Annotation of src/usr.bin/sudo/configure.in, Revision 1.29
1.1 millert 1: dnl
2: dnl Process this file with GNU autoconf to produce a configure script.
1.29 ! millert 3: dnl $Sudo: configure.in,v 1.413.2.27 2007/10/24 16:43:25 millert Exp $
1.1 millert 4: dnl
1.23 millert 5: dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller <Todd.Miller@courtesan.com>
1.1 millert 6: dnl
1.23 millert 7: AC_INIT([sudo], [1.6.9])
1.1 millert 8: AC_CONFIG_HEADER(config.h pathnames.h)
9: dnl
1.23 millert 10: dnl This won't work before AC_INIT
1.1 millert 11: dnl
1.23 millert 12: AC_MSG_NOTICE([Configuring Sudo version 1.6.9])
1.1 millert 13: dnl
1.7 millert 14: dnl Variables that get substituted in the Makefile and man pages
1.1 millert 15: dnl
1.21 millert 16: AC_SUBST(LIBTOOL)
1.23 millert 17: AC_SUBST(CFLAGS)
18: AC_SUBST(PROGS)
19: AC_SUBST(CPPFLAGS)
20: AC_SUBST(LDFLAGS)
21: AC_SUBST(SUDO_LDFLAGS)
22: AC_SUBST(SUDO_OBJS)
23: AC_SUBST(LIBS)
24: AC_SUBST(SUDO_LIBS)
25: AC_SUBST(NET_LIBS)
26: AC_SUBST(AFS_LIBS)
27: AC_SUBST(OSDEFS)
28: AC_SUBST(AUTH_OBJS)
29: AC_SUBST(MANTYPE)
30: AC_SUBST(MAN_POSTINSTALL)
31: AC_SUBST(SUDOERS_MODE)
32: AC_SUBST(SUDOERS_UID)
33: AC_SUBST(SUDOERS_GID)
1.5 millert 34: AC_SUBST(DEV)
35: AC_SUBST(mansectsu)
36: AC_SUBST(mansectform)
37: AC_SUBST(mansrcdir)
1.21 millert 38: AC_SUBST(NOEXECDIR)
39: AC_SUBST(noexec_file)
40: AC_SUBST(INSTALL_NOEXEC)
1.23 millert 41: AC_SUBST(DONT_LEAK_PATH_INFO)
1.5 millert 42: dnl
1.7 millert 43: dnl Variables that get substituted in docs (not overridden by environment)
44: dnl
45: AC_SUBST(timedir)dnl initial value from SUDO_TIMEDIR
46: AC_SUBST(timeout)
47: AC_SUBST(password_timeout)
48: AC_SUBST(sudo_umask)
49: AC_SUBST(passprompt)
50: AC_SUBST(long_otp_prompt)
51: AC_SUBST(lecture)
52: AC_SUBST(logfac)
53: AC_SUBST(goodpri)
54: AC_SUBST(badpri)
55: AC_SUBST(loglen)
56: AC_SUBST(ignore_dot)
57: AC_SUBST(mail_no_user)
58: AC_SUBST(mail_no_host)
59: AC_SUBST(mail_no_perms)
60: AC_SUBST(mailto)
61: AC_SUBST(mailsub)
62: AC_SUBST(badpass_message)
63: AC_SUBST(fqdn)
64: AC_SUBST(runas_default)
65: AC_SUBST(env_editor)
66: AC_SUBST(passwd_tries)
67: AC_SUBST(tty_tickets)
68: AC_SUBST(insults)
1.21 millert 69: AC_SUBST(root_sudo)
1.23 millert 70: AC_SUBST(path_info)
1.7 millert 71: dnl
72: dnl Initial values for above
73: dnl
74: timeout=5
75: password_timeout=5
76: sudo_umask=0022
77: passprompt="Password:"
78: long_otp_prompt=off
1.21 millert 79: lecture=once
1.7 millert 80: logfac=local2
81: goodpri=notice
82: badpri=alert
83: loglen=80
84: ignore_dot=off
85: mail_no_user=on
86: mail_no_host=off
87: mail_no_perms=off
88: mailto=root
89: mailsub='*** SECURITY information for %h ***'
90: badpass_message='Sorry, try again.'
91: fqdn=off
92: runas_default=root
93: env_editor=off
94: passwd_tries=3
95: tty_tickets=off
96: insults=off
1.21 millert 97: root_sudo=on
1.23 millert 98: path_info=on
1.21 millert 99: INSTALL_NOEXEC=
1.7 millert 100: dnl
1.5 millert 101: dnl Initial values for Makefile variables listed above
1.7 millert 102: dnl May be overridden by environment variables..
1.5 millert 103: dnl
104: PROGS="sudo visudo"
1.23 millert 105: : ${MANTYPE='man'}
106: : ${mansrcdir='.'}
107: : ${SUDOERS_MODE='0440'}
108: : ${SUDOERS_UID='0'}
109: : ${SUDOERS_GID='0'}
1.1 millert 110: DEV="#"
1.25 millert 111: AUTH_OBJS=
112: AUTH_REG=
113: AUTH_EXCL=
114: AUTH_EXCL_DEF=
115: AUTH_DEF=passwd
1.5 millert 116:
117: dnl
118: dnl Other vaiables
119: dnl
1.1 millert 120: CHECKSHADOW=true
1.23 millert 121: shadow_defs=
122: shadow_funcs=
123: shadow_libs=
124: shadow_libs_optional=
1.1 millert 125:
126: dnl
127: dnl Override default configure dirs...
128: dnl
129: test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man'
130: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
131: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
1.14 millert 132: test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
1.1 millert 133:
134: dnl
135: dnl Deprecated --with options (these all warn or generate an error)
136: dnl
137:
138: AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
139: [case $with_otp_only in
1.25 millert 140: yes) with_passwd="no"
1.15 millert 141: AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
1.1 millert 142: ;;
143: esac])
144:
145: AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
146: [case $with_alertmail in
147: *) with_mailto="$with_alertmail"
1.15 millert 148: AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
1.1 millert 149: ;;
150: esac])
151:
152: dnl
153: dnl Options for --with
154: dnl
155:
156: AC_ARG_WITH(CC, [ --with-CC C compiler to use],
157: [case $with_CC in
158: yes) AC_MSG_ERROR(["must give --with-CC an argument."])
159: ;;
160: no) AC_MSG_ERROR(["illegal argument: --without-CC."])
161: ;;
162: *) CC=$with_CC
163: ;;
164: esac])
165:
1.15 millert 166: AC_ARG_WITH(rpath, [ --with-rpath pass -R flag in addition to -L for lib paths],
167: [case $with_rpath in
1.23 millert 168: yes|no) ;;
1.15 millert 169: *) AC_MSG_ERROR(["--with-rpath does not take an argument."])
170: ;;
171: esac])
172:
1.23 millert 173: AC_ARG_WITH(blibpath, [ --with-blibpath[=PATH] pass -blibpath flag to ld for additional lib paths],
1.15 millert 174: [case $with_blibpath in
1.23 millert 175: yes|no) ;;
1.15 millert 176: *) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
177: ;;
178: esac])
179:
1.1 millert 180: AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files],
1.21 millert 181: [case $with_incpath in
1.1 millert 182: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
183: ;;
184: no) AC_MSG_ERROR(["--without-incpath not supported."])
185: ;;
1.15 millert 186: *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
1.1 millert 187: for i in ${with_incpath}; do
188: CPPFLAGS="${CPPFLAGS} -I${i}"
189: done
190: ;;
191: esac])
192:
193: AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries],
1.21 millert 194: [case $with_libpath in
1.1 millert 195: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
196: ;;
197: no) AC_MSG_ERROR(["--without-libpath not supported."])
198: ;;
1.15 millert 199: *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
1.1 millert 200: ;;
201: esac])
202:
203: AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with],
1.21 millert 204: [case $with_libraries in
1.1 millert 205: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
206: ;;
207: no) AC_MSG_ERROR(["--without-libraries not supported."])
208: ;;
1.15 millert 209: *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
1.1 millert 210: ;;
211: esac])
212:
1.13 david 213: AC_ARG_WITH(devel, [ --with-devel add development options],
1.21 millert 214: [case $with_devel in
1.15 millert 215: yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
1.1 millert 216: PROGS="${PROGS} testsudoers"
217: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
218: DEV=""
219: ;;
220: no) ;;
1.15 millert 221: *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
1.1 millert 222: ;;
223: esac])
224:
1.9 millert 225: AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging],
1.21 millert 226: [case $with_efence in
1.15 millert 227: yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
1.9 millert 228: LIBS="${LIBS} -lefence"
229: if test -f /usr/local/lib/libefence.a; then
1.15 millert 230: with_libpath="${with_libpath} /usr/local/lib"
1.9 millert 231: fi
232: ;;
233: no) ;;
1.15 millert 234: *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
1.9 millert 235: ;;
236: esac])
237:
1.1 millert 238: AC_ARG_WITH(csops, [ --with-csops add CSOps standard options],
1.21 millert 239: [case $with_csops in
1.15 millert 240: yes) AC_MSG_NOTICE([Adding CSOps standard options])
1.1 millert 241: CHECKSIA=false
242: with_ignore_dot=yes
1.7 millert 243: insults=on
1.1 millert 244: with_classic_insults=yes
245: with_csops_insults=yes
246: with_env_editor=yes
1.23 millert 247: : ${mansectsu='8'}
248: : ${mansectform='5'}
1.1 millert 249: ;;
250: no) ;;
1.15 millert 251: *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
1.1 millert 252: ;;
253: esac])
254:
255: AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication],
256: [case $with_passwd in
1.25 millert 257: yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
258: AC_MSG_RESULT($with_passwd)
259: AUTH_DEF=""
260: test "$with_passwd" = "yes" && AUTH_REG="$AUTH_REG passwd"
1.1 millert 261: ;;
262: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
263: ;;
264: esac])
265:
1.23 millert 266: AC_ARG_WITH(skey, [ --with-skey[=DIR] enable S/Key support ],
1.1 millert 267: [case $with_skey in
1.23 millert 268: no) with_skey=""
269: ;;
1.25 millert 270: *) AC_DEFINE(HAVE_SKEY)
1.1 millert 271: AC_MSG_CHECKING(whether to try S/Key authentication)
272: AC_MSG_RESULT(yes)
1.25 millert 273: AUTH_REG="$AUTH_REG S/Key"
1.1 millert 274: ;;
275: esac])
276:
1.23 millert 277: AC_ARG_WITH(opie, [ --with-opie[=DIR] enable OPIE support ],
1.1 millert 278: [case $with_opie in
1.23 millert 279: no) with_opie=""
280: ;;
1.25 millert 281: *) AC_DEFINE(HAVE_OPIE)
1.1 millert 282: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
283: AC_MSG_RESULT(yes)
1.25 millert 284: AUTH_REG="$AUTH_REG NRL_OPIE"
1.1 millert 285: ;;
286: esac])
287:
288: AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt],
289: [case $with_long_otp_prompt in
1.21 millert 290: yes) AC_DEFINE(LONG_OTP_PROMPT)
1.1 millert 291: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
292: AC_MSG_RESULT(yes)
1.7 millert 293: long_otp_prompt=on
294: ;;
295: no) long_otp_prompt=off
1.1 millert 296: ;;
297: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
298: ;;
299: esac])
300:
1.15 millert 301: AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support],
1.1 millert 302: [case $with_SecurID in
1.15 millert 303: no) with_SecurID="";;
1.21 millert 304: *) AC_DEFINE(HAVE_SECURID)
1.1 millert 305: AC_MSG_CHECKING(whether to use SecurID for authentication)
306: AC_MSG_RESULT(yes)
1.25 millert 307: AUTH_EXCL="$AUTH_EXCL SecurID"
1.1 millert 308: ;;
309: esac])
310:
1.15 millert 311: AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support],
1.1 millert 312: [case $with_fwtk in
1.15 millert 313: no) with_fwtk="";;
1.21 millert 314: *) AC_DEFINE(HAVE_FWTK)
1.1 millert 315: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
316: AC_MSG_RESULT(yes)
1.25 millert 317: AUTH_EXCL="$AUTH_EXCL FWTK"
1.1 millert 318: ;;
319: esac])
320:
1.15 millert 321: AC_ARG_WITH(kerb4, [ --with-kerb4[[=DIR]] enable Kerberos IV support],
1.1 millert 322: [case $with_kerb4 in
1.15 millert 323: no) with_kerb4="";;
324: *) AC_MSG_CHECKING(whether to try kerberos IV authentication)
1.1 millert 325: AC_MSG_RESULT(yes)
1.25 millert 326: AUTH_REG="$AUTH_REG kerb4"
1.1 millert 327: ;;
328: esac])
329:
1.15 millert 330: AC_ARG_WITH(kerb5, [ --with-kerb5[[=DIR]] enable Kerberos V support],
1.1 millert 331: [case $with_kerb5 in
1.15 millert 332: no) with_kerb5="";;
333: *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
1.1 millert 334: AC_MSG_RESULT(yes)
1.25 millert 335: AUTH_REG="$AUTH_REG kerb5"
1.1 millert 336: ;;
337: esac])
338:
1.23 millert 339: AC_ARG_WITH(aixauth, [ --with-aixauth enable AIX general authentication support],
340: [case $with_aixauth in
1.25 millert 341: yes) AUTH_EXCL="$AUTH_EXCL AIX_AUTH";;
342: no) ;;
1.23 millert 343: *) AC_MSG_ERROR(["--with-aixauth does not take an argument."])
