Annotation of src/usr.bin/sudo/configure.in, Revision 1.17
1.1 millert 1: dnl
2: dnl Process this file with GNU autoconf to produce a configure script.
1.17 ! millert 3: dnl $Sudo: configure.in,v 1.382 2003/04/04 17:45:24 millert Exp $
1.1 millert 4: dnl
1.14 millert 5: dnl Copyright (c) 1994-1996,1998-2003 Todd C. Miller <Todd.Miller@courtesan.com>
1.1 millert 6: dnl
1.17 ! millert 7: AC_INIT(sudo, 1.6.7p3)
1.1 millert 8: AC_CONFIG_HEADER(config.h pathnames.h)
9: dnl
10: dnl This won't work before AC_INIT()
11: dnl
1.17 ! millert 12: AC_MSG_NOTICE([Configuring Sudo version 1.6.7p3])
1.1 millert 13: dnl
1.7 millert 14: dnl Variables that get substituted in the Makefile and man pages
1.1 millert 15: dnl
1.5 millert 16: AC_SUBST(CFLAGS)dnl
1.1 millert 17: AC_SUBST(PROGS)dnl
18: AC_SUBST(CPPFLAGS)dnl
19: AC_SUBST(LDFLAGS)dnl
20: AC_SUBST(SUDO_LDFLAGS)dnl
21: AC_SUBST(LIBS)dnl
22: AC_SUBST(SUDO_LIBS)dnl
23: AC_SUBST(NET_LIBS)dnl
24: AC_SUBST(AFS_LIBS)dnl
25: AC_SUBST(OSDEFS)dnl
26: AC_SUBST(AUTH_OBJS)dnl
27: AC_SUBST(MANTYPE)dnl
28: AC_SUBST(MAN_POSTINSTALL)dnl
29: AC_SUBST(SUDOERS_MODE)dnl
30: AC_SUBST(SUDOERS_UID)dnl
31: AC_SUBST(SUDOERS_GID)dnl
1.5 millert 32: AC_SUBST(DEV)
33: AC_SUBST(mansectsu)
34: AC_SUBST(mansectform)
35: AC_SUBST(mansrcdir)
36: dnl
1.7 millert 37: dnl Variables that get substituted in docs (not overridden by environment)
38: dnl
39: AC_SUBST(timedir)dnl initial value from SUDO_TIMEDIR
40: AC_SUBST(timeout)
41: AC_SUBST(password_timeout)
42: AC_SUBST(sudo_umask)
43: AC_SUBST(passprompt)
44: AC_SUBST(long_otp_prompt)
45: AC_SUBST(lecture)
46: AC_SUBST(logfac)
47: AC_SUBST(goodpri)
48: AC_SUBST(badpri)
49: AC_SUBST(loglen)
50: AC_SUBST(ignore_dot)
51: AC_SUBST(mail_no_user)
52: AC_SUBST(mail_no_host)
53: AC_SUBST(mail_no_perms)
54: AC_SUBST(mailto)
55: AC_SUBST(mailsub)
56: AC_SUBST(badpass_message)
57: AC_SUBST(fqdn)
58: AC_SUBST(runas_default)
59: AC_SUBST(env_editor)
60: AC_SUBST(passwd_tries)
61: AC_SUBST(tty_tickets)
62: AC_SUBST(insults)
63: dnl
64: dnl Initial values for above
65: dnl
66: timeout=5
67: password_timeout=5
68: sudo_umask=0022
69: passprompt="Password:"
70: long_otp_prompt=off
71: lecture=on
72: logfac=local2
73: goodpri=notice
74: badpri=alert
75: loglen=80
76: ignore_dot=off
77: mail_no_user=on
78: mail_no_host=off
79: mail_no_perms=off
80: mailto=root
81: mailsub='*** SECURITY information for %h ***'
82: badpass_message='Sorry, try again.'
83: fqdn=off
84: runas_default=root
85: env_editor=off
86: passwd_tries=3
87: tty_tickets=off
88: insults=off
89: dnl
1.5 millert 90: dnl Initial values for Makefile variables listed above
1.7 millert 91: dnl May be overridden by environment variables..
1.5 millert 92: dnl
93: PROGS="sudo visudo"
94: test -n "$MANTYPE" || MANTYPE="man"
95: test -n "$mansrcdir" || mansrcdir="."
96: test -n "$SUDOERS_MODE" || SUDOERS_MODE=0440
97: test -n "$SUDOERS_UID" || SUDOERS_UID=0
98: test -n "$SUDOERS_GID" || SUDOERS_GID=0
1.1 millert 99: DEV="#"
1.5 millert 100:
101: dnl
102: dnl Other vaiables
103: dnl
1.1 millert 104: CHECKSHADOW=true
105: CHECKSIA=true
106:
107: dnl
108: dnl Override default configure dirs...
109: dnl
110: test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man'
111: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
112: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
1.14 millert 113: test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
1.1 millert 114:
115: dnl
116: dnl Deprecated --with options (these all warn or generate an error)
117: dnl
118:
119: AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
120: [case $with_otp_only in
121: yes) with_passwd=no
1.7 millert 122: AC_DEFINE(WITHOUT_PASSWD, 1, [Define to avoid using the passwd/shadow file for authentication.])
1.15 millert 123: AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
1.1 millert 124: ;;
125: esac])
126:
127: AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
128: [case $with_alertmail in
129: *) with_mailto="$with_alertmail"
1.15 millert 130: AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
1.1 millert 131: ;;
132: esac])
133:
134: dnl
135: dnl Options for --with
136: dnl
137:
138: AC_ARG_WITH(CC, [ --with-CC C compiler to use],
139: [case $with_CC in
140: yes) AC_MSG_ERROR(["must give --with-CC an argument."])
141: ;;
142: no) AC_MSG_ERROR(["illegal argument: --without-CC."])
143: ;;
144: *) CC=$with_CC
145: ;;
146: esac])
147:
1.15 millert 148: AC_ARG_WITH(rpath, [ --with-rpath pass -R flag in addition to -L for lib paths],
149: [case $with_rpath in
150: yes) ;;
151: no) ;;
152: *) AC_MSG_ERROR(["--with-rpath does not take an argument."])
153: ;;
154: esac])
155:
156: AC_ARG_WITH(blibpath, [ --with-blibpath[=PATH] pass -blibpath flag to ld for additional lib paths],
157: [case $with_blibpath in
158: yes) ;;
159: no) ;;
160: *) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
161: ;;
162: esac])
163:
1.1 millert 164: AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files],
165: [case $with_incpath in
166: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
167: ;;
168: no) AC_MSG_ERROR(["--without-incpath not supported."])
169: ;;
1.15 millert 170: *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
1.1 millert 171: for i in ${with_incpath}; do
172: CPPFLAGS="${CPPFLAGS} -I${i}"
173: done
174: ;;
175: esac])
176:
177: AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries],
178: [case $with_libpath in
179: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
180: ;;
181: no) AC_MSG_ERROR(["--without-libpath not supported."])
182: ;;
1.15 millert 183: *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
1.1 millert 184: ;;
185: esac])
186:
187: AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with],
188: [case $with_libraries in
189: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
190: ;;
191: no) AC_MSG_ERROR(["--without-libraries not supported."])
192: ;;
1.15 millert 193: *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
1.1 millert 194: ;;
195: esac])
196:
1.13 david 197: AC_ARG_WITH(devel, [ --with-devel add development options],
1.1 millert 198: [case $with_devel in
1.15 millert 199: yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
1.1 millert 200: PROGS="${PROGS} testsudoers"
201: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
202: DEV=""
203: ;;
204: no) ;;
1.15 millert 205: *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
1.1 millert 206: ;;
207: esac])
208:
1.9 millert 209: AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging],
210: [case $with_efence in
1.15 millert 211: yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
1.9 millert 212: LIBS="${LIBS} -lefence"
213: if test -f /usr/local/lib/libefence.a; then
1.15 millert 214: with_libpath="${with_libpath} /usr/local/lib"
1.9 millert 215: fi
216: ;;
217: no) ;;
1.15 millert 218: *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
1.9 millert 219: ;;
220: esac])
221:
1.1 millert 222: AC_ARG_WITH(csops, [ --with-csops add CSOps standard options],
223: [case $with_csops in
1.15 millert 224: yes) AC_MSG_NOTICE([Adding CSOps standard options])
1.1 millert 225: CHECKSIA=false
226: with_ignore_dot=yes
1.7 millert 227: insults=on
1.1 millert 228: with_classic_insults=yes
229: with_csops_insults=yes
230: with_env_editor=yes
1.15 millert 231: test -n "$mansectsu" || mansectsu=8
232: test -n "$mansectform" || mansectform=5
1.1 millert 233: ;;
234: no) ;;
1.15 millert 235: *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
1.1 millert 236: ;;
237: esac])
238:
239: AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication],
240: [case $with_passwd in
241: yes) ;;
242: no) AC_DEFINE(WITHOUT_PASSWD)
243: AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
244: AC_MSG_RESULT(no)
245: ;;
246: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
247: ;;
248: esac])
249:
1.15 millert 250: AC_ARG_WITH(skey, [ --with-skey[=DIR] enable S/Key support ],
1.1 millert 251: [case $with_skey in
1.15 millert 252: no) with_skey="";;
253: *) if test -n "$with_opie"; then
1.1 millert 254: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
255: fi
1.7 millert 256: AC_DEFINE(HAVE_SKEY, 1, [Define if you use S/Key.])
1.1 millert 257: AC_MSG_CHECKING(whether to try S/Key authentication)
258: AC_MSG_RESULT(yes)
259: AUTH_OBJS="${AUTH_OBJS} rfc1938.o"
260: ;;
261: esac])
262:
1.15 millert 263: AC_ARG_WITH(opie, [ --with-opie[=DIR] enable OPIE support ],
1.1 millert 264: [case $with_opie in
1.15 millert 265: no) with_opie="";;
266: *) if test -n "$with_skey"; then
1.1 millert 267: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
268: fi
1.7 millert 269: AC_DEFINE(HAVE_OPIE, 1, [Define if you use NRL OPIE.])
1.1 millert 270: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
271: AC_MSG_RESULT(yes)
272: AUTH_OBJS="${AUTH_OBJS} rfc1938.o"
273: ;;
274: esac])
275:
276: AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt],
277: [case $with_long_otp_prompt in
1.7 millert 278: yes) AC_DEFINE(LONG_OTP_PROMPT, 1, [Define if you want a two line OTP (S/Key or OPIE) prompt.])
