From: Todd C. Miller Date: Fri, 25 Sep 2009 20:39:09 +0000 (+0000) Subject: _PATH_SUDO_SESSDIR -> _PATH_SUDO_TRANSCRIPT X-Git-Tag: SUDO_1_7_3~265 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0e823cdad23a35c726656445ff0b68a10f2beb6b;p=sudo _PATH_SUDO_SESSDIR -> _PATH_SUDO_TRANSCRIPT Add --enable-transcript=DIR option to specify the directory --- diff --git a/aclocal.m4 b/aclocal.m4 index f333ed30e..4591886b9 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -158,28 +158,24 @@ fi ])dnl dnl -dnl Where the session files go, use /var/log/sudo-session if /var/log exists, -dnl else /{var,usr}/adm/sudo-session -dnl -AC_DEFUN(SUDO_SESSDIR, [AC_MSG_CHECKING(for session file location) -if test -n "$with_sessdir"; then - AC_MSG_RESULT($with_sessdir) - SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SESSDIR, "$with_sessdir") - sessdir="$with_sessdir" -elif test -d "/var/log"; then - AC_MSG_RESULT(/var/log/sudo-session) - SUDO_DEFINE(_PATH_SUDO_SESSDIR, "/var/log/sudo-session") - sessdir="/var/log/sudo-session" -elif test -d "/var/adm"; then - AC_MSG_RESULT(/var/adm/sudo-session) - SUDO_DEFINE(_PATH_SUDO_SESSDIR, "/var/adm/sudo-session") - sessdir="/var/adm/sudo-session" -else - AC_MSG_RESULT(/usr/adm/sudo-session) - SUDO_DEFINE(_PATH_SUDO_SESSDIR, "/usr/adm/sudo-session") - sessdir="/usr/adm/sudo-session" +dnl Where the transcript files go, use /var/log/sudo-transcript if +dnl /var/log exists, else /{var,usr}/adm/sudo-transcript +dnl +if test "$TRANSCRIPT" != "no"; then + AC_DEFUN(SUDO_TRANSCRIPT, [AC_MSG_CHECKING(for transcript dir location) + if test "$TRANSCRIPT" != "yes"; then + : + elif test -d "/var/log"; then + TRANSCRIPT="/var/log/sudo-transcript" + elif test -d "/var/adm"; then + TRANSCRIPT="/var/adm/sudo-transcript" + else + TRANSCRIPT="/usr/adm/sudo-transcript" + fi + AC_MSG_RESULT($TRANSCRIPT) + SUDO_DEFINE_UNQUOTED(_PATH_SUDO_TRANSCRIPT, "$TRANSCRIPT") + ])dnl fi -])dnl dnl dnl SUDO_CHECK_TYPE(TYPE, DEFAULT) diff --git a/configure b/configure index d94314e77..57ecf4195 100755 --- a/configure +++ b/configure @@ -1502,6 +1502,8 @@ Optional Features: Set $HOME to target user in shell mode --disable-path-info Print 'command not allowed' not 'command not found' --enable-env-debug Whether to enable environment debugging. + --enable-transcript=DIR Enable Sudo's transcript support, storing them in + DIR --enable-gss-krb5-ccache-name Use GSS-API to set the Kerberos V cred cache name --enable-static[=PKGS] build static libraries [default=no] @@ -2170,6 +2172,7 @@ AUTH_EXCL= AUTH_EXCL_DEF= AUTH_DEF=passwd +TRANSCRIPT=yes CHECKSHADOW=true shadow_defs= shadow_funcs= @@ -4114,6 +4117,20 @@ echo "${ECHO_T}no" >&6; } fi +# Check whether --enable-transcript was given. +if test "${enable_transcript+set}" = set; then + enableval=$enable_transcript; case "$enableval" in + yes) TRANSCRIPT=yes + ;; + no) TRANSCRIPT=no + ;; + *) TRANSCRIPT="$enableval" + ;; + esac + +fi + + # Check whether --with-selinux was given. if test "${with_selinux+set}" = set; then @@ -6268,7 +6285,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 6271 "configure"' > conftest.