#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for sudo 1.7.10p8.
+# Generated by GNU Autoconf 2.69 for sudo 1.7.10p9.
#
# Report bugs to <http://www.sudo.ws/bugs/>.
#
#
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
-# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
-# Foundation, Inc.
+# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
#
#
# This configure script is free software; the Free Software Foundation
# CDPATH.
(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+# Use a proper internal environment variable to ensure we don't fall
+ # into an infinite loop, continuously re-executing ourselves.
+ if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then
+ _as_can_reexec=no; export _as_can_reexec;
+ # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+ *v*x* | *x*v* ) as_opts=-vx ;;
+ *v* ) as_opts=-v ;;
+ *x* ) as_opts=-x ;;
+ * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+as_fn_exit 255
+ fi
+ # We don't want this to propagate to other subprocesses.
+ { _as_can_reexec=; unset _as_can_reexec;}
if test "x$CONFIG_SHELL" = x; then
as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
emulate sh
else
exitcode=1; echo positional parameters were not saved.
fi
-test x\$exitcode = x0 || exit 1"
+test x\$exitcode = x0 || exit 1
+test -x / || exit 1"
as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
if test "x$CONFIG_SHELL" != x; then :
- # We cannot yet assume a decent shell, so we have to provide a
- # neutralization value for shells without unset; and this also
- # works around shells that cannot unset nonexistent variables.
- # Preserve -v and -x to the replacement shell.
- BASH_ENV=/dev/null
- ENV=/dev/null
- (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
- export CONFIG_SHELL
- case $- in # ((((
- *v*x* | *x*v* ) as_opts=-vx ;;
- *v* ) as_opts=-v ;;
- *x* ) as_opts=-x ;;
- * ) as_opts= ;;
- esac
- exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"}
+ export CONFIG_SHELL
+ # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+ *v*x* | *x*v* ) as_opts=-vx ;;
+ *v* ) as_opts=-v ;;
+ *x* ) as_opts=-x ;;
+ * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+exit 255
fi
if test x$as_have_required = xno; then :
} # as_fn_mkdir_p
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+ test -f "$1" && test -x "$1"
+} # as_fn_executable_p
# as_fn_append VAR VALUE
# ----------------------
# Append the text in VALUE to the end of the definition contained in VAR. Take
chmod +x "$as_me.lineno" ||
{ $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
+ # If we had to re-execute with $CONFIG_SHELL, we're ensured to have
+ # already done that, so ensure we don't try to do so again and fall
+ # in an infinite loop. This has already happened in practice.
+ _as_can_reexec=no; export _as_can_reexec
# Don't try to exec as it changes $[0], causing all sort of problems
# (the dirname of $[0] is not the place where we might find the
# original and so on. Autoconf is especially sensitive to this).
# ... but there are two gotchas:
# 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
# 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
- # In both cases, we have to default to `cp -p'.
+ # In both cases, we have to default to `cp -pR'.
ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
- as_ln_s='cp -p'
+ as_ln_s='cp -pR'
elif ln conf$$.file conf$$ 2>/dev/null; then
as_ln_s=ln
else
- as_ln_s='cp -p'
+ as_ln_s='cp -pR'
fi
else
- as_ln_s='cp -p'
+ as_ln_s='cp -pR'
fi
rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
rmdir conf$$.dir 2>/dev/null
as_mkdir_p=false
fi
-if test -x / >/dev/null 2>&1; then
- as_test_x='test -x'
-else
- if ls -dL / >/dev/null 2>&1; then
- as_ls_L_option=L
- else
- as_ls_L_option=
- fi
- as_test_x='
- eval sh -c '\''
- if test -d "$1"; then
- test -d "$1/.";
- else
- case $1 in #(
- -*)set "./$1";;
- esac;
- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
- ???[sx]*):;;*)false;;esac;fi
- '\'' sh
- '
-fi
-as_executable_p=$as_test_x
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
# Sed expression to map a string onto a valid CPP name.
as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
# Identity of this package.
PACKAGE_NAME='sudo'
PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.7.10p8'
-PACKAGE_STRING='sudo 1.7.10p8'
+PACKAGE_VERSION='1.7.10p9'
+PACKAGE_STRING='sudo 1.7.10p9'
PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/'
PACKAGE_URL=''
with_fqdn
with_timedir
with_iologdir
+with_tzdir
with_sendmail
with_sudoers_mode
with_sudoers_uid
if test "x$host_alias" != x; then
if test "x$build_alias" = x; then
cross_compiling=maybe
- $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host.