1.1 millert 279: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
280: AC_MSG_RESULT(yes)
1.7 millert 281: long_otp_prompt=on
282: ;;
283: no) long_otp_prompt=off
1.1 millert 284: ;;
285: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
286: ;;
287: esac])
288:
1.15 millert 289: AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support],
1.1 millert 290: [case $with_SecurID in
1.15 millert 291: no) with_SecurID="";;
1.7 millert 292: *) AC_DEFINE(HAVE_SECURID, 1, [Define if you use SecurID.])
1.1 millert 293: AC_MSG_CHECKING(whether to use SecurID for authentication)
294: AC_MSG_RESULT(yes)
295: with_passwd=no
296: ;;
297: esac])
298:
1.15 millert 299: AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support],
1.1 millert 300: [case $with_fwtk in
1.15 millert 301: no) with_fwtk="";;
1.7 millert 302: *) AC_DEFINE(HAVE_FWTK, 1, [Define if you use the FWTK authsrv daemon.])
1.1 millert 303: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
304: AC_MSG_RESULT(yes)
305: with_passwd=no
306: AUTH_OBJS="fwtk.o"
307: ;;
308: esac])
309:
1.15 millert 310: AC_ARG_WITH(kerb4, [ --with-kerb4[[=DIR]] enable Kerberos IV support],
1.1 millert 311: [case $with_kerb4 in
1.15 millert 312: no) with_kerb4="";;
313: *) AC_MSG_CHECKING(whether to try kerberos IV authentication)
1.1 millert 314: AC_MSG_RESULT(yes)
315: ;;
316: esac])
317:
1.15 millert 318: AC_ARG_WITH(kerb5, [ --with-kerb5[[=DIR]] enable Kerberos V support],
1.1 millert 319: [case $with_kerb5 in
1.15 millert 320: no) with_kerb5="";;
321: *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
1.1 millert 322: AC_MSG_RESULT(yes)
323: ;;
324: esac])
325:
326: AC_ARG_WITH(authenticate, [ --with-authenticate enable AIX general authentication support],
327: [case $with_authenticate in
1.7 millert 328: yes) AC_DEFINE(HAVE_AUTHENTICATE, 1, [Define if you use AIX general authentication.])
1.1 millert 329: AC_MSG_CHECKING(whether to use AIX general authentication)
330: AC_MSG_RESULT(yes)
331: with_passwd=no
332: AUTH_OBJS="aix_auth.o"
333: ;;
334: no) ;;
335: *) AC_MSG_ERROR(["--with-authenticate does not take an argument."])
336: ;;
337: esac])
338:
339: AC_ARG_WITH(pam, [ --with-pam enable PAM support],
340: [case $with_pam in
1.7 millert 341: yes) AC_DEFINE(HAVE_PAM, 1, [Define if you use PAM.])
1.1 millert 342: AC_MSG_CHECKING(whether to use PAM authentication)
343: AC_MSG_RESULT(yes)
344: with_passwd=no
345: AUTH_OBJS="pam.o"
346: ;;
347: no) ;;
348: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
349: ;;
350: esac])
351:
352: AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
353: [case $with_AFS in
1.7 millert 354: yes) AC_DEFINE(HAVE_AFS, 1, [Define if you use AFS.])
1.1 millert 355: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
356: AC_MSG_RESULT(yes)
357: AUTH_OBJS="${AUTH_OBJS} afs.o"
358: ;;
359: no) ;;
360: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
361: ;;
362: esac])
363:
364: AC_ARG_WITH(DCE, [ --with-DCE enable DCE support],
365: [case $with_DCE in
1.7 millert 366: yes) AC_DEFINE(HAVE_DCE, 1, [Define if you use OSF DCE.])
1.1 millert 367: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
368: AC_MSG_RESULT(yes)
369: AUTH_OBJS="${AUTH_OBJS} dce.o"
370: ;;
371: no) ;;
372: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
373: ;;
374: esac])
375:
1.6 millert 376: AC_ARG_WITH(logincap, [ --with-logincap enable BSD login class support],
1.5 millert 377: [case $with_logincap in
1.6 millert 378: yes|no) ;;
379: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
380: ;;
381: esac])
382:
383: AC_ARG_WITH(bsdauth, [ --with-bsdauth enable BSD authentication support],
384: [case $with_bsdauth in
385: yes) with_logincap=yes
1.5 millert 386: ;;
387: no) ;;
1.6 millert 388: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
1.5 millert 389: ;;
390: esac])
391:
1.1 millert 392: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
393: AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
394: [case $with_lecture in
1.7 millert 395: yes|short) lecture=on
1.1 millert 396: ;;
1.7 millert 397: no|none) lecture=off
1.1 millert 398: ;;
399: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
400: ;;
1.7 millert 401: esac])
402: if test "$lecture" = "on"; then
403: AC_MSG_RESULT(yes)
404: else
405: AC_DEFINE(NO_LECTURE, 1, [Define if you don't want users to get the lecture the first they user sudo.])
406: AC_MSG_RESULT(no)
407: fi
1.1 millert 408:
409: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
410: AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
411: [case $with_logging in
412: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
413: ;;
414: no) AC_MSG_ERROR(["--without-logging not supported."])
415: ;;
1.7 millert 416: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
1.1 millert 417: AC_MSG_RESULT(syslog)
418: ;;
419: file) AC_DEFINE(LOGGING, SLOG_FILE)
420: AC_MSG_RESULT(file)
421: ;;
422: both) AC_DEFINE(LOGGING, SLOG_BOTH)
423: AC_MSG_RESULT(both)
424: ;;
425: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
426: ;;
427: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
428:
429: AC_MSG_CHECKING(which syslog facility sudo should log with)
1.7 millert 430: AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")],
1.1 millert 431: [case $with_logfac in
432: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
433: ;;
434: no) AC_MSG_ERROR(["--without-logfac not supported."])
435: ;;
1.7 millert 436: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
1.1 millert 437: ;;
438: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
439: ;;
1.7 millert 440: esac])
441: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
442: AC_MSG_RESULT($logfac)
1.1 millert 443:
444: AC_MSG_CHECKING(at which syslog priority to log commands)
1.7 millert 445: AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")],
1.1 millert 446: [case $with_goodpri in
447: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
448: ;;
449: no) AC_MSG_ERROR(["--without-goodpri not supported."])
450: ;;
1.7 millert 451: alert|crit|debug|emerg|err|info|notice|warning)
452: goodpri=$with_goodpri
1.1 millert 453: ;;
454: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
455: ;;
1.7 millert 456: esac])
457: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
458: AC_MSG_RESULT($goodpri)
1.1 millert 459:
460: AC_MSG_CHECKING(at which syslog priority to log failures)
1.7 millert 461: AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")],
1.1 millert 462: [case $with_badpri in
463: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
464: ;;
465: no) AC_MSG_ERROR(["--without-badpri not supported."])
466: ;;
1.7 millert 467: alert|crit|debug|emerg|err|info|notice|warning)
468: badpri=$with_badpri
1.1 millert 469: ;;
470: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
471: ;;
1.7 millert 472: esac])
473: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
1.14 millert 474: AC_MSG_RESULT($badpri)
1.1 millert 475:
476: AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
477: [case $with_logpath in
478: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
479: ;;
480: no) AC_MSG_ERROR(["--without-logpath not supported."])
481: ;;
482: esac])
483:
484: AC_MSG_CHECKING(how long a line in the log file should be)
485: AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)],
486: [case $with_loglen in
487: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
488: ;;
489: no) AC_MSG_ERROR(["--without-loglen not supported."])
490: ;;
1.7 millert 491: [[0-9]]*) loglen=$with_loglen
1.1 millert 492: ;;
493: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
494: ;;
1.7 millert 495: esac])
496: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
497: AC_MSG_RESULT($loglen)
1.1 millert 498:
499: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
500: AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
501: [case $with_ignore_dot in
1.7 millert 502: yes) ignore_dot=on
1.1 millert 503: ;;
1.7 millert 504: no) ignore_dot=off
1.1 millert 505: ;;
506: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
507: ;;
1.7 millert 508: esac])
509: if test "$ignore_dot" = "on"; then
510: AC_DEFINE(IGNORE_DOT_PATH, 1, [Define if you want to ignore '.' and empty \$PATH elements])
511: AC_MSG_RESULT(yes)
512: else
513: AC_MSG_RESULT(no)
514: fi
1.1 millert 515:
516: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
517: AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers],
518: [case $with_mail_if_no_user in
1.7 millert 519: yes) mail_no_user=on
1.1 millert 520: ;;
1.7 millert 521: no) mail_no_user=off
1.1 millert 522: ;;
1.7 millert 523: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
1.1 millert 524: ;;
1.7 millert 525: esac])
526: if test "$mail_no_user" = "on"; then
527: AC_DEFINE(SEND_MAIL_WHEN_NO_USER, 1, [Define to send mail when the user is not in the sudoers file.])
528: AC_MSG_RESULT(yes)
529: else
530: AC_MSG_RESULT(no)
531: fi
1.1 millert 532:
533: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
534: AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host],
535: [case $with_mail_if_no_host in
1.7 millert 536: yes) mail_no_host=on
1.1 millert 537: ;;
1.7 millert 538: no) mail_no_host=off
1.1 millert 539: ;;
1.7 millert 540: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
1.1 millert 541: ;;
1.7 millert 542: esac])
543: if test "$mail_no_host" = "on"; then
1.14 millert 544: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST, 1, [Define to send mail when the user is not allowed to run sudo on this host.])
1.7 millert 545: AC_MSG_RESULT(yes)
546: else
547: AC_MSG_RESULT(no)
548: fi
1.1 millert 549:
550: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
551: AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command],
552: [case $with_mail_if_noperms in
1.7 millert 553: yes) mail_noperms=on
554: ;;
555: no) mail_noperms=off
556: ;;
557: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
558: ;;
559: esac])
560: if test "$mail_noperms" = "on"; then
1.14 millert 561: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK, 1, [Define to send mail when the user is not allowed to run a command.])
1.7 millert 562: AC_MSG_RESULT(yes)
563: else
564: AC_MSG_RESULT(no)
565: fi
566:
567: AC_MSG_CHECKING(who should get the mail that sudo sends)
568: AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
569: [case $with_mailto in
570: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
571: ;;
572: no) AC_MSG_ERROR(["--without-mailto not supported."])
