From d168a21cee05df4daacbbb4e7b511beb4c84f86d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 23 Mar 2000 00:35:59 +0000 Subject: [PATCH] Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from Michael D. Marchionna. configure now does substitution on the man pages, allowing us to fix up the paths and set the section correctly. Based on an idea from Michael D. Marchionna. --- INSTALL | 7 + Makefile.in | 38 +-- aclocal.m4 | 7 +- configure | 786 ++++++++++++++++++++++++++----------------------- configure.in | 45 ++- sudo.cat | 136 ++++----- sudo.man.in | 44 +-- sudo.pod | 77 +++-- sudoers.cat | 226 +++++++------- sudoers.man.in | 12 +- sudoers.pod | 15 +- visudo.cat | 12 +- visudo.man.in | 12 +- visudo.pod | 6 +- 14 files changed, 764 insertions(+), 659 deletions(-) diff --git a/INSTALL b/INSTALL index 5c8ae504e..300c9ba47 100644 --- a/INSTALL +++ b/INSTALL @@ -186,6 +186,13 @@ Special features/options: `configure' changes; you should check to see if your platform can access DCE via PAM before using this option. + --with-logincap + Enable support for BSD login classes on FreeBSD. This adds support + for the login classes specified in /etc/login.conf. By default, + a login class is not applied unless the 'use_loginclass' option + is defined in sudoers or the user specifies a class on the command + line. + --disable-sia Disable SIA support. This is the "Security Integration Architecture" on Digital UNIX. If you disable SIA sudo will use its own diff --git a/Makefile.in b/Makefile.in index 58052cd10..930580845 100644 --- a/Makefile.in +++ b/Makefile.in @@ -85,12 +85,11 @@ visudodir = $(sbindir) sudoersdir = $(sysconfdir) # Directory in which to install the man page -# set mansect5 to 4 on sysV machines. mantype = @MANTYPE@ -mansect8 = 8 -mansect5 = 5 -mandir8 = $(mandir)/$(mantype)$(mansect8) -mandir5 = $(mandir)/$(mantype)$(mansect5) +mansectsu = @mansectsu@ +mansectform = @mansectform@ +mandirsu = $(mandir)/$(mantype)$(mansectsu) +mandirform = $(mandir)/$(mantype)$(mansectform) # User and group ids the installed files should be "owned" by install_uid = 0 @@ -145,8 +144,9 @@ DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES FAQ HISTORY INSTALL INSTALL.configure \ UPGRADE acsite.m4 aixcrypt.exp config.guess config.h.in config.sub \ configure configure.in fnmatch.3 indent.pro install-sh \ mkinstalldirs pathnames.h.in sample.pam sample.syslog.conf \ - sample.sudoers sudo.cat sudo.man sudo.pod sudoers sudoers.cat \ - sudoers.man sudoers.pod visudo.cat visudo.man visudo.pod auth/API + sample.sudoers sudo.cat sudo.man.in sudo.pod sudoers sudoers.cat \ + sudoers.man.in sudoers.pod visudo.cat visudo.man.in visudo.pod \ + auth/API BINFILES= BUGS CHANGES HISTORY LICENSE README TODO TROUBLESHOOTING \ UPGRADE install-sh mkinstalldirs sample.syslog.conf sample.sudoers \ @@ -251,35 +251,35 @@ securid.o: $(authdir)/securid.c $(AUTHDEP) sia.o: $(authdir)/sia.c $(AUTHDEP) $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sia.c -sudo.man: $(srcdir)/sudo.pod +sudo.man.in: $(srcdir)/sudo.pod @rm -f $(srcdir)/$@ - (cd $(srcdir); pod2man --section=$(mansect8) --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudo.pod > $(srcdir)/$@) + (cd $(srcdir); pod2man --section=`echo @MANSECTSU@|tr A-Z a-z` --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudo.pod > $(srcdir)/$@) sudo.cat: sudo.man -visudo.man: $(srcdir)/visudo.pod +visudo.man.in: $(srcdir)/visudo.pod @rm -f $(srcdir)/$@ - (cd $(srcdir); pod2man --section=$(mansect8) --release=$(VERSION) --center="MAINTENANCE COMMANDS" visudo.pod > $(srcdir)/$@) + (cd $(srcdir); pod2man --section=`echo @MANSECTSU@|tr A-Z a-z` --release=$(VERSION) --center="MAINTENANCE COMMANDS" visudo.pod > $(srcdir)/$@) visudo.cat: visudo.man -sudoers.man: $(srcdir)/sudoers.pod +sudoers.man.in: $(srcdir)/sudoers.pod @rm -f $(srcdir)/$@ - (cd $(srcdir); pod2man --section=$(mansect5) --release=$(VERSION) --center="FILE FORMATS" sudoers.pod > $(srcdir)/$@) + (cd $(srcdir); pod2man --section=`echo @MANSECTFORM@|tr A-Z a-z` --release=$(VERSION) --center="FILE FORMATS" sudoers.pod | sed 's/"\\f(CW""\\fR"/\\f(CW""\\fR/' > $(srcdir)/$@) sudoers.cat: sudoers.man install: install-dirs install-binaries install-sudoers install-man install-dirs: - $(SHELL) $(srcdir)/mkinstalldirs $(sudodir) $(visudodir) $(sudoersdir) $(mandir8) $(mandir5) + $(SHELL) $(srcdir)/mkinstalldirs $(sudodir) $(visudodir) $(sudoersdir) $(mandirsu) $(mandirform) install-binaries: $(PROGS) $(INSTALL) -o $(install_uid) -g $(install_gid) -m 4111 -s sudo $(sudodir)/sudo $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0111 -s visudo $(visudodir)/visudo install-sudoers: - @ if [ -f $(sudoersdir)/sudoers ]; then \ + @if [ -f $(sudoersdir)/sudoers ]; then \ echo "Setting user/group and mode on existing $(sudoersdir)/sudoers file."; \ chown $(sudoers_uid) $(sudoersdir)/sudoers; \ chgrp $(sudoers_gid) $(sudoersdir)/sudoers; \ @@ -290,9 +290,9 @@ install-sudoers: fi install-man: - $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudo.$(mantype) $(mandir8)/sudo.$(mansect8) - $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/visudo.$(mantype) $(mandir8)/visudo.$(mansect8) - $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudoers.$(mantype) $(mandir5)/sudoers.$(mansect5) + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudo.$(mantype) $(mandirsu)/sudo.$(mansectsu) + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/visudo.$(mantype) $(mandirsu)/visudo.$(mansectsu) + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudoers.$(mantype) $(mandirform)/sudoers.