- If a cross compiler is detected then cross compile mode will be used" >&2
elif test "x$build_alias" != "x$host_alias"; then
cross_compiling=yes
fi
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures sudo 1.7.10p8 to adapt to many kinds of systems.
+\`configure' configures sudo 1.7.10p9 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of sudo 1.7.10p8:";;
+ short | recursive ) echo "Configuration of sudo 1.7.10p9:";;
esac
cat <<\_ACEOF
--with-fqdn expect fully qualified hosts in sudoers
--with-timedir path to the sudo timestamp dir
--with-iologdir=DIR directory to store sudo I/O log files in
+ --with-tzdir=DIR path to the time zone data directory
--with-sendmail set path to sendmail
--without-sendmail do not send mail at all
--with-sudoers-mode mode of sudoers file (defaults to 0440)
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-sudo configure 1.7.10p8
-generated by GNU Autoconf 2.68
+sudo configure 1.7.10p9
+generated by GNU Autoconf 2.69
-Copyright (C) 2010 Free Software Foundation, Inc.
+Copyright (C) 2012 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
_ACEOF
test ! -s conftest.err
} && test -s conftest$ac_exeext && {
test "$cross_compiling" = yes ||
- $as_test_x conftest$ac_exeext
+ test -x conftest$ac_exeext
}; then :
ac_retval=0
else
main ()
{
static int test_array [1 - 2 * !(($2) >= 0)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
;
return 0;
main ()
{
static int test_array [1 - 2 * !(($2) <= $ac_mid)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
;
return 0;
main ()
{
static int test_array [1 - 2 * !(($2) < 0)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
;
return 0;
main ()
{
static int test_array [1 - 2 * !(($2) >= $ac_mid)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
;
return 0;
main ()
{
static int test_array [1 - 2 * !(($2) <= $ac_mid)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
;
return 0;
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by sudo $as_me 1.7.10p8, which was
-generated by GNU Autoconf 2.68. Invocation command line was
+It was created by sudo $as_me 1.7.10p9, which was
+generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_CC="${ac_tool_prefix}gcc"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_CC="gcc"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_CC="${ac_tool_prefix}cc"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
ac_prog_rejected=yes
continue
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_CC="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
/* end confdefs.h. */
#include <stdarg.h>
#include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
+struct stat;
/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
struct buf { int x; };
FILE * (*rcsopen) (struct buf *, struct stat *, int);
+# Check whether --with-tzdir was given.
+if test "${with_tzdir+set}" = set; then :
+ withval=$with_tzdir; case $with_tzdir in
+ yes) as_fn_error $? "\"must give --with-tzdir an argument.\"" "$LINENO" 5
+ ;;
+esac
+fi
+
+
+
# Check whether --with-sendmail was given.
if test "${with_sendmail+set}" = set; then :
withval=$with_sendmail; case $with_sendmail in
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_AR="${ac_tool_prefix}ar"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_AR="ar"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_RANLIB="ranlib"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