573: ;;
574: *) mailto=$with_mailto
575: ;;
576: esac])
577: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
578: AC_MSG_RESULT([$mailto])
579:
580: AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
581: [case $with_mailsubject in
582: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
1.1 millert 583: ;;
1.15 millert 584: no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
1.1 millert 585: ;;
1.7 millert 586: *) mailsub="$with_mailsubject"
587: AC_MSG_CHECKING(sudo mail subject)
588: AC_MSG_RESULT([Using alert mail subject: $mailsub])
1.1 millert 589: ;;
1.7 millert 590: esac])
591: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
1.1 millert 592:
593: AC_MSG_CHECKING(for bad password prompt)
594: AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt],
595: [case $with_passprompt in
596: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
597: ;;
1.15 millert 598: no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
1.1 millert 599: ;;
1.7 millert 600: *) passprompt="$with_passprompt"
601: esac])
602: AC_MSG_RESULT($passprompt)
603: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
1.1 millert 604:
605: AC_MSG_CHECKING(for bad password message)
606: AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong],
607: [case $with_badpass_message in
608: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
609: ;;
1.15 millert 610: no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
1.1 millert 611: ;;
1.7 millert 612: *) badpass_message="$with_badpass_message"
1.1 millert 613: ;;
1.7 millert 614: esac])
615: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
616: AC_MSG_RESULT([$badpass_message])
1.1 millert 617:
618: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
619: AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers],
620: [case $with_fqdn in
1.7 millert 621: yes) fqdn=on
1.1 millert 622: ;;
1.7 millert 623: no) fqdn=off
1.1 millert 624: ;;
625: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
626: ;;
1.7 millert 627: esac])
628: if test "$fqdn" = "on"; then
629: AC_DEFINE(FQDN, 1, [Define if you want to require fully qualified hosts in sudoers.])
630: AC_MSG_RESULT(yes)
631: else
632: AC_MSG_RESULT(no)
633: fi
1.1 millert 634:
635: AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir],
636: [case $with_timedir in
637: yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
638: ;;
639: no) AC_MSG_ERROR(["--without-timedir not supported."])
640: ;;
641: esac])
642:
643: AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail
644: --without-sendmail do not send mail at all],
645: [case $with_sendmail in
646: yes) with_sendmail=""
647: ;;
648: no) ;;
1.7 millert 649: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
1.1 millert 650: ;;
651: esac])
652:
653: AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)],
654: [case $with_sudoers_mode in
655: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
656: ;;
657: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
658: ;;
659: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
660: ;;
661: 0*) SUDOERS_MODE=$with_sudoers_mode
662: ;;
1.14 millert 663: *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
1.1 millert 664: ;;
665: esac])
666:
667: AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)],
668: [case $with_sudoers_uid in
669: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
670: ;;
671: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
672: ;;
673: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
674: ;;
1.14 millert 675: *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
1.1 millert 676: ;;
677: esac])
678:
679: AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)],
680: [case $with_sudoers_gid in
681: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
682: ;;
683: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
684: ;;
685: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
686: ;;
1.14 millert 687: *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
1.1 millert 688: ;;
689: esac])
690:
691: AC_MSG_CHECKING(for umask programs should be run with)
1.7 millert 692: AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022)
1.1 millert 693: --without-umask Preserves the umask of the user invoking sudo.],
694: [case $with_umask in
695: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
696: ;;
1.7 millert 697: no) sudo_umask=0777
1.1 millert 698: ;;
1.7 millert 699: [[0-9]]*) sudo_umask=$with_umask
1.1 millert 700: ;;
701: *) AC_MSG_ERROR(["you must enter a numeric mask."])
702: ;;
1.7 millert 703: esac])
704: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
705: if test "$sudo_umask" = "0777"; then
706: AC_MSG_RESULT(user)
707: else
708: AC_MSG_RESULT($sudo_umask)
709: fi
1.1 millert 710:
711: AC_MSG_CHECKING(for default user to run commands as)
1.7 millert 712: AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")],
1.1 millert 713: [case $with_runas_default in
714: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
715: ;;
716: no) AC_MSG_ERROR(["--without-runas-default not supported."])
717: ;;
1.7 millert 718: *) runas_default="$with_runas_default"
1.1 millert 719: ;;
1.7 millert 720: esac])
721: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
722: AC_MSG_RESULT([$runas_default])
1.1 millert 723:
724: AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group],
725: [case $with_exempt in
726: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
727: ;;
728: no) AC_MSG_ERROR(["--without-exempt not supported."])
729: ;;
1.7 millert 730: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
1.1 millert 731: AC_MSG_CHECKING(for group to be exempt from password)
732: AC_MSG_RESULT([$with_exempt])
733: ;;
734: esac])
735:
736: AC_MSG_CHECKING(for editor that visudo should use)
737: AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)],
738: [case $with_editor in
739: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
740: ;;
741: no) AC_MSG_ERROR(["--without-editor not supported."])
742: ;;
1.7 millert 743: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
1.1 millert 744: AC_MSG_RESULT([$with_editor])
745: ;;
746: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
747:
748: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
749: AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo],
750: [case $with_env_editor in
1.7 millert 751: yes) env_editor=on
1.1 millert 752: ;;
1.7 millert 753: no) env_editor=off
1.1 millert 754: ;;
755: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
756: ;;
1.7 millert 757: esac])
758: if test "$env_editor" = "on"; then
759: AC_DEFINE(ENV_EDITOR, 1, [Define if you want visudo to honor the EDITOR and VISUAL env variables.])
760: AC_MSG_RESULT(yes)
761: else
762: AC_MSG_RESULT(no)
763: fi
1.1 millert 764:
765: AC_MSG_CHECKING(number of tries a user gets to enter their password)
766: AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)],
767: [case $with_passwd_tries in
1.7 millert 768: yes) ;;
1.1 millert 769: no) AC_MSG_ERROR(["--without-editor not supported."])
770: ;;
1.7 millert 771: [[1-9]]*) passwd_tries=$with_passwd_tries
1.1 millert 772: ;;
773: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
774: ;;
1.7 millert 775: esac])
776: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
777: AC_MSG_RESULT($passwd_tries)
1.1 millert 778:
779: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
1.7 millert 780: AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)],
1.14 millert 781: [case $with_timeout in
1.7 millert 782: yes) ;;
783: no) timeout=0
1.1 millert 784: ;;
1.7 millert 785: [[0-9]]*) timeout=$with_timeout
1.1 millert 786: ;;
787: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
788: ;;
1.7 millert 789: esac])
790: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
791: AC_MSG_RESULT($timeout)
1.1 millert 792:
793: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
1.7 millert 794: AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)],
1.1 millert 795: [case $with_password_timeout in
1.7 millert 796: yes) ;;
797: no) password_timeout=0
1.1 millert 798: ;;
1.7 millert 799: [[0-9]]*) password_timeout=$with_password_timeout
1.1 millert 800: ;;
801: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
802: ;;
1.7 millert 803: esac])
804: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
805: AC_MSG_RESULT($password_timeout)
1.1 millert 806:
807: AC_ARG_WITH(execv, [ --with-execv use execv() instead of execvp()],
808: [case $with_execv in
1.7 millert 809: yes) AC_MSG_CHECKING(whether to use execvp or execv)
1.1 millert 810: AC_MSG_RESULT(execv)
1.7 millert 811: AC_DEFINE(USE_EXECV, 1, [Define if you wish to use execv() instead of execvp() when running programs.])
1.1 millert 812: ;;
1.7 millert 813: no) ;;
1.1 millert 814: *) AC_MSG_ERROR(["--with-execv does not take an argument."])
815: ;;
1.7 millert 816: esac])
1.1 millert 817:
818: AC_MSG_CHECKING(whether to use per-tty ticket files)
819: AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty],
820: [case $with_tty_tickets in
1.7 millert 821: yes) tty_tickets=on
1.1 millert 822: ;;
1.7 millert 823: no) tty_tickets=off
1.1 millert 824: ;;
825: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
826: ;;
1.7 millert 827: esac])
828: if test "$tty_tickets" = "on"; then
829: AC_DEFINE(USE_TTY_TICKETS, 1, [Define if you want a different ticket file for each tty.])
830: AC_MSG_RESULT(yes)
831: else
832: AC_MSG_RESULT(no)
833: fi
1.1 millert 834:
835: AC_MSG_CHECKING(whether to include insults)
836: AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password],
837: [case $with_insults in
1.7 millert 838: yes) insults=on
1.1 millert 839: with_classic_insults=yes
840: with_csops_insults=yes
841: ;;
1.7 millert 842: no) insults=off
1.1 millert 843: ;;
844: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
845: ;;
1.7 millert 846: esac])
847: if test "$insults" = "on"; then
848: AC_DEFINE(USE_INSULTS, 1, [Define if you want to insult the user for entering an incorrect password.])
849: AC_MSG_RESULT(yes)
850: else
851: AC_MSG_RESULT(no)
852: fi
1.1 millert 853:
854: AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets],
855: [case $with_all_insults in
856: yes) with_classic_insults=yes
857: with_csops_insults=yes
858: with_hal_insults=yes
859: with_goons_insults=yes
860: ;;
861: no) ;;
862: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
863: ;;
864: esac])
865:
866: AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo],
867: [case $with_classic_insults in
1.7 millert 868: yes) AC_DEFINE(CLASSIC_INSULTS, 1, [Define if you want the insults from the "classic" version sudo.])
1.1 millert 869: ;;
870: no) ;;
871: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
872: ;;
873: esac])
874:
875: AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults],
876: [case $with_csops_insults in
1.7 millert 877: yes) AC_DEFINE(CSOPS_INSULTS, 1, [Define if you want insults culled from the twisted minds of CSOps.])
1.1 millert 878: ;;
879: no) ;;
880: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
881: ;;
882: esac])
883:
884: AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults],
885: [case $with_hal_insults in
1.7 millert 886: yes) AC_DEFINE(HAL_INSULTS, 1, [Define if you want 2001-like insults.])
1.1 millert 887: ;;
888: no) ;;
889: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
890: ;;
891: esac])
892:
1.7 millert 893: AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"],
1.1 millert 894: [case $with_goons_insults in
1.7 millert 895: yes) AC_DEFINE(GOONS_INSULTS, 1, [Define if you want insults from the "Goon Show".])
1.1 millert 896: ;;
897: no) ;;
898: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
899: ;;
900: esac])
901:
902: dnl include all insult sets on one line
1.7 millert 903: if test "$insults" = "on"; then
1.1 millert 904: AC_MSG_CHECKING(which insult sets to include)
905: i=""
906: test "$with_goons_insults" = "yes" && i="goons ${i}"
907: test "$with_hal_insults" = "yes" && i="hal ${i}"
908: test "$with_csops_insults" = "yes" && i="csops ${i}"
909: test "$with_classic_insults" = "yes" && i="classic ${i}"
910: AC_MSG_RESULT([$i])
911: fi
912:
913: AC_MSG_CHECKING(whether to override the user's path)
914: AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a builtin one],
915: [case $with_secure_path in
1.7 millert 916: yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc", [Define to override the user's path with a builtin one.])
