Annotation of src/usr.bin/sudo/configure.in, Revision 1.8
1.1 millert 1: dnl
2: dnl Process this file with GNU autoconf to produce a configure script.
1.8 ! millert 3: dnl $Sudo: configure.in,v 1.342 2002/01/07 18:59:47 millert Exp $
1.1 millert 4: dnl
1.7 millert 5: dnl Copyright (c) 1994-1996,1998-2002 Todd C. Miller <Todd.Miller@courtesan.com>
1.1 millert 6: dnl
1.7 millert 7: AC_INIT(sudo, 1.6.4)
1.1 millert 8: AC_CONFIG_HEADER(config.h pathnames.h)
9: dnl
10: dnl This won't work before AC_INIT()
11: dnl
1.7 millert 12: echo "Configuring Sudo version 1.6.4"
1.1 millert 13: dnl
1.7 millert 14: dnl Variables that get substituted in the Makefile and man pages
1.1 millert 15: dnl
1.5 millert 16: AC_SUBST(CFLAGS)dnl
1.1 millert 17: AC_SUBST(PROGS)dnl
18: AC_SUBST(CPPFLAGS)dnl
19: AC_SUBST(LDFLAGS)dnl
20: AC_SUBST(SUDO_LDFLAGS)dnl
21: AC_SUBST(LIBS)dnl
22: AC_SUBST(SUDO_LIBS)dnl
23: AC_SUBST(NET_LIBS)dnl
24: AC_SUBST(AFS_LIBS)dnl
25: AC_SUBST(OSDEFS)dnl
26: AC_SUBST(AUTH_OBJS)dnl
27: AC_SUBST(LIBOBJS)dnl
28: AC_SUBST(MANTYPE)dnl
29: AC_SUBST(MAN_POSTINSTALL)dnl
30: AC_SUBST(SUDOERS_MODE)dnl
31: AC_SUBST(SUDOERS_UID)dnl
32: AC_SUBST(SUDOERS_GID)dnl
1.5 millert 33: AC_SUBST(DEV)
34: AC_SUBST(mansectsu)
35: AC_SUBST(mansectform)
36: AC_SUBST(mansrcdir)
37: dnl
1.7 millert 38: dnl Variables that get substituted in docs (not overridden by environment)
39: dnl
40: AC_SUBST(timedir)dnl initial value from SUDO_TIMEDIR
41: AC_SUBST(timeout)
42: AC_SUBST(password_timeout)
43: AC_SUBST(sudo_umask)
44: AC_SUBST(passprompt)
45: AC_SUBST(long_otp_prompt)
46: AC_SUBST(lecture)
47: AC_SUBST(logfac)
48: AC_SUBST(goodpri)
49: AC_SUBST(badpri)
50: AC_SUBST(loglen)
51: AC_SUBST(ignore_dot)
52: AC_SUBST(mail_no_user)
53: AC_SUBST(mail_no_host)
54: AC_SUBST(mail_no_perms)
55: AC_SUBST(mailto)
56: AC_SUBST(mailsub)
57: AC_SUBST(badpass_message)
58: AC_SUBST(fqdn)
59: AC_SUBST(runas_default)
60: AC_SUBST(env_editor)
61: AC_SUBST(passwd_tries)
62: AC_SUBST(tty_tickets)
63: AC_SUBST(insults)
64: dnl
65: dnl Initial values for above
66: dnl
67: timeout=5
68: password_timeout=5
69: sudo_umask=0022
70: passprompt="Password:"
71: long_otp_prompt=off
72: lecture=on
73: logfac=local2
74: goodpri=notice
75: badpri=alert
76: loglen=80
77: ignore_dot=off
78: mail_no_user=on
79: mail_no_host=off
80: mail_no_perms=off
81: mailto=root
82: mailsub='*** SECURITY information for %h ***'
83: badpass_message='Sorry, try again.'
84: fqdn=off
85: runas_default=root
86: env_editor=off
87: passwd_tries=3
88: tty_tickets=off
89: insults=off
90: dnl
1.5 millert 91: dnl Initial values for Makefile variables listed above
1.7 millert 92: dnl May be overridden by environment variables..
1.5 millert 93: dnl
94: PROGS="sudo visudo"
95: test -n "$MANTYPE" || MANTYPE="man"
96: test -n "$mansrcdir" || mansrcdir="."
97: test -n "$SUDOERS_MODE" || SUDOERS_MODE=0440
98: test -n "$SUDOERS_UID" || SUDOERS_UID=0
99: test -n "$SUDOERS_GID" || SUDOERS_GID=0
1.1 millert 100: DEV="#"
1.5 millert 101:
102: dnl
103: dnl Other vaiables
104: dnl
1.1 millert 105: CHECKSHADOW=true
106: CHECKSIA=true
107:
108: dnl
109: dnl Override default configure dirs...
110: dnl
111: test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man'
112: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
113: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
114: test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc'
115:
116: dnl
117: dnl Deprecated --with options (these all warn or generate an error)
118: dnl
119:
120: AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
121: [case $with_otp_only in
122: yes) with_passwd=no
1.7 millert 123: AC_DEFINE(WITHOUT_PASSWD, 1, [Define to avoid using the passwd/shadow file for authentication.])
1.1 millert 124: AC_MSG_WARN([--with-otp-only option deprecated, treating as --without-passwd])
125: ;;
126: esac])
127:
128: AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
129: [case $with_alertmail in
130: *) with_mailto="$with_alertmail"
131: AC_MSG_WARN([--with-alertmail option deprecated, treating as --mailto])
132: ;;
133: esac])
134:
135: dnl
136: dnl Options for --with
137: dnl
138:
139: AC_ARG_WITH(CC, [ --with-CC C compiler to use],
140: [case $with_CC in
141: yes) AC_MSG_ERROR(["must give --with-CC an argument."])
142: ;;
143: no) AC_MSG_ERROR(["illegal argument: --without-CC."])
144: ;;
145: *) CC=$with_CC
146: ;;
147: esac])
148:
149: AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files],
150: [case $with_incpath in
151: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
152: ;;
153: no) AC_MSG_ERROR(["--without-incpath not supported."])
154: ;;
155: *) echo "Adding ${with_incpath} to CPPFLAGS"
156: for i in ${with_incpath}; do
157: CPPFLAGS="${CPPFLAGS} -I${i}"
158: done
159: ;;
160: esac])
161:
162: AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries],
163: [case $with_libpath in
164: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
165: ;;
166: no) AC_MSG_ERROR(["--without-libpath not supported."])
167: ;;
168: *) echo "Adding ${with_libpath} to LDFLAGS"
169: for i in ${with_libpath}; do
170: LDFLAGS="${LDFLAGS} -L${i}"
171: done
172: ;;
173: esac])
174:
175: AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with],
176: [case $with_libraries in
177: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
178: ;;
179: no) AC_MSG_ERROR(["--without-libraries not supported."])
180: ;;
181: *) echo "Adding ${with_libraries} to LIBS"
182: for i in ${with_libraries}; do
183: case $i in
184: -l*) ;;
185: *.a) ;;
186: *.o) ;;
187: *) i="-l${i}";;
188: esac
189: LIBS="${LIBS} ${i}"
190: done
191: ;;
192: esac])
193:
194: AC_ARG_WITH(devel, [ --with-devel add developement options],
195: [case $with_devel in
196: yes) echo 'Setting up for developement: -Wall, flex, yacc'
197: PROGS="${PROGS} testsudoers"
198: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
199: DEV=""
200: ;;
201: no) ;;
1.5 millert 202: *) echo "Ignoring unknown argument to --with-devel: $with_devel"
1.1 millert 203: ;;
204: esac])
205:
206: AC_ARG_WITH(csops, [ --with-csops add CSOps standard options],
207: [case $with_csops in
208: yes) echo 'Adding CSOps standard options'
209: CHECKSIA=false
210: with_ignore_dot=yes
1.7 millert 211: insults=on
1.1 millert 212: with_classic_insults=yes
213: with_csops_insults=yes
214: with_env_editor=yes
215: ;;
216: no) ;;
217: *) echo "Ignoring unknown argument to --with-csops: $with_csops"
218: ;;
219: esac])
220:
221: AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication],
222: [case $with_passwd in
223: yes) ;;
224: no) AC_DEFINE(WITHOUT_PASSWD)
225: AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
226: AC_MSG_RESULT(no)
227: ;;
228: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
229: ;;
230: esac])
231:
232: AC_ARG_WITH(skey, [ --with-skey enable S/Key support ],
233: [case $with_skey in
234: yes) if test -n "$with_opie"; then
235: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
236: fi
1.7 millert 237: AC_DEFINE(HAVE_SKEY, 1, [Define if you use S/Key.])
1.1 millert 238: AC_MSG_CHECKING(whether to try S/Key authentication)
239: AC_MSG_RESULT(yes)
240: AUTH_OBJS="${AUTH_OBJS} rfc1938.o"
241: ;;
242: no) ;;
243: *) echo "Ignoring unknown argument to --with-skey: $with_skey"
244: ;;
245: esac])
246:
247: AC_ARG_WITH(opie, [ --with-opie enable OPIE support ],
248: [case $with_opie in
249: yes) if test -n "$with_skey"; then
250: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
251: fi
1.7 millert 252: AC_DEFINE(HAVE_OPIE, 1, [Define if you use NRL OPIE.])
