Annotation of src/usr.bin/sudo/configure.in, Revision 1.47
1.1 millert 1: dnl
2: dnl Process this file with GNU autoconf to produce a configure script.
3: dnl
1.42 millert 4: dnl Copyright (c) 1994-1996,1998-2010 Todd C. Miller <Todd.Miller@courtesan.com>
1.1 millert 5: dnl
1.46 millert 6: AC_INIT([sudo], [1.7.2p8], [http://www.sudo.ws/bugs/], [sudo])
1.1 millert 7: AC_CONFIG_HEADER(config.h pathnames.h)
8: dnl
1.23 millert 9: dnl This won't work before AC_INIT
1.1 millert 10: dnl
1.38 millert 11: AC_MSG_NOTICE([Configuring Sudo version $PACKAGE_VERSION])
1.1 millert 12: dnl
1.7 millert 13: dnl Variables that get substituted in the Makefile and man pages
1.1 millert 14: dnl
1.37 millert 15: AC_SUBST(HAVE_BSM_AUDIT)
1.45 millert 16: AC_SUBST(SHELL)
1.21 millert 17: AC_SUBST(LIBTOOL)
1.23 millert 18: AC_SUBST(CFLAGS)
19: AC_SUBST(PROGS)
20: AC_SUBST(CPPFLAGS)
21: AC_SUBST(LDFLAGS)
22: AC_SUBST(SUDO_LDFLAGS)
23: AC_SUBST(SUDO_OBJS)
24: AC_SUBST(LIBS)
25: AC_SUBST(SUDO_LIBS)
26: AC_SUBST(NET_LIBS)
27: AC_SUBST(AFS_LIBS)
1.30 millert 28: AC_SUBST(GETGROUPS_LIB)
1.23 millert 29: AC_SUBST(OSDEFS)
30: AC_SUBST(AUTH_OBJS)
31: AC_SUBST(MANTYPE)
32: AC_SUBST(MAN_POSTINSTALL)
33: AC_SUBST(SUDOERS_MODE)
34: AC_SUBST(SUDOERS_UID)
35: AC_SUBST(SUDOERS_GID)
1.5 millert 36: AC_SUBST(DEV)
1.34 millert 37: AC_SUBST(SELINUX)
38: AC_SUBST(BAMAN)
39: AC_SUBST(LCMAN)
40: AC_SUBST(SEMAN)
1.35 millert 41: AC_SUBST(devdir)
1.5 millert 42: AC_SUBST(mansectsu)
43: AC_SUBST(mansectform)
44: AC_SUBST(mansrcdir)
1.34 millert 45: AC_SUBST(NOEXECFILE)
1.21 millert 46: AC_SUBST(NOEXECDIR)
47: AC_SUBST(noexec_file)
48: AC_SUBST(INSTALL_NOEXEC)
1.23 millert 49: AC_SUBST(DONT_LEAK_PATH_INFO)
1.35 millert 50: AC_SUBST(BSDAUTH_USAGE)
51: AC_SUBST(SELINUX_USAGE)
52: AC_SUBST(LDAP)
53: AC_SUBST(LOGINCAP_USAGE)
1.38 millert 54: AC_SUBST(NONUNIX_GROUPS_IMPL)
1.5 millert 55: dnl
1.7 millert 56: dnl Variables that get substituted in docs (not overridden by environment)
57: dnl
58: AC_SUBST(timedir)dnl initial value from SUDO_TIMEDIR
59: AC_SUBST(timeout)
60: AC_SUBST(password_timeout)
61: AC_SUBST(sudo_umask)
62: AC_SUBST(passprompt)
63: AC_SUBST(long_otp_prompt)
64: AC_SUBST(lecture)
65: AC_SUBST(logfac)
66: AC_SUBST(goodpri)
67: AC_SUBST(badpri)
68: AC_SUBST(loglen)
69: AC_SUBST(ignore_dot)
70: AC_SUBST(mail_no_user)
71: AC_SUBST(mail_no_host)
72: AC_SUBST(mail_no_perms)
73: AC_SUBST(mailto)
74: AC_SUBST(mailsub)
75: AC_SUBST(badpass_message)
76: AC_SUBST(fqdn)
77: AC_SUBST(runas_default)
78: AC_SUBST(env_editor)
79: AC_SUBST(passwd_tries)
80: AC_SUBST(tty_tickets)
81: AC_SUBST(insults)
1.21 millert 82: AC_SUBST(root_sudo)
1.23 millert 83: AC_SUBST(path_info)
1.35 millert 84: AC_SUBST(ldap_conf)
85: AC_SUBST(ldap_secret)
86: AC_SUBST(nsswitch_conf)
1.37 millert 87: AC_SUBST(netsvc_conf)
1.39 millert 88: AC_SUBST(secure_path)
1.7 millert 89: dnl
90: dnl Initial values for above
91: dnl
92: timeout=5
93: password_timeout=5
94: sudo_umask=0022
95: passprompt="Password:"
96: long_otp_prompt=off
1.21 millert 97: lecture=once
1.7 millert 98: logfac=local2
99: goodpri=notice
100: badpri=alert
101: loglen=80
102: ignore_dot=off
103: mail_no_user=on
104: mail_no_host=off
105: mail_no_perms=off
106: mailto=root
107: mailsub='*** SECURITY information for %h ***'
108: badpass_message='Sorry, try again.'
109: fqdn=off
110: runas_default=root
111: env_editor=off
112: passwd_tries=3
113: tty_tickets=off
114: insults=off
1.21 millert 115: root_sudo=on
1.23 millert 116: path_info=on
1.39 millert 117: secure_path="not set"
1.21 millert 118: INSTALL_NOEXEC=
1.35 millert 119: devdir='$(srcdir)'
1.7 millert 120: dnl
1.5 millert 121: dnl Initial values for Makefile variables listed above
1.7 millert 122: dnl May be overridden by environment variables..
1.5 millert 123: dnl
124: PROGS="sudo visudo"
1.23 millert 125: : ${MANTYPE='man'}
126: : ${mansrcdir='.'}
127: : ${SUDOERS_MODE='0440'}
128: : ${SUDOERS_UID='0'}
129: : ${SUDOERS_GID='0'}
1.1 millert 130: DEV="#"
1.35 millert 131: LDAP="#"
1.34 millert 132: SELINUX="#"
133: BAMAN='.\" '
134: LCMAN='.\" '
135: SEMAN='.\" '
1.25 millert 136: AUTH_OBJS=
137: AUTH_REG=
138: AUTH_EXCL=
139: AUTH_EXCL_DEF=
140: AUTH_DEF=passwd
1.5 millert 141:
142: dnl
143: dnl Other vaiables
144: dnl
1.1 millert 145: CHECKSHADOW=true
1.23 millert 146: shadow_defs=
147: shadow_funcs=
148: shadow_libs=
149: shadow_libs_optional=
1.1 millert 150:
151: dnl
152: dnl Override default configure dirs...
153: dnl
1.34 millert 154: if test X"$prefix" = X"NONE"; then
155: test "$mandir" = '${datarootdir}/man' && mandir='$(prefix)/man'
156: else
157: test "$mandir" = '${datarootdir}/man' && mandir='$(datarootdir)/man'
158: fi
1.1 millert 159: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
160: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
1.14 millert 161: test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
1.1 millert 162:
163: dnl
164: dnl Deprecated --with options (these all warn or generate an error)
165: dnl
166:
1.38 millert 167: AC_ARG_WITH(otp-only, [AS_HELP_STRING([--with-otp-only], [deprecated])],
1.1 millert 168: [case $with_otp_only in
1.25 millert 169: yes) with_passwd="no"
1.15 millert 170: AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
1.1 millert 171: ;;
172: esac])
173:
1.38 millert 174: AC_ARG_WITH(alertmail, [AS_HELP_STRING([--with-alertmail], [deprecated])],
1.1 millert 175: [case $with_alertmail in
176: *) with_mailto="$with_alertmail"
1.15 millert 177: AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
1.1 millert 178: ;;
179: esac])
180:
181: dnl
182: dnl Options for --with
183: dnl
184:
1.38 millert 185: AC_ARG_WITH(CC, [AS_HELP_STRING([--with-CC], [C compiler to use])],
1.1 millert 186: [case $with_CC in
187: yes) AC_MSG_ERROR(["must give --with-CC an argument."])
188: ;;
189: no) AC_MSG_ERROR(["illegal argument: --without-CC."])
190: ;;
191: *) CC=$with_CC
192: ;;
193: esac])
194:
1.38 millert 195: AC_ARG_WITH(rpath, [AS_HELP_STRING([--with-rpath], [pass -R flag in addition to -L for lib paths])],
1.15 millert 196: [case $with_rpath in
1.23 millert 197: yes|no) ;;
1.15 millert 198: *) AC_MSG_ERROR(["--with-rpath does not take an argument."])
199: ;;
200: esac])
201:
1.38 millert 202: AC_ARG_WITH(blibpath, [AS_HELP_STRING([--with-blibpath[=PATH]], [pass -blibpath flag to ld for additional lib paths])],
1.15 millert 203: [case $with_blibpath in
1.23 millert 204: yes|no) ;;
1.15 millert 205: *) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
206: ;;
207: esac])
208:
1.37 millert 209: dnl
210: dnl Handle BSM auditing support.
211: dnl
1.38 millert 212: AC_ARG_WITH(bsm-audit, [AS_HELP_STRING([--with-bsm-audit], [enable BSM audit support])],
1.37 millert 213: [case $with_bsm_audit in
214: yes) AC_DEFINE(HAVE_BSM_AUDIT)
215: SUDO_LIBS="${SUDO_LIBS} -lbsm"
216: SUDO_OBJS="${SUDO_OBJS} bsm_audit.o"
217: ;;
218: no) ;;
219: *) AC_MSG_ERROR(["--with-bsm-audit does not take an argument."])
220: ;;
221: esac])
222:
1.38 millert 223: AC_ARG_WITH(incpath, [AS_HELP_STRING([--with-incpath], [additional places to look for include files])],
1.21 millert 224: [case $with_incpath in
1.1 millert 225: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
226: ;;
227: no) AC_MSG_ERROR(["--without-incpath not supported."])
228: ;;
1.15 millert 229: *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
1.1 millert 230: for i in ${with_incpath}; do
231: CPPFLAGS="${CPPFLAGS} -I${i}"
232: done
233: ;;
234: esac])
235:
1.38 millert 236: AC_ARG_WITH(libpath, [AS_HELP_STRING([--with-libpath], [additional places to look for libraries])],
1.21 millert 237: [case $with_libpath in
1.1 millert 238: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
239: ;;
240: no) AC_MSG_ERROR(["--without-libpath not supported."])
241: ;;
1.15 millert 242: *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
1.1 millert 243: ;;
244: esac])
245:
1.38 millert 246: AC_ARG_WITH(libraries, [AS_HELP_STRING([--with-libraries], [additional libraries to link with])],
1.21 millert 247: [case $with_libraries in
1.1 millert 248: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
249: ;;
250: no) AC_MSG_ERROR(["--without-libraries not supported."])
251: ;;
1.15 millert 252: *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
1.1 millert 253: ;;
254: esac])
255:
1.38 millert 256: AC_ARG_WITH(devel, [AS_HELP_STRING([--with-devel], [add development options])],
1.21 millert 257: [case $with_devel in
1.15 millert 258: yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
1.1 millert 259: PROGS="${PROGS} testsudoers"
260: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
261: DEV=""
1.35 millert 262: devdir=.
1.1 millert 263: ;;
264: no) ;;
1.15 millert 265: *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
1.1 millert 266: ;;
267: esac])
268:
1.38 millert 269: AC_ARG_WITH(efence, [AS_HELP_STRING([--with-efence], [link with -lefence for malloc() debugging])],
1.21 millert 270: [case $with_efence in
1.15 millert 271: yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
1.9 millert 272: LIBS="${LIBS} -lefence"
273: if test -f /usr/local/lib/libefence.a; then
1.15 millert 274: with_libpath="${with_libpath} /usr/local/lib"
1.9 millert 275: fi
276: ;;
277: no) ;;
1.15 millert 278: *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
1.9 millert 279: ;;
280: esac])
281:
1.38 millert 282: AC_ARG_WITH(csops, [AS_HELP_STRING([--with-csops], [add CSOps standard options])],
1.21 millert 283: [case $with_csops in
1.15 millert 284: yes) AC_MSG_NOTICE([Adding CSOps standard options])
1.1 millert 285: CHECKSIA=false
286: with_ignore_dot=yes
1.7 millert 287: insults=on
1.1 millert 288: with_classic_insults=yes
289: with_csops_insults=yes
290: with_env_editor=yes
1.23 millert 291: : ${mansectsu='8'}
292: : ${mansectform='5'}
1.1 millert 293: ;;
294: no) ;;
1.15 millert 295: *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
1.1 millert 296: ;;
297: esac])
298:
1.38 millert 299: AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])],
1.1 millert 300: [case $with_passwd in
1.25 millert 301: yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
302: AC_MSG_RESULT($with_passwd)
303: AUTH_DEF=""
304: test "$with_passwd" = "yes" && AUTH_REG="$AUTH_REG passwd"
1.1 millert 305: ;;
306: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
307: ;;
308: esac])
309:
1.38 millert 310: AC_ARG_WITH(skey, [AS_HELP_STRING([--with-skey[=DIR]], [enable S/Key support ])],
1.1 millert 311: [case $with_skey in
1.23 millert 312: no) with_skey=""
313: ;;
1.25 millert 314: *) AC_DEFINE(HAVE_SKEY)
1.1 millert 315: AC_MSG_CHECKING(whether to try S/Key authentication)
316: AC_MSG_RESULT(yes)
1.25 millert 317: AUTH_REG="$AUTH_REG S/Key"
1.1 millert 318: ;;
319: esac])
320:
1.38 millert 321: AC_ARG_WITH(opie, [AS_HELP_STRING([--with-opie[=DIR]], [enable OPIE support ])],
1.1 millert 322: [case $with_opie in
1.23 millert 323: no) with_opie=""
324: ;;
1.25 millert 325: *) AC_DEFINE(HAVE_OPIE)
1.1 millert 326: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
327: AC_MSG_RESULT(yes)
1.25 millert 328: AUTH_REG="$AUTH_REG NRL_OPIE"
1.1 millert 329: ;;
330: esac])
331:
1.38 millert 332: AC_ARG_WITH(long-otp-prompt, [AS_HELP_STRING([--with-long-otp-prompt], [use a two line OTP (skey/opie) prompt])],
1.1 millert 333: [case $with_long_otp_prompt in
1.21 millert 334: yes) AC_DEFINE(LONG_OTP_PROMPT)
1.1 millert 335: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
336: AC_MSG_RESULT(yes)
1.7 millert 337: long_otp_prompt=on
338: ;;
339: no) long_otp_prompt=off
1.1 millert 340: ;;
341: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
342: ;;
343: esac])
344:
1.38 millert 345: AC_ARG_WITH(SecurID, [AS_HELP_STRING([--with-SecurID[[=DIR]]], [enable SecurID support])],
1.1 millert 346: [case $with_SecurID in
1.15 millert 347: no) with_SecurID="";;
1.21 millert 348: *) AC_DEFINE(HAVE_SECURID)
1.1 millert 349: AC_MSG_CHECKING(whether to use SecurID for authentication)
350: AC_MSG_RESULT(yes)
1.25 millert 351: AUTH_EXCL="$AUTH_EXCL SecurID"
1.1 millert 352: ;;
353: esac])
354:
1.38 millert 355: AC_ARG_WITH(fwtk, [AS_HELP_STRING([--with-fwtk[[=DIR]]], [enable FWTK AuthSRV support])],
1.1 millert 356: [case $with_fwtk in
1.15 millert 357: no) with_fwtk="";;
1.21 millert 358: *) AC_DEFINE(HAVE_FWTK)
1.1 millert 359: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
360: AC_MSG_RESULT(yes)
1.25 millert 361: AUTH_EXCL="$AUTH_EXCL FWTK"
1.1 millert 362: ;;
363: esac])
364:
1.38 millert 365: AC_ARG_WITH(kerb4, [AS_HELP_STRING([--with-kerb4[[=DIR]]], [enable Kerberos IV support])],
1.1 millert 366: [case $with_kerb4 in
1.15 millert 367: no) with_kerb4="";;
368: *) AC_MSG_CHECKING(whether to try kerberos IV authentication)
1.1 millert 369: AC_MSG_RESULT(yes)
1.25 millert 370: AUTH_REG="$AUTH_REG kerb4"
1.1 millert 371: ;;
372: esac])
373:
1.38 millert 374: AC_ARG_WITH(kerb5, [AS_HELP_STRING([--with-kerb5[[=DIR]]], [enable Kerberos V support])],
1.1 millert 375: [case $with_kerb5 in
1.15 millert 376: no) with_kerb5="";;
377: *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
1.1 millert 378: AC_MSG_RESULT(yes)
1.25 millert 379: AUTH_REG="$AUTH_REG kerb5"
1.1 millert 380: ;;
381: esac])
382:
1.38 millert 383: AC_ARG_WITH(aixauth, [AS_HELP_STRING([--with-aixauth], [enable AIX general authentication support])],
1.23 millert 384: [case $with_aixauth in
1.25 millert 385: yes) AUTH_EXCL="$AUTH_EXCL AIX_AUTH";;
386: no) ;;
1.23 millert 387: *) AC_MSG_ERROR(["--with-aixauth does not take an argument."])