1.1 millert 917: AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc])
918: ;;
919: no) AC_MSG_RESULT(no)
920: ;;
921: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
922: AC_MSG_RESULT([$with_secure_path])
923: ;;
924: esac], AC_MSG_RESULT(no))
925:
926: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
927: AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces],
928: [case $with_interfaces in
929: yes) AC_MSG_RESULT(yes)
930: ;;
1.7 millert 931: no) AC_DEFINE(STUB_LOAD_INTERFACES, 1, [Define if the code in interfaces.c does not compile for you.])
1.1 millert 932: AC_MSG_RESULT(no)
933: ;;
934: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
935: ;;
936: esac], AC_MSG_RESULT(yes))
937:
1.14 millert 938: AC_MSG_CHECKING(whether stow should be used)
939: AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging],
940: [case $with_stow in
941: yes) AC_MSG_RESULT(yes)
942: AC_DEFINE(USE_STOW, 1, [Define if you use stow packaging.])
943: ;;
944: no) AC_MSG_RESULT(no)
945: ;;
946: *) AC_MSG_ERROR(["--with-stow does not take an argument."])
947: ;;
948: esac], AC_MSG_RESULT(no))
949:
1.1 millert 950: dnl
951: dnl Options for --enable
952: dnl
953:
954: AC_MSG_CHECKING(whether to do user authentication by default)
955: AC_ARG_ENABLE(authentication,
956: [ --disable-authentication
957: Do not require authentication by default],
958: [ case "$enableval" in
959: yes) AC_MSG_RESULT(yes)
960: ;;
961: no) AC_MSG_RESULT(no)
1.7 millert 962: AC_DEFINE(NO_AUTHENTICATION, 1, [Define if you don't want sudo to prompt for a password by default.])
1.1 millert 963: ;;
964: *) AC_MSG_RESULT(no)
1.15 millert 965: AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1.1 millert 966: ;;
967: esac
968: ], AC_MSG_RESULT(yes))
1.9 millert 969:
1.10 millert 970: AC_MSG_CHECKING(whether to disable running the mailer as root)
971: AC_ARG_ENABLE(root-mailer,
972: [ --disable-root-mailer Don't run the mailer as root, run as the user],
973: [ case "$enableval" in
974: yes) AC_MSG_RESULT(no)
975: ;;
976: no) AC_MSG_RESULT(yes)
977: AC_DEFINE(NO_ROOT_MAILER, 1, [Define to avoid runing the mailer as root.])
978: ;;
979: *) AC_MSG_RESULT(no)
1.15 millert 980: AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1.10 millert 981: ;;
982: esac
983: ], AC_MSG_RESULT(no))
984:
1.11 millert 985: AC_ARG_ENABLE(setreuid,
986: [ --disable-setreuid Don't try to use the setreuid() function],
987: [ case "$enableval" in
1.14 millert 988: no) SKIP_SETREUID=yes
989: ;;
990: *) ;;
991: esac
992: ])
993:
994: AC_ARG_ENABLE(setresuid,
995: [ --disable-setresuid Don't try to use the setresuid() function],
996: [ case "$enableval" in
997: no) SKIP_SETRESUID=yes
1.11 millert 998: ;;
999: *) ;;
1000: esac
1001: ])
1002:
1.9 millert 1003: AC_MSG_CHECKING(whether to disable use of POSIX saved ids)
1004: AC_ARG_ENABLE(saved-ids,
1.10 millert 1005: [ --disable-saved-ids Don't try to use POSIX saved ids],
1.9 millert 1006: [ case "$enableval" in
1007: yes) AC_MSG_RESULT(no)
1008: ;;
1009: no) AC_MSG_RESULT(yes)
1010: AC_DEFINE(NO_SAVED_IDS, 1, [Define to avoid using POSIX saved ids.])
1011: ;;
1012: *) AC_MSG_RESULT(no)
1.15 millert 1013: AC_MSG_WARN([Ignoring unknown argument to --enable-saved-ids: $enableval])
1.9 millert 1014: ;;
1015: esac
1016: ], AC_MSG_RESULT(no))
1.1 millert 1017:
1018: AC_MSG_CHECKING(whether to disable shadow password support)
1019: AC_ARG_ENABLE(shadow,
1020: [ --disable-shadow Never use shadow passwords],
1021: [ case "$enableval" in
1022: yes) AC_MSG_RESULT(no)
1023: ;;
1024: no) AC_MSG_RESULT(yes)
1025: CHECKSHADOW="false"
1026: ;;
1027: *) AC_MSG_RESULT(no)
1.15 millert 1028: AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1.1 millert 1029: ;;
1030: esac
1031: ], AC_MSG_RESULT(no))
1032:
1033: AC_MSG_CHECKING(whether root should be allowed to use sudo)
1034: AC_ARG_ENABLE(root-sudo,
1.10 millert 1035: [ --disable-root-sudo Don't allow root to run sudo],
1.1 millert 1036: [ case "$enableval" in
1037: yes) AC_MSG_RESULT(yes)
1038: ;;
1.7 millert 1039: no) AC_DEFINE(NO_ROOT_SUDO, 1, [Define if root should not be allowed to use sudo.])
1.1 millert 1040: AC_MSG_RESULT(no)
1041: ;;
1042: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1043: ;;
1044: esac
1045: ], AC_MSG_RESULT(yes))
1046:
1047: AC_MSG_CHECKING(whether to log the hostname in the log file)
1048: AC_ARG_ENABLE(log-host,
1049: [ --enable-log-host Log the hostname in the log file],
1050: [ case "$enableval" in
1051: yes) AC_MSG_RESULT(yes)
1.7 millert 1052: AC_DEFINE(HOST_IN_LOG, 1, [Define if you want the hostname to be entered into the log file.])
1.1 millert 1053: ;;
1054: no) AC_MSG_RESULT(no)
1055: ;;
1056: *) AC_MSG_RESULT(no)
1.15 millert 1057: AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1.1 millert 1058: ;;
1059: esac
1060: ], AC_MSG_RESULT(no))
1061:
1062: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1063: AC_ARG_ENABLE(noargs-shell,
1064: [ --enable-noargs-shell If sudo is given no arguments run a shell],
1065: [ case "$enableval" in
1066: yes) AC_MSG_RESULT(yes)
1.7 millert 1067: AC_DEFINE(SHELL_IF_NO_ARGS, 1, [Define if you want sudo to start a shell if given no arguments.])
1.1 millert 1068: ;;
1069: no) AC_MSG_RESULT(no)
1070: ;;
1071: *) AC_MSG_RESULT(no)
1.15 millert 1072: AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1.1 millert 1073: ;;
1074: esac
1075: ], AC_MSG_RESULT(no))
1076:
1077: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1078: AC_ARG_ENABLE(shell-sets-home,
1079: [ --enable-shell-sets-home
1.7 millert 1080: set $HOME to target user in shell mode],
1.1 millert 1081: [ case "$enableval" in
1082: yes) AC_MSG_RESULT(yes)
1.7 millert 1083: AC_DEFINE(SHELL_SETS_HOME, 1, [Define if you want sudo to set $HOME in shell mode.])
1.1 millert 1084: ;;
1085: no) AC_MSG_RESULT(no)
1086: ;;
1087: *) AC_MSG_RESULT(no)
1.15 millert 1088: AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1.1 millert 1089: ;;
1090: esac
1091: ], AC_MSG_RESULT(no))
1092:
1093: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1094: AC_ARG_ENABLE(path_info,
1095: [ --disable-path-info Print 'command not allowed' not 'command not found'],
1096: [ case "$enableval" in
1097: yes) AC_MSG_RESULT(no)
1098: ;;
1099: no) AC_MSG_RESULT(yes)
1.7 millert 1100: AC_DEFINE(DONT_LEAK_PATH_INFO, 1, [Define if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
1.1 millert 1101: ;;
1102: *) AC_MSG_RESULT(no)
1.15 millert 1103: AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1.1 millert 1104: ;;
1105: esac
1106: ], AC_MSG_RESULT(no))
1107:
1108: dnl
1109: dnl If we don't have egrep we can't do anything...
1110: dnl
1111: AC_CHECK_PROG(EGREPPROG, egrep, egrep, )
1112: if test -z "$EGREPPROG"; then
1.15 millert 1113: AC_MSG_ERROR([Sorry, configure requires egrep to run.])
1.1 millert 1114: fi
1115:
1116: dnl
1.7 millert 1117: dnl Prevent configure from adding the -g flag unless in devel mode
1118: dnl
1119: if test "$with_devel" != "yes"; then
1120: ac_cv_prog_cc_g=no
1121: fi
1122:
1123: dnl
1.1 millert 1124: dnl C compiler checks
1125: dnl XXX - the cross-compiler check gets false positives so we override it
1126: dnl
1.7 millert 1127: AC_ISC_POSIX
1.1 millert 1128: ac_cv_prog_cc_cross="no"
1129: cross_compiling="no"
1.7 millert 1130: AC_PROG_CC_STDC
1.1 millert 1131: ac_cv_prog_cc_cross="no"
1132: cross_compiling="no"
1133: AC_PROG_CPP
1134:
1135: dnl
1136: dnl It is now safe to modify CFLAGS and CPPFLAGS
1137: dnl
1138: if test "$with_devel" = "yes" -a -n "$GCC"; then
1139: CFLAGS="${CFLAGS} -Wall"
1140: fi
1141:
1142: dnl
1143: dnl Find programs we use
1144: dnl
1145: AC_CHECK_PROG(UNAMEPROG, uname, uname, )
1146: AC_CHECK_PROG(TRPROG, tr, tr, )
1147: AC_CHECK_PROG(SEDPROG, sed, sed, )
1148: AC_CHECK_PROG(NROFFPROG, nroff, nroff, )
1149: if test -z "$NROFFPROG"; then
1150: MANTYPE="cat"
1.5 millert 1151: mansrcdir='$(srcdir)'
1.1 millert 1152: fi
1153:
1154: dnl
1155: dnl What kind of beastie are we being run on?
1156: dnl Barf if config.cache was generated on another host.
1157: dnl
1158: AC_CANONICAL_HOST
1159: if test -n "$sudo_cv_prev_host"; then
1160: if test "$sudo_cv_prev_host" != "$host"; then
1.15 millert 1161: AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1.1 millert 1162: else
1163: AC_MSG_CHECKING(previous host type)
1164: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1.15 millert 1165: AC_MSG_RESULT([$sudo_cv_prev_host])
1.1 millert 1166: fi
1167: else
1168: # this will produce no output since there is no cached value
1169: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1170: fi
1171:
1172: dnl
1173: dnl We want to be able to differentiate between different rev's
1174: dnl
1175: if test -n "$host_os"; then
1176: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1177: OSREV=`echo $host_os | sed 's/^[[^0-9]]*\([[0-9]][[0-9]]*\).*$/\1/'`
1178: else
1179: OS="unknown"
1180: OSREV=0
1181: fi
1182:
1183: case "$host" in
1184: *-*-sunos4*)
1185: # getcwd(3) opens a pipe to getpwd(1)!?!