1.1 millert 344: ;;
345: esac])
346:
347: AC_ARG_WITH(pam, [ --with-pam enable PAM support],
348: [case $with_pam in
1.25 millert 349: yes) AUTH_EXCL="$AUTH_EXCL PAM";;
350: no) ;;
1.1 millert 351: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
352: ;;
353: esac])
354:
355: AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
356: [case $with_AFS in
1.21 millert 357: yes) AC_DEFINE(HAVE_AFS)
1.1 millert 358: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
359: AC_MSG_RESULT(yes)
1.25 millert 360: AUTH_REG="$AUTH_REG AFS"
1.1 millert 361: ;;
362: no) ;;
363: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
364: ;;
365: esac])
366:
367: AC_ARG_WITH(DCE, [ --with-DCE enable DCE support],
368: [case $with_DCE in
1.21 millert 369: yes) AC_DEFINE(HAVE_DCE)
1.1 millert 370: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
371: AC_MSG_RESULT(yes)
1.25 millert 372: AUTH_REG="$AUTH_REG DCE"
1.1 millert 373: ;;
374: no) ;;
375: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
376: ;;
377: esac])
378:
1.6 millert 379: AC_ARG_WITH(logincap, [ --with-logincap enable BSD login class support],
1.5 millert 380: [case $with_logincap in
1.6 millert 381: yes|no) ;;
382: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
383: ;;
384: esac])
385:
386: AC_ARG_WITH(bsdauth, [ --with-bsdauth enable BSD authentication support],
387: [case $with_bsdauth in
1.25 millert 388: yes) AUTH_EXCL="$AUTH_EXCL BSD_AUTH";;
389: no) ;;
1.23 millert 390: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
1.5 millert 391: ;;
1.23 millert 392: esac])
393:
394: AC_ARG_WITH(project, [ --with-project enable Solaris project support],
395: [case $with_project in
396: yes|no) ;;
397: no) ;;
398: *) AC_MSG_ERROR(["--with-project does not take an argument."])
1.5 millert 399: ;;
400: esac])
401:
1.1 millert 402: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
403: AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
1.21 millert 404: [case $with_lecture in
405: yes|short|always) lecture=once
1.1 millert 406: ;;
1.21 millert 407: no|none|never) lecture=never
1.1 millert 408: ;;
409: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
410: ;;
1.7 millert 411: esac])
1.21 millert 412: if test "$lecture" = "once"; then
1.7 millert 413: AC_MSG_RESULT(yes)
414: else
1.21 millert 415: AC_DEFINE(NO_LECTURE)
1.7 millert 416: AC_MSG_RESULT(no)
417: fi
1.1 millert 418:
419: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
420: AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
1.21 millert 421: [case $with_logging in
1.1 millert 422: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
423: ;;
424: no) AC_MSG_ERROR(["--without-logging not supported."])
425: ;;
1.21 millert 426: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG)
1.1 millert 427: AC_MSG_RESULT(syslog)
428: ;;
429: file) AC_DEFINE(LOGGING, SLOG_FILE)
430: AC_MSG_RESULT(file)
431: ;;
432: both) AC_DEFINE(LOGGING, SLOG_BOTH)
433: AC_MSG_RESULT(both)
434: ;;
435: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
436: ;;
437: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
438:
439: AC_MSG_CHECKING(which syslog facility sudo should log with)
1.7 millert 440: AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")],
1.21 millert 441: [case $with_logfac in
1.1 millert 442: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
443: ;;
444: no) AC_MSG_ERROR(["--without-logfac not supported."])
445: ;;
1.7 millert 446: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
1.1 millert 447: ;;
448: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
449: ;;
1.7 millert 450: esac])
451: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
452: AC_MSG_RESULT($logfac)
1.1 millert 453:
454: AC_MSG_CHECKING(at which syslog priority to log commands)
1.7 millert 455: AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")],
1.21 millert 456: [case $with_goodpri in
1.1 millert 457: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
458: ;;
459: no) AC_MSG_ERROR(["--without-goodpri not supported."])
460: ;;
1.7 millert 461: alert|crit|debug|emerg|err|info|notice|warning)
462: goodpri=$with_goodpri
1.1 millert 463: ;;
464: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
465: ;;
1.7 millert 466: esac])
467: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
468: AC_MSG_RESULT($goodpri)
1.1 millert 469:
470: AC_MSG_CHECKING(at which syslog priority to log failures)
1.7 millert 471: AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")],
1.21 millert 472: [case $with_badpri in
1.1 millert 473: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
474: ;;
475: no) AC_MSG_ERROR(["--without-badpri not supported."])
476: ;;
1.7 millert 477: alert|crit|debug|emerg|err|info|notice|warning)
478: badpri=$with_badpri
1.1 millert 479: ;;
480: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
481: ;;
1.7 millert 482: esac])
483: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
1.14 millert 484: AC_MSG_RESULT($badpri)
1.1 millert 485:
486: AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
1.21 millert 487: [case $with_logpath in
1.1 millert 488: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
489: ;;
490: no) AC_MSG_ERROR(["--without-logpath not supported."])
491: ;;
492: esac])
493:
494: AC_MSG_CHECKING(how long a line in the log file should be)
495: AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)],
1.21 millert 496: [case $with_loglen in
1.1 millert 497: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
498: ;;
499: no) AC_MSG_ERROR(["--without-loglen not supported."])
500: ;;
1.7 millert 501: [[0-9]]*) loglen=$with_loglen
1.1 millert 502: ;;
503: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
504: ;;
1.7 millert 505: esac])
506: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
507: AC_MSG_RESULT($loglen)
1.1 millert 508:
509: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
510: AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
1.21 millert 511: [case $with_ignore_dot in
1.7 millert 512: yes) ignore_dot=on
1.1 millert 513: ;;
1.7 millert 514: no) ignore_dot=off
1.1 millert 515: ;;
516: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
517: ;;
1.7 millert 518: esac])
519: if test "$ignore_dot" = "on"; then
1.21 millert 520: AC_DEFINE(IGNORE_DOT_PATH)
1.7 millert 521: AC_MSG_RESULT(yes)
522: else
523: AC_MSG_RESULT(no)
524: fi
1.1 millert 525:
526: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
527: AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers],
1.21 millert 528: [case $with_mail_if_no_user in
1.7 millert 529: yes) mail_no_user=on
1.1 millert 530: ;;
1.7 millert 531: no) mail_no_user=off
1.1 millert 532: ;;
1.7 millert 533: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
1.1 millert 534: ;;
1.7 millert 535: esac])
536: if test "$mail_no_user" = "on"; then
1.21 millert 537: AC_DEFINE(SEND_MAIL_WHEN_NO_USER)
1.7 millert 538: AC_MSG_RESULT(yes)
539: else
540: AC_MSG_RESULT(no)
541: fi
1.1 millert 542:
543: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
544: AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host],
1.21 millert 545: [case $with_mail_if_no_host in
1.7 millert 546: yes) mail_no_host=on
1.1 millert 547: ;;
1.7 millert 548: no) mail_no_host=off
1.1 millert 549: ;;
1.7 millert 550: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
1.1 millert 551: ;;
1.7 millert 552: esac])
553: if test "$mail_no_host" = "on"; then
1.21 millert 554: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST)
1.7 millert 555: AC_MSG_RESULT(yes)
556: else
557: AC_MSG_RESULT(no)
558: fi
1.1 millert 559:
560: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
561: AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command],
1.21 millert 562: [case $with_mail_if_noperms in
1.7 millert 563: yes) mail_noperms=on
564: ;;
565: no) mail_noperms=off
566: ;;
567: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
568: ;;
569: esac])
570: if test "$mail_noperms" = "on"; then
1.21 millert 571: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK)
1.7 millert 572: AC_MSG_RESULT(yes)
573: else
574: AC_MSG_RESULT(no)
575: fi
576:
577: AC_MSG_CHECKING(who should get the mail that sudo sends)
578: AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
1.21 millert 579: [case $with_mailto in
1.7 millert 580: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
581: ;;
582: no) AC_MSG_ERROR(["--without-mailto not supported."])
583: ;;
584: *) mailto=$with_mailto
585: ;;
586: esac])
587: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
588: AC_MSG_RESULT([$mailto])
589:
590: AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
1.21 millert 591: [case $with_mailsubject in
1.7 millert 592: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
1.1 millert 593: ;;
1.15 millert 594: no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
1.1 millert 595: ;;
1.7 millert 596: *) mailsub="$with_mailsubject"
597: AC_MSG_CHECKING(sudo mail subject)
598: AC_MSG_RESULT([Using alert mail subject: $mailsub])
1.1 millert 599: ;;
1.7 millert 600: esac])
601: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
1.1 millert 602:
603: AC_MSG_CHECKING(for bad password prompt)
604: AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt],
1.21 millert 605: [case $with_passprompt in
1.1 millert 606: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
607: ;;
1.15 millert 608: no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
1.1 millert 609: ;;
1.7 millert 610: *) passprompt="$with_passprompt"
611: esac])
612: AC_MSG_RESULT($passprompt)
613: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
1.1 millert 614:
615: AC_MSG_CHECKING(for bad password message)
616: AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong],
1.21 millert 617: [case $with_badpass_message in
1.1 millert 618: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
619: ;;
1.15 millert 620: no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
1.1 millert 621: ;;
1.7 millert 622: *) badpass_message="$with_badpass_message"
1.1 millert 623: ;;
1.7 millert 624: esac])
625: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
626: AC_MSG_RESULT([$badpass_message])
1.1 millert 627:
628: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
629: AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers],
1.21 millert 630: [case $with_fqdn in
1.7 millert 631: yes) fqdn=on
1.1 millert 632: ;;
1.7 millert 633: no) fqdn=off
1.1 millert 634: ;;
635: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
636: ;;
1.7 millert 637: esac])
638: if test "$fqdn" = "on"; then
1.21 millert 639: AC_DEFINE(FQDN)
1.7 millert 640: AC_MSG_RESULT(yes)
641: else
642: AC_MSG_RESULT(no)
643: fi
1.1 millert 644:
645: AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir],
1.21 millert 646: [case $with_timedir in
1.1 millert 647: yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
648: ;;
649: no) AC_MSG_ERROR(["--without-timedir not supported."])
650: ;;
651: esac])
652:
653: AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail
654: --without-sendmail do not send mail at all],
1.21 millert 655: [case $with_sendmail in
1.1 millert 656: yes) with_sendmail=""
657: ;;
658: no) ;;
1.7 millert 659: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
1.1 millert 660: ;;
661: esac])
662:
663: AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)],
1.21 millert 664: [case $with_sudoers_mode in
1.1 millert 665: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
666: ;;
667: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
668: ;;
669: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
670: ;;
671: 0*) SUDOERS_MODE=$with_sudoers_mode
672: ;;
1.14 millert 673: *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
1.1 millert 674: ;;
675: esac])
676:
677: AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)],
1.21 millert 678: [case $with_sudoers_uid in
1.1 millert 679: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
680: ;;
681: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
682: ;;
683: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
684: ;;
1.14 millert 685: *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
1.1 millert 686: ;;
687: esac])
688:
689: AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)],
1.21 millert 690: [case $with_sudoers_gid in
1.1 millert 691: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
692: ;;
693: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
694: ;;
695: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
696: ;;
1.14 millert 697: *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
1.1 millert 698: ;;
699: esac])
700:
701: AC_MSG_CHECKING(for umask programs should be run with)
1.7 millert 702: AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022)
1.1 millert 703: --without-umask Preserves the umask of the user invoking sudo.],
1.21 millert 704: [case $with_umask in
1.1 millert 705: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
706: ;;
1.7 millert 707: no) sudo_umask=0777
1.1 millert 708: ;;
1.7 millert 709: [[0-9]]*) sudo_umask=$with_umask
1.1 millert 710: ;;
711: *) AC_MSG_ERROR(["you must enter a numeric mask."])