for ac_prog in sed gsed; do
for ac_exec_ext in '' $ac_executable_extensions; do
ac_path_SED="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue
+ as_fn_executable_p "$ac_path_SED" || continue
# Check for GNU ac_path_SED and select it if it is found.
# Check for GNU $ac_path_SED
case `"$ac_path_SED" --version 2>&1` in
for ac_prog in grep ggrep; do
for ac_exec_ext in '' $ac_executable_extensions; do
ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
+ as_fn_executable_p "$ac_path_GREP" || continue
# Check for GNU ac_path_GREP and select it if it is found.
# Check for GNU $ac_path_GREP
case `"$ac_path_GREP" --version 2>&1` in
for ac_prog in egrep; do
for ac_exec_ext in '' $ac_executable_extensions; do
ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
+ as_fn_executable_p "$ac_path_EGREP" || continue
# Check for GNU ac_path_EGREP and select it if it is found.
# Check for GNU $ac_path_EGREP
case `"$ac_path_EGREP" --version 2>&1` in
for ac_prog in fgrep; do
for ac_exec_ext in '' $ac_executable_extensions; do
ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue
+ as_fn_executable_p "$ac_path_FGREP" || continue
# Check for GNU ac_path_FGREP and select it if it is found.
# Check for GNU $ac_path_FGREP
case `"$ac_path_FGREP" --version 2>&1` in
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_DUMPBIN="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_OBJDUMP="objdump"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_DLLTOOL="dlltool"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_AR="$ac_tool_prefix$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_AR="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_STRIP="${ac_tool_prefix}strip"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_STRIP="strip"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_RANLIB="ranlib"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_AWK="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_MANIFEST_TOOL="mt"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_DSYMUTIL="dsymutil"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_NMEDIT="nmedit"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_LIPO="${ac_tool_prefix}lipo"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_LIPO="lipo"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_OTOOL="${ac_tool_prefix}otool"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_OTOOL="otool"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_OTOOL64="otool64"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_UNAMEPROG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_TRPROG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_MANDOCPROG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_NROFFPROG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
int
main ()
{
-/* FIXME: Include the comments suggested by Paul. */
+
#ifndef __cplusplus
- /* Ultrix mips cc rejects this. */
+ /* Ultrix mips cc rejects this sort of thing. */
typedef int charset[2];
- const charset cs;
+ const charset cs = { 0, 0 };
/* SunOS 4.1.1 cc rejects this. */
char const *const *pcpcc;
char **ppc;
++pcpcc;
ppc = (char**) pcpcc;
pcpcc = (char const *const *) ppc;
- { /* SCO 3.2v4 cc rejects this. */
- char *t;
+ { /* SCO 3.2v4 cc rejects this sort of thing. */
+ char tx;
+ char *t = &tx;
char const *s = 0 ? (char *) 0 : (char const *) 0;
*t++ = 0;
iptr p = 0;
++p;
}
- { /* AIX XL C 1.02.0.0 rejects this saying
+ { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying
"k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
- struct s { int j; const int *ap[3]; };
- struct s *b; b->j = 5;
+ struct s { int j; const int *ap[3]; } bx;
+ struct s *b = &bx; b->j = 5;
}
{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
const int foo = 10;
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_YACC="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_FLEX="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
esac
rm -rf conftest*
fi
+
+
fi
case "$host" in
fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5
-$as_echo_n "checking for long long int... " >&6; }
-if ${ac_cv_type_long_long_int+:} false; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for unsigned long long int" >&5
+$as_echo_n "checking for unsigned long long int... " >&6; }
+if ${ac_cv_type_unsigned_long_long_int+:} false; then :
$as_echo_n "(cached) " >&6
else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ ac_cv_type_unsigned_long_long_int=yes
+ if test "x${ac_cv_prog_cc_c99-no}" = xno; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* For now, do not test the preprocessor; as of 2007 there are too many
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- if test "$cross_compiling" = yes; then :
+
+else
+ ac_cv_type_unsigned_long_long_int=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_unsigned_long_long_int" >&5
+$as_echo "$ac_cv_type_unsigned_long_long_int" >&6; }
+ if test $ac_cv_type_unsigned_long_long_int = yes; then
+
+$as_echo "#define HAVE_UNSIGNED_LONG_LONG_INT 1" >>confdefs.h
+
+ fi
+
+
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5
+$as_echo_n "checking for long long int... " >&6; }
+if ${ac_cv_type_long_long_int+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
ac_cv_type_long_long_int=yes
+ if test "x${ac_cv_prog_cc_c99-no}" = xno; then
+ ac_cv_type_long_long_int=$ac_cv_type_unsigned_long_long_int
+ if test $ac_cv_type_long_long_int = yes; then
+ if test "$cross_compiling" = yes; then :
+ :
else
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include <limits.h>
- #ifndef LLONG_MAX
- # define HALF \
- (1LL << (sizeof (long long int) * CHAR_BIT - 2))
- # define LLONG_MAX (HALF - 1 + HALF)
- #endif
+ #ifndef LLONG_MAX
+ # define HALF \
+ (1LL << (sizeof (long long int) * CHAR_BIT - 2))
+ # define LLONG_MAX (HALF - 1 + HALF)
+ #endif
int
main ()
{
long long int n = 1;
- int i;
- for (i = 0; ; i++)
- {
- long long int m = n << i;
- if (m >> i != n)
- return 1;
- if (LLONG_MAX / 2 < m)
- break;
- }
- return 0;
+ int i;
+ for (i = 0; ; i++)
+ {
+ long long int m = n << i;
+ if (m >> i != n)
+ return 1;
+ if (LLONG_MAX / 2 < m)
+ break;
+ }
+ return 0;
;
return 0;
}
_ACEOF
if ac_fn_c_try_run "$LINENO"; then :
- ac_cv_type_long_long_int=yes
+
else
ac_cv_type_long_long_int=no
fi
conftest.$ac_objext conftest.beam conftest.$ac_ext
fi
-else
- ac_cv_type_long_long_int=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
+ fi
+ fi
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_long_long_int" >&5
$as_echo "$ac_cv_type_long_long_int" >&6; }
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_prog_KRB5CONFIG="yes"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $iolog_dir" >&5
$as_echo "$iolog_dir" >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking time zone data directory" >&5
+$as_echo_n "checking time zone data directory... " >&6; }
+tzdir="$with_tzdir"
+if test -z "$tzdir"; then
+ tzdir=no
+ for d in /usr/share /usr/share/lib /usr/lib /etc; do
+ if test -d "$d/zoneinfo"; then
+ tzdir="$d/zoneinfo"
+ break
+ fi
+ done
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $tzdir" >&5
+$as_echo "$tzdir" >&6; }
+if test "${tzdir}" != "no"; then
+ cat >>confdefs.h <<EOF
+#define _PATH_ZONEINFO "$tzdir"
+EOF
+
+fi
+
if test "${with_iologdir-yes}" != "no"; then
# Require POSIX job control for I/O log support
# ... but there are two gotchas:
# 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
# 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
- # In both cases, we have to default to `cp -p'.
