Annotation of src/usr.bin/sudo/configure.in, Revision 1.24
1.1 millert 1: dnl
2: dnl Process this file with GNU autoconf to produce a configure script.
1.24 ! millert 3: dnl $Sudo: configure.in,v 1.413.2.18 2007/08/15 13:48:51 millert Exp $
1.1 millert 4: dnl
1.23 millert 5: dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller <Todd.Miller@courtesan.com>
1.1 millert 6: dnl
1.23 millert 7: AC_INIT([sudo], [1.6.9])
1.1 millert 8: AC_CONFIG_HEADER(config.h pathnames.h)
9: dnl
1.23 millert 10: dnl This won't work before AC_INIT
1.1 millert 11: dnl
1.23 millert 12: AC_MSG_NOTICE([Configuring Sudo version 1.6.9])
1.1 millert 13: dnl
1.7 millert 14: dnl Variables that get substituted in the Makefile and man pages
1.1 millert 15: dnl
1.21 millert 16: AC_SUBST(LIBTOOL)
1.23 millert 17: AC_SUBST(CFLAGS)
18: AC_SUBST(PROGS)
19: AC_SUBST(CPPFLAGS)
20: AC_SUBST(LDFLAGS)
21: AC_SUBST(SUDO_LDFLAGS)
22: AC_SUBST(SUDO_OBJS)
23: AC_SUBST(LIBS)
24: AC_SUBST(SUDO_LIBS)
25: AC_SUBST(NET_LIBS)
26: AC_SUBST(AFS_LIBS)
27: AC_SUBST(OSDEFS)
28: AC_SUBST(AUTH_OBJS)
29: AC_SUBST(MANTYPE)
30: AC_SUBST(MAN_POSTINSTALL)
31: AC_SUBST(SUDOERS_MODE)
32: AC_SUBST(SUDOERS_UID)
33: AC_SUBST(SUDOERS_GID)
1.5 millert 34: AC_SUBST(DEV)
35: AC_SUBST(mansectsu)
36: AC_SUBST(mansectform)
37: AC_SUBST(mansrcdir)
1.21 millert 38: AC_SUBST(NOEXECDIR)
39: AC_SUBST(noexec_file)
40: AC_SUBST(INSTALL_NOEXEC)
1.23 millert 41: AC_SUBST(DONT_LEAK_PATH_INFO)
1.5 millert 42: dnl
1.7 millert 43: dnl Variables that get substituted in docs (not overridden by environment)
44: dnl
45: AC_SUBST(timedir)dnl initial value from SUDO_TIMEDIR
46: AC_SUBST(timeout)
47: AC_SUBST(password_timeout)
48: AC_SUBST(sudo_umask)
49: AC_SUBST(passprompt)
50: AC_SUBST(long_otp_prompt)
51: AC_SUBST(lecture)
52: AC_SUBST(logfac)
53: AC_SUBST(goodpri)
54: AC_SUBST(badpri)
55: AC_SUBST(loglen)
56: AC_SUBST(ignore_dot)
57: AC_SUBST(mail_no_user)
58: AC_SUBST(mail_no_host)
59: AC_SUBST(mail_no_perms)
60: AC_SUBST(mailto)
61: AC_SUBST(mailsub)
62: AC_SUBST(badpass_message)
63: AC_SUBST(fqdn)
64: AC_SUBST(runas_default)
65: AC_SUBST(env_editor)
66: AC_SUBST(passwd_tries)
67: AC_SUBST(tty_tickets)
68: AC_SUBST(insults)
1.21 millert 69: AC_SUBST(root_sudo)
1.23 millert 70: AC_SUBST(path_info)
1.7 millert 71: dnl
72: dnl Initial values for above
73: dnl
74: timeout=5
75: password_timeout=5
76: sudo_umask=0022
77: passprompt="Password:"
78: long_otp_prompt=off
1.21 millert 79: lecture=once
1.7 millert 80: logfac=local2
81: goodpri=notice
82: badpri=alert
83: loglen=80
84: ignore_dot=off
85: mail_no_user=on
86: mail_no_host=off
87: mail_no_perms=off
88: mailto=root
89: mailsub='*** SECURITY information for %h ***'
90: badpass_message='Sorry, try again.'
91: fqdn=off
92: runas_default=root
93: env_editor=off
94: passwd_tries=3
95: tty_tickets=off
96: insults=off
1.21 millert 97: root_sudo=on
1.23 millert 98: path_info=on
1.21 millert 99: INSTALL_NOEXEC=
1.7 millert 100: dnl
1.5 millert 101: dnl Initial values for Makefile variables listed above
1.7 millert 102: dnl May be overridden by environment variables..
1.5 millert 103: dnl
104: PROGS="sudo visudo"
1.23 millert 105: : ${MANTYPE='man'}
106: : ${mansrcdir='.'}
107: : ${SUDOERS_MODE='0440'}
108: : ${SUDOERS_UID='0'}
109: : ${SUDOERS_GID='0'}
1.1 millert 110: DEV="#"
1.23 millert 111: AUTH_OBJS=passwd.o
1.5 millert 112:
113: dnl
114: dnl Other vaiables
115: dnl
1.1 millert 116: CHECKSHADOW=true
117: CHECKSIA=true
1.23 millert 118: shadow_defs=
119: shadow_funcs=
120: shadow_libs=
121: shadow_libs_optional=
1.1 millert 122:
123: dnl
124: dnl Override default configure dirs...
125: dnl
126: test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man'
127: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
128: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
1.14 millert 129: test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
1.1 millert 130:
131: dnl
132: dnl Deprecated --with options (these all warn or generate an error)
133: dnl
134:
135: AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
136: [case $with_otp_only in
1.23 millert 137: yes) AUTH_OBJS=`echo "$AUTH_OBJS"|sed -e 's/^passwd\.o *//'`
1.15 millert 138: AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
1.1 millert 139: ;;
140: esac])
141:
142: AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
143: [case $with_alertmail in
144: *) with_mailto="$with_alertmail"
1.15 millert 145: AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
1.1 millert 146: ;;
147: esac])
148:
149: dnl
150: dnl Options for --with
151: dnl
152:
153: AC_ARG_WITH(CC, [ --with-CC C compiler to use],
154: [case $with_CC in
155: yes) AC_MSG_ERROR(["must give --with-CC an argument."])
156: ;;
157: no) AC_MSG_ERROR(["illegal argument: --without-CC."])
158: ;;
159: *) CC=$with_CC
160: ;;
161: esac])
162:
1.15 millert 163: AC_ARG_WITH(rpath, [ --with-rpath pass -R flag in addition to -L for lib paths],
164: [case $with_rpath in
1.23 millert 165: yes|no) ;;
1.15 millert 166: *) AC_MSG_ERROR(["--with-rpath does not take an argument."])
167: ;;
168: esac])
169:
1.23 millert 170: AC_ARG_WITH(blibpath, [ --with-blibpath[=PATH] pass -blibpath flag to ld for additional lib paths],
1.15 millert 171: [case $with_blibpath in
1.23 millert 172: yes|no) ;;
1.15 millert 173: *) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
174: ;;
175: esac])
176:
1.1 millert 177: AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files],
1.21 millert 178: [case $with_incpath in
1.1 millert 179: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
180: ;;
181: no) AC_MSG_ERROR(["--without-incpath not supported."])
182: ;;
1.15 millert 183: *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
1.1 millert 184: for i in ${with_incpath}; do
185: CPPFLAGS="${CPPFLAGS} -I${i}"
186: done
187: ;;
188: esac])
189:
190: AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries],
1.21 millert 191: [case $with_libpath in
1.1 millert 192: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
193: ;;
194: no) AC_MSG_ERROR(["--without-libpath not supported."])
195: ;;
1.15 millert 196: *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
1.1 millert 197: ;;
198: esac])
199:
200: AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with],
1.21 millert 201: [case $with_libraries in
1.1 millert 202: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
203: ;;
204: no) AC_MSG_ERROR(["--without-libraries not supported."])
205: ;;
1.15 millert 206: *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
1.1 millert 207: ;;
208: esac])
209:
1.13 david 210: AC_ARG_WITH(devel, [ --with-devel add development options],
1.21 millert 211: [case $with_devel in
1.15 millert 212: yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
1.1 millert 213: PROGS="${PROGS} testsudoers"
214: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
215: DEV=""
216: ;;
217: no) ;;
1.15 millert 218: *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
1.1 millert 219: ;;
220: esac])
221:
1.9 millert 222: AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging],
1.21 millert 223: [case $with_efence in
1.15 millert 224: yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
1.9 millert 225: LIBS="${LIBS} -lefence"
226: if test -f /usr/local/lib/libefence.a; then
1.15 millert 227: with_libpath="${with_libpath} /usr/local/lib"
1.9 millert 228: fi
229: ;;
230: no) ;;
1.15 millert 231: *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
1.9 millert 232: ;;
233: esac])
234:
1.1 millert 235: AC_ARG_WITH(csops, [ --with-csops add CSOps standard options],
1.21 millert 236: [case $with_csops in
1.15 millert 237: yes) AC_MSG_NOTICE([Adding CSOps standard options])
1.1 millert 238: CHECKSIA=false
239: with_ignore_dot=yes
1.7 millert 240: insults=on
1.1 millert 241: with_classic_insults=yes
242: with_csops_insults=yes
243: with_env_editor=yes
1.23 millert 244: : ${mansectsu='8'}
245: : ${mansectform='5'}
1.1 millert 246: ;;
247: no) ;;
1.15 millert 248: *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
1.1 millert 249: ;;
250: esac])
251:
252: AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication],
253: [case $with_passwd in
254: yes) ;;
1.23 millert 255: no) AUTH_OBJS=`echo "$AUTH_OBJS"|sed -e 's/^passwd\.o *//'`
1.1 millert 256: AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
257: AC_MSG_RESULT(no)
258: ;;
259: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
260: ;;
261: esac])
262:
1.23 millert 263: AC_ARG_WITH(skey, [ --with-skey[=DIR] enable S/Key support ],
1.1 millert 264: [case $with_skey in
1.23 millert 265: no) with_skey=""
266: ;;
1.15 millert 267: *) if test -n "$with_opie"; then
1.1 millert 268: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
269: fi
1.21 millert 270: AC_DEFINE(HAVE_SKEY)
1.1 millert 271: AC_MSG_CHECKING(whether to try S/Key authentication)
272: AC_MSG_RESULT(yes)
1.23 millert 273: SUDO_ADD_AUTH([S/Key], [rfc1938.o])
1.1 millert 274: ;;
275: esac])
276:
1.23 millert 277: AC_ARG_WITH(opie, [ --with-opie[=DIR] enable OPIE support ],
1.1 millert 278: [case $with_opie in
1.23 millert 279: no) with_opie=""
280: ;;
1.15 millert 281: *) if test -n "$with_skey"; then
1.1 millert 282: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
283: fi
1.21 millert 284: AC_DEFINE(HAVE_OPIE)
1.1 millert 285: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
286: AC_MSG_RESULT(yes)
1.23 millert 287: SUDO_ADD_AUTH([NRL OPIE], [rfc1938.o])
1.1 millert 288: ;;
289: esac])
290:
291: AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt],
292: [case $with_long_otp_prompt in
1.21 millert 293: yes) AC_DEFINE(LONG_OTP_PROMPT)
1.1 millert 294: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
295: AC_MSG_RESULT(yes)
1.7 millert 296: long_otp_prompt=on
297: ;;
298: no) long_otp_prompt=off
1.1 millert 299: ;;
300: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
301: ;;
302: esac])
303:
1.15 millert 304: AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support],
1.1 millert 305: [case $with_SecurID in
1.15 millert 306: no) with_SecurID="";;
1.21 millert 307: *) AC_DEFINE(HAVE_SECURID)
1.1 millert 308: AC_MSG_CHECKING(whether to use SecurID for authentication)
309: AC_MSG_RESULT(yes)
1.23 millert 310: # AUTH_OBJS updated later
1.1 millert 311: ;;
312: esac])
313:
1.15 millert 314: AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support],
1.1 millert 315: [case $with_fwtk in
1.15 millert 316: no) with_fwtk="";;
1.21 millert 317: *) AC_DEFINE(HAVE_FWTK)
1.1 millert 318: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
319: AC_MSG_RESULT(yes)
1.23 millert 320: SUDO_ADD_AUTH([FWTK AuthSRV], [fwtk.o], [true])
1.1 millert 321: ;;
322: esac])
323:
1.15 millert 324: AC_ARG_WITH(kerb4, [ --with-kerb4[[=DIR]] enable Kerberos IV support],
1.1 millert 325: [case $with_kerb4 in
1.15 millert 326: no) with_kerb4="";;
327: *) AC_MSG_CHECKING(whether to try kerberos IV authentication)
1.1 millert 328: AC_MSG_RESULT(yes)
329: ;;
330: esac])
331:
1.15 millert 332: AC_ARG_WITH(kerb5, [ --with-kerb5[[=DIR]] enable Kerberos V support],
1.1 millert 333: [case $with_kerb5 in
1.15 millert 334: no) with_kerb5="";;
335: *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
1.1 millert 336: AC_MSG_RESULT(yes)
337: ;;
338: esac])
339:
1.23 millert 340: AC_ARG_WITH(aixauth, [ --with-aixauth enable AIX general authentication support],
341: [case $with_aixauth in
342: yes|no) ;;
343: *) AC_MSG_ERROR(["--with-aixauth does not take an argument."])