1.1 millert 388: ;;
389: esac])
390:
1.38 millert 391: AC_ARG_WITH(pam, [AS_HELP_STRING([--with-pam], [enable PAM support])],
1.1 millert 392: [case $with_pam in
1.25 millert 393: yes) AUTH_EXCL="$AUTH_EXCL PAM";;
394: no) ;;
1.1 millert 395: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
396: ;;
397: esac])
398:
1.38 millert 399: AC_ARG_WITH(AFS, [AS_HELP_STRING([--with-AFS], [enable AFS support])],
1.1 millert 400: [case $with_AFS in
1.21 millert 401: yes) AC_DEFINE(HAVE_AFS)
1.1 millert 402: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
403: AC_MSG_RESULT(yes)
1.25 millert 404: AUTH_REG="$AUTH_REG AFS"
1.1 millert 405: ;;
406: no) ;;
407: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
408: ;;
409: esac])
410:
1.38 millert 411: AC_ARG_WITH(DCE, [AS_HELP_STRING([--with-DCE], [enable DCE support])],
1.1 millert 412: [case $with_DCE in
1.21 millert 413: yes) AC_DEFINE(HAVE_DCE)
1.1 millert 414: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
415: AC_MSG_RESULT(yes)
1.25 millert 416: AUTH_REG="$AUTH_REG DCE"
1.1 millert 417: ;;
418: no) ;;
419: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
420: ;;
421: esac])
422:
1.38 millert 423: AC_ARG_WITH(logincap, [AS_HELP_STRING([--with-logincap], [enable BSD login class support])],
1.5 millert 424: [case $with_logincap in
1.6 millert 425: yes|no) ;;
426: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
427: ;;
428: esac])
429:
1.38 millert 430: AC_ARG_WITH(bsdauth, [AS_HELP_STRING([--with-bsdauth], [enable BSD authentication support])],
1.6 millert 431: [case $with_bsdauth in
1.25 millert 432: yes) AUTH_EXCL="$AUTH_EXCL BSD_AUTH";;
433: no) ;;
1.23 millert 434: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
1.5 millert 435: ;;
1.23 millert 436: esac])
437:
1.38 millert 438: AC_ARG_WITH(project, [AS_HELP_STRING([--with-project], [enable Solaris project support])],
1.23 millert 439: [case $with_project in
440: yes|no) ;;
441: no) ;;
442: *) AC_MSG_ERROR(["--with-project does not take an argument."])
1.5 millert 443: ;;
444: esac])
445:
1.1 millert 446: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
1.38 millert 447: AC_ARG_WITH(lecture, [AS_HELP_STRING([--without-lecture], [don't print lecture for first-time sudoer])],
1.21 millert 448: [case $with_lecture in
449: yes|short|always) lecture=once
1.1 millert 450: ;;
1.21 millert 451: no|none|never) lecture=never
1.1 millert 452: ;;
453: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
454: ;;
1.7 millert 455: esac])
1.21 millert 456: if test "$lecture" = "once"; then
1.7 millert 457: AC_MSG_RESULT(yes)
458: else
1.21 millert 459: AC_DEFINE(NO_LECTURE)
1.7 millert 460: AC_MSG_RESULT(no)
461: fi
1.1 millert 462:
463: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
1.38 millert 464: AC_ARG_WITH(logging, [AS_HELP_STRING([--with-logging], [log via syslog, file, or both])],
1.21 millert 465: [case $with_logging in
1.1 millert 466: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
467: ;;
468: no) AC_MSG_ERROR(["--without-logging not supported."])
469: ;;
1.21 millert 470: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG)
1.1 millert 471: AC_MSG_RESULT(syslog)
472: ;;
473: file) AC_DEFINE(LOGGING, SLOG_FILE)
474: AC_MSG_RESULT(file)
475: ;;
476: both) AC_DEFINE(LOGGING, SLOG_BOTH)
477: AC_MSG_RESULT(both)
478: ;;
479: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
480: ;;
481: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
482:
483: AC_MSG_CHECKING(which syslog facility sudo should log with)
1.38 millert 484: AC_ARG_WITH(logfac, [AS_HELP_STRING([--with-logfac], [syslog facility to log with (default is "local2")])],
1.21 millert 485: [case $with_logfac in
1.1 millert 486: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
487: ;;
488: no) AC_MSG_ERROR(["--without-logfac not supported."])
489: ;;
1.7 millert 490: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
1.1 millert 491: ;;
492: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
493: ;;
1.7 millert 494: esac])
495: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
496: AC_MSG_RESULT($logfac)
1.1 millert 497:
498: AC_MSG_CHECKING(at which syslog priority to log commands)
1.38 millert 499: AC_ARG_WITH(goodpri, [AS_HELP_STRING([--with-goodpri], [syslog priority for commands (def is "notice")])],
1.21 millert 500: [case $with_goodpri in
1.1 millert 501: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
502: ;;
503: no) AC_MSG_ERROR(["--without-goodpri not supported."])
504: ;;
1.7 millert 505: alert|crit|debug|emerg|err|info|notice|warning)
506: goodpri=$with_goodpri
1.1 millert 507: ;;
508: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
509: ;;
1.7 millert 510: esac])
511: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
512: AC_MSG_RESULT($goodpri)
1.1 millert 513:
514: AC_MSG_CHECKING(at which syslog priority to log failures)
1.38 millert 515: AC_ARG_WITH(badpri, [AS_HELP_STRING([--with-badpri], [syslog priority for failures (def is "alert")])],
1.21 millert 516: [case $with_badpri in
1.1 millert 517: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
518: ;;
519: no) AC_MSG_ERROR(["--without-badpri not supported."])
520: ;;
1.7 millert 521: alert|crit|debug|emerg|err|info|notice|warning)
522: badpri=$with_badpri
1.1 millert 523: ;;
524: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
525: ;;
1.7 millert 526: esac])
527: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
1.14 millert 528: AC_MSG_RESULT($badpri)
1.1 millert 529:
1.38 millert 530: AC_ARG_WITH(logpath, [AS_HELP_STRING([--with-logpath], [path to the sudo log file])],
1.21 millert 531: [case $with_logpath in
1.1 millert 532: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
533: ;;
534: no) AC_MSG_ERROR(["--without-logpath not supported."])
535: ;;
536: esac])
537:
538: AC_MSG_CHECKING(how long a line in the log file should be)
1.38 millert 539: AC_ARG_WITH(loglen, [AS_HELP_STRING([--with-loglen], [maximum length of a log file line (default is 80)])],
1.21 millert 540: [case $with_loglen in
1.1 millert 541: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
542: ;;
543: no) AC_MSG_ERROR(["--without-loglen not supported."])
544: ;;
1.7 millert 545: [[0-9]]*) loglen=$with_loglen
1.1 millert 546: ;;
547: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
548: ;;
1.7 millert 549: esac])
550: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
551: AC_MSG_RESULT($loglen)
1.1 millert 552:
553: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
1.38 millert 554: AC_ARG_WITH(ignore-dot, [AS_HELP_STRING([--with-ignore-dot], [ignore '.' in the PATH])],
1.21 millert 555: [case $with_ignore_dot in
1.7 millert 556: yes) ignore_dot=on
1.1 millert 557: ;;
1.7 millert 558: no) ignore_dot=off
1.1 millert 559: ;;
560: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
561: ;;
1.7 millert 562: esac])
563: if test "$ignore_dot" = "on"; then
1.21 millert 564: AC_DEFINE(IGNORE_DOT_PATH)
1.7 millert 565: AC_MSG_RESULT(yes)
566: else
567: AC_MSG_RESULT(no)
568: fi
1.1 millert 569:
570: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
1.38 millert 571: AC_ARG_WITH(mail-if-no-user, [AS_HELP_STRING([--without-mail-if-no-user], [do not send mail if user not in sudoers])],
1.21 millert 572: [case $with_mail_if_no_user in
1.7 millert 573: yes) mail_no_user=on
1.1 millert 574: ;;
1.7 millert 575: no) mail_no_user=off
1.1 millert 576: ;;
1.7 millert 577: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
1.1 millert 578: ;;
1.7 millert 579: esac])
580: if test "$mail_no_user" = "on"; then
1.21 millert 581: AC_DEFINE(SEND_MAIL_WHEN_NO_USER)
1.7 millert 582: AC_MSG_RESULT(yes)
583: else
584: AC_MSG_RESULT(no)
585: fi
1.1 millert 586:
587: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
1.38 millert 588: AC_ARG_WITH(mail-if-no-host, [AS_HELP_STRING([--with-mail-if-no-host], [send mail if user in sudoers but not for this host])],
1.21 millert 589: [case $with_mail_if_no_host in
1.7 millert 590: yes) mail_no_host=on
1.1 millert 591: ;;
1.7 millert 592: no) mail_no_host=off
1.1 millert 593: ;;
1.7 millert 594: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
1.1 millert 595: ;;
1.7 millert 596: esac])
597: if test "$mail_no_host" = "on"; then
1.21 millert 598: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST)
1.7 millert 599: AC_MSG_RESULT(yes)
600: else
601: AC_MSG_RESULT(no)
602: fi
1.1 millert 603:
604: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
1.38 millert 605: AC_ARG_WITH(mail-if-noperms, [AS_HELP_STRING([--with-mail-if-noperms], [send mail if user not allowed to run command])],
1.21 millert 606: [case $with_mail_if_noperms in
1.7 millert 607: yes) mail_noperms=on
608: ;;
609: no) mail_noperms=off
610: ;;
611: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
612: ;;
613: esac])
614: if test "$mail_noperms" = "on"; then
1.21 millert 615: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK)
1.7 millert 616: AC_MSG_RESULT(yes)
617: else
618: AC_MSG_RESULT(no)
619: fi
620:
621: AC_MSG_CHECKING(who should get the mail that sudo sends)
1.38 millert 622: AC_ARG_WITH(mailto, [AS_HELP_STRING([--with-mailto], [who should get sudo mail (default is "root")])],
1.21 millert 623: [case $with_mailto in
1.7 millert 624: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
625: ;;
626: no) AC_MSG_ERROR(["--without-mailto not supported."])
627: ;;
628: *) mailto=$with_mailto
629: ;;
630: esac])
631: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
632: AC_MSG_RESULT([$mailto])
633:
1.38 millert 634: AC_ARG_WITH(mailsubject, [AS_HELP_STRING([--with-mailsubject], [subject of sudo mail])],
1.21 millert 635: [case $with_mailsubject in
1.7 millert 636: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
1.1 millert 637: ;;
1.15 millert 638: no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
1.1 millert 639: ;;
1.7 millert 640: *) mailsub="$with_mailsubject"
641: AC_MSG_CHECKING(sudo mail subject)
642: AC_MSG_RESULT([Using alert mail subject: $mailsub])
1.1 millert 643: ;;
1.7 millert 644: esac])
645: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
1.1 millert 646:
647: AC_MSG_CHECKING(for bad password prompt)
1.38 millert 648: AC_ARG_WITH(passprompt, [AS_HELP_STRING([--with-passprompt], [default password prompt])],
1.21 millert 649: [case $with_passprompt in
1.1 millert 650: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
651: ;;
1.15 millert 652: no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
1.1 millert 653: ;;
1.7 millert 654: *) passprompt="$with_passprompt"
655: esac])
656: AC_MSG_RESULT($passprompt)
657: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
1.1 millert 658:
659: AC_MSG_CHECKING(for bad password message)
1.38 millert 660: AC_ARG_WITH(badpass-message, [AS_HELP_STRING([--with-badpass-message], [message the user sees when the password is wrong])],
1.21 millert 661: [case $with_badpass_message in
1.1 millert 662: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
663: ;;
1.15 millert 664: no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
1.1 millert 665: ;;
1.7 millert 666: *) badpass_message="$with_badpass_message"
1.1 millert 667: ;;
1.7 millert 668: esac])
669: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
670: AC_MSG_RESULT([$badpass_message])
1.1 millert 671:
672: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
1.38 millert 673: AC_ARG_WITH(fqdn, [AS_HELP_STRING([--with-fqdn], [expect fully qualified hosts in sudoers])],
1.21 millert 674: [case $with_fqdn in
1.7 millert 675: yes) fqdn=on
1.1 millert 676: ;;
1.7 millert 677: no) fqdn=off
1.1 millert 678: ;;
679: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
680: ;;
1.7 millert 681: esac])
682: if test "$fqdn" = "on"; then
1.21 millert 683: AC_DEFINE(FQDN)
1.7 millert 684: AC_MSG_RESULT(yes)
685: else
686: AC_MSG_RESULT(no)
687: fi
1.1 millert 688:
1.38 millert 689: AC_ARG_WITH(timedir, [AS_HELP_STRING([--with-timedir], [path to the sudo timestamp dir])],
1.21 millert 690: [case $with_timedir in
1.1 millert 691: yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
692: ;;
693: no) AC_MSG_ERROR(["--without-timedir not supported."])
694: ;;
695: esac])
696:
1.47 ! millert 697: AC_ARG_WITH(tzdir, [AS_HELP_STRING([--with-tzdir=DIR], [path to the time zone data directory])],
! 698: [case $with_tzdir in
! 699: yes) AC_MSG_ERROR(["must give --with-tzdir an argument."])
