3 # SPDX-License-Identifier: ISC
5 # Copyright (c) 2010-2018 Todd C. Miller <Todd.Miller@sudo.ws>
7 # Permission to use, copy, modify, and distribute this software for any
8 # purpose with or without fee is hereby granted, provided that the above
9 # copyright notice and this permission notice appear in all copies.
11 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 # Build a binary package using polypkg
20 # Usage: mkpkg [--debug] [--flavor flavor] [--platform platform] [--osversion ver]
23 # Make sure IFS is set to space, tab, newline in that order.
31 usage="usage: mkpkg [--debug] [--flavor flavor] [--platform platform] [--osversion ver]"
35 while test $# -gt 0; do
40 PPFLAGS="--debug${PPFLAGS+$space}${PPFLAGS}"
43 flavor=`echo "$1" | sed -n 's/^--flavor=\(.*\)/\1/p'`
44 PPVARS="${PPVARS}${PPVARS+$space}flavor=$flavor"
52 PPVARS="${PPVARS}${PPVARS+$space}flavor=$flavor"
56 arg=`echo "$1" | sed -n 's/^--platform=\(.*\)/\1/p'`
57 PPFLAGS="${PPFLAGS}${PPFLAGS+$space}--platform $arg"
64 PPFLAGS="${PPFLAGS}${PPFLAGS+$space}--platform $2"
68 arg=`echo "$1" | sed -n 's/^--osversion=\(.*\)/\1/p'`
81 configure_opts="${configure_opts}${configure_opts+$tab}$1"
84 # Pass unknown options to configure
85 configure_opts="${configure_opts}${configure_opts+$tab}$1"
91 top_srcdir=`dirname $0`
93 : ${osversion="`$top_srcdir/pp --probe`"}
94 test -n "$osversion" || exit 1
95 osrelease=`echo "$osversion" | sed -e 's/^[^0-9]*//' -e 's/-.*$//'`
98 # If using GNU make, set number of jobs
99 if ${MAKE} --version 2>&1 | grep GNU >/dev/null; then
104 NJOBS=`sysctl -n hw.ncpu`
107 if [ -r /proc/cpuinfo ]; then
108 for c in `sed -n 's/^cpu cores[ ]*: *//p' /proc/cpuinfo`; do
109 NJOBS=`expr $NJOBS + $c`
115 if [ -x /usr/sbin/psrinfo ]; then
116 NJOBS=`/usr/sbin/psrinfo | wc -l`
120 NJOBS=`sar -Mu 1 1 | awk 'END {print NR-5}'`
123 NJOBS=`bindprocessor -q | awk '{print NF-4}'`
126 if [ $NJOBS -gt 1 ]; then
131 # Choose compiler options by osversion if not cross-compiling.
132 if [ "$crossbuild" = "false" ]; then
135 # Use clang on macOS if present
136 if [ -z "$CC" -a -x /usr/bin/clang ]; then
137 CC=/usr/bin/clang; export CC
141 # Use the Sun Studio C compiler on Solaris if possible
142 if [ -z "$CC" -a -x /usr/bin/cc ]; then
143 CC=/usr/bin/cc; export CC
144 if [ -z "$CFLAGS" ]; then
145 CFLAGS=-O; export CFLAGS
152 # Give configure a hint that we are building a package.
153 # Some libc functions are only available on certain OS revisions.
154 configure_opts="${configure_opts}${configure_opts+$tab}--enable-package-build"
156 # Choose configure options by osversion.
157 # We use the same configure options as vendor packages when possible.
159 centos*|rhel*|f[0-9]*)
162 osmajor=`sed -n -e 's/^.*release \([0-9]*\)[^0-9].*$/\1/p' /etc/redhat-release`
163 if [ $osmajor -ge 4 ]; then
164 # RHEL 4 and up support SELinux
166 if [ $osmajor -ge 5 ]; then
167 # RHEL 5 and up has audit support and uses a
168 # separate PAM config file for "sudo -i".
