From: Todd C. Miller Date: Thu, 4 Mar 2010 13:12:36 +0000 (-0500) Subject: No longer need to substitute in script.o and pty.o; I/O logging support X-Git-Tag: SUDO_1_8_0~852 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cf07bde7061fb9bd87fa8095dafd5186938103a8;p=sudo No longer need to substitute in script.o and pty.o; I/O logging support is always built. --- diff --git a/INSTALL b/INSTALL index 23852b46c..7a534f149 100644 --- a/INSTALL +++ b/INSTALL @@ -557,6 +557,13 @@ The following options are also configurable at runtime: prompt as an argument and print the received password to the standard output. + --with-transcript[=DIR] + By default, sudo stores transcript files in either + /var/log/sudo-transcript, /var/adm/sudo-transcript, or + /usr/log/sudo-transcript. If this option is specified, + transcripts will be stored in the indicated directory + instead. + --disable-authentication By default, sudo requires the user to authenticate via a password or similar means. This options causes sudo to @@ -598,26 +605,15 @@ The following options are also configurable at runtime: if the executable is simply not in the user's path, sudo will tell the user that they are not allowed to run it, which can be confusing. - --disable-transcript - Disable sudo's transcript support. This can be used to allow sudo - to be compiled on systems without pseudo-tty support. - - --enable-transcript[=DIR] - By default, sudo stores transcript files in either - /var/log/sudo-transcript, /var/adm/sudo-transcript, or - /usr/log/sudo-transcript. If DIR is specified, transcripts - will be stored in the indicated directory instead. - - --disable-zlib - Disable the use of the zlib compress library when storing - transcript files. - --enable-zlib[=DIR] Enable the use of the zlib compress library when storing transcript files. If specified, DIR is the base directory containing the zlib include and lib directories. By default - zlib is used if it is found on the system and transcript - support is not disabled. + zlib is used if it is found on the system. + + --disable-zlib + Disable the use of the zlib compress library when storing + transcript files. Shadow password and C2 support ============================== diff --git a/configure b/configure index eb7252a52..88df6f014 100755 --- a/configure +++ b/configure @@ -838,7 +838,6 @@ DONT_LEAK_PATH_INFO BSDAUTH_USAGE SELINUX_USAGE LDAP -REPLAY LOGINCAP_USAGE NONUNIX_GROUPS_IMPL ZLIB @@ -874,11 +873,11 @@ ldap_secret nsswitch_conf netsvc_conf secure_path -EGREPPROG CC ac_ct_CC EXEEXT OBJEXT +EGREPPROG CPP AR RANLIB @@ -1506,8 +1505,7 @@ Optional Features: Set $HOME to target user in shell mode --disable-path-info Print 'command not allowed' not 'command not found' --enable-env-debug Whether to enable environment debugging. - --enable-transcript=DIR Enable Sudo's transcript support, storing them in - DIR + --enable-zlib=PATH Whether to enable or disable zlib --enable-gss-krb5-ccache-name Use GSS-API to set the Kerberos V cred cache name --enable-static[=PKGS] build static libraries [default=no] @@ -1517,7 +1515,6 @@ Optional Features: --disable-libtool-lock avoid locking (might break parallel builds) --disable-sia Disable SIA on Digital UNIX --disable-pam-session Disable PAM session support - --enable-zlib=PATH Whether to enable or disable zlib Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -1567,6 +1564,7 @@ Optional Packages: --with-badpass-message message the user sees when the password is wrong --with-fqdn expect fully qualified hosts in sudoers --with-timedir path to the sudo timestamp dir + --with-transcript=DIR directory to store sudo transcript files in --with-sendmail set path to sendmail --without-sendmail do not send mail at all --with-sudoers-mode mode of sudoers file (defaults to 0440) @@ -2132,7 +2130,6 @@ echo "$as_me: Configuring Sudo version $PACKAGE_VERSION" >&6;} - timeout=5 @@ -2171,7 +2168,6 @@ PROGS="sudo visudo" : ${SUDOERS_GID='0'} DEV="#" LDAP="#" -REPLAY="#" BAMAN='.