! 700: ;;
! 701: esac])
! 702:
1.38 millert 703: AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail])
704: AS_HELP_STRING([--without-sendmail], [do not send mail at all])],
1.21 millert 705: [case $with_sendmail in
1.1 millert 706: yes) with_sendmail=""
707: ;;
708: no) ;;
1.7 millert 709: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
1.1 millert 710: ;;
711: esac])
712:
1.38 millert 713: AC_ARG_WITH(sudoers-mode, [AS_HELP_STRING([--with-sudoers-mode], [mode of sudoers file (defaults to 0440)])],
1.21 millert 714: [case $with_sudoers_mode in
1.1 millert 715: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
716: ;;
717: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
718: ;;
719: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
720: ;;
721: 0*) SUDOERS_MODE=$with_sudoers_mode
722: ;;
1.14 millert 723: *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
1.1 millert 724: ;;
725: esac])
726:
1.38 millert 727: AC_ARG_WITH(sudoers-uid, [AS_HELP_STRING([--with-sudoers-uid], [uid that owns sudoers file (defaults to 0)])],
1.21 millert 728: [case $with_sudoers_uid in
1.1 millert 729: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
730: ;;
731: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
732: ;;
733: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
734: ;;
1.14 millert 735: *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
1.1 millert 736: ;;
737: esac])
738:
1.38 millert 739: AC_ARG_WITH(sudoers-gid, [AS_HELP_STRING([--with-sudoers-gid], [gid that owns sudoers file (defaults to 0)])],
1.21 millert 740: [case $with_sudoers_gid in
1.1 millert 741: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
742: ;;
743: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
744: ;;
745: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
746: ;;
1.14 millert 747: *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
1.1 millert 748: ;;
749: esac])
750:
751: AC_MSG_CHECKING(for umask programs should be run with)
1.38 millert 752: AC_ARG_WITH(umask, [AS_HELP_STRING([--with-umask], [umask with which the prog should run (default is 022)])
753: AS_HELP_STRING([--without-umask], [Preserves the umask of the user invoking sudo.])],
1.21 millert 754: [case $with_umask in
1.1 millert 755: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
756: ;;
1.7 millert 757: no) sudo_umask=0777
1.1 millert 758: ;;
1.7 millert 759: [[0-9]]*) sudo_umask=$with_umask
1.1 millert 760: ;;
761: *) AC_MSG_ERROR(["you must enter a numeric mask."])
762: ;;
1.7 millert 763: esac])
764: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
765: if test "$sudo_umask" = "0777"; then
766: AC_MSG_RESULT(user)
767: else
768: AC_MSG_RESULT($sudo_umask)
769: fi
1.1 millert 770:
771: AC_MSG_CHECKING(for default user to run commands as)
1.38 millert 772: AC_ARG_WITH(runas-default, [AS_HELP_STRING([--with-runas-default], [User to run commands as (default is "root")])],
1.21 millert 773: [case $with_runas_default in
1.1 millert 774: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
775: ;;
776: no) AC_MSG_ERROR(["--without-runas-default not supported."])
777: ;;
1.7 millert 778: *) runas_default="$with_runas_default"
1.1 millert 779: ;;
1.7 millert 780: esac])
781: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
782: AC_MSG_RESULT([$runas_default])
1.1 millert 783:
1.38 millert 784: AC_ARG_WITH(exempt, [AS_HELP_STRING([--with-exempt=group], [no passwd needed for users in this group])],
1.21 millert 785: [case $with_exempt in
1.1 millert 786: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
787: ;;
788: no) AC_MSG_ERROR(["--without-exempt not supported."])
789: ;;
1.7 millert 790: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
1.1 millert 791: AC_MSG_CHECKING(for group to be exempt from password)
792: AC_MSG_RESULT([$with_exempt])
793: ;;
794: esac])
795:
796: AC_MSG_CHECKING(for editor that visudo should use)
1.38 millert 797: AC_ARG_WITH(editor, [AS_HELP_STRING([--with-editor=path], [Default editor for visudo (defaults to vi)])],
1.21 millert 798: [case $with_editor in
1.1 millert 799: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
800: ;;
801: no) AC_MSG_ERROR(["--without-editor not supported."])
802: ;;
1.7 millert 803: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
1.1 millert 804: AC_MSG_RESULT([$with_editor])
805: ;;
806: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
807:
808: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
1.38 millert 809: AC_ARG_WITH(env-editor, [AS_HELP_STRING([--with-env-editor], [Use the environment variable EDITOR for visudo])],
1.21 millert 810: [case $with_env_editor in
1.7 millert 811: yes) env_editor=on
1.1 millert 812: ;;
1.7 millert 813: no) env_editor=off
1.1 millert 814: ;;
815: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
816: ;;
1.7 millert 817: esac])
818: if test "$env_editor" = "on"; then
1.21 millert 819: AC_DEFINE(ENV_EDITOR)
1.7 millert 820: AC_MSG_RESULT(yes)
821: else
822: AC_MSG_RESULT(no)
823: fi
1.1 millert 824:
825: AC_MSG_CHECKING(number of tries a user gets to enter their password)
1.38 millert 826: AC_ARG_WITH(passwd-tries, [AS_HELP_STRING([--with-passwd-tries], [number of tries to enter password (default is 3)])],
1.21 millert 827: [case $with_passwd_tries in
1.7 millert 828: yes) ;;
1.1 millert 829: no) AC_MSG_ERROR(["--without-editor not supported."])
830: ;;
1.7 millert 831: [[1-9]]*) passwd_tries=$with_passwd_tries
1.1 millert 832: ;;
833: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
834: ;;
1.7 millert 835: esac])
836: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
837: AC_MSG_RESULT($passwd_tries)
1.1 millert 838:
839: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
1.38 millert 840: AC_ARG_WITH(timeout, [AS_HELP_STRING([--with-timeout], [minutes before sudo asks for passwd again (def is 5 minutes)])],
1.21 millert 841: [case $with_timeout in
1.7 millert 842: yes) ;;
843: no) timeout=0
1.1 millert 844: ;;
1.7 millert 845: [[0-9]]*) timeout=$with_timeout
1.1 millert 846: ;;
847: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
848: ;;
1.7 millert 849: esac])
850: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
851: AC_MSG_RESULT($timeout)
1.1 millert 852:
853: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
1.38 millert 854: AC_ARG_WITH(password-timeout, [AS_HELP_STRING([--with-password-timeout], [passwd prompt timeout in minutes (default is 5 minutes)])],
1.21 millert 855: [case $with_password_timeout in
1.7 millert 856: yes) ;;
857: no) password_timeout=0
1.1 millert 858: ;;
1.7 millert 859: [[0-9]]*) password_timeout=$with_password_timeout
1.1 millert 860: ;;
861: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
862: ;;
1.7 millert 863: esac])
864: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
865: AC_MSG_RESULT($password_timeout)
1.1 millert 866:
867: AC_MSG_CHECKING(whether to use per-tty ticket files)
1.38 millert 868: AC_ARG_WITH(tty-tickets, [AS_HELP_STRING([--with-tty-tickets], [use a different ticket file for each tty])],
1.21 millert 869: [case $with_tty_tickets in
1.7 millert 870: yes) tty_tickets=on
1.1 millert 871: ;;
1.7 millert 872: no) tty_tickets=off
1.1 millert 873: ;;
874: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
875: ;;
1.7 millert 876: esac])
877: if test "$tty_tickets" = "on"; then
1.21 millert 878: AC_DEFINE(USE_TTY_TICKETS)
1.7 millert 879: AC_MSG_RESULT(yes)
880: else
881: AC_MSG_RESULT(no)
882: fi
1.1 millert 883:
884: AC_MSG_CHECKING(whether to include insults)
1.38 millert 885: AC_ARG_WITH(insults, [AS_HELP_STRING([--with-insults], [insult the user for entering an incorrect password])],
1.21 millert 886: [case $with_insults in
1.7 millert 887: yes) insults=on
1.1 millert 888: with_classic_insults=yes
889: with_csops_insults=yes
890: ;;
1.7 millert 891: no) insults=off
1.1 millert 892: ;;
893: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
894: ;;
1.7 millert 895: esac])
896: if test "$insults" = "on"; then
1.21 millert 897: AC_DEFINE(USE_INSULTS)
1.7 millert 898: AC_MSG_RESULT(yes)
899: else
900: AC_MSG_RESULT(no)
901: fi
1.1 millert 902:
1.38 millert 903: AC_ARG_WITH(all-insults, [AS_HELP_STRING([--with-all-insults], [include all the sudo insult sets])],
1.21 millert 904: [case $with_all_insults in
1.1 millert 905: yes) with_classic_insults=yes
906: with_csops_insults=yes
907: with_hal_insults=yes
908: with_goons_insults=yes
909: ;;
910: no) ;;
911: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
912: ;;
913: esac])
914:
1.38 millert 915: AC_ARG_WITH(classic-insults, [AS_HELP_STRING([--with-classic-insults], [include the insults from the "classic" sudo])],
1.21 millert 916: [case $with_classic_insults in
917: yes) AC_DEFINE(CLASSIC_INSULTS)
1.1 millert 918: ;;
919: no) ;;
920: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
921: ;;
922: esac])
923:
1.38 millert 924: AC_ARG_WITH(csops-insults, [AS_HELP_STRING([--with-csops-insults], [include CSOps insults])],
1.21 millert 925: [case $with_csops_insults in
926: yes) AC_DEFINE(CSOPS_INSULTS)
1.1 millert 927: ;;
928: no) ;;
929: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
930: ;;
931: esac])
932:
1.38 millert 933: AC_ARG_WITH(hal-insults, [AS_HELP_STRING([--with-hal-insults], [include 2001-like insults])],
1.21 millert 934: [case $with_hal_insults in
935: yes) AC_DEFINE(HAL_INSULTS)
1.1 millert 936: ;;
937: no) ;;
938: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
939: ;;
940: esac])
941:
1.38 millert 942: AC_ARG_WITH(goons-insults, [AS_HELP_STRING([--with-goons-insults], [include the insults from the "Goon Show"])],
1.21 millert 943: [case $with_goons_insults in
944: yes) AC_DEFINE(GOONS_INSULTS)
1.1 millert 945: ;;
946: no) ;;
947: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
948: ;;
949: esac])
950:
1.38 millert 951: AC_ARG_WITH(nsswitch, [AS_HELP_STRING([--with-nsswitch[[=PATH]]], [path to nsswitch.conf])],
1.35 millert 952: [case $with_nsswitch in
953: no) ;;
954: yes) with_nsswitch="/etc/nsswitch.conf"
955: ;;
956: *) ;;
957: esac])
958:
1.38 millert 959: AC_ARG_WITH(ldap, [AS_HELP_STRING([--with-ldap[[=DIR]]], [enable LDAP support])],
1.21 millert 960: [case $with_ldap in
1.37 millert 961: no) ;;
1.21 millert 962: *) AC_DEFINE(HAVE_LDAP)
963: AC_MSG_CHECKING(whether to use sudoers from LDAP)
964: AC_MSG_RESULT(yes)
965: ;;
966: esac])
1.35 millert 967:
1.38 millert 968: AC_ARG_WITH(ldap-conf-file, [AS_HELP_STRING([--with-ldap-conf-file], [path to LDAP configuration file])])
1.35 millert 969: SUDO_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "${with_ldap_conf_file-/etc/ldap.conf}", [Path to the ldap.conf file])
970: ldap_conf=${with_ldap_conf_file-'/etc/ldap.conf'}
971:
1.38 millert 972: AC_ARG_WITH(ldap-secret-file, [AS_HELP_STRING([--with-ldap-secret-file], [path to LDAP secret password file])])
1.35 millert 973: SUDO_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "${with_ldap_secret_file-/etc/ldap.secret}", [Path to the ldap.secret file])
974: ldap_secret=${with_ldap_secret_file-'/etc/ldap.secret'}
1.21 millert 975:
1.38 millert 976: AC_ARG_WITH(pc-insults, [AS_HELP_STRING([--with-pc-insults], [replace politically incorrect insults with less offensive ones])],
1.21 millert 977: [case $with_pc_insults in
978: yes) AC_DEFINE(PC_INSULTS)
979: ;;
980: no) ;;
981: *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."])
982: ;;
983: esac])
984:
1.1 millert 985: dnl include all insult sets on one line
1.7 millert 986: if test "$insults" = "on"; then
1.1 millert 987: AC_MSG_CHECKING(which insult sets to include)
988: i=""
989: test "$with_goons_insults" = "yes" && i="goons ${i}"
990: test "$with_hal_insults" = "yes" && i="hal ${i}"
991: test "$with_csops_insults" = "yes" && i="csops ${i}"
992: test "$with_classic_insults" = "yes" && i="classic ${i}"
993: AC_MSG_RESULT([$i])
994: fi
995:
996: AC_MSG_CHECKING(whether to override the user's path)
1.38 millert 997: AC_ARG_WITH(secure-path, [AS_HELP_STRING([--with-secure-path], [override the user's path with a built-in one])],
1.21 millert 998: [case $with_secure_path in
1.39 millert 999: yes) with_secure_path="/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc"
1000: AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
1001: AC_MSG_RESULT([$with_secure_path])
1002: secure_path="set to $with_secure_path"
1.1 millert 1003: ;;
1004: no) AC_MSG_RESULT(no)
1005: ;;
1006: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
1007: AC_MSG_RESULT([$with_secure_path])
1.39 millert 1008: secure_path="set to F<$with_secure_path>"
1.1 millert 1009: ;;
1010: esac], AC_MSG_RESULT(no))
1011:
1012: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
1.38 millert 1013: AC_ARG_WITH(interfaces, [AS_HELP_STRING([--without-interfaces], [don't try to read the ip addr of ether interfaces])],
1.21 millert 1014: [case $with_interfaces in
1.1 millert 1015: yes) AC_MSG_RESULT(yes)
1016: ;;
1.21 millert 1017: no) AC_DEFINE(STUB_LOAD_INTERFACES)
1.1 millert 1018: AC_MSG_RESULT(no)
1019: ;;
1020: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
1021: ;;
1022: esac], AC_MSG_RESULT(yes))
1023:
1.14 millert 1024: AC_MSG_CHECKING(whether stow should be used)
1.38 millert 1025: AC_ARG_WITH(stow, [AS_HELP_STRING([--with-stow], [properly handle GNU stow packaging])],
1.14 millert 1026: [case $with_stow in
1027: yes) AC_MSG_RESULT(yes)
1.21 millert 1028: AC_DEFINE(USE_STOW)
1.14 millert 1029: ;;
1030: no) AC_MSG_RESULT(no)
1031: ;;
1032: *) AC_MSG_ERROR(["--with-stow does not take an argument."])
1033: ;;
1034: esac], AC_MSG_RESULT(no))
1035:
1.35 millert 1036: AC_MSG_CHECKING(whether to use an askpass helper)
1.38 millert 1037: AC_ARG_WITH(askpass, [AS_HELP_STRING([--with-askpass=PATH], [Fully qualified pathname of askpass helper])],
1.35 millert 1038: [case $with_askpass in
1039: yes) AC_MSG_ERROR(["--with-askpass takes a path as an argument."])
