use sudo) AC_ARG_ENABLE(root-sudo, [ --disable-root-sudo Don't allow root to run sudo], ! [ case "$enableval" in yes) AC_MSG_RESULT(yes) ;; ! no) AC_DEFINE(NO_ROOT_SUDO) AC_MSG_RESULT(no) + root_sudo=off ;; *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."]) ;; *************** *** 1049,1055 **** [ --enable-log-host Log the hostname in the log file], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(HOST_IN_LOG, 1, [Define if you want the hostname to be entered into the log file.]) ;; no) AC_MSG_RESULT(no) ;; --- 1078,1084 ---- [ --enable-log-host Log the hostname in the log file], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(HOST_IN_LOG) ;; no) AC_MSG_RESULT(no) ;; *************** *** 1064,1070 **** [ --enable-noargs-shell If sudo is given no arguments run a shell], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(SHELL_IF_NO_ARGS, 1, [Define if you want sudo to start a shell if given no arguments.]) ;; no) AC_MSG_RESULT(no) ;; --- 1093,1099 ---- [ --enable-noargs-shell If sudo is given no arguments run a shell], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(SHELL_IF_NO_ARGS) ;; no) AC_MSG_RESULT(no) ;; *************** *** 1080,1086 **** set $HOME to target user in shell mode], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(SHELL_SETS_HOME, 1, [Define if you want sudo to set $HOME in shell mode.]) ;; no) AC_MSG_RESULT(no) ;; --- 1109,1115 ---- set $HOME to target user in shell mode], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ! AC_DEFINE(SHELL_SETS_HOME) ;; no) AC_MSG_RESULT(no) ;; *************** *** 1097,1103 **** yes) AC_MSG_RESULT(no) ;; no) AC_MSG_RESULT(yes) ! AC_DEFINE(DONT_LEAK_PATH_INFO, 1, [Define if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.]) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval]) --- 1126,1132 ---- yes) AC_MSG_RESULT(no) ;; no) AC_MSG_RESULT(yes) ! AC_DEFINE(DONT_LEAK_PATH_INFO) ;; *) AC_MSG_RESULT(no) AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval]) *************** *** 1122,1138 **** dnl dnl C compiler checks - dnl XXX - the cross-compiler check gets false positives so we override it dnl AC_ISC_POSIX - ac_cv_prog_cc_cross="no" - cross_compiling="no" AC_PROG_CC_STDC - ac_cv_prog_cc_cross="no" - cross_compiling="no" AC_PROG_CPP dnl dnl It is now safe to modify CFLAGS and CPPFLAGS dnl if test "$with_devel" = "yes" -a -n "$GCC"; then --- 1151,1190 ---- dnl dnl C compiler checks dnl AC_ISC_POSIX AC_PROG_CC_STDC AC_PROG_CPP dnl + dnl Libtool magic; enable shared libs and disable static libs + dnl + AC_CANONICAL_HOST + AC_CANONICAL_SYSTEM + AC_ENABLE_SHARED + AC_DISABLE_STATIC + AC_PROG_LIBTOOL + + dnl + dnl Defer with_noexec until after libtool magic runs + dnl + if test "$enable_shared" = "no"; then + with_noexec=no + else + eval _shrext="$shrext" + fi + AC_MSG_CHECKING(path to sudo_noexec.so) + AC_ARG_WITH(noexec, [ --with-noexec[=PATH] fully qualified pathname of sudo_noexec.so], + [case $with_noexec in + yes) with_noexec="$libexecdir/sudo_noexec$_shrext" + ;; + no) ;; + *) ;; + esac], [with_noexec="$libexecdir/sudo_noexec$_shrext"]) + AC_MSG_RESULT($with_noexec) + NOEXECDIR="`echo $with_noexec|sed 's:^\(.*\)/[[^/]]*:\1:'`" + + dnl dnl It is now safe to modify CFLAGS and CPPFLAGS dnl if test "$with_devel" = "yes" -a -n "$GCC"; then *************** *** 1144,1150 **** dnl AC_CHECK_PROG(UNAMEPROG, uname, uname, ) AC_CHECK_PROG(TRPROG, tr, tr, ) - AC_CHECK_PROG(SEDPROG, sed, sed, ) AC_CHECK_PROG(NROFFPROG, nroff, nroff, ) if test -z "$NROFFPROG"; then MANTYPE="cat" --- 1196,1201 ---- *************** *** 1155,1161 **** dnl What kind of beastie are we being run on? dnl Barf if config.cache was generated on another host. dnl - AC_CANONICAL_HOST if test -n "$sudo_cv_prev_host"; then if test "$sudo_cv_prev_host" != "$host"; then AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.]) --- 1206,1211 ---- *************** *** 1193,1200 **** # check for