\" ' LCMAN='.\" ' SEMAN='.\" ' @@ -3161,6 +3157,19 @@ fi +# Check whether --with-transcript was given. +if test "${with_transcript+set}" = set; then + withval=$with_transcript; case $with_transcript in + yes) ;; + no) { { echo "$as_me:$LINENO: error: \"--without-transcript not supported.\"" >&5 +echo "$as_me: error: \"--without-transcript not supported.\"" >&2;} + { (exit 1); exit 1; }; } + ;; +esac +fi + + + # Check whether --with-sendmail was given. if test "${with_sendmail+set}" = set; then withval=$with_sendmail; case $with_sendmail in @@ -4142,91 +4151,39 @@ echo "${ECHO_T}no" >&6; } fi -# Check whether --enable-transcript was given. -if test "${enable_transcript+set}" = set; then - enableval=$enable_transcript; -fi - - - -# Check whether --with-selinux was given. -if test "${with_selinux+set}" = set; then - withval=$with_selinux; case $with_selinux in - yes) SELINUX_USAGE="[-r role] [-t type] " - cat >>confdefs.h <<\_ACEOF -#define HAVE_SELINUX 1 +# Check whether --enable-zlib was given. +if test "${enable_zlib+set}" = set; then + enableval=$enable_zlib; case "$enableval" in + yes) cat >>confdefs.h <<\_ACEOF +#define HAVE_ZLIB 1 _ACEOF - SUDO_LIBS="${SUDO_LIBS} -lselinux" - SUDO_OBJS="${SUDO_OBJS} selinux.o" - PROGS="${PROGS} sesh" - SEMAN="" - ;; - no) ;; - *) { { echo "$as_me:$LINENO: error: \"--with-selinux does not take an argument.\"" >&5 -echo "$as_me: error: \"--with-selinux does not take an argument.\"" >&2;} - { (exit 1); exit 1; }; } - ;; -esac -fi - - -# Check whether --enable-gss_krb5_ccache_name was given. -if test "${enable_gss_krb5_ccache_name+set}" = set; then - enableval=$enable_gss_krb5_ccache_name; check_gss_krb5_ccache_name=$enableval -else - check_gss_krb5_ccache_name=no -fi - - -# Extract the first word of "egrep", so it can be a program name with args. -set dummy egrep; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_EGREPPROG+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$EGREPPROG"; then - ac_cv_prog_EGREPPROG="$EGREPPROG" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_EGREPPROG="egrep" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + ZLIB="-lz" + ;; + no) ;; + *) cat >>confdefs.h <<\_ACEOF +#define HAVE_ZLIB 1 +_ACEOF -fi -fi -EGREPPROG=$ac_cv_prog_EGREPPROG -if test -n "$EGREPPROG"; then - { echo "$as_me:$LINENO: result: $EGREPPROG" >&5 -echo "${ECHO_T}$EGREPPROG" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi + CPPFLAGS="${CPPFLAGS} -I${enableval}/include" + if test X"$with_rpath" = X"yes"; then + ZLIB="${ZLIB} -L$enableval/lib -R$enableval/lib" + else + ZLIB="${ZLIB} -L$enableval/lib" + fi + if test X"$blibpath" != X"" -a "ZLIB" = "SUDO_LDFLAGS"; then + blibpath_add="${blibpath_add}:$enableval/lib" + fi -if test -z "$EGREPPROG"; then - { { echo "$as_me:$LINENO: error: Sorry, configure requires egrep to run." >&5 -echo "$as_me: error: Sorry, configure requires egrep to run." >&2;} - { (exit 1); exit 1; }; } -fi + ZLIB="${ZLIB} -lz" + ;; + esac -if test "$with_devel" != "yes"; then - ac_cv_prog_cc_g=no fi -ac_ext=c +if test X"$enable_zlib" = X""; then + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' @@ -5146,6 +5103,157 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $ ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ echo "$as_me:$LINENO: checking for gzdopen in -lz" >&5 +echo $ECHO_N "checking for gzdopen in -lz... $ECHO_C" >&6; } +if test "${ac_cv_lib_z_gzdopen+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lz $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char