From: Todd C. Miller Date: Sat, 14 Jul 2007 20:32:11 +0000 (+0000) Subject: Only enable AIX or BSD auth if no other exclusive auth method has X-Git-Tag: SUDO_1_7_0~489 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=38b2dd0a5f279150e0ff53d06ea93bb6195062f6;p=sudo Only enable AIX or BSD auth if no other exclusive auth method has been chosen. Allows people to e.g., use PAM on AIX without adding --without-aixauth. A better solution is needed to deal with default authentication since if a non-exclusive method is chosen we will still get an error. --- diff --git a/configure b/configure index cfd453ec1..d194e2a54 100755 --- a/configure +++ b/configure @@ -10646,7 +10646,7 @@ rm -f conftest.err conftest.$ac_objext \ LDFLAGS="$O_LDFLAGS" # check for authenticate(3) - if test -z "$with_aixauth"; then + if test X"$with_aixauth" = X""; then for ac_func in authenticate do @@ -10745,7 +10745,7 @@ if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF - with_aixauth=yes + with_aixauth=maybe fi done @@ -11381,7 +11381,7 @@ if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF - with_bsdauth=yes + with_bsdauth=maybe fi done @@ -11417,7 +11417,7 @@ done 0-2.*) ;; *) - with_bsdauth=yes + with_bsdauth=maybe ;; esac fi @@ -13047,175 +13047,6 @@ fi done -fi -if test "$with_bsdauth" = "yes"; then - if test "${ac_cv_header_bsd_auth_h+set}" = set; then - echo "$as_me:$LINENO: checking for bsd_auth.h" >&5 -echo $ECHO_N "checking for bsd_auth.h... $ECHO_C" >&6 -if test "${ac_cv_header_bsd_auth_h+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -echo "$as_me:$LINENO: result: $ac_cv_header_bsd_auth_h" >&5 -echo "${ECHO_T}$ac_cv_header_bsd_auth_h" >&6 -else - # Is the header compilable? -echo "$as_me:$LINENO: checking bsd_auth.h usability" >&5 -echo $ECHO_N "checking bsd_auth.h usability... $ECHO_C" >&6 -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include -_ACEOF -rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" - || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -ac_header_compiler=no -fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext -echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6 - -# Is the header present? -echo "$as_me:$LINENO: checking bsd_auth.h presence" >&5 -echo $ECHO_N "checking bsd_auth.h presence... $ECHO_C" >&6 -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi -rm -f conftest.err conftest.$ac_ext -echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6 - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: bsd_auth.h: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: bsd_auth.h: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: present but cannot be compiled" >&5 -echo "$as_me: WARNING: bsd_auth.h: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: bsd_auth.h: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: bsd_auth.h: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: bsd_auth.h: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: bsd_auth.h: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: bsd_auth.h: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: bsd_auth.h: in the future, the compiler will take precedence" >&2;} - ( - cat <<\_ASBOX -## ------------------------------- ## -## Report this to the sudo lists. ## -## ------------------------------- ## -_ASBOX - ) | - sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -echo "$as_me:$LINENO: checking for bsd_auth.h" >&5 -echo $ECHO_N "checking for bsd_auth.h... $ECHO_C" >&6 -if test "${ac_cv_header_bsd_auth_h+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_header_bsd_auth_h=$ac_header_preproc -fi -echo "$as_me:$LINENO: result: $ac_cv_header_bsd_auth_h" >&5 -echo "${ECHO_T}$ac_cv_header_bsd_auth_h" >&6 - -fi -if test $ac_cv_header_bsd_auth_h = yes; then - cat >>confdefs.h <<\_ACEOF -#define HAVE_BSD_AUTH_H 1 -_ACEOF - - -if test X"$AUTH_EXCL" != X""; then - { { echo "$as_me:$LINENO: error: \"cannot mix BSD authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&5 -echo "$as_me: error: \"cannot mix BSD authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&2;} - { (exit 1); exit 1; }; } -elif test X"true" != X"" -a X"$AUTH_OBJS" != X"" -a X"$AUTH_OBJS" != X"passwd.o"; then - _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'` - { { echo "$as_me:$LINENO: error: \"cannot mix BSD authentication with other authentication methods (such as $_AUTH)\"" >&5 -echo "$as_me: error: \"cannot mix BSD authentication with other authentication methods (such as $_AUTH)\"" >&2;} - { (exit 1); exit 1; }; } -fi -if test X"true" != X""; then - AUTH_OBJS="bsdauth.o" - AUTH_EXCL="BSD authentication" -elif test X"$AUTH_OBJS" = X""; then - AUTH_OBJS="bsdauth.o" -else - AUTH_OBJS="$AUTH_OBJS bsdauth.o" -fi - -else - - -fi - - fi if test ${with_project-'no'} != "no"; then if test "${ac_cv_header_project_h+set}" = set; then @@ -20073,36 +19904,6 @@ if test "$with_logincap" = "yes"; then esac fi -if test "$with_aixauth" = "yes"; then - { echo "$as_me:$LINENO: using AIX general authentication" >&5 -echo "$as_me: using AIX general authentication" >&6;} - cat >>confdefs.h <<\_ACEOF -#define HAVE_AIXAUTH 1 -_ACEOF - - -if test X"$AUTH_EXCL" != X""; then - { { echo "$as_me:$LINENO: error: \"cannot mix AIX general authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&5 -echo "$as_me: error: \"cannot mix AIX general authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&2;} - { (exit 1); exit 1; }; } -elif test X"true" != X"" -a X"$AUTH_OBJS" != X"" -a X"$AUTH_OBJS" != X"passwd.o"; then - _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'` - { { echo "$as_me:$LINENO: error: \"cannot mix AIX general authentication with other authentication methods (such as $_AUTH)\"" >&5 -echo "$as_me: error: \"cannot mix AIX general authentication with other authentication methods (such as $_AUTH)\"" >&2;} - { (exit 1); exit 1; }; } -fi -if test X"true" != X""; then - AUTH_OBJS="aix_auth.o" - AUTH_EXCL="AIX general authentication" -elif test X"$AUTH_OBJS" = X""; then - AUTH_OBJS="aix_auth.o" -else - AUTH_OBJS="$AUTH_OBJS aix_auth.o" -fi - - SUDO_LIBS="${SUDO_LIBS} -ls" -fi - if test ${with_pam-'no'} != "no"; then echo "$as_me:$LINENO: checking for main in -ldl" >&5 echo $ECHO_N "checking for main in -ldl... $ECHO_C" >&6 @@ -21866,6 +21667,210 @@ if test -n "$with_fwtk"; then SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall" fi +if test ${with_aixauth-'no'} != "no"; then + if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then + { echo "$as_me:$LINENO: using AIX general authentication" >&5 +echo "$as_me: using AIX general authentication" >&6;} + cat >>confdefs.h <<\_ACEOF +#define HAVE_AIXAUTH 1 +_ACEOF + + +if test X"$AUTH_EXCL" != X""; then + { { echo "$as_me:$LINENO: error: \"cannot mix AIX general authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&5 +echo "$as_me: error: \"cannot mix AIX general authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&2;} + { (exit 1); exit 1; }; } +elif test X"true" != X"" -a X"$AUTH_OBJS" != X"" -a X"$AUTH_OBJS" != X"passwd.o"; then + _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'` + { { echo "$as_me:$LINENO: error: \"cannot mix AIX general authentication with other authentication methods (such as $_AUTH)\"" >&5 +echo "$as_me: error: \"cannot mix AIX general authentication with other authentication methods (such as $_AUTH)\"" >&2;} + { (exit 1); exit 1; }; } +fi +if test X"true" != X""; then + AUTH_OBJS="aix_auth.o" + AUTH_EXCL="AIX general authentication" +elif test X"$AUTH_OBJS" = X""; then + AUTH_OBJS="aix_auth.o" +else + AUTH_OBJS="$AUTH_OBJS aix_auth.o" +fi + + SUDO_LIBS="${SUDO_LIBS} -ls" + fi +fi + +if test ${with_bsdauth-'no'} != "no"; then + if test X"$with_bsdauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then + if test "${ac_cv_header_bsd_auth_h+set}" = set; then + echo "$as_me:$LINENO: checking for bsd_auth.h" >&5 +echo $ECHO_N "checking for bsd_auth.h... $ECHO_C" >&6 +if test "${ac_cv_header_bsd_auth_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: $ac_cv_header_bsd_auth_h" >&5 +echo "${ECHO_T}$ac_cv_header_bsd_auth_h" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking bsd_auth.h usability" >&5 +echo $ECHO_N "checking bsd_auth.h usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking bsd_auth.h presence" >&5 +echo $ECHO_N "checking bsd_auth.h presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: bsd_auth.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: bsd_auth.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: bsd_auth.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: bsd_auth.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: bsd_auth.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: bsd_auth.