password adjunct functions (shadow passwords) if test "$CHECKSHADOW" = "true"; then AC_CHECK_FUNCS(getpwanam issecure, , [break]) - AH_TEMPLATE([HAVE_GETPWANAM], [Define if you have the `getpwanam' function. (SunOS 4.x shadow passwords)]) - AH_TEMPLATE([HAVE_ISSECURE], [Define if you have the `issecure' function. (SunOS 4.x check for shadow enabled)]) CHECKSHADOW="false" fi ;; --- 1243,1248 ---- *************** *** 1239,1297 **** test -n "$mansectsu" || mansectsu=1m test -n "$mansectform" || mansectform=4 ;; ! *-*-hpux1[[0-9]]*) ! if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) AC_CHECK_LIB(sec, iscomsec, AC_DEFINE(HAVE_ISCOMSEC, 1, [Define if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1]) ! CHECKSHADOW="false" ! fi ! # AFS support needs -lBSD if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi test -n "$mansectsu" || mansectsu=1m test -n "$mansectform" || mansectform=4 - ;; - *-*-hpux9*) - AC_DEFINE(BROKEN_SYSLOG, 1, [Define if the `syslog' function returns a non-zero int to denote failure.]) ! if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_FUNCS(getspwuid) ! AH_TEMPLATE([HAVE_GETSPWUID], [Define if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)]) ! CHECKSHADOW="false" ! fi ! # DCE support (requires ANSI C compiler) ! if test "$with_DCE" = "yes"; then ! # order of libs in 9.X is important. -lc_r must be last ! SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r" ! LIBS="${LIBS} -ldce -lM -lc_r" ! CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant" ! fi ! # AFS support needs -lBSD ! if test "$with_AFS" = "yes"; then ! AFS_LIBS="-lc -lBSD" ! fi ! test -n "$mansectsu" || mansectsu=1m ! test -n "$mansectform" || mansectform=4 ! ;; ! *-*-hpux*) ! AC_DEFINE(BROKEN_SYSLOG) ! # Not sure if setuid binaries are safe in < 9.x ! if test -n "$GCC"; then ! SUDO_LDFLAGS="${SUDO_LDFLAGS} -static" ! else ! SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive" ! fi ! ! # AFS support needs -lBSD ! if test "$with_AFS" = "yes"; then ! AFS_LIBS="-lc -lBSD" ! fi ! test -n "$mansectsu" || mansectsu=1m ! test -n "$mansectform" || mansectform=4 ;; *-dec-osf*) # ignore envariables wrt dynamic lib path --- 1287,1340 ---- test -n "$mansectsu" || mansectsu=1m test -n "$mansectform" || mansectform=4 ;; ! *-*-hpux*) # AFS support needs -lBSD if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi test -n "$mansectsu" || mansectsu=1m test -n "$mansectform" || mansectform=4 ! case "$host" in ! *-*-hpux[1-8].*) ! AC_DEFINE(BROKEN_SYSLOG) ! # Not sure if setuid binaries are safe in < 9.x ! if test -n "$GCC"; then ! SUDO_LDFLAGS="${SUDO_LDFLAGS} -static" ! else ! SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive" ! fi ! ;; ! *-*-hpux9.*) ! AC_DEFINE(BROKEN_SYSLOG) ! if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_FUNCS(getspwuid) ! CHECKSHADOW="false" ! fi ! # DCE support (requires ANSI C compiler) ! if test "$with_DCE" = "yes"; then ! # order of libs in 9.X is important. -lc_r must be last ! SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r" ! LIBS="${LIBS} -ldce -lM -lc_r" ! CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant" ! fi ! ;; ! *-*-hpux10.*) ! if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) AC_CHECK_LIB(sec, iscomsec, AC_DEFINE(HAVE_ISCOMSEC)) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1]) ! CHECKSHADOW="false" ! fi ! ;; ! *) ! if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"]) ! CHECKSHADOW="false" ! fi ! ;; ! esac ;; *-dec-osf*) # ignore envariables wrt dynamic lib path *************** *** 1315,1321 **** # use SIA by default, if we have it, else SecureWare # unless overridden on the command line if test "$CHECKSIA" = "true"; then ! AC_CHECK_FUNC(sia_ses_init, [AC_DEFINE(HAVE_SIA, 1, [Define if you use SIA.])] [ if test -n "$with_skey" -o -n "$with_opie" -o -n "$with_otp_only" -o -n "$with_long_otp_prompt" -o -n "$with_SecurID" -o -n "$with_fwtk" -o -n "$with_kerb4" -o -n "$with_kerb5" -o -n "$with_pam" -o -n "$with_AFS" -o -n "$with_DCE"; then AC_MSG_ERROR(["you cannot mix SIA and other authentication schemes. You can turn off SIA support via the --disable-sia option"]) fi]; CHECKSHADOW=false) --- 1358,1364 ---- # use SIA by default, if we have it, else SecureWare # unless overridden on the command line if test "$CHECKSIA" = "true"; then ! AC_CHECK_FUNC(sia_ses_init, [AC_DEFINE(HAVE_SIA)] [ if test -n "$with_skey" -o -n "$with_opie" -o -n "$with_otp_only" -o -n "$with_long_otp_prompt" -o -n "$with_SecurID" -o -n "$with_fwtk" -o -n "$with_kerb4" -o -n "$with_kerb5" -o -n "$with_pam" -o -n "$with_AFS" -o -n "$with_DCE"; then AC_MSG_ERROR(["you cannot mix SIA and other authentication schemes. You can turn off SIA support via the --disable-sia option"]) fi]; CHECKSHADOW=false) *************** *** 1326,1332 **** fi if test -n "$SECUREWARE"; then ! AC_DEFINE(HAVE_GETPRPWNAM, 1, [Define if you have the `getprpwnam' function. (SecureWare-style shadow passwords)]) # -ldb includes bogus versions of snprintf/vsnprintf AC_CHECK_FUNCS(snprintf, , [NEED_SNPRINTF=1]) AC_CHECK_FUNCS(vsnprintf, , [NEED_SNPRINTF=1]) --- 1369,1375 ---- fi if test -n "$SECUREWARE"; then ! AC_DEFINE(HAVE_GETPRPWNAM) # -ldb includes bogus versions of snprintf/vsnprintf AC_CHECK_FUNCS(snprintf, , [NEED_SNPRINTF=1]) AC_CHECK_FUNCS(vsnprintf, , [NEED_SNPRINTF=1]) *************** *** 1397,1403 **** *-*-ultrix*) OS="ultrix" if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_LIB(auth, getauthuid, AC_DEFINE(HAVE_GETAUTHUID, 1, [Define if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)]) [SUDO_LIBS="${SUDO_LIBS} -lauth"; LIBS="${LIBS} -lauth"]) CHECKSHADOW="false" fi ;; --- 1440,1446 ---- *-*-ultrix*) OS="ultrix" if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_LIB(auth, getauthuid, AC_DEFINE(HAVE_GETAUTHUID) [SUDO_LIBS="${SUDO_LIBS} -lauth"; LIBS="${LIBS} -lauth"]) CHECKSHADOW="false" fi ;; *************** *** 1563,1569 **** dnl We check for SVR4-style first and then SecureWare-style. dnl if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM, 1, [Define if you have the `getspnam' function (SVR4-style shadow passwords)]) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])]) fi if test "$CHECKSHADOW" = "true"; then AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))]) --- 1606,1612 ---- dnl We check for SVR4-style first and then SecureWare-style. dnl if test "$CHECKSHADOW" = "true"; then ! AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])]) fi if test "$CHECKSHADOW" = "true"; then AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))]) *************** *** 1598,1604 **** if test "$OS" != "ultrix"; then AC_SYS_POSIX_TERMIOS if test "$ac_cv_sys_posix_termios" = "yes"; then ! AC_DEFINE(HAVE_TERMIOS_H, 1, [Define if you have the header file and the `tcgetattr' function.]) else AC_CHECK_HEADERS(termio.h) fi --- 1641,1647 ---- if test "$OS" != "ultrix"; then AC_SYS_POSIX_TERMIOS if test "$ac_cv_sys_posix_termios" = "yes"; then ! AC_DEFINE(HAVE_TERMIOS_H) else AC_CHECK_HEADERS(termio.h) fi *************** *** 1607,1623 **** AC_CHECK_HEADERS(login_cap.h) fi if test "$with_bsdauth" = "yes"; then ! AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H, 1, [Define if you use BSD authentication.]) [with_passwd=no; AUTH_OBJS=bsdauth.o], -) fi dnl dnl typedef checks dnl AC_TYPE_MODE_T AC_TYPE_UID_T ! AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int, [Define to `int' if does not define.])], [#include #include ]) ! AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T, 1, [Define if has the sigaction_t typedef.])], ,[#include #include ]) SUDO_TYPE_SIZE_T SUDO_TYPE_SSIZE_T SUDO_TYPE_DEV_T --- 1650,1669 ---- AC_CHECK_HEADERS(login_cap.h) fi if test "$with_bsdauth" = "yes"; then ! AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H) [with_passwd=no; AUTH_OBJS=bsdauth.o], -) fi dnl dnl typedef checks