712: ;;
1.7 millert 713: esac])
714: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
715: if test "$sudo_umask" = "0777"; then
716: AC_MSG_RESULT(user)
717: else
718: AC_MSG_RESULT($sudo_umask)
719: fi
1.1 millert 720:
721: AC_MSG_CHECKING(for default user to run commands as)
1.7 millert 722: AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")],
1.21 millert 723: [case $with_runas_default in
1.1 millert 724: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
725: ;;
726: no) AC_MSG_ERROR(["--without-runas-default not supported."])
727: ;;
1.7 millert 728: *) runas_default="$with_runas_default"
1.1 millert 729: ;;
1.7 millert 730: esac])
731: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
732: AC_MSG_RESULT([$runas_default])
1.1 millert 733:
734: AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group],
1.21 millert 735: [case $with_exempt in
1.1 millert 736: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
737: ;;
738: no) AC_MSG_ERROR(["--without-exempt not supported."])
739: ;;
1.7 millert 740: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
1.1 millert 741: AC_MSG_CHECKING(for group to be exempt from password)
742: AC_MSG_RESULT([$with_exempt])
743: ;;
744: esac])
745:
746: AC_MSG_CHECKING(for editor that visudo should use)
747: AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)],
1.21 millert 748: [case $with_editor in
1.1 millert 749: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
750: ;;
751: no) AC_MSG_ERROR(["--without-editor not supported."])
752: ;;
1.7 millert 753: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
1.1 millert 754: AC_MSG_RESULT([$with_editor])
755: ;;
756: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
757:
758: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
759: AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo],
1.21 millert 760: [case $with_env_editor in
1.7 millert 761: yes) env_editor=on
1.1 millert 762: ;;
1.7 millert 763: no) env_editor=off
1.1 millert 764: ;;
765: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
766: ;;
1.7 millert 767: esac])
768: if test "$env_editor" = "on"; then
1.21 millert 769: AC_DEFINE(ENV_EDITOR)
1.7 millert 770: AC_MSG_RESULT(yes)
771: else
772: AC_MSG_RESULT(no)
773: fi
1.1 millert 774:
775: AC_MSG_CHECKING(number of tries a user gets to enter their password)
776: AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)],
1.21 millert 777: [case $with_passwd_tries in
1.7 millert 778: yes) ;;
1.1 millert 779: no) AC_MSG_ERROR(["--without-editor not supported."])
780: ;;
1.7 millert 781: [[1-9]]*) passwd_tries=$with_passwd_tries
1.1 millert 782: ;;
783: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
784: ;;
1.7 millert 785: esac])
786: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
787: AC_MSG_RESULT($passwd_tries)
1.1 millert 788:
789: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
1.7 millert 790: AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)],
1.21 millert 791: [case $with_timeout in
1.7 millert 792: yes) ;;
793: no) timeout=0
1.1 millert 794: ;;
1.7 millert 795: [[0-9]]*) timeout=$with_timeout
1.1 millert 796: ;;
797: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
798: ;;
1.7 millert 799: esac])
800: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
801: AC_MSG_RESULT($timeout)
1.1 millert 802:
803: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
1.7 millert 804: AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)],
1.21 millert 805: [case $with_password_timeout in
1.7 millert 806: yes) ;;
807: no) password_timeout=0
1.1 millert 808: ;;
1.7 millert 809: [[0-9]]*) password_timeout=$with_password_timeout
1.1 millert 810: ;;
811: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
812: ;;
1.7 millert 813: esac])
814: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
815: AC_MSG_RESULT($password_timeout)
1.1 millert 816:
817: AC_MSG_CHECKING(whether to use per-tty ticket files)
818: AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty],
1.21 millert 819: [case $with_tty_tickets in
1.7 millert 820: yes) tty_tickets=on
1.1 millert 821: ;;
1.7 millert 822: no) tty_tickets=off
1.1 millert 823: ;;
824: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
825: ;;
1.7 millert 826: esac])
827: if test "$tty_tickets" = "on"; then
1.21 millert 828: AC_DEFINE(USE_TTY_TICKETS)
1.7 millert 829: AC_MSG_RESULT(yes)
830: else
831: AC_MSG_RESULT(no)
832: fi
1.1 millert 833:
834: AC_MSG_CHECKING(whether to include insults)
835: AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password],
1.21 millert 836: [case $with_insults in
1.7 millert 837: yes) insults=on
1.1 millert 838: with_classic_insults=yes
839: with_csops_insults=yes
840: ;;
1.7 millert 841: no) insults=off
1.1 millert 842: ;;
843: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
844: ;;
1.7 millert 845: esac])
846: if test "$insults" = "on"; then
1.21 millert 847: AC_DEFINE(USE_INSULTS)
1.7 millert 848: AC_MSG_RESULT(yes)
849: else
850: AC_MSG_RESULT(no)
851: fi
1.1 millert 852:
853: AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets],
1.21 millert 854: [case $with_all_insults in
1.1 millert 855: yes) with_classic_insults=yes
856: with_csops_insults=yes
857: with_hal_insults=yes
858: with_goons_insults=yes
859: ;;
860: no) ;;
861: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
862: ;;
863: esac])
864:
865: AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo],
1.21 millert 866: [case $with_classic_insults in
867: yes) AC_DEFINE(CLASSIC_INSULTS)
1.1 millert 868: ;;
869: no) ;;
870: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
871: ;;
872: esac])
873:
874: AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults],
1.21 millert 875: [case $with_csops_insults in
876: yes) AC_DEFINE(CSOPS_INSULTS)
1.1 millert 877: ;;
878: no) ;;
879: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
880: ;;
881: esac])
882:
883: AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults],
1.21 millert 884: [case $with_hal_insults in
885: yes) AC_DEFINE(HAL_INSULTS)
1.1 millert 886: ;;
887: no) ;;
888: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
889: ;;
890: esac])
891:
1.7 millert 892: AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"],
1.21 millert 893: [case $with_goons_insults in
894: yes) AC_DEFINE(GOONS_INSULTS)
1.1 millert 895: ;;
896: no) ;;
897: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
898: ;;
899: esac])
900:
1.23 millert 901: AC_ARG_WITH(ldap, [ --with-ldap[[=DIR]] enable LDAP support],
1.21 millert 902: [case $with_ldap in
903: no) with_ldap="";;
904: *) AC_DEFINE(HAVE_LDAP)
905: AC_MSG_CHECKING(whether to use sudoers from LDAP)
906: AC_MSG_RESULT(yes)
907: ;;
908: esac])
909: AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file],
910: [AC_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "$with_ldap_conf_file", [Path to the ldap.conf file])])
1.23 millert 911: AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP secret pasdword file],
912: [AC_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$with_ldap_secret_file", [Path to the ldap.secret file])])
1.21 millert 913:
914: AC_ARG_WITH(pc-insults, [ --with-pc-insults replace politically incorrect insults with less offensive ones],
915: [case $with_pc_insults in
916: yes) AC_DEFINE(PC_INSULTS)
917: ;;
918: no) ;;
919: *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."])
920: ;;
921: esac])
922:
1.1 millert 923: dnl include all insult sets on one line
1.7 millert 924: if test "$insults" = "on"; then
1.1 millert 925: AC_MSG_CHECKING(which insult sets to include)
926: i=""
927: test "$with_goons_insults" = "yes" && i="goons ${i}"
928: test "$with_hal_insults" = "yes" && i="hal ${i}"
929: test "$with_csops_insults" = "yes" && i="csops ${i}"
930: test "$with_classic_insults" = "yes" && i="classic ${i}"
931: AC_MSG_RESULT([$i])
932: fi
933:
934: AC_MSG_CHECKING(whether to override the user's path)
1.18 millert 935: AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a built-in one],
1.21 millert 936: [case $with_secure_path in
937: yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc")
1.1 millert 938: AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc])
939: ;;
940: no) AC_MSG_RESULT(no)
941: ;;
942: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
943: AC_MSG_RESULT([$with_secure_path])
944: ;;
945: esac], AC_MSG_RESULT(no))
946:
947: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
948: AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces],
1.21 millert 949: [case $with_interfaces in
1.1 millert 950: yes) AC_MSG_RESULT(yes)
951: ;;
1.21 millert 952: no) AC_DEFINE(STUB_LOAD_INTERFACES)
1.1 millert 953: AC_MSG_RESULT(no)
954: ;;
955: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
956: ;;
957: esac], AC_MSG_RESULT(yes))
958:
1.14 millert 959: AC_MSG_CHECKING(whether stow should be used)
960: AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging],
961: [case $with_stow in
962: yes) AC_MSG_RESULT(yes)
1.21 millert 963: AC_DEFINE(USE_STOW)
1.14 millert 964: ;;
965: no) AC_MSG_RESULT(no)
966: ;;
967: *) AC_MSG_ERROR(["--with-stow does not take an argument."])
968: ;;
969: esac], AC_MSG_RESULT(no))
970:
1.1 millert 971: dnl
972: dnl Options for --enable
973: dnl
974:
975: AC_MSG_CHECKING(whether to do user authentication by default)
976: AC_ARG_ENABLE(authentication,
977: [ --disable-authentication
978: Do not require authentication by default],
979: [ case "$enableval" in
980: yes) AC_MSG_RESULT(yes)
981: ;;
982: no) AC_MSG_RESULT(no)
1.21 millert 983: AC_DEFINE(NO_AUTHENTICATION)
1.1 millert 984: ;;
985: *) AC_MSG_RESULT(no)
1.15 millert 986: AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1.1 millert 987: ;;
988: esac
989: ], AC_MSG_RESULT(yes))
1.9 millert 990:
1.10 millert 991: AC_MSG_CHECKING(whether to disable running the mailer as root)
992: AC_ARG_ENABLE(root-mailer,
993: [ --disable-root-mailer Don't run the mailer as root, run as the user],
994: [ case "$enableval" in
995: yes) AC_MSG_RESULT(no)
996: ;;
997: no) AC_MSG_RESULT(yes)
1.21 millert 998: AC_DEFINE(NO_ROOT_MAILER)
1.10 millert 999: ;;
1000: *) AC_MSG_RESULT(no)
1.15 millert 1001: AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1.10 millert 1002: ;;
1003: esac
1004: ], AC_MSG_RESULT(no))
1005:
1.11 millert 1006: AC_ARG_ENABLE(setreuid,
1007: [ --disable-setreuid Don't try to use the setreuid() function],
1008: [ case "$enableval" in
1.14 millert 1009: no) SKIP_SETREUID=yes
1010: ;;
1011: *) ;;
1012: esac
1013: ])
1014:
1015: AC_ARG_ENABLE(setresuid,
1.23 millert 1016: [ --disable-setresuid Don't try to use the setresuid() function],
1.14 millert 1017: [ case "$enableval" in
1018: no) SKIP_SETRESUID=yes
1.11 millert 1019: ;;
1020: *) ;;
1021: esac
1022: ])
1023:
1.1 millert 1024: AC_MSG_CHECKING(whether to disable shadow password support)
1025: AC_ARG_ENABLE(shadow,
1026: [ --disable-shadow Never use shadow passwords],
1027: [ case "$enableval" in
1028: yes) AC_MSG_RESULT(no)
1029: ;;
1030: no) AC_MSG_RESULT(yes)
1031: CHECKSHADOW="false"
1032: ;;
1033: *) AC_MSG_RESULT(no)
1.15 millert 1034: AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1.1 millert 1035: ;;
1036: esac
1037: ], AC_MSG_RESULT(no))
1038:
1039: AC_MSG_CHECKING(whether root should be allowed to use sudo)
1040: AC_ARG_ENABLE(root-sudo,
1.10 millert 1041: [ --disable-root-sudo Don't allow root to run sudo],
1.21 millert 1042: [ case "$enableval" in
1.1 millert 1043: yes) AC_MSG_RESULT(yes)
1044: ;;
1.21 millert 1045: no) AC_DEFINE(NO_ROOT_SUDO)
1.1 millert 1046: AC_MSG_RESULT(no)
1.21 millert 1047: root_sudo=off
1.1 millert 1048: ;;
1049: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1050: ;;
1051: esac
1052: ], AC_MSG_RESULT(yes))
1053:
1054: AC_MSG_CHECKING(whether to log the hostname in the log file)
1055: AC_ARG_ENABLE(log-host,
1056: [ --enable-log-host Log the hostname in the log file],
1057: [ case "$enableval" in
1058: yes) AC_MSG_RESULT(yes)
1.21 millert 1059: AC_DEFINE(HOST_IN_LOG)
1.1 millert 1060: ;;
1061: no) AC_MSG_RESULT(no)
1062: ;;
1063: *) AC_MSG_RESULT(no)
1.15 millert 1064: AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1.1 millert 1065: ;;
1066: esac
1067: ], AC_MSG_RESULT(no))
1068:
1069: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1070: AC_ARG_ENABLE(noargs-shell,
1071: [ --enable-noargs-shell If sudo is given no arguments run a shell],
1072: [ case "$enableval" in
1073: yes) AC_MSG_RESULT(yes)
1.21 millert 1074: AC_DEFINE(SHELL_IF_NO_ARGS)
1.1 millert 1075: ;;
1076: no) AC_MSG_RESULT(no)
1077: ;;
1078: *) AC_MSG_RESULT(no)
1.15 millert 1079: AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1.1 millert 1080: ;;
1081: esac
1082: ], AC_MSG_RESULT(no))
1083:
1084: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1085: AC_ARG_ENABLE(shell-sets-home,
1086: [ --enable-shell-sets-home
1.7 millert 1087: set $HOME to target user in shell mode],
1.1 millert 1088: [ case "$enableval" in
1089: yes) AC_MSG_RESULT(yes)
1.21 millert 1090: AC_DEFINE(SHELL_SETS_HOME)
1.1 millert 1091: ;;
1092: no) AC_MSG_RESULT(no)
1093: ;;
1094: *) AC_MSG_RESULT(no)
1.15 millert 1095: AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1.1 millert 1096: ;;
1097: esac
1098: ], AC_MSG_RESULT(no))
1099:
1100: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1101: AC_ARG_ENABLE(path_info,
1102: [ --disable-path-info Print 'command not allowed' not 'command not found'],
1103: [ case "$enableval" in
1104: yes) AC_MSG_RESULT(no)
1105: ;;
1106: no) AC_MSG_RESULT(yes)
1.21 millert 1107: AC_DEFINE(DONT_LEAK_PATH_INFO)
1.23 millert 1108: path_info=off
1.1 millert 1109: ;;
1110: *) AC_MSG_RESULT(no)
1.15 millert 1111: AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1.1 millert 1112: ;;
1113: esac
1114: ], AC_MSG_RESULT(no))
1115:
1116: dnl
1117: dnl If we don't have egrep we can't do anything...