1.1 millert 253: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
254: AC_MSG_RESULT(yes)
255: AUTH_OBJS="${AUTH_OBJS} rfc1938.o"
256: ;;
257: no) ;;
258: *) echo "Ignoring unknown argument to --with-opie: $with_opie"
259: ;;
260: esac])
261:
262: AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt],
263: [case $with_long_otp_prompt in
1.7 millert 264: yes) AC_DEFINE(LONG_OTP_PROMPT, 1, [Define if you want a two line OTP (S/Key or OPIE) prompt.])
1.1 millert 265: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
266: AC_MSG_RESULT(yes)
1.7 millert 267: long_otp_prompt=on
268: ;;
269: no) long_otp_prompt=off
1.1 millert 270: ;;
271: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
272: ;;
273: esac])
274:
275: AC_ARG_WITH(SecurID, [ --with-SecurID enable SecurID support],
276: [case $with_SecurID in
277: no) ;;
1.7 millert 278: *) AC_DEFINE(HAVE_SECURID, 1, [Define if you use SecurID.])
1.1 millert 279: AC_MSG_CHECKING(whether to use SecurID for authentication)
280: AC_MSG_RESULT(yes)
281: with_passwd=no
282: AUTH_OBJS="securid.o"
283: ;;
284: esac])
285:
286: AC_ARG_WITH(fwtk, [ --with-fwtk enable FWTK AuthSRV support],
287: [case $with_fwtk in
288: no) ;;
1.7 millert 289: *) AC_DEFINE(HAVE_FWTK, 1, [Define if you use the FWTK authsrv daemon.])
1.1 millert 290: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
291: AC_MSG_RESULT(yes)
292: with_passwd=no
293: AUTH_OBJS="fwtk.o"
1.7 millert 294: if test "$with_fwtk" != "yes"; then
295: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L${with_fwtk}"
296: CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
297: with_fwtk=yes
298: fi
1.1 millert 299: ;;
300: esac])
301:
302: AC_ARG_WITH(kerb4, [ --with-kerb4 enable kerberos v4 support],
303: [case $with_kerb4 in
304: yes) AC_MSG_CHECKING(whether to try Kerberos 4 authentication)
305: AC_MSG_RESULT(yes)
306: ;;
307: no) ;;
308: *) AC_MSG_ERROR(["--with-kerb4 does not take an argument."])
309: ;;
310: esac])
311:
312: AC_ARG_WITH(kerb5, [ --with-kerb5 enable kerberos v5 support],
313: [case $with_kerb5 in
314: yes) AC_MSG_CHECKING(whether to try Kerberos 5 authentication)
315: AC_MSG_RESULT(yes)
316: ;;
317: no) ;;
318: *) AC_MSG_ERROR(["--with-kerb5 does not take an argument."])
319: ;;
320: esac])
321:
322: AC_ARG_WITH(authenticate, [ --with-authenticate enable AIX general authentication support],
323: [case $with_authenticate in
1.7 millert 324: yes) AC_DEFINE(HAVE_AUTHENTICATE, 1, [Define if you use AIX general authentication.])
1.1 millert 325: AC_MSG_CHECKING(whether to use AIX general authentication)
326: AC_MSG_RESULT(yes)
327: with_passwd=no
328: AUTH_OBJS="aix_auth.o"
329: ;;
330: no) ;;
331: *) AC_MSG_ERROR(["--with-authenticate does not take an argument."])
332: ;;
333: esac])
334:
335: AC_ARG_WITH(pam, [ --with-pam enable PAM support],
336: [case $with_pam in
1.7 millert 337: yes) AC_DEFINE(HAVE_PAM, 1, [Define if you use PAM.])
1.1 millert 338: AC_MSG_CHECKING(whether to use PAM authentication)
339: AC_MSG_RESULT(yes)
340: with_passwd=no
341: AUTH_OBJS="pam.o"
342: ;;
343: no) ;;
344: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
345: ;;
346: esac])
347:
348: AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
349: [case $with_AFS in
1.7 millert 350: yes) AC_DEFINE(HAVE_AFS, 1, [Define if you use AFS.])
1.1 millert 351: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
352: AC_MSG_RESULT(yes)
353: AUTH_OBJS="${AUTH_OBJS} afs.o"
354: ;;
355: no) ;;
356: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
357: ;;
358: esac])
359:
360: AC_ARG_WITH(DCE, [ --with-DCE enable DCE support],
361: [case $with_DCE in
1.7 millert 362: yes) AC_DEFINE(HAVE_DCE, 1, [Define if you use OSF DCE.])
1.1 millert 363: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
364: AC_MSG_RESULT(yes)
365: AUTH_OBJS="${AUTH_OBJS} dce.o"
366: ;;
367: no) ;;
368: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
369: ;;
370: esac])
371:
1.6 millert 372: AC_ARG_WITH(logincap, [ --with-logincap enable BSD login class support],
1.5 millert 373: [case $with_logincap in
1.6 millert 374: yes|no) ;;
375: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
376: ;;
377: esac])
378:
379: AC_ARG_WITH(bsdauth, [ --with-bsdauth enable BSD authentication support],
380: [case $with_bsdauth in
381: yes) with_logincap=yes
1.5 millert 382: ;;
383: no) ;;
1.6 millert 384: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
1.5 millert 385: ;;
386: esac])
387:
1.1 millert 388: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
389: AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
390: [case $with_lecture in
1.7 millert 391: yes|short) lecture=on
1.1 millert 392: ;;
1.7 millert 393: no|none) lecture=off
1.1 millert 394: ;;
395: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
396: ;;
1.7 millert 397: esac])
398: if test "$lecture" = "on"; then
399: AC_MSG_RESULT(yes)
400: else
401: AC_DEFINE(NO_LECTURE, 1, [Define if you don't want users to get the lecture the first they user sudo.])
402: AC_MSG_RESULT(no)
403: fi
1.1 millert 404:
405: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
406: AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
407: [case $with_logging in
408: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
409: ;;
410: no) AC_MSG_ERROR(["--without-logging not supported."])
411: ;;
1.7 millert 412: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
1.1 millert 413: AC_MSG_RESULT(syslog)
414: ;;
415: file) AC_DEFINE(LOGGING, SLOG_FILE)
416: AC_MSG_RESULT(file)
417: ;;
418: both) AC_DEFINE(LOGGING, SLOG_BOTH)
419: AC_MSG_RESULT(both)
420: ;;
421: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
422: ;;
423: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
424:
425: AC_MSG_CHECKING(which syslog facility sudo should log with)
1.7 millert 426: AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")],
1.1 millert 427: [case $with_logfac in
428: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
429: ;;
430: no) AC_MSG_ERROR(["--without-logfac not supported."])
431: ;;
1.7 millert 432: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
1.1 millert 433: ;;
434: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
435: ;;
1.7 millert 436: esac])
437: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
438: AC_MSG_RESULT($logfac)
1.1 millert 439:
440: AC_MSG_CHECKING(at which syslog priority to log commands)
1.7 millert 441: AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")],
1.1 millert 442: [case $with_goodpri in
443: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
444: ;;
445: no) AC_MSG_ERROR(["--without-goodpri not supported."])
446: ;;
1.7 millert 447: alert|crit|debug|emerg|err|info|notice|warning)
448: goodpri=$with_goodpri
1.1 millert 449: ;;
450: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
451: ;;
1.7 millert 452: esac])
453: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
454: AC_MSG_RESULT($goodpri)
1.1 millert 455:
456: AC_MSG_CHECKING(at which syslog priority to log failures)
1.7 millert 457: AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")],
1.1 millert 458: [case $with_badpri in
459: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
460: ;;
461: no) AC_MSG_ERROR(["--without-badpri not supported."])
462: ;;
1.7 millert 463: alert|crit|debug|emerg|err|info|notice|warning)
464: badpri=$with_badpri
1.1 millert 465: ;;
466: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
467: ;;
1.7 millert 468: esac])
469: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
470: AC_MSG_RESULT(badpri)
1.1 millert 471:
472: AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
473: [case $with_logpath in
474: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
475: ;;
476: no) AC_MSG_ERROR(["--without-logpath not supported."])
477: ;;
478: esac])
479:
480: AC_MSG_CHECKING(how long a line in the log file should be)
481: AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)],
482: [case $with_loglen in
483: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
484: ;;
485: no) AC_MSG_ERROR(["--without-loglen not supported."])
486: ;;
1.7 millert 487: [[0-9]]*) loglen=$with_loglen
1.1 millert 488: ;;
489: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
490: ;;
1.7 millert 491: esac])
492: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
493: AC_MSG_RESULT($loglen)
1.1 millert 494:
495: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
496: AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
497: [case $with_ignore_dot in
1.7 millert 498: yes) ignore_dot=on
1.1 millert 499: ;;
1.7 millert 500: no) ignore_dot=off
1.1 millert 501: ;;
502: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
503: ;;
1.7 millert 504: esac])
505: if test "$ignore_dot" = "on"; then
506: AC_DEFINE(IGNORE_DOT_PATH, 1, [Define if you want to ignore '.' and empty \$PATH elements])
507: AC_MSG_RESULT(yes)
508: else
509: AC_MSG_RESULT(no)
510: fi
1.1 millert 511:
512: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
513: AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers],
514: [case $with_mail_if_no_user in
1.7 millert 515: yes) mail_no_user=on
1.1 millert 516: ;;
1.7 millert 517: no) mail_no_user=off
1.1 millert 518: ;;
1.7 millert 519: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
1.1 millert 520: ;;
1.7 millert 521: esac])
522: if test "$mail_no_user" = "on"; then
523: AC_DEFINE(SEND_MAIL_WHEN_NO_USER, 1, [Define to send mail when the user is not in the sudoers file.])