1.1 millert 344: ;;
345: esac])
346:
347: AC_ARG_WITH(pam, [ --with-pam enable PAM support],
348: [case $with_pam in
1.23 millert 349: yes|no) ;;
1.1 millert 350: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
351: ;;
352: esac])
353:
354: AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
355: [case $with_AFS in
1.21 millert 356: yes) AC_DEFINE(HAVE_AFS)
1.1 millert 357: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
358: AC_MSG_RESULT(yes)
1.23 millert 359: SUDO_ADD_AUTH([AFS], [afs.o])
1.1 millert 360: ;;
361: no) ;;
362: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
363: ;;
364: esac])
365:
366: AC_ARG_WITH(DCE, [ --with-DCE enable DCE support],
367: [case $with_DCE in
1.21 millert 368: yes) AC_DEFINE(HAVE_DCE)
1.1 millert 369: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
370: AC_MSG_RESULT(yes)
1.23 millert 371: SUDO_ADD_AUTH([DCE], [dce.o])
1.1 millert 372: ;;
373: no) ;;
374: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
375: ;;
376: esac])
377:
1.6 millert 378: AC_ARG_WITH(logincap, [ --with-logincap enable BSD login class support],
1.5 millert 379: [case $with_logincap in
1.6 millert 380: yes|no) ;;
381: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
382: ;;
383: esac])
384:
385: AC_ARG_WITH(bsdauth, [ --with-bsdauth enable BSD authentication support],
386: [case $with_bsdauth in
1.23 millert 387: yes|no) ;;
388: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
1.5 millert 389: ;;
1.23 millert 390: esac])
391:
392: AC_ARG_WITH(project, [ --with-project enable Solaris project support],
393: [case $with_project in
394: yes|no) ;;
395: no) ;;
396: *) AC_MSG_ERROR(["--with-project does not take an argument."])
1.5 millert 397: ;;
398: esac])
399:
1.1 millert 400: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
401: AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
1.21 millert 402: [case $with_lecture in
403: yes|short|always) lecture=once
1.1 millert 404: ;;
1.21 millert 405: no|none|never) lecture=never
1.1 millert 406: ;;
407: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
408: ;;
1.7 millert 409: esac])
1.21 millert 410: if test "$lecture" = "once"; then
1.7 millert 411: AC_MSG_RESULT(yes)
412: else
1.21 millert 413: AC_DEFINE(NO_LECTURE)
1.7 millert 414: AC_MSG_RESULT(no)
415: fi
1.1 millert 416:
417: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
418: AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
1.21 millert 419: [case $with_logging in
1.1 millert 420: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
421: ;;
422: no) AC_MSG_ERROR(["--without-logging not supported."])
423: ;;
1.21 millert 424: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG)
1.1 millert 425: AC_MSG_RESULT(syslog)
426: ;;
427: file) AC_DEFINE(LOGGING, SLOG_FILE)
428: AC_MSG_RESULT(file)
429: ;;
430: both) AC_DEFINE(LOGGING, SLOG_BOTH)
431: AC_MSG_RESULT(both)
432: ;;
433: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
434: ;;
435: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
436:
437: AC_MSG_CHECKING(which syslog facility sudo should log with)
1.7 millert 438: AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")],
1.21 millert 439: [case $with_logfac in
1.1 millert 440: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
441: ;;
442: no) AC_MSG_ERROR(["--without-logfac not supported."])
443: ;;
1.7 millert 444: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
1.1 millert 445: ;;
446: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
447: ;;
1.7 millert 448: esac])
449: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
450: AC_MSG_RESULT($logfac)
1.1 millert 451:
452: AC_MSG_CHECKING(at which syslog priority to log commands)
1.7 millert 453: AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")],
1.21 millert 454: [case $with_goodpri in
1.1 millert 455: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
456: ;;
457: no) AC_MSG_ERROR(["--without-goodpri not supported."])
458: ;;
1.7 millert 459: alert|crit|debug|emerg|err|info|notice|warning)
460: goodpri=$with_goodpri
1.1 millert 461: ;;
462: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
463: ;;
1.7 millert 464: esac])
465: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
466: AC_MSG_RESULT($goodpri)
1.1 millert 467:
468: AC_MSG_CHECKING(at which syslog priority to log failures)
1.7 millert 469: AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")],
1.21 millert 470: [case $with_badpri in
1.1 millert 471: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
472: ;;
473: no) AC_MSG_ERROR(["--without-badpri not supported."])
474: ;;
1.7 millert 475: alert|crit|debug|emerg|err|info|notice|warning)
476: badpri=$with_badpri
1.1 millert 477: ;;
478: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
479: ;;
1.7 millert 480: esac])
481: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
1.14 millert 482: AC_MSG_RESULT($badpri)
1.1 millert 483:
484: AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
1.21 millert 485: [case $with_logpath in
1.1 millert 486: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
487: ;;
488: no) AC_MSG_ERROR(["--without-logpath not supported."])
489: ;;
490: esac])
491:
492: AC_MSG_CHECKING(how long a line in the log file should be)
493: AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)],
1.21 millert 494: [case $with_loglen in
1.1 millert 495: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
496: ;;
497: no) AC_MSG_ERROR(["--without-loglen not supported."])
498: ;;
1.7 millert 499: [[0-9]]*) loglen=$with_loglen
1.1 millert 500: ;;
501: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
502: ;;
1.7 millert 503: esac])
504: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
505: AC_MSG_RESULT($loglen)
1.1 millert 506:
507: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
508: AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
1.21 millert 509: [case $with_ignore_dot in
1.7 millert 510: yes) ignore_dot=on
1.1 millert 511: ;;
1.7 millert 512: no) ignore_dot=off
1.1 millert 513: ;;
514: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
515: ;;
1.7 millert 516: esac])
517: if test "$ignore_dot" = "on"; then
1.21 millert 518: AC_DEFINE(IGNORE_DOT_PATH)
1.7 millert 519: AC_MSG_RESULT(yes)
520: else
521: AC_MSG_RESULT(no)
522: fi
1.1 millert 523:
524: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
525: AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers],
1.21 millert 526: [case $with_mail_if_no_user in
1.7 millert 527: yes) mail_no_user=on
1.1 millert 528: ;;
1.7 millert 529: no) mail_no_user=off
1.1 millert 530: ;;
1.7 millert 531: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
1.1 millert 532: ;;
1.7 millert 533: esac])
534: if test "$mail_no_user" = "on"; then
1.21 millert 535: AC_DEFINE(SEND_MAIL_WHEN_NO_USER)
1.7 millert 536: AC_MSG_RESULT(yes)
537: else
538: AC_MSG_RESULT(no)
539: fi
1.1 millert 540:
541: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
542: AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host],
1.21 millert 543: [case $with_mail_if_no_host in
1.7 millert 544: yes) mail_no_host=on
1.1 millert 545: ;;
1.7 millert 546: no) mail_no_host=off
1.1 millert 547: ;;
1.7 millert 548: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
1.1 millert 549: ;;
1.7 millert 550: esac])
551: if test "$mail_no_host" = "on"; then
1.21 millert 552: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST)
1.7 millert 553: AC_MSG_RESULT(yes)
554: else
555: AC_MSG_RESULT(no)
556: fi
1.1 millert 557:
558: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
559: AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command],
1.21 millert 560: [case $with_mail_if_noperms in
1.7 millert 561: yes) mail_noperms=on
562: ;;
563: no) mail_noperms=off
564: ;;
565: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
566: ;;
567: esac])
568: if test "$mail_noperms" = "on"; then
1.21 millert 569: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK)
1.7 millert 570: AC_MSG_RESULT(yes)
571: else
572: AC_MSG_RESULT(no)
573: fi
574:
575: AC_MSG_CHECKING(who should get the mail that sudo sends)
576: AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
1.21 millert 577: [case $with_mailto in
1.7 millert 578: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
579: ;;
580: no) AC_MSG_ERROR(["--without-mailto not supported."])
581: ;;
582: *) mailto=$with_mailto
583: ;;
584: esac])
585: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
586: AC_MSG_RESULT([$mailto])
587:
588: AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
1.21 millert 589: [case $with_mailsubject in
1.7 millert 590: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
1.1 millert 591: ;;
1.15 millert 592: no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
1.1 millert 593: ;;
1.7 millert 594: *) mailsub="$with_mailsubject"
595: AC_MSG_CHECKING(sudo mail subject)
596: AC_MSG_RESULT([Using alert mail subject: $mailsub])
1.1 millert 597: ;;
1.7 millert 598: esac])
599: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
1.1 millert 600:
601: AC_MSG_CHECKING(for bad password prompt)
602: AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt],
1.21 millert 603: [case $with_passprompt in
1.1 millert 604: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
605: ;;
1.15 millert 606: no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
1.1 millert 607: ;;
1.7 millert 608: *) passprompt="$with_passprompt"
609: esac])
610: AC_MSG_RESULT($passprompt)
611: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
1.1 millert 612:
613: AC_MSG_CHECKING(for bad password message)
614: AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong],
1.21 millert 615: [case $with_badpass_message in
1.1 millert 616: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
617: ;;
1.15 millert 618: no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
1.1 millert 619: ;;
1.7 millert 620: *) badpass_message="$with_badpass_message"
1.1 millert 621: ;;
1.7 millert 622: esac])
623: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
624: AC_MSG_RESULT([$badpass_message])
1.1 millert 625:
626: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
627: AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers],
1.21 millert 628: [case $with_fqdn in
1.7 millert 629: yes) fqdn=on
1.1 millert 630: ;;
1.7 millert 631: no) fqdn=off
1.1 millert 632: ;;
633: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
634: ;;
1.7 millert 635: esac])
636: if test "$fqdn" = "on"; then
1.21 millert 637: AC_DEFINE(FQDN)
1.7 millert 638: AC_MSG_RESULT(yes)
639: else
640: AC_MSG_RESULT(no)
641: fi
1.1 millert 642:
643: AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir],
1.21 millert 644: [case $with_timedir in
1.1 millert 645: yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
646: ;;
647: no) AC_MSG_ERROR(["--without-timedir not supported."])