dnl AC_TYPE_MODE_T AC_TYPE_UID_T ! AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int)], [#include #include ]) ! AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T)], ,[#include #include ]) + AC_CHECK_TYPE([struct timespec], [AC_DEFINE(HAVE_TIMESPEC)], , [#include + #include + #include ]) SUDO_TYPE_SIZE_T SUDO_TYPE_SSIZE_T SUDO_TYPE_DEV_T *************** *** 1638,1643 **** --- 1684,1690 ---- dnl AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \ strftime setrlimit initgroups fstat) + AC_CHECK_FUNCS(seteuid, , [AC_DEFINE(NO_SAVED_IDS)]) if test -z "$SKIP_SETRESUID"; then AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes]) fi *************** *** 1657,1668 **** AC_CHECK_FUNCS(waitpid wait3, [break]) AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]]) AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], AC_LIBOBJ(lsearch), -), AC_LIBOBJ(lsearch))]) ! AC_CHECK_FUNCS(utime, [SUDO_FUNC_UTIME_POSIX], [AC_LIBOBJ(utime)]) ! SUDO_FUNC_FNMATCH(AC_DEFINE(HAVE_FNMATCH, 1, [Define if you have the `fnmatch' function.]), AC_LIBOBJ(fnmatch)) SUDO_FUNC_ISBLANK AC_REPLACE_FUNCS(strerror strcasecmp sigaction strlcpy strlcat closefrom) AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1]) dnl dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf) dnl --- 1704,1722 ---- AC_CHECK_FUNCS(waitpid wait3, [break]) AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]]) AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], AC_LIBOBJ(lsearch), -), AC_LIBOBJ(lsearch))]) ! AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)]) ! SUDO_FUNC_FNMATCH(AC_DEFINE(HAVE_FNMATCH), AC_LIBOBJ(fnmatch)) SUDO_FUNC_ISBLANK AC_REPLACE_FUNCS(strerror strcasecmp sigaction strlcpy strlcat closefrom) AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1]) + AC_CHECK_FUNCS(getttimeofday, [AC_CHECK_MEMBER([struct stat.st_mtim], AC_DEFINE(HAVE_ST_MTIM), [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])]) dnl + dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR. + dnl + AC_TRY_LINK([#include + #include <$ac_header_dirent>], [DIR d; (void)dirfd(&d);], [AC_DEFINE(HAVE_DIRFD)], [AC_TRY_LINK([#include + #include <$ac_header_dirent>], [DIR d; (void)&d.dd_fd;], [AC_DEFINE(HAVE_DD_FD)], [])]) + dnl dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf) dnl *************** *** 1672,1678 **** dnl dnl if crypt(3) not in libc, look elsewhere dnl ! if test -z "$LIB_CRYPT"; then AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))]) fi dnl --- 1726,1732 ---- dnl dnl if crypt(3) not in libc, look elsewhere dnl ! if test -z "$LIB_CRYPT" -a "$with_pam" != "yes"; then AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))]) fi dnl *************** *** 1708,1714 **** AC_TRY_LINK(, [extern char *__progname; (void)puts(__progname);], [sudo_cv___progname=yes], [sudo_cv___progname=no])]) if test "$sudo_cv___progname" = "yes"; then ! AC_DEFINE(HAVE___PROGNAME, 1, [Define if your crt0.o defines the __progname symbol for you.]) else AC_LIBOBJ(getprogname) fi --- 1762,1768 ---- AC_TRY_LINK(, [extern char *__progname; (void)puts(__progname);], [sudo_cv___progname=yes], [sudo_cv___progname=no])]) if test "$sudo_cv___progname" = "yes"; then ! AC_DEFINE(HAVE___PROGNAME) else AC_LIBOBJ(getprogname) fi *************** *** 1718,1724 **** dnl Kerberos IV dnl if test -n "$with_kerb4"; then ! AC_DEFINE(HAVE_KERB4, 1, [Define if you use Kerberos IV.]) dnl dnl Use the specified directory, if any, else search for correct inc dir dnl --- 1772,1778 ---- dnl Kerberos IV dnl if test -n "$with_kerb4"; then ! AC_DEFINE(HAVE_KERB4) dnl dnl Use the specified directory, if any, else search for correct inc dir dnl *************** *** 1781,1787 **** if test "$with_kerb5" = "yes"; then AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "") if test -n "$KRB5CONFIG"; then ! AC_DEFINE(HAVE_KERB5, 1, [Define if you use Kerberos V.]) AUTH_OBJS="${AUTH_OBJS} kerb5.o" CPPFLAGS="$CPPFLAGS `krb5-config --cflags`" SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`" --- 1835,1841 ---- if test "$with_kerb5" = "yes"; then AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "") if test -n "$KRB5CONFIG"; then ! AC_DEFINE(HAVE_KERB5) AUTH_OBJS="${AUTH_OBJS} kerb5.o" CPPFLAGS="$CPPFLAGS `krb5-config --cflags`" SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`" *************** *** 1792,1804 **** AC_TRY_COMPILE([#include ], [const char *tmp = heimdal_version;], [ AC_MSG_RESULT(yes) ! AC_DEFINE(HAVE_HEIMDAL, 1, [Define if your Kerberos is Heimdal.]) ] ) fi fi if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then ! AC_DEFINE(HAVE_KERB5, 1, [Define if you use Kerberos V.]) dnl dnl Use the specified directory, if any, else search for correct inc dir dnl --- 1846,1858 ---- AC_TRY_COMPILE([#include ], [const char *tmp = heimdal_version;], [ AC_MSG_RESULT(yes) ! AC_DEFINE(HAVE_HEIMDAL) ] ) fi fi if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then ! AC_DEFINE(HAVE_KERB5) dnl dnl Use the specified directory, if any, else search for correct inc dir dnl *************** *** 1826,1832 **** AC_TRY_COMPILE([#include ], [const char *tmp = heimdal_version;], [ AC_MSG_RESULT(yes) ! AC_DEFINE(HAVE_HEIMDAL, 1, [Define if your Kerberos is Heimdal.]) SUDO_LIBS="${SUDO_LIBS} -lkrb5 -ldes -lcom_err -lasn1" AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"]) ], [ --- 1880,1886 ---- AC_TRY_COMPILE([#include ], [const char *tmp = heimdal_version;], [ AC_MSG_RESULT(yes) ! AC_DEFINE(HAVE_HEIMDAL) SUDO_LIBS="${SUDO_LIBS} -lkrb5 -ldes -lcom_err -lasn1" AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"]) ], [ *************** *** 1838,1847 **** fi dnl ! dnl PAM libs dnl if test "$with_pam" = "yes"; then AC_HAVE_LIBRARY(dl, SUDO_LIBS="${SUDO_LIBS} -lpam -ldl", SUDO_LIBS="${SUDO_LIBS} -lpam") fi dnl --- 1892,1909 ---- fi dnl ! dnl Extra PAM foolishness dnl if test "$with_pam" = "yes"; then + dnl + dnl Linux may need this + dnl AC_HAVE_LIBRARY(dl, SUDO_LIBS="${SUDO_LIBS} -lpam -ldl", SUDO_LIBS="${SUDO_LIBS} -lpam") + dnl + dnl Some PAM implementations (MacOS X for example) put the PAM headers + dnl in /usr/include/pam instead of /usr/include/security... + dnl + AC_CHECK_HEADERS([pam/pam_appl.h]) fi dnl *************** *** 1926,1932 **** AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS]) fi AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])]) ! AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS, 1, [Define if your S/Key library has skeyaccess().])) LDFLAGS="$O_LDFLAGS" SUDO_LIBS="${SUDO_LIBS} -lskey" fi --- 1988,1994 ---- AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS]) fi AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])]) ! AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS)) LDFLAGS="$O_LDFLAGS" SUDO_LIBS="${SUDO_LIBS} -lskey" fi *************** *** 2018,2023 **** --- 2080,2130 ---- fi dnl + dnl extra lib and .o file for LDAP support + dnl + if test -n "$with_ldap"; then + if test "$with_ldap" != "yes"; then + SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_ldap}/lib]) + _LDFLAGS="$LDFLAGS" + SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib]) + CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include" + with_ldap=yes + fi + SUDO_OBJS="${SUDO_OBJS} ldap.o" + + AC_MSG_CHECKING([for LDAP libraries]) + LDAP_LIBS="" + _LIBS="$LIBS" + found=no + for l in -lldap -llber '-lssl -lcrypto'; do + LIBS="${LIBS} $l" + LDAP_LIBS="${LDAP_LIBS} $l" + AC_TRY_LINK([#include + #include + #include ], [(void)ldap_init(0, 0)], [found=yes; break], []) + done + dnl if nothing linked just try with -ldap + if test "$found" = "no"; then + LDAP_LIBS=" -ldap" + AC_MSG_RESULT([not found, using -ldap]) + else + AC_MSG_RESULT([$LDAP_LIBS]) + fi + dnl try again w/o explicitly including lber.h + AC_MSG_CHECKING([whether lber.h is needed]) + AC_TRY_LINK([#include + #include ], [(void)ldap_init(0, 