524: AC_MSG_RESULT(yes)
525: else
526: AC_MSG_RESULT(no)
527: fi
1.1 millert 528:
529: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
530: AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host],
531: [case $with_mail_if_no_host in
1.7 millert 532: yes) mail_no_host=on
1.1 millert 533: ;;
1.7 millert 534: no) mail_no_host=off
1.1 millert 535: ;;
1.7 millert 536: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
1.1 millert 537: ;;
1.7 millert 538: esac])
539: if test "$mail_no_host" = "on"; then
540: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST, 1, [Define to send mail when the user is not not allowed to run sudo on this host.])
541: AC_MSG_RESULT(yes)
542: else
543: AC_MSG_RESULT(no)
544: fi
1.1 millert 545:
546: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
547: AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command],
548: [case $with_mail_if_noperms in
1.7 millert 549: yes) mail_noperms=on
550: ;;
551: no) mail_noperms=off
552: ;;
553: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
554: ;;
555: esac])
556: if test "$mail_noperms" = "on"; then
557: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK, 1, [Define to send mail when the user is not not allowed to run a command.])
558: AC_MSG_RESULT(yes)
559: else
560: AC_MSG_RESULT(no)
561: fi
562:
563: AC_MSG_CHECKING(who should get the mail that sudo sends)
564: AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
565: [case $with_mailto in
566: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
567: ;;
568: no) AC_MSG_ERROR(["--without-mailto not supported."])
569: ;;
570: *) mailto=$with_mailto
571: ;;
572: esac])
573: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
574: AC_MSG_RESULT([$mailto])
575:
576: AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
577: [case $with_mailsubject in
578: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
1.1 millert 579: ;;
1.7 millert 580: no) echo "Sorry, --without-mailsubject not supported."
1.1 millert 581: ;;
1.7 millert 582: *) mailsub="$with_mailsubject"
583: AC_MSG_CHECKING(sudo mail subject)
584: AC_MSG_RESULT([Using alert mail subject: $mailsub])
1.1 millert 585: ;;
1.7 millert 586: esac])
587: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
1.1 millert 588:
589: AC_MSG_CHECKING(for bad password prompt)
590: AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt],
591: [case $with_passprompt in
592: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
593: ;;
594: no) echo "Sorry, --without-passprompt not supported."
595: ;;
1.7 millert 596: *) passprompt="$with_passprompt"
597: esac])
598: AC_MSG_RESULT($passprompt)
599: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
1.1 millert 600:
601: AC_MSG_CHECKING(for bad password message)
602: AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong],
603: [case $with_badpass_message in
604: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
605: ;;
606: no) echo "Sorry, --without-badpass-message not supported."
607: ;;
1.7 millert 608: *) badpass_message="$with_badpass_message"
1.1 millert 609: ;;
1.7 millert 610: esac])
611: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
612: AC_MSG_RESULT([$badpass_message])
1.1 millert 613:
614: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
615: AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers],
616: [case $with_fqdn in
1.7 millert 617: yes) fqdn=on
1.1 millert 618: ;;
1.7 millert 619: no) fqdn=off
1.1 millert 620: ;;
621: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
622: ;;
1.7 millert 623: esac])
624: if test "$fqdn" = "on"; then
625: AC_DEFINE(FQDN, 1, [Define if you want to require fully qualified hosts in sudoers.])
626: AC_MSG_RESULT(yes)
627: else
628: AC_MSG_RESULT(no)
629: fi
1.1 millert 630:
631: AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir],
632: [case $with_timedir in
633: yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
634: ;;
635: no) AC_MSG_ERROR(["--without-timedir not supported."])
636: ;;
637: esac])
638:
639: AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail
640: --without-sendmail do not send mail at all],
641: [case $with_sendmail in
642: yes) with_sendmail=""
643: ;;
644: no) ;;
1.7 millert 645: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
1.1 millert 646: ;;
647: esac])
648:
649: AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)],
650: [case $with_sudoers_mode in
651: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
652: ;;
653: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
654: ;;
655: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
656: ;;
657: 0*) SUDOERS_MODE=$with_sudoers_mode
658: ;;
659: *) AC_MSG_ERROR(["you must use a numeric uid, not a name."])
660: ;;
661: esac])
662:
663: AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)],
664: [case $with_sudoers_uid in
665: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
666: ;;
667: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
668: ;;
669: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
670: ;;
671: *) AC_MSG_ERROR(["you must use a numeric uid, not a name."])
672: ;;
673: esac])
674:
675: AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)],
676: [case $with_sudoers_gid in
677: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
678: ;;
679: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
680: ;;
681: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
682: ;;
683: *) AC_MSG_ERROR(["you must use a numeric gid, not a name."])
684: ;;
685: esac])
686:
687: AC_MSG_CHECKING(for umask programs should be run with)
1.7 millert 688: AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022)
1.1 millert 689: --without-umask Preserves the umask of the user invoking sudo.],
690: [case $with_umask in
691: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
692: ;;
1.7 millert 693: no) sudo_umask=0777
1.1 millert 694: ;;
1.7 millert 695: [[0-9]]*) sudo_umask=$with_umask
1.1 millert 696: ;;
697: *) AC_MSG_ERROR(["you must enter a numeric mask."])
698: ;;
1.7 millert 699: esac])
700: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
701: if test "$sudo_umask" = "0777"; then
702: AC_MSG_RESULT(user)
703: else
704: AC_MSG_RESULT($sudo_umask)
705: fi
1.1 millert 706:
707: AC_MSG_CHECKING(for default user to run commands as)
1.7 millert 708: AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")],
1.1 millert 709: [case $with_runas_default in
710: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
711: ;;
712: no) AC_MSG_ERROR(["--without-runas-default not supported."])
713: ;;
1.7 millert 714: *) runas_default="$with_runas_default"
1.1 millert 715: ;;
1.7 millert 716: esac])
717: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
718: AC_MSG_RESULT([$runas_default])
1.1 millert 719:
720: AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group],
721: [case $with_exempt in
722: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
723: ;;
724: no) AC_MSG_ERROR(["--without-exempt not supported."])
725: ;;
1.7 millert 726: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
1.1 millert 727: AC_MSG_CHECKING(for group to be exempt from password)
728: AC_MSG_RESULT([$with_exempt])
729: ;;
730: esac])
731:
732: AC_MSG_CHECKING(for editor that visudo should use)
733: AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)],
734: [case $with_editor in
735: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
736: ;;
737: no) AC_MSG_ERROR(["--without-editor not supported."])
738: ;;
1.7 millert 739: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
1.1 millert 740: AC_MSG_RESULT([$with_editor])
741: ;;
742: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
743:
744: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
745: AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo],
746: [case $with_env_editor in
1.7 millert 747: yes) env_editor=on
1.1 millert 748: ;;
1.7 millert 749: no) env_editor=off
1.1 millert 750: ;;
751: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
752: ;;
1.7 millert 753: esac])
754: if test "$env_editor" = "on"; then
755: AC_DEFINE(ENV_EDITOR, 1, [Define if you want visudo to honor the EDITOR and VISUAL env variables.])
756: AC_MSG_RESULT(yes)
757: else
758: AC_MSG_RESULT(no)
759: fi
1.1 millert 760:
761: AC_MSG_CHECKING(number of tries a user gets to enter their password)
762: AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)],
763: [case $with_passwd_tries in
1.7 millert 764: yes) ;;
1.1 millert 765: no) AC_MSG_ERROR(["--without-editor not supported."])
766: ;;
1.7 millert 767: [[1-9]]*) passwd_tries=$with_passwd_tries
1.1 millert 768: ;;
769: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
770: ;;
1.7 millert 771: esac])
772: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
773: AC_MSG_RESULT($passwd_tries)
1.1 millert 774:
775: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
1.7 millert 776: AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)],
1.1 millert 777: [echo $with_timeout; case $with_timeout in
1.7 millert 778: yes) ;;
779: no) timeout=0
1.1 millert 780: ;;
1.7 millert 781: [[0-9]]*) timeout=$with_timeout
1.1 millert 782: ;;
783: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
784: ;;
1.7 millert 785: esac])
786: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
787: AC_MSG_RESULT($timeout)
1.1 millert 788:
789: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
1.7 millert 790: AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)],
1.1 millert 791: [case $with_password_timeout in
1.7 millert 792: yes) ;;
793: no) password_timeout=0
1.1 millert 794: ;;
1.7 millert 795: [[0-9]]*) password_timeout=$with_password_timeout
1.1 millert 796: ;;
797: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
798: ;;
1.7 millert 799: esac])
800: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
801: AC_MSG_RESULT($password_timeout)
1.1 millert 802:
803: AC_ARG_WITH(execv, [ --with-execv use execv() instead of execvp()],
804: [case $with_execv in
1.7 millert 805: yes) AC_MSG_CHECKING(whether to use execvp or execv)
1.1 millert 806: AC_MSG_RESULT(execv)
1.7 millert 807: AC_DEFINE(USE_EXECV, 1, [Define if you wish to use execv() instead of execvp() when running programs.])