+ # In both cases, we have to default to `cp -pR'.
ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
- as_ln_s='cp -p'
+ as_ln_s='cp -pR'
elif ln conf$$.file conf$$ 2>/dev/null; then
as_ln_s=ln
else
- as_ln_s='cp -p'
+ as_ln_s='cp -pR'
fi
else
- as_ln_s='cp -p'
+ as_ln_s='cp -pR'
fi
rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
rmdir conf$$.dir 2>/dev/null
as_mkdir_p=false
fi
-if test -x / >/dev/null 2>&1; then
- as_test_x='test -x'
-else
- if ls -dL / >/dev/null 2>&1; then
- as_ls_L_option=L
- else
- as_ls_L_option=
- fi
- as_test_x='
- eval sh -c '\''
- if test -d "$1"; then
- test -d "$1/.";
- else
- case $1 in #(
- -*)set "./$1";;
- esac;
- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
- ???[sx]*):;;*)false;;esac;fi
- '\'' sh
- '
-fi
-as_executable_p=$as_test_x
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+ test -f "$1" && test -x "$1"
+} # as_fn_executable_p
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
# Sed expression to map a string onto a valid CPP name.
as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by sudo $as_me 1.7.10p8, which was
-generated by GNU Autoconf 2.68. Invocation command line was
+This file was extended by sudo $as_me 1.7.10p9, which was
+generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
CONFIG_HEADERS = $CONFIG_HEADERS
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-sudo config.status 1.7.10p8
-configured by $0, generated by GNU Autoconf 2.68,
+sudo config.status 1.7.10p9
+configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
-Copyright (C) 2010 Free Software Foundation, Inc.
+Copyright (C) 2012 Free Software Foundation, Inc.
This config.status script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it."
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
if \$ac_cs_recheck; then
- set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+ set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
shift
\$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
CONFIG_SHELL='$SHELL'
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM sudoers.mdoc.in
.\"
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012
+.\" Copyright (c) 1994-1996, 1998-2005, 2007-2014
.\" Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.TH "SUDOERS" "@mansectsu@" "July 16, 2012" "Sudo @PACKAGE_VERSION@" "Programmer's Manual"
+.TH "SUDOERS" "5" "February 9, 2015" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh
.if n .ad l
.SH "NAME"
operators, which many readers will recognize from regular
expressions.
Do not, however, confuse them with
-``wildcard''
+\(lqwildcard\(rq
characters, which have different meanings.
.TP 6n
\fR\&?\fR
\fRNAME\fR
is a string of uppercase letters, numbers,
and underscore characters
-(`_').
+(\(oq_\(cq).
A
\fRNAME\fR
\fBmust\fR
uppercase letter.
It is possible to put several alias definitions
of the same type on a single line, joined by a colon
-(`:\&').
+(\(oq:\&\(cq).
E.g.,
.nf
.sp
\fRUser_List\fR
is made up of one or more user names, user ids
(prefixed with
-`#'),
+\(oq#\(cq),
system group names and ids (prefixed with
-`%'
+\(oq%\(cq
and
-`%#'
+\(oq%#\(cq
respectively), netgroups (prefixed with
-`+'),
+\(oq+\(cq),
non-Unix group names and IDs (prefixed with
-`%:'
+\(oq%:\(cq
and
-`%:#'
+\(oq%:#\(cq
respectively) and
\fRUser_Alias\fRes.