648: ;;
649: esac])
650:
651: AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail
652: --without-sendmail do not send mail at all],
1.21 millert 653: [case $with_sendmail in
1.1 millert 654: yes) with_sendmail=""
655: ;;
656: no) ;;
1.7 millert 657: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
1.1 millert 658: ;;
659: esac])
660:
661: AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)],
1.21 millert 662: [case $with_sudoers_mode in
1.1 millert 663: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
664: ;;
665: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
666: ;;
667: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
668: ;;
669: 0*) SUDOERS_MODE=$with_sudoers_mode
670: ;;
1.14 millert 671: *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
1.1 millert 672: ;;
673: esac])
674:
675: AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)],
1.21 millert 676: [case $with_sudoers_uid in
1.1 millert 677: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
678: ;;
679: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
680: ;;
681: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
682: ;;
1.14 millert 683: *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
1.1 millert 684: ;;
685: esac])
686:
687: AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)],
1.21 millert 688: [case $with_sudoers_gid in
1.1 millert 689: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
690: ;;
691: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
692: ;;
693: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
694: ;;
1.14 millert 695: *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
1.1 millert 696: ;;
697: esac])
698:
699: AC_MSG_CHECKING(for umask programs should be run with)
1.7 millert 700: AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022)
1.1 millert 701: --without-umask Preserves the umask of the user invoking sudo.],
1.21 millert 702: [case $with_umask in
1.1 millert 703: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
704: ;;
1.7 millert 705: no) sudo_umask=0777
1.1 millert 706: ;;
1.7 millert 707: [[0-9]]*) sudo_umask=$with_umask
1.1 millert 708: ;;
709: *) AC_MSG_ERROR(["you must enter a numeric mask."])
710: ;;
1.7 millert 711: esac])
712: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
713: if test "$sudo_umask" = "0777"; then
714: AC_MSG_RESULT(user)
715: else
716: AC_MSG_RESULT($sudo_umask)
717: fi
1.1 millert 718:
719: AC_MSG_CHECKING(for default user to run commands as)
1.7 millert 720: AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")],
1.21 millert 721: [case $with_runas_default in
1.1 millert 722: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
723: ;;
724: no) AC_MSG_ERROR(["--without-runas-default not supported."])
725: ;;
1.7 millert 726: *) runas_default="$with_runas_default"
1.1 millert 727: ;;
1.7 millert 728: esac])
729: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
730: AC_MSG_RESULT([$runas_default])
1.1 millert 731:
732: AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group],
1.21 millert 733: [case $with_exempt in
1.1 millert 734: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
735: ;;
736: no) AC_MSG_ERROR(["--without-exempt not supported."])
737: ;;
1.7 millert 738: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
1.1 millert 739: AC_MSG_CHECKING(for group to be exempt from password)
740: AC_MSG_RESULT([$with_exempt])
741: ;;
742: esac])
743:
744: AC_MSG_CHECKING(for editor that visudo should use)
745: AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)],
1.21 millert 746: [case $with_editor in
1.1 millert 747: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
748: ;;
749: no) AC_MSG_ERROR(["--without-editor not supported."])
750: ;;
1.7 millert 751: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
1.1 millert 752: AC_MSG_RESULT([$with_editor])
753: ;;
754: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
755:
756: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
757: AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo],
1.21 millert 758: [case $with_env_editor in
1.7 millert 759: yes) env_editor=on
1.1 millert 760: ;;
1.7 millert 761: no) env_editor=off
1.1 millert 762: ;;
763: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
764: ;;
1.7 millert 765: esac])
766: if test "$env_editor" = "on"; then
1.21 millert 767: AC_DEFINE(ENV_EDITOR)
1.7 millert 768: AC_MSG_RESULT(yes)
769: else
770: AC_MSG_RESULT(no)
771: fi
1.1 millert 772:
773: AC_MSG_CHECKING(number of tries a user gets to enter their password)
774: AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)],
1.21 millert 775: [case $with_passwd_tries in
1.7 millert 776: yes) ;;
1.1 millert 777: no) AC_MSG_ERROR(["--without-editor not supported."])
778: ;;
1.7 millert 779: [[1-9]]*) passwd_tries=$with_passwd_tries
1.1 millert 780: ;;
781: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
782: ;;
1.7 millert 783: esac])
784: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
785: AC_MSG_RESULT($passwd_tries)
1.1 millert 786:
787: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
1.7 millert 788: AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)],
1.21 millert 789: [case $with_timeout in
1.7 millert 790: yes) ;;
791: no) timeout=0
1.1 millert 792: ;;
1.7 millert 793: [[0-9]]*) timeout=$with_timeout
1.1 millert 794: ;;
795: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
796: ;;
1.7 millert 797: esac])
798: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
799: AC_MSG_RESULT($timeout)
1.1 millert 800:
801: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
1.7 millert 802: AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)],
1.21 millert 803: [case $with_password_timeout in
1.7 millert 804: yes) ;;
805: no) password_timeout=0
1.1 millert 806: ;;
1.7 millert 807: [[0-9]]*) password_timeout=$with_password_timeout
1.1 millert 808: ;;
809: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
810: ;;
1.7 millert 811: esac])
812: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
813: AC_MSG_RESULT($password_timeout)
1.1 millert 814:
815: AC_MSG_CHECKING(whether to use per-tty ticket files)
816: AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty],
1.21 millert 817: [case $with_tty_tickets in
1.7 millert 818: yes) tty_tickets=on
1.1 millert 819: ;;
1.7 millert 820: no) tty_tickets=off
1.1 millert 821: ;;
822: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
823: ;;
1.7 millert 824: esac])
825: if test "$tty_tickets" = "on"; then
1.21 millert 826: AC_DEFINE(USE_TTY_TICKETS)
1.7 millert 827: AC_MSG_RESULT(yes)
828: else
829: AC_MSG_RESULT(no)
830: fi
1.1 millert 831:
832: AC_MSG_CHECKING(whether to include insults)
833: AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password],
1.21 millert 834: [case $with_insults in
1.7 millert 835: yes) insults=on
1.1 millert 836: with_classic_insults=yes
837: with_csops_insults=yes
838: ;;
1.7 millert 839: no) insults=off
1.1 millert 840: ;;
841: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
842: ;;
1.7 millert 843: esac])
844: if test "$insults" = "on"; then
1.21 millert 845: AC_DEFINE(USE_INSULTS)
1.7 millert 846: AC_MSG_RESULT(yes)
847: else
848: AC_MSG_RESULT(no)
849: fi
1.1 millert 850:
851: AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets],
1.21 millert 852: [case $with_all_insults in
1.1 millert 853: yes) with_classic_insults=yes
854: with_csops_insults=yes
855: with_hal_insults=yes
856: with_goons_insults=yes
857: ;;
858: no) ;;
859: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
860: ;;
861: esac])
862:
863: AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo],
1.21 millert 864: [case $with_classic_insults in
865: yes) AC_DEFINE(CLASSIC_INSULTS)
1.1 millert 866: ;;
867: no) ;;
868: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
869: ;;
870: esac])
871:
872: AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults],
1.21 millert 873: [case $with_csops_insults in
874: yes) AC_DEFINE(CSOPS_INSULTS)
1.1 millert 875: ;;
876: no) ;;
877: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
878: ;;
879: esac])
880:
881: AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults],
1.21 millert 882: [case $with_hal_insults in
883: yes) AC_DEFINE(HAL_INSULTS)
1.1 millert 884: ;;
885: no) ;;
886: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
887: ;;
888: esac])
889:
1.7 millert 890: AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"],
1.21 millert 891: [case $with_goons_insults in
892: yes) AC_DEFINE(GOONS_INSULTS)
1.1 millert 893: ;;
894: no) ;;
895: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
896: ;;
897: esac])
898:
1.23 millert 899: AC_ARG_WITH(ldap, [ --with-ldap[[=DIR]] enable LDAP support],
1.21 millert 900: [case $with_ldap in
901: no) with_ldap="";;
902: *) AC_DEFINE(HAVE_LDAP)
903: AC_MSG_CHECKING(whether to use sudoers from LDAP)
904: AC_MSG_RESULT(yes)
905: ;;
906: esac])
907: AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file],
908: [AC_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "$with_ldap_conf_file", [Path to the ldap.conf file])])
1.23 millert 909: AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP secret pasdword file],
910: [AC_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$with_ldap_secret_file", [Path to the ldap.secret file])])
1.21 millert 911:
912: AC_ARG_WITH(pc-insults, [ --with-pc-insults replace politically incorrect insults with less offensive ones],
913: [case $with_pc_insults in
914: yes) AC_DEFINE(PC_INSULTS)
915: ;;
916: no) ;;
917: *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."])
918: ;;
919: esac])
920:
1.1 millert 921: dnl include all insult sets on one line
1.7 millert 922: if test "$insults" = "on"; then
1.1 millert 923: AC_MSG_CHECKING(which insult sets to include)
924: i=""
925: test "$with_goons_insults" = "yes" && i="goons ${i}"
926: test "$with_hal_insults" = "yes" && i="hal ${i}"
927: test "$with_csops_insults" = "yes" && i="csops ${i}"
928: test "$with_classic_insults" = "yes" && i="classic ${i}"
929: AC_MSG_RESULT([$i])
930: fi
931:
932: AC_MSG_CHECKING(whether to override the user's path)
1.18 millert 933: AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a built-in one],
1.21 millert 934: [case $with_secure_path in
935: yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc")
1.1 millert 936: AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc])
937: ;;
938: no) AC_MSG_RESULT(no)
939: ;;
940: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
941: AC_MSG_RESULT([$with_secure_path])
942: ;;
943: esac], AC_MSG_RESULT(no))
944:
945: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
946: AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces],
1.21 millert 947: [case $with_interfaces in
1.1 millert 948: yes) AC_MSG_RESULT(yes)
949: ;;
1.21 millert 950: no) AC_DEFINE(STUB_LOAD_INTERFACES)
1.1 millert 951: AC_MSG_RESULT(no)
952: ;;
953: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
954: ;;
955: esac], AC_MSG_RESULT(yes))
956:
1.14 millert 957: AC_MSG_CHECKING(whether stow should be used)
958: AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging],
959: [case $with_stow in
960: yes) AC_MSG_RESULT(yes)
1.21 millert 961: AC_DEFINE(USE_STOW)
1.14 millert 962: ;;
963: no) AC_MSG_RESULT(no)
964: ;;
965: *) AC_MSG_ERROR(["--with-stow does not take an argument."])