1.1 millert 808: ;;
1.7 millert 809: no) ;;
1.1 millert 810: *) AC_MSG_ERROR(["--with-execv does not take an argument."])
811: ;;
1.7 millert 812: esac])
1.1 millert 813:
814: AC_MSG_CHECKING(whether to use per-tty ticket files)
815: AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty],
816: [case $with_tty_tickets in
1.7 millert 817: yes) tty_tickets=on
1.1 millert 818: ;;
1.7 millert 819: no) tty_tickets=off
1.1 millert 820: ;;
821: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
822: ;;
1.7 millert 823: esac])
824: if test "$tty_tickets" = "on"; then
825: AC_DEFINE(USE_TTY_TICKETS, 1, [Define if you want a different ticket file for each tty.])
826: AC_MSG_RESULT(yes)
827: else
828: AC_MSG_RESULT(no)
829: fi
1.1 millert 830:
831: AC_MSG_CHECKING(whether to include insults)
832: AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password],
833: [case $with_insults in
1.7 millert 834: yes) insults=on
1.1 millert 835: with_classic_insults=yes
836: with_csops_insults=yes
837: ;;
1.7 millert 838: no) insults=off
1.1 millert 839: ;;
840: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
841: ;;
1.7 millert 842: esac])
843: if test "$insults" = "on"; then
844: AC_DEFINE(USE_INSULTS, 1, [Define if you want to insult the user for entering an incorrect password.])
845: AC_MSG_RESULT(yes)
846: else
847: AC_MSG_RESULT(no)
848: fi
1.1 millert 849:
850: AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets],
851: [case $with_all_insults in
852: yes) with_classic_insults=yes
853: with_csops_insults=yes
854: with_hal_insults=yes
855: with_goons_insults=yes
856: ;;
857: no) ;;
858: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
859: ;;
860: esac])
861:
862: AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo],
863: [case $with_classic_insults in
1.7 millert 864: yes) AC_DEFINE(CLASSIC_INSULTS, 1, [Define if you want the insults from the "classic" version sudo.])
1.1 millert 865: ;;
866: no) ;;
867: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
868: ;;
869: esac])
870:
871: AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults],
872: [case $with_csops_insults in
1.7 millert 873: yes) AC_DEFINE(CSOPS_INSULTS, 1, [Define if you want insults culled from the twisted minds of CSOps.])
1.1 millert 874: ;;
875: no) ;;
876: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
877: ;;
878: esac])
879:
880: AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults],
881: [case $with_hal_insults in
1.7 millert 882: yes) AC_DEFINE(HAL_INSULTS, 1, [Define if you want 2001-like insults.])
1.1 millert 883: ;;
884: no) ;;
885: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
886: ;;
887: esac])
888:
1.7 millert 889: AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"],
1.1 millert 890: [case $with_goons_insults in
1.7 millert 891: yes) AC_DEFINE(GOONS_INSULTS, 1, [Define if you want insults from the "Goon Show".])
1.1 millert 892: ;;
893: no) ;;
894: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
895: ;;
896: esac])
897:
898: dnl include all insult sets on one line
1.7 millert 899: if test "$insults" = "on"; then
1.1 millert 900: AC_MSG_CHECKING(which insult sets to include)
901: i=""
902: test "$with_goons_insults" = "yes" && i="goons ${i}"
903: test "$with_hal_insults" = "yes" && i="hal ${i}"
904: test "$with_csops_insults" = "yes" && i="csops ${i}"
905: test "$with_classic_insults" = "yes" && i="classic ${i}"
906: AC_MSG_RESULT([$i])
907: fi
908:
909: AC_MSG_CHECKING(whether to override the user's path)
910: AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a builtin one],
911: [case $with_secure_path in
1.7 millert 912: yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc", [Define to override the user's path with a builtin one.])
1.1 millert 913: AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc])
914: ;;
915: no) AC_MSG_RESULT(no)
916: ;;
917: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
918: AC_MSG_RESULT([$with_secure_path])
919: ;;
920: esac], AC_MSG_RESULT(no))
921:
922: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
923: AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces],
924: [case $with_interfaces in
925: yes) AC_MSG_RESULT(yes)
926: ;;
1.7 millert 927: no) AC_DEFINE(STUB_LOAD_INTERFACES, 1, [Define if the code in interfaces.c does not compile for you.])
1.1 millert 928: AC_MSG_RESULT(no)
929: ;;
930: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
931: ;;
932: esac], AC_MSG_RESULT(yes))
933:
934: dnl
935: dnl Options for --enable
936: dnl
937:
938: AC_MSG_CHECKING(whether to do user authentication by default)
939: AC_ARG_ENABLE(authentication,
940: [ --disable-authentication
941: Do not require authentication by default],
942: [ case "$enableval" in
943: yes) AC_MSG_RESULT(yes)
944: ;;
945: no) AC_MSG_RESULT(no)
1.7 millert 946: AC_DEFINE(NO_AUTHENTICATION, 1, [Define if you don't want sudo to prompt for a password by default.])
1.1 millert 947: ;;
948: *) AC_MSG_RESULT(no)
949: echo "Ignoring unknown argument to --enable-authentication: $enableval"
950: ;;
951: esac
952: ], AC_MSG_RESULT(yes))
953:
954: AC_MSG_CHECKING(whether to disable shadow password support)
955: AC_ARG_ENABLE(shadow,
956: [ --disable-shadow Never use shadow passwords],
957: [ case "$enableval" in
958: yes) AC_MSG_RESULT(no)
959: ;;
960: no) AC_MSG_RESULT(yes)
961: CHECKSHADOW="false"
962: ;;
963: *) AC_MSG_RESULT(no)
964: echo "Ignoring unknown argument to --enable-shadow: $enableval"
965: ;;
966: esac
967: ], AC_MSG_RESULT(no))
968:
969: AC_MSG_CHECKING(whether root should be allowed to use sudo)
970: AC_ARG_ENABLE(root-sudo,
971: [ --disable-root-sudo don't allow root to run sudo],
972: [ case "$enableval" in
973: yes) AC_MSG_RESULT(yes)
974: ;;
1.7 millert 975: no) AC_DEFINE(NO_ROOT_SUDO, 1, [Define if root should not be allowed to use sudo.])
1.1 millert 976: AC_MSG_RESULT(no)
977: ;;
978: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
979: ;;
980: esac
981: ], AC_MSG_RESULT(yes))
982:
983: AC_MSG_CHECKING(whether to log the hostname in the log file)
984: AC_ARG_ENABLE(log-host,
985: [ --enable-log-host Log the hostname in the log file],
986: [ case "$enableval" in
987: yes) AC_MSG_RESULT(yes)
1.7 millert 988: AC_DEFINE(HOST_IN_LOG, 1, [Define if you want the hostname to be entered into the log file.])
1.1 millert 989: ;;
990: no) AC_MSG_RESULT(no)
991: ;;
992: *) AC_MSG_RESULT(no)
993: echo "Ignoring unknown argument to --enable-log-host: $enableval"
994: ;;
995: esac
996: ], AC_MSG_RESULT(no))
997:
998: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
999: AC_ARG_ENABLE(noargs-shell,
1000: [ --enable-noargs-shell If sudo is given no arguments run a shell],
1001: [ case "$enableval" in
1002: yes) AC_MSG_RESULT(yes)
1.7 millert 1003: AC_DEFINE(SHELL_IF_NO_ARGS, 1, [Define if you want sudo to start a shell if given no arguments.])
1.1 millert 1004: ;;
1005: no) AC_MSG_RESULT(no)
1006: ;;
1007: *) AC_MSG_RESULT(no)
1008: echo "Ignoring unknown argument to --enable-noargs-shell: $enableval"
1009: ;;
1010: esac
1011: ], AC_MSG_RESULT(no))
1012:
1013: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1014: AC_ARG_ENABLE(shell-sets-home,
1015: [ --enable-shell-sets-home
1.7 millert 1016: set $HOME to target user in shell mode],
1.1 millert 1017: [ case "$enableval" in
1018: yes) AC_MSG_RESULT(yes)
1.7 millert 1019: AC_DEFINE(SHELL_SETS_HOME, 1, [Define if you want sudo to set $HOME in shell mode.])
1.1 millert 1020: ;;
1021: no) AC_MSG_RESULT(no)
1022: ;;
1023: *) AC_MSG_RESULT(no)
1024: echo "Ignoring unknown argument to --enable-shell-sets-home: $enableval"
1025: ;;
1026: esac
1027: ], AC_MSG_RESULT(no))
1028:
1029: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1030: AC_ARG_ENABLE(path_info,
1031: [ --disable-path-info Print 'command not allowed' not 'command not found'],
1032: [ case "$enableval" in
1033: yes) AC_MSG_RESULT(no)
1034: ;;
1035: no) AC_MSG_RESULT(yes)
1.7 millert 1036: AC_DEFINE(DONT_LEAK_PATH_INFO, 1, [Define if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
1.1 millert 1037: ;;
1038: *) AC_MSG_RESULT(no)
1039: echo "Ignoring unknown argument to --enable-path-info: $enableval"
1040: ;;
1041: esac
1042: ], AC_MSG_RESULT(no))
1043:
1044: dnl
1045: dnl If we don't have egrep we can't do anything...
1046: dnl
1047: AC_CHECK_PROG(EGREPPROG, egrep, egrep, )
1048: if test -z "$EGREPPROG"; then
1049: echo "Sorry, configure requires egrep to run."