1118: dnl
1.23 millert 1119: AC_CHECK_PROG(EGREPPROG, egrep, egrep)
1.1 millert 1120: if test -z "$EGREPPROG"; then
1.15 millert 1121: AC_MSG_ERROR([Sorry, configure requires egrep to run.])
1.1 millert 1122: fi
1123:
1124: dnl
1.7 millert 1125: dnl Prevent configure from adding the -g flag unless in devel mode
1126: dnl
1127: if test "$with_devel" != "yes"; then
1128: ac_cv_prog_cc_g=no
1129: fi
1130:
1131: dnl
1.1 millert 1132: dnl C compiler checks
1133: dnl
1.7 millert 1134: AC_ISC_POSIX
1.1 millert 1135: AC_PROG_CPP
1136:
1137: dnl
1.21 millert 1138: dnl Libtool magic; enable shared libs and disable static libs
1139: dnl
1140: AC_CANONICAL_HOST
1.23 millert 1141: AC_CANONICAL_TARGET([])
1.25 millert 1142: AC_DISABLE_STATIC
1143: AC_PROG_LIBTOOL
1.21 millert 1144:
1145: dnl
1146: dnl Defer with_noexec until after libtool magic runs
1147: dnl
1148: if test "$enable_shared" = "no"; then
1149: with_noexec=no
1150: else
1.24 millert 1151: eval _shrext="$shrext_cmds"
1.21 millert 1152: fi
1153: AC_MSG_CHECKING(path to sudo_noexec.so)
1.23 millert 1154: AC_ARG_WITH(noexec, [ --with-noexec[=PATH] fully qualified pathname of sudo_noexec.so],
1.21 millert 1155: [case $with_noexec in
1156: yes) with_noexec="$libexecdir/sudo_noexec$_shrext"
1157: ;;
1158: no) ;;
1159: *) ;;
1160: esac], [with_noexec="$libexecdir/sudo_noexec$_shrext"])
1161: AC_MSG_RESULT($with_noexec)
1162: NOEXECDIR="`echo $with_noexec|sed 's:^\(.*\)/[[^/]]*:\1:'`"
1163:
1164: dnl
1.1 millert 1165: dnl It is now safe to modify CFLAGS and CPPFLAGS
1166: dnl
1167: if test "$with_devel" = "yes" -a -n "$GCC"; then
1168: CFLAGS="${CFLAGS} -Wall"
1169: fi
1170:
1171: dnl
1172: dnl Find programs we use
1173: dnl
1.23 millert 1174: AC_CHECK_PROG(UNAMEPROG, uname, uname)
1175: AC_CHECK_PROG(TRPROG, tr, tr)
1176: AC_CHECK_PROG(NROFFPROG, nroff, nroff)
1.1 millert 1177: if test -z "$NROFFPROG"; then
1178: MANTYPE="cat"
1.5 millert 1179: mansrcdir='$(srcdir)'
1.1 millert 1180: fi
1181:
1182: dnl
1183: dnl What kind of beastie are we being run on?
1184: dnl Barf if config.cache was generated on another host.
1185: dnl
1186: if test -n "$sudo_cv_prev_host"; then
1187: if test "$sudo_cv_prev_host" != "$host"; then
1.15 millert 1188: AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1.1 millert 1189: else
1190: AC_MSG_CHECKING(previous host type)
1191: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1.15 millert 1192: AC_MSG_RESULT([$sudo_cv_prev_host])
1.1 millert 1193: fi
1194: else
1195: # this will produce no output since there is no cached value
1196: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1197: fi
1198:
1199: dnl
1200: dnl We want to be able to differentiate between different rev's
1201: dnl
1202: if test -n "$host_os"; then
1203: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1.23 millert 1204: OSREV=`echo $host_os | sed 's/^[[^0-9\.]]*\([[0-9\.]]*\).*$/\1/'`
1205: OSMAJOR=`echo $OSREV | sed 's/\..*$//'`
1.1 millert 1206: else
1207: OS="unknown"
1208: OSREV=0
1.23 millert 1209: OSMAJOR=0
1.1 millert 1210: fi
1211:
1212: case "$host" in
1213: *-*-sunos4*)
1214: # getcwd(3) opens a pipe to getpwd(1)!?!
1215: BROKEN_GETCWD=1
1216:
1217: # system headers lack prototypes but gcc helps...
1218: if test -n "$GCC"; then
1.23 millert 1219: OSDEFS="${OSDEFS} -D__USE_FIXED_PROTOTYPES__"
1.1 millert 1220: fi
1221:
1.23 millert 1222: shadow_funcs="getpwanam issecure"
1.1 millert 1223: ;;
1224: *-*-solaris2*)
1225: # To get the crypt(3) prototype (so we pass -Wall)
1.23 millert 1226: OSDEFS="${OSDEFS} -D__EXTENSIONS__"
1.1 millert 1227: # AFS support needs -lucb
1228: if test "$with_AFS" = "yes"; then
1229: AFS_LIBS="-lc -lucb"
1230: fi
1.23 millert 1231: : ${mansectsu='1m'}
1232: : ${mansectform='4'}
1233: : ${with_rpath='yes'}
1.25 millert 1234: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.1 millert 1235: ;;
1236: *-*-aix*)
1237: # To get all prototypes (so we pass -Wall)
1.23 millert 1238: OSDEFS="${OSDEFS} -D_XOPEN_EXTENDED_SOURCE -D_ALL_SOURCE"
1.1 millert 1239: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1.15 millert 1240: if test X"$with_blibpath" != X"no"; then
1241: AC_MSG_CHECKING([if linker accepts -Wl,-blibpath])
1242: O_LDFLAGS="$LDFLAGS"
1.23 millert 1243: LDFLAGS="$O_LDFLAGS -Wl,-blibpath:/usr/lib:/lib"
1244: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], [
1.15 millert 1245: if test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
1246: blibpath="$with_blibpath"
1247: elif test -n "$GCC"; then
1248: blibpath="/usr/lib:/lib:/usr/local/lib"
1249: else
1250: blibpath="/usr/lib:/lib"
1251: fi
1252: AC_MSG_RESULT(yes)
1253: ], [AC_MSG_RESULT(no)])
1254: fi
1255: LDFLAGS="$O_LDFLAGS"
1.23 millert 1256:
1.25 millert 1257: # Use authenticate(3) as the default authentication method
1.23 millert 1258: if test X"$with_aixauth" = X""; then
1.25 millert 1259: AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
1.23 millert 1260: fi
1.1 millert 1261: ;;
1262: *-*-hiuxmpp*)
1.23 millert 1263: : ${mansectsu='1m'}
1264: : ${mansectform='4'}
1.1 millert 1265: ;;
1.21 millert 1266: *-*-hpux*)
1.1 millert 1267: # AFS support needs -lBSD
1268: if test "$with_AFS" = "yes"; then
1269: AFS_LIBS="-lc -lBSD"
1270: fi
1.23 millert 1271: : ${mansectsu='1m'}
1272: : ${mansectform='4'}
1.1 millert 1273:
1.21 millert 1274: case "$host" in
1275: *-*-hpux[1-8].*)
1276: AC_DEFINE(BROKEN_SYSLOG)
1277:
1278: # Not sure if setuid binaries are safe in < 9.x
1279: if test -n "$GCC"; then
1280: SUDO_LDFLAGS="${SUDO_LDFLAGS} -static"
1281: else
1282: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive"
1283: fi
1284: ;;
1285: *-*-hpux9.*)
1286: AC_DEFINE(BROKEN_SYSLOG)
1287:
1.23 millert 1288: shadow_funcs="getspwuid"
1.21 millert 1289:
1290: # DCE support (requires ANSI C compiler)
1291: if test "$with_DCE" = "yes"; then
1292: # order of libs in 9.X is important. -lc_r must be last
1293: SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r"
1294: LIBS="${LIBS} -ldce -lM -lc_r"
1295: CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1296: fi
1297: ;;
1298: *-*-hpux10.*)
1.23 millert 1299: shadow_funcs="getprpwnam iscomsec"
1300: shadow_libs="-lsec"
1.21 millert 1301: ;;
1302: *)
1.23 millert 1303: shadow_funcs="getspnam iscomsec"
1304: shadow_libs="-lsec"
1.25 millert 1305: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.21 millert 1306: ;;
1307: esac
1.1 millert 1308: ;;
1309: *-dec-osf*)
1310: # ignore envariables wrt dynamic lib path
1311: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement"
1312:
1.26 millert 1313: : ${CHECKSIA='true'}
1.1 millert 1314: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1315: AC_ARG_ENABLE(sia,
1.25 millert 1316: [ --disable-sia Disable SIA on Digital UNIX],
1.1 millert 1317: [ case "$enableval" in
1318: yes) AC_MSG_RESULT(no)
1.26 millert 1319: CHECKSIA=true
1.1 millert 1320: ;;
1321: no) AC_MSG_RESULT(yes)
1322: CHECKSIA=false
1323: ;;
1324: *) AC_MSG_RESULT(no)
1.15 millert 1325: AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1.1 millert 1326: ;;
1327: esac
1328: ], AC_MSG_RESULT(no))
1329:
1.23 millert 1330: shadow_funcs="getprpwnam dispcrypt"
1331: # OSF/1 4.x and higher need -ldb too
1332: if test $OSMAJOR -lt 4; then
1333: shadow_libs="-lsecurity -laud -lm"
1334: else
1335: shadow_libs="-lsecurity -ldb -laud -lm"
1336: fi
1337:
1338: # use SIA by default, if we have it
1.25 millert 1339: test "$CHECKSIA" = "true" && AUTH_EXCL_DEF="SIA"
1340:
1341: #
1342: # Some versions of Digital Unix ship with a broken
1343: # copy of prot.h, which we need for shadow passwords.