1186: BROKEN_GETCWD=1
1187:
1188: # system headers lack prototypes but gcc helps...
1189: if test -n "$GCC"; then
1190: CPPFLAGS="${CPPFLAGS} -D__USE_FIXED_PROTOTYPES__"
1191: fi
1192:
1193: # check for password adjunct functions (shadow passwords)
1194: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1195: AC_CHECK_FUNCS(getpwanam issecure, , [break])
1196: AH_TEMPLATE([HAVE_GETPWANAM], [Define if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
1197: AH_TEMPLATE([HAVE_ISSECURE], [Define if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
1.1 millert 1198: CHECKSHADOW="false"
1199: fi
1200: ;;
1201: *-*-solaris2*)
1202: # To get the crypt(3) prototype (so we pass -Wall)
1203: CPPFLAGS="${CPPFLAGS} -D__EXTENSIONS__"
1204: # AFS support needs -lucb
1205: if test "$with_AFS" = "yes"; then
1206: AFS_LIBS="-lc -lucb"
1207: fi
1.7 millert 1208: test -n "$mansectsu" || mansectsu=1m
1209: test -n "$mansectform" || mansectform=4
1.15 millert 1210: test -n "$with_rpath" || with_rpath=yes
1.1 millert 1211: ;;
1212: *-*-aix*)
1213: # To get all prototypes (so we pass -Wall)
1214: CPPFLAGS="${CPPFLAGS} -D_XOPEN_EXTENDED_SOURCE"
1.7 millert 1215: SUDO_DEFINE(_ALL_SOURCE)
1.1 millert 1216: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1.15 millert 1217: if test X"$with_blibpath" != X"no"; then
1218: AC_MSG_CHECKING([if linker accepts -Wl,-blibpath])
1219: O_LDFLAGS="$LDFLAGS"
1220: LDFLAGS="$LDFLAGS -Wl,-blibpath:/usr/lib:/lib"
1221: AC_TRY_LINK([], [], [
1222: if test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
1223: blibpath="$with_blibpath"
1224: elif test -n "$GCC"; then
1225: blibpath="/usr/lib:/lib:/usr/local/lib"
1226: else
1227: blibpath="/usr/lib:/lib"
1228: fi
1229: AC_MSG_RESULT(yes)
1230: ], [AC_MSG_RESULT(no)])
1231: fi
1232: LDFLAGS="$O_LDFLAGS"
1.1 millert 1233: ;;
1234: *-*-hiuxmpp*)
1235: if test "$CHECKSHADOW" = "true"; then
1236: AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"; SECUREWARE=1]))
1237: CHECKSHADOW="false"
1238: fi
1.7 millert 1239: test -n "$mansectsu" || mansectsu=1m
1240: test -n "$mansectform" || mansectform=4
1.1 millert 1241: ;;
1242: *-*-hpux1[[0-9]]*)
1243: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1244: AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) AC_CHECK_LIB(sec, iscomsec, AC_DEFINE(HAVE_ISCOMSEC, 1, [Define if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1])
1.1 millert 1245: CHECKSHADOW="false"
1246: fi
1247:
1248: # AFS support needs -lBSD
1249: if test "$with_AFS" = "yes"; then
1250: AFS_LIBS="-lc -lBSD"
1251: fi
1.7 millert 1252: test -n "$mansectsu" || mansectsu=1m
1253: test -n "$mansectform" || mansectform=4
1.1 millert 1254: ;;
1255: *-*-hpux9*)
1.7 millert 1256: AC_DEFINE(BROKEN_SYSLOG, 1, [Define if the `syslog' function returns a non-zero int to denote failure.])
1.1 millert 1257:
1258: if test "$CHECKSHADOW" = "true"; then
1259: AC_CHECK_FUNCS(getspwuid)
1.7 millert 1260: AH_TEMPLATE([HAVE_GETSPWUID], [Define if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
1.1 millert 1261: CHECKSHADOW="false"
1262: fi
1263:
1264: # DCE support (requires ANSI C compiler)
1265: if test "$with_DCE" = "yes"; then
1266: # order of libs in 9.X is important. -lc_r must be last
1267: SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r"
1268: LIBS="${LIBS} -ldce -lM -lc_r"
1.3 millert 1269: CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1.1 millert 1270: fi
1271:
1272: # AFS support needs -lBSD
1273: if test "$with_AFS" = "yes"; then
1274: AFS_LIBS="-lc -lBSD"
1275: fi
1.7 millert 1276: test -n "$mansectsu" || mansectsu=1m
1277: test -n "$mansectform" || mansectform=4
1.1 millert 1278: ;;
1279: *-*-hpux*)
1280: AC_DEFINE(BROKEN_SYSLOG)
1281:
1282: # Not sure if setuid binaries are safe in < 9.x
1283: if test -n "$GCC"; then
1284: SUDO_LDFLAGS="${SUDO_LDFLAGS} -static"
1285: else
1286: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive"
1287: fi
1288:
1289: # AFS support needs -lBSD
1290: if test "$with_AFS" = "yes"; then
1291: AFS_LIBS="-lc -lBSD"
1292: fi
1.7 millert 1293: test -n "$mansectsu" || mansectsu=1m
1294: test -n "$mansectform" || mansectform=4
1.1 millert 1295: ;;
1296: *-dec-osf*)
1297: # ignore envariables wrt dynamic lib path
1298: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement"
1299:
1300: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1301: AC_ARG_ENABLE(sia,
1302: [ --disable-sia Never use SIA on Digital UNIX],
1303: [ case "$enableval" in
1304: yes) AC_MSG_RESULT(no)
1305: ;;
1306: no) AC_MSG_RESULT(yes)
1307: CHECKSIA=false
1308: ;;
1309: *) AC_MSG_RESULT(no)
1.15 millert 1310: AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1.1 millert 1311: ;;
1312: esac
1313: ], AC_MSG_RESULT(no))
1314:
1315: # use SIA by default, if we have it, else SecureWare
1316: # unless overridden on the command line
1317: if test "$CHECKSIA" = "true"; then
1.14 millert 1318: AC_CHECK_FUNC(sia_ses_init, [AC_DEFINE(HAVE_SIA, 1, [Define if you use SIA.])] [
1.1 millert 1319: if test -n "$with_skey" -o -n "$with_opie" -o -n "$with_otp_only" -o -n "$with_long_otp_prompt" -o -n "$with_SecurID" -o -n "$with_fwtk" -o -n "$with_kerb4" -o -n "$with_kerb5" -o -n "$with_pam" -o -n "$with_AFS" -o -n "$with_DCE"; then
1320: AC_MSG_ERROR(["you cannot mix SIA and other authentication schemes. You can turn off SIA support via the --disable-sia option"])
1321: fi]; CHECKSHADOW=false)
1322: fi
1323: if test "$CHECKSHADOW" = "true"; then
1324: AC_CHECK_LIB(security, getprpwnam, SECUREWARE=1)
1325: CHECKSHADOW="false"
1326: fi
1327:
1328: if test -n "$SECUREWARE"; then
1.7 millert 1329: AC_DEFINE(HAVE_GETPRPWNAM, 1, [Define if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
1.1 millert 1330: # -ldb includes bogus versions of snprintf/vsnprintf
1.7 millert 1331: AC_CHECK_FUNCS(snprintf, , [NEED_SNPRINTF=1])
1332: AC_CHECK_FUNCS(vsnprintf, , [NEED_SNPRINTF=1])
1.1 millert 1333: # 4.x and higher need -ldb too...