1050: exit
1051: fi
1052:
1053: dnl
1.7 millert 1054: dnl Prevent configure from adding the -g flag unless in devel mode
1055: dnl
1056: if test "$with_devel" != "yes"; then
1057: ac_cv_prog_cc_g=no
1058: fi
1059:
1060: dnl
1.1 millert 1061: dnl C compiler checks
1062: dnl XXX - the cross-compiler check gets false positives so we override it
1063: dnl
1.7 millert 1064: AC_ISC_POSIX
1.1 millert 1065: ac_cv_prog_cc_cross="no"
1066: cross_compiling="no"
1.7 millert 1067: AC_PROG_CC_STDC
1.1 millert 1068: ac_cv_prog_cc_cross="no"
1069: cross_compiling="no"
1070: AC_PROG_CPP
1071:
1072: dnl
1073: dnl It is now safe to modify CFLAGS and CPPFLAGS
1074: dnl
1075: if test "$with_devel" = "yes" -a -n "$GCC"; then
1076: CFLAGS="${CFLAGS} -Wall"
1077: fi
1078:
1079: dnl
1080: dnl Find programs we use
1081: dnl
1082: AC_CHECK_PROG(UNAMEPROG, uname, uname, )
1083: AC_CHECK_PROG(TRPROG, tr, tr, )
1084: AC_CHECK_PROG(SEDPROG, sed, sed, )
1085: AC_CHECK_PROG(NROFFPROG, nroff, nroff, )
1086: if test -z "$NROFFPROG"; then
1087: MANTYPE="cat"
1.5 millert 1088: mansrcdir='$(srcdir)'
1.1 millert 1089: fi
1090:
1091: dnl
1092: dnl What kind of beastie are we being run on?
1093: dnl Barf if config.cache was generated on another host.
1094: dnl
1095: AC_CANONICAL_HOST
1096: if test -n "$sudo_cv_prev_host"; then
1097: if test "$sudo_cv_prev_host" != "$host"; then
1098: echo ""
1099: echo "Fatal Error: config.cache exists from another platform!"
1100: echo "Please remove it and re-run configure."
1101: echo ""
1102: exit 1
1103: else
1104: AC_MSG_CHECKING(previous host type)
1105: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1106: echo $sudo_cv_prev_host
1107: fi
1108: else
1109: # this will produce no output since there is no cached value
1110: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1111: fi
1112:
1113: dnl
1114: dnl We want to be able to differentiate between different rev's
1115: dnl
1116: if test -n "$host_os"; then
1117: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1118: OSREV=`echo $host_os | sed 's/^[[^0-9]]*\([[0-9]][[0-9]]*\).*$/\1/'`
1119: else
1120: OS="unknown"
1121: OSREV=0
1122: fi
1123:
1124: case "$host" in
1125: *-*-sunos4*)
1126: # getcwd(3) opens a pipe to getpwd(1)!?!
1127: BROKEN_GETCWD=1
1128:
1129: # system headers lack prototypes but gcc helps...
1130: if test -n "$GCC"; then
1131: CPPFLAGS="${CPPFLAGS} -D__USE_FIXED_PROTOTYPES__"
1132: fi
1133:
1134: # check for password adjunct functions (shadow passwords)
1135: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1136: AC_CHECK_FUNCS(getpwanam issecure, , [break])
1137: AH_TEMPLATE([HAVE_GETPWANAM], [Define if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
1138: AH_TEMPLATE([HAVE_ISSECURE], [Define if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
1.1 millert 1139: CHECKSHADOW="false"
1140: fi
1141: ;;
1142: *-*-solaris2*)
1143: # To get the crypt(3) prototype (so we pass -Wall)
1144: CPPFLAGS="${CPPFLAGS} -D__EXTENSIONS__"
1145: # AFS support needs -lucb
1146: if test "$with_AFS" = "yes"; then
1147: AFS_LIBS="-lc -lucb"
1148: fi
1.7 millert 1149: test -n "$mansectsu" || mansectsu=1m
1150: test -n "$mansectform" || mansectform=4
1.1 millert 1151: ;;
1152: *-*-aix*)
1153: # To get all prototypes (so we pass -Wall)
1154: CPPFLAGS="${CPPFLAGS} -D_XOPEN_EXTENDED_SOURCE"
1.7 millert 1155: SUDO_DEFINE(_ALL_SOURCE)
1.1 millert 1156: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1157: ;;
1158: *-*-hiuxmpp*)
1159: if test "$CHECKSHADOW" = "true"; then
1160: AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"; SECUREWARE=1]))
1161: CHECKSHADOW="false"
1162: fi
1.7 millert 1163: test -n "$mansectsu" || mansectsu=1m
1164: test -n "$mansectform" || mansectform=4
1.1 millert 1165: ;;
1166: *-*-hpux1[[0-9]]*)
1167: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1168: AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) AC_CHECK_LIB(sec, iscomsec, AC_DEFINE(HAVE_ISCOMSEC, 1, [Define if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1])
1.1 millert 1169: CHECKSHADOW="false"
1170: fi
1171:
1172: # AFS support needs -lBSD
1173: if test "$with_AFS" = "yes"; then
1174: AFS_LIBS="-lc -lBSD"
1175: fi
1.7 millert 1176: test -n "$mansectsu" || mansectsu=1m
1177: test -n "$mansectform" || mansectform=4
1.1 millert 1178: ;;
1179: *-*-hpux9*)
1.7 millert 1180: AC_DEFINE(BROKEN_SYSLOG, 1, [Define if the `syslog' function returns a non-zero int to denote failure.])
1.1 millert 1181:
1182: if test "$CHECKSHADOW" = "true"; then
1183: AC_CHECK_FUNCS(getspwuid)
1.7 millert 1184: AH_TEMPLATE([HAVE_GETSPWUID], [Define if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
1.1 millert 1185: CHECKSHADOW="false"
1186: fi
1187:
1188: # DCE support (requires ANSI C compiler)
1189: if test "$with_DCE" = "yes"; then
1190: # order of libs in 9.X is important. -lc_r must be last
1191: SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r"
1192: LIBS="${LIBS} -ldce -lM -lc_r"
1.3 millert 1193: CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1.1 millert 1194: fi
1195:
1196: # AFS support needs -lBSD
1197: if test "$with_AFS" = "yes"; then
1198: AFS_LIBS="-lc -lBSD"
1199: fi
1.7 millert 1200: test -n "$mansectsu" || mansectsu=1m
1201: test -n "$mansectform" || mansectform=4
1.1 millert 1202: ;;
1203: *-*-hpux*)
1204: AC_DEFINE(BROKEN_SYSLOG)
1205:
1206: # Not sure if setuid binaries are safe in < 9.x
1207: if test -n "$GCC"; then
1208: SUDO_LDFLAGS="${SUDO_LDFLAGS} -static"
1209: else
1210: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive"
1211: fi
1212:
1213: # AFS support needs -lBSD
1214: if test "$with_AFS" = "yes"; then
1215: AFS_LIBS="-lc -lBSD"
1216: fi
1.7 millert 1217: test -n "$mansectsu" || mansectsu=1m
1218: test -n "$mansectform" || mansectform=4
1.1 millert 1219: ;;
1220: *-dec-osf*)
1221: # ignore envariables wrt dynamic lib path
1222: SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement"
1223:
1224: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1225: AC_ARG_ENABLE(sia,
1226: [ --disable-sia Never use SIA on Digital UNIX],
1227: [ case "$enableval" in
1228: yes) AC_MSG_RESULT(no)
1229: ;;
1230: no) AC_MSG_RESULT(yes)
1231: CHECKSIA=false
1232: ;;
1233: *) AC_MSG_RESULT(no)
1234: echo "Ignoring unknown argument to --enable-sia: $enableval"
1235: ;;
1236: esac
1237: ], AC_MSG_RESULT(no))
1238:
1239: # use SIA by default, if we have it, else SecureWare
1240: # unless overridden on the command line
1241: if test "$CHECKSIA" = "true"; then
1.7 millert 1242: AC_CHECK_FUNC(sia_ses_init, AC_DEFINE(HAVE_SIA, 1, [Define if you use SIA.]) [
1.1 millert 1243: if test -n "$with_skey" -o -n "$with_opie" -o -n "$with_otp_only" -o -n "$with_long_otp_prompt" -o -n "$with_SecurID" -o -n "$with_fwtk" -o -n "$with_kerb4" -o -n "$with_kerb5" -o -n "$with_pam" -o -n "$with_AFS" -o -n "$with_DCE"; then
1244: AC_MSG_ERROR(["you cannot mix SIA and other authentication schemes. You can turn off SIA support via the --disable-sia option"])
1245: fi]; CHECKSHADOW=false)
1246: fi
1247: if test "$CHECKSHADOW" = "true"; then
1248: AC_CHECK_LIB(security, getprpwnam, SECUREWARE=1)
1249: CHECKSHADOW="false"
1250: fi
1251:
1252: if test -n "$SECUREWARE"; then
1.7 millert 1253: AC_DEFINE(HAVE_GETPRPWNAM, 1, [Define if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
1.1 millert 1254: # -ldb includes bogus versions of snprintf/vsnprintf
1.7 millert 1255: AC_CHECK_FUNCS(snprintf, , [NEED_SNPRINTF=1])
1256: AC_CHECK_FUNCS(vsnprintf, , [NEED_SNPRINTF=1])
1.1 millert 1257: # 4.x and higher need -ldb too...