1040: ;;
1041: no) ;;
1042: *) AC_DEFINE_UNQUOTED(_PATH_SUDO_ASKPASS, "$with_askpass", [The fully qualified pathname of askpass])
1043: ;;
1044: esac], AC_MSG_RESULT(no))
1045:
1.1 millert 1046: dnl
1.38 millert 1047: dnl If enabled, set LIBVAS_SO, LIBVAS_RPATH and USING_NONUNIX_GROUPS
1048: dnl
1049: AC_ARG_WITH(libvas, [AS_HELP_STRING([--with-libvas=NAME], [Name of the libvas shared library (default=libvas.so)])],
1050: [case $with_libvas in
1051: yes) with_libvas=libvas.so
1052: ;;
1053: no) ;;
1.45 millert 1054: *) AC_DEFINE_UNQUOTED([LIBVAS_SO], ["$with_libvas"], [The name of libvas.so])
1.38 millert 1055: ;;
1056: esac
1057: if test X"$with_libvas" != X"no"; then
1058: AC_DEFINE_UNQUOTED([LIBVAS_SO], ["$with_libvas"], [The name of libvas.so])
1059: AC_DEFINE(USING_NONUNIX_GROUPS)
1060: NONUNIX_GROUPS_IMPL="vasgroups.o"
1061: AC_ARG_WITH([libvas-rpath],
1062: [AS_HELP_STRING([--with-libvas-rpath=PATH],
1063: [Path to look for libvas in [default=/opt/quest/lib]])],
1064: [LIBVAS_RPATH=$withval],
1065: [LIBVAS_RPATH=/opt/quest/lib])
1.45 millert 1066: dnl
1067: dnl Some platforms require libdl for dlopen()
1068: dnl
1069: AC_CHECK_LIB([dl], [main])
1.38 millert 1070: fi
1071: ])
1072:
1073: dnl
1.1 millert 1074: dnl Options for --enable
1075: dnl
1076:
1077: AC_MSG_CHECKING(whether to do user authentication by default)
1078: AC_ARG_ENABLE(authentication,
1.38 millert 1079: [AS_HELP_STRING([--disable-authentication], [Do not require authentication by default])],
1.1 millert 1080: [ case "$enableval" in
1081: yes) AC_MSG_RESULT(yes)
1082: ;;
1083: no) AC_MSG_RESULT(no)
1.21 millert 1084: AC_DEFINE(NO_AUTHENTICATION)
1.1 millert 1085: ;;
1086: *) AC_MSG_RESULT(no)
1.15 millert 1087: AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1.1 millert 1088: ;;
1089: esac
1090: ], AC_MSG_RESULT(yes))
1.9 millert 1091:
1.10 millert 1092: AC_MSG_CHECKING(whether to disable running the mailer as root)
1093: AC_ARG_ENABLE(root-mailer,
1.38 millert 1094: [AS_HELP_STRING([--disable-root-mailer], [Don't run the mailer as root, run as the user])],
1.10 millert 1095: [ case "$enableval" in
1096: yes) AC_MSG_RESULT(no)
1097: ;;
1098: no) AC_MSG_RESULT(yes)
1.21 millert 1099: AC_DEFINE(NO_ROOT_MAILER)
1.10 millert 1100: ;;
1101: *) AC_MSG_RESULT(no)
1.15 millert 1102: AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1.10 millert 1103: ;;
1104: esac
1105: ], AC_MSG_RESULT(no))
1106:
1.11 millert 1107: AC_ARG_ENABLE(setreuid,
1.38 millert 1108: [AS_HELP_STRING([--disable-setreuid], [Don't try to use the setreuid() function])],
1.11 millert 1109: [ case "$enableval" in
1.14 millert 1110: no) SKIP_SETREUID=yes
1111: ;;
1112: *) ;;
1113: esac
1114: ])
1115:
1116: AC_ARG_ENABLE(setresuid,
1.38 millert 1117: [AS_HELP_STRING([--disable-setresuid], [Don't try to use the setresuid() function])],
1.14 millert 1118: [ case "$enableval" in
1119: no) SKIP_SETRESUID=yes
1.11 millert 1120: ;;
1121: *) ;;
1122: esac
1123: ])
1124:
1.1 millert 1125: AC_MSG_CHECKING(whether to disable shadow password support)
1126: AC_ARG_ENABLE(shadow,
1.38 millert 1127: [AS_HELP_STRING([--disable-shadow], [Never use shadow passwords])],
1.1 millert 1128: [ case "$enableval" in
1129: yes) AC_MSG_RESULT(no)
1130: ;;
1131: no) AC_MSG_RESULT(yes)
1132: CHECKSHADOW="false"
1133: ;;
1134: *) AC_MSG_RESULT(no)
1.15 millert 1135: AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1.1 millert 1136: ;;
1137: esac
1138: ], AC_MSG_RESULT(no))
1139:
1140: AC_MSG_CHECKING(whether root should be allowed to use sudo)
1141: AC_ARG_ENABLE(root-sudo,
1.38 millert 1142: [AS_HELP_STRING([--disable-root-sudo], [Don't allow root to run sudo])],
1.21 millert 1143: [ case "$enableval" in
1.1 millert 1144: yes) AC_MSG_RESULT(yes)
1145: ;;
1.21 millert 1146: no) AC_DEFINE(NO_ROOT_SUDO)
1.1 millert 1147: AC_MSG_RESULT(no)
1.21 millert 1148: root_sudo=off
1.1 millert 1149: ;;
1150: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1151: ;;
1152: esac
1153: ], AC_MSG_RESULT(yes))
1154:
1155: AC_MSG_CHECKING(whether to log the hostname in the log file)
1156: AC_ARG_ENABLE(log-host,
1.38 millert 1157: [AS_HELP_STRING([--enable-log-host], [Log the hostname in the log file])],
1.1 millert 1158: [ case "$enableval" in
1159: yes) AC_MSG_RESULT(yes)
1.21 millert 1160: AC_DEFINE(HOST_IN_LOG)
1.1 millert 1161: ;;
1162: no) AC_MSG_RESULT(no)
1163: ;;
1164: *) AC_MSG_RESULT(no)
1.15 millert 1165: AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1.1 millert 1166: ;;
1167: esac
1168: ], AC_MSG_RESULT(no))
1169:
1170: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1171: AC_ARG_ENABLE(noargs-shell,
1.38 millert 1172: [AS_HELP_STRING([--enable-noargs-shell], [If sudo is given no arguments run a shell])],
1.1 millert 1173: [ case "$enableval" in
1174: yes) AC_MSG_RESULT(yes)
1.21 millert 1175: AC_DEFINE(SHELL_IF_NO_ARGS)
1.1 millert 1176: ;;
1177: no) AC_MSG_RESULT(no)
1178: ;;
1179: *) AC_MSG_RESULT(no)
1.15 millert 1180: AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1.1 millert 1181: ;;
1182: esac
1183: ], AC_MSG_RESULT(no))
1184:
1185: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1186: AC_ARG_ENABLE(shell-sets-home,
1.38 millert 1187: [AS_HELP_STRING([--enable-shell-sets-home], [Set $HOME to target user in shell mode])],
1.1 millert 1188: [ case "$enableval" in
1189: yes) AC_MSG_RESULT(yes)
1.21 millert 1190: AC_DEFINE(SHELL_SETS_HOME)
1.1 millert 1191: ;;
1192: no) AC_MSG_RESULT(no)
1193: ;;
1194: *) AC_MSG_RESULT(no)
1.15 millert 1195: AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1.1 millert 1196: ;;
1197: esac
1198: ], AC_MSG_RESULT(no))
1199:
1200: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1201: AC_ARG_ENABLE(path_info,
1.38 millert 1202: [AS_HELP_STRING([--disable-path-info], [Print 'command not allowed' not 'command not found'])],
1.1 millert 1203: [ case "$enableval" in
1204: yes) AC_MSG_RESULT(no)
1205: ;;
1206: no) AC_MSG_RESULT(yes)
1.21 millert 1207: AC_DEFINE(DONT_LEAK_PATH_INFO)
1.23 millert 1208: path_info=off
1.1 millert 1209: ;;
1210: *) AC_MSG_RESULT(no)
1.15 millert 1211: AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1.1 millert 1212: ;;
1213: esac
1214: ], AC_MSG_RESULT(no))
1215:
1.37 millert 1216: AC_MSG_CHECKING(whether to enable environment debugging)
1217: AC_ARG_ENABLE(env_debug,
1.38 millert 1218: [AS_HELP_STRING([--enable-env-debug], [Whether to enable environment debugging.])],
1.37 millert 1219: [ case "$enableval" in
1220: yes) AC_MSG_RESULT(yes)
1221: AC_DEFINE(ENV_DEBUG)
1222: ;;
1223: no) AC_MSG_RESULT(no)
1224: ;;
1225: *) AC_MSG_RESULT(no)
1226: AC_MSG_WARN([Ignoring unknown argument to --enable-env-debug: $enableval])
1227: ;;
1228: esac
1229: ], AC_MSG_RESULT(no))
1230:
1.38 millert 1231: AC_ARG_WITH(selinux, [AS_HELP_STRING([--with-selinux], [enable SELinux support])],
1.34 millert 1232: [case $with_selinux in
1.35 millert 1233: yes) SELINUX_USAGE="[[-r role]] [[-t type]] "
1234: AC_DEFINE(HAVE_SELINUX)
1.34 millert 1235: SUDO_LIBS="${SUDO_LIBS} -lselinux"
1236: SUDO_OBJS="${SUDO_OBJS} selinux.o"
1237: PROGS="${PROGS} sesh"
1238: SELINUX=""
1239: SEMAN=""
1240: ;;
1241: no) ;;
1242: *) AC_MSG_ERROR(["--with-selinux does not take an argument."])
1243: ;;
1244: esac])
1245:
1.1 millert 1246: dnl
1.35 millert 1247: dnl gss_krb5_ccache_name() may not work on Heimdal so we don't use it by default
1248: dnl
1.38 millert 1249: AC_ARG_ENABLE(gss_krb5_ccache_name,
1250: [AS_HELP_STRING([--enable-gss-krb5-ccache-name], [Use GSS-API to set the Kerberos V cred cache name])],
1251: [check_gss_krb5_ccache_name=$enableval], [check_gss_krb5_ccache_name=no])
1.35 millert 1252:
1253: dnl
1.1 millert 1254: dnl If we don't have egrep we can't do anything...
1255: dnl
1.23 millert 1256: AC_CHECK_PROG(EGREPPROG, egrep, egrep)
1.1 millert 1257: if test -z "$EGREPPROG"; then
1.15 millert 1258: AC_MSG_ERROR([Sorry, configure requires egrep to run.])
1.1 millert 1259: fi
1260:
1261: dnl
1.7 millert 1262: dnl Prevent configure from adding the -g flag unless in devel mode
1263: dnl
1264: if test "$with_devel" != "yes"; then
1265: ac_cv_prog_cc_g=no
1266: fi
1267:
1268: dnl
1.1 millert 1269: dnl C compiler checks
1270: dnl
1.7 millert 1271: AC_ISC_POSIX
1.1 millert 1272: AC_PROG_CPP
1273:
1274: dnl
1.21 millert 1275: dnl Libtool magic; enable shared libs and disable static libs
1276: dnl
1277: AC_CANONICAL_HOST
1.25 millert 1278: AC_DISABLE_STATIC
1.38 millert 1279: AC_LIBTOOL_DLOPEN
1.25 millert 1280: AC_PROG_LIBTOOL
1.21 millert 1281:
1282: dnl
1283: dnl Defer with_noexec until after libtool magic runs
1284: dnl
1285: if test "$enable_shared" = "no"; then
1286: with_noexec=no
1287: else
1.24 millert 1288: eval _shrext="$shrext_cmds"
1.21 millert 1289: fi
1290: AC_MSG_CHECKING(path to sudo_noexec.so)
1.38 millert 1291: AC_ARG_WITH(noexec, [AS_HELP_STRING([--with-noexec[=PATH]], [fully qualified pathname of sudo_noexec.so])],
1.21 millert 1292: [case $with_noexec in
1293: yes) with_noexec="$libexecdir/sudo_noexec$_shrext"
1294: ;;
1295: no) ;;
1296: *) ;;
1297: esac], [with_noexec="$libexecdir/sudo_noexec$_shrext"])
1298: AC_MSG_RESULT($with_noexec)
1.34 millert 1299: NOEXECFILE="sudo_noexec$_shrext"
1.21 millert 1300: NOEXECDIR="`echo $with_noexec|sed 's:^\(.*\)/[[^/]]*:\1:'`"
1301:
1302: dnl
1.1 millert 1303: dnl It is now safe to modify CFLAGS and CPPFLAGS
1304: dnl
1305: if test "$with_devel" = "yes" -a -n "$GCC"; then
1306: CFLAGS="${CFLAGS} -Wall"
1307: fi
1308:
1309: dnl
1310: dnl Find programs we use
1311: dnl
1.23 millert 1312: AC_CHECK_PROG(UNAMEPROG, uname, uname)
1313: AC_CHECK_PROG(TRPROG, tr, tr)
1314: AC_CHECK_PROG(NROFFPROG, nroff, nroff)
1.1 millert 1315: if test -z "$NROFFPROG"; then
1316: MANTYPE="cat"
1.5 millert 1317: mansrcdir='$(srcdir)'
1.1 millert 1318: fi
1319:
1320: dnl
1321: dnl What kind of beastie are we being run on?
1322: dnl Barf if config.cache was generated on another host.
1323: dnl
1324: if test -n "$sudo_cv_prev_host"; then
1325: if test "$sudo_cv_prev_host" != "$host"; then
1.15 millert 1326: AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1.1 millert 1327: else
1328: AC_MSG_CHECKING(previous host type)
1329: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1.15 millert 1330: AC_MSG_RESULT([$sudo_cv_prev_host])
1.1 millert 1331: fi
1332: else
1333: # this will produce no output since there is no cached value
1334: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1335: fi
1336:
1337: dnl
1338: dnl We want to be able to differentiate between different rev's
1339: dnl
1340: if test -n "$host_os"; then
1341: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1.23 millert 1342: OSREV=`echo $host_os | sed 's/^[[^0-9\.]]*\([[0-9\.]]*\).*$/\1/'`
1343: OSMAJOR=`echo $OSREV | sed 's/\..*$//'`
1.1 millert 1344: else
1345: OS="unknown"
1346: OSREV=0
1.23 millert 1347: OSMAJOR=0
1.1 millert 1348: fi
1349:
1350: case "$host" in
1351: *-*-sunos4*)
1352: # getcwd(3) opens a pipe to getpwd(1)!?!
1353: BROKEN_GETCWD=1
1354:
1355: # system headers lack prototypes but gcc helps...