1334: AC_CHECK_LIB(db, dbopen, [SUDO_LIBS="${SUDO_LIBS} -lsecurity -ldb -laud -lm"; LIBS="${LIBS} -lsecurity -ldb -laud -lm"], [SUDO_LIBS="${SUDO_LIBS} -lsecurity -ldb -laud -lm"; LIBS="${LIBS} -lsecurity -ldb -laud -lm"])
1335: AC_CHECK_FUNCS(dispcrypt)
1336: AC_MSG_CHECKING([for broken /usr/include/prot.h])
1337: AC_TRY_COMPILE([
1338: #include <sys/types.h>
1339: #include <sys/security.h>
1340: #include <prot.h>
1341: ], [exit(0);], AC_MSG_RESULT(no),
1342: [AC_MSG_RESULT([yes, fixing locally])
1343: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1344: ])
1.7 millert 1345: elif test "$CHECKSIA" = "true"; then
1.1 millert 1346: with_passwd=no
1347: AUTH_OBJS="sia.o"
1348: fi
1.7 millert 1349: test -n "$mansectsu" || mansectsu=8
1350: test -n "$mansectform" || mansectform=4
1.1 millert 1351: ;;
1352: *-*-irix*)
1353: CPPFLAGS="${CPPFLAGS} -D_BSD_TYPES"
1354: if test -z "$NROFFPROG"; then
1.14 millert 1355: MAN_POSTINSTALL=' /bin/rm -f $(mandirsu)/sudo.$(mansectsu).z $(mandirsu)/visudo.$(mansectsu).z $(mandirform)/sudoers.$(mansectform).z ; /usr/bin/pack $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform)'
1.1 millert 1356: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1357: if test -d /usr/share/catman/local; then
1358: mandir="/usr/share/catman/local"
1359: else
1360: mandir="/usr/catman/local"
1361: fi
1362: fi
1363: else
1364: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1365: if test -d "/usr/share/man/local"; then
1366: mandir="/usr/share/man/local"
1367: else
1368: mandir="/usr/man/local"
1369: fi
1370: fi
1371: fi
1372: # IRIX <= 4 needs -lsun
1373: if test "$OSREV" -le 4; then
1374: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1375: fi
1.7 millert 1376: test -n "$mansectsu" || mansectsu=1m
1377: test -n "$mansectform" || mansectform=4
1.1 millert 1378: ;;
1379: *-*-linux*)
1380: # Some Linux versions need to link with -lshadow
1381: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1382: AC_CHECK_FUNCS(getspnam, , [AC_CHECK_LIB(shadow, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lshadow"; LIBS="${LIBS} -lshadow"])])
1.1 millert 1383: CHECKSHADOW="false"
1384: fi
1385: ;;
1386: *-convex-bsd*)
1.7 millert 1387: SUDO_DEFINE(_CONVEX_SOURCE)
1.1 millert 1388: if test -z "$GCC"; then
1389: CFLAGS="${CFLAGS} -D__STDC__"
1390: fi
1391:
1392: if test "$CHECKSHADOW" = "true"; then
1393: AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"; OSDEFS="${OSDEFS} -D_AUDIT -D_ACL -DSecureWare"; SECUREWARE=1])
1394: CHECKSHADOW="false"
1395: fi
1396: ;;
1397: *-*-ultrix*)
1398: OS="ultrix"
1399: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1400: AC_CHECK_LIB(auth, getauthuid, AC_DEFINE(HAVE_GETAUTHUID, 1, [Define if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)]) [SUDO_LIBS="${SUDO_LIBS} -lauth"; LIBS="${LIBS} -lauth"])
1.1 millert 1401: CHECKSHADOW="false"
1402: fi
1403: ;;
1404: *-*-riscos*)
1405: LIBS="${LIBS} -lsun -lbsd"
1406: CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1407: OSDEFS="${OSDEFS} -D_MIPS"
1.7 millert 1408: test -n "$mansectsu" || mansectsu=1m
1409: test -n "$mansectform" || mansectform=4
1.1 millert 1410: ;;
1411: *-*-isc*)
1412: OSDEFS="${OSDEFS} -D_ISC"
1413: LIB_CRYPT=1
1414: SUDO_LIBS="${SUDO_LIBS} -lcrypt"
1415: LIBS="${LIBS} -lcrypt"
1416:
1417: if test "$CHECKSHADOW" = "true"; then
1418: AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
1419: CHECKSHADOW="false"
1420: fi
1.7 millert 1421: test -n "$mansectsu" || mansectsu=1m
1422: test -n "$mansectform" || mansectform=4
1.1 millert 1423: ;;
1.7 millert 1424: *-*-sco*|*-sco-*)
1.1 millert 1425: if test "$CHECKSHADOW" = "true"; then
1426: AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lprot -lx"; LIBS="${LIBS} -lprot -lx"; SECUREWARE=1], , -lx)
1427: AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])
1428: CHECKSHADOW="false"
1429: fi
1.8 millert 1430: test -n "$mansectsu" || mansectsu=1m
1431: test -n "$mansectform" || mansectform=4
1432: ;;
1433: m88k-motorola-sysv*)
1434: # motorolla's cc (a variant of gcc) does -O but not -O2
1435: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1.7 millert 1436: test -n "$mansectsu" || mansectsu=1m
1437: test -n "$mansectform" || mansectform=4
1.1 millert 1438: ;;
1439: *-sequent-sysv*)
1440: if test "$CHECKSHADOW" = "true"; then
1441: AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
1442: CHECKSHADOW="false"
1443: fi
1.7 millert 1444: test -n "$mansectsu" || mansectsu=1m
1445: test -n "$mansectform" || mansectform=4
1.15 millert 1446: test -n "$with_rpath" || with_rpath=yes
1.7 millert 1447: ;;
1448: *-ncr-sysv4*|*-ncr-sysvr4*)
1449: AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
1450: test -n "$mansectsu" || mansectsu=1m
1451: test -n "$mansectform" || mansectform=4
1.15 millert 1452: test -n "$with_rpath" || with_rpath=yes
1.1 millert 1453: ;;
1.7 millert 1454: *-ccur-sysv4*|*-ccur-sysvr4*)
1.1 millert 1455: LIBS="${LIBS} -lgen"
1456: SUDO_LIBS="${SUDO_LIBS} -lgen"
1.7 millert 1457: test -n "$mansectsu" || mansectsu=1m
1458: test -n "$mansectform" || mansectform=4
1.15 millert 1459: test -n "$with_rpath" || with_rpath=yes
1.1 millert 1460: ;;
1461: *-*-bsdi*)
1.14 millert 1462: SKIP_SETREUID=yes
1.5 millert 1463: # Use shlicc for BSD/OS [23].x unless asked to do otherwise
1464: if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
1465: case "$OSREV" in
1.15 millert 1466: 2|3) AC_MSG_NOTICE([using shlicc as CC])
1.5 millert 1467: ac_cv_prog_CC=shlicc
1468: CC="$ac_cv_prog_CC"
1469: ;;
1470: esac
1471: fi
1472: ;;
1473: *-*-freebsd*)
1.11 millert 1474: # FreeBSD has a real setreuid(2) starting with 2.1 and
1475: # backported to 2.0.5. We just take 2.1 and above...
1476: case "`echo $host_os | sed 's/^freebsd\([[0-9\.]]*\).*$/\1/'`" in
1477: 0.*|1.*|2.0*)
1.14 millert 1478: SKIP_SETREUID=yes
1.11 millert 1479: ;;
1480: esac
1.6 millert 1481: if test "$with_logincap" = "yes"; then
1482: SUDO_LIBS="${SUDO_LIBS} -lutil"
1483: fi
1.5 millert 1484: if test "$with_skey" = "yes"; then
1485: SUDO_LIBS="${SUDO_LIBS} -lmd"
1486: fi
1487: if test "$CHECKSHADOW" = "true"; then
1488: CHECKSHADOW="false"
1.1 millert 1489: fi
1490: ;;
1.7 millert 1491: *-*-*openbsd*)
1.14 millert 1492: SKIP_SETREUID=yes
1.7 millert 1493: if test "$CHECKSHADOW" = "true"; then
1494: CHECKSHADOW="false"
1495: fi
1496: ;;
1497: *-*-*netbsd*)
1.11 millert 1498: # NetBSD has a real setreuid(2) starting with 1.3.2
1499: case "`echo $host_os | sed 's/^netbsd\([[0-9\.]]*\).*$/\1/'`" in
1500: 0.9*|1.[012]*|1.3|1.3.1)
1.14 millert 1501: SKIP_SETREUID=yes
1.11 millert 1502: ;;
1503: esac
1.7 millert 1504: if test "$CHECKSHADOW" = "true"; then
1505: CHECKSHADOW="false"
1506: fi
1507: ;;
1.1 millert 1508: *-*-*bsd*)
1509: if test "$CHECKSHADOW" = "true"; then
1510: CHECKSHADOW="false"
1511: fi
1512: ;;
1.7 millert 1513: *-*-nextstep*)
1514: # lockf() on is broken on the NeXT -- use flock instead
1515: ac_cv_func_lockf=no
1516: ac_cv_func_flock=yes
1517: ;;
1.15 millert 1518: *-*-*sysv4*)
1519: test -n "$mansectsu" || mansectsu=1m
1520: test -n "$mansectform" || mansectform=4
1521: test -n "$with_rpath" || with_rpath=yes
1522: ;;
1.5 millert 1523: *-*-sysv*)
1.7 millert 1524: test -n "$mansectsu" || mansectsu=1m
1525: test -n "$mansectform" || mansectform=4
1.5 millert 1526: ;;
1.1 millert 1527: esac
1528:
1529: dnl
1.5 millert 1530: dnl Use BSD-style man sections by default
1531: dnl
1532: test -n "$mansectsu" || mansectsu=8
1533: test -n "$mansectform" || mansectform=5
1534:
1535: dnl
1.15 millert 1536: dnl Add in any libpaths or libraries specified via configure
1537: dnl
1538: if test -n "$with_libpath"; then
1539: for i in ${with_libpath}; do
1540: SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
1541: done
1542: fi
1543: if test -n "$with_libraries"; then
1544: for i in ${with_libraries}; do
1545: case $i in
1546: -l*) ;;
1547: *.a) ;;
1548: *.o) ;;
1549: *) i="-l${i}";;
1550: esac
1551: LIBS="${LIBS} ${i}"
1552: done
1553: fi
1554:
1555: dnl
1.1 millert 1556: dnl Check for shadow password routines if we have not already done so.
1557: dnl We check for SVR4-style first and then SecureWare-style.
1558: dnl
1559: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1560: AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM, 1, [Define if you have the `getspnam' function (SVR4-style shadow passwords)]) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])])
1.1 millert 1561: fi
1562: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1563: AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))])
1.1 millert 1564: fi
1565:
1566: dnl
1567: dnl C compiler checks (to be done after os checks)
1568: dnl
1569: AC_PROG_GCC_TRADITIONAL
1570: AC_C_CONST
1.7 millert 1571: AC_C_VOLATILE
1.1 millert 1572: dnl
1573: dnl Program checks
1574: dnl
1575: AC_PROG_YACC
1.7 millert 1576: SUDO_PROG_MV
1577: SUDO_PROG_BSHELL
1.1 millert 1578: if test -z "$with_sendmail"; then
1579: SUDO_PROG_SENDMAIL
1580: fi
1.7 millert 1581: if test -z "$with_editor"; then
1582: SUDO_PROG_VI
1583: fi
1.1 millert 1584: dnl
1585: dnl Header file checks
1586: dnl
1587: AC_HEADER_STDC
1588: AC_HEADER_DIRENT
1.7 millert 1589: AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h)
1.16 millert 1590: AC_CHECK_HEADERS(err.h, , [AC_LIBOBJ(err)])
1.1 millert 1591: dnl ultrix termio/termios are broken
1592: if test "$OS" != "ultrix"; then
1.7 millert 1593: AC_SYS_POSIX_TERMIOS
1594: if test "$ac_cv_sys_posix_termios" = "yes"; then
1595: AC_DEFINE(HAVE_TERMIOS_H, 1, [Define if you have the <termios.h> header file and the `tcgetattr' function.])