1258: AC_CHECK_LIB(db, dbopen, [SUDO_LIBS="${SUDO_LIBS} -lsecurity -ldb -laud -lm"; LIBS="${LIBS} -lsecurity -ldb -laud -lm"], [SUDO_LIBS="${SUDO_LIBS} -lsecurity -ldb -laud -lm"; LIBS="${LIBS} -lsecurity -ldb -laud -lm"])
1259: AC_CHECK_FUNCS(dispcrypt)
1260: AC_MSG_CHECKING([for broken /usr/include/prot.h])
1261: AC_TRY_COMPILE([
1262: #include <sys/types.h>
1263: #include <sys/security.h>
1264: #include <prot.h>
1265: ], [exit(0);], AC_MSG_RESULT(no),
1266: [AC_MSG_RESULT([yes, fixing locally])
1267: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1268: ])
1.7 millert 1269: elif test "$CHECKSIA" = "true"; then
1.1 millert 1270: with_passwd=no
1271: AUTH_OBJS="sia.o"
1272: fi
1.7 millert 1273: test -n "$mansectsu" || mansectsu=8
1274: test -n "$mansectform" || mansectform=4
1.1 millert 1275: ;;
1276: *-*-irix*)
1277: CPPFLAGS="${CPPFLAGS} -D_BSD_TYPES"
1278: if test -z "$NROFFPROG"; then
1279: MAN_POSTINSTALL=' /bin/rm -f $(mandir8)/sudo.$(mansect8).z $(mandir8)/visudo.$(mansect8).z $(mandir5)/sudoers.$(mansect5).z ; /usr/bin/pack $(mandir8)/sudo.$(mansect8) $(mandir8)/visudo.$(mansect8) $(mandir5)/sudoers.$(mansect5)'
1280: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1281: if test -d /usr/share/catman/local; then
1282: mandir="/usr/share/catman/local"
1283: else
1284: mandir="/usr/catman/local"
1285: fi
1286: fi
1287: else
1288: if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1289: if test -d "/usr/share/man/local"; then
1290: mandir="/usr/share/man/local"
1291: else
1292: mandir="/usr/man/local"
1293: fi
1294: fi
1295: fi
1296: # IRIX <= 4 needs -lsun
1297: if test "$OSREV" -le 4; then
1298: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1299: fi
1.7 millert 1300: test -n "$mansectsu" || mansectsu=1m
1301: test -n "$mansectform" || mansectform=4
1.1 millert 1302: ;;
1303: *-*-linux*)
1304: # Some Linux versions need to link with -lshadow
1305: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1306: AC_CHECK_FUNCS(getspnam, , [AC_CHECK_LIB(shadow, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lshadow"; LIBS="${LIBS} -lshadow"])])
1.1 millert 1307: CHECKSHADOW="false"
1308: fi
1309: ;;
1310: *-convex-bsd*)
1.7 millert 1311: SUDO_DEFINE(_CONVEX_SOURCE)
1.1 millert 1312: if test -z "$GCC"; then
1313: CFLAGS="${CFLAGS} -D__STDC__"
1314: fi
1315:
1316: if test "$CHECKSHADOW" = "true"; then
1317: AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"; OSDEFS="${OSDEFS} -D_AUDIT -D_ACL -DSecureWare"; SECUREWARE=1])
1318: CHECKSHADOW="false"
1319: fi
1320: ;;
1321: *-*-ultrix*)
1322: OS="ultrix"
1323: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1324: AC_CHECK_LIB(auth, getauthuid, AC_DEFINE(HAVE_GETAUTHUID, 1, [Define if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)]) [SUDO_LIBS="${SUDO_LIBS} -lauth"; LIBS="${LIBS} -lauth"])
1.1 millert 1325: CHECKSHADOW="false"
1326: fi
1327: ;;
1328: *-*-riscos*)
1329: LIBS="${LIBS} -lsun -lbsd"
1330: CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1331: OSDEFS="${OSDEFS} -D_MIPS"
1.7 millert 1332: test -n "$mansectsu" || mansectsu=1m
1333: test -n "$mansectform" || mansectform=4
1.1 millert 1334: ;;
1335: *-*-isc*)
1336: OSDEFS="${OSDEFS} -D_ISC"
1337: LIB_CRYPT=1
1338: SUDO_LIBS="${SUDO_LIBS} -lcrypt"
1339: LIBS="${LIBS} -lcrypt"
1340:
1341: if test "$CHECKSHADOW" = "true"; then
1342: AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
1343: CHECKSHADOW="false"
1344: fi
1.7 millert 1345: test -n "$mansectsu" || mansectsu=1m
1346: test -n "$mansectform" || mansectform=4
1.1 millert 1347: ;;
1.7 millert 1348: *-*-sco*|*-sco-*)
1.1 millert 1349: if test "$CHECKSHADOW" = "true"; then
1350: AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lprot -lx"; LIBS="${LIBS} -lprot -lx"; SECUREWARE=1], , -lx)
1351: AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])
1352: CHECKSHADOW="false"
1353: fi
1.8 ! millert 1354: test -n "$mansectsu" || mansectsu=1m
! 1355: test -n "$mansectform" || mansectform=4
! 1356: ;;
! 1357: m88k-motorola-sysv*)
! 1358: # motorolla's cc (a variant of gcc) does -O but not -O2
! 1359: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1.7 millert 1360: test -n "$mansectsu" || mansectsu=1m
1361: test -n "$mansectform" || mansectform=4
1.1 millert 1362: ;;
1363: *-sequent-sysv*)
1364: if test "$CHECKSHADOW" = "true"; then
1365: AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"])
1366: CHECKSHADOW="false"
1367: fi
1.7 millert 1368: test -n "$mansectsu" || mansectsu=1m
1369: test -n "$mansectform" || mansectform=4
1370: ;;
1371: *-ncr-sysv4*|*-ncr-sysvr4*)
1372: AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
1373: test -n "$mansectsu" || mansectsu=1m
1374: test -n "$mansectform" || mansectform=4
1.1 millert 1375: ;;
1.7 millert 1376: *-ccur-sysv4*|*-ccur-sysvr4*)
1.1 millert 1377: LIBS="${LIBS} -lgen"
1378: SUDO_LIBS="${SUDO_LIBS} -lgen"
1.7 millert 1379: test -n "$mansectsu" || mansectsu=1m
1380: test -n "$mansectform" || mansectform=4
1.1 millert 1381: ;;
1382: *-*-bsdi*)
1.5 millert 1383: # Use shlicc for BSD/OS [23].x unless asked to do otherwise
1384: if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
1385: case "$OSREV" in
1386: 2|3) echo 'using shlicc as CC'
1387: ac_cv_prog_CC=shlicc
1388: CC="$ac_cv_prog_CC"
1389: ;;
1390: esac
1391: fi
1392: ;;
1393: *-*-freebsd*)
1.6 millert 1394: if test "$with_logincap" = "yes"; then
1395: SUDO_LIBS="${SUDO_LIBS} -lutil"
1396: fi
1.5 millert 1397: if test "$with_skey" = "yes"; then
1398: SUDO_LIBS="${SUDO_LIBS} -lmd"
1399: fi
1400: if test "$CHECKSHADOW" = "true"; then
1401: CHECKSHADOW="false"
1.1 millert 1402: fi
1403: ;;
1.7 millert 1404: *-*-*openbsd*)
1405: BROKEN_SETREUID=yes
1406: if test "$CHECKSHADOW" = "true"; then
1407: CHECKSHADOW="false"
1408: fi
1409: ;;
1410: *-*-*netbsd*)
1411: BROKEN_SETREUID=yes
1412: if test "$CHECKSHADOW" = "true"; then
1413: CHECKSHADOW="false"
1414: fi
1415: ;;
1.1 millert 1416: *-*-*bsd*)
1417: if test "$CHECKSHADOW" = "true"; then
1418: CHECKSHADOW="false"
1419: fi
1420: ;;
1.7 millert 1421: *-*-nextstep*)
1422: # lockf() on is broken on the NeXT -- use flock instead
1423: ac_cv_func_lockf=no
1424: ac_cv_func_flock=yes
1425: ;;
1.5 millert 1426: *-*-sysv*)
1.7 millert 1427: test -n "$mansectsu" || mansectsu=1m
1428: test -n "$mansectform" || mansectform=4
1.5 millert 1429: ;;
1.1 millert 1430: esac
1431:
1432: dnl
1.5 millert 1433: dnl Use BSD-style man sections by default
1434: dnl
1435: test -n "$mansectsu" || mansectsu=8
1436: test -n "$mansectform" || mansectform=5
1437:
1438: dnl
1.1 millert 1439: dnl Check for shadow password routines if we have not already done so.
1440: dnl We check for SVR4-style first and then SecureWare-style.