$(mansectform) @MAN_POSTINSTALL@ check: @@ -305,7 +305,7 @@ TAGS: $(SRCS) etags $(SRCS) clean: - -rm -f *.o $(PROGS) testsudoers core sudo.core visudo.core \ + -rm -f *.o $(PROGS) *.man testsudoers core sudo.core visudo.core \ testsudoers.core mostlyclean: clean diff --git a/aclocal.m4 b/aclocal.m4 index 3903c8840..5339f0b99 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -139,14 +139,15 @@ AC_DEFUN(SUDO_TIMEDIR, [AC_MSG_CHECKING(for timestamp file location) if test -n "$with_timedir"; then AC_MSG_RESULT($with_timedir) AC_DEFINE_UNQUOTED(_PATH_SUDO_TIMEDIR, "$with_timedir") + TIMEDIR="$with_timedir" elif test -d "/var/run"; then AC_MSG_RESULT(/var/run/sudo) AC_DEFINE(_PATH_SUDO_TIMEDIR, "/var/run/sudo") -elif test -d "/tmp"; then + TIMEDIR="/var/run/sudo" +else AC_MSG_RESULT(/tmp/.odus) AC_DEFINE(_PATH_SUDO_TIMEDIR, "/tmp/.odus") -else - AC_MSG_RESULT(unknown, you will have to set _PATH_SUDO_TIMEDIR by hand) + TIMEDIR="/tmp/.odus" fi ])dnl diff --git a/configure b/configure index ffbb124c5..3c800ae99 100755 --- a/configure +++ b/configure @@ -661,6 +661,9 @@ fi echo "Configuring Sudo version 1.6.3" + + + PROGS="sudo visudo" test -n "$MANTYPE" || MANTYPE="man" test -n "$SUDOERS_MODE" || SUDOERS_MODE=0440 @@ -824,7 +827,7 @@ if test "${with_passwd+set}" = set; then EOF echo $ac_n "checking whether to use shadow/passwd file authentication""... $ac_c" 1>&6 -echo "configure:828: checking whether to use shadow/passwd file authentication" >&5 +echo "configure:831: checking whether to use shadow/passwd file authentication" >&5 echo "$ac_t""no" 1>&6 ;; *) { echo "configure: error: "Sorry, --with-passwd does not take an argument."" 1>&2; exit 1; } @@ -845,7 +848,7 @@ if test "${with_skey+set}" = set; then EOF echo $ac_n "checking whether to try S/Key authentication""... $ac_c" 1>&6 -echo "configure:849: checking whether to try S/Key authentication" >&5 +echo "configure:852: checking whether to try S/Key authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} rfc1938.o" ;; @@ -868,7 +871,7 @@ if test "${with_opie+set}" = set; then EOF echo $ac_n "checking whether to try NRL OPIE authentication""... $ac_c" 1>&6 -echo "configure:872: checking whether to try NRL OPIE authentication" >&5 +echo "configure:875: checking whether to try NRL OPIE authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} rfc1938.o" ;; @@ -888,7 +891,7 @@ if test "${with_long_otp_prompt+set}" = set; then EOF echo $ac_n "checking whether to use a two line prompt for OTP authentication""... $ac_c" 1>&6 -echo "configure:892: checking whether to use a two line prompt for OTP authentication" >&5 +echo "configure:895: checking whether to use a two line prompt for OTP authentication" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -908,7 +911,7 @@ if test "${with_SecurID+set}" = set; then EOF echo $ac_n "checking whether to use SecurID for authentication""... $ac_c" 1>&6 -echo "configure:912: checking whether to use SecurID for authentication" >&5 +echo "configure:915: checking whether to use SecurID for authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="securid.o" @@ -926,7 +929,7 @@ if test "${with_fwtk+set}" = set; then EOF echo $ac_n "checking whether to use FWTK AuthSRV for authentication""... $ac_c" 1>&6 -echo "configure:930: checking whether to use FWTK AuthSRV for authentication" >&5 +echo "configure:933: checking whether to use FWTK AuthSRV for authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="fwtk.o" @@ -937,7 +940,7 @@ echo "configure:930: checking whether to use FWTK AuthSRV for authentication" >& EOF echo $ac_n "checking whether to use FWTK AuthSRV for authentication""... $ac_c" 1>&6 -echo "configure:941: checking whether to use FWTK AuthSRV for authentication" >&5 +echo "configure:944: checking whether to use FWTK AuthSRV for authentication" >&5 echo "$ac_t""yes" 1>&6 SUDO_LDFLAGS="${SUDO_LDFLAGS} -L${with_fwtk}" CPPFLAGS="${CPPFLAGS} -I${with_fwtk}" @@ -954,7 +957,7 @@ if test "${with_kerb4+set}" = set; then withval="$with_kerb4" case $with_kerb4 in yes) echo $ac_n "checking whether to try Kerberos 4 authentication""... $ac_c" 1>&6 -echo "configure:958: checking whether to try Kerberos 4 authentication" >&5 +echo "configure:961: checking whether to try Kerberos 4 authentication" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -969,7 +972,7 @@ if test "${with_kerb5+set}" = set; then withval="$with_kerb5" case $with_kerb5 in yes) echo $ac_n "checking whether to try Kerberos 5 authentication""... $ac_c" 1>&6 -echo "configure:973: checking whether to try Kerberos 5 authentication" >&5 +echo "configure:976: checking whether to try Kerberos 5 authentication" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -988,7 +991,7 @@ if test "${with_authenticate+set}" = set; then EOF echo $ac_n "checking whether to use AIX general authentication""... $ac_c" 1>&6 -echo "configure:992: checking whether to use AIX general authentication" >&5 +echo "configure:995: checking whether to use AIX general authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="aix_auth.o" @@ -1009,7 +1012,7 @@ if test "${with_pam+set}" = set; then EOF echo $ac_n "checking whether to use PAM authentication""... $ac_c" 1>&6 -echo "configure:1013: checking whether to use PAM authentication" >&5 +echo "configure:1016: checking whether to use PAM authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="pam.o" @@ -1030,7 +1033,7 @@ if test "${with_AFS+set}" = set; then EOF echo $ac_n "checking whether to try AFS (kerberos) authentication""... $ac_c" 1>&6 -echo "configure:1034: checking whether to try AFS (kerberos) authentication" >&5 +echo "configure:1037: checking whether to try AFS (kerberos) authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} afs.o" ;; @@ -1050,7 +1053,7 @@ if test "${with_DCE+set}" = set; then EOF echo $ac_n "checking whether to try DCE (kerberos) authentication""... $ac_c" 1>&6 -echo "configure:1054: checking whether to try DCE (kerberos) authentication" >&5 +echo "configure:1057: checking whether to try DCE (kerberos) authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} dce.o" ;; @@ -1070,7 +1073,7 @@ if test "${with_logincap+set}" = set; then EOF echo $ac_n "checking whether to try BSD login capabilities database""... $ac_c" 1>&6 -echo "configure:1074: checking whether to try BSD login capabilities database" >&5 +echo "configure:1077: checking whether to try BSD login capabilities database" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -1081,7 +1084,7 @@ fi echo $ac_n "checking whether to lecture users the first time they run sudo""... $ac_c" 1>&6 -echo "configure:1085: checking whether to lecture users the first time they run sudo" >&5 +echo "configure:1088: checking whether to lecture users the first time they run sudo" >&5 # Check whether --with-lecture or --without-lecture was given. if test "${with_lecture+set}" = set; then withval="$with_lecture" @@ -1103,7 +1106,7 @@ fi echo $ac_n "checking whether sudo should log via syslog or to a file by default""... $ac_c" 1>&6 -echo "configure:1107: checking whether sudo should log via syslog or to a file by default" >&5 +echo "configure:1110: checking whether sudo should log via syslog or to a file by default" >&5 # Check whether --with-logging or --without-logging was given. if test "${with_logging+set}" = set; then withval="$with_logging" @@ -1142,7 +1145,7 @@ fi echo $ac_n "checking which syslog facility sudo should log with""... $ac_c" 1>&6 -echo "configure:1146: checking which syslog facility sudo should log with" >&5 +echo "configure:1149: checking which syslog facility sudo should log with" >&5 # Check whether --with-logfac or --without-logfac was given. if test "${with_logfac+set}" = set; then withval="$with_logfac" @@ -1169,7 +1172,7 @@ fi echo $ac_n "checking at which syslog priority to log commands""... $ac_c" 1>&6 -echo "configure:1173: checking at which syslog priority to log commands" >&5 +echo "configure:1176: checking at which syslog priority to log commands" >&5 # Check whether --with-goodpri or --without-goodpri was given. if test "${with_goodpri+set}" = set; then withval="$with_goodpri" @@ -1196,7 +1199,7 @@ fi echo $ac_n "checking at which syslog priority to log failures""... $ac_c" 1>&6 -echo "configure:1200: checking at which syslog priority to log failures" >&5 +echo "configure:1203: checking at which syslog priority to log failures" >&5 # Check whether --with-badpri or --without-badpri was given. if test "${with_badpri+set}" = set; then withval="$with_badpri" @@ -1235,7 +1238,7 @@ fi echo $ac_n "checking how long a line in the log file should be""... $ac_c" 1>&6 -echo "configure:1239: checking how long a line in the log file should be" >&5 +echo "configure:1242: checking how long a line in the log file should be" >&5 # Check whether --with-loglen or --without-loglen was given. if test "${with_loglen+set}" = set; then withval="$with_loglen" @@ -1262,7 +1265,7 @@ fi echo $ac_n "checking whether sudo should ignore '.' or '' in \$PATH""... $ac_c" 1>&6 -echo "configure:1266: checking whether sudo should ignore '.' or '' in \$PATH" >&5 +echo "configure:1269: checking whether sudo should ignore '.' or '' in \$PATH" >&5 # Check whether --with-ignore-dot or --without-ignore-dot was given. if test "${with_ignore_dot+set}" = set; then withval="$with_ignore_dot" @@ -1284,7 +1287,7 @@ fi echo $ac_n "checking who should get the mail that sudo sends""... $ac_c" 1>&6 -echo "configure:1288: checking who should get the mail that sudo sends" >&5 +echo "configure:1291: checking who should get the mail that sudo sends" >&5 # Check whether --with-mailto or --without-mailto was given. if test "${with_mailto+set}" = set; then withval="$with_mailto" @@ -1321,7 +1324,7 @@ if test "${with_mailsubject+set}" = set; then EOF echo $ac_n "checking sudo mail subject""... $ac_c" 1>&6 -echo "configure:1325: checking sudo mail subject" >&5 +echo "configure:1328: checking sudo mail subject" >&5 echo "$ac_t""Using alert mail subject: $with_mailsubject" 1>&6 ;; esac @@ -1334,7 +1337,7 @@ fi echo $ac_n "checking whether to send mail when a user is not in sudoers""... $ac_c" 1>&6 -echo "configure:1338: checking whether to send mail when a user is not in sudoers" >&5 +echo "configure:1341: checking whether to send mail when a user is not in sudoers" >&5 # Check whether --with-mail-if-no-user or --without-mail-if-no-user was given. if test "${with_mail_if_no_user+set}" = set; then withval="$with_mail_if_no_user" @@ -1359,7 +1362,7 @@ fi echo $ac_n "checking whether to send mail when user listed but not for this host""... $ac_c" 1>&6 -echo "configure:1363: checking whether to send mail when user listed but not for this host" >&5 +echo "configure:1366: checking whether to send mail when user listed but not for this host" >&5 # Check whether --with-mail-if-no-host or --without-mail-if-no-host was given. if test "${with_mail_if_no_host+set}" = set; then withval="$with_mail_if_no_host" @@ -1381,7 +1384,7 @@ fi echo $ac_n "checking whether to send mail when a user tries a disallowed command""... $ac_c" 1>&6 -echo "configure:1385: checking whether to send mail when a user tries a disallowed command" >&5 +echo "configure:1388: checking whether to send mail when a user tries a disallowed command" >&5 # Check whether --with-mail-if-noperms or --without-mail-if-noperms was given. if test "${with_mail_if_noperms+set}" = set; then withval="$with_mail_if_noperms" @@ -1403,7 +1406,7 @@ fi echo $ac_n "checking for bad password prompt""... $ac_c" 1>&6 -echo "configure:1407: checking for bad password prompt" >&5 +echo "configure:1410: checking for bad password prompt" >&5 # Check whether --with-passprompt or --without-passprompt was given. if test "${with_passprompt+set}" = set; then withval="$with_passprompt" @@ -1428,7 +1431,7 @@ fi echo $ac_n "checking for bad password message""... $ac_c" 1>&6 -echo "configure:1432: checking for bad password message" >&5 +echo "configure:1435: checking for bad password message" >&5 # Check whether --with-badpass-message or --without-badpass-message was given. if