1596: else
1597: AC_CHECK_HEADERS(termio.h)
1598: fi
1.1 millert 1599: fi
1.6 millert 1600: if test "$with_logincap" = "yes"; then
1601: AC_CHECK_HEADERS(login_cap.h)
1602: fi
1603: if test "$with_bsdauth" = "yes"; then
1.14 millert 1604: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H, 1, [Define if you use BSD authentication.]) [with_passwd=no; AUTH_OBJS=bsdauth.o], -)
1.6 millert 1605: fi
1.1 millert 1606: dnl
1607: dnl typedef checks
1608: dnl
1609: AC_TYPE_MODE_T
1610: AC_TYPE_UID_T
1.7 millert 1611: AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int, [Define to `int' if <signal.h> does not define.])], [#include <sys/types.h>
1612: #include <signal.h>])
1613: AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T, 1, [Define if <signal.h> has the sigaction_t typedef.])], ,[#include <sys/types.h>
1614: #include <signal.h>])
1.1 millert 1615: SUDO_TYPE_SIZE_T
1616: SUDO_TYPE_SSIZE_T
1617: SUDO_TYPE_DEV_T
1618: SUDO_TYPE_INO_T
1619: SUDO_FULL_VOID
1620: SUDO_UID_T_LEN
1621: SUDO_LONG_LONG
1622: SUDO_SOCK_SA_LEN
1623: dnl
1624: dnl only set RETSIGTYPE if it is not set already
1625: dnl
1626: case "$DEFS" in
1627: *"RETSIGTYPE"*) ;;
1628: *) AC_TYPE_SIGNAL;;
1629: esac
1630: dnl
1631: dnl Function checks
1632: dnl
1.7 millert 1633: AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
1.14 millert 1634: strftime setrlimit initgroups fstat)
1635: if test -z "$SKIP_SETRESUID"; then
1636: AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes])
1637: fi
1638: if test -z "$SKIP_SETREUID"; then
1.7 millert 1639: AC_CHECK_FUNCS(setreuid)
1640: fi
1641: if test X"$with_interfaces" != X"no"; then
1.14 millert 1642: AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
1.7 millert 1643: fi
1.1 millert 1644: if test -n "$SECUREWARE"; then
1.7 millert 1645: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
1.1 millert 1646: fi
1647: if test -z "$BROKEN_GETCWD"; then
1.7 millert 1648: AC_REPLACE_FUNCS(getcwd)
1.1 millert 1649: fi
1.7 millert 1650: AC_CHECK_FUNCS(lockf flock, [break])
1651: AC_CHECK_FUNCS(waitpid wait3, [break])
1.14 millert 1652: AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
1653: AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], AC_LIBOBJ(lsearch), -), AC_LIBOBJ(lsearch))])
1654: AC_CHECK_FUNCS(utime, [SUDO_FUNC_UTIME_POSIX], [AC_LIBOBJ(utime)])
1.7 millert 1655: SUDO_FUNC_FNMATCH(AC_DEFINE(HAVE_FNMATCH, 1, [Define if you have the `fnmatch' function.]), AC_LIBOBJ(fnmatch))
1656: SUDO_FUNC_ISBLANK
1.14 millert 1657: AC_REPLACE_FUNCS(strerror strcasecmp sigaction strlcpy strlcat)
1.7 millert 1658: AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
1.1 millert 1659: dnl
1660: dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
1661: dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
1662: dnl
1663: if test -n "$NEED_SNPRINTF"; then
1.7 millert 1664: AC_LIBOBJ(snprintf)
1.1 millert 1665: fi
1666: dnl
1667: dnl if crypt(3) not in libc, look elsewhere
1668: dnl
1669: if test -z "$LIB_CRYPT"; then
1.7 millert 1670: AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))])
1.1 millert 1671: fi
1672: dnl
1673: dnl If socket(2) not in libc, check -lsocket and -linet
1674: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1675: dnl In this case we look for main(), not socket() to avoid using a cached value
1676: dnl
1.7 millert 1677: AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
1678: AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
1.1 millert 1679: dnl
1680: dnl If inet_addr(3) not in libc, check -lnsl and -linet
1681: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1682: dnl
1.7 millert 1683: AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
1684: AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
1.1 millert 1685: dnl
1686: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
1687: dnl
1.7 millert 1688: AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
1.1 millert 1689: dnl
1690: dnl Bison and DCE use alloca(3), if not in libc, use the sudo one (from gcc)
1691: dnl (gcc includes its own alloca(3) but other compilers may not)
1692: dnl
1693: if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then
1694: AC_FUNC_ALLOCA
1695: fi
1.16 millert 1696: dnl
1697: dnl Check for getprogname() or __progname
1698: dnl
1699: AC_CHECK_FUNCS(getprogname, , [
1700: AC_MSG_CHECKING([for __progname])
1701: AC_CACHE_VAL(sudo_cv___progname, [
1702: AC_TRY_LINK(, [extern char *__progname; (void)puts(__progname);],
1703: [sudo_cv___progname=yes], [sudo_cv___progname=no])])
1704: if test "$sudo_cv___progname" = "yes"; then
1705: AC_DEFINE(HAVE___PROGNAME, 1, [Define if your crt0.o defines the __progname symbol for you.])
1706: else
1707: AC_LIBOBJ(getprogname)
1708: fi
1709: AC_MSG_RESULT($sudo_cv___progname)
1710: ])
1.1 millert 1711: dnl
1.15 millert 1712: dnl Kerberos IV
1.1 millert 1713: dnl
1.15 millert 1714: if test -n "$with_kerb4"; then
1715: AC_DEFINE(HAVE_KERB4, 1, [Define if you use Kerberos IV.])
1716: dnl
1717: dnl Use the specified directory, if any, else search for correct inc dir
1718: dnl
1719: O_LDFLAGS="$LDFLAGS"
1720: if test "$with_kerb4" = "yes"; then
1721: found=no
1722: O_CPPFLAGS="$CPPFLAGS"
1723: for dir in "" "kerberosIV/" "krb4/" "kerberos4/" "kerberosv4/"; do
1724: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1725: AC_PREPROC_IFELSE([#include <krb.h>], [found=yes; break], )
1726: done
1727: test X"$found" = X"no" && CPPFLAGS="$O_CPPFLAGS"
1.1 millert 1728: else
1.15 millert 1729: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_kerb4}/lib])
1730: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb4}/lib])
1731: CPPFLAGS="$CPPFLAGS -I${with_kerb4}/include"
1732: AC_CHECK_HEADER([krb.h], [found=yes], [found=no])
1733: fi
1734: if test X"$found" = X"no"; then
1735: AC_MSG_WARN([Unable to locate Kerberos IV include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
1.1 millert 1736: fi
1737:
1.15 millert 1738: dnl
1739: dnl Check for -ldes vs. -ldes425
1740: dnl
1741: AC_CHECK_LIB(des, des_cbc_encrypt, [K4LIBS="-ldes"], [
1742: AC_CHECK_LIB(des425, des_cbc_encrypt, [K4LIBS="-ldes425"], [K4LIBS=""])
1743: ])
1744: dnl
1745: dnl Try to determine whether we have KTH or MIT/CNS Kerberos IV
1746: dnl
1747: AC_MSG_CHECKING(whether we are using KTH Kerberos IV)
1748: AC_TRY_COMPILE([#include <krb.h>], [const char *tmp = krb4_version;],
1749: [
1750: AC_MSG_RESULT(yes)
1751: K4LIBS="${K4LIBS} -lcom_err"
1752: AC_CHECK_LIB(roken, main, [K4LIBS="${K4LIBS} -lroken"])
1753: ], [
1754: AC_MSG_RESULT(no)
1755: ]
1756: )
1757: dnl
1758: dnl The actual Kerberos IV lib might be -lkrb or -lkrb4
1759: dnl
1760: AC_CHECK_LIB(krb, main, [K4LIBS="-lkrb $K4LIBS"], [
1761: AC_CHECK_LIB(krb4, main, [K4LIBS="-lkrb4 $K4LIBS"],
1762: [K4LIBS="-lkrb $K4LIBS"]
1763: [AC_MSG_WARN([Unable to locate Kerberos IV libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS and possibly add Kerberos libs to SUDO_LIBS])]
1764: , [$K4LIBS])
1765: ], [$K4LIBS])
1766: LDFLAGS="$O_LDFLAGS"
1767: SUDO_LIBS="${SUDO_LIBS} $K4LIBS"
1768: AUTH_OBJS="${AUTH_OBJS} kerb4.o"
1769: fi
1770:
1771: dnl
1772: dnl Kerberos V
1.16 millert 1773: dnl There is an easy way and a hard way...
1.15 millert 1774: dnl
1.16 millert 1775: if test "$with_kerb5" = "yes"; then
1776: AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
1777: if test -n "$KRB5CONFIG"; then
1778: AC_DEFINE(HAVE_KERB5, 1, [Define if you use Kerberos V.])
1779: AUTH_OBJS="${AUTH_OBJS} kerb5.o"
1780: CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
1781: SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"
1.17 ! millert 1782: dnl
! 1783: dnl Try to determine whether we have Heimdal or MIT Kerberos
! 1784: dnl
! 1785: AC_MSG_CHECKING(whether we are using Heimdal)
! 1786: AC_TRY_COMPILE([#include <krb5.h>], [const char *tmp = heimdal_version;],
! 1787: [
! 1788: AC_MSG_RESULT(yes)
! 1789: AC_DEFINE(HAVE_HEIMDAL, 1, [Define if your Kerberos is Heimdal.])
! 1790: ]
! 1791: )
1.16 millert 1792: fi
1793: fi
1794: if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then
1.15 millert 1795: AC_DEFINE(HAVE_KERB5, 1, [Define if you use Kerberos V.])
1796: dnl
1797: dnl Use the specified directory, if any, else search for correct inc dir
1798: dnl
1799: if test "$with_kerb5" = "yes"; then
1800: found=no
1801: O_CPPFLAGS="$CPPFLAGS"
1802: for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
1803: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1804: AC_PREPROC_IFELSE([#include <krb5.h>], [found=yes; break], )
1805: done
1806: if test X"$found" = X"no"; then
1807: CPPFLAGS="$O_CPPFLAGS"
1808: AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
1809: fi
1.1 millert 1810: else
1.15 millert 1811: dnl XXX - try to include krb5.h here too
1812: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb5}/lib])
1813: CPPFLAGS="$CPPFLAGS -I${with_kerb5}/include"
1.1 millert 1814: fi
1815:
1.15 millert 1816: dnl
1817: dnl Try to determine whether we have Heimdal or MIT Kerberos
1818: dnl
1819: AC_MSG_CHECKING(whether we are using Heimdal)
1820: AC_TRY_COMPILE([#include <krb5.h>], [const char *tmp = heimdal_version;],
1821: [
1822: AC_MSG_RESULT(yes)
1.17 ! millert 1823: AC_DEFINE(HAVE_HEIMDAL, 1, [Define if your Kerberos is Heimdal.])
1.15 millert 1824: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -ldes -lcom_err -lasn1"
1825: AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"])
1826: ], [
1827: AC_MSG_RESULT(no)
1828: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
1829: ]
1830: )
1.1 millert 1831: AUTH_OBJS="${AUTH_OBJS} kerb5.o"
1832: fi
1833:
1834: dnl
1.4 millert 1835: dnl PAM libs
1836: dnl
1837: if test "$with_pam" = "yes"; then
1.14 millert 1838: AC_HAVE_LIBRARY(dl, SUDO_LIBS="${SUDO_LIBS} -lpam -ldl", SUDO_LIBS="${SUDO_LIBS} -lpam")
1.4 millert 1839: fi
1840:
1841: dnl
1.1 millert 1842: dnl extra AFS libs and includes
1843: dnl
1844: if test "$with_AFS" = "yes"; then
1845:
1846: # looks like the "standard" place for AFS libs is /usr/afsws/lib
1847: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
1848: for i in $AFSLIBDIRS; do
1849: if test -d ${i}; then
1.15 millert 1850: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [$i])
1.1 millert 1851: FOUND_AFSLIBDIR=true
1852: fi
1853: done
1854: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 1855: AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDO_LDFLAGS or rerun configure with the --with-libpath options.])