1344: # XXX - make should remove this as part of distclean
1345: #
1346: AC_MSG_CHECKING([for broken prot.h])
1347: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1.1 millert 1348: #include <sys/types.h>
1349: #include <sys/security.h>
1350: #include <prot.h>
1.25 millert 1351: ]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
1352: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1353: ])
1.23 millert 1354: : ${mansectsu='8'}
1355: : ${mansectform='4'}
1.1 millert 1356: ;;
1357: *-*-irix*)
1.23 millert 1358: OSDEFS="${OSDEFS} -D_BSD_TYPES"
1.1 millert 1359: if test -z "$NROFFPROG"; then
1.14 millert 1360: MAN_POSTINSTALL=' /bin/rm -f $(mandirsu)/sudo.$(mansectsu).z $(mandirsu)/visudo.$(mansectsu).z $(mandirform)/sudoers.$(mansectform).z ; /usr/bin/pack $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform)'
1.1 millert 1361: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1362: if test -d /usr/share/catman/local; then
1363: mandir="/usr/share/catman/local"
1364: else
1365: mandir="/usr/catman/local"
1366: fi
1367: fi
1368: else
1369: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1370: if test -d "/usr/share/man/local"; then
1371: mandir="/usr/share/man/local"
1372: else
1373: mandir="/usr/man/local"
1374: fi
1375: fi
1376: fi
1377: # IRIX <= 4 needs -lsun
1.23 millert 1378: if test "$OSMAJOR" -le 4; then
1.1 millert 1379: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1380: fi
1.23 millert 1381: : ${mansectsu='1m'}
1382: : ${mansectform='4'}
1.1 millert 1383: ;;
1384: *-*-linux*)
1.23 millert 1385: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1.1 millert 1386: # Some Linux versions need to link with -lshadow
1.23 millert 1387: shadow_funcs="getspnam"
1388: shadow_libs_optional="-lshadow"
1.25 millert 1389: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.1 millert 1390: ;;
1391: *-convex-bsd*)
1.23 millert 1392: OSDEFS="${OSDEFS} -D_CONVEX_SOURCE"
1.1 millert 1393: if test -z "$GCC"; then
1394: CFLAGS="${CFLAGS} -D__STDC__"
1395: fi
1396:
1.23 millert 1397: shadow_defs="-D_AUDIT -D_ACL -DSecureWare"
1398: shadow_funcs="getprpwnam"
1399: shadow_libs="-lprot"
1.1 millert 1400: ;;
1401: *-*-ultrix*)
1402: OS="ultrix"
1.23 millert 1403: shadow_funcs="getauthuid"
1404: shadow_libs="-lauth"
1.1 millert 1405: ;;
1406: *-*-riscos*)
1407: LIBS="${LIBS} -lsun -lbsd"
1408: CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1409: OSDEFS="${OSDEFS} -D_MIPS"
1.23 millert 1410: : ${mansectsu='1m'}
1411: : ${mansectform='4'}
1.1 millert 1412: ;;
1413: *-*-isc*)
1414: OSDEFS="${OSDEFS} -D_ISC"
1415: LIB_CRYPT=1
1416: SUDO_LIBS="${SUDO_LIBS} -lcrypt"
1417: LIBS="${LIBS} -lcrypt"
1418:
1.23 millert 1419: shadow_funcs="getspnam"
1420: shadow_libs="-lsec"
1421:
1422: : ${mansectsu='1m'}
1423: : ${mansectform='4'}
1.1 millert 1424: ;;
1.7 millert 1425: *-*-sco*|*-sco-*)
1.23 millert 1426: shadow_funcs="getprpwnam"
1427: shadow_libs="-lprot -lx"
1428: : ${mansectsu='1m'}
1429: : ${mansectform='4'}
1.8 millert 1430: ;;
1431: m88k-motorola-sysv*)
1432: # motorolla's cc (a variant of gcc) does -O but not -O2
1433: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1.23 millert 1434: : ${mansectsu='1m'}
1435: : ${mansectform='4'}
1.1 millert 1436: ;;
1437: *-sequent-sysv*)
1.23 millert 1438: shadow_funcs="getspnam"
1439: shadow_libs="-lsec"
1440: : ${mansectsu='1m'}
1441: : ${mansectform='4'}
1442: : ${with_rpath='yes'}
1.7 millert 1443: ;;
1444: *-ncr-sysv4*|*-ncr-sysvr4*)
1445: AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
1.23 millert 1446: : ${mansectsu='1m'}
1447: : ${mansectform='4'}
1448: : ${with_rpath='yes'}
1.1 millert 1449: ;;
1.7 millert 1450: *-ccur-sysv4*|*-ccur-sysvr4*)
1.1 millert 1451: LIBS="${LIBS} -lgen"
1452: SUDO_LIBS="${SUDO_LIBS} -lgen"
1.23 millert 1453: : ${mansectsu='1m'}
1454: : ${mansectform='4'}
1455: : ${with_rpath='yes'}
1.1 millert 1456: ;;
1457: *-*-bsdi*)
1.14 millert 1458: SKIP_SETREUID=yes
1.5 millert 1459: # Use shlicc for BSD/OS [23].x unless asked to do otherwise
1460: if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
1.23 millert 1461: case "$OSMAJOR" in
1.15 millert 1462: 2|3) AC_MSG_NOTICE([using shlicc as CC])
1.5 millert 1463: ac_cv_prog_CC=shlicc
1464: CC="$ac_cv_prog_CC"
1465: ;;
1466: esac
1467: fi
1.23 millert 1468: # Check for newer BSD auth API (just check for >= 3.0?)
1469: if test -z "$with_bsdauth"; then
1.25 millert 1470: AC_CHECK_FUNCS(auth_challenge, [AUTH_EXCL_DEF="BSD_AUTH"])
1.23 millert 1471: fi
1.5 millert 1472: ;;
1473: *-*-freebsd*)
1.11 millert 1474: # FreeBSD has a real setreuid(2) starting with 2.1 and
1475: # backported to 2.0.5. We just take 2.1 and above...
1.23 millert 1476: case "$OSREV" in
1.11 millert 1477: 0.*|1.*|2.0*)
1.14 millert 1478: SKIP_SETREUID=yes
1.11 millert 1479: ;;
1480: esac
1.5 millert 1481: if test "$with_skey" = "yes"; then
1482: SUDO_LIBS="${SUDO_LIBS} -lmd"
1483: fi
1.25 millert 1484: CHECKSHADOW="false"
1485: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1486: : ${with_logincap='maybe'}
1.1 millert 1487: ;;
1.7 millert 1488: *-*-*openbsd*)
1.23 millert 1489: # OpenBSD has a real setreuid(2) starting with 3.3 but
1490: # we will use setreuid(2) instead.
1.14 millert 1491: SKIP_SETREUID=yes
1.25 millert 1492: CHECKSHADOW="false"
1.23 millert 1493: # OpenBSD >= 3.0 supports BSD auth
1494: if test -z "$with_bsdauth"; then
1495: case "$OSREV" in
1496: [0-2].*)
1497: ;;
1498: *)
1.25 millert 1499: AUTH_EXCL_DEF="BSD_AUTH"
1.23 millert 1500: ;;
1501: esac
1502: fi
1503: : ${with_logincap='maybe'}
1.7 millert 1504: ;;
1505: *-*-*netbsd*)
1.11 millert 1506: # NetBSD has a real setreuid(2) starting with 1.3.2
1.23 millert 1507: case "$OSREV" in
1.11 millert 1508: 0.9*|1.[012]*|1.3|1.3.1)
1.14 millert 1509: SKIP_SETREUID=yes
1.11 millert 1510: ;;
1511: esac
1.25 millert 1512: CHECKSHADOW="false"
1513: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1514: : ${with_logincap='maybe'}
1515: ;;
1516: *-*-dragonfly*)
1517: if test "$with_skey" = "yes"; then
1518: SUDO_LIBS="${SUDO_LIBS} -lmd"
1519: fi
1.25 millert 1520: CHECKSHADOW="false"
1521: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1522: : ${with_logincap='yes'}
1.7 millert 1523: ;;
1.1 millert 1524: *-*-*bsd*)
1.25 millert 1525: CHECKSHADOW="false"
1.19 millert 1526: ;;
1527: *-*-darwin*)
1528: SKIP_SETREUID=yes
1.25 millert 1529: CHECKSHADOW="false"
1530: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1531: : ${with_logincap='yes'}
1.1 millert 1532: ;;
1.7 millert 1533: *-*-nextstep*)
1534: # lockf() on is broken on the NeXT -- use flock instead
1535: ac_cv_func_lockf=no
1536: ac_cv_func_flock=yes
1537: ;;
1.15 millert 1538: *-*-*sysv4*)
1.23 millert 1539: : ${mansectsu='1m'}
1540: : ${mansectform='4'}
1541: : ${with_rpath='yes'}
1.15 millert 1542: ;;
1.5 millert 1543: *-*-sysv*)
1.23 millert 1544: : ${mansectsu='1m'}
1545: : ${mansectform='4'}
1546: ;;
1547: *-gnu*)
1548: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1.5 millert 1549: ;;
1.1 millert 1550: esac
1551:
1552: dnl
1.25 millert 1553: dnl Check for mixing mutually exclusive and regular auth methods
1554: dnl
1555: AUTH_REG=${AUTH_REG# }
1556: AUTH_EXCL=${AUTH_EXCL# }
1557: if test -n "$AUTH_EXCL"; then
1558: set -- $AUTH_EXCL
1559: if test $# != 1; then
1560: AC_MSG_ERROR([More than one mutually exclusive authentication method specified: $AUTH_EXCL])
1561: fi
1562: if test -n "$AUTH_REG"; then
1563: AC_MSG_ERROR([Cannot mix mutually exclusive ($AUTH_EXCL) and regular ($AUTH_REG) authentication methods])
1564: fi
1565: fi
1566: dnl
1567: dnl Only one of S/Key and OPIE may be specified
1568: dnl
1569: if test X"${with_skey}${with_opie}" = X"yesyes"; then
1570: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
1571: fi
1572:
1573: dnl
1.5 millert 1574: dnl Use BSD-style man sections by default
1575: dnl
1.23 millert 1576: : ${mansectsu='8'}
1577: : ${mansectform='5'}
1.5 millert 1578:
1579: dnl
1.15 millert 1580: dnl Add in any libpaths or libraries specified via configure
1581: dnl
1582: if test -n "$with_libpath"; then
1583: for i in ${with_libpath}; do
1584: SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
1585: done
1586: fi
1587: if test -n "$with_libraries"; then
1588: for i in ${with_libraries}; do
1589: case $i in
1590: -l*) ;;
1591: *.a) ;;
1592: *.o) ;;
1593: *) i="-l${i}";;
1594: esac
1595: LIBS="${LIBS} ${i}"
1596: done
1597: fi
1598:
1599: dnl
1.1 millert 1600: dnl C compiler checks (to be done after os checks)
1601: dnl
1602: AC_PROG_GCC_TRADITIONAL
1603: AC_C_CONST
1.7 millert 1604: AC_C_VOLATILE
1.1 millert 1605: dnl
1606: dnl Program checks
1607: dnl
1608: AC_PROG_YACC
1.7 millert 1609: SUDO_PROG_MV
1610: SUDO_PROG_BSHELL
1.1 millert 1611: if test -z "$with_sendmail"; then
1612: SUDO_PROG_SENDMAIL
1613: fi
1.7 millert 1614: if test -z "$with_editor"; then
1615: SUDO_PROG_VI
1616: fi
1.1 millert 1617: dnl
1618: dnl Header file checks
1619: dnl
1620: AC_HEADER_STDC
1621: AC_HEADER_DIRENT
1.23 millert 1622: AC_HEADER_TIME
1.7 millert 1623: AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h)
1.23 millert 1624: AC_CHECK_HEADERS([err.h], [], [AC_LIBOBJ(err)])
1.1 millert 1625: dnl ultrix termio/termios are broken
1626: if test "$OS" != "ultrix"; then
1.7 millert 1627: AC_SYS_POSIX_TERMIOS
1628: if test "$ac_cv_sys_posix_termios" = "yes"; then
1.21 millert 1629: AC_DEFINE(HAVE_TERMIOS_H)
1.7 millert 1630: else
1631: AC_CHECK_HEADERS(termio.h)
1632: fi
1.1 millert 1633: fi
1.23 millert 1634: if test ${with_logincap-'no'} != "no"; then
1.29 ! millert 1635: AC_CHECK_HEADERS(login_cap.h, [
! 1636: case "$OS" in
! 1637: freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil"
! 1638: ;;
! 1639: esac
! 1640: ])
1.6 millert 1641: fi
1.23 millert 1642: if test ${with_project-'no'} != "no"; then
1643: AC_CHECK_HEADER(project.h, AC_DEFINE(HAVE_PROJECT_H)
1644: [SUDO_LIBS="${SUDO_LIBS} -lproject"], -)
1.6 millert 1645: fi
1.1 millert 1646: dnl
1647: dnl typedef checks
1648: dnl
1649: AC_TYPE_MODE_T
1650: AC_TYPE_UID_T
1.21 millert 1651: AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int)], [#include <sys/types.h>
1.7 millert 1652: #include <signal.h>])
1.23 millert 1653: AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T)], [], [#include <sys/types.h>
1.7 millert 1654: #include <signal.h>])
1.23 millert 1655: AC_CHECK_TYPE([struct timespec], [AC_DEFINE(HAVE_TIMESPEC)], [], [#include <sys/types.h>
1656: #if TIME_WITH_SYS_TIME