gzdopen (); +int +main () +{ +return gzdopen (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_z_gzdopen=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_z_gzdopen=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_z_gzdopen" >&5 +echo "${ECHO_T}$ac_cv_lib_z_gzdopen" >&6; } +if test $ac_cv_lib_z_gzdopen = yes; then + + cat >>confdefs.h <<\_ACEOF +#define HAVE_ZLIB 1 +_ACEOF + + ZLIB="-lz" + +fi + +fi + + +# Check whether --with-selinux was given. +if test "${with_selinux+set}" = set; then + withval=$with_selinux; case $with_selinux in + yes) SELINUX_USAGE="[-r role] [-t type] " + cat >>confdefs.h <<\_ACEOF +#define HAVE_SELINUX 1 +_ACEOF + + SUDO_LIBS="${SUDO_LIBS} -lselinux" + SUDO_OBJS="${SUDO_OBJS} selinux.o" + PROGS="${PROGS} sesh" + SEMAN="" + ;; + no) ;; + *) { { echo "$as_me:$LINENO: error: \"--with-selinux does not take an argument.\"" >&5 +echo "$as_me: error: \"--with-selinux does not take an argument.\"" >&2;} + { (exit 1); exit 1; }; } + ;; +esac +fi + + +# Check whether --enable-gss_krb5_ccache_name was given. +if test "${enable_gss_krb5_ccache_name+set}" = set; then + enableval=$enable_gss_krb5_ccache_name; check_gss_krb5_ccache_name=$enableval +else + check_gss_krb5_ccache_name=no +fi + + +# Extract the first word of "egrep", so it can be a program name with args. +set dummy egrep; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_prog_EGREPPROG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test -n "$EGREPPROG"; then + ac_cv_prog_EGREPPROG="$EGREPPROG" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_EGREPPROG="egrep" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + +fi +fi +EGREPPROG=$ac_cv_prog_EGREPPROG +if test -n "$EGREPPROG"; then + { echo "$as_me:$LINENO: result: $EGREPPROG" >&5 +echo "${ECHO_T}$EGREPPROG" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + +if test -z "$EGREPPROG"; then + { { echo "$as_me:$LINENO: error: Sorry, configure requires egrep to run." >&5 +echo "$as_me: error: Sorry, configure requires egrep to run." >&2;} + { (exit 1); exit 1; }; } +fi + +if test "$with_devel" != "yes"; then + ac_cv_prog_cc_g=no +fi + { echo "$as_me:$LINENO: checking for library containing strerror" >&5 echo $ECHO_N "checking for library containing strerror... $ECHO_C" >&6; } if test "${ac_cv_search_strerror+set}" = set; then @@ -6499,7 +6607,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 6502 "configure"' > conftest.$ac_ext + echo '#line 6610 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -8363,11 +8471,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8366: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8474: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8370: \$? = $ac_status" >&5 + echo "$as_me:8478: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8653,11 +8761,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8656: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8764: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8660: \$? = $ac_status" >&5 + echo "$as_me:8768: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8757,11 +8865,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8760: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8868: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8764: \$? = $ac_status" >&5 + echo "$as_me:8872: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -11117,7 +11225,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5 + { echo "$as_me:$LINENO: checking for transcript dir location" >&5 echo $ECHO_N "checking for transcript dir location... $ECHO_C" >&6; } - if test "${enable_transcript-yes}" != "yes"; then - : - elif test -d "/var/log"; then - enable_transcript="/var/log/sudo-transcript" - elif test -d "/var/adm"; then - enable_transcript="/var/adm/sudo-transcript" - else - enable_transcript="/usr/adm/sudo-transcript" - fi - cat >>confdefs.h <&5 -echo "${ECHO_T}$enable_transcript" >&6; } - fi - - -if test "${enable_transcript-yes}" != "no"; then - # currently require POSIX job control for transcript support - -for ac_func in tcsetpgrp -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - - SUDO_OBJS="${SUDO_OBJS} pty.o script.o" - PROGS="$PROGS sudoreplay" - REPLAY="" - - # Check whether --enable-zlib was given. -if test "${enable_zlib+set}" = set; then - enableval=$enable_zlib; case "$enableval" in - yes) cat >>confdefs.h <<\_ACEOF -#define HAVE_ZLIB 1 -_ACEOF - - ZLIB="-lz" - ;; - no) ;; - *) cat >>confdefs.h <<\_ACEOF -#define HAVE_ZLIB 1 -_ACEOF - - CPPFLAGS="${CPPFLAGS} -I${enableval}/include" - - if test X"$with_rpath" = X"yes"; then - ZLIB="${ZLIB} -L$enableval/lib -R$enableval/lib" + if test "${with_transcript-yes}" != "yes"; then + : + elif test -d "/var/log"; then + with_transcript="/var/log/sudo-transcript" + elif test -d "/var/adm"; then + with_transcript="/var/adm/sudo-transcript" else - ZLIB="${ZLIB} -L$enableval/lib" + with_transcript="/usr/adm/sudo-transcript" fi - if test X"$blibpath" != X"" -a "ZLIB" = "SUDO_LDFLAGS"; then - blibpath_add="${blibpath_add}:$enableval/lib" - fi - - ZLIB="${ZLIB} -lz" - ;; - esac - -fi - - if test X"$enable_zlib" = X""; then - { echo "$as_me:$LINENO: checking for gzdopen in -lz" >&5 -echo $ECHO_N "checking for gzdopen in -lz... $ECHO_C" >&6; } -if test "${ac_cv_lib_z_gzdopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lz $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gzdopen (); -int -main () -{ -return gzdopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_z_gzdopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_z_gzdopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_z_gzdopen" >&5 -echo "${ECHO_T}$ac_cv_lib_z_gzdopen" >&6; } -if test $ac_cv_lib_z_gzdopen = yes; then - - cat >>confdefs.h <<\_ACEOF -#define HAVE_ZLIB 1 -_ACEOF - - ZLIB="-lz" - -fi - - fi - -else - - { echo "$as_me:$LINENO: WARNING: Disabling transcript support due to lack of tcsetpgrp function" >&5 -echo "$as_me: WARNING: Disabling transcript support due to lack of tcsetpgrp function" >&2;} - enable_transcript=no + cat >>confdefs.h <&5 +echo "${ECHO_T}$with_transcript" >&6; } -fi case "$with_passwd" in yes|maybe) @@ -26210,7 +26103,7 @@ EOF exec_prefix="$oexec_prefix" fi -ac_config_files="$ac_config_files doc/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile" +ac_config_files="$ac_config_files doc/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sudoers/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -26770,6 +26663,7 @@ do "src/sudo_usage.h") CONFIG_FILES="$CONFIG_FILES src/sudo_usage.h" ;; "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;; "plugins/sample/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/sample/Makefile" ;; + "plugins/sudoers/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/sudoers/Makefile" ;; *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} @@ -26904,7 +26798,6 @@ DONT_LEAK_PATH_INFO!$DONT_LEAK_PATH_INFO$ac_delim BSDAUTH_USAGE!$BSDAUTH_USAGE$ac_delim SELINUX_USAGE!$SELINUX_USAGE$ac_delim LDAP!$LDAP$ac_delim -REPLAY!$REPLAY$ac_delim LOGINCAP_USAGE!$LOGINCAP_USAGE$ac_delim NONUNIX_GROUPS_IMPL!$NONUNIX_GROUPS_IMPL$ac_delim ZLIB!$ZLIB$ac_delim @@ -26928,6 +26821,7 @@ mailto!$mailto$ac_delim mailsub!$mailsub$ac_delim badpass_message!$badpass_message$ac_delim fqdn!$fqdn$ac_delim +runas_default!$runas_default$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -26969,7 +26863,6 @@ _ACEOF ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF -runas_default!$runas_default$ac_delim env_editor!$env_editor$ac_delim passwd_tries!