1.1 millert 1856: fi
1857:
1858: # Order is important here. Note that we build AFS_LIBS from right to left
1859: # since AFS_LIBS may be initialized with BSD compat libs that must go last
1860: AFS_LIBS="-laudit ${AFS_LIBS}"
1861: for i in $AFSLIBDIRS; do
1862: if test -f ${i}/util.a; then
1863: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
1864: FOUND_UTIL_A=true
1865: break;
1866: fi
1867: done
1868: if test -z "$FOUND_UTIL_A"; then
1869: AFS_LIBS="-lutil ${AFS_LIBS}"
1870: fi
1871: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
1872:
1873: # AFS includes may live in /usr/include on some machines...
1874: for i in /usr/afsws/include; do
1875: if test -d ${i}; then
1876: CPPFLAGS="${CPPFLAGS} -I${i}"
1877: FOUND_AFSINCDIR=true
1878: fi
1879: done
1880:
1881: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 1882: AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
1.1 millert 1883: fi
1884: fi
1885:
1886: dnl
1887: dnl extra DCE obj + lib
1888: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
1889: dnl
1890: if test "$with_DCE" = "yes"; then
1891: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
1892: SUDO_LIBS="${SUDO_LIBS} -ldce"
1.5 millert 1893: fi
1894:
1895: dnl
1.1 millert 1896: dnl extra S/Key lib and includes
1897: dnl
1.15 millert 1898: if test -n "$with_skey"; then
1899: O_LDFLAGS="$LDFLAGS"
1900: if test "$with_skey" != "yes"; then
1901: CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
1902: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_skey}/lib])
1903: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_skey}/lib])
1904: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes], [found=no])
1.1 millert 1905: else
1.15 millert 1906: found=no
1907: O_CPPFLAGS="$CPPFLAGS"
1908: for dir in "" "/usr/local" "/usr/contrib"; do
1909: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1910: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes; break], )
1911: done
1912: if test "$found" = "no" -o -z "$dir"; then
1913: CPPFLAGS="$O_CPPFLAGS"
1914: else
1915: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
1916: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
1917: fi
1.1 millert 1918: fi
1.15 millert 1919: if test "$found" = "no"; then
1920: AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
1921: fi
1922: AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])])
1.7 millert 1923: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS, 1, [Define if your S/Key library has skeyaccess().]))
1.15 millert 1924: LDFLAGS="$O_LDFLAGS"
1925: SUDO_LIBS="${SUDO_LIBS} -lskey"
1.1 millert 1926: fi
1927:
1928: dnl
1929: dnl extra OPIE lib and includes
1930: dnl
1.15 millert 1931: if test -n "$with_opie"; then
1932: O_LDFLAGS="$LDFLAGS"
1933: if test "$with_opie" != "yes"; then
1934: CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
1935: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_opie}/lib])
1936: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_opie}/lib])
1937: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes], [found=no])
1.1 millert 1938: else
1.15 millert 1939: found=no
1940: O_CPPFLAGS="$CPPFLAGS"
1941: for dir in "" "/usr/local" "/usr/contrib"; do
1942: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1943: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes; break], )
1944: done
1945: if test "$found" = "no" -o -z "$dir"; then
1946: CPPFLAGS="$O_CPPFLAGS"
1947: else
1948: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
1949: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
1950: fi
1951: fi
1952: if test "$found" = "no"; then
1953: AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
1.1 millert 1954: fi
1.15 millert 1955: AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDO_LDFLAGS])])
1956: LDFLAGS="$O_LDFLAGS"
1957: SUDO_LIBS="${SUDO_LIBS} -lopie"
1.1 millert 1958: fi
1959:
1960: dnl
1961: dnl extra SecurID lib + includes
1962: dnl
1963: if test -n "$with_SecurID" -a "$with_SecurID" != "no"; then
1964: if test "$with_SecurID" != "yes"; then
1.14 millert 1965: :
1966: elif test -d /usr/ace/examples; then
1967: with_SecurID=/usr/ace/examples
1.1 millert 1968: else
1.14 millert 1969: with_SecurID=/usr/ace
1.1 millert 1970: fi
1.14 millert 1971: CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
1972: _LDFLAGS="${LDFLAGS}"
1.15 millert 1973: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_SecurID}])
1.14 millert 1974: #
1975: # Determine whether to use the new or old SecurID API
1976: #
1.15 millert 1977: AC_CHECK_LIB(aceclnt, SD_Init,
1978: [
1979: AUTH_OBJS="securid5.o"
1980: SUDO_LIBS="${SUDO_LIBS} -laceclnt -lpthread"
1981: ]
1982: [
1983: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_SecurID}])
1984: ], [
1985: AUTH_OBJS="securid.o"
1986: SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
1987: ],
1988: [
1989: -lpthread
1990: ]
1991: )
1.14 millert 1992: LDFLAGS="${_LDFLAGS}"
1.1 millert 1993: fi
1994:
1995: dnl
1996: dnl extra FWTK libs + includes
1997: dnl
1.15 millert 1998: if test -n "$with_fwtk"; then
1999: if test "$with_fwtk" != "yes"; then
2000: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_fwtk}])
2001: CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
2002: with_fwtk=yes
2003: fi
1.1 millert 2004: SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall"
2005: fi
2006:
2007: dnl
2008: dnl extra 'authenticate' lib (AIX only?)
2009: dnl
2010: if test "$with_authenticate" = "yes"; then
2011: SUDO_LIBS="${SUDO_LIBS} -ls"
2012: fi
2013:
2014: dnl
1.15 millert 2015: dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we
2016: dnl added -L dirpaths to SUDO_LDFLAGS.
2017: dnl
2018: if test -n "$blibpath"; then
2019: if test -n "$blibpath_add"; then
2020: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}${blibpath_add}"
2021: elif test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
2022: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}"
2023: fi
2024: fi
2025:
2026: dnl
1.1 millert 2027: dnl Check for log file and timestamp locations
2028: dnl
2029: SUDO_LOGFILE
2030: SUDO_TIMEDIR
2031:
2032: dnl
2033: dnl Use passwd (and secureware) auth modules?
2034: dnl
2035: if test "$with_passwd" = "no"; then
1.7 millert 2036: AC_DEFINE(WITHOUT_PASSWD, 1. [Define to avoid using the passwd/shadow file for authentication.])
1.1 millert 2037: if test -z "$AUTH_OBJS"; then
2038: AC_MSG_ERROR([no authentication methods defined.])
2039: fi
2040: else
2041: if test -n "$SECUREWARE"; then
2042: AUTH_OBJS="${AUTH_OBJS} passwd.o secureware.o"
2043: else
2044: AUTH_OBJS="${AUTH_OBJS} passwd.o"
2045: fi
2046: fi
2047:
2048: dnl
2049: dnl LIBS may contain duplicates from SUDO_LIBS or NET_LIBS so prune it.
2050: dnl
2051: if test -n "$LIBS"; then
2052: L="$LIBS"
2053: LIBS=
2054: for l in ${L}; do
2055: dupe=0
2056: for sl in ${SUDO_LIBS} ${NET_LIBS}; do
2057: test $l = $sl && dupe=1
2058: done
2059: test $dupe = 0 && LIBS="${LIBS} $l"
2060: done
2061: fi
2062:
2063: dnl
2064: dnl Set exec_prefix
2065: dnl
2066: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
2067:
2068: dnl
1.5 millert 2069: dnl Substitute into the Makefile and man pages
1.1 millert 2070: dnl
1.5 millert 2071: AC_OUTPUT([Makefile sudo.man visudo.man sudoers.man])
1.1 millert 2072:
2073: dnl
2074: dnl Spew any text the user needs to know about
2075: dnl
2076: if test "$with_pam" = "yes"; then
2077: case $host in
2078: *-*-linux*)
1.15 millert 2079: AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
1.1 millert 2080: ;;
2081: esac
2082: fi
1.7 millert 2083:
2084: dnl
2085: dnl Special bits for autoheader
2086: dnl
2087: AH_VERBATIM([_GNU_SOURCE],
2088: [/* Enable GNU extensions on systems that have them. */
2089: #ifndef _GNU_SOURCE
2090: # define _GNU_SOURCE 1
2091: #endif])
2092:
2093: AH_VERBATIM([_ALL_SOURCE],
2094: [/* Enable non-POSIX extensions on AIX. */
2095: #ifndef _ALL_SOURCE
2096: # undef _ALL_SOURCE
2097: #endif])
2098:
2099: AH_VERBATIM([_CONVEX_SOURCE],
2100: [/* Enable non-POSIX extensions on ConvexOS. */
2101: #ifndef _CONVEX_SOURCE
2102: # undef _CONVEX_SOURCE
2103: #endif])
2104:
2105: AH_TOP([#ifndef _SUDO_CONFIG_H
2106: #define _SUDO_CONFIG_H])
2107:
2108: AH_BOTTOM([/*
2109: * Emulate a subset of waitpid() if we don't have it.
2110: */
2111: #ifdef HAVE_WAITPID
2112: # define sudo_waitpid(p, s, o) waitpid(p, s, o)
2113: #else
2114: # ifdef HAVE_WAIT3
2115: # define sudo_waitpid(p, s, o) wait3(s, o, NULL)
2116: # endif
1.14 millert 2117: #endif
2118:
2119: /* GNU stow needs /etc/sudoers to be a symlink. */
2120: #ifdef HAVE_STOW
2121: # define stat_sudoers stat
2122: #else
2123: # define stat_sudoers lstat
1.7 millert 2124: #endif
2125:
2126: /* Solaris doesn't use const qualifiers in PAM. */
2127: #ifdef sun
2128: # define PAM_CONST
2129: #else
2130: # define PAM_CONST const
2131: #endif
2132:
2133: #ifdef USE_EXECV
2134: # define EXEC execv
2135: #else
2136: # define EXEC execvp
2137: #endif /* USE_EXECV */
2138:
2139: /* New ANSI-style OS defs for HP-UX and ConvexOS. */
2140: #if defined(hpux) && !defined(__hpux)
2141: # define __hpux 1
2142: #endif /* hpux */
2143:
2144: #if defined(convex) && !defined(__convex__)
2145: # define __convex__ 1
2146: #endif /* convex */
2147:
2148: /* BSD compatibility on some SVR4 systems. */
2149: #ifdef __svr4__
2150: # define BSD_COMP
2151: #endif /* __svr4__ */
2152:
2153: #endif /* _SUDO_CONFIG_H */])