Each list item may be prefixed with zero or more
-`\&!'
+\(oq\&!\(cq
operators.
An odd number of
-`\&!'
+\(oq\&!\(cq
operators negate the value of
the item; an even number just cancel each other out.
.PP
the underlying implementation.
For instance, the QAS AD backend supports the following formats:
.TP 6n
-\fBo\fR
+\fB\(bu\fR
Group in the same domain: "%:Group Name"
.TP 6n
-\fBo\fR
+\fB\(bu\fR
Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN"
.TP 6n
-\fBo\fR
+\fB\(bu\fR
Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567"
.PP
Note that quotes around group names are optional.
Unquoted strings must use a backslash
-(`\e')
+(\(oq\e\(cq)
to escape spaces and special characters.
See
\fIOther special characters and reserved words\fR
\fRHost_List\fR
is made up of one or more host names, IP addresses,
network numbers, netgroups (prefixed with
-`+')
+\(oq+\(cq)
and other aliases.
Again, the value of an item may be negated with the
-`\&!'
+\(oq\&!\(cq
operator.
If you do not specify a netmask along with the network number,
\fBsudo\fR
only inspects actual network interfaces; this means that IP address
127.0.0.1 (localhost) will never match.
Also, the host name
-``localhost''
+\(lqlocalhost\(rq
will only match if that is the actual host name, which is usually
only the case for non-networked systems.
.nf
command line arguments.
A directory is a
fully qualified path name ending in a
-`/'.
+\(oq/\(cq.
When you specify a directory in a
\fRCmnd_List\fR,
the user will be able to run any file within that directory
must match exactly those given by the user on the command line
(or match the wildcards if there are any).
Note that the following characters must be escaped with a
-`\e'
+\(oq\e\(cq
if they are used in command arguments:
-`,\&',
-`:\&',
-`=\&',
-`\e'.
+\(oq,\&\(cq,
+\(oq:\&\(cq,
+\(oq=\&\(cq,
+\(oq\e\(cq.
The special command
-``\fRsudoedit\fR''
+\(lq\fRsudoedit\fR\(rq
is used to permit a user to run
\fBsudo\fR
with the
or
\fBlists\fR.
Flags are implicitly boolean and can be turned off via the
-`\&!'
+\(oq\&!\(cq
operator.
Some integer, string and list parameters may also be
used in a boolean context to disable them.
(\&"")
when they contain multiple words.
Special characters may be escaped with a backslash
-(`\e').
+(\(oq\e\(cq).
.PP
Lists have two additional assignment operators,
\fR+=\fR
but this can be changed on a per-command basis.
.PP
The basic structure of a user specification is
-``who where = (as_whom) what''.
+\(lqwho where = (as_whom) what\(rq.
Let's break that down into its constituent parts:
.SS "Runas_Spec"
A
consists of two
\fRRunas_List\fRs
(as defined above) separated by a colon
-(`:\&')
+(\(oq:\&\(cq)
and enclosed in a set of parentheses.
The first
\fRRunas_List\fR
\fRNOPASSWD\fR
tag is applied to any of the entries for a user on the current host,
he or she will be able to run
-``\fRsudo -l\fR''
+\(lq\fRsudo -l\fR\(rq
without a password.
Additionally, a user may only run
-``\fRsudo -v\fR''
+\(lq\fRsudo -v\fR\(rq
without a password if the
\fRNOPASSWD\fR
tag is present for all a user's entries that pertain to the current host.
.TP 10n
\fR\ex\fR
For any character
-`x',
+\(oqx\(cq,
evaluates to
-`x'.
+\(oqx\(cq.
This is used to escape special characters such as:
-`*',
-`\&?',
-`[\&',
+\(oq*\(cq,
+\(oq\&?\(cq,
+\(oq[\&\(cq,
and
-`]\&'.
+\(oq]\&\(cq.
.PP
POSIX character classes may also be used if your system's
glob(3)
fnmatch(3)
functions support them.
However, because the
-`:\&'
+\(oq:\&\(cq
character has special meaning in
\fIsudoers\fR,
it must be
.nf
.sp
.RS 4n
-/bin/ls [[\:alpha\:]]*
+/bin/ls [[:\&alpha:\&]]*
.RE
.fi
.PP
Would match any file name beginning with a letter.