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: bsd_auth.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: bsd_auth.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: bsd_auth.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------- ## +## Report this to the sudo lists. ## +## ------------------------------- ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for bsd_auth.h" >&5 +echo $ECHO_N "checking for bsd_auth.h... $ECHO_C" >&6 +if test "${ac_cv_header_bsd_auth_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_bsd_auth_h=$ac_header_preproc +fi +echo "$as_me:$LINENO: result: $ac_cv_header_bsd_auth_h" >&5 +echo "${ECHO_T}$ac_cv_header_bsd_auth_h" >&6 + +fi +if test $ac_cv_header_bsd_auth_h = yes; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_BSD_AUTH_H 1 +_ACEOF + + +if test X"$AUTH_EXCL" != X""; then + { { echo "$as_me:$LINENO: error: \"cannot mix BSD authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&5 +echo "$as_me: error: \"cannot mix BSD authentication with an exclusive authentication method such as $AUTH_EXCL\"" >&2;} + { (exit 1); exit 1; }; } +elif test X"true" != X"" -a X"$AUTH_OBJS" != X"" -a X"$AUTH_OBJS" != X"passwd.o"; then + _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'` + { { echo "$as_me:$LINENO: error: \"cannot mix BSD authentication with other authentication methods (such as $_AUTH)\"" >&5 +echo "$as_me: error: \"cannot mix BSD authentication with other authentication methods (such as $_AUTH)\"" >&2;} + { (exit 1); exit 1; }; } +fi +if test X"true" != X""; then + AUTH_OBJS="bsdauth.o" + AUTH_EXCL="BSD authentication" +elif test X"$AUTH_OBJS" = X""; then + AUTH_OBJS="bsdauth.o" +else + AUTH_OBJS="$AUTH_OBJS bsdauth.o" +fi + +else + - +fi + + + fi +fi + if test -n "$with_ldap"; then _LDFLAGS="$LDFLAGS" if test "$with_ldap" != "yes"; then diff --git a/configure.in b/configure.in index ec246b1e0..0fb925a83 100644 --- a/configure.in +++ b/configure.in @@ -1260,8 +1260,8 @@ case "$host" in LDFLAGS="$O_LDFLAGS" # check for authenticate(3) - if test -z "$with_aixauth"; then - AC_CHECK_FUNCS(authenticate, [with_aixauth=yes]) + if test X"$with_aixauth" = X""; then + AC_CHECK_FUNCS(authenticate, [with_aixauth=maybe]) fi ;; *-*-hiuxmpp*) @@ -1473,7 +1473,7 @@ case "$host" in fi # Check for newer BSD auth API (just check for >= 3.0?) if test -z "$with_bsdauth"; then - AC_CHECK_FUNCS(auth_challenge, [with_bsdauth=yes]) + AC_CHECK_FUNCS(auth_challenge, [with_bsdauth=maybe]) fi ;; *-*-freebsd*) @@ -1506,7 +1506,7 @@ case "$host" in [0-2].*) ;; *) - with_bsdauth=yes + with_bsdauth=maybe ;; esac fi @@ -1631,10 +1631,6 @@ fi if test ${with_logincap-'no'} != "no"; then AC_CHECK_HEADERS(login_cap.h) fi -if test "$with_bsdauth" = "yes"; then - AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H) - [SUDO_ADD_AUTH([BSD authentication], [bsdauth.o], [true])], -) -fi if test ${with_project-'no'} != "no"; then AC_CHECK_HEADER(project.h, AC_DEFINE(HAVE_PROJECT_H) [SUDO_LIBS="${SUDO_LIBS} -lproject"], -) @@ -1930,16 +1926,6 @@ if test "$with_logincap" = "yes"; then esac fi -dnl -dnl AIX general authentication -dnl -if test "$with_aixauth" = "yes"; then - AC_MSG_NOTICE([using AIX general authentication]) - AC_DEFINE(HAVE_AIXAUTH) - SUDO_ADD_AUTH([AIX general authentication], [aix_auth.o], [true]) - SUDO_LIBS="${SUDO_LIBS} -ls" -fi - dnl dnl PAM support. Systems that might support PAM set with_pam=maybe dnl and we do that actual tests here. @@ -2169,6 +2155,30 @@ if test -n "$with_fwtk"; then SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall" fi +dnl +dnl AIX general authentication +dnl If set to "maybe" only enable if no other exclusive method in use. +dnl +if test ${with_aixauth-'no'} != "no"; then + if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then + AC_MSG_NOTICE([using AIX general authentication]) + AC_DEFINE(HAVE_AIXAUTH) + SUDO_ADD_AUTH([AIX general authentication], [aix_auth.o], [true]) + SUDO_LIBS="${SUDO_LIBS} -ls" + fi +fi + +dnl +dnl BSD authentication +dnl If set to "maybe" only enable if no other exclusive method in use. +dnl +if test ${with_bsdauth-'no'} != "no"; then + if test X"$with_bsdauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then + AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H) + [SUDO_ADD_AUTH([BSD authentication], [bsdauth.o], [true])], -) + fi +fi + dnl dnl extra lib and .o file for LDAP support dnl