1356: if test -n "$GCC"; then
1.23 millert 1357: OSDEFS="${OSDEFS} -D__USE_FIXED_PROTOTYPES__"
1.1 millert 1358: fi
1359:
1.23 millert 1360: shadow_funcs="getpwanam issecure"
1.1 millert 1361: ;;
1362: *-*-solaris2*)
1363: # To get the crypt(3) prototype (so we pass -Wall)
1.23 millert 1364: OSDEFS="${OSDEFS} -D__EXTENSIONS__"
1.1 millert 1365: # AFS support needs -lucb
1366: if test "$with_AFS" = "yes"; then
1367: AFS_LIBS="-lc -lucb"
1368: fi
1.23 millert 1369: : ${mansectsu='1m'}
1370: : ${mansectform='4'}
1371: : ${with_rpath='yes'}
1.25 millert 1372: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.1 millert 1373: ;;
1374: *-*-aix*)
1375: # To get all prototypes (so we pass -Wall)
1.23 millert 1376: OSDEFS="${OSDEFS} -D_XOPEN_EXTENDED_SOURCE -D_ALL_SOURCE"
1.1 millert 1377: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1.15 millert 1378: if test X"$with_blibpath" != X"no"; then
1379: AC_MSG_CHECKING([if linker accepts -Wl,-blibpath])
1380: O_LDFLAGS="$LDFLAGS"
1.23 millert 1381: LDFLAGS="$O_LDFLAGS -Wl,-blibpath:/usr/lib:/lib"
1382: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], [
1.15 millert 1383: if test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
1384: blibpath="$with_blibpath"
1385: elif test -n "$GCC"; then
1386: blibpath="/usr/lib:/lib:/usr/local/lib"
1387: else
1388: blibpath="/usr/lib:/lib"
1389: fi
1390: AC_MSG_RESULT(yes)
1391: ], [AC_MSG_RESULT(no)])
1392: fi
1393: LDFLAGS="$O_LDFLAGS"
1.23 millert 1394:
1.25 millert 1395: # Use authenticate(3) as the default authentication method
1.23 millert 1396: if test X"$with_aixauth" = X""; then
1.25 millert 1397: AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
1.23 millert 1398: fi
1.35 millert 1399:
1.37 millert 1400: # AIX analog of nsswitch.conf, enabled by default
1.38 millert 1401: AC_ARG_WITH(netsvc, [AS_HELP_STRING([--with-netsvc[[=PATH]]], [path to netsvc.conf])],
1.37 millert 1402: [case $with_netsvc in
1403: no) ;;
1404: yes) with_netsvc="/etc/netsvc.conf"
1405: ;;
1406: *) ;;
1407: esac])
1408: if test -z "$with_nsswitch" -a -z "$with_netsvc"; then
1409: with_netsvc="/etc/netsvc.conf"
1410: fi
1411:
1.35 millert 1412: # AIX-specific functions
1413: AC_CHECK_FUNCS(getuserattr)
1414: SUDO_OBJS="$SUDO_OBJS aix.o"
1.1 millert 1415: ;;
1416: *-*-hiuxmpp*)
1.23 millert 1417: : ${mansectsu='1m'}
1418: : ${mansectform='4'}
1.1 millert 1419: ;;
1.21 millert 1420: *-*-hpux*)
1.1 millert 1421: # AFS support needs -lBSD
1422: if test "$with_AFS" = "yes"; then
1423: AFS_LIBS="-lc -lBSD"
1424: fi
1.23 millert 1425: : ${mansectsu='1m'}
1426: : ${mansectform='4'}
1.1 millert 1427:
1.36 millert 1428: # HP-UX bundled compiler can't generate shared objects
1429: if test "x$ac_cv_prog_cc_c89" = "xno"; then
1430: with_noexec=no
1431: fi
1.38 millert 1432:
1433: # Use the +DAportable flag if it is supported
1434: _CFLAGS="$CFLAGS"
1435: CFLAGS="$CFLAGS +DAportable"
1436: AC_CACHE_CHECK([whether $CC understands +DAportable],
1437: [sudo_cv_var_daportable],
1438: [AC_TRY_LINK([], [], [sudo_cv_var_daportable=yes],
1439: [sudo_cv_var_daportable=no])]
1440: )
1441: if test X"$sudo_cv_var_daportable" != X"yes"; then
1442: CFLAGS="$_CFLAGS"
1443: fi
1444:
1.21 millert 1445: case "$host" in
1446: *-*-hpux[1-8].*)
1447: AC_DEFINE(BROKEN_SYSLOG)
1448:
1449: # Not sure if setuid binaries are safe in < 9.x
1450: if test -n "$GCC"; then
1451: SUDO_LDFLAGS="${SUDO_LDFLAGS} -static"
1452: else
1453: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive"
1454: fi
1455: ;;
1456: *-*-hpux9.*)
1457: AC_DEFINE(BROKEN_SYSLOG)
1458:
1.23 millert 1459: shadow_funcs="getspwuid"
1.21 millert 1460:
1461: # DCE support (requires ANSI C compiler)
1462: if test "$with_DCE" = "yes"; then
1463: # order of libs in 9.X is important. -lc_r must be last
1464: SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r"
1465: LIBS="${LIBS} -ldce -lM -lc_r"
1466: CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1467: fi
1468: ;;
1469: *-*-hpux10.*)
1.23 millert 1470: shadow_funcs="getprpwnam iscomsec"
1471: shadow_libs="-lsec"
1.21 millert 1472: ;;
1473: *)
1.23 millert 1474: shadow_funcs="getspnam iscomsec"
1475: shadow_libs="-lsec"
1.25 millert 1476: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.21 millert 1477: ;;
1478: esac
1.1 millert 1479: ;;
1480: *-dec-osf*)
1481: # ignore envariables wrt dynamic lib path
1482: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement"
1483:
1.26 millert 1484: : ${CHECKSIA='true'}
1.1 millert 1485: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1486: AC_ARG_ENABLE(sia,
1.38 millert 1487: [AS_HELP_STRING([--disable-sia], [Disable SIA on Digital UNIX])],
1.1 millert 1488: [ case "$enableval" in
1489: yes) AC_MSG_RESULT(no)
1.26 millert 1490: CHECKSIA=true
1.1 millert 1491: ;;
1492: no) AC_MSG_RESULT(yes)
1493: CHECKSIA=false
1494: ;;
1495: *) AC_MSG_RESULT(no)
1.15 millert 1496: AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1.1 millert 1497: ;;
1498: esac
1499: ], AC_MSG_RESULT(no))
1500:
1.23 millert 1501: shadow_funcs="getprpwnam dispcrypt"
1502: # OSF/1 4.x and higher need -ldb too
1503: if test $OSMAJOR -lt 4; then
1504: shadow_libs="-lsecurity -laud -lm"
1505: else
1506: shadow_libs="-lsecurity -ldb -laud -lm"
1507: fi
1508:
1509: # use SIA by default, if we have it
1.25 millert 1510: test "$CHECKSIA" = "true" && AUTH_EXCL_DEF="SIA"
1511:
1512: #
1513: # Some versions of Digital Unix ship with a broken
1514: # copy of prot.h, which we need for shadow passwords.
1515: # XXX - make should remove this as part of distclean
1516: #
1517: AC_MSG_CHECKING([for broken prot.h])
1518: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1.1 millert 1519: #include <sys/types.h>
1520: #include <sys/security.h>
1521: #include <prot.h>
1.25 millert 1522: ]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
1523: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1524: ])
1.23 millert 1525: : ${mansectsu='8'}
1526: : ${mansectform='4'}
1.1 millert 1527: ;;
1528: *-*-irix*)
1.23 millert 1529: OSDEFS="${OSDEFS} -D_BSD_TYPES"
1.1 millert 1530: if test -z "$NROFFPROG"; then
1.14 millert 1531: MAN_POSTINSTALL=' /bin/rm -f $(mandirsu)/sudo.$(mansectsu).z $(mandirsu)/visudo.$(mansectsu).z $(mandirform)/sudoers.$(mansectform).z ; /usr/bin/pack $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform)'
1.1 millert 1532: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1533: if test -d /usr/share/catman/local; then
1534: mandir="/usr/share/catman/local"
1535: else
1536: mandir="/usr/catman/local"
1537: fi
1538: fi
1539: else
1540: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1541: if test -d "/usr/share/man/local"; then
1542: mandir="/usr/share/man/local"
1543: else
1544: mandir="/usr/man/local"
1545: fi
1546: fi
1547: fi
1548: # IRIX <= 4 needs -lsun
1.23 millert 1549: if test "$OSMAJOR" -le 4; then
1.1 millert 1550: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1551: fi
1.23 millert 1552: : ${mansectsu='1m'}
1553: : ${mansectform='4'}
1.1 millert 1554: ;;
1.34 millert 1555: *-*-linux*|*-*-k*bsd*-gnu)
1.23 millert 1556: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1.1 millert 1557: # Some Linux versions need to link with -lshadow
1.23 millert 1558: shadow_funcs="getspnam"
1559: shadow_libs_optional="-lshadow"
1.25 millert 1560: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.1 millert 1561: ;;
1562: *-convex-bsd*)
1.23 millert 1563: OSDEFS="${OSDEFS} -D_CONVEX_SOURCE"
1.1 millert 1564: if test -z "$GCC"; then
1565: CFLAGS="${CFLAGS} -D__STDC__"
1566: fi
1567:
1.23 millert 1568: shadow_defs="-D_AUDIT -D_ACL -DSecureWare"
1569: shadow_funcs="getprpwnam"
1570: shadow_libs="-lprot"
1.1 millert 1571: ;;
1572: *-*-ultrix*)
1573: OS="ultrix"
1.23 millert 1574: shadow_funcs="getauthuid"
1575: shadow_libs="-lauth"
1.1 millert 1576: ;;
1577: *-*-riscos*)
1578: LIBS="${LIBS} -lsun -lbsd"
1579: CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1580: OSDEFS="${OSDEFS} -D_MIPS"
1.23 millert 1581: : ${mansectsu='1m'}
1582: : ${mansectform='4'}
1.1 millert 1583: ;;
1584: *-*-isc*)
1585: OSDEFS="${OSDEFS} -D_ISC"
1586: LIB_CRYPT=1
1587: SUDO_LIBS="${SUDO_LIBS} -lcrypt"
1588: LIBS="${LIBS} -lcrypt"
1589:
1.23 millert 1590: shadow_funcs="getspnam"
1591: shadow_libs="-lsec"
1592:
1593: : ${mansectsu='1m'}
1594: : ${mansectform='4'}
1.1 millert 1595: ;;
1.7 millert 1596: *-*-sco*|*-sco-*)
1.23 millert 1597: shadow_funcs="getprpwnam"
1598: shadow_libs="-lprot -lx"
1599: : ${mansectsu='1m'}
1600: : ${mansectform='4'}
1.8 millert 1601: ;;
1602: m88k-motorola-sysv*)
1603: # motorolla's cc (a variant of gcc) does -O but not -O2
1604: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1.23 millert 1605: : ${mansectsu='1m'}
1606: : ${mansectform='4'}
1.1 millert 1607: ;;
1608: *-sequent-sysv*)
1.23 millert 1609: shadow_funcs="getspnam"
1610: shadow_libs="-lsec"
1611: : ${mansectsu='1m'}
1612: : ${mansectform='4'}
1613: : ${with_rpath='yes'}
1.7 millert 1614: ;;
1615: *-ncr-sysv4*|*-ncr-sysvr4*)
1616: AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
1.23 millert 1617: : ${mansectsu='1m'}
1618: : ${mansectform='4'}
1619: : ${with_rpath='yes'}
1.1 millert 1620: ;;
1.7 millert 1621: *-ccur-sysv4*|*-ccur-sysvr4*)
1.1 millert 1622: LIBS="${LIBS} -lgen"
1623: SUDO_LIBS="${SUDO_LIBS} -lgen"
1.23 millert 1624: : ${mansectsu='1m'}
1625: : ${mansectform='4'}
1626: : ${with_rpath='yes'}
1.1 millert 1627: ;;
1628: *-*-bsdi*)
1.14 millert 1629: SKIP_SETREUID=yes
1.5 millert 1630: # Use shlicc for BSD/OS [23].x unless asked to do otherwise
1631: if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
1.23 millert 1632: case "$OSMAJOR" in
1.15 millert 1633: 2|3) AC_MSG_NOTICE([using shlicc as CC])
1.5 millert 1634: ac_cv_prog_CC=shlicc
1635: CC="$ac_cv_prog_CC"
1636: ;;
1637: esac
1638: fi
1.23 millert 1639: # Check for newer BSD auth API (just check for >= 3.0?)
1640: if test -z "$with_bsdauth"; then
1.25 millert 1641: AC_CHECK_FUNCS(auth_challenge, [AUTH_EXCL_DEF="BSD_AUTH"])
1.23 millert 1642: fi
1.5 millert 1643: ;;
1644: *-*-freebsd*)
1.11 millert 1645: # FreeBSD has a real setreuid(2) starting with 2.1 and
1646: # backported to 2.0.5. We just take 2.1 and above...
1.23 millert 1647: case "$OSREV" in
1.11 millert 1648: 0.*|1.*|2.0*)
1.14 millert 1649: SKIP_SETREUID=yes
1.11 millert 1650: ;;
1651: esac
1.5 millert 1652: if test "$with_skey" = "yes"; then
1653: SUDO_LIBS="${SUDO_LIBS} -lmd"
1654: fi
1.25 millert 1655: CHECKSHADOW="false"
1656: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1657: : ${with_logincap='maybe'}
1.1 millert 1658: ;;
1.7 millert 1659: *-*-*openbsd*)
1.23 millert 1660: # OpenBSD has a real setreuid(2) starting with 3.3 but
1661: # we will use setreuid(2) instead.