1441: dnl
1442: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1443: AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM, 1, [Define if you have the `getspnam' function (SVR4-style shadow passwords)]) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])])
1.1 millert 1444: fi
1445: if test "$CHECKSHADOW" = "true"; then
1.7 millert 1446: AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))])
1.1 millert 1447: fi
1448:
1449: dnl
1450: dnl C compiler checks (to be done after os checks)
1451: dnl
1452: AC_PROG_GCC_TRADITIONAL
1453: AC_C_CONST
1.7 millert 1454: AC_C_VOLATILE
1.1 millert 1455: dnl
1456: dnl Program checks
1457: dnl
1458: AC_PROG_YACC
1.7 millert 1459: SUDO_PROG_MV
1460: SUDO_PROG_BSHELL
1.1 millert 1461: if test -z "$with_sendmail"; then
1462: SUDO_PROG_SENDMAIL
1463: fi
1.7 millert 1464: if test -z "$with_editor"; then
1465: SUDO_PROG_VI
1466: fi
1.1 millert 1467: dnl
1468: dnl Header file checks
1469: dnl
1470: AC_HEADER_STDC
1471: AC_HEADER_DIRENT
1.7 millert 1472: AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h)
1.1 millert 1473: dnl ultrix termio/termios are broken
1474: if test "$OS" != "ultrix"; then
1.7 millert 1475: AC_SYS_POSIX_TERMIOS
1476: if test "$ac_cv_sys_posix_termios" = "yes"; then
1477: AC_DEFINE(HAVE_TERMIOS_H, 1, [Define if you have the <termios.h> header file and the `tcgetattr' function.])
1478: else
1479: AC_CHECK_HEADERS(termio.h)
1480: fi
1.1 millert 1481: fi
1.6 millert 1482: if test "$with_logincap" = "yes"; then
1483: AC_CHECK_HEADERS(login_cap.h)
1484: fi
1485: if test "$with_bsdauth" = "yes"; then
1.7 millert 1486: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H, 1, [Define if you use BSD authentication.]) [with_passwd=no; AUTH_OBJS=bsdauth.o])
1.6 millert 1487: fi
1.1 millert 1488: dnl
1489: dnl typedef checks
1490: dnl
1491: AC_TYPE_MODE_T
1492: AC_TYPE_UID_T
1.7 millert 1493: AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int, [Define to `int' if <signal.h> does not define.])], [#include <sys/types.h>
1494: #include <signal.h>])
1495: AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T, 1, [Define if <signal.h> has the sigaction_t typedef.])], ,[#include <sys/types.h>
1496: #include <signal.h>])
1.1 millert 1497: SUDO_TYPE_SIZE_T
1498: SUDO_TYPE_SSIZE_T
1499: SUDO_TYPE_DEV_T
1500: SUDO_TYPE_INO_T
1501: SUDO_FULL_VOID
1502: SUDO_UID_T_LEN
1503: SUDO_LONG_LONG
1504: SUDO_SOCK_SA_LEN
1505: dnl
1506: dnl only set RETSIGTYPE if it is not set already
1507: dnl
1508: case "$DEFS" in
1509: *"RETSIGTYPE"*) ;;
1510: *) AC_TYPE_SIGNAL;;
1511: esac
1512: dnl
1513: dnl Function checks
1514: dnl
1.7 millert 1515: AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
1516: seteuid setegid strftime setrlimit initgroups fstat)
1517: if test -z "$BROKEN_SETREUID"; then
1518: AC_CHECK_FUNCS(setreuid)
1519: fi
1520: if test X"$with_interfaces" != X"no"; then
1521: AC_CHECK_FUNCS(getifaddrs)
1522: fi
1.1 millert 1523: if test -n "$SECUREWARE"; then
1.7 millert 1524: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
1.1 millert 1525: fi
1526: if test -z "$BROKEN_GETCWD"; then
1.7 millert 1527: AC_REPLACE_FUNCS(getcwd)
1.1 millert 1528: fi
1.7 millert 1529: AC_CHECK_FUNCS(lockf flock, [break])
1530: AC_CHECK_FUNCS(waitpid wait3, [break])
1531: AC_CHECK_FUNCS(innetgr _innetgr, AC_CHECK_FUNCS(getdomainname) [break])
1532: AC_CHECK_FUNCS(lsearch, , [AC_CHECK_LIB(compat, lsearch, AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], AC_LIBOBJ(lsearch)), AC_LIBOBJ(lsearch))])
1533: AC_CHECK_FUNCS(utime, SUDO_FUNC_UTIME_POSIX, AC_LIBOBJ(utime))
1534: SUDO_FUNC_FNMATCH(AC_DEFINE(HAVE_FNMATCH, 1, [Define if you have the `fnmatch' function.]), AC_LIBOBJ(fnmatch))
1535: SUDO_FUNC_ISBLANK
1536: AC_REPLACE_FUNCS(strerror strcasecmp sigaction)
1537: AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
1.1 millert 1538: dnl
1539: dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
1540: dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
1541: dnl
1542: if test -n "$NEED_SNPRINTF"; then
1.7 millert 1543: AC_LIBOBJ(snprintf)
1.1 millert 1544: fi
1545: dnl
1546: dnl if crypt(3) not in libc, look elsewhere
1547: dnl
1548: if test -z "$LIB_CRYPT"; then
1.7 millert 1549: AC_CHECK_FUNC(crypt, , [AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(ufc, crypt, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))])
1.1 millert 1550: fi
1551: dnl
1552: dnl If socket(2) not in libc, check -lsocket and -linet
1553: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1554: dnl In this case we look for main(), not socket() to avoid using a cached value
1555: dnl
1.7 millert 1556: AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
1557: AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
1.1 millert 1558: dnl
1559: dnl If inet_addr(3) not in libc, check -lnsl and -linet
1560: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1561: dnl
1.7 millert 1562: AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
1563: AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
1.1 millert 1564: dnl
1565: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
1566: dnl
1.7 millert 1567: AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
1.1 millert 1568: dnl
1569: dnl Bison and DCE use alloca(3), if not in libc, use the sudo one (from gcc)
1570: dnl (gcc includes its own alloca(3) but other compilers may not)
1571: dnl
1572: if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then
1573: AC_FUNC_ALLOCA
1574: fi
1575:
1576: dnl
1577: dnl Kerberos 5
1578: dnl
1579: if test "$with_kerb5" = "yes"; then
1.7 millert 1580: AC_DEFINE(HAVE_KERB5, 1, [Define if you use Kerberos V.])
1.1 millert 1581: if test -f "/usr/local/include/krb5.h"; then
1582: CPPFLAGS="$CPPFLAGS -I/usr/local/include"
1583: elif test -f "/usr/local/kerberos/include/krb5.h"; then
1584: CPPFLAGS="$CPPFLAGS -I/usr/local/kerberos/include"
1.7 millert 1585: elif test -f "/usr/krb5/include/krb5.h"; then
1586: CPPFLAGS="$CPPFLAGS -I/usr/krb5/include"
1.1 millert 1587: elif test -f "/usr/local/krb5/include/krb5.h"; then
1588: CPPFLAGS="$CPPFLAGS -I/usr/local/krb5/include"
1589: else
1590: echo 'Unable to locate kerberos 5 include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS'
1591: fi
1592:
1593: if test -f "/usr/local/lib/libkrb5.a"; then
1594: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/lib"
1595: elif test -f "/usr/local/kerberos/lib/libkrb5.a"; then
1596: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/kerberos/lib"
1.7 millert 1597: elif test -f "/usr/krb5/lib/libkrb5.a"; then
1598: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/krb5/lib"
1.1 millert 1599: elif test -f "/usr/local/krb5/lib/libkrb5.a"; then
1600: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/krb5/lib"
1601: else
1602: echo 'Unable to locate kerberos 5 libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS'
1603: fi
1604:
1605: SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
1606: AUTH_OBJS="${AUTH_OBJS} kerb5.o"
1607: fi
1608:
1609: dnl
1.4 millert 1610: dnl PAM libs
1611: dnl
1612: if test "$with_pam" = "yes"; then
1613: AC_HAVE_LIBRARY(dl, SUDO_LIBS="${SUDO_LIBS} -ldl -lpam", SUDO_LIBS="${SUDO_LIBS} -lpam")
1614: fi
1615:
1616: dnl
1.1 millert 1617: dnl Find kerberos 4 includes and libs or complain
1618: dnl
1619: if test "$with_kerb4" = "yes"; then
1.7 millert 1620: AC_DEFINE(HAVE_KERB4, 1, [Define if you use Kerberos IV.])
1.1 millert 1621: if test -f "/usr/include/kerberosIV/krb.h"; then
1622: CPPFLAGS="${CPPFLAGS} -I/usr/include/kerberosIV"
1623: elif test -f "/usr/local/include/kerberosIV/krb.h"; then
1624: CPPFLAGS="${CPPFLAGS} -I/usr/local/include/kerberosIV"
1625: elif test -f "/usr/kerberos/include/krb.h"; then
1626: CPPFLAGS="${CPPFLAGS} -I/usr/kerberos/include"
1627: elif test -f "/usr/local/kerberos/include/krb.h"; then
1628: CPPFLAGS="${CPPFLAGS} -I/usr/local/kerberos/include"
1629: else
1630: echo 'Unable to locate kerberos 4 include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS'
1631: fi
1632:
1633: if test -d "/usr/kerberos/lib"; then
1634: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/kerberos/lib"
1635: elif test -d "/usr/lib/kerberos"; then
1636: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/lib/kerberos"
1637: elif test -f "/usr/local/lib/libkrb.a"; then
1638: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/lib"
1639: elif test ! -f "/usr/lib/libkrb.a"; then
1640: echo 'Unable to locate kerberos 4 libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS'
1641: fi
1642:
1643: AC_HAVE_LIBRARY(des, SUDO_LIBS="${SUDO_LIBS} -lkrb -ldes", SUDO_LIBS="${SUDO_LIBS} -lkrb")
1644: AUTH_OBJS="${AUTH_OBJS} kerb4.o"
1645: fi
1646:
1647: dnl
1648: dnl extra AFS libs and includes
1649: dnl
1650: if test "$with_AFS" = "yes"; then
1651:
1652: # looks like the "standard" place for AFS libs is /usr/afsws/lib
1653: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
1654: for i in $AFSLIBDIRS; do
1655: if test -d ${i}; then
1656: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L${i}"
1657: FOUND_AFSLIBDIR=true
1658: fi
1659: done
1660: if test -z "$FOUND_AFSLIBDIR"; then
1661: echo 'Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDO_LDFLAGS or rerun configure with the --with-libpath options.'