1657: # include <sys/time.h>
1.29 ! millert 1658: #endif
! 1659: #include <time.h>])
! 1660: AC_CHECK_TYPES([struct in6_addr], [AC_DEFINE(HAVE_IN6_ADDR)], [], [#include <sys/types.h>
! 1661: #include <netinet/in.h>])
1.1 millert 1662: SUDO_TYPE_SIZE_T
1663: SUDO_TYPE_SSIZE_T
1664: SUDO_TYPE_DEV_T
1665: SUDO_TYPE_INO_T
1666: SUDO_FULL_VOID
1667: SUDO_UID_T_LEN
1.23 millert 1668: SUDO_TYPE_LONG_LONG
1.1 millert 1669: SUDO_SOCK_SA_LEN
1670: dnl
1671: dnl only set RETSIGTYPE if it is not set already
1672: dnl
1673: case "$DEFS" in
1674: *"RETSIGTYPE"*) ;;
1675: *) AC_TYPE_SIGNAL;;
1676: esac
1677: dnl
1678: dnl Function checks
1679: dnl
1.7 millert 1680: AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
1.23 millert 1681: strftime setrlimit initgroups getgroups fstat gettimeofday \
1.24 millert 1682: setlocale getaddrinfo)
1.14 millert 1683: if test -z "$SKIP_SETRESUID"; then
1684: AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes])
1685: fi
1686: if test -z "$SKIP_SETREUID"; then
1.23 millert 1687: AC_CHECK_FUNCS(setreuid, [SKIP_SETEUID=yes])
1688: fi
1689: if test -z "$SKIP_SETEUID"; then
1690: AC_CHECK_FUNCS(seteuid)
1.7 millert 1691: fi
1692: if test X"$with_interfaces" != X"no"; then
1.14 millert 1693: AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
1.7 millert 1694: fi
1.1 millert 1695: if test -z "$BROKEN_GETCWD"; then
1.7 millert 1696: AC_REPLACE_FUNCS(getcwd)
1.1 millert 1697: fi
1.23 millert 1698: AC_CHECK_FUNCS(glob, [AC_MSG_CHECKING(for GLOB_BRACE and GLOB_TILDE in glob.h)
1699: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <glob.h>]], [[int i = GLOB_BRACE | GLOB_TILDE; (void)i;]])], [AC_DEFINE(HAVE_EXTENDED_GLOB)
1700: AC_MSG_RESULT(yes)], [AC_LIBOBJ(glob)
1701: AC_MSG_RESULT(no)])], [AC_LIBOBJ(glob)])
1.7 millert 1702: AC_CHECK_FUNCS(lockf flock, [break])
1703: AC_CHECK_FUNCS(waitpid wait3, [break])
1.14 millert 1704: AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
1.23 millert 1705: AC_CHECK_FUNCS(lsearch, [], [AC_CHECK_LIB([compat], [lsearch], [AC_CHECK_HEADER([search.h], [AC_DEFINE(HAVE_LSEARCH)] [LIBS="${LIBS} -lcompat"], [AC_LIBOBJ(lsearch)], -)], [AC_LIBOBJ(lsearch)])])
1.21 millert 1706: AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
1.23 millert 1707: SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH)], [AC_LIBOBJ(fnmatch)])
1.7 millert 1708: SUDO_FUNC_ISBLANK
1.23 millert 1709: AC_REPLACE_FUNCS(memrchr strerror strcasecmp sigaction strlcpy strlcat)
1710: AC_CHECK_FUNCS(closefrom, [], [AC_LIBOBJ(closefrom)
1711: AC_CHECK_DECL(F_CLOSEM, AC_DEFINE(HAVE_FCNTL_CLOSEM), [],
1712: [ #include <limits.h>
1713: #include <fcntl.h> ])
1714: ])
1715: AC_CHECK_FUNCS(mkstemp, [], [SUDO_OBJS="${SUDO_OBJS} mkstemp.o"
1716: AC_CHECK_FUNCS(random lrand48, [break])
1717: ])
1.7 millert 1718: AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
1.22 millert 1719: if test X"$ac_cv_type_struct_timespec" != X"no"; then
1720: AC_CHECK_MEMBER([struct stat.st_mtim], AC_DEFINE(HAVE_ST_MTIM), [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
1721: AC_MSG_CHECKING([for two-parameter timespecsub])
1.23 millert 1722: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1723: #include <sys/time.h>]], [[struct timespec ts1, ts2;
1.22 millert 1724: ts1.tv_sec = 1; ts1.tv_nsec = 0; ts2.tv_sec = 0; ts2.tv_nsec = 0;
1725: #ifndef timespecsub
1726: #error missing timespecsub
1727: #endif
1.23 millert 1728: timespecsub(&ts1, &ts2);]])], [AC_DEFINE(HAVE_TIMESPECSUB2)
1729: AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no)])
1.22 millert 1730: fi
1.21 millert 1731: dnl
1732: dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR.
1733: dnl
1.23 millert 1734: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1735: #include <$ac_header_dirent>]], [[DIR d; (void)dirfd(&d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_TRY_LINK([#include <sys/types.h>
1.24 millert 1736: #include <$ac_header_dirent>], [DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);], [AC_DEFINE(HAVE_DD_FD)])])
1.1 millert 1737: dnl
1738: dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
1739: dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
1740: dnl
1741: if test -n "$NEED_SNPRINTF"; then
1.7 millert 1742: AC_LIBOBJ(snprintf)
1.1 millert 1743: fi
1744: dnl
1745: dnl If socket(2) not in libc, check -lsocket and -linet
1746: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1747: dnl In this case we look for main(), not socket() to avoid using a cached value
1748: dnl
1.7 millert 1749: AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
1750: AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
1.1 millert 1751: dnl
1752: dnl If inet_addr(3) not in libc, check -lnsl and -linet
1753: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1754: dnl
1.7 millert 1755: AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
1756: AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
1.1 millert 1757: dnl
1758: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
1759: dnl
1.7 millert 1760: AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
1.1 millert 1761: dnl
1762: dnl Bison and DCE use alloca(3), if not in libc, use the sudo one (from gcc)
1763: dnl (gcc includes its own alloca(3) but other compilers may not)
1764: dnl
1765: if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then
1766: AC_FUNC_ALLOCA
1767: fi
1.16 millert 1768: dnl
1769: dnl Check for getprogname() or __progname
1770: dnl
1771: AC_CHECK_FUNCS(getprogname, , [
1772: AC_MSG_CHECKING([for __progname])
1773: AC_CACHE_VAL(sudo_cv___progname, [
1.23 millert 1774: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern char *__progname; (void)puts(__progname);]])], [sudo_cv___progname=yes], [sudo_cv___progname=no])])
1.16 millert 1775: if test "$sudo_cv___progname" = "yes"; then
1.21 millert 1776: AC_DEFINE(HAVE___PROGNAME)
1.16 millert 1777: else
1778: AC_LIBOBJ(getprogname)
1779: fi
1780: AC_MSG_RESULT($sudo_cv___progname)
1781: ])
1.25 millert 1782:
1783: dnl
1784: dnl Mutually exclusive auth checks come first, followed by
1785: dnl non-exclusive ones. Note: passwd must be last of all!
1786: dnl
1787:
1788: dnl
1789: dnl Convert default authentication methods to with_* if
1790: dnl no explicit authentication scheme was specified.
1791: dnl
1792: if test -z "${AUTH_EXCL}${AUTH_REG}" -a -n "$AUTH_EXCL_DEF"; then
1793: for auth in $AUTH_EXCL_DEF; do
1794: case $auth in
1795: AIX_AUTH) with_aixauth=maybe;;
1796: BSD_AUTH) with_bsdauth=maybe;;
1797: PAM) with_pam=maybe;;
1798: SIA) CHECKSIA=true;;
1799: esac
1800: done
1801: fi
1802:
1803: dnl
1804: dnl PAM support. Systems that use PAM by default set with_pam=default
1805: dnl and we do the actual tests here.
1806: dnl
1807: if test ${with_pam-"no"} != "no"; then
1808: dnl
1809: dnl Linux may need this
1810: dnl
1811: AC_CHECK_LIB([dl], [main], [SUDO_LIBS="${SUDO_LIBS} -lpam -ldl"], [SUDO_LIBS="${SUDO_LIBS} -lpam"])
1812: ac_cv_lib_dl=ac_cv_lib_dl_main
1813:
1814: dnl
1815: dnl Some PAM implementations (MacOS X for example) put the PAM headers
1816: dnl in /usr/include/pam instead of /usr/include/security...
1817: dnl
1818: AC_CHECK_HEADERS([security/pam_appl.h] [pam/pam_appl.h], [with_pam=yes; break])
1819: if test "$with_pam" = "yes"; then
1820: AC_DEFINE(HAVE_PAM)
1821: AUTH_OBJS="$AUTH_OBJS pam.o";
1822: AUTH_EXCL=PAM
1.28 millert 1823: AC_MSG_CHECKING(whether to use PAM session support)
1824: AC_ARG_ENABLE(pam_session,
1825: [ --disable-pam-session Disable PAM session support],
1826: [ case "$enableval" in
1827: yes) AC_MSG_RESULT(yes)
1828: ;;
1829: no) AC_MSG_RESULT(no)
1830: AC_DEFINE(NO_PAM_SESSION)
1831: ;;
1832: *) AC_MSG_RESULT(no)
1833: AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval])
1834: ;;
1835: esac], AC_MSG_RESULT(yes))
1.25 millert 1836: fi
1837: fi
1838:
1839: dnl
1840: dnl AIX general authentication
1841: dnl If set to "maybe" only enable if no other exclusive method in use.
1842: dnl
1843: if test ${with_aixauth-'no'} != "no"; then
1844: if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
1845: AC_MSG_NOTICE([using AIX general authentication])
1846: AC_DEFINE(HAVE_AIXAUTH)
1847: AUTH_OBJS="$AUTH_OBJS aix_auth.o";
1848: SUDO_LIBS="${SUDO_LIBS} -ls"
1849: AUTH_EXCL=AIX_AUTH
1850: fi
1851: fi
1852:
1853: dnl
1854: dnl BSD authentication
1855: dnl If set to "maybe" only enable if no other exclusive method in use.
1856: dnl
1857: if test ${with_bsdauth-'no'} != "no"; then
1858: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
1859: [AUTH_OBJS="$AUTH_OBJS bsdauth.o"]
1860: [BSDAUTH_USAGE='[[-a auth_type]] ']
1861: [AUTH_EXCL=BSD_AUTH],
1862: [AC_MSG_ERROR([BSD authentication was specified but bsd_auth.h could not be found])])
1863: fi
1864:
1865: dnl
1866: dnl SIA authentication for Tru64 Unix
1867: dnl
1868: if test ${CHECKSIA-'false'} = "true"; then
1869: AC_CHECK_FUNCS(sia_ses_init, [found=true], [found=false])
1870: if test "$found" = "true"; then
1871: AUTH_EXCL=SIA
1872: AUTH_OBJS="$AUTH_OBJS sia.o"
1873: fi
1874: fi
1875:
1876: dnl
1877: dnl extra FWTK libs + includes
1878: dnl
1879: if test ${with_fwtk-'no'} != "no"; then
1880: if test "$with_fwtk" != "yes"; then
1881: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_fwtk}])
1882: CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
1883: with_fwtk=yes
1884: fi
1885: SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall"
1886: AUTH_OBJS="$AUTH_OBJS fwtk.o"
1887: fi
1888:
1889: dnl
1890: dnl extra SecurID lib + includes
1891: dnl
1892: if test ${with_SecurID-'no'} != "no"; then
1893: if test "$with_SecurID" != "yes"; then
1894: :
1895: elif test -d /usr/ace/examples; then
1896: with_SecurID=/usr/ace/examples
1897: else
1898: with_SecurID=/usr/ace
1899: fi
1900: CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
1901: _LDFLAGS="${LDFLAGS}"
1902: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_SecurID}])
1903: #
1904: # Determine whether to use the new or old SecurID API
1905: #
1906: AC_CHECK_LIB(aceclnt, SD_Init,
1907: [
1908: AUTH_OBJS="$AUTH_OBJS securid5.o";
1909: SUDO_LIBS="${SUDO_LIBS} -laceclnt -lpthread"
1910: ]
1911: [
1912: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_SecurID}])
1913: ], [
1914: AUTH_OBJS="$AUTH_OBJS securid.o";
1915: SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
1916: ],
1917: [
1918: -lpthread
1919: ]
1920: )
1921: LDFLAGS="${_LDFLAGS}"
1922: fi
1923:
1924: dnl
1925: dnl Non-mutually exclusive auth checks come next.