1.14 millert 1662: SKIP_SETREUID=yes
1.25 millert 1663: CHECKSHADOW="false"
1.23 millert 1664: # OpenBSD >= 3.0 supports BSD auth
1665: if test -z "$with_bsdauth"; then
1666: case "$OSREV" in
1667: [0-2].*)
1668: ;;
1669: *)
1.25 millert 1670: AUTH_EXCL_DEF="BSD_AUTH"
1.23 millert 1671: ;;
1672: esac
1673: fi
1674: : ${with_logincap='maybe'}
1.7 millert 1675: ;;
1676: *-*-*netbsd*)
1.11 millert 1677: # NetBSD has a real setreuid(2) starting with 1.3.2
1.23 millert 1678: case "$OSREV" in
1.11 millert 1679: 0.9*|1.[012]*|1.3|1.3.1)
1.14 millert 1680: SKIP_SETREUID=yes
1.11 millert 1681: ;;
1682: esac
1.25 millert 1683: CHECKSHADOW="false"
1684: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1685: : ${with_logincap='maybe'}
1686: ;;
1687: *-*-dragonfly*)
1688: if test "$with_skey" = "yes"; then
1689: SUDO_LIBS="${SUDO_LIBS} -lmd"
1690: fi
1.25 millert 1691: CHECKSHADOW="false"
1692: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1693: : ${with_logincap='yes'}
1.7 millert 1694: ;;
1.1 millert 1695: *-*-*bsd*)
1.25 millert 1696: CHECKSHADOW="false"
1.19 millert 1697: ;;
1698: *-*-darwin*)
1699: SKIP_SETREUID=yes
1.25 millert 1700: CHECKSHADOW="false"
1701: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1.23 millert 1702: : ${with_logincap='yes'}
1.1 millert 1703: ;;
1.7 millert 1704: *-*-nextstep*)
1705: # lockf() on is broken on the NeXT -- use flock instead
1706: ac_cv_func_lockf=no
1707: ac_cv_func_flock=yes
1708: ;;
1.15 millert 1709: *-*-*sysv4*)
1.23 millert 1710: : ${mansectsu='1m'}
1711: : ${mansectform='4'}
1712: : ${with_rpath='yes'}
1.15 millert 1713: ;;
1.5 millert 1714: *-*-sysv*)
1.23 millert 1715: : ${mansectsu='1m'}
1716: : ${mansectform='4'}
1717: ;;
1718: *-gnu*)
1719: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1.5 millert 1720: ;;
1.1 millert 1721: esac
1722:
1723: dnl
1.25 millert 1724: dnl Check for mixing mutually exclusive and regular auth methods
1725: dnl
1726: AUTH_REG=${AUTH_REG# }
1727: AUTH_EXCL=${AUTH_EXCL# }
1728: if test -n "$AUTH_EXCL"; then
1729: set -- $AUTH_EXCL
1730: if test $# != 1; then
1731: AC_MSG_ERROR([More than one mutually exclusive authentication method specified: $AUTH_EXCL])
1732: fi
1733: if test -n "$AUTH_REG"; then
1734: AC_MSG_ERROR([Cannot mix mutually exclusive ($AUTH_EXCL) and regular ($AUTH_REG) authentication methods])
1735: fi
1736: fi
1737: dnl
1738: dnl Only one of S/Key and OPIE may be specified
1739: dnl
1740: if test X"${with_skey}${with_opie}" = X"yesyes"; then
1741: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
1742: fi
1743:
1744: dnl
1.5 millert 1745: dnl Use BSD-style man sections by default
1746: dnl
1.23 millert 1747: : ${mansectsu='8'}
1748: : ${mansectform='5'}
1.5 millert 1749:
1750: dnl
1.15 millert 1751: dnl Add in any libpaths or libraries specified via configure
1752: dnl
1753: if test -n "$with_libpath"; then
1754: for i in ${with_libpath}; do
1755: SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
1756: done
1757: fi
1758: if test -n "$with_libraries"; then
1759: for i in ${with_libraries}; do
1760: case $i in
1761: -l*) ;;
1762: *.a) ;;
1763: *.o) ;;
1764: *) i="-l${i}";;
1765: esac
1766: LIBS="${LIBS} ${i}"
1767: done
1768: fi
1769:
1770: dnl
1.1 millert 1771: dnl C compiler checks (to be done after os checks)
1772: dnl
1773: AC_PROG_GCC_TRADITIONAL
1774: AC_C_CONST
1.7 millert 1775: AC_C_VOLATILE
1.1 millert 1776: dnl
1777: dnl Program checks
1778: dnl
1779: AC_PROG_YACC
1.38 millert 1780: AC_PATH_PROG([FLEX], [flex], [flex])
1.7 millert 1781: SUDO_PROG_MV
1782: SUDO_PROG_BSHELL
1.1 millert 1783: if test -z "$with_sendmail"; then
1784: SUDO_PROG_SENDMAIL
1785: fi
1.7 millert 1786: if test -z "$with_editor"; then
1787: SUDO_PROG_VI
1788: fi
1.1 millert 1789: dnl
1790: dnl Header file checks
1791: dnl
1792: AC_HEADER_STDC
1793: AC_HEADER_DIRENT
1.23 millert 1794: AC_HEADER_TIME
1.7 millert 1795: AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h)
1.1 millert 1796: dnl ultrix termio/termios are broken
1797: if test "$OS" != "ultrix"; then
1.7 millert 1798: AC_SYS_POSIX_TERMIOS
1799: if test "$ac_cv_sys_posix_termios" = "yes"; then
1.21 millert 1800: AC_DEFINE(HAVE_TERMIOS_H)
1.7 millert 1801: else
1802: AC_CHECK_HEADERS(termio.h)
1803: fi
1.1 millert 1804: fi
1.23 millert 1805: if test ${with_logincap-'no'} != "no"; then
1.35 millert 1806: AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN=""
1.29 millert 1807: case "$OS" in
1808: freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil"
1809: ;;
1810: esac
1811: ])
1.6 millert 1812: fi
1.23 millert 1813: if test ${with_project-'no'} != "no"; then
1814: AC_CHECK_HEADER(project.h, AC_DEFINE(HAVE_PROJECT_H)
1815: [SUDO_LIBS="${SUDO_LIBS} -lproject"], -)
1.6 millert 1816: fi
1.1 millert 1817: dnl
1818: dnl typedef checks
1819: dnl
1820: AC_TYPE_MODE_T
1821: AC_TYPE_UID_T
1.35 millert 1822: AC_CHECK_TYPE([__signed char], [], [AC_CHECK_TYPE([signed char], [AC_DEFINE(__signed, signed)], [AC_DEFINE(__signed, [])])])
1823: AC_CHECK_TYPE([sig_atomic_t], [], [AC_DEFINE(sig_atomic_t, int)], [#include <sys/types.h>
1.7 millert 1824: #include <signal.h>])
1.23 millert 1825: AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T)], [], [#include <sys/types.h>
1.7 millert 1826: #include <signal.h>])
1.23 millert 1827: AC_CHECK_TYPE([struct timespec], [AC_DEFINE(HAVE_TIMESPEC)], [], [#include <sys/types.h>
1828: #if TIME_WITH_SYS_TIME
1829: # include <sys/time.h>
1.29 millert 1830: #endif
1831: #include <time.h>])
1832: AC_CHECK_TYPES([struct in6_addr], [AC_DEFINE(HAVE_IN6_ADDR)], [], [#include <sys/types.h>
1833: #include <netinet/in.h>])
1.1 millert 1834: SUDO_TYPE_SIZE_T
1835: SUDO_TYPE_SSIZE_T
1836: SUDO_TYPE_DEV_T
1837: SUDO_TYPE_INO_T
1838: SUDO_UID_T_LEN
1.23 millert 1839: SUDO_TYPE_LONG_LONG
1.1 millert 1840: SUDO_SOCK_SA_LEN
1841: dnl
1842: dnl only set RETSIGTYPE if it is not set already
1843: dnl
1844: case "$DEFS" in
1845: *"RETSIGTYPE"*) ;;
1846: *) AC_TYPE_SIGNAL;;
1847: esac
1848: dnl
1849: dnl Function checks
1850: dnl
1.30 millert 1851: AC_FUNC_GETGROUPS
1.7 millert 1852: AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
1.23 millert 1853: strftime setrlimit initgroups getgroups fstat gettimeofday \
1.40 millert 1854: setlocale getaddrinfo setsid setenv setrlimit64)
1.37 millert 1855: AC_CHECK_FUNCS(unsetenv, SUDO_FUNC_UNSETENV_VOID)
1856: SUDO_FUNC_PUTENV_CONST
1.14 millert 1857: if test -z "$SKIP_SETRESUID"; then
1858: AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes])
1859: fi
1860: if test -z "$SKIP_SETREUID"; then
1.23 millert 1861: AC_CHECK_FUNCS(setreuid, [SKIP_SETEUID=yes])
1862: fi
1863: if test -z "$SKIP_SETEUID"; then
1864: AC_CHECK_FUNCS(seteuid)
1.7 millert 1865: fi
1866: if test X"$with_interfaces" != X"no"; then
1.14 millert 1867: AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
1.7 millert 1868: fi
1.1 millert 1869: if test -z "$BROKEN_GETCWD"; then
1.7 millert 1870: AC_REPLACE_FUNCS(getcwd)
1.1 millert 1871: fi
1.23 millert 1872: AC_CHECK_FUNCS(glob, [AC_MSG_CHECKING(for GLOB_BRACE and GLOB_TILDE in glob.h)
1873: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <glob.h>]], [[int i = GLOB_BRACE | GLOB_TILDE; (void)i;]])], [AC_DEFINE(HAVE_EXTENDED_GLOB)
1874: AC_MSG_RESULT(yes)], [AC_LIBOBJ(glob)
1875: AC_MSG_RESULT(no)])], [AC_LIBOBJ(glob)])
1.7 millert 1876: AC_CHECK_FUNCS(lockf flock, [break])
1877: AC_CHECK_FUNCS(waitpid wait3, [break])
1.14 millert 1878: AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
1.21 millert 1879: AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
1.23 millert 1880: SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH)], [AC_LIBOBJ(fnmatch)])
1.7 millert 1881: SUDO_FUNC_ISBLANK
1.23 millert 1882: AC_REPLACE_FUNCS(memrchr strerror strcasecmp sigaction strlcpy strlcat)
1883: AC_CHECK_FUNCS(closefrom, [], [AC_LIBOBJ(closefrom)
1884: AC_CHECK_DECL(F_CLOSEM, AC_DEFINE(HAVE_FCNTL_CLOSEM), [],
1885: [ #include <limits.h>
1886: #include <fcntl.h> ])
1887: ])
1888: AC_CHECK_FUNCS(mkstemp, [], [SUDO_OBJS="${SUDO_OBJS} mkstemp.o"
1889: AC_CHECK_FUNCS(random lrand48, [break])
1890: ])
1.7 millert 1891: AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
1.22 millert 1892: if test X"$ac_cv_type_struct_timespec" != X"no"; then
1.32 millert 1893: AC_CHECK_MEMBER([struct stat.st_mtim], [AC_DEFINE(HAVE_ST_MTIM)]
1894: [AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
1895: [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
1.22 millert 1896: AC_MSG_CHECKING([for two-parameter timespecsub])
1.23 millert 1897: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1898: #include <sys/time.h>]], [[struct timespec ts1, ts2;
1.22 millert 1899: ts1.tv_sec = 1; ts1.tv_nsec = 0; ts2.tv_sec = 0; ts2.tv_nsec = 0;
1900: #ifndef timespecsub
1901: #error missing timespecsub
1902: #endif
1.23 millert 1903: timespecsub(&ts1, &ts2);]])], [AC_DEFINE(HAVE_TIMESPECSUB2)
1904: AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no)])
1.22 millert 1905: fi
1.21 millert 1906: dnl
1907: dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR.
1908: dnl
1.23 millert 1909: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1.34 millert 1910: #include <$ac_header_dirent>]], [[DIR *d; (void)dirfd(d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_TRY_LINK([#include <sys/types.h>
1.24 millert 1911: #include <$ac_header_dirent>], [DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);], [AC_DEFINE(HAVE_DD_FD)])])
1.1 millert 1912: dnl
1913: dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
1914: dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
1915: dnl
1916: if test -n "$NEED_SNPRINTF"; then
1.7 millert 1917: AC_LIBOBJ(snprintf)
1.1 millert 1918: fi
1919: dnl
1920: dnl If socket(2) not in libc, check -lsocket and -linet
1921: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1922: dnl In this case we look for main(), not socket() to avoid using a cached value
1923: dnl
1.7 millert 1924: AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
1925: AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
1.1 millert 1926: dnl
1927: dnl If inet_addr(3) not in libc, check -lnsl and -linet
1928: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1929: dnl
1.7 millert 1930: AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
1931: AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
1.1 millert 1932: dnl
1933: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
1934: dnl
1.7 millert 1935: AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
1.1 millert 1936: dnl
1.16 millert 1937: dnl Check for getprogname() or __progname
1938: dnl
1939: AC_CHECK_FUNCS(getprogname, , [
1940: AC_MSG_CHECKING([for __progname])
1941: AC_CACHE_VAL(sudo_cv___progname, [
1.23 millert 1942: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern char *__progname; (void)puts(__progname);]])], [sudo_cv___progname=yes], [sudo_cv___progname=no])])
1.16 millert 1943: if test "$sudo_cv___progname" = "yes"; then
1.21 millert 1944: AC_DEFINE(HAVE___PROGNAME)
1.16 millert 1945: else
1946: AC_LIBOBJ(getprogname)
1947: fi
1948: AC_MSG_RESULT($sudo_cv___progname)
1949: ])
1.25 millert 1950:
1951: dnl
1.37 millert 1952: dnl nsswitch.conf and its equivalents
1953: dnl
1954: netsvc_conf='/etc/netsvc.conf'
1955: nsswitch_conf='/etc/nsswitch.conf'
1956: if test ${with_netsvc-"no"} != "no"; then
1957: SUDO_DEFINE_UNQUOTED(_PATH_NETSVC_CONF, "${with_netsvc-/etc/netsvc.conf}")
1958: netsvc_conf=${with_netsvc-/etc/netsvc.conf}
1959: elif test ${with_nsswitch-"yes"} != "no"; then
1960: SUDO_DEFINE_UNQUOTED(_PATH_NSSWITCH_CONF, "${with_nsswitch-/etc/nsswitch.conf}")
1961: nsswitch_conf=${with_nsswitch-/etc/nsswitch.conf}
1962: fi
1963:
1964: dnl
1.25 millert 1965: dnl Mutually exclusive auth checks come first, followed by
1966: dnl non-exclusive ones. Note: passwd must be last of all!
1967: dnl
1968:
1969: dnl
1970: dnl Convert default authentication methods to with_* if
1971: dnl no explicit authentication scheme was specified.
1972: dnl
1973: if test -z "${AUTH_EXCL}${AUTH_REG}" -a -n "$AUTH_EXCL_DEF"; then
1974: for auth in $AUTH_EXCL_DEF; do
1975: case $auth in
1976: AIX_AUTH) with_aixauth=maybe;;
1977: BSD_AUTH) with_bsdauth=maybe;;
1978: PAM) with_pam=maybe;;
1979: SIA) CHECKSIA=true;;
1980: esac
1981: done
1982: fi
1983:
1984: dnl
1985: dnl PAM support. Systems that use PAM by default set with_pam=default
1986: dnl and we do the actual tests here.
1987: dnl
1988: if test ${with_pam-"no"} != "no"; then
1989: dnl
1.45 millert 1990: dnl Some platforms need libdl for dlopen
1.25 millert 1991: dnl
1.45 millert 1992: case "$LIBS" in
1993: *-ldl*) SUDO_LIBS="${SUDO_LIBS} -lpam"
1994: ;;
1995: *) AC_CHECK_LIB([dl], [main], [SUDO_LIBS="${SUDO_LIBS} -lpam -ldl"], [SUDO_LIBS="${SUDO_LIBS} -lpam"])
1996: ac_cv_lib_dl=ac_cv_lib_dl_main
1997: ;;
1998: esac
1.25 millert 1999:
2000: dnl
2001: dnl Some PAM implementations (MacOS X for example) put the PAM headers
2002: dnl in /usr/include/pam instead of /usr/include/security...
2003: dnl
2004: AC_CHECK_HEADERS([security/pam_appl.h] [pam/pam_appl.h], [with_pam=yes; break])
2005: if test "$with_pam" = "yes"; then
2006: AC_DEFINE(HAVE_PAM)
2007: AUTH_OBJS="$AUTH_OBJS pam.o";
2008: AUTH_EXCL=PAM
1.28 millert 2009: AC_MSG_CHECKING(whether to use PAM session support)
2010: AC_ARG_ENABLE(pam_session,
1.38 millert 2011: [AS_HELP_STRING([--disable-pam-session], [Disable PAM session support])],
1.28 millert 2012: [ case "$enableval" in
2013: yes) AC_MSG_RESULT(yes)
2014: ;;
2015: no) AC_MSG_RESULT(no)
1.35 millert 2016: AC_DEFINE([NO_PAM_SESSION], [], [PAM session support disabled])
1.28 millert 2017: ;;
2018: *) AC_MSG_RESULT(no)
2019: AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval])
2020: ;;
2021: esac], AC_MSG_RESULT(yes))
1.30 millert 2022: case $host in
2023: *-*-linux*|*-*-solaris*)
1.34 millert 2024: # dgettext() may be defined to dgettext_libintl in the
2025: # header file, so first check that it links w/ additional
2026: # libs, then try with -lintl
2027: AC_LINK_IFELSE([AC_LANG_PROGRAM(
2028: [[#include <libintl.h>]], [(void)dgettext((char *)0, (char *)0);])],
2029: [AC_DEFINE(HAVE_DGETTEXT)],
2030: [AC_CHECK_LIB(intl, dgettext, [LIBS="${LIBS} -lintl"]
1.30 millert 2031: [AC_DEFINE(HAVE_DGETTEXT)])])
2032: ;;
2033: esac
1.25 millert 2034: fi
2035: fi
2036:
2037: dnl
2038: dnl AIX general authentication
2039: dnl If set to "maybe" only enable if no other exclusive method in use.
2040: dnl
2041: if test ${with_aixauth-'no'} != "no"; then
2042: if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
2043: AC_MSG_NOTICE([using AIX general authentication])
2044: AC_DEFINE(HAVE_AIXAUTH)
2045: AUTH_OBJS="$AUTH_OBJS aix_auth.o";
2046: SUDO_LIBS="${SUDO_LIBS} -ls"
2047: AUTH_EXCL=AIX_AUTH
2048: fi
2049: fi
2050:
2051: dnl
2052: dnl BSD authentication
2053: dnl If set to "maybe" only enable if no other exclusive method in use.
2054: dnl
2055: if test ${with_bsdauth-'no'} != "no"; then
2056: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
2057: [AUTH_OBJS="$AUTH_OBJS bsdauth.o"]
1.35 millert 2058: [BSDAUTH_USAGE='[[-a auth_type]] ']
1.34 millert 2059: [AUTH_EXCL=BSD_AUTH; BAMAN=""],
1.25 millert 2060: [AC_MSG_ERROR([BSD authentication was specified but bsd_auth.h could not be found])])
2061: fi
2062:
2063: dnl
2064: dnl SIA authentication for Tru64 Unix
2065: dnl
2066: if test ${CHECKSIA-'false'} = "true"; then
2067: AC_CHECK_FUNCS(sia_ses_init, [found=true], [found=false])
2068: if test "$found" = "true"; then
2069: AUTH_EXCL=SIA
2070: AUTH_OBJS="$AUTH_OBJS sia.o"
2071: fi
2072: fi
2073:
2074: dnl
2075: dnl extra FWTK libs + includes
2076: dnl
2077: if test ${with_fwtk-'no'} != "no"; then
2078: if test "$with_fwtk" != "yes"; then
2079: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_fwtk}])
2080: CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
2081: with_fwtk=yes
2082: fi
2083: SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall"
2084: AUTH_OBJS="$AUTH_OBJS fwtk.o"
2085: fi
2086:
2087: dnl
2088: dnl extra SecurID lib + includes
2089: dnl
2090: if test ${with_SecurID-'no'} != "no"; then
2091: if test "$with_SecurID" != "yes"; then
2092: :
2093: elif test -d /usr/ace/examples; then
2094: with_SecurID=/usr/ace/examples
2095: else
2096: with_SecurID=/usr/ace
2097: fi
2098: CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
2099: _LDFLAGS="${LDFLAGS}"
2100: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_SecurID}])
2101: #
2102: # Determine whether to use the new or old SecurID API
2103: #
2104: AC_CHECK_LIB(aceclnt, SD_Init,
2105: [
2106: AUTH_OBJS="$AUTH_OBJS securid5.o";
2107: SUDO_LIBS="${SUDO_LIBS} -laceclnt -lpthread"
2108: ]
2109: [
2110: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_SecurID}])
2111: ], [
2112: AUTH_OBJS="$AUTH_OBJS securid.o";
2113: SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
2114: ],
2115: [
2116: -lpthread
2117: ]
2118: )
2119: LDFLAGS="${_LDFLAGS}"
2120: fi
2121:
2122: dnl
2123: dnl Non-mutually exclusive auth checks come next.