169 with_linux_audit=true
171 if [ $osmajor -ge 6 ]; then
172 # RHEL 6 and above builds sudo with SSSD support
174 # RHEL 6 and above use /etc/sudo-ldap.conf
175 with_sudo_ldap_conf=true
181 # XXX - investigate which features were in which fedora version
183 with_linux_audit=true
189 if [ X"$with_selinux" = X"true" ]; then
190 configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux"
192 if [ X"$with_linux_audit" = X"true" ]; then
193 configure_opts="${configure_opts}${configure_opts+$tab}--with-linux-audit"
194 PPVARS="${PPVARS}${PPVARS+$space}linux_audit=1.4.0"
196 if [ X"$with_pam_login" = X"true" ]; then
197 configure_opts="${configure_opts}${configure_opts+$tab}--with-pam-login"
199 if [ X"$with_sssd" = X"true" ]; then
200 configure_opts="${configure_opts}${configure_opts+$tab}--with-sssd"
201 if test "`getconf LONG_BIT`" = "64"; then
202 # SSSD backend needs to know where to find the sssd lib
203 configure_opts="${configure_opts}${configure_opts+$tab}--with-sssd-lib=/usr/lib64"
206 if [ X"$with_sudo_ldap_conf" = X"true" ]; then
207 configure_opts="${configure_opts}${configure_opts+$tab}--with-ldap-conf-file=/etc/sudo-ldap.conf"
209 # Note, must indent with tabs, not spaces due to IFS trickery
210 configure_opts="--prefix=/usr
211 --with-logging=syslog
212 --with-logfac=authpriv
215 --with-editor=/bin/vi
220 --with-passprompt=[sudo] password for %p:
221 --with-sendmail=/usr/sbin/sendmail
225 if [ $osrelease -ge 10 ]; then
226 # SLES 11 and higher has SELinux
227 if [ $osrelease -ge 11 ]; then
228 configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux"
231 # SuSE doesn't have /usr/libexec
234 *64*) gcc -v 2>&1 | grep "with-cpu=[^ ]*32" >/dev/null || libexec=lib64
237 # Note, must indent with tabs, not spaces due to IFS trickery
238 # XXX - SuSE uses secure path but only for env_reset
239 configure_opts="--prefix=/usr
240 --libexecdir=/usr/$libexec
241 --with-logging=syslog
246 --enable-shell-sets-home
247 --with-sudoers-mode=0440
252 --with-passprompt=%p\'s password:
253 --with-sendmail=/usr/sbin/sendmail
256 make_opts="${make_opts}${make_opts+ }"'docdir=$(datarootdir)/doc/packages/$(PACKAGE_TARNAME)'
259 # Man pages should be compressed in .deb files
260 export MANCOMPRESS='gzip -9'
261 export MANCOMPRESSEXT='.gz'
262 # If Ubuntu, add --enable-admin-flag
265 configure_opts="${configure_opts}${configure_opts+$tab}--enable-admin-flag${tab}--without-lecture"
268 # Newer Debian uses arch-specific lib dirs
269 MULTIARCH=`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`
270 # Note, must indent with tabs, not spaces due to IFS trickery
271 if test "$flavor" = "ldap"; then
272 configure_opts="${configure_opts}${configure_opts+$tab}--with-ldap
273 --with-ldap-conf-file=/etc/sudo-ldap.conf"
275 configure_opts="${configure_opts}${configure_opts+$tab}--with-sssd"
276 if test -n "$MULTIARCH"; then
277 # SSSD backend needs to know where to find the sssd lib
278 configure_opts="${configure_opts}${configure_opts+$tab}--with-sssd-lib=/usr/lib/$MULTIARCH"
281 configure_opts="--prefix=/usr
286 --with-logging=syslog
287 --with-logfac=authpriv
289 --with-editor=/usr/bin/editor
291 --with-password-timeout=0
292 --with-passprompt=[sudo] password for %p:
293 --disable-root-mailer
294 --with-sendmail=/usr/sbin/sendmail
295 --mandir=/usr/share/man
296 --libexecdir=/usr/lib
300 # Use correct libaudit dependency
301 for f in /lib/${MULTIARCH}${MULTIARCH:+/}libaudit.so.[0-9]* /lib/libaudit.so.[0-9]*; do
302 if test -f "$f"; then
303 linux_audit=`dpkg-query -S "$f" 2>/dev/null | sed -n 's/:.*//p'`
304 test -n "$linux_audit" && break;
307 if [ -z "linux_audit" ]; then
308 echo "unable to determine package for libaudit" 1>&2
311 PPVARS="${PPVARS}${PPVARS+$space}linux_audit=$linux_audit"
315 macos10[0-6]-i386|macos10[0-6]-x86_64)
316 # Build intel universal binaries for 10.6 and below
317 ARCH_FLAGS="-arch i386 -arch x86_64"
320 if test "${osversion}" != "`$top_srcdir/pp --probe`"; then
321 sdkvers=`echo "${osversion}" | sed 's/^macos\([0-9][0-9]\)\([0-9]*\)-.*$/\1.\2/'`
322 # Newer Xcode puts /Developer under the app Contents dir.