.PP
Note that a forward slash
-(`/')
+(\(oq/\(cq)
will
\fBnot\fR
be matched by
Wildcards in command line arguments should be used with care.
Because command line arguments are matched as a single, concatenated
string, a wildcard such as
-`\&?'
+\(oq\&?\(cq
or
-`*'
+\(oq*\(cq
can match multiple words.
For example, while a sudoers entry like:
.nf
Command line arguments to the
\fIsudoedit\fR
built-in command should always be path names, so a forward slash
-(`/')
+(\(oq/\(cq)
will not be matched by a wildcard.
.SS "Including other files from within sudoers"
It is possible to include other
.PP
If the path to the include file is not fully-qualified (does not
begin with a
-`/',
+\(oq/\(cq,
it must be located in the same directory as the sudoers file it was
included from.
For example, if
\fR%h\fR
escape, signifying the short form of the host name.
In other words, if the machine's host name is
-``xerxes'',
+\(lqxerxes\(rq,
then
.nf
.sp
will read each file in
\fI/etc/sudoers.d\fR,
skipping file names that end in
-`~'
+\(oq~\(cq
or contain a
-`.\&'
+\(oq.\&\(cq
character to avoid causing problems with package manager or editor
temporary/backup files.
Files are parsed in sorted lexical order.
flag to edit the files directly.
.SS "Other special characters and reserved words"
The pound sign
-(`#')
+(\(oq#\(cq)
is used to indicate a comment (unless it is part of a #include
directive or unless it occurs in the context of a user name and is
followed by one or more digits, in which case it is treated as a
command on the system.
.PP
An exclamation point
-(`\&!')
+(\(oq\&!\(cq)
can be used as a logical
\fInot\fR
operator both in an
\fRCmnd\fR.
This allows one to exclude certain values.
Note, however, that using a
-`\&!'
+\(oq\&!\(cq
in conjunction with the built-in
\fBALL\fR
alias to allow a user to run
-``all but a few''
+\(lqall but a few\(rq
commands rarely works as intended (see
\fISECURITY NOTES\fR
below).
.PP
Long lines can be continued with a backslash
-(`\e')
+(\(oq\e\(cq)
as the last character on the line.
.PP
White space between elements in a list as well as special syntactic
characters in a
\fIUser Specification\fR
-(`=\&',
-`:\&',
-`(\&',
-`)\&')
+(\(oq=\&\(cq,
+\(oq:\&\(cq,
+\(oq(\&\(cq,
+\(oq)\&\(cq)
is optional.
.PP
The following characters must be escaped with a backslash
-(`\e')
+(\(oq\e\(cq)
when used as part of a word (e.g.\& a user name or host name):
-`\&!',
-`=\&',
-`:\&',
-`,\&',
-`(\&',
-`)\&',
-`\e'.
+\(oq\&!\(cq,
+\(oq=\&\(cq,
+\(oq:\&\(cq,
+\(oq,\&\(cq,
+\(oq(\&\(cq,
+\(oq)\&\(cq,
+\(oq\e\(cq.
.SH "SUDOERS OPTIONS"
\fBsudo\fR's
behavior can be modified by
\fI../bin/ls\fR.
This has security implications when path names that include globbing
characters are used with the negation operator,
-`!\&',
+\(oq!\&\(cq,
as such rules can be trivially bypassed.
As such, this option should not be used when
\fIsudoers\fR
In other words, instead of myhost you would use myhost.mydomain.edu.
You may still use the short form if you wish (and even mix the two).
This option is only effective when the
-``canonical''
+\(lqcanonical\(rq
host name, as returned by the
\fBgetaddrinfo\fR()
or
If the system is configured to use the
\fI/etc/hosts\fR
file in preference to DNS, the
-``canonical''
+\(lqcanonical\(rq
host name may not be fully-qualified.
-The order that sources are queried for hosts name resolution
+The order that sources are queried for host name resolution
is usually specified in the
\fI@nsswitch_conf@\fR,
\fI@netsvc_conf@\fR,
In the
\fI/etc/hosts\fR
file, the first host name of the entry is considered to be the
-``canonical''
+\(lqcanonical\(rq
name; subsequent names are aliases that are not used by
\fBsudoers\fR.
For example, the following hosts file line for the machine
-``xyzzy''
+\(lqxyzzy\(rq
has the fully-qualified domain name as the
-``canonical''
+\(lqcanonical\(rq
host name, and the short version as an alias.