test "${with_badpass_message+set}" = set; then withval="$with_badpass_message" @@ -1453,7 +1456,7 @@ fi echo $ac_n "checking whether to expect fully qualified hosts in sudoers""... $ac_c" 1>&6 -echo "configure:1457: checking whether to expect fully qualified hosts in sudoers" >&5 +echo "configure:1460: checking whether to expect fully qualified hosts in sudoers" >&5 # Check whether --with-fqdn or --without-fqdn was given. if test "${with_fqdn+set}" = set; then withval="$with_fqdn" @@ -1553,7 +1556,7 @@ fi echo $ac_n "checking for umask programs should be run with""... $ac_c" 1>&6 -echo "configure:1557: checking for umask programs should be run with" >&5 +echo "configure:1560: checking for umask programs should be run with" >&5 # Check whether --with-umask or --without-umask was given. if test "${with_umask+set}" = set; then withval="$with_umask" @@ -1580,7 +1583,7 @@ fi echo $ac_n "checking for default user to run commands as""... $ac_c" 1>&6 -echo "configure:1584: checking for default user to run commands as" >&5 +echo "configure:1587: checking for default user to run commands as" >&5 # Check whether --with-runas-default or --without-runas-default was given. if test "${with_runas_default+set}" = set; then withval="$with_runas_default" @@ -1617,7 +1620,7 @@ if test "${with_exempt+set}" = set; then EOF echo $ac_n "checking for group to be exempt from password""... $ac_c" 1>&6 -echo "configure:1621: checking for group to be exempt from password" >&5 +echo "configure:1624: checking for group to be exempt from password" >&5 echo "$ac_t""$with_exempt" 1>&6 ;; esac @@ -1625,7 +1628,7 @@ fi echo $ac_n "checking for editor that visudo should use""... $ac_c" 1>&6 -echo "configure:1629: checking for editor that visudo should use" >&5 +echo "configure:1632: checking for editor that visudo should use" >&5 # Check whether --with-editor or --without-editor was given. if test "${with_editor+set}" = set; then withval="$with_editor" @@ -1650,7 +1653,7 @@ fi echo $ac_n "checking whether to obey EDITOR and VISUAL environment variables""... $ac_c" 1>&6 -echo "configure:1654: checking whether to obey EDITOR and VISUAL environment variables" >&5 +echo "configure:1657: checking whether to obey EDITOR and VISUAL environment variables" >&5 # Check whether --with-env-editor or --without-env-editor was given. if test "${with_env_editor+set}" = set; then withval="$with_env_editor" @@ -1672,7 +1675,7 @@ fi echo $ac_n "checking number of tries a user gets to enter their password""... $ac_c" 1>&6 -echo "configure:1676: checking number of tries a user gets to enter their password" >&5 +echo "configure:1679: checking number of tries a user gets to enter their password" >&5 # Check whether --with-passwd-tries or --without-passwd-tries was given. if test "${with_passwd_tries+set}" = set; then withval="$with_passwd_tries" @@ -1703,7 +1706,7 @@ fi echo $ac_n "checking time in minutes after which sudo will ask for a password again""... $ac_c" 1>&6 -echo "configure:1707: checking time in minutes after which sudo will ask for a password again" >&5 +echo "configure:1710: checking time in minutes after which sudo will ask for a password again" >&5 # Check whether --with-timeout or --without-timeout was given. if test "${with_timeout+set}" = set; then withval="$with_timeout" @@ -1738,7 +1741,7 @@ fi echo $ac_n "checking time in minutes after the password prompt will time out""... $ac_c" 1>&6 -echo "configure:1742: checking time in minutes after the password prompt will time out" >&5 +echo "configure:1745: checking time in minutes after the password prompt will time out" >&5 # Check whether --with-password-timeout or --without-password-timeout was given. if test "${with_password_timeout+set}" = set; then withval="$with_password_timeout" @@ -1773,7 +1776,7 @@ fi echo $ac_n "checking whether to use execvp or execv""... $ac_c" 1>&6 -echo "configure:1777: checking whether to use execvp or execv" >&5 +echo "configure:1780: checking whether to use execvp or execv" >&5 # Check whether --with-execv or --without-execv was given. if test "${with_execv+set}" = set; then withval="$with_execv" @@ -1795,7 +1798,7 @@ fi echo $ac_n "checking whether to use per-tty ticket files""... $ac_c" 1>&6 -echo "configure:1799: checking whether to use per-tty ticket files" >&5 +echo "configure:1802: checking whether to use per-tty ticket files" >&5 # Check whether --with-tty-tickets or --without-tty-tickets was given. if test "${with_tty_tickets+set}" = set; then withval="$with_tty_tickets" @@ -1817,7 +1820,7 @@ fi echo $ac_n "checking whether to include insults""... $ac_c" 1>&6 -echo "configure:1821: checking whether to include insults" >&5 +echo "configure:1824: checking whether to include insults" >&5 # Check whether --with-insults or --without-insults was given. if test "${with_insults+set}" = set; then withval="$with_insults" @@ -1922,7 +1925,7 @@ fi if test "$with_insults" = "yes"; then echo $ac_n "checking which insult sets to include""... $ac_c" 1>&6 -echo "configure:1926: checking which insult sets to include" >&5 +echo "configure:1929: checking which insult sets to include" >&5 i="" test "$with_goons_insults" = "yes" && i="goons ${i}" test "$with_hal_insults" = "yes" && i="hal ${i}" @@ -1932,7 +1935,7 @@ echo "configure:1926: checking which insult sets to include" >&5 fi echo $ac_n "checking whether to override the user's path""... $ac_c" 1>&6 -echo "configure:1936: checking whether to override the user's path" >&5 +echo "configure:1939: checking whether to override the user's path" >&5 # Check whether --with-secure-path or --without-secure-path was given. if test "${with_secure_path+set}" = set; then withval="$with_secure_path" @@ -1958,7 +1961,7 @@ fi echo $ac_n "checking whether to get ip addresses from the network interfaces""... $ac_c" 1>&6 -echo "configure:1962: checking whether to get ip addresses from the