966: ;;
967: esac], AC_MSG_RESULT(no))
968:
1.1 millert 969: dnl
970: dnl Options for --enable
971: dnl
972:
973: AC_MSG_CHECKING(whether to do user authentication by default)
974: AC_ARG_ENABLE(authentication,
975: [ --disable-authentication
976: Do not require authentication by default],
977: [ case "$enableval" in
978: yes) AC_MSG_RESULT(yes)
979: ;;
980: no) AC_MSG_RESULT(no)
1.21 millert 981: AC_DEFINE(NO_AUTHENTICATION)
1.1 millert 982: ;;
983: *) AC_MSG_RESULT(no)
1.15 millert 984: AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1.1 millert 985: ;;
986: esac
987: ], AC_MSG_RESULT(yes))
1.9 millert 988:
1.10 millert 989: AC_MSG_CHECKING(whether to disable running the mailer as root)
990: AC_ARG_ENABLE(root-mailer,
991: [ --disable-root-mailer Don't run the mailer as root, run as the user],
992: [ case "$enableval" in
993: yes) AC_MSG_RESULT(no)
994: ;;
995: no) AC_MSG_RESULT(yes)
1.21 millert 996: AC_DEFINE(NO_ROOT_MAILER)
1.10 millert 997: ;;
998: *) AC_MSG_RESULT(no)
1.15 millert 999: AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1.10 millert 1000: ;;
1001: esac
1002: ], AC_MSG_RESULT(no))
1003:
1.11 millert 1004: AC_ARG_ENABLE(setreuid,
1005: [ --disable-setreuid Don't try to use the setreuid() function],
1006: [ case "$enableval" in
1.14 millert 1007: no) SKIP_SETREUID=yes
1008: ;;
1009: *) ;;
1010: esac
1011: ])
1012:
1013: AC_ARG_ENABLE(setresuid,
1.23 millert 1014: [ --disable-setresuid Don't try to use the setresuid() function],
1.14 millert 1015: [ case "$enableval" in
1016: no) SKIP_SETRESUID=yes
1.11 millert 1017: ;;
1018: *) ;;
1019: esac
1020: ])
1021:
1.1 millert 1022: AC_MSG_CHECKING(whether to disable shadow password support)
1023: AC_ARG_ENABLE(shadow,
1024: [ --disable-shadow Never use shadow passwords],
1025: [ case "$enableval" in
1026: yes) AC_MSG_RESULT(no)
1027: ;;
1028: no) AC_MSG_RESULT(yes)
1029: CHECKSHADOW="false"
1030: ;;
1031: *) AC_MSG_RESULT(no)
1.15 millert 1032: AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1.1 millert 1033: ;;
1034: esac
1035: ], AC_MSG_RESULT(no))
1036:
1037: AC_MSG_CHECKING(whether root should be allowed to use sudo)
1038: AC_ARG_ENABLE(root-sudo,
1.10 millert 1039: [ --disable-root-sudo Don't allow root to run sudo],
1.21 millert 1040: [ case "$enableval" in
1.1 millert 1041: yes) AC_MSG_RESULT(yes)
1042: ;;
1.21 millert 1043: no) AC_DEFINE(NO_ROOT_SUDO)
1.1 millert 1044: AC_MSG_RESULT(no)
1.21 millert 1045: root_sudo=off
1.1 millert 1046: ;;
1047: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1048: ;;
1049: esac
1050: ], AC_MSG_RESULT(yes))
1051:
1052: AC_MSG_CHECKING(whether to log the hostname in the log file)
1053: AC_ARG_ENABLE(log-host,
1054: [ --enable-log-host Log the hostname in the log file],
1055: [ case "$enableval" in
1056: yes) AC_MSG_RESULT(yes)
1.21 millert 1057: AC_DEFINE(HOST_IN_LOG)
1.1 millert 1058: ;;
1059: no) AC_MSG_RESULT(no)
1060: ;;
1061: *) AC_MSG_RESULT(no)
1.15 millert 1062: AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1.1 millert 1063: ;;
1064: esac
1065: ], AC_MSG_RESULT(no))
1066:
1067: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1068: AC_ARG_ENABLE(noargs-shell,
1069: [ --enable-noargs-shell If sudo is given no arguments run a shell],
1070: [ case "$enableval" in
1071: yes) AC_MSG_RESULT(yes)
1.21 millert 1072: AC_DEFINE(SHELL_IF_NO_ARGS)
1.1 millert 1073: ;;
1074: no) AC_MSG_RESULT(no)
1075: ;;
1076: *) AC_MSG_RESULT(no)
1.15 millert 1077: AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1.1 millert 1078: ;;
1079: esac
1080: ], AC_MSG_RESULT(no))
1081:
1082: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1083: AC_ARG_ENABLE(shell-sets-home,
1084: [ --enable-shell-sets-home
1.7 millert 1085: set $HOME to target user in shell mode],
1.1 millert 1086: [ case "$enableval" in
1087: yes) AC_MSG_RESULT(yes)
1.21 millert 1088: AC_DEFINE(SHELL_SETS_HOME)
1.1 millert 1089: ;;
1090: no) AC_MSG_RESULT(no)
1091: ;;
1092: *) AC_MSG_RESULT(no)
1.15 millert 1093: AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1.1 millert 1094: ;;
1095: esac
1096: ], AC_MSG_RESULT(no))
1097:
1098: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1099: AC_ARG_ENABLE(path_info,
1100: [ --disable-path-info Print 'command not allowed' not 'command not found'],
1101: [ case "$enableval" in
1102: yes) AC_MSG_RESULT(no)
1103: ;;
1104: no) AC_MSG_RESULT(yes)
1.21 millert 1105: AC_DEFINE(DONT_LEAK_PATH_INFO)
1.23 millert 1106: path_info=off
1.1 millert 1107: ;;
1108: *) AC_MSG_RESULT(no)
1.15 millert 1109: AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1.1 millert 1110: ;;
1111: esac
1112: ], AC_MSG_RESULT(no))
1113:
1114: dnl
1115: dnl If we don't have egrep we can't do anything...
1116: dnl
1.23 millert 1117: AC_CHECK_PROG(EGREPPROG, egrep, egrep)
1.1 millert 1118: if test -z "$EGREPPROG"; then
1.15 millert 1119: AC_MSG_ERROR([Sorry, configure requires egrep to run.])
1.1 millert 1120: fi
1121:
1122: dnl
1.7 millert 1123: dnl Prevent configure from adding the -g flag unless in devel mode
1124: dnl
1125: if test "$with_devel" != "yes"; then
1126: ac_cv_prog_cc_g=no
1127: fi
1128:
1129: dnl
1.1 millert 1130: dnl C compiler checks
1131: dnl
1.7 millert 1132: AC_ISC_POSIX
1.1 millert 1133: AC_PROG_CPP
1134:
1135: dnl
1.21 millert 1136: dnl Libtool magic; enable shared libs and disable static libs
1.23 millert 1137: dnl XXX - disable static, require shared
1.21 millert 1138: dnl
1139: AC_CANONICAL_HOST
1.23 millert 1140: AC_CANONICAL_TARGET([])
1141: LT_PREREQ([1.9f])
1142: LT_INIT([disable-static])
1.21 millert 1143:
1144: dnl
1145: dnl Defer with_noexec until after libtool magic runs
1146: dnl
1147: if test "$enable_shared" = "no"; then
1148: with_noexec=no
1149: else
1.24 ! millert 1150: eval _shrext="$shrext_cmds"
1.21 millert 1151: fi
1152: AC_MSG_CHECKING(path to sudo_noexec.so)
1.23 millert 1153: AC_ARG_WITH(noexec, [ --with-noexec[=PATH] fully qualified pathname of sudo_noexec.so],
1.21 millert 1154: [case $with_noexec in
1155: yes) with_noexec="$libexecdir/sudo_noexec$_shrext"
1156: ;;
1157: no) ;;
1158: *) ;;
1159: esac], [with_noexec="$libexecdir/sudo_noexec$_shrext"])
1160: AC_MSG_RESULT($with_noexec)
1161: NOEXECDIR="`echo $with_noexec|sed 's:^\(.*\)/[[^/]]*:\1:'`"
1162:
1163: dnl
1.1 millert 1164: dnl It is now safe to modify CFLAGS and CPPFLAGS
1165: dnl
1166: if test "$with_devel" = "yes" -a -n "$GCC"; then
1167: CFLAGS="${CFLAGS} -Wall"
1168: fi
1169:
1170: dnl
1171: dnl Find programs we use
1172: dnl
1.23 millert 1173: AC_CHECK_PROG(UNAMEPROG, uname, uname)
1174: AC_CHECK_PROG(TRPROG, tr, tr)
1175: AC_CHECK_PROG(NROFFPROG, nroff, nroff)
1.1 millert 1176: if test -z "$NROFFPROG"; then
1177: MANTYPE="cat"
1.5 millert 1178: mansrcdir='$(srcdir)'
1.1 millert 1179: fi
1180:
1181: dnl
1182: dnl What kind of beastie are we being run on?
1183: dnl Barf if config.cache was generated on another host.
1184: dnl
1185: if test -n "$sudo_cv_prev_host"; then
1186: if test "$sudo_cv_prev_host" != "$host"; then
1.15 millert 1187: AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1.1 millert 1188: else
1189: AC_MSG_CHECKING(previous host type)
1190: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1.15 millert 1191: AC_MSG_RESULT([$sudo_cv_prev_host])
1.1 millert 1192: fi
1193: else
1194: # this will produce no output since there is no cached value
1195: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1196: fi
1197:
1198: dnl
1199: dnl We want to be able to differentiate between different rev's
1200: dnl
1201: if test -n "$host_os"; then
1202: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1.23 millert 1203: OSREV=`echo $host_os | sed 's/^[[^0-9\.]]*\([[0-9\.]]*\).*$/\1/'`
1204: OSMAJOR=`echo $OSREV | sed 's/\..*$//'`
1.1 millert 1205: else
1206: OS="unknown"
1207: OSREV=0
1.23 millert 1208: OSMAJOR=0
1.1 millert 1209: fi
1210:
1211: case "$host" in
1212: *-*-sunos4*)
1213: # getcwd(3) opens a pipe to getpwd(1)!?!
1214: BROKEN_GETCWD=1
1215:
1216: # system headers lack prototypes but gcc helps...
1217: if test -n "$GCC"; then
1.23 millert 1218: OSDEFS="${OSDEFS} -D__USE_FIXED_PROTOTYPES__"
1.1 millert 1219: fi
1220:
1.23 millert 1221: shadow_funcs="getpwanam issecure"
1.1 millert 1222: ;;
1223: *-*-solaris2*)
1224: # To get the crypt(3) prototype (so we pass -Wall)
1.23 millert 1225: OSDEFS="${OSDEFS} -D__EXTENSIONS__"
1.1 millert 1226: # AFS support needs -lucb
1227: if test "$with_AFS" = "yes"; then
1228: AFS_LIBS="-lc -lucb"
1229: fi
1.23 millert 1230: : ${mansectsu='1m'}
1231: : ${mansectform='4'}
1232: : ${with_rpath='yes'}
1233: : ${with_pam='maybe'}
1.1 millert 1234: ;;
1235: *-*-aix*)
1236: # To get all prototypes (so we pass -Wall)