2124: dnl Note: passwd must be last of all!
2125: dnl
2126:
2127: dnl
2128: dnl Convert default authentication methods to with_* if
2129: dnl no explicit authentication scheme was specified.
2130: dnl
2131: if test -z "${AUTH_EXCL}" -a -n "$AUTH_DEF"; then
2132: for auth in $AUTH_DEF; do
2133: case $auth in
2134: passwd) : ${with_passwd='maybe'};;
2135: esac
2136: done
2137: fi
2138:
1.1 millert 2139: dnl
1.15 millert 2140: dnl Kerberos IV
1.1 millert 2141: dnl
1.25 millert 2142: if test ${with_kerb4-'no'} != "no"; then
1.21 millert 2143: AC_DEFINE(HAVE_KERB4)
1.15 millert 2144: dnl
2145: dnl Use the specified directory, if any, else search for correct inc dir
2146: dnl
2147: O_LDFLAGS="$LDFLAGS"
2148: if test "$with_kerb4" = "yes"; then
2149: found=no
2150: O_CPPFLAGS="$CPPFLAGS"
2151: for dir in "" "kerberosIV/" "krb4/" "kerberos4/" "kerberosv4/"; do
2152: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1.23 millert 2153: AC_PREPROC_IFELSE([#include <krb.h>], [found=yes; break])
1.15 millert 2154: done
2155: test X"$found" = X"no" && CPPFLAGS="$O_CPPFLAGS"
1.1 millert 2156: else
1.15 millert 2157: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_kerb4}/lib])
2158: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb4}/lib])
2159: CPPFLAGS="$CPPFLAGS -I${with_kerb4}/include"
2160: AC_CHECK_HEADER([krb.h], [found=yes], [found=no])
2161: fi
2162: if test X"$found" = X"no"; then
2163: AC_MSG_WARN([Unable to locate Kerberos IV include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
1.1 millert 2164: fi
2165:
1.15 millert 2166: dnl
2167: dnl Check for -ldes vs. -ldes425
2168: dnl
2169: AC_CHECK_LIB(des, des_cbc_encrypt, [K4LIBS="-ldes"], [
2170: AC_CHECK_LIB(des425, des_cbc_encrypt, [K4LIBS="-ldes425"], [K4LIBS=""])
2171: ])
2172: dnl
2173: dnl Try to determine whether we have KTH or MIT/CNS Kerberos IV
2174: dnl
2175: AC_MSG_CHECKING(whether we are using KTH Kerberos IV)
1.23 millert 2176: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb.h>]], [[const char *tmp = krb4_version;]])], [
1.15 millert 2177: AC_MSG_RESULT(yes)
2178: K4LIBS="${K4LIBS} -lcom_err"
2179: AC_CHECK_LIB(roken, main, [K4LIBS="${K4LIBS} -lroken"])
2180: ], [
2181: AC_MSG_RESULT(no)
2182: ]
2183: )
2184: dnl
2185: dnl The actual Kerberos IV lib might be -lkrb or -lkrb4
2186: dnl
2187: AC_CHECK_LIB(krb, main, [K4LIBS="-lkrb $K4LIBS"], [
2188: AC_CHECK_LIB(krb4, main, [K4LIBS="-lkrb4 $K4LIBS"],
2189: [K4LIBS="-lkrb $K4LIBS"]
2190: [AC_MSG_WARN([Unable to locate Kerberos IV libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS and possibly add Kerberos libs to SUDO_LIBS])]
2191: , [$K4LIBS])
2192: ], [$K4LIBS])
2193: LDFLAGS="$O_LDFLAGS"
2194: SUDO_LIBS="${SUDO_LIBS} $K4LIBS"
1.25 millert 2195: AUTH_OBJS="$AUTH_OBJS kerb4.o"
1.15 millert 2196: fi
2197:
2198: dnl
2199: dnl Kerberos V
1.16 millert 2200: dnl There is an easy way and a hard way...
1.15 millert 2201: dnl
1.25 millert 2202: if test ${with_kerb5-'no'} != "no"; then
1.16 millert 2203: AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
2204: if test -n "$KRB5CONFIG"; then
1.21 millert 2205: AC_DEFINE(HAVE_KERB5)
1.25 millert 2206: AUTH_OBJS="$AUTH_OBJS kerb5.o"
1.16 millert 2207: CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
2208: SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"
1.17 millert 2209: dnl
2210: dnl Try to determine whether we have Heimdal or MIT Kerberos
2211: dnl
2212: AC_MSG_CHECKING(whether we are using Heimdal)
1.23 millert 2213: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
1.17 millert 2214: AC_MSG_RESULT(yes)
1.21 millert 2215: AC_DEFINE(HAVE_HEIMDAL)
1.25 millert 2216: ], [
1.23 millert 2217: AC_MSG_RESULT(no)
1.17 millert 2218: ]
2219: )
1.16 millert 2220: fi
2221: fi
1.25 millert 2222: if test ${with_kerb5-'no'} != "no" -a -z "$KRB5CONFIG"; then
1.21 millert 2223: AC_DEFINE(HAVE_KERB5)
1.15 millert 2224: dnl
2225: dnl Use the specified directory, if any, else search for correct inc dir
2226: dnl
2227: if test "$with_kerb5" = "yes"; then
2228: found=no
2229: O_CPPFLAGS="$CPPFLAGS"
2230: for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
2231: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1.23 millert 2232: AC_PREPROC_IFELSE([#include <krb5.h>], [found=yes; break])
1.15 millert 2233: done
2234: if test X"$found" = X"no"; then
2235: CPPFLAGS="$O_CPPFLAGS"
2236: AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
2237: fi
1.1 millert 2238: else
1.15 millert 2239: dnl XXX - try to include krb5.h here too
2240: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb5}/lib])
2241: CPPFLAGS="$CPPFLAGS -I${with_kerb5}/include"
1.1 millert 2242: fi
2243:
1.15 millert 2244: dnl
2245: dnl Try to determine whether we have Heimdal or MIT Kerberos
2246: dnl
2247: AC_MSG_CHECKING(whether we are using Heimdal)
1.23 millert 2248: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
1.15 millert 2249: AC_MSG_RESULT(yes)
1.21 millert 2250: AC_DEFINE(HAVE_HEIMDAL)
1.35 millert 2251: # XXX - need to check whether -lcrypo is needed!
1.23 millert 2252: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lcrypto -ldes -lcom_err -lasn1"
1.15 millert 2253: AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"])
2254: ], [
2255: AC_MSG_RESULT(no)
2256: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
1.39 millert 2257: AC_CHECK_LIB(krb5support, main, [SUDO_LIBS="${SUDO_LIBS} -lkrb5support"])
1.23 millert 2258: ])
1.25 millert 2259: AUTH_OBJS="$AUTH_OBJS kerb5.o"
1.23 millert 2260: _LIBS="$LIBS"
2261: LIBS="${LIBS} ${SUDO_LIBS}"
1.39 millert 2262: AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
2263: AC_CHECK_FUNCS(krb5_get_init_creds_opt_alloc, [
2264: AC_CACHE_CHECK([whether krb5_get_init_creds_opt_free takes a context],
2265: sudo_cv_krb5_get_init_creds_opt_free_two_args, [
2266: AC_TRY_COMPILE([#include <krb5.h>],
2267: [krb5_get_init_creds_opt_free(NULL, NULL);],
2268: [sudo_cv_krb5_get_init_creds_opt_free_two_args=yes],
2269: [sudo_cv_krb5_get_init_creds_opt_free_two_args=no]
2270: )
2271: ]
2272: )
2273: ])
1.35 millert 2274: if test X"$sudo_cv_krb5_get_init_creds_opt_free_two_args" = X"yes"; then
2275: AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS)
2276: fi
1.23 millert 2277: LIBS="$_LIBS"
2278: fi
2279:
2280: dnl
1.1 millert 2281: dnl extra AFS libs and includes
2282: dnl
1.25 millert 2283: if test ${with_AFS-'no'} = "yes"; then
1.1 millert 2284:
2285: # looks like the "standard" place for AFS libs is /usr/afsws/lib
2286: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
2287: for i in $AFSLIBDIRS; do
2288: if test -d ${i}; then
1.15 millert 2289: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [$i])
1.1 millert 2290: FOUND_AFSLIBDIR=true
2291: fi
2292: done
2293: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 2294: AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDO_LDFLAGS or rerun configure with the --with-libpath options.])
1.1 millert 2295: fi
2296:
2297: # Order is important here. Note that we build AFS_LIBS from right to left
2298: # since AFS_LIBS may be initialized with BSD compat libs that must go last
2299: AFS_LIBS="-laudit ${AFS_LIBS}"
2300: for i in $AFSLIBDIRS; do
2301: if test -f ${i}/util.a; then
2302: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
2303: FOUND_UTIL_A=true
2304: break;
2305: fi
2306: done
2307: if test -z "$FOUND_UTIL_A"; then
2308: AFS_LIBS="-lutil ${AFS_LIBS}"
2309: fi
2310: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
2311:
2312: # AFS includes may live in /usr/include on some machines...
2313: for i in /usr/afsws/include; do
2314: if test -d ${i}; then
2315: CPPFLAGS="${CPPFLAGS} -I${i}"
2316: FOUND_AFSINCDIR=true
2317: fi
2318: done
2319:
2320: if test -z "$FOUND_AFSLIBDIR"; then
1.15 millert 2321: AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
1.1 millert 2322: fi
1.25 millert 2323:
2324: AUTH_OBJS="$AUTH_OBJS afs.o"
1.1 millert 2325: fi
2326:
2327: dnl
2328: dnl extra DCE obj + lib
2329: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
2330: dnl
1.25 millert 2331: if test ${with_DCE-'no'} = "yes"; then
1.1 millert 2332: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
2333: SUDO_LIBS="${SUDO_LIBS} -ldce"
1.25 millert 2334: AUTH_OBJS="$AUTH_OBJS dce.o"
1.5 millert 2335: fi
2336:
2337: dnl
1.1 millert 2338: dnl extra S/Key lib and includes
2339: dnl
1.25 millert 2340: if test ${with_skey-'no'} = "yes"; then
1.15 millert 2341: O_LDFLAGS="$LDFLAGS"
2342: if test "$with_skey" != "yes"; then
2343: CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
2344: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_skey}/lib])
2345: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_skey}/lib])
2346: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes], [found=no])
1.1 millert 2347: else
1.15 millert 2348: found=no
2349: O_CPPFLAGS="$CPPFLAGS"
2350: for dir in "" "/usr/local" "/usr/contrib"; do
2351: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1.23 millert 2352: AC_PREPROC_IFELSE([#include <skey.h>], [found=yes; break])
1.15 millert 2353: done
2354: if test "$found" = "no" -o -z "$dir"; then
2355: CPPFLAGS="$O_CPPFLAGS"
2356: else
2357: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2358: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2359: fi
1.1 millert 2360: fi
1.15 millert 2361: if test "$found" = "no"; then
2362: AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
2363: fi
2364: AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])])
1.21 millert 2365: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
1.15 millert 2366: LDFLAGS="$O_LDFLAGS"
2367: SUDO_LIBS="${SUDO_LIBS} -lskey"
1.25 millert 2368: AUTH_OBJS="$AUTH_OBJS rfc1938.o"
1.1 millert 2369: fi
2370:
2371: dnl
2372: dnl extra OPIE lib and includes
2373: dnl
1.25 millert 2374: if test ${with_opie-'no'} = "yes"; then
1.15 millert 2375: O_LDFLAGS="$LDFLAGS"
2376: if test "$with_opie" != "yes"; then
2377: CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
2378: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_opie}/lib])
2379: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_opie}/lib])
2380: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes], [found=no])
1.1 millert 2381: else
1.15 millert 2382: found=no
2383: O_CPPFLAGS="$CPPFLAGS"
2384: for dir in "" "/usr/local" "/usr/contrib"; do
2385: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
1.23 millert 2386: AC_PREPROC_IFELSE([#include <opie.h>], [found=yes; break])
1.15 millert 2387: done
2388: if test "$found" = "no" -o -z "$dir"; then
2389: CPPFLAGS="$O_CPPFLAGS"
2390: else
2391: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2392: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2393: fi
2394: fi
2395: if test "$found" = "no"; then
2396: AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
1.1 millert 2397: fi
1.15 millert 2398: AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDO_LDFLAGS])])
2399: LDFLAGS="$O_LDFLAGS"
2400: SUDO_LIBS="${SUDO_LIBS} -lopie"
1.25 millert 2401: AUTH_OBJS="$AUTH_OBJS rfc1938.o"
1.1 millert 2402: fi
2403:
2404: dnl
1.25 millert 2405: dnl Check for shadow password routines if we have not already done so.
2406: dnl If there is a specific list of functions to check we do that first.
2407: dnl Otherwise, we check for SVR4-style and then SecureWare-style.