0)], [AC_MSG_RESULT([no])], [ + AC_MSG_RESULT([yes]) + AC_DEFINE(HAVE_LBER_H)]) + + AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s) + + SUDO_LIBS="${SUDO_LIBS}${LDAP_LIBS}" + LIBS="$_LIBS" + LDFLAGS="$_LDFLAGS" + fi + + dnl dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we dnl added -L dirpaths to SUDO_LDFLAGS. dnl *************** *** 2039,2045 **** dnl Use passwd (and secureware) auth modules? dnl if test "$with_passwd" = "no"; then ! AC_DEFINE(WITHOUT_PASSWD, 1. [Define to avoid using the passwd/shadow file for authentication.]) if test -z "$AUTH_OBJS"; then AC_MSG_ERROR([no authentication methods defined.]) fi --- 2146,2152 ---- dnl Use passwd (and secureware) auth modules? dnl if test "$with_passwd" = "no"; then ! AC_DEFINE(WITHOUT_PASSWD) if test -z "$AUTH_OBJS"; then AC_MSG_ERROR([no authentication methods defined.]) fi *************** *** 2072,2077 **** --- 2179,2205 ---- test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)' dnl + dnl Defer setting _PATH_SUDO_NOEXEC until after exec_prefix is set + dnl XXX - this is gross! + dnl + if test "$with_noexec" != "no"; then + PROGS="${PROGS} sudo_noexec.la" + INSTALL_NOEXEC="install-noexec" + + oexec_prefix="$exec_prefix" + if test "$exec_prefix" = '$(prefix)'; then + if test "$prefix" = "NONE"; then + exec_prefix="$ac_default_prefix" + else + exec_prefix="$prefix" + fi + fi + eval noexec_file="$with_noexec" + AC_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so]) + exec_prefix="$oexec_prefix" + fi + + dnl dnl Substitute into the Makefile and man pages dnl AC_OUTPUT([Makefile sudo.man visudo.man sudoers.man]) *************** *** 2088,2095 **** fi dnl ! dnl Special bits for autoheader dnl AH_VERBATIM([_GNU_SOURCE], [/* Enable GNU extensions on systems that have them. */ #ifndef _GNU_SOURCE --- 2216,2291 ---- fi dnl ! dnl Autoheader templates dnl + AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.]) + AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.]) + AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.]) + AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.]) + AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.]) + AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.]) + AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".]) + AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.]) + AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.]) + AH_TEMPLATE(HAVE_AUTHENTICATE, [Define to 1 if you use AIX general authentication.]) + AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.]) + AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.]) + AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.]) + AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.]) + AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.]) + AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.]) + AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)]) + AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords)]) + AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords)]) + AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords)]) + AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)]) + AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.]) + AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)]) + AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled)]) + AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.]) + AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.]) + AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs . (OpenLDAP does not)]) + AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.]) + AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.]) + AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.]) + AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.]) + AH_TEMPLATE(HAVE_SIA, [Define to 1 if you use SIA authentication.]) + AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if has