1.23 millert 1237: OSDEFS="${OSDEFS} -D_XOPEN_EXTENDED_SOURCE -D_ALL_SOURCE"
1.1 millert 1238: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1.15 millert 1239: if test X"$with_blibpath" != X"no"; then
1240: AC_MSG_CHECKING([if linker accepts -Wl,-blibpath])
1241: O_LDFLAGS="$LDFLAGS"
1.23 millert 1242: LDFLAGS="$O_LDFLAGS -Wl,-blibpath:/usr/lib:/lib"
1243: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], [
1.15 millert 1244: if test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
1245: blibpath="$with_blibpath"
1246: elif test -n "$GCC"; then
1247: blibpath="/usr/lib:/lib:/usr/local/lib"
1248: else
1249: blibpath="/usr/lib:/lib"
1250: fi
1251: AC_MSG_RESULT(yes)
1252: ], [AC_MSG_RESULT(no)])
1253: fi
1254: LDFLAGS="$O_LDFLAGS"
1.23 millert 1255:
1256: # check for authenticate(3)
1257: if test X"$with_aixauth" = X""; then
1258: AC_CHECK_FUNCS(authenticate, [with_aixauth=maybe])
1259: fi
1.1 millert 1260: ;;
1261: *-*-hiuxmpp*)
1.23 millert 1262: : ${mansectsu='1m'}
1263: : ${mansectform='4'}
1.1 millert 1264: ;;
1.21 millert 1265: *-*-hpux*)
1.1 millert 1266: # AFS support needs -lBSD
1267: if test "$with_AFS" = "yes"; then
1268: AFS_LIBS="-lc -lBSD"
1269: fi
1.23 millert 1270: : ${mansectsu='1m'}
1271: : ${mansectform='4'}
1.1 millert 1272:
1.21 millert 1273: case "$host" in
1274: *-*-hpux[1-8].*)
1275: AC_DEFINE(BROKEN_SYSLOG)
1276:
1277: # Not sure if setuid binaries are safe in < 9.x
1278: if test -n "$GCC"; then
1279: SUDO_LDFLAGS="${SUDO_LDFLAGS} -static"
1280: else
1281: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive"
1282: fi
1283: ;;
1284: *-*-hpux9.*)
1285: AC_DEFINE(BROKEN_SYSLOG)
1286:
1.23 millert 1287: shadow_funcs="getspwuid"
1.21 millert 1288:
1289: # DCE support (requires ANSI C compiler)
1290: if test "$with_DCE" = "yes"; then
1291: # order of libs in 9.X is important. -lc_r must be last
1292: SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r"
1293: LIBS="${LIBS} -ldce -lM -lc_r"
1294: CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1295: fi
1296: ;;
1297: *-*-hpux10.*)
1.23 millert 1298: shadow_funcs="getprpwnam iscomsec"
1299: shadow_libs="-lsec"
1.21 millert 1300: ;;
1301: *)
1.23 millert 1302: shadow_funcs="getspnam iscomsec"
1303: shadow_libs="-lsec"
1304: : ${with_pam='maybe'}
1.21 millert 1305: ;;
1306: esac
1.1 millert 1307: ;;
1308: *-dec-osf*)
1309: # ignore envariables wrt dynamic lib path
1310: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement"
1311:
1312: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1313: AC_ARG_ENABLE(sia,
1314: [ --disable-sia Never use SIA on Digital UNIX],
1315: [ case "$enableval" in
1316: yes) AC_MSG_RESULT(no)
1317: ;;
1318: no) AC_MSG_RESULT(yes)
1319: CHECKSIA=false
1320: ;;
1321: *) AC_MSG_RESULT(no)
1.15 millert 1322: AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1.1 millert 1323: ;;
1324: esac
1325: ], AC_MSG_RESULT(no))
1326:
1.23 millert 1327: shadow_funcs="getprpwnam dispcrypt"
1328: # OSF/1 4.x and higher need -ldb too
1329: if test $OSMAJOR -lt 4; then
1330: shadow_libs="-lsecurity -laud -lm"
1331: else
1332: shadow_libs="-lsecurity -ldb -laud -lm"
1333: fi
1334:
1335: # use SIA by default, if we have it
1.1 millert 1336: if test "$CHECKSIA" = "true"; then
1.23 millert 1337: AC_CHECK_FUNCS(sia_ses_init, [found=true], [found=false])
1338: if test "$found" = "true"; then
1339: SUDO_ADD_AUTH([SIA], [sia.o], [true])
1340: CHECKSHADOW=false
1341: fi
1.1 millert 1342: fi
1343: if test "$CHECKSHADOW" = "true"; then
1.23 millert 1344: # prot.h is included when using shadow passwords
1345: AC_MSG_CHECKING([for broken prot.h])
1346: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1.1 millert 1347: #include <sys/types.h>
1348: #include <sys/security.h>
1349: #include <prot.h>
1.23 millert 1350: ]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
1.1 millert 1351: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1352: ])
1353: fi
1.23 millert 1354: : ${mansectsu='8'}
1355: : ${mansectform='4'}
1.1 millert 1356: ;;
1357: *-*-irix*)
1.23 millert 1358: OSDEFS="${OSDEFS} -D_BSD_TYPES"
1.1 millert 1359: if test -z "$NROFFPROG"; then
1.14 millert 1360: MAN_POSTINSTALL=' /bin/rm -f $(mandirsu)/sudo.$(mansectsu).z $(mandirsu)/visudo.$(mansectsu).z $(mandirform)/sudoers.$(mansectform).z ; /usr/bin/pack $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform)'
1.1 millert 1361: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1362: if test -d /usr/share/catman/local; then
1363: mandir="/usr/share/catman/local"
1364: else
1365: mandir="/usr/catman/local"
1366: fi
1367: fi
1368: else
1369: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1370: if test -d "/usr/share/man/local"; then
1371: mandir="/usr/share/man/local"
1372: else
1373: mandir="/usr/man/local"
1374: fi
1375: fi
1376: fi
1377: # IRIX <= 4 needs -lsun
1.23 millert 1378: if test "$OSMAJOR" -le 4; then
1.1 millert 1379: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1380: fi
1.23 millert 1381: : ${mansectsu='1m'}
1382: : ${mansectform='4'}
1.1 millert 1383: ;;
1384: *-*-linux*)
1.23 millert 1385: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1.1 millert 1386: # Some Linux versions need to link with -lshadow
1.23 millert 1387: shadow_funcs="getspnam"
1388: shadow_libs_optional="-lshadow"
1389: : ${with_pam='maybe'}
1.1 millert 1390: ;;
1391: *-convex-bsd*)
1.23 millert 1392: OSDEFS="${OSDEFS} -D_CONVEX_SOURCE"
1.1 millert 1393: if test -z "$GCC"; then
1394: CFLAGS="${CFLAGS} -D__STDC__"
1395: fi
1396:
1.23 millert 1397: shadow_defs="-D_AUDIT -D_ACL -DSecureWare"
1398: shadow_funcs="getprpwnam"
1399: shadow_libs="-lprot"
1.1 millert 1400: ;;
1401: *-*-ultrix*)
1402: OS="ultrix"
1.23 millert 1403: shadow_funcs="getauthuid"
1404: shadow_libs="-lauth"
1.1 millert 1405: ;;
1406: *-*-riscos*)
1407: LIBS="${LIBS} -lsun -lbsd"
1408: CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1409: OSDEFS="${OSDEFS} -D_MIPS"
1.23 millert 1410: : ${mansectsu='1m'}
1411: : ${mansectform='4'}
1.1 millert 1412: ;;
1413: *-*-isc*)
1414: OSDEFS="${OSDEFS} -D_ISC"
1415: LIB_CRYPT=1
1416: SUDO_LIBS="${SUDO_LIBS} -lcrypt"
1417: LIBS="${LIBS} -lcrypt"
1418:
1.23 millert 1419: shadow_funcs="getspnam"
1420: shadow_libs="-lsec"
1421:
1422: : ${mansectsu='1m'}
1423: : ${mansectform='4'}
1.1 millert 1424: ;;
1.7 millert 1425: *-*-sco*|*-sco-*)
1.23 millert 1426: shadow_funcs="getprpwnam"
1427: shadow_libs="-lprot -lx"
1428: : ${mansectsu='1m'}
1429: : ${mansectform='4'}
1.8 millert 1430: ;;
1431: m88k-motorola-sysv*)
1432: # motorolla's cc (a variant of gcc) does -O but not -O2
1433: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1.23 millert 1434: : ${mansectsu='1m'}
1435: : ${mansectform='4'}
1.1 millert 1436: ;;
1437: *-sequent-sysv*)
1.23 millert 1438: shadow_funcs="getspnam"
1439: shadow_libs="-lsec"
1440: : ${mansectsu='1m'}
1441: : ${mansectform='4'}
1442: : ${with_rpath='yes'}
1.7 millert 1443: ;;
1444: *-ncr-sysv4*|*-ncr-sysvr4*)
1445: AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
1.23 millert 1446: : ${mansectsu='1m'}
1447: : ${mansectform='4'}
1448: : ${with_rpath='yes'}
1.1 millert 1449: ;;
1.7 millert 1450: *-ccur-sysv4*|*-ccur-sysvr4*)
1.1 millert 1451: LIBS="${LIBS} -lgen"
1452: SUDO_LIBS="${SUDO_LIBS} -lgen"
1.23 millert 1453: : ${mansectsu='1m'}
1454: : ${mansectform='4'}
1455: : ${with_rpath='yes'}
1.1 millert 1456: ;;
1457: *-*-bsdi*)
1.14 millert 1458: SKIP_SETREUID=yes
1.5 millert 1459: # Use shlicc for BSD/OS [23].x unless asked to do otherwise
1460: if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
1.23 millert 1461: case "$OSMAJOR" in
1.15 millert 1462: 2|3) AC_MSG_NOTICE([using shlicc as CC])
1.5 millert 1463: ac_cv_prog_CC=shlicc
1464: CC="$ac_cv_prog_CC"
1465: ;;
1466: esac
1467: fi
1.23 millert 1468: # Check for newer BSD auth API (just check for >= 3.0?)
1469: if test -z "$with_bsdauth"; then
1470: AC_CHECK_FUNCS(auth_challenge, [with_bsdauth=maybe])
1471: fi
1.5 millert 1472: ;;
1473: *-*-freebsd*)
1.11 millert 1474: # FreeBSD has a real setreuid(2) starting with 2.1 and
1475: # backported to 2.0.5. We just take 2.1 and above...
1.23 millert 1476: case "$OSREV" in
1.11 millert 1477: 0.*|1.*|2.0*)
1.14 millert 1478: SKIP_SETREUID=yes
1.11 millert 1479: ;;
1480: esac
1.5 millert 1481: if test "$with_skey" = "yes"; then
1482: SUDO_LIBS="${SUDO_LIBS} -lmd"
1483: fi
1484: if test "$CHECKSHADOW" = "true"; then
1485: CHECKSHADOW="false"
1.1 millert 1486: fi
1.23 millert 1487: : ${with_pam='maybe'}
1488: : ${with_logincap='maybe'}
1.1 millert 1489: ;;
1.7 millert 1490: *-*-*openbsd*)
1.23 millert 1491: # OpenBSD has a real setreuid(2) starting with 3.3 but
1492: # we will use setreuid(2) instead.