network interfaces" >&5 +echo "configure:1965: checking whether to get ip addresses from the network interfaces" >&5 # Check whether --with-interfaces or --without-interfaces was given. if test "${with_interfaces+set}" = set; then withval="$with_interfaces" @@ -1981,7 +1984,7 @@ fi echo $ac_n "checking whether to do user authentication by default""... $ac_c" 1>&6 -echo "configure:1985: checking whether to do user authentication by default" >&5 +echo "configure:1988: checking whether to do user authentication by default" >&5 # Check whether --enable-authentication or --disable-authentication was given. if test "${enable_authentication+set}" = set; then enableval="$enable_authentication" @@ -2005,7 +2008,7 @@ fi echo $ac_n "checking whether to disable shadow password support""... $ac_c" 1>&6 -echo "configure:2009: checking whether to disable shadow password support" >&5 +echo "configure:2012: checking whether to disable shadow password support" >&5 # Check whether --enable-shadow or --disable-shadow was given. if test "${enable_shadow+set}" = set; then enableval="$enable_shadow" @@ -2026,7 +2029,7 @@ fi echo $ac_n "checking whether root should be allowed to use sudo""... $ac_c" 1>&6 -echo "configure:2030: checking whether root should be allowed to use sudo" >&5 +echo "configure:2033: checking whether root should be allowed to use sudo" >&5 # Check whether --enable-root-sudo or --disable-root-sudo was given. if test "${enable_root_sudo+set}" = set; then enableval="$enable_root_sudo" @@ -2049,7 +2052,7 @@ fi echo $ac_n "checking whether to log the hostname in the log file""... $ac_c" 1>&6 -echo "configure:2053: checking whether to log the hostname in the log file" >&5 +echo "configure:2056: checking whether to log the hostname in the log file" >&5 # Check whether --enable-log-host or --disable-log-host was given. if test "${enable_log_host+set}" = set; then enableval="$enable_log_host" @@ -2073,7 +2076,7 @@ fi echo $ac_n "checking whether to invoke a shell if sudo is given no arguments""... $ac_c" 1>&6 -echo "configure:2077: checking whether to invoke a shell if sudo is given no arguments" >&5 +echo "configure:2080: checking whether to invoke a shell if sudo is given no arguments" >&5 # Check whether --enable-noargs-shell or --disable-noargs-shell was given. if test "${enable_noargs_shell+set}" = set; then enableval="$enable_noargs_shell" @@ -2097,7 +2100,7 @@ fi echo $ac_n "checking whether to set \$HOME to target user in shell mode""... $ac_c" 1>&6 -echo "configure:2101: checking whether to set \$HOME to target user in shell mode" >&5 +echo "configure:2104: checking whether to set \$HOME to target user in shell mode" >&5 # Check whether --enable-shell-sets-home or --disable-shell-sets-home was given. if test "${enable_shell_sets_home+set}" = set; then enableval="$enable_shell_sets_home" @@ -2121,7 +2124,7 @@ fi echo $ac_n "checking whether to disable 'command not found' messages""... $ac_c" 1>&6 -echo "configure:2125: checking whether to disable 'command not found' messages" >&5 +echo "configure:2128: checking whether to disable 'command not found' messages" >&5 # Check whether --enable-path_info or --disable-path_info was given. if test "${enable_path_info+set}" = set; then enableval="$enable_path_info" @@ -2147,7 +2150,7 @@ fi # Extract the first word of "egrep", so it can be a program name with args. set dummy egrep; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2151: checking for $ac_word" >&5 +echo "configure:2154: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_EGREPPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2182,7 +2185,7 @@ cross_compiling="no" # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2186: checking for $ac_word" >&5 +echo "configure:2189: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2211,7 +2214,7 @@ if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2215: checking for $ac_word" >&5 +echo "configure:2218: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2259,7 +2262,7 @@ fi fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 -echo "configure:2263: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 +echo "configure:2266: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. @@ -2269,11 +2272,11 @@ ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS cross_compiling=$ac_cv_prog_cc_cross cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then ac_cv_prog_cc_works=yes # If we can't run a trivial program, we are probably using a cross compiler. if (./conftest; exit) 2>/dev/null; then @@ -2293,12 +2296,12 @@ if test $ac_cv_prog_cc_works = no; then { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 -echo "configure:2297: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +echo "configure:2300: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 cross_compiling=$ac_cv_prog_cc_cross echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 -echo "configure:2302: checking whether we are using GNU C" >&5 +echo "configure:2305: checking whether we are using GNU C" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2307,7 +2310,7 @@ else yes; #endif EOF -if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2311: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then +if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2314: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ac_cv_prog_gcc=yes else ac_cv_prog_gcc=no @@ -2322,7 +2325,7 @@ if test $ac_cv_prog_gcc = yes; then ac_save_CFLAGS="$CFLAGS" CFLAGS= echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 -echo "configure:2326: checking whether ${CC-cc} accepts -g" >&5 +echo "configure:2329: checking whether ${CC-cc} accepts -g" >&5 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2352,7 +2355,7 @@ fi ac_cv_prog_cc_cross="no" cross_compiling="no" echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 -echo "configure:2356: checking