1662: fi
1663:
1664: # Order is important here. Note that we build AFS_LIBS from right to left
1665: # since AFS_LIBS may be initialized with BSD compat libs that must go last
1666: AFS_LIBS="-laudit ${AFS_LIBS}"
1667: for i in $AFSLIBDIRS; do
1668: if test -f ${i}/util.a; then
1669: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
1670: FOUND_UTIL_A=true
1671: break;
1672: fi
1673: done
1674: if test -z "$FOUND_UTIL_A"; then
1675: AFS_LIBS="-lutil ${AFS_LIBS}"
1676: fi
1677: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
1678:
1679: # AFS includes may live in /usr/include on some machines...
1680: for i in /usr/afsws/include; do
1681: if test -d ${i}; then
1682: CPPFLAGS="${CPPFLAGS} -I${i}"
1683: FOUND_AFSINCDIR=true
1684: fi
1685: done
1686:
1687: if test -z "$FOUND_AFSLIBDIR"; then
1688: echo 'Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.'
1689: fi
1690: fi
1691:
1692: dnl
1693: dnl extra DCE obj + lib
1694: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
1695: dnl
1696: if test "$with_DCE" = "yes"; then
1697: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
1698: SUDO_LIBS="${SUDO_LIBS} -ldce"
1.5 millert 1699: fi
1700:
1701: dnl
1.1 millert 1702: dnl extra S/Key lib and includes
1703: dnl
1704: if test "$with_skey" = "yes"; then
1705: SUDO_LIBS="${SUDO_LIBS} -lskey"
1706: if test -f /usr/include/skey.h -a -f /usr/lib/libskey.a; then
1707: :
1708: elif test -f /usr/local/include/skey.h; then
1709: CPPFLAGS="${CPPFLAGS} -I/usr/local/include"
1710: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/lib"
1711: elif test "$with_csops" = "yes" -a -f /tools/cs/skey/include/skey.h -a -f /tools/cs/skey/lib/libskey.a; then
1712: CPPFLAGS="${CPPFLAGS} -I/tools/cs/skey/include"
1713: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/tools/cs/skey/lib"
1714: else
1715: echo 'Unable to locate libskey.a and/or skey.h, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS and/or -I/path/to/skey.h to CPPFLAGS'
1716: fi
1.7 millert 1717: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS, 1, [Define if your S/Key library has skeyaccess().]))
1.1 millert 1718: fi
1719:
1720: dnl
1721: dnl extra OPIE lib and includes
1722: dnl
1723: if test "$with_opie" = "yes"; then
1724: SUDO_LIBS="${SUDO_LIBS} -lopie"
1725: if test -f /usr/include/opie.h -a -f /usr/lib/libopie.a; then
1726: :
1727: elif test -f /usr/local/include/opie.h; then
1728: CPPFLAGS="${CPPFLAGS} -I/usr/local/include"
1729: SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/lib"
1730: else
1731: echo 'Unable to locate libopie.a and/or opie.h, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDO_LDFLAGS and/or -I/path/to/opie.h to CPPFLAGS'
1732: fi
1733: fi
1734:
1735: dnl
1736: dnl extra SecurID lib + includes
1737: dnl
1738: if test -n "$with_SecurID" -a "$with_SecurID" != "no"; then
1739: if test "$with_SecurID" != "yes"; then
1740: SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
1741: CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
1742: elif test -f /usr/ace/examples/sdiclient.a; then
1743: SUDO_LIBS="${SUDO_LIBS} /usr/ace/examples/sdiclient.a"
1744: CPPFLAGS="${CPPFLAGS} -I/usr/ace/examples"
1745: else
1746: SUDO_LIBS="${SUDO_LIBS} /usr/ace/sdiclient.a"
1747: CPPFLAGS="${CPPFLAGS} -I/usr/ace"
1748: fi
1749: fi
1750:
1751: dnl
1752: dnl extra FWTK libs + includes
1753: dnl
1754: if test "$with_fwtk" = "yes"; then
1755: SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall"
1756: fi
1757:
1758: dnl
1759: dnl extra 'authenticate' lib (AIX only?)
1760: dnl
1761: if test "$with_authenticate" = "yes"; then
1762: SUDO_LIBS="${SUDO_LIBS} -ls"
1763: fi
1764:
1765: dnl
1766: dnl Check for log file and timestamp locations
1767: dnl
1768: SUDO_LOGFILE
1769: SUDO_TIMEDIR
1770:
1771: dnl
1772: dnl Use passwd (and secureware) auth modules?
1773: dnl
1774: if test "$with_passwd" = "no"; then
1.7 millert 1775: AC_DEFINE(WITHOUT_PASSWD, 1. [Define to avoid using the passwd/shadow file for authentication.])
1.1 millert 1776: if test -z "$AUTH_OBJS"; then
1777: AC_MSG_ERROR([no authentication methods defined.])
1778: fi
1779: else
1780: if test -n "$SECUREWARE"; then
1781: AUTH_OBJS="${AUTH_OBJS} passwd.o secureware.o"
1782: else
1783: AUTH_OBJS="${AUTH_OBJS} passwd.o"
1784: fi
1785: fi
1786:
1787: dnl
1788: dnl LIBS may contain duplicates from SUDO_LIBS or NET_LIBS so prune it.
1789: dnl
1790: if test -n "$LIBS"; then
1791: L="$LIBS"
1792: LIBS=
1793: for l in ${L}; do
1794: dupe=0
1795: for sl in ${SUDO_LIBS} ${NET_LIBS}; do
1796: test $l = $sl && dupe=1
1797: done
1798: test $dupe = 0 && LIBS="${LIBS} $l"
1799: done
1800: fi
1801:
1802: dnl
1803: dnl Set exec_prefix
1804: dnl
1805: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
1806:
1807: dnl
1.5 millert 1808: dnl Substitute into the Makefile and man pages
1.1 millert 1809: dnl
1.5 millert 1810: AC_OUTPUT([Makefile sudo.man visudo.man sudoers.man])
1.1 millert 1811:
1812: dnl
1813: dnl Spew any text the user needs to know about
1814: dnl
1815: if test "$with_pam" = "yes"; then
1816: echo ""
1817: case $host in
1818: *-*-linux*)
1819: echo "You will need to customize sample.pam and install it as /etc/pam.d/sudo"
1820: ;;
1821: esac
1822: echo ""
1823: fi
1.7 millert 1824:
1825: dnl
1826: dnl Special bits for autoheader
1827: dnl
1828: AH_VERBATIM([_GNU_SOURCE],
1829: [/* Enable GNU extensions on systems that have them. */
1830: #ifndef _GNU_SOURCE
1831: # define _GNU_SOURCE 1
1832: #endif])
1833:
1834: AH_VERBATIM([_ALL_SOURCE],
1835: [/* Enable non-POSIX extensions on AIX. */
1836: #ifndef _ALL_SOURCE
1837: # undef _ALL_SOURCE
1838: #endif])
1839:
1840: AH_VERBATIM([_CONVEX_SOURCE],
1841: [/* Enable non-POSIX extensions on ConvexOS. */
1842: #ifndef _CONVEX_SOURCE
1843: # undef _CONVEX_SOURCE
1844: #endif])
1845:
1846: AH_TOP([#ifndef _SUDO_CONFIG_H
1847: #define _SUDO_CONFIG_H])
1848:
1849: AH_BOTTOM([/*
1850: * Emulate a subset of waitpid() if we don't have it.
1851: */
1852: #ifdef HAVE_WAITPID
1853: # define sudo_waitpid(p, s, o) waitpid(p, s, o)
1854: #else
1855: # ifdef HAVE_WAIT3
1856: # define sudo_waitpid(p, s, o) wait3(s, o, NULL)
1857: # endif
1858: #endif
1859:
1860: /* Solaris doesn't use const qualifiers in PAM. */
1861: #ifdef sun
1862: # define PAM_CONST
1863: #else
1864: # define PAM_CONST const
1865: #endif
1866:
1867: #ifdef USE_EXECV
1868: # define EXEC execv
1869: #else
1870: # define EXEC execvp
1871: #endif /* USE_EXECV */
1872:
1873: /* New ANSI-style OS defs for HP-UX and ConvexOS. */
1874: #if defined(hpux) && !defined(__hpux)
1875: # define __hpux 1
1876: #endif /* hpux */
1877:
1878: #if defined(convex) && !defined(__convex__)
1879: # define __convex__ 1
1880: #endif /* convex */
1881:
1882: /* BSD compatibility on some SVR4 systems. */
1883: #ifdef __svr4__
1884: # define BSD_COMP
1885: #endif /* __svr4__ */
1886:
1887: #endif /* _SUDO_CONFIG_H */])