1.14 millert 1493: SKIP_SETREUID=yes
1.7 millert 1494: if test "$CHECKSHADOW" = "true"; then
1495: CHECKSHADOW="false"
1496: fi
1.23 millert 1497: # OpenBSD >= 3.0 supports BSD auth
1498: if test -z "$with_bsdauth"; then
1499: case "$OSREV" in
1500: [0-2].*)
1501: ;;
1502: *)
1503: with_bsdauth=maybe
1504: ;;
1505: esac
1506: fi
1507: : ${with_logincap='maybe'}
1.7 millert 1508: ;;
1509: *-*-*netbsd*)
1.11 millert 1510: # NetBSD has a real setreuid(2) starting with 1.3.2
1.23 millert 1511: case "$OSREV" in
1.11 millert 1512: 0.9*|1.[012]*|1.3|1.3.1)
1.14 millert 1513: SKIP_SETREUID=yes
1.11 millert 1514: ;;
1515: esac
1.7 millert 1516: if test "$CHECKSHADOW" = "true"; then
1517: CHECKSHADOW="false"
1518: fi
1.23 millert 1519: : ${with_logincap='maybe'}
1520: dnl future versions of NetBSD (> 2.0) may include pam
1521: : ${with_pam='maybe'}
1522: ;;
1523: *-*-dragonfly*)
1524: if test "$with_skey" = "yes"; then
1525: SUDO_LIBS="${SUDO_LIBS} -lmd"
1526: fi
1527: if test "$CHECKSHADOW" = "true"; then
1528: CHECKSHADOW="false"
1529: fi
1530: : ${with_pam='yes'}
1531: : ${with_logincap='yes'}
1.7 millert 1532: ;;
1.1 millert 1533: *-*-*bsd*)
1.19 millert 1534: if test "$CHECKSHADOW" = "true"; then
1535: CHECKSHADOW="false"
1536: fi
1537: ;;
1538: *-*-darwin*)
1539: SKIP_SETREUID=yes
1.1 millert 1540: if test "$CHECKSHADOW" = "true"; then
1541: CHECKSHADOW="false"
1542: fi
1.23 millert 1543: : ${with_pam='yes'}
1544: : ${with_logincap='yes'}
1.1 millert 1545: ;;
1.7 millert 1546: *-*-nextstep*)
1547: # lockf() on is broken on the NeXT -- use flock instead
1548: ac_cv_func_lockf=no
1549: ac_cv_func_flock=yes
1550: ;;
1.15 millert 1551: *-*-*sysv4*)
1.23 millert 1552: : ${mansectsu='1m'}
1553: : ${mansectform='4'}
1554: : ${with_rpath='yes'}
1.15 millert 1555: ;;
1.5 millert 1556: *-*-sysv*)
1.23 millert 1557: : ${mansectsu='1m'}
1558: : ${mansectform='4'}
1559: ;;
1560: *-gnu*)
1561: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1.5 millert 1562: ;;
1.1 millert 1563: esac
1564:
1565: dnl
1.5 millert 1566: dnl Use BSD-style man sections by default
1567: dnl
1.23 millert 1568: : ${mansectsu='8'}
1569: : ${mansectform='5'}
1.5 millert 1570:
1571: dnl
1.15 millert 1572: dnl Add in any libpaths or libraries specified via configure
1573: dnl
1574: if test -n "$with_libpath"; then
1575: for i in ${with_libpath}; do
1576: SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
1577: done
1578: fi
1579: if test -n "$with_libraries"; then
1580: for i in ${with_libraries}; do
1581: case $i in
1582: -l*) ;;
1583: *.a) ;;
1584: *.o) ;;
1585: *) i="-l${i}";;
1586: esac
1587: LIBS="${LIBS} ${i}"
1588: done
1589: fi
1590:
1591: dnl
1.1 millert 1592: dnl C compiler checks (to be done after os checks)
1593: dnl
1594: AC_PROG_GCC_TRADITIONAL
1595: AC_C_CONST
1.7 millert 1596: AC_C_VOLATILE
1.1 millert 1597: dnl
1598: dnl Program checks
1599: dnl
1600: AC_PROG_YACC
1.7 millert 1601: SUDO_PROG_MV
1602: SUDO_PROG_BSHELL
1.1 millert 1603: if test -z "$with_sendmail"; then
1604: SUDO_PROG_SENDMAIL
1605: fi
1.7 millert 1606: if test -z "$with_editor"; then
1607: SUDO_PROG_VI
1608: fi
1.1 millert 1609: dnl
1610: dnl Header file checks
1611: dnl
1612: AC_HEADER_STDC
1613: AC_HEADER_DIRENT
1.23 millert 1614: AC_HEADER_TIME
1.7 millert 1615: AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h)
1.23 millert 1616: AC_CHECK_HEADERS([err.h], [], [AC_LIBOBJ(err)])
1.1 millert 1617: dnl ultrix termio/termios are broken
1618: if test "$OS" != "ultrix"; then
1.7 millert 1619: AC_SYS_POSIX_TERMIOS
1620: if test "$ac_cv_sys_posix_termios" = "yes"; then
1.21 millert 1621: AC_DEFINE(HAVE_TERMIOS_H)
1.7 millert 1622: else
1623: AC_CHECK_HEADERS(termio.h)
1624: fi
1.1 millert 1625: fi
1.23 millert 1626: if test ${with_logincap-'no'} != "no"; then
1.6 millert 1627: AC_CHECK_HEADERS(login_cap.h)
1628: fi
1.23 millert 1629: if test ${with_project-'no'} != "no"; then
1630: AC_CHECK_HEADER(project.h, AC_DEFINE(HAVE_PROJECT_H)
1631: [SUDO_LIBS="${SUDO_LIBS} -lproject"], -)
1.6 millert 1632: fi
1.1 millert 1633: dnl
1634: dnl typedef checks
1635: dnl
1636: AC_TYPE_MODE_T
1637: AC_TYPE_UID_T
1.21 millert 1638: AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int)], [#include <sys/types.h>
1.7 millert 1639: #include <signal.h>])
1.23 millert 1640: AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T)], [], [#include <sys/types.h>
1.7 millert 1641: #include <signal.h>])
1.23 millert 1642: AC_CHECK_TYPE([struct timespec], [AC_DEFINE(HAVE_TIMESPEC)], [], [#include <sys/types.h>
1643: #if TIME_WITH_SYS_TIME
1644: # include <sys/time.h>
1645: # include <time.h>
1646: #else
1647: # include <sys/time.h>
1648: #endif])
1.1 millert 1649: SUDO_TYPE_SIZE_T
1650: SUDO_TYPE_SSIZE_T
1651: SUDO_TYPE_DEV_T
1652: SUDO_TYPE_INO_T
1653: SUDO_FULL_VOID
1654: SUDO_UID_T_LEN
1.23 millert 1655: SUDO_TYPE_LONG_LONG
1.1 millert 1656: SUDO_SOCK_SA_LEN
1657: dnl
1658: dnl only set RETSIGTYPE if it is not set already
1659: dnl
1660: case "$DEFS" in
1661: *"RETSIGTYPE"*) ;;
1662: *) AC_TYPE_SIGNAL;;
1663: esac
1664: dnl
1665: dnl Function checks
1666: dnl
1.7 millert 1667: AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
1.23 millert 1668: strftime setrlimit initgroups getgroups fstat gettimeofday \
1.24 ! millert 1669: setlocale getaddrinfo)
1.14 millert 1670: if test -z "$SKIP_SETRESUID"; then
1671: AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes])
1672: fi
1673: if test -z "$SKIP_SETREUID"; then
1.23 millert 1674: AC_CHECK_FUNCS(setreuid, [SKIP_SETEUID=yes])
1675: fi
1676: if test -z "$SKIP_SETEUID"; then
1677: AC_CHECK_FUNCS(seteuid)
1.7 millert 1678: fi
1679: if test X"$with_interfaces" != X"no"; then
1.14 millert 1680: AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
1.7 millert 1681: fi
1.1 millert 1682: if test -z "$BROKEN_GETCWD"; then
1.7 millert 1683: AC_REPLACE_FUNCS(getcwd)
1.1 millert 1684: fi
1.23 millert 1685: AC_CHECK_FUNCS(glob, [AC_MSG_CHECKING(for GLOB_BRACE and GLOB_TILDE in glob.h)
1686: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <glob.h>]], [[int i = GLOB_BRACE | GLOB_TILDE; (void)i;]])], [AC_DEFINE(HAVE_EXTENDED_GLOB)
1687: AC_MSG_RESULT(yes)], [AC_LIBOBJ(glob)
1688: AC_MSG_RESULT(no)])], [AC_LIBOBJ(glob)])
1.7 millert 1689: AC_CHECK_FUNCS(lockf flock, [break])
1690: AC_CHECK_FUNCS(waitpid wait3, [break])
1.14 millert 1691: AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
1.23 millert 1692: AC_CHECK_FUNCS(lsearch, [], [AC_CHECK_LIB([compat], [lsearch], [AC_CHECK_HEADER([search.h], [AC_DEFINE(HAVE_LSEARCH)] [LIBS="${LIBS} -lcompat"], [AC_LIBOBJ(lsearch)], -)], [AC_LIBOBJ(lsearch)])])
1.21 millert 1693: AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
1.23 millert 1694: SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH)], [AC_LIBOBJ(fnmatch)])
1.7 millert 1695: SUDO_FUNC_ISBLANK
1.23 millert 1696: AC_REPLACE_FUNCS(memrchr strerror strcasecmp sigaction strlcpy strlcat)
1697: AC_CHECK_FUNCS(closefrom, [], [AC_LIBOBJ(closefrom)
1698: AC_CHECK_DECL(F_CLOSEM, AC_DEFINE(HAVE_FCNTL_CLOSEM), [],
1699: [ #include <limits.h>
1700: #include <fcntl.h> ])
1701: ])
1702: AC_CHECK_FUNCS(mkstemp, [], [SUDO_OBJS="${SUDO_OBJS} mkstemp.o"
1703: AC_CHECK_FUNCS(random lrand48, [break])
1704: ])
1.7 millert 1705: AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
1.22 millert 1706: if test X"$ac_cv_type_struct_timespec" != X"no"; then
1707: AC_CHECK_MEMBER([struct stat.st_mtim], AC_DEFINE(HAVE_ST_MTIM), [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
1708: AC_MSG_CHECKING([for two-parameter timespecsub])
1.23 millert 1709: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1710: #include <sys/time.h>]], [[struct timespec ts1, ts2;
1.22 millert 1711: ts1.tv_sec = 1; ts1.tv_nsec = 0; ts2.tv_sec = 0; ts2.tv_nsec = 0;
1712: #ifndef timespecsub
1713: #error missing timespecsub
1714: #endif
1.23 millert 1715: timespecsub(&ts1, &ts2);]])], [AC_DEFINE(HAVE_TIMESPECSUB2)
1716: AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no)])
1.22 millert 1717: fi
1.21 millert 1718: dnl
1719: dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR.
1720: dnl
1.23 millert 1721: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1722: #include <$ac_header_dirent>]], [[DIR d; (void)dirfd(&d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_TRY_LINK([#include <sys/types.h>
1.24 ! millert 1723: #include <$ac_header_dirent>], [DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);], [AC_DEFINE(HAVE_DD_FD)])])
1.1 millert 1724: dnl
1725: dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
1726: dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
1727: dnl
1728: if test -n "$NEED_SNPRINTF"; then
1.7 millert 1729: AC_LIBOBJ(snprintf)
1.1 millert 1730: fi
1731: dnl
1732: dnl if crypt(3) not in libc, look elsewhere
1733: dnl
1.21 millert 1734: if test -z "$LIB_CRYPT" -a "$with_pam" != "yes"; then
1.7 millert 1735: AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))])
1.1 millert 1736: fi
1737: dnl
1738: dnl If socket(2) not in libc, check -lsocket and -linet
1739: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1740: dnl In this case we look for main(), not socket() to avoid using a cached value
1741: dnl
1.7 millert 1742: AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
1743: AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
1.1 millert 1744: dnl
1745: dnl If inet_addr(3) not in libc, check -lnsl and -linet
1746: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1747: dnl
1.7 millert 1748: AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
1749: AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
1.1 millert 1750: dnl
1751: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
1752: dnl
1.7 millert 1753: AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
1.1 millert 1754: dnl
1755: dnl Bison and DCE use alloca(3), if not in libc, use the sudo one (from gcc)
1756: dnl (gcc includes its own alloca(3) but other compilers may not)
1757: dnl
1758: if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then
1759: AC_FUNC_ALLOCA
1760: fi
1.16 millert 1761: dnl
1762: dnl Check for getprogname() or __progname
1763: dnl
1764: AC_CHECK_FUNCS(getprogname, , [
1765: AC_MSG_CHECKING([for __progname])
1766: AC_CACHE_VAL(sudo_cv___progname, [
1.23 millert 1767: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern char *__progname; (void)puts(__progname);]])], [sudo_cv___progname=yes], [sudo_cv___progname=no])])
1.16 millert 1768: if test "$sudo_cv___progname" = "yes"; then
1.21 millert 1769: AC_DEFINE(HAVE___PROGNAME)
1.16 millert 1770: else
1771: AC_LIBOBJ(getprogname)
1772: fi
1773: AC_MSG_RESULT($sudo_cv___progname)
1774: ])
1.1 millert 1775: dnl
1.15 millert 1776: dnl Kerberos IV
1.1 millert 1777: dnl
1.15 millert 1778: if test -n "$with_kerb4"; then
1.21 millert 1779: AC_DEFINE(HAVE_KERB4)
1.15 millert 1780: dnl
1781: dnl Use the specified directory, if any, else search for correct inc dir
1782: dnl
1783: O_LDFLAGS="$LDFLAGS"
1784: if test "$with_kerb4" = "yes"; then
1785: found=no
1786: O_CPPFLAGS="$CPPFLAGS"
1787: for dir in "" "kerberosIV/" "krb4/" "kerberos4/" "kerberosv4/"; do
1788: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1.23 millert 1789: AC_PREPROC_IFELSE([#include <krb.h>], [found=yes; break])
1.15 millert 1790: done
1791: test X"$found" = X"no" && CPPFLAGS="$O_CPPFLAGS"
1.1 millert 1792: else
1.15 millert 1793: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_kerb4}/lib])
1794: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb4}/lib])
1795: CPPFLAGS="$CPPFLAGS -I${with_kerb4}/include"
1796: AC_CHECK_HEADER([krb.h], [found=yes], [found=no])
1797: fi
1798: if test X"$found" = X"no"; then
1799: AC_MSG_WARN([Unable to locate Kerberos IV include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
1.1 millert 1800: fi
1801:
1.15 millert 1802: dnl
1803: dnl Check for -ldes vs. -ldes425
1804: dnl
1805: AC_CHECK_LIB(des, des_cbc_encrypt, [K4LIBS="-ldes"], [
1806: AC_CHECK_LIB(des425, des_cbc_encrypt, [K4LIBS="-ldes425"], [K4LIBS=""])
1807: ])
1808: dnl
1809: dnl Try to determine whether we have KTH or MIT/CNS Kerberos IV
1810: dnl
1811: AC_MSG_CHECKING(whether we are using KTH Kerberos IV)
1.23 millert 1812: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb.h>]], [[const char *tmp = krb4_version;]])], [
1.15 millert 1813: AC_MSG_RESULT(yes)
1814: K4LIBS="${K4LIBS} -lcom_err"
1815: AC_CHECK_LIB(roken, main, [K4LIBS="${K4LIBS} -lroken"])
1816: ], [
1817: AC_MSG_RESULT(no)
1818: ]
1819: )
1820: dnl
1821: dnl The actual Kerberos IV lib might be -lkrb or -lkrb4
1822: dnl
1823: AC_CHECK_LIB(krb, main, [K4LIBS="-lkrb $K4LIBS"], [
1824: AC_CHECK_LIB(krb4, main, [K4LIBS="-lkrb4 $K4LIBS"],
1825: [K4LIBS="-lkrb $K4LIBS"]
1826: [AC_MSG_WARN([Unable to locate Kerberos IV libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS and possibly add Kerberos libs to SUDO_LIBS])]
1827: , [$K4LIBS])
1828: ], [$K4LIBS])
1829: LDFLAGS="$O_LDFLAGS"
1830: SUDO_LIBS="${SUDO_LIBS} $K4LIBS"
1.23 millert 1831: SUDO_ADD_AUTH([Kerberos 4], [kerb4.o])
1.15 millert 1832: fi
1833:
1834: dnl
1835: dnl Kerberos V
1.16 millert 1836: dnl There is an easy way and a hard way...