1926: dnl Note: passwd must be last of all!
1927: dnl
1928:
1929: dnl
1930: dnl Convert default authentication methods to with_* if
1931: dnl no explicit authentication scheme was specified.
1932: dnl
1933: if test -z "${AUTH_EXCL}" -a -n "$AUTH_DEF"; then
1934: for auth in $AUTH_DEF; do
1935: case $auth in
1936: passwd) : ${with_passwd='maybe'};;
1937: esac
1938: done
1939: fi
1940:
1.1 millert 1941: dnl
1.15 millert 1942: dnl Kerberos IV
1.1 millert 1943: dnl
1.25 millert 1944: if test ${with_kerb4-'no'} != "no"; then
1.21 millert 1945: AC_DEFINE(HAVE_KERB4)
1.15 millert 1946: dnl
1947: dnl Use the specified directory, if any, else search for correct inc dir
1948: dnl
1949: O_LDFLAGS="$LDFLAGS"
1950: if test "$with_kerb4" = "yes"; then
1951: found=no
1952: O_CPPFLAGS="$CPPFLAGS"
1953: for dir in "" "kerberosIV/" "krb4/" "kerberos4/" "kerberosv4/"; do
1954: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1.23 millert 1955: AC_PREPROC_IFELSE([#include <krb.h>], [found=yes; break])
1.15 millert 1956: done
1957: test X"$found" = X"no" && CPPFLAGS="$O_CPPFLAGS"
1.1 millert 1958: else
1.15 millert 1959: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_kerb4}/lib])
1960: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb4}/lib])
1961: CPPFLAGS="$CPPFLAGS -I${with_kerb4}/include"
1962: AC_CHECK_HEADER([krb.h], [found=yes], [found=no])
1963: fi
1964: if test X"$found" = X"no"; then
1965: AC_MSG_WARN([Unable to locate Kerberos IV include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
1.1 millert 1966: fi
1967:
1.15 millert 1968: dnl
1969: dnl Check for -ldes vs. -ldes425
1970: dnl
1971: AC_CHECK_LIB(des, des_cbc_encrypt, [K4LIBS="-ldes"], [
1972: AC_CHECK_LIB(des425, des_cbc_encrypt, [K4LIBS="-ldes425"], [K4LIBS=""])
1973: ])
1974: dnl
1975: dnl Try to determine whether we have KTH or MIT/CNS Kerberos IV
1976: dnl
1977: AC_MSG_CHECKING(whether we are using KTH Kerberos IV)
1.23 millert 1978: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb.h>]], [[const char *tmp = krb4_version;]])], [
1.15 millert 1979: AC_MSG_RESULT(yes)
1980: K4LIBS="${K4LIBS} -lcom_err"
1981: AC_CHECK_LIB(roken, main, [K4LIBS="${K4LIBS} -lroken"])
1982: ], [
1983: AC_MSG_RESULT(no)
1984: ]
1985: )
1986: dnl
1987: dnl The actual Kerberos IV lib might be -lkrb or -lkrb4
1988: dnl
1989: AC_CHECK_LIB(krb, main, [K4LIBS="-lkrb $K4LIBS"], [
1990: AC_CHECK_LIB(krb4, main, [K4LIBS="-lkrb4 $K4LIBS"],
1991: [K4LIBS="-lkrb $K4LIBS"]
1992: [AC_MSG_WARN([Unable to locate Kerberos IV libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS and possibly add Kerberos libs to SUDO_LIBS])]
1993: , [$K4LIBS])
1994: ], [$K4LIBS])
1995: LDFLAGS="$O_LDFLAGS"
1996: SUDO_LIBS="${SUDO_LIBS} $K4LIBS"
1.25 millert 1997: AUTH_OBJS="$AUTH_OBJS kerb4.o"
1.15 millert 1998: fi
1999:
2000: dnl
2001: dnl Kerberos V
1.16 millert 2002: dnl There is an easy way and a hard way...
1.15 millert 2003: dnl
1.25 millert 2004: if test ${with_kerb5-'no'} != "no"; then
1.16 millert 2005: AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
2006: if test -n "$KRB5CONFIG"; then
1.21 millert 2007: AC_DEFINE(HAVE_KERB5)
1.25 millert 2008: AUTH_OBJS="$AUTH_OBJS kerb5.o"
1.16 millert 2009: CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
2010: SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"
1.17 millert 2011: dnl
2012: dnl Try to determine whether we have Heimdal or MIT Kerberos
2013: dnl
2014: AC_MSG_CHECKING(whether we are using Heimdal)
1.23 millert 2015: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
1.17 millert 2016: AC_MSG_RESULT(yes)
1.21 millert 2017: AC_DEFINE(HAVE_HEIMDAL)
1.25 millert 2018: ], [
1.23 millert 2019: AC_MSG_RESULT(no)
1.17 millert 2020: ]
2021: )
1.16 millert 2022: fi
2023: fi
1.25 millert 2024: if test ${with_kerb5-'no'} != "no" -a -z "$KRB5CONFIG"; then
1.21 millert 2025: AC_DEFINE(HAVE_KERB5)
1.15 millert 2026: dnl
2027: dnl Use the specified directory, if any, else search for correct inc dir
2028: dnl
2029: if test "$with_kerb5" = "yes"; then
2030: found=no
2031: O_CPPFLAGS="$CPPFLAGS"
2032: for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
2033: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1.23 millert 2034: AC_PREPROC_IFELSE([#include <krb5.h>], [found=yes; break])
1.15 millert 2035: done
2036: if test X"$found" = X"no"; then
2037: CPPFLAGS="$O_CPPFLAGS"
2038: AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
2039: fi
1.1 millert 2040: else
1.15 millert 2041: dnl XXX - try to include krb5.h here too
2042: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb5}/lib])
2043: CPPFLAGS="$CPPFLAGS -I${with_kerb5}/include"
1.1 millert 2044: fi
2045:
1.15 millert 2046: dnl
2047: dnl Try to determine whether we have Heimdal or MIT Kerberos
2048: dnl
2049: AC_MSG_CHECKING(whether we are using Heimdal)
1.23 millert 2050: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
1.15 millert 2051: AC_MSG_RESULT(yes)
1.21 millert 2052: AC_DEFINE(HAVE_HEIMDAL)
1.23 millert 2053: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lcrypto -ldes -lcom_err -lasn1"
1.15 millert 2054: AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"])
2055: ], [
2056: AC_MSG_RESULT(no)
2057: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
1.23 millert 2058:
2059: ])
1.25 millert 2060: AUTH_OBJS="$AUTH_OBJS kerb5.o"
1.23 millert 2061: _LIBS="$LIBS"
2062: LIBS="${LIBS} ${SUDO_LIBS}"
2063: AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
2064: LIBS="$_LIBS"
2065: fi
2066:
2067: dnl
1.1 millert 2068: dnl extra AFS libs and includes
2069: dnl
1.25 millert 2070: if test ${with_AFS-'no'} = "yes"; then
1.1 millert 2071:
2072: # looks like the "standard" place for AFS libs is /usr/afsws/lib
2073: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
2074: for i in $AFSLIBDIRS; do
2075: if test -d ${i}; then
1.15 millert 2076: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [$i])
1.1 millert 2077: FOUND_AFSLIBDIR=true
2078: fi
2079: done
2080: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 2081: AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDO_LDFLAGS or rerun configure with the --with-libpath options.])
1.1 millert 2082: fi
2083:
2084: # Order is important here. Note that we build AFS_LIBS from right to left
2085: # since AFS_LIBS may be initialized with BSD compat libs that must go last
2086: AFS_LIBS="-laudit ${AFS_LIBS}"
2087: for i in $AFSLIBDIRS; do
2088: if test -f ${i}/util.a; then
2089: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
2090: FOUND_UTIL_A=true
2091: break;
2092: fi
2093: done
2094: if test -z "$FOUND_UTIL_A"; then
2095: AFS_LIBS="-lutil ${AFS_LIBS}"
2096: fi
2097: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
2098:
2099: # AFS includes may live in /usr/include on some machines...
2100: for i in /usr/afsws/include; do
2101: if test -d ${i}; then
2102: CPPFLAGS="${CPPFLAGS} -I${i}"
2103: FOUND_AFSINCDIR=true
2104: fi
2105: done
2106:
2107: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 2108: AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
1.1 millert 2109: fi
1.25 millert 2110:
2111: AUTH_OBJS="$AUTH_OBJS afs.o"
1.1 millert 2112: fi
2113:
2114: dnl
2115: dnl extra DCE obj + lib
2116: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
2117: dnl
1.25 millert 2118: if test ${with_DCE-'no'} = "yes"; then
1.1 millert 2119: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
2120: SUDO_LIBS="${SUDO_LIBS} -ldce"
1.25 millert 2121: AUTH_OBJS="$AUTH_OBJS dce.o"
1.5 millert 2122: fi
2123:
2124: dnl
1.1 millert 2125: dnl extra S/Key lib and includes
2126: dnl
1.25 millert 2127: if test ${with_skey-'no'} = "yes"; then
1.15 millert 2128: O_LDFLAGS="$LDFLAGS"
2129: if test "$with_skey" != "yes"; then
2130: CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
2131: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_skey}/lib])
2132: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_skey}/lib])
2133: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes], [found=no])
1.1 millert 2134: else
1.15 millert 2135: found=no
2136: O_CPPFLAGS="$CPPFLAGS"
2137: for dir in "" "/usr/local" "/usr/contrib"; do
2138: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1.23 millert 2139: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes; break])
1.15 millert 2140: done
2141: if test "$found" = "no" -o -z "$dir"; then
2142: CPPFLAGS="$O_CPPFLAGS"
2143: else
2144: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2145: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2146: fi
1.1 millert 2147: fi
1.15 millert 2148: if test "$found" = "no"; then
2149: AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
2150: fi
2151: AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])])
1.21 millert 2152: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
1.15 millert 2153: LDFLAGS="$O_LDFLAGS"
2154: SUDO_LIBS="${SUDO_LIBS} -lskey"
1.25 millert 2155: AUTH_OBJS="$AUTH_OBJS rfc1938.o"
1.1 millert 2156: fi
2157:
2158: dnl
2159: dnl extra OPIE lib and includes
2160: dnl
1.25 millert 2161: if test ${with_opie-'no'} = "yes"; then
1.15 millert 2162: O_LDFLAGS="$LDFLAGS"
2163: if test "$with_opie" != "yes"; then
2164: CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
2165: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_opie}/lib])
2166: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_opie}/lib])
2167: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes], [found=no])
1.1 millert 2168: else
1.15 millert 2169: found=no
2170: O_CPPFLAGS="$CPPFLAGS"
2171: for dir in "" "/usr/local" "/usr/contrib"; do
2172: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1.23 millert 2173: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes; break])
1.15 millert 2174: done
2175: if test "$found" = "no" -o -z "$dir"; then
2176: CPPFLAGS="$O_CPPFLAGS"
2177: else
2178: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2179: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2180: fi
2181: fi
2182: if test "$found" = "no"; then
2183: AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
1.1 millert 2184: fi
1.15 millert 2185: AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDO_LDFLAGS])])
2186: LDFLAGS="$O_LDFLAGS"
2187: SUDO_LIBS="${SUDO_LIBS} -lopie"
1.25 millert 2188: AUTH_OBJS="$AUTH_OBJS rfc1938.o"
1.1 millert 2189: fi
2190:
2191: dnl
1.25 millert 2192: dnl Check for shadow password routines if we have not already done so.
2193: dnl If there is a specific list of functions to check we do that first.