how to run the C preprocessor" >&5 +echo "configure:2359: checking how to run the C preprocessor" >&5 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= @@ -2367,13 +2370,13 @@ else # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2377: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:2380: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then : @@ -2384,13 +2387,13 @@ else rm -rf conftest* CPP="${CC-cc} -E -traditional-cpp" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2394: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:2397: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then : @@ -2413,7 +2416,7 @@ fi echo "$ac_t""$CPP" 1>&6 echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6 -echo "configure:2417: checking for POSIXized ISC" >&5 +echo "configure:2420: checking for POSIXized ISC" >&5 if test -d /etc/conf/kconfig.d && grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 then @@ -2441,7 +2444,7 @@ fi # Extract the first word of "uname", so it can be a program name with args. set dummy uname; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2445: checking for $ac_word" >&5 +echo "configure:2448: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_UNAMEPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2469,7 +2472,7 @@ fi # Extract the first word of "tr", so it can be a program name with args. set dummy tr; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2473: checking for $ac_word" >&5 +echo "configure:2476: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_TRPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2497,7 +2500,7 @@ fi # Extract the first word of "sed", so it can be a program name with args. set dummy sed; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2501: checking for $ac_word" >&5 +echo "configure:2504: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_SEDPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2525,7 +2528,7 @@ fi # Extract the first word of "nroff", so it can be a program name with args. set dummy nroff; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2529: checking for $ac_word" >&5 +echo "configure:2532: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_NROFFPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2580,7 +2583,7 @@ else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; } fi echo $ac_n "checking host system type""... $ac_c" 1>&6 -echo "configure:2584: checking host system type" >&5 +echo "configure:2587: checking host system type" >&5 host_alias=$host case "$host_alias" in @@ -2609,7 +2612,7 @@ if test -n "$sudo_cv_prev_host"; then exit 1 else echo $ac_n "checking previous host type""... $ac_c" 1>&6 -echo "configure:2613: checking previous host type" >&5 +echo "configure:2616: checking previous host type" >&5 if eval "test \"`echo '$''{'sudo_cv_prev_host'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2649,12 +2652,12 @@ case "$host" in # check for password adjunct functions (shadow passwords) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getpwanam""... $ac_c" 1>&6 -echo "configure:2653: checking for getpwanam" >&5 +echo "configure:2656: checking for getpwanam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getpwanam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2684: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getpwanam=yes" else @@ -2697,12 +2700,12 @@ EOF for ac_func in issecure do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2701: checking for $ac_func" >&5 +echo "configure:2704: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2732: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2763,6 +2766,8 @@ fi if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lucb" fi + mansectsu=1m + mansectform=4 ;; *-*-aix*) # To get all prototypes (so we pass -Wall) @@ -2776,7 +2781,7 @@ EOF *-*-hiuxmpp*) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:2780: checking for getprpwnam in -lsec" >&5 +echo "configure:2785: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -2788,7 +2793,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2821,7 +2826,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6 -echo "configure:2825: checking for getprpwnam in -lsecurity" >&5 +echo "configure:2830: checking for getprpwnam in -lsecurity" >&5 if test -n ""; then ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -2833,7 +2838,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsecurity $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2853: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2871,6 +2876,8 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux1[0-9]*) # uncomment this for a statically linked sudo @@ -2891,7 +2898,7 @@ fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:2895: checking for getprpwnam in -lsec" >&5 +echo "configure:2902: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -2903,7 +2910,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2925: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2933,7 +2940,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then #define HAVE_GETPRPWNAM 1 EOF echo $ac_n "checking for iscomsec in -lsec""... $ac_c" 1>&6 -echo "configure:2937: checking for iscomsec in -lsec" >&5 +echo "configure:2944: checking for iscomsec in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'iscomsec | sed 'y% ./+-%___p_%'` else @@ -2945,7 +2952,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2967: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2998,6 +3005,8 @@ fi if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux9*) # uncomment this for a statically linked sudo @@ -3025,12 +3034,12 @@ EOF for ac_func in getspwuid do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3029: checking for $ac_func" >&5 +echo "configure:3038: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3066: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3100,6 +3109,8 @@ done if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux*) @@ -3119,13 +3130,15 @@ EOF if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-dec-osf*) # ignore envariables wrt dynamic lib path SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement" echo $ac_n "checking whether to disable sia support on Digital UNIX""... $ac_c" 1>&6 -echo "configure:3129: checking whether to disable sia support on Digital UNIX" >&5 +echo "configure:3142: checking whether to disable sia support on Digital UNIX" >&5 # Check whether --enable-sia or --disable-sia was given. if test "${enable_sia+set}" = set; then enableval="$enable_sia" @@ -3149,12 +3162,12 @@ fi # unless overridden on the command line if test "$CHECKSIA" = "true"; then echo $ac_n "checking for sia_ses_init""... $ac_c" 1>&6 -echo "configure:3153: checking for sia_ses_init" >&5 +echo "configure:3166: checking for sia_ses_init" >&5 if eval "test \"`echo '$''{'ac_cv_func_sia_ses_init'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3194: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_sia_ses_init=yes" else @@ -3205,7 +3218,7 @@ fi fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6 -echo "configure:3209: checking for getprpwnam in -lsecurity" >&5 +echo "configure:3222: checking for getprpwnam in -lsecurity" >&5 if test -n ""; then ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -3217,7 +3230,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsecurity $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3245: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3258,12 +3271,12 @@ EOF # -ldb includes bogus versions of snprintf/vsnprintf echo $ac_n "checking for snprintf""... $ac_c" 1>&6 -echo "configure:3262: checking for snprintf" >&5 +echo "configure:3275: checking for snprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_snprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3303: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_snprintf=yes" else @@ -3310,12 +3323,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for vsnprintf""... $ac_c" 1>&6 -echo "configure:3314: checking for vsnprintf" >&5 +echo "configure:3327: checking for vsnprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_vsnprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3355: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_vsnprintf=yes" else @@ -3363,7 +3376,7 @@ fi # 4.x and higher need -ldb too... echo $ac_n "checking for dbopen in -ldb""... $ac_c" 1>&6 -echo "configure:3367: checking for dbopen in -ldb" >&5 +echo "configure:3380: checking for dbopen in -ldb" >&5 if test -n ""; then ac_lib_var=`echo db'_'dbopen | sed 'y% ./+-%___p_%'` else @@ -3375,7 +3388,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldb $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3403: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3410,12 +3423,12 @@ fi for ac_func in dispcrypt do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3414: checking for $ac_func" >&5 +echo "configure:3427: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3455: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3463,9 +3476,9 @@ fi done echo $ac_n "checking for broken /usr/include/prot.h""... $ac_c" 1>&6 -echo "configure:3467: checking for broken /usr/include/prot.h" >&5 +echo "configure:3480: checking for broken /usr/include/prot.h" >&5 cat > conftest.$ac_ext < @@ -3476,7 +3489,7 @@ int main() { exit(0); ; return 0; } EOF -if { (eval echo configure:3480: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3493: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* echo "$ac_t""no" 1>&6 else @@ -3522,7 +3535,7 @@ EOF # IRIX <= 4 needs -lsun if test "$OSREV" -le 4; then echo $ac_n "checking for getpwnam in -lsun""... $ac_c" 1>&6 -echo "configure:3526: checking for getpwnam in -lsun" >&5 +echo "configure:3539: checking for getpwnam in -lsun" >&5 if test -n ""; then ac_lib_var=`echo sun'_'getpwnam | sed 'y% ./+-%___p_%'` else @@ -3534,7 +3547,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsun $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3562: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3566,6 +3579,8 @@ else fi fi + mansectsu=1m + mansectform=4 ;; *-*-linux*) # To get crypt(3) and vasprintf() prototypes (so we pass -Wall) @@ -3577,12 +3592,12 @@ EOF # Some Linux versions need to link with -lshadow if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam""... $ac_c" 1>&6 -echo "configure:3581: checking for getspnam" >&5 +echo "configure:3596: checking for getspnam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getspnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3624: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getspnam=yes" else @@ -3626,7 +3641,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getspnam in -lshadow""... $ac_c" 1>&6 -echo "configure:3630: checking for getspnam in -lshadow" >&5 +echo "configure:3645: checking for getspnam in -lshadow" >&5 if test -n ""; then ac_lib_var=`echo shadow'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3638,7 +3653,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lshadow $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3668: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3688,7 +3703,7 @@ EOF if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:3692: checking for getprpwnam in -lsec" >&5 +echo "configure:3707: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -3700,7 +3715,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3730: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3741,7 +3756,7 @@ fi OS="ultrix" if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getauthuid in -lauth""... $ac_c" 1>&6 -echo "configure:3745: checking for getauthuid in -lauth" >&5 +echo "configure:3760: checking for getauthuid in -lauth" >&5 if test -n ""; then ac_lib_var=`echo auth'_'getauthuid | sed 