1.15 millert 1837: dnl
1.16 millert 1838: if test "$with_kerb5" = "yes"; then
1839: AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
1840: if test -n "$KRB5CONFIG"; then
1.21 millert 1841: AC_DEFINE(HAVE_KERB5)
1.23 millert 1842: SUDO_ADD_AUTH([Kerberos 5], [kerb5.o])
1.16 millert 1843: CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
1844: SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"
1.17 millert 1845: dnl
1846: dnl Try to determine whether we have Heimdal or MIT Kerberos
1847: dnl
1848: AC_MSG_CHECKING(whether we are using Heimdal)
1.23 millert 1849: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
1.17 millert 1850: AC_MSG_RESULT(yes)
1.21 millert 1851: AC_DEFINE(HAVE_HEIMDAL)
1.23 millert 1852: ] , [
1853: AC_MSG_RESULT(no)
1.17 millert 1854: ]
1855: )
1.16 millert 1856: fi
1857: fi
1858: if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then
1.21 millert 1859: AC_DEFINE(HAVE_KERB5)
1.15 millert 1860: dnl
1861: dnl Use the specified directory, if any, else search for correct inc dir
1862: dnl
1863: if test "$with_kerb5" = "yes"; then
1864: found=no
1865: O_CPPFLAGS="$CPPFLAGS"
1866: for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
1867: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1.23 millert 1868: AC_PREPROC_IFELSE([#include <krb5.h>], [found=yes; break])
1.15 millert 1869: done
1870: if test X"$found" = X"no"; then
1871: CPPFLAGS="$O_CPPFLAGS"
1872: AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
1873: fi
1.1 millert 1874: else
1.15 millert 1875: dnl XXX - try to include krb5.h here too
1876: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb5}/lib])
1877: CPPFLAGS="$CPPFLAGS -I${with_kerb5}/include"
1.1 millert 1878: fi
1879:
1.15 millert 1880: dnl
1881: dnl Try to determine whether we have Heimdal or MIT Kerberos
1882: dnl
1883: AC_MSG_CHECKING(whether we are using Heimdal)
1.23 millert 1884: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
1.15 millert 1885: AC_MSG_RESULT(yes)
1.21 millert 1886: AC_DEFINE(HAVE_HEIMDAL)
1.23 millert 1887: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lcrypto -ldes -lcom_err -lasn1"
1.15 millert 1888: AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"])
1889: ], [
1890: AC_MSG_RESULT(no)
1891: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
1.23 millert 1892:
1893: ])
1894: SUDO_ADD_AUTH([Kerberos 5], [kerb5.o])
1895: _LIBS="$LIBS"
1896: LIBS="${LIBS} ${SUDO_LIBS}"
1897: AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
1898: LIBS="$_LIBS"
1899: fi
1900:
1901: dnl
1902: dnl Some systems put login_cap(3) in libutil
1903: dnl
1904: if test "$with_logincap" = "yes"; then
1905: case "$OS" in
1906: freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil"
1907: ;;
1908: esac
1.1 millert 1909: fi
1910:
1911: dnl
1.23 millert 1912: dnl PAM support. Systems that might support PAM set with_pam=maybe
1913: dnl and we do that actual tests here.
1.4 millert 1914: dnl
1.23 millert 1915: if test ${with_pam-'no'} != "no"; then
1.21 millert 1916: dnl
1917: dnl Linux may need this
1918: dnl
1.23 millert 1919: AC_CHECK_LIB([dl], [main], [SUDO_LIBS="${SUDO_LIBS} -lpam -ldl"], [SUDO_LIBS="${SUDO_LIBS} -lpam"])
1920: ac_cv_lib_dl=ac_cv_lib_dl_main
1921:
1.21 millert 1922: dnl
1923: dnl Some PAM implementations (MacOS X for example) put the PAM headers
1924: dnl in /usr/include/pam instead of /usr/include/security...
1925: dnl
1.23 millert 1926: AC_CHECK_HEADERS([security/pam_appl.h] [pam/pam_appl.h], [with_pam=yes; break])
1927: if test "$with_pam" = "yes"; then
1928: AC_DEFINE(HAVE_PAM)
1929: SUDO_ADD_AUTH([PAM], [pam.o], [true])
1930: CHECKSHADOW=false
1931: fi
1932: fi
1933:
1934: dnl
1935: dnl Check for shadow password routines if we have not already done so.
1936: dnl If there is a specific list of functions to check we do that first.
1937: dnl Otherwise, we check for SVR4-style and then SecureWare-style.
1938: dnl
1939: if test "$CHECKSHADOW" = "true" -a -n "$shadow_funcs"; then
1940: _LIBS="$LIBS"
1941: LIBS="$LIBS $shadow_libs"
1942: found=no
1943: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
1944: if test "$found" = "yes"; then
1945: SUDO_LIBS="$SUDO_LIBS $shadow_libs"
1946: elif test -n "$shadow_libs_optional"; then
1947: LIBS="$LIBS $shadow_libs_optional"
1948: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
1949: if test "$found" = "yes"; then
1950: SUDO_LIBS="$SUDO_LIBS $shadow_libs $shadow_libs_optional"
1951: fi
1952: fi
1953: if test "$found" = "yes"; then
1954: case "$shadow_funcs" in
1955: *getprpwnam*) SECUREWARE=1;;
1956: esac
1957: test -n "$shadow_defs" && OSDEFS="${OSDEFS} $shadow_defs"
1958: else
1959: LIBS="$_LIBS"
1960: fi
1961: CHECKSHADOW=false
1962: fi
1963: if test "$CHECKSHADOW" = "true"; then
1964: AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])])
1965: fi
1966: if test "$CHECKSHADOW" = "true"; then
1967: AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))])
1968: fi
1969: if test -n "$SECUREWARE"; then
1970: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
1971: SUDO_ADD_AUTH([SecureWare], [secureware.o])
1.4 millert 1972: fi
1973:
1974: dnl
1.1 millert 1975: dnl extra AFS libs and includes
1976: dnl
1977: if test "$with_AFS" = "yes"; then
1978:
1979: # looks like the "standard" place for AFS libs is /usr/afsws/lib
1980: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
1981: for i in $AFSLIBDIRS; do
1982: if test -d ${i}; then
1.15 millert 1983: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [$i])
1.1 millert 1984: FOUND_AFSLIBDIR=true
1985: fi
1986: done
1987: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 1988: AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDO_LDFLAGS or rerun configure with the --with-libpath options.])
1.1 millert 1989: fi
1990:
1991: # Order is important here. Note that we build AFS_LIBS from right to left
1992: # since AFS_LIBS may be initialized with BSD compat libs that must go last
1993: AFS_LIBS="-laudit ${AFS_LIBS}"
1994: for i in $AFSLIBDIRS; do
1995: if test -f ${i}/util.a; then
1996: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
1997: FOUND_UTIL_A=true
1998: break;
1999: fi
2000: done
2001: if test -z "$FOUND_UTIL_A"; then
2002: AFS_LIBS="-lutil ${AFS_LIBS}"
2003: fi
2004: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
2005:
2006: # AFS includes may live in /usr/include on some machines...
2007: for i in /usr/afsws/include; do
2008: if test -d ${i}; then
2009: CPPFLAGS="${CPPFLAGS} -I${i}"
2010: FOUND_AFSINCDIR=true
2011: fi
2012: done
2013:
2014: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 2015: AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
1.1 millert 2016: fi
2017: fi
2018:
2019: dnl
2020: dnl extra DCE obj + lib
2021: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
2022: dnl
2023: if test "$with_DCE" = "yes"; then
2024: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
2025: SUDO_LIBS="${SUDO_LIBS} -ldce"
1.5 millert 2026: fi
2027:
2028: dnl
1.1 millert 2029: dnl extra S/Key lib and includes
2030: dnl
1.15 millert 2031: if test -n "$with_skey"; then
2032: O_LDFLAGS="$LDFLAGS"
2033: if test "$with_skey" != "yes"; then
2034: CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
2035: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_skey}/lib])
2036: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_skey}/lib])
2037: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes], [found=no])
1.1 millert 2038: else
1.15 millert 2039: found=no
2040: O_CPPFLAGS="$CPPFLAGS"
2041: for dir in "" "/usr/local" "/usr/contrib"; do
2042: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1.23 millert 2043: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes; break])
1.15 millert 2044: done
2045: if test "$found" = "no" -o -z "$dir"; then
2046: CPPFLAGS="$O_CPPFLAGS"
2047: else
2048: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2049: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2050: fi
1.1 millert 2051: fi
1.15 millert 2052: if test "$found" = "no"; then
2053: AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
2054: fi
2055: AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])])
1.21 millert 2056: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
1.15 millert 2057: LDFLAGS="$O_LDFLAGS"
2058: SUDO_LIBS="${SUDO_LIBS} -lskey"
1.1 millert 2059: fi
2060:
2061: dnl
2062: dnl extra OPIE lib and includes
2063: dnl
1.15 millert 2064: if test -n "$with_opie"; then
2065: O_LDFLAGS="$LDFLAGS"
2066: if test "$with_opie" != "yes"; then
2067: CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
2068: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_opie}/lib])
2069: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_opie}/lib])
2070: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes], [found=no])
1.1 millert 2071: else
1.15 millert 2072: found=no
2073: O_CPPFLAGS="$CPPFLAGS"
2074: for dir in "" "/usr/local" "/usr/contrib"; do
2075: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1.23 millert 2076: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes; break])
1.15 millert 2077: done
2078: if test "$found" = "no" -o -z "$dir"; then
2079: CPPFLAGS="$O_CPPFLAGS"
2080: else
2081: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2082: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2083: fi
2084: fi
2085: if test "$found" = "no"; then
2086: AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
1.1 millert 2087: fi
1.15 millert 2088: AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDO_LDFLAGS])])
2089: LDFLAGS="$O_LDFLAGS"
2090: SUDO_LIBS="${SUDO_LIBS} -lopie"
1.1 millert 2091: fi
2092:
2093: dnl
2094: dnl extra SecurID lib + includes
2095: dnl
1.23 millert 2096: if test ${with_SecurID-'no'} != "no"; then
1.1 millert 2097: if test "$with_SecurID" != "yes"; then
1.14 millert 2098: :
2099: elif test -d /usr/ace/examples; then
2100: with_SecurID=/usr/ace/examples
1.1 millert 2101: else
1.14 millert 2102: with_SecurID=/usr/ace
1.1 millert 2103: fi
1.14 millert 2104: CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
2105: _LDFLAGS="${LDFLAGS}"
1.15 millert 2106: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_SecurID}])
1.14 millert 2107: #
2108: # Determine whether to use the new or old SecurID API
2109: #
1.15 millert 2110: AC_CHECK_LIB(aceclnt, SD_Init,
2111: [
1.23 millert 2112: SUDO_ADD_AUTH([SecurID 5], [securid5.o], true)
1.15 millert 2113: SUDO_LIBS="${SUDO_LIBS} -laceclnt -lpthread"
2114: ]
2115: [
2116: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_SecurID}])
2117: ], [
1.23 millert 2118: SUDO_ADD_AUTH([SecurID], [securid.o], true)
1.15 millert 2119: SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
2120: ],
2121: [
2122: -lpthread
2123: ]
2124: )
1.14 millert 2125: LDFLAGS="${_LDFLAGS}"
1.1 millert 2126: fi
2127:
2128: dnl
2129: dnl extra FWTK libs + includes
2130: dnl
1.15 millert 2131: if test -n "$with_fwtk"; then
2132: if test "$with_fwtk" != "yes"; then
2133: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_fwtk}])
2134: CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
2135: with_fwtk=yes
2136: fi
1.1 millert 2137: SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall"
2138: fi
2139:
2140: dnl
1.23 millert 2141: dnl AIX general authentication
2142: dnl If set to "maybe" only enable if no other exclusive method in use.