$ac_ext + echo '#line 6288 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -8132,11 +8149,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8135: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8152: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8139: \$? = $ac_status" >&5 + echo "$as_me:8156: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8422,11 +8439,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8425: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8442: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8429: \$? = $ac_status" >&5 + echo "$as_me:8446: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8526,11 +8543,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8529: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8546: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8533: \$? = $ac_status" >&5 + echo "$as_me:8550: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -10886,7 +10903,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5 -echo $ECHO_N "checking for session file location... $ECHO_C" >&6; } -if test -n "$with_sessdir"; then - { echo "$as_me:$LINENO: result: $with_sessdir" >&5 -echo "${ECHO_T}$with_sessdir" >&6; } +{ echo "$as_me:$LINENO: checking for transcript dir location" >&5 +echo $ECHO_N "checking for transcript dir location... $ECHO_C" >&6; } + if test "$TRANSCRIPT" != "yes"; then + : + elif test -d "/var/log"; then + TRANSCRIPT="/var/log/sudo-transcript" + elif test -d "/var/adm"; then + TRANSCRIPT="/var/adm/sudo-transcript" + else + TRANSCRIPT="/usr/adm/sudo-transcript" + fi + { echo "$as_me:$LINENO: result: $TRANSCRIPT" >&5 +echo "${ECHO_T}$TRANSCRIPT" >&6; } cat >>confdefs.h <&5 -echo "${ECHO_T}/var/log/sudo-session" >&6; } - cat >>confdefs.h <<\EOF -#define _PATH_SUDO_SESSDIR "/var/log/sudo-session" -EOF - - sessdir="/var/log/sudo-session" -elif test -d "/var/adm"; then - { echo "$as_me:$LINENO: result: /var/adm/sudo-session" >&5 -echo "${ECHO_T}/var/adm/sudo-session" >&6; } - cat >>confdefs.h <<\EOF -#define _PATH_SUDO_SESSDIR "/var/adm/sudo-session" -EOF - - sessdir="/var/adm/sudo-session" -else - { echo "$as_me:$LINENO: result: /usr/adm/sudo-session" >&5 -echo "${ECHO_T}/usr/adm/sudo-session" >&6; } - cat >>confdefs.h <<\EOF -#define _PATH_SUDO_SESSDIR "/usr/adm/sudo-session" +#define _PATH_SUDO_TRANSCRIPT "$TRANSCRIPT" EOF - sessdir="/usr/adm/sudo-session" -fi case "$with_passwd" in diff --git a/configure.in b/configure.in index 58e3698f2..c75187352 100644 --- a/configure.in +++ b/configure.in @@ -142,6 +142,7 @@ AUTH_DEF=passwd dnl dnl Other vaiables dnl +TRANSCRIPT=yes CHECKSHADOW=true shadow_defs= shadow_funcs= @@ -1218,6 +1219,18 @@ AC_ARG_ENABLE(env_debug, esac ], AC_MSG_RESULT(no)) +AC_ARG_ENABLE(transcript, +[AS_HELP_STRING([--enable-transcript[[=DIR]]], [Enable Sudo's transcript support, storing them in DIR])], +[ case "$enableval" in + yes) TRANSCRIPT=yes + ;; + no) TRANSCRIPT=no + ;; + *) TRANSCRIPT="$enableval" + ;; + esac +]) + AC_ARG_WITH(selinux, [AS_HELP_STRING([--with-selinux], [enable SELinux support])], [case $with_selinux in yes) SELINUX_USAGE="[[-r role]] [[-t type]] " @@ -2570,7 +2583,7 @@ dnl Check for log file and timestamp locations dnl SUDO_LOGFILE SUDO_TIMEDIR -SUDO_SESSDIR +SUDO_TRANSCRIPT dnl dnl Use passwd (and secureware) auth modules? diff --git a/pathnames.h.in b/pathnames.h.in index 4166c7f9c..88b3f0336 100644 --- a/pathnames.h.in +++ b/pathnames.h.in @@ -72,9 +72,9 @@ * Where to put the session files. Defaults to /var/log/sudo-session, * /var/adm/sudo-session or /usr/adm/sudo-session depending on what exists. */ -#ifndef _PATH_SUDO_SESSDIR -#undef _PATH_SUDO_SESSDIR -#endif /* _PATH_SUDO_SESSDIR */ +#ifndef _PATH_SUDO_TRANSCRIPT +#undef _PATH_SUDO_TRANSCRIPT +#endif /* _PATH_SUDO_TRANSCRIPT */ /* * Where to put the sudo log file when logging to a file. Defaults to