2194: dnl Otherwise, we check for SVR4-style and then SecureWare-style.
1.1 millert 2195: dnl
1.25 millert 2196: if test ${with_passwd-'no'} != "no"; then
2197: dnl
2198: dnl if crypt(3) not in libc, look elsewhere
2199: dnl
2200: if test -z "$LIB_CRYPT" -a "$with_passwd" != "no"; then
2201: AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
1.1 millert 2202: fi
2203:
1.25 millert 2204: if test "$CHECKSHADOW" = "true" -a -n "$shadow_funcs"; then
2205: _LIBS="$LIBS"
2206: LIBS="$LIBS $shadow_libs"
2207: found=no
2208: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2209: if test "$found" = "yes"; then
2210: SUDO_LIBS="$SUDO_LIBS $shadow_libs"
2211: elif test -n "$shadow_libs_optional"; then
2212: LIBS="$LIBS $shadow_libs_optional"
2213: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2214: if test "$found" = "yes"; then
2215: SUDO_LIBS="$SUDO_LIBS $shadow_libs $shadow_libs_optional"
2216: fi
2217: fi
2218: if test "$found" = "yes"; then
2219: case "$shadow_funcs" in
2220: *getprpwnam*) SECUREWARE=1;;
2221: esac
2222: test -n "$shadow_defs" && OSDEFS="${OSDEFS} $shadow_defs"
2223: else
2224: LIBS="$_LIBS"
2225: fi
2226: CHECKSHADOW=false
2227: fi
2228: if test "$CHECKSHADOW" = "true"; then
2229: AC_SEARCH_LIBS([getspnam], [gen], [AC_DEFINE(HAVE_GETSPNAM)] [CHECKSHADOW=false; test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
1.15 millert 2230: fi
1.25 millert 2231: if test "$CHECKSHADOW" = "true"; then
2232: AC_SEARCH_LIBS([getprpwnam], [sec security prot], [AC_DEFINE(HAVE_GETPRPWNAM)] [CHECKSHADOW=false; SECUREWARE=1; test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
1.23 millert 2233: fi
1.25 millert 2234: if test -n "$SECUREWARE"; then
2235: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
2236: AUTH_OBJS="$AUTH_OBJS secureware.o"
1.23 millert 2237: fi
1.1 millert 2238: fi
2239:
2240: dnl
1.21 millert 2241: dnl extra lib and .o file for LDAP support
2242: dnl
1.25 millert 2243: if test ${with_ldap-'no'} != "no"; then
1.23 millert 2244: _LDFLAGS="$LDFLAGS"
1.21 millert 2245: if test "$with_ldap" != "yes"; then
2246: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_ldap}/lib])
2247: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib])
2248: CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
2249: with_ldap=yes
2250: fi
2251: SUDO_OBJS="${SUDO_OBJS} ldap.o"
2252:
2253: AC_MSG_CHECKING([for LDAP libraries])
2254: LDAP_LIBS=""
2255: _LIBS="$LIBS"
2256: found=no
2257: for l in -lldap -llber '-lssl -lcrypto'; do
2258: LIBS="${LIBS} $l"
2259: LDAP_LIBS="${LDAP_LIBS} $l"
1.23 millert 2260: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1.21 millert 2261: #include <lber.h>
1.23 millert 2262: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [found=yes; break])
1.21 millert 2263: done
1.23 millert 2264: dnl if nothing linked just try with -lldap
1.21 millert 2265: if test "$found" = "no"; then
1.23 millert 2266: LDAP_LIBS=" -lldap"
2267: AC_MSG_RESULT([not found, using -lldap])
1.21 millert 2268: else
2269: AC_MSG_RESULT([$LDAP_LIBS])
2270: fi
2271: dnl try again w/o explicitly including lber.h
2272: AC_MSG_CHECKING([whether lber.h is needed])
1.23 millert 2273: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2274: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [AC_MSG_RESULT([no])], [
1.21 millert 2275: AC_MSG_RESULT([yes])
2276: AC_DEFINE(HAVE_LBER_H)])
2277:
2278: AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s)
2279:
2280: SUDO_LIBS="${SUDO_LIBS}${LDAP_LIBS}"
2281: LIBS="$_LIBS"
2282: LDFLAGS="$_LDFLAGS"
1.23 millert 2283: # XXX - OpenLDAP has deprecated ldap_get_values()
2284: CPPFLAGS="${CPPFLAGS} -DLDAP_DEPRECATED"
1.21 millert 2285: fi
2286:
2287: dnl
1.15 millert 2288: dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we
2289: dnl added -L dirpaths to SUDO_LDFLAGS.
2290: dnl
2291: if test -n "$blibpath"; then
2292: if test -n "$blibpath_add"; then
2293: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}${blibpath_add}"
2294: elif test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
2295: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}"
2296: fi
2297: fi
2298:
2299: dnl
1.1 millert 2300: dnl Check for log file and timestamp locations
2301: dnl
2302: SUDO_LOGFILE
2303: SUDO_TIMEDIR
2304:
2305: dnl
2306: dnl Use passwd (and secureware) auth modules?
2307: dnl
1.25 millert 2308: case "$with_passwd" in
2309: yes|maybe)
2310: AUTH_OBJS="$AUTH_OBJS passwd.o"
1.23 millert 2311: ;;
2312: *)
1.21 millert 2313: AC_DEFINE(WITHOUT_PASSWD)
1.1 millert 2314: if test -z "$AUTH_OBJS"; then
2315: AC_MSG_ERROR([no authentication methods defined.])
2316: fi
1.23 millert 2317: ;;
2318: esac
1.25 millert 2319: AUTH_OBJS=${AUTH_OBJS# }
1.23 millert 2320: _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
2321: AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
1.1 millert 2322:
2323: dnl
2324: dnl LIBS may contain duplicates from SUDO_LIBS or NET_LIBS so prune it.
2325: dnl
2326: if test -n "$LIBS"; then
2327: L="$LIBS"
2328: LIBS=
2329: for l in ${L}; do
2330: dupe=0
2331: for sl in ${SUDO_LIBS} ${NET_LIBS}; do
2332: test $l = $sl && dupe=1
2333: done
2334: test $dupe = 0 && LIBS="${LIBS} $l"
2335: done
2336: fi
2337:
2338: dnl
2339: dnl Set exec_prefix
2340: dnl
2341: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
2342:
2343: dnl
1.21 millert 2344: dnl Defer setting _PATH_SUDO_NOEXEC until after exec_prefix is set
2345: dnl XXX - this is gross!
2346: dnl
2347: if test "$with_noexec" != "no"; then
2348: PROGS="${PROGS} sudo_noexec.la"
2349: INSTALL_NOEXEC="install-noexec"
2350:
2351: oexec_prefix="$exec_prefix"
2352: if test "$exec_prefix" = '$(prefix)'; then
2353: if test "$prefix" = "NONE"; then
2354: exec_prefix="$ac_default_prefix"
2355: else
2356: exec_prefix="$prefix"
2357: fi
2358: fi
2359: eval noexec_file="$with_noexec"
2360: AC_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so])
2361: exec_prefix="$oexec_prefix"
2362: fi
2363:
2364: dnl
1.5 millert 2365: dnl Substitute into the Makefile and man pages
1.1 millert 2366: dnl
1.23 millert 2367: AC_CONFIG_FILES([Makefile sudo.man visudo.man sudoers.man])
2368: AC_OUTPUT
1.1 millert 2369:
2370: dnl
2371: dnl Spew any text the user needs to know about
2372: dnl
2373: if test "$with_pam" = "yes"; then
2374: case $host in
2375: *-*-linux*)
1.15 millert 2376: AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
1.1 millert 2377: ;;
2378: esac
2379: fi
1.7 millert 2380:
2381: dnl
1.21 millert 2382: dnl Autoheader templates
2383: dnl
2384: AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.])
2385: AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.])
2386: AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.])
2387: AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
2388: AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
2389: AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
2390: AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
2391: AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
2392: AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
1.23 millert 2393: AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
1.21 millert 2394: AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
2395: AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
2396: AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
2397: AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
1.23 millert 2398: AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
2399: AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.])
2400: AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
1.21 millert 2401: AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
2402: AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
2403: AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)])
2404: AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
2405: AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
2406: AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords)])
2407: AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
2408: AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.])
1.29 ! millert 2409: AH_TEMPLATE(HAVE_IN6_ADDR, [Define to 1 if <netinet/in.h> contains struct in6_addr.])
1.21 millert 2410: AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])
2411: AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
2412: AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.])
2413: AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
2414: AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not)])
2415: AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.])
2416: AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.])
2417: AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.])
1.23 millert 2418: AH_TEMPLATE(HAVE_PROJECT_H, [Define to 1 if you have the <project.h> header file.])
1.21 millert 2419: AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.])
2420: AH_TEMPLATE(HAVE_SIA, [Define to 1 if you use SIA authentication.])
2421: AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if <signal.h> has the sigaction_t typedef.])
2422: AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
2423: AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
2424: AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member])
2425: AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member])
2426: AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the <termios.h> header file and the `tcgetattr' function.])
2427: AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h])
1.22 millert 2428: AH_TEMPLATE(HAVE_TIMESPECSUB2, [Define to 1 if you have a timespecsub macro or function that takes two arguments (not three)])
1.21 millert 2429: AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
2430: AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
2431: AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements])
2432: AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
2433: AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
2434: AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])
2435: AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.])
2436: AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.])
2437: AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.])
2438: AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.])
2439: AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.])
2440: AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.])
2441: AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.])
2442: AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.])
2443: AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
2444: AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
2445: AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
2446: AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
2447: AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
2448: AH_TEMPLATE(USE_TTY_TICKETS, [Define to 1 if you want a different ticket file for each tty.])
2449: AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
2450: AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
2451:
2452: dnl
2453: dnl Bits to copy verbatim into config.h.in
1.7 millert 2454: dnl
2455: AH_TOP([#ifndef _SUDO_CONFIG_H
2456: #define _SUDO_CONFIG_H])
2457:
2458: AH_BOTTOM([/*
1.21 millert 2459: * Macros to pull sec and nsec parts of mtime from struct stat.
1.23 millert 2460: * We need to be able to convert between timeval and timespec
2461: * so the last 3 digits of tv_nsec are not significant.
1.21 millert 2462: */
2463: #ifdef HAVE_ST_MTIM
2464: # define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
1.23 millert 2465: # define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
1.21 millert 2466: #else
2467: # ifdef HAVE_ST_MTIMESPEC
2468: # define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec)
1.23 millert 2469: # define mtim_getnsec(_x) (((_x).st_mtimespec.tv_nsec / 1000) * 1000)
1.21 millert 2470: # else
2471: # define mtim_getsec(_x) ((_x).st_mtime)
2472: # define mtim_getnsec(_x) (0)
2473: # endif /* HAVE_ST_MTIMESPEC */
2474: #endif /* HAVE_ST_MTIM */
2475:
2476: /*
1.7 millert 2477: * Emulate a subset of waitpid() if we don't have it.
2478: */
2479: #ifdef HAVE_WAITPID
2480: # define sudo_waitpid(p, s, o) waitpid(p, s, o)
2481: #else
2482: # ifdef HAVE_WAIT3
2483: # define sudo_waitpid(p, s, o) wait3(s, o, NULL)
2484: # endif
1.14 millert 2485: #endif
2486:
2487: /* GNU stow needs /etc/sudoers to be a symlink. */
1.21 millert 2488: #ifdef USE_STOW
1.14 millert 2489: # define stat_sudoers stat
2490: #else
2491: # define stat_sudoers lstat
1.7 millert 2492: #endif
1.21 millert 2493:
2494: /* Macros to set/clear/test flags. */
2495: #undef SET
2496: #define SET(t, f) ((t) |= (f))
2497: #undef CLR
2498: #define CLR(t, f) ((t) &= ~(f))
2499: #undef ISSET
2500: #define ISSET(t, f) ((t) & (f))
1.7 millert 2501:
2502: /* New ANSI-style OS defs for HP-UX and ConvexOS. */
2503: #if defined(hpux) && !defined(__hpux)
2504: # define __hpux 1
2505: #endif /* hpux */
2506:
2507: #if defined(convex) && !defined(__convex__)
2508: # define __convex__ 1
2509: #endif /* convex */
2510:
2511: /* BSD compatibility on some SVR4 systems. */
2512: #ifdef __svr4__
2513: # define BSD_COMP
2514: #endif /* __svr4__ */
2515:
2516: #endif /* _SUDO_CONFIG_H */])