.sp
-.RS 6n
+.RS 24n
192.168.1.1 xyzzy.sudo.ws xyzzy
.RE
+.RS 18n
.sp
If the machine's hosts file entry is not formatted properly, the
\fIfqdn\fR
unusable if DNS stops working (for example if the machine is disconnected
from the network).
Also note that just like with the hosts file, you must use the
-``canonical''
+\(lqcanonical\(rq
name as DNS knows it.
That is, you may not use a host alias
(\fRCNAME\fR
This flag is
\fI@fqdn@\fR
by default.
+.RE
.TP 18n
ignore_dot
If set,
using a unique session ID that is included in the normal
\fBsudo\fR
log line, prefixed with
-``\fRTSID=\fR''.
+\(lq\fRTSID=\fR\(rq.
.sp
Note that user input may contain sensitive information such as
passwords (even if they are not echoed to the screen), which will
using a unique session ID that is included in the normal
\fBsudo\fR
log line, prefixed with
-``\fRTSID=\fR''.
+\(lq\fRTSID=\fR\(rq.
.sp
Output logs may be viewed with the
sudoreplay(@mansectsu@)
\fIpassprompt\fR
will normally only be used if the password prompt provided by systems
such as PAM matches the string
-``Password:''.
+\(lqPassword:\(rq.
If
\fIpassprompt_override\fR
is set,
\fBsudo\fR
too.
Disabling this prevents users from
-``chaining''
+\(lqchaining\(rq
\fBsudo\fR
commands to get a root shell by doing something like
-``\fRsudo sudo /bin/sh\fR''.
+\(lq\fRsudo sudo /bin/sh\fR\(rq.
Note, however, that turning off
\fIroot_sudo\fR
will also prevent root from running
\fBsudo\fR
will prompt for a password even when it would be visible on the screen.
This makes it possible to run things like
-``\fRssh somehost sudo ls\fR''
+\(lq\fRssh somehost sudo ls\fR\(rq
since by default,
ssh(1)
does
\fR0\fR
the user's time stamp will never expire.
This can be used to allow users to create or delete their own time stamps via
-``\fRsudo -v\fR''
+\(lq\fRsudo -v\fR\(rq
and
-``\fRsudo -k\fR''
+\(lq\fRsudo -k\fR\(rq
respectively.
.TP 18n
umask
.TP 18n
editor
A colon
-(`:\&')
+(\(oq:\&\(cq)
separated list of editors allowed to be used with
\fBvisudo\fR.
\fBvisudo\fR
\fR%h\fR
will expand to the host name of the machine.
Default is
-``\fR@mailsub@\fR''.
+\(lq\fR@mailsub@\fR\(rq.
.TP 18n
noexec_file
The
\fRSUDO_PROMPT\fR
environment variable.
The following percent
-(`%')
+(\(oq%\(cq)
escape sequences are supported:
-.RS
+.PP
+.RS 18n
+.PD 0
.TP 6n
\fR%H\fR
expanded to the local host name including the domain name
(only if the machine's host name is fully qualified or the
\fIfqdn\fR
option is set)
+.PD
.TP 6n
\fR%h\fR
expanded to the local host name without the domain name
character
.PP
The default value is
-``\fR@passprompt@\fR''.
-.PP
+\(lq\fR@passprompt@\fR\(rq.
.RE
-.PD 0
.TP 18n
role
The default SELinux role to use when constructing a new security
This option is only available when
\fBsudo\fR
is built with SELinux support.
-.PD
.TP 18n
runas_default
The default user to run commands as if the
sending email.
Note that changing the locale may affect how sudoers is interpreted.
Defaults to
-``\fRC\fR''.
+\(lq\fRC\fR\(rq.
.TP 18n
timestampdir
The directory in which
option specifies the fully qualified path to a file containing variables
to be set in the environment of the program being run.
Entries in this file should either be of the form
-``\fRVARIABLE=value\fR''
+\(lq\fRVARIABLE=value\fR\(rq
or
-``\fRexport VARIABLE=value\fR''.
+\(lq\fRexport VARIABLE=value\fR\(rq.
The value may optionally be surrounded by single or double quotes.
Variables in this file are subject to other
\fBsudo\fR
This option controls when a short lecture will be printed along with
the password prompt.
It has the following possible values:
-.RS
+.PP
+.RS 14n
+.PD 0
.TP 8n
always
Always lecture the user.
+.PD
.TP 8n
never
Never lecture the user.
being used.
The default value is
\fI@lecture@\fR.