$passwd_tries$ac_delim tty_tickets!$tty_tickets$ac_delim @@ -26981,11 +26874,11 @@ ldap_secret!$ldap_secret$ac_delim nsswitch_conf!$nsswitch_conf$ac_delim netsvc_conf!$netsvc_conf$ac_delim secure_path!$secure_path$ac_delim -EGREPPROG!$EGREPPROG$ac_delim CC!$CC$ac_delim ac_ct_CC!$ac_ct_CC$ac_delim EXEEXT!$EXEEXT$ac_delim OBJEXT!$OBJEXT$ac_delim +EGREPPROG!$EGREPPROG$ac_delim CPP!$CPP$ac_delim AR!$AR$ac_delim RANLIB!$RANLIB$ac_delim @@ -27016,7 +26909,7 @@ KRB5CONFIG!$KRB5CONFIG$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 45; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 44; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 diff --git a/configure.in b/configure.in index 96d247438..1cb53a4cd 100644 --- a/configure.in +++ b/configure.in @@ -49,7 +49,6 @@ AC_SUBST(DONT_LEAK_PATH_INFO) AC_SUBST(BSDAUTH_USAGE) AC_SUBST(SELINUX_USAGE) AC_SUBST(LDAP) -AC_SUBST(REPLAY) AC_SUBST(LOGINCAP_USAGE) AC_SUBST(NONUNIX_GROUPS_IMPL) AC_SUBST(ZLIB) @@ -131,7 +130,6 @@ PROGS="sudo visudo" : ${SUDOERS_GID='0'} DEV="#" LDAP="#" -REPLAY="#" BAMAN='.\" ' LCMAN='.\" ' SEMAN='.\" ' @@ -702,6 +700,14 @@ AC_ARG_WITH(timedir, [AS_HELP_STRING([--with-timedir], [path to the sudo timesta ;; esac]) +AC_ARG_WITH(transcript, [AS_HELP_STRING([--with-transcript=DIR], [directory +to store sudo transcript files in])], +[case $with_transcript in + yes) ;; + no) AC_MSG_ERROR(["--without-transcript not supported."]) + ;; +esac]) + AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail]) AS_HELP_STRING([--without-sendmail], [do not send mail at all])], [case $with_sendmail in @@ -1234,9 +1240,26 @@ AC_ARG_ENABLE(env_debug, esac ], AC_MSG_RESULT(no)) -dnl we check enable_transcript later -AC_ARG_ENABLE(transcript, -[AS_HELP_STRING([--enable-transcript[[=DIR]]], [Enable Sudo's transcript support, storing them in DIR])]) +AC_ARG_ENABLE(zlib, +[AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])], +[ case "$enableval" in + yes) AC_DEFINE(HAVE_ZLIB) + ZLIB="-lz" + ;; + no) ;; + *) AC_DEFINE(HAVE_ZLIB) + CPPFLAGS="${CPPFLAGS} -I${enableval}/include" + SUDO_APPEND_LIBPATH(ZLIB, [$enableval/lib]) + ZLIB="${ZLIB} -lz" + ;; + esac +]) +if test X"$enable_zlib" = X""; then + AC_CHECK_LIB(z, gzdopen, [ + AC_DEFINE(HAVE_ZLIB) + ZLIB="-lz" + ]) +fi AC_ARG_WITH(selinux, [AS_HELP_STRING([--with-selinux], [enable SELinux support])], [case $with_selinux in @@ -2611,42 +2634,6 @@ SUDO_LOGFILE SUDO_TIMEDIR SUDO_TRANSCRIPT -dnl -dnl If transcript is enabled, build sudoreplay and add pty.o script.o for sudo -dnl -if test "${enable_transcript-yes}" != "no"; then - # currently require POSIX job control for transcript support - AC_CHECK_FUNCS(tcsetpgrp, [ - SUDO_OBJS="${SUDO_OBJS} pty.o script.o" - PROGS="$PROGS sudoreplay" - REPLAY="" - - AC_ARG_ENABLE(zlib, - [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])], - [ case "$enableval" in - yes) AC_DEFINE(HAVE_ZLIB) - ZLIB="-lz" - ;; - no) ;; - *) AC_DEFINE(HAVE_ZLIB) - CPPFLAGS="${CPPFLAGS} -I${enableval}/include" - SUDO_APPEND_LIBPATH(ZLIB, [$enableval/lib]) - ZLIB="${ZLIB} -lz" - ;; - esac - ]) - if test X"$enable_zlib" = X""; then - AC_CHECK_LIB(z, gzdopen, [ - AC_DEFINE(HAVE_ZLIB) - ZLIB="-lz" - ]) - fi - ], [ - AC_MSG_WARN([Disabling transcript support due to lack of tcsetpgrp function]) - enable_transcript=no - ]) -fi - dnl dnl Use passwd (and secureware) auth modules? dnl @@ -2718,7 +2705,7 @@ dnl dnl Substitute into the Makefile and man pages dnl dnl AC_CONFIG_FILES([doc/sudo.man doc/visudo.man doc/sudoers.man doc/sudoers.ldap.man doc/sudoreplay.man src/Makefile src/sudo_usage.h]) -AC_CONFIG_FILES([doc/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile]) +AC_CONFIG_FILES([doc/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sudoers/Makefile]) AC_OUTPUT dnl