1.1 millert 2143: dnl
1.23 millert 2144: if test ${with_aixauth-'no'} != "no"; then
2145: if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
2146: AC_MSG_NOTICE([using AIX general authentication])
2147: AC_DEFINE(HAVE_AIXAUTH)
2148: SUDO_ADD_AUTH([AIX general authentication], [aix_auth.o], [true])
2149: SUDO_LIBS="${SUDO_LIBS} -ls"
2150: fi
2151: fi
2152:
2153: dnl
2154: dnl BSD authentication
2155: dnl If set to "maybe" only enable if no other exclusive method in use.
2156: dnl
2157: if test ${with_bsdauth-'no'} != "no"; then
2158: if test X"$with_bsdauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
2159: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
2160: [SUDO_ADD_AUTH([BSD authentication], [bsdauth.o], [true])], -)
2161: fi
1.1 millert 2162: fi
2163:
2164: dnl
1.21 millert 2165: dnl extra lib and .o file for LDAP support
2166: dnl
2167: if test -n "$with_ldap"; then
1.23 millert 2168: _LDFLAGS="$LDFLAGS"
1.21 millert 2169: if test "$with_ldap" != "yes"; then
2170: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_ldap}/lib])
2171: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib])
2172: CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
2173: with_ldap=yes
2174: fi
2175: SUDO_OBJS="${SUDO_OBJS} ldap.o"
2176:
2177: AC_MSG_CHECKING([for LDAP libraries])
2178: LDAP_LIBS=""
2179: _LIBS="$LIBS"
2180: found=no
2181: for l in -lldap -llber '-lssl -lcrypto'; do
2182: LIBS="${LIBS} $l"
2183: LDAP_LIBS="${LDAP_LIBS} $l"
1.23 millert 2184: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1.21 millert 2185: #include <lber.h>
1.23 millert 2186: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [found=yes; break])
1.21 millert 2187: done
1.23 millert 2188: dnl if nothing linked just try with -lldap
1.21 millert 2189: if test "$found" = "no"; then
1.23 millert 2190: LDAP_LIBS=" -lldap"
2191: AC_MSG_RESULT([not found, using -lldap])
1.21 millert 2192: else
2193: AC_MSG_RESULT([$LDAP_LIBS])
2194: fi
2195: dnl try again w/o explicitly including lber.h
2196: AC_MSG_CHECKING([whether lber.h is needed])
1.23 millert 2197: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2198: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [AC_MSG_RESULT([no])], [
1.21 millert 2199: AC_MSG_RESULT([yes])
2200: AC_DEFINE(HAVE_LBER_H)])
2201:
2202: AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s)
2203:
2204: SUDO_LIBS="${SUDO_LIBS}${LDAP_LIBS}"
2205: LIBS="$_LIBS"
2206: LDFLAGS="$_LDFLAGS"
1.23 millert 2207: # XXX - OpenLDAP has deprecated ldap_get_values()
2208: CPPFLAGS="${CPPFLAGS} -DLDAP_DEPRECATED"
1.21 millert 2209: fi
2210:
2211: dnl
1.15 millert 2212: dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we
2213: dnl added -L dirpaths to SUDO_LDFLAGS.
2214: dnl
2215: if test -n "$blibpath"; then
2216: if test -n "$blibpath_add"; then
2217: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}${blibpath_add}"
2218: elif test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
2219: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}"
2220: fi
2221: fi
2222:
2223: dnl
1.1 millert 2224: dnl Check for log file and timestamp locations
2225: dnl
2226: SUDO_LOGFILE
2227: SUDO_TIMEDIR
2228:
2229: dnl
2230: dnl Use passwd (and secureware) auth modules?
2231: dnl
1.23 millert 2232: case "$AUTH_OBJS" in
2233: *passwd.o*)
2234: ;;
2235: *)
1.21 millert 2236: AC_DEFINE(WITHOUT_PASSWD)
1.1 millert 2237: if test -z "$AUTH_OBJS"; then
2238: AC_MSG_ERROR([no authentication methods defined.])
2239: fi
1.23 millert 2240: ;;
2241: esac
2242: _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
2243: AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
1.1 millert 2244:
2245: dnl
2246: dnl LIBS may contain duplicates from SUDO_LIBS or NET_LIBS so prune it.
2247: dnl
2248: if test -n "$LIBS"; then
2249: L="$LIBS"
2250: LIBS=
2251: for l in ${L}; do
2252: dupe=0
2253: for sl in ${SUDO_LIBS} ${NET_LIBS}; do
2254: test $l = $sl && dupe=1
2255: done
2256: test $dupe = 0 && LIBS="${LIBS} $l"
2257: done
2258: fi
2259:
2260: dnl
2261: dnl Set exec_prefix
2262: dnl
2263: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
2264:
2265: dnl
1.21 millert 2266: dnl Defer setting _PATH_SUDO_NOEXEC until after exec_prefix is set
2267: dnl XXX - this is gross!
2268: dnl
2269: if test "$with_noexec" != "no"; then
2270: PROGS="${PROGS} sudo_noexec.la"
2271: INSTALL_NOEXEC="install-noexec"
2272:
2273: oexec_prefix="$exec_prefix"
2274: if test "$exec_prefix" = '$(prefix)'; then
2275: if test "$prefix" = "NONE"; then
2276: exec_prefix="$ac_default_prefix"
2277: else
2278: exec_prefix="$prefix"
2279: fi
2280: fi
2281: eval noexec_file="$with_noexec"
2282: AC_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so])
2283: exec_prefix="$oexec_prefix"
2284: fi
2285:
2286: dnl
1.5 millert 2287: dnl Substitute into the Makefile and man pages
1.1 millert 2288: dnl
1.23 millert 2289: AC_CONFIG_FILES([Makefile sudo.man visudo.man sudoers.man])
2290: AC_OUTPUT
1.1 millert 2291:
2292: dnl
2293: dnl Spew any text the user needs to know about
2294: dnl
2295: if test "$with_pam" = "yes"; then
2296: case $host in
2297: *-*-linux*)
1.15 millert 2298: AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
1.1 millert 2299: ;;
2300: esac
2301: fi
1.7 millert 2302:
2303: dnl
1.21 millert 2304: dnl Autoheader templates
2305: dnl
2306: AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.])
2307: AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.])
2308: AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.])
2309: AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
2310: AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
2311: AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
2312: AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
2313: AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
2314: AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
1.23 millert 2315: AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
1.21 millert 2316: AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
2317: AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
2318: AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
2319: AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
1.23 millert 2320: AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
2321: AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.])
2322: AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
1.21 millert 2323: AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
2324: AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
2325: AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)])
2326: AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
2327: AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
2328: AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords)])
2329: AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
2330: AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.])
2331: AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])
2332: AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
2333: AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.])
2334: AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
2335: AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not)])
2336: AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.])
2337: AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.])
2338: AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.])
1.23 millert 2339: AH_TEMPLATE(HAVE_PROJECT_H, [Define to 1 if you have the <project.h> header file.])
1.21 millert 2340: AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.])
2341: AH_TEMPLATE(HAVE_SIA, [Define to 1 if you use SIA authentication.])
2342: AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if <signal.h> has the sigaction_t typedef.])
2343: AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
2344: AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
2345: AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member])
2346: AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member])
2347: AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the <termios.h> header file and the `tcgetattr' function.])
2348: AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h])
1.22 millert 2349: AH_TEMPLATE(HAVE_TIMESPECSUB2, [Define to 1 if you have a timespecsub macro or function that takes two arguments (not three)])
1.21 millert 2350: AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
2351: AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
2352: AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements])
2353: AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
2354: AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
2355: AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])
2356: AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.])
2357: AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.])
2358: AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.])
2359: AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.])
2360: AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.])
2361: AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.])
2362: AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.])
2363: AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.])
2364: AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
2365: AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
2366: AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
2367: AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
2368: AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
2369: AH_TEMPLATE(USE_TTY_TICKETS, [Define to 1 if you want a different ticket file for each tty.])
2370: AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
2371: AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
2372:
2373: dnl
2374: dnl Bits to copy verbatim into config.h.in
1.7 millert 2375: dnl
2376: AH_TOP([#ifndef _SUDO_CONFIG_H
2377: #define _SUDO_CONFIG_H])
2378:
2379: AH_BOTTOM([/*
1.21 millert 2380: * Macros to pull sec and nsec parts of mtime from struct stat.
1.23 millert 2381: * We need to be able to convert between timeval and timespec
2382: * so the last 3 digits of tv_nsec are not significant.
1.21 millert 2383: */
2384: #ifdef HAVE_ST_MTIM
2385: # define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
1.23 millert 2386: # define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
1.21 millert 2387: #else
2388: # ifdef HAVE_ST_MTIMESPEC
2389: # define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec)
1.23 millert 2390: # define mtim_getnsec(_x) (((_x).st_mtimespec.tv_nsec / 1000) * 1000)
1.21 millert 2391: # else
2392: # define mtim_getsec(_x) ((_x).st_mtime)
2393: # define mtim_getnsec(_x) (0)
2394: # endif /* HAVE_ST_MTIMESPEC */
2395: #endif /* HAVE_ST_MTIM */
2396:
2397: /*
1.7 millert 2398: * Emulate a subset of waitpid() if we don't have it.
2399: */
2400: #ifdef HAVE_WAITPID
2401: # define sudo_waitpid(p, s, o) waitpid(p, s, o)
2402: #else
2403: # ifdef HAVE_WAIT3
2404: # define sudo_waitpid(p, s, o) wait3(s, o, NULL)
2405: # endif
1.14 millert 2406: #endif
2407:
2408: /* GNU stow needs /etc/sudoers to be a symlink. */
1.21 millert 2409: #ifdef USE_STOW
1.14 millert 2410: # define stat_sudoers stat
2411: #else
2412: # define stat_sudoers lstat
1.7 millert 2413: #endif
1.21 millert 2414:
2415: /* Macros to set/clear/test flags. */
2416: #undef SET
2417: #define SET(t, f) ((t) |= (f))
2418: #undef CLR
2419: #define CLR(t, f) ((t) &= ~(f))
2420: #undef ISSET
2421: #define ISSET(t, f) ((t) & (f))
1.7 millert 2422:
2423: /* New ANSI-style OS defs for HP-UX and ConvexOS. */
2424: #if defined(hpux) && !defined(__hpux)
2425: # define __hpux 1
2426: #endif /* hpux */
2427:
2428: #if defined(convex) && !defined(__convex__)
2429: # define __convex__ 1
2430: #endif /* convex */
2431:
2432: /* BSD compatibility on some SVR4 systems. */
2433: #ifdef __svr4__
2434: # define BSD_COMP
2435: #endif /* __svr4__ */
2436:
2437: #endif /* _SUDO_CONFIG_H */])