323 SDK_DIR="/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs"
324 if test -d "${SDK_DIR}/MacOSX${sdkvers}.sdk"; then
325 SDK_DIR="${SDK_DIR}/MacOSX${sdkvers}.sdk"
326 elif test -d "/Developer/SDKs/MacOSX${sdkvers}.sdk"; then
327 SDK_DIR="/Developer/SDKs/MacOSX${sdkvers}.sdk"
329 SDK_FLAGS="-isysroot ${SDK_DIR} -mmacosx-version-min=${sdkvers}"
331 export CFLAGS="-O2 -g $ARCH_FLAGS $SDK_FLAGS"
332 export LDFLAGS="$ARCH_FLAGS $SDK_FLAGS"
333 # Note, must indent with tabs, not spaces due to IFS trickery
334 configure_opts="--with-pam
336 --without-tty-tickets
339 --with-insults=disabled
340 --with-logging=syslog
341 --with-logfac=authpriv
342 --with-editor=/usr/bin/vim
347 # Use -gxcoff with gcc instead of -g for dbx-style debugging symbols.
348 if test -z "$CC" && gcc -v >/dev/null 2>&1; then
349 CFLAGS=-gxcoff; export CFLAGS
351 # Note, must indent with tabs, not spaces due to IFS trickery
352 # Note: we include our own zlib instead of relying on the
353 # AIX freeware version being installed.
355 --prefix=/opt/freeware
356 --mandir=/opt/freeware/man
357 --with-insults=disabled
358 --with-logging=syslog
360 --with-editor=/usr/bin/vi
362 --enable-zlib=builtin
364 --with-sendmail=/usr/sbin/sendmail
366 PPVARS="${PPVARS}${PPVARS+$space}aix_freeware=true"
369 # For Solaris, add project support and use let configure choose zlib.
370 # For all others, use the builtin zlib and disable NLS support.
373 configure_opts="${configure_opts}${configure_opts+$tab}--with-project"
375 if [ $osrelease -ge 11 ]; then
376 configure_opts="${configure_opts}${configure_opts+$tab}--with-bsm-audit"
380 configure_opts="${configure_opts}${configure_opts+$tab}--enable-zlib=builtin${tab}--disable-nls"
383 if test "$flavor" = "ldap"; then
384 configure_opts="${configure_opts}${configure_opts+$tab}--with-ldap"
386 # Note, must indent with tabs, not spaces due to IFS trickery
388 --with-insults=disabled
389 --with-logging=syslog
391 --with-editor=/usr/bin/vim:/usr/bin/vi:/bin/vi
397 # The postinstall script will create tmpfiles.d/sudo.conf for us
398 configure_opts="${configure_opts}${configure_opts+$tab}--disable-tmpfiles.d"
400 # Remove spaces from IFS when setting $@ so that passprompt may include them
403 set -- $configure_opts $extra_opts
405 if [ -r Makefile ]; then
406 ${MAKE} $make_opts distclean
408 $top_srcdir/configure "$@" || exit 1
409 ${MAKE} $make_opts && ${MAKE} $make_opts PPFLAGS="$PPFLAGS" PPVARS="$PPVARS" package
410 test $debug -eq 0 && rm -rf destdir