1.1 millert 2408: dnl
1.25 millert 2409: if test ${with_passwd-'no'} != "no"; then
2410: dnl
2411: dnl if crypt(3) not in libc, look elsewhere
2412: dnl
2413: if test -z "$LIB_CRYPT" -a "$with_passwd" != "no"; then
2414: AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
1.1 millert 2415: fi
2416:
1.25 millert 2417: if test "$CHECKSHADOW" = "true" -a -n "$shadow_funcs"; then
2418: _LIBS="$LIBS"
2419: LIBS="$LIBS $shadow_libs"
2420: found=no
2421: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2422: if test "$found" = "yes"; then
2423: SUDO_LIBS="$SUDO_LIBS $shadow_libs"
2424: elif test -n "$shadow_libs_optional"; then
2425: LIBS="$LIBS $shadow_libs_optional"
2426: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2427: if test "$found" = "yes"; then
2428: SUDO_LIBS="$SUDO_LIBS $shadow_libs $shadow_libs_optional"
2429: fi
2430: fi
2431: if test "$found" = "yes"; then
2432: case "$shadow_funcs" in
2433: *getprpwnam*) SECUREWARE=1;;
2434: esac
2435: test -n "$shadow_defs" && OSDEFS="${OSDEFS} $shadow_defs"
2436: else
2437: LIBS="$_LIBS"
2438: fi
2439: CHECKSHADOW=false
2440: fi
2441: if test "$CHECKSHADOW" = "true"; then
2442: AC_SEARCH_LIBS([getspnam], [gen], [AC_DEFINE(HAVE_GETSPNAM)] [CHECKSHADOW=false; test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
1.15 millert 2443: fi
1.25 millert 2444: if test "$CHECKSHADOW" = "true"; then
2445: AC_SEARCH_LIBS([getprpwnam], [sec security prot], [AC_DEFINE(HAVE_GETPRPWNAM)] [CHECKSHADOW=false; SECUREWARE=1; test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
1.23 millert 2446: fi
1.25 millert 2447: if test -n "$SECUREWARE"; then
2448: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
2449: AUTH_OBJS="$AUTH_OBJS secureware.o"
1.23 millert 2450: fi
1.1 millert 2451: fi
2452:
2453: dnl
1.21 millert 2454: dnl extra lib and .o file for LDAP support
2455: dnl
1.25 millert 2456: if test ${with_ldap-'no'} != "no"; then
1.23 millert 2457: _LDFLAGS="$LDFLAGS"
1.21 millert 2458: if test "$with_ldap" != "yes"; then
2459: SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_ldap}/lib])
2460: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib])
2461: CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
2462: with_ldap=yes
2463: fi
2464: SUDO_OBJS="${SUDO_OBJS} ldap.o"
1.44 millert 2465: LDAP=""
1.21 millert 2466:
2467: AC_MSG_CHECKING([for LDAP libraries])
2468: LDAP_LIBS=""
2469: _LIBS="$LIBS"
2470: found=no
2471: for l in -lldap -llber '-lssl -lcrypto'; do
2472: LIBS="${LIBS} $l"
2473: LDAP_LIBS="${LDAP_LIBS} $l"
1.23 millert 2474: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1.21 millert 2475: #include <lber.h>
1.23 millert 2476: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [found=yes; break])
1.21 millert 2477: done
1.23 millert 2478: dnl if nothing linked just try with -lldap
1.21 millert 2479: if test "$found" = "no"; then
1.33 millert 2480: LIBS="${_LIBS} -lldap"
2481: LDAP_LIBS="-lldap"
1.23 millert 2482: AC_MSG_RESULT([not found, using -lldap])
1.21 millert 2483: else
2484: AC_MSG_RESULT([$LDAP_LIBS])
2485: fi
1.33 millert 2486: dnl check if we need to link with -llber for ber_set_option
2487: OLIBS="$LIBS"
2488: AC_SEARCH_LIBS([ber_set_option], [lber], [found=yes], [found=no])
2489: if test X"$found" = X"yes" -a X"$LIBS" != X"$OLIBS"; then
2490: LDAP_LIBS="$LDAP_LIBS -llber"
2491: fi
2492: dnl check if ldap.h includes lber.h for us
1.21 millert 2493: AC_MSG_CHECKING([whether lber.h is needed])
1.23 millert 2494: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2495: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [AC_MSG_RESULT([no])], [
1.21 millert 2496: AC_MSG_RESULT([yes])
2497: AC_DEFINE(HAVE_LBER_H)])
2498:
1.38 millert 2499: AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s)], [break])
1.33 millert 2500: AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
1.37 millert 2501: AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_search_ext_s ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
1.21 millert 2502:
1.35 millert 2503: if test X"$check_gss_krb5_ccache_name" = X"yes"; then
2504: AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,
2505: AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
2506: [LDAP_LIBS="${LDAP_LIBS} -lgssapi"],
2507: AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,
2508: AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
2509: [LDAP_LIBS="${LDAP_LIBS} -lgssapi_krb5"])
2510: )
2511:
2512: # gssapi headers may be separate or part of Kerberos V
2513: found=no
2514: O_CPPFLAGS="$CPPFLAGS"
2515: for dir in "" "kerberosV" "krb5" "kerberos5" "kerberosv5"; do
2516: test X"$dir" != X"" && CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
2517: AC_PREPROC_IFELSE([#include <gssapi/gssapi.h>], [found="gssapi/gssapi.h"; break], [AC_PREPROC_IFELSE([#include <gssapi.h>], [found="gssapi.h"; break])])
2518: done
2519: if test X"$found" != X"no"; then
2520: AC_CHECK_HEADERS([$found])
2521: if test X"$found" = X"gssapi/gssapi.h"; then
2522: AC_CHECK_HEADERS([gssapi/gssapi_krb5.h])
2523: fi
2524: else
2525: CPPFLAGS="$O_CPPFLAGS"
2526: AC_MSG_WARN([Unable to locate gssapi.h, you will have to edit the Makefile and add -I/path/to/gssapi/includes to CPPFLAGS])
2527: fi
2528: fi
2529:
1.34 millert 2530: SUDO_LIBS="${SUDO_LIBS} ${LDAP_LIBS}"
1.21 millert 2531: LIBS="$_LIBS"
2532: LDFLAGS="$_LDFLAGS"
2533: fi
2534:
2535: dnl
1.38 millert 2536: dnl Add LIBVAS_RPATH to LDFLAGS
2537: dnl GNU ld accepts -R/path/ as an alias for -rpath /path/
2538: dnl
2539: if test X"$LIBVAS_RPATH" != X""; then
2540: if test -n "$blibpath"; then
2541: blibpath_add="${blibpath_add}:$LIBVAS_RPATH"
2542: else
1.45 millert 2543: case "$host" in
2544: *-*-hpux*) LDFLAGS="$LDFLAGS -Wl,+b,$LIBVAS_RPATH"
2545: ;;
2546: *) LDFLAGS="$LDFLAGS -Wl,-R$LIBVAS_RPATH"
2547: ;;
2548: esac
1.38 millert 2549: fi
2550: fi
2551:
2552: dnl
1.15 millert 2553: dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we
2554: dnl added -L dirpaths to SUDO_LDFLAGS.
2555: dnl
2556: if test -n "$blibpath"; then
2557: if test -n "$blibpath_add"; then
2558: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}${blibpath_add}"
2559: elif test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
2560: SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}"
2561: fi
2562: fi
2563:
2564: dnl
1.1 millert 2565: dnl Check for log file and timestamp locations
2566: dnl
2567: SUDO_LOGFILE
2568: SUDO_TIMEDIR
1.47 ! millert 2569: SUDO_TZDIR
1.1 millert 2570:
2571: dnl
2572: dnl Use passwd (and secureware) auth modules?
2573: dnl
1.25 millert 2574: case "$with_passwd" in
2575: yes|maybe)
2576: AUTH_OBJS="$AUTH_OBJS passwd.o"
1.23 millert 2577: ;;
2578: *)
1.21 millert 2579: AC_DEFINE(WITHOUT_PASSWD)
1.1 millert 2580: if test -z "$AUTH_OBJS"; then
2581: AC_MSG_ERROR([no authentication methods defined.])
2582: fi
1.23 millert 2583: ;;
2584: esac
1.25 millert 2585: AUTH_OBJS=${AUTH_OBJS# }
1.23 millert 2586: _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
2587: AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
1.1 millert 2588:
2589: dnl
2590: dnl LIBS may contain duplicates from SUDO_LIBS or NET_LIBS so prune it.
2591: dnl
2592: if test -n "$LIBS"; then
2593: L="$LIBS"
2594: LIBS=
2595: for l in ${L}; do
2596: dupe=0
2597: for sl in ${SUDO_LIBS} ${NET_LIBS}; do
2598: test $l = $sl && dupe=1
2599: done
2600: test $dupe = 0 && LIBS="${LIBS} $l"
2601: done
2602: fi
2603:
2604: dnl
2605: dnl Set exec_prefix
2606: dnl
2607: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
2608:
2609: dnl
1.35 millert 2610: dnl Defer setting _PATH_SUDO_NOEXEC until after exec_prefix is set
1.21 millert 2611: dnl XXX - this is gross!
2612: dnl
1.34 millert 2613: if test X"$with_noexec" != X"no" -o X"$with_selinux" != X"no"; then
1.21 millert 2614: oexec_prefix="$exec_prefix"
2615: if test "$exec_prefix" = '$(prefix)'; then
2616: if test "$prefix" = "NONE"; then
2617: exec_prefix="$ac_default_prefix"
2618: else
2619: exec_prefix="$prefix"
2620: fi
2621: fi
1.34 millert 2622: if test X"$with_noexec" != X"no"; then
2623: PROGS="${PROGS} sudo_noexec.la"
2624: INSTALL_NOEXEC="install-noexec"
2625:
2626: eval noexec_file="$with_noexec"
2627: AC_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so])
2628: fi
2629: if test X"$with_selinux" != X"no"; then
2630: eval sesh_file="$libexecdir/sesh"
2631: AC_DEFINE_UNQUOTED(_PATH_SUDO_SESH, "$sesh_file", [The fully qualified pathname of sesh])
2632: fi
1.21 millert 2633: exec_prefix="$oexec_prefix"
2634: fi
2635:
2636: dnl
1.5 millert 2637: dnl Substitute into the Makefile and man pages
1.1 millert 2638: dnl
1.35 millert 2639: AC_CONFIG_FILES([Makefile sudo.man visudo.man sudoers.man sudoers.ldap.man sudo_usage.h])
1.23 millert 2640: AC_OUTPUT
1.1 millert 2641:
2642: dnl
2643: dnl Spew any text the user needs to know about
2644: dnl
2645: if test "$with_pam" = "yes"; then
2646: case $host in
2647: *-*-linux*)
1.15 millert 2648: AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
1.1 millert 2649: ;;
2650: esac
2651: fi
1.7 millert 2652:
2653: dnl
1.21 millert 2654: dnl Autoheader templates
2655: dnl
2656: AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.])
2657: AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.])
2658: AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.])
2659: AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
2660: AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
1.45 millert 2661: AH_TEMPLATE(ENV_DEBUG, [Whether to enable environment debugging.])
1.21 millert 2662: AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
2663: AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
2664: AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
2665: AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
1.23 millert 2666: AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
1.21 millert 2667: AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
1.37 millert 2668: AH_TEMPLATE(HAVE_BSM_AUDIT, [Define to 1 to enable BSM auditing.])
1.21 millert 2669: AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
2670: AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
2671: AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
1.30 millert 2672: AH_TEMPLATE(HAVE_DGETTEXT, [Define to 1 if you have the `dgettext' function.])
1.23 millert 2673: AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
2674: AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.])
2675: AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
1.21 millert 2676: AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
2677: AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
2678: AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)])
2679: AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
2680: AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
2681: AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords)])
2682: AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
1.35 millert 2683: AH_TEMPLATE(HAVE_GSS_KRB5_CCACHE_NAME, [Define to 1 if you have the `gss_krb5_ccache_name' function.])
1.21 millert 2684: AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.])
1.29 millert 2685: AH_TEMPLATE(HAVE_IN6_ADDR, [Define to 1 if <netinet/in.h> contains struct in6_addr.])
1.21 millert 2686: AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])
2687: AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
2688: AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.])
2689: AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
1.35 millert 2690: AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC, [Define to 1 if you have the `krb5_get_init_creds_opt_alloc' function.])
1.39 millert 2691: AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS, [Define to 1 if your `krb5_get_init_creds_opt_free' function takes two arguments.])
1.35 millert 2692: AH_TEMPLATE(HAVE_KRB5_INIT_SECURE_CONTEXT, [Define to 1 if you have the `krb5_init_secure_context' function.])
2693: AH_TEMPLATE(HAVE_KRB5_VERIFY_USER, [Define to 1 if you have the `krb5_verify_user' function.])
1.21 millert 2694: AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not)])
2695: AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.])
2696: AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.])
2697: AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.])
1.23 millert 2698: AH_TEMPLATE(HAVE_PROJECT_H, [Define to 1 if you have the <project.h> header file.])
1.21 millert 2699: AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.])
1.34 millert 2700: AH_TEMPLATE(HAVE_SELINUX, [Define to 1 to enable SELinux RBAC support.])
1.21 millert 2701: AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if <signal.h> has the sigaction_t typedef.])
2702: AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
2703: AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
1.32 millert 2704: AH_TEMPLATE(HAVE_ST__TIM, [Define to 1 if your struct stat uses an st__tim union])
1.21 millert 2705: AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member])
2706: AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member])
2707: AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the <termios.h> header file and the `tcgetattr' function.])
2708: AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h])
1.22 millert 2709: AH_TEMPLATE(HAVE_TIMESPECSUB2, [Define to 1 if you have a timespecsub macro or function that takes two arguments (not three)])
1.21 millert 2710: AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
2711: AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
2712: AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements])
2713: AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
2714: AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
2715: AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])
2716: AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.])
2717: AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.])
2718: AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.])
2719: AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.])
2720: AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.])
2721: AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.])
2722: AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.])
2723: AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.])
2724: AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
2725: AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
2726: AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
2727: AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
2728: AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
2729: AH_TEMPLATE(USE_TTY_TICKETS, [Define to 1 if you want a different ticket file for each tty.])
2730: AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
2731: AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
1.35 millert 2732: AH_TEMPLATE(__signed, [Define to `signed' or nothing if compiler does not support a signed type qualifier.])
1.38 millert 2733: AH_TEMPLATE(USING_NONUNIX_GROUPS, [Define to 1 if using a non-Unix group lookup implementation.])
1.21 millert 2734:
2735: dnl
2736: dnl Bits to copy verbatim into config.h.in
1.7 millert 2737: dnl
2738: AH_TOP([#ifndef _SUDO_CONFIG_H
2739: #define _SUDO_CONFIG_H])
2740:
2741: AH_BOTTOM([/*
1.21 millert 2742: * Macros to pull sec and nsec parts of mtime from struct stat.
1.23 millert 2743: * We need to be able to convert between timeval and timespec
2744: * so the last 3 digits of tv_nsec are not significant.
1.21 millert 2745: */
2746: #ifdef HAVE_ST_MTIM
1.32 millert 2747: # ifdef HAVE_ST__TIM
2748: # define mtim_getsec(_x) ((_x).st_mtim.st__tim.tv_sec)
2749: # define mtim_getnsec(_x) (((_x).st_mtim.st__tim.tv_nsec / 1000) * 1000)
2750: # else
2751: # define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
2752: # define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
2753: # endif
1.21 millert 2754: #else
2755: # ifdef HAVE_ST_MTIMESPEC
2756: # define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec)
1.23 millert 2757: # define mtim_getnsec(_x) (((_x).st_mtimespec.tv_nsec / 1000) * 1000)
1.21 millert 2758: # else
2759: # define mtim_getsec(_x) ((_x).st_mtime)
2760: # define mtim_getnsec(_x) (0)
2761: # endif /* HAVE_ST_MTIMESPEC */
2762: #endif /* HAVE_ST_MTIM */
2763:
2764: /*
1.7 millert 2765: * Emulate a subset of waitpid() if we don't have it.
2766: */
2767: #ifdef HAVE_WAITPID
2768: # define sudo_waitpid(p, s, o) waitpid(p, s, o)
2769: #else
2770: # ifdef HAVE_WAIT3
2771: # define sudo_waitpid(p, s, o) wait3(s, o, NULL)
2772: # endif
1.14 millert 2773: #endif
2774:
2775: /* GNU stow needs /etc/sudoers to be a symlink. */
1.21 millert 2776: #ifdef USE_STOW
1.14 millert 2777: # define stat_sudoers stat
2778: #else
2779: # define stat_sudoers lstat
1.7 millert 2780: #endif
1.21 millert 2781:
2782: /* Macros to set/clear/test flags. */
2783: #undef SET
2784: #define SET(t, f) ((t) |= (f))
2785: #undef CLR
2786: #define CLR(t, f) ((t) &= ~(f))
2787: #undef ISSET
2788: #define ISSET(t, f) ((t) & (f))
1.7 millert 2789:
2790: /* New ANSI-style OS defs for HP-UX and ConvexOS. */
2791: #if defined(hpux) && !defined(__hpux)
2792: # define __hpux 1
2793: #endif /* hpux */
2794:
2795: #if defined(convex) && !defined(__convex__)
2796: # define __convex__ 1
2797: #endif /* convex */
2798:
2799: /* BSD compatibility on some SVR4 systems. */
2800: #ifdef __svr4__
2801: # define BSD_COMP
2802: #endif /* __svr4__ */
2803:
2804: #endif /* _SUDO_CONFIG_H */])