-.PP
.RE
-.PD 0
.TP 14n
lecture_file
Path to a file containing an alternate
By default,
\fBsudo\fR
uses a built-in lecture.
-.PD
.TP 14n
listpw
This option controls when a password will be required when a user runs
\fB\-l\fR
option.
It has the following possible values:
-.RS
+.PP
+.RS 14n
+.PD 0
.TP 10n
all
All the user's
the
\fRNOPASSWD\fR
flag set to avoid entering a password.
+.PD
.TP 10n
always
The user must always enter a password to use the
being used.
The default value is
\fIany\fR.
-.PP
.RE
-.PD 0
.TP 14n
logfile
Path to the
By default,
\fBsudo\fR
logs via syslog.
-.PD
.TP 14n
mailerflags
Flags to use when invoking mailer. Defaults to
.TP 14n
mailfrom
Address to use for the
-``from''
+\(lqfrom\(rq
address when sending warning and error mail.
The address should be enclosed in double quotes
(\&"")
\fRPATH\fR
environment variable you may want to use this.
Another use is if you want to have the
-``root path''
+\(lqroot path\(rq
be separate from the
-``user path''.
+\(lquser path\(rq.
Users in the group specified by the
\fIexempt_group\fR
option are not affected by
\fB\-v\fR
option.
It has the following possible values:
-.RS
+.PP
+.RS 14n
+.PD 0
.TP 8n
all
All the user's
entries for the current host must have the
\fRNOPASSWD\fR
flag set to avoid entering a password.
+.PD
.TP 8n
always
The user must always enter a password to use the
\fBLists that can be used in a boolean context\fR:
.TP 18n
env_check
-Environment variables to be removed from the user's environment if
+Environment variables to be removed from the user's environment
+unless they are considered
+\(lqsafe\(rq.
+For all variables except
+Li TZ ,
+\(lqsafe\(rq
+means that the variable's value does not contain any
the variable's value contains
-`%'
+\(oq%\(cq
or
-`/'
+\(oq/\(cq
characters.
This can be used to guard against printf-style format vulnerabilities
in poorly-written programs.
+The
+\fRTZ\fR
+variable is considerd unsafe if any of the following are true:
+.PP
+.RS 18n
+.PD 0
+.TP 4n
+\fB\(bu\fR
+It consists of a fully-qualified path name that does not match
+the location of the
+\fIzoneinfo\fR
+directory.
+.PD
+.TP 4n
+\fB\(bu\fR
+It contains a
+\fI..\fR
+path element.
+.TP 4n
+\fB\(bu\fR
+It contains white space or non-printable characters.
+.TP 4n
+\fB\(bu\fR
+It is longer than the value of
+\fRPATH_MAX\fR.
+.PP
The argument may be a double-quoted, space-separated list or a
single value without double-quotes.
The list can be replaced, added to, deleted from, or disabled by using
the
\fB\-V\fR
option.
+.RE
.TP 18n
env_delete
Environment variables to be removed from the user's environment when the
netgroup.
\fBsudo\fR
knows that
-``biglab''
+\(lqbiglab\(rq
is a netgroup due to the
-`+'
+\(oq+\(cq
prefix.
.nf
.sp
This is a bit tedious for users to type, so it is a prime candidate
for encapsulating in a shell script.
.SH "SECURITY NOTES"
-.SS "Limitations of the `!\&' operator"
+.SS "Limitations of the \(oq!\&\(cq operator"
It is generally not effective to
-``subtract''
+\(lqsubtract\(rq
commands from
\fBALL\fR
using the
-`!\&'
+\(oq!\&\(cq
operator.
A user can trivially circumvent this by copying the desired command
to a different name and then executing that.
\fBALL\fR
there is nothing to prevent them from creating their own program that gives
them a root shell (or making their own copy of a shell) regardless of any
-`!\&'
+\(oq!\&\(cq
elements in the user specification.
.SS "Security implications of \fIfast_glob\fR"
If the
tag as documented
in the User Specification section above.
Here is that example again:
-.RS
.nf
.sp
-.RS 0n
+.RS 10n
aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
.RE
.fi
+.RS 10n
.sp
This allows user
\fBaaron\fR
.SH "DISCLAIMER"
\fBsudo\fR
is provided
-``AS IS''
+\(lqAS IS\(rq
and any express or implied warranties, including, but not limited
to, the implied warranties of merchantability and fitness for a
particular purpose are disclaimed.
projects / sudo / commitdiff