the sigaction_t typedef.]) + AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.]) + AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().]) + AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member]) + AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member]) + AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the header file and the `tcgetattr' function.]) + AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h]) + AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.]) + AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.]) + AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements]) + AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.]) + AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.]) + AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.]) + AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.]) + AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.]) + AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.]) + AH_TEMPLATE(NO_SAVED_IDS, [Define to avoid using POSIX saved ids.]) + AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.]) + AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.]) + AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.]) + AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.]) + AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.]) + AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.]) + AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.]) + AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.]) + AH_TEMPLATE(USE_EXECV, [Define to 1 if you wish to use execv() instead of execvp() when running programs.]) + AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.]) + AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.]) + AH_TEMPLATE(USE_TTY_TICKETS, [Define to 1 if you want a different ticket file for each tty.]) + AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.]) + AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.]) + AH_TEMPLATE(sig_atomic_t, [Define to `int' if does not define.]) + + dnl + dnl Bits to copy verbatim into config.h.in + dnl AH_VERBATIM([_GNU_SOURCE], [/* Enable GNU extensions on systems that have them. */ #ifndef _GNU_SOURCE *************** *** 2112,2117 **** --- 2308,2329 ---- #define _SUDO_CONFIG_H]) AH_BOTTOM([/* + * Macros to pull sec and nsec parts of mtime from struct stat. + */ + #ifdef HAVE_ST_MTIM + # define mtim_getsec(_x) ((_x).st_mtim.tv_sec) + # define mtim_getnsec(_x) ((_x).st_mtim.tv_nsec) + #else + # ifdef HAVE_ST_MTIMESPEC + # define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec) + # define mtim_getnsec(_x) ((_x).st_mtimespec.tv_nsec) + # else + # define mtim_getsec(_x) ((_x).st_mtime) + # define mtim_getnsec(_x) (0) + # endif /* HAVE_ST_MTIMESPEC */ + #endif /* HAVE_ST_MTIM */ + + /* * Emulate a subset of waitpid() if we don't have it. */ #ifdef HAVE_WAITPID *************** *** 2123,2146 **** #endif /* GNU stow needs /etc/sudoers to be a symlink. */ ! #ifdef HAVE_STOW # define stat_sudoers stat #else # define stat_sudoers lstat #endif - /* Solaris doesn't use const qualifiers in PAM. */ - #ifdef sun - # define PAM_CONST - #else - # define PAM_CONST const - #endif - #ifdef USE_EXECV ! # define EXEC execv #else ! # define EXEC execvp #endif /* USE_EXECV */ /* New ANSI-style OS defs for HP-UX and ConvexOS. */ #if defined(hpux) && !defined(__hpux) --- 2335,2359 ---- #endif /* GNU stow needs /etc/sudoers to be a symlink. */ ! #ifdef USE_STOW # define stat_sudoers stat #else # define stat_sudoers lstat #endif #ifdef USE_EXECV ! # define EXECV execv #else ! # define EXECV execvp #endif /* USE_EXECV */ + + /* Macros to set/clear/test flags. */ + #undef SET + #define SET(t, f) ((t) |= (f)) + #undef CLR + #define CLR(t, f) ((t) &= ~(f)) + #undef ISSET + #define ISSET(t, f) ((t) & (f)) /* New ANSI-style OS defs for HP-UX and ConvexOS. */ #if defined(hpux) && !defined(__hpux)