'y% ./+-%___p_%'` else @@ -3753,7 +3768,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lauth $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3783: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3794,6 +3809,8 @@ fi LIBS="${LIBS} -lsun -lbsd" CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd" OSDEFS="${OSDEFS} -D_MIPS" + mansectsu=1m + mansectform=4 ;; *-*-isc*) OSDEFS="${OSDEFS} -D_ISC" @@ -3803,7 +3820,7 @@ fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam in -lsec""... $ac_c" 1>&6 -echo "configure:3807: checking for getspnam in -lsec" >&5 +echo "configure:3824: checking for getspnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3815,7 +3832,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3847: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3851,11 +3868,13 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-sco*) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lprot""... $ac_c" 1>&6 -echo "configure:3859: checking for getprpwnam in -lprot" >&5 +echo "configure:3878: checking for getprpwnam in -lprot" >&5 if test -n "-lx"; then ac_lib_var=`echo prot'_'getprpwnam-lx | sed 'y% ./+-%___p_%'` else @@ -3867,7 +3886,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lprot -lx $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3901: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3902,7 +3921,7 @@ else fi echo $ac_n "checking for getspnam in -lgen""... $ac_c" 1>&6 -echo "configure:3906: checking for getspnam in -lgen" >&5 +echo "configure:3925: checking for getspnam in -lgen" >&5 if test -n ""; then ac_lib_var=`echo gen'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3914,7 +3933,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lgen $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3948: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3950,11 +3969,13 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-sequent-sysv*) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam in -lsec""... $ac_c" 1>&6 -echo "configure:3958: checking for getspnam in -lsec" >&5 +echo "configure:3979: checking for getspnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3966,7 +3987,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4002,10 +4023,14 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-ccur-sysv4|*-ccur-sysvr4) LIBS="${LIBS} -lgen" SUDO_LIBS="${SUDO_LIBS} -lgen" + mansectsu=1m + mansectform=4 ;; *-*-bsdi*) # Use shlicc for BSD/OS 2.x unless asked to do otherwise @@ -4015,27 +4040,40 @@ fi ac_cv_prog_CC=shlicc CC="$ac_cv_prog_CC" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-freebsd*) if test "$with_skey" = "yes"; then SUDO_LIBS="${SUDO_LIBS} -lmd" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-*bsd*) if test "$CHECKSHADOW" = "true"; then CHECKSHADOW="false" fi ;; + *-*-sysv*) + mansectsu=1m + mansectform=4 + ;; esac +test -n "$mansectsu" || mansectsu=8 +test -n "$mansectform" || mansectform=5 + if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam""... $ac_c" 1>&6 -echo "configure:4034: checking for getspnam" >&5 +echo "configure:4072: checking for getspnam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getspnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4100: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getspnam=yes" else @@ -4083,12 +4121,12 @@ fi fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam""... $ac_c" 1>&6 -echo "configure:4087: checking for getprpwnam" >&5 +echo "configure:4125: checking for getprpwnam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getprpwnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4153: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getprpwnam=yes" else @@ -4132,7 +4170,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:4136: checking for getprpwnam in -lsec" >&5 +echo "configure:4174: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -4144,7 +4182,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4197: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4177,7 +4215,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6 -echo "configure:4181: checking for getprpwnam in -lsecurity" >&5 +echo "configure:4219: checking for getprpwnam in -lsecurity" >&5 if test -n ""; then ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -4189,7 +4227,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsecurity $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4242: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4222,7 +4260,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lprot""... $ac_c" 1>&6 -echo "configure:4226: checking for getprpwnam in -lprot" >&5 +echo "configure:4264: checking for getprpwnam in -lprot" >&5 if test -n ""; then ac_lib_var=`echo prot'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -4234,7 +4272,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lprot $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4287: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4278,13 +4316,13 @@ fi if test $ac_cv_prog_gcc = yes; then echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6 -echo "configure:4282: checking whether ${CC-cc} needs -traditional" >&5 +echo "configure:4320: checking whether ${CC-cc} needs -traditional" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_pattern="Autoconf.*'x'" cat > conftest.$ac_ext < Autoconf TIOCGETP @@ -4302,7 +4340,7 @@ rm -f conftest* if test $ac_cv_prog_gcc_traditional = no; then cat > conftest.$ac_ext < Autoconf TCGETA @@ -4324,12 +4362,12 @@ echo "$ac_t""$ac_cv_prog_gcc_traditional" 1>&6 fi echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:4328: checking for working const" >&5 +echo "configure:4366: checking for working const" >&5 if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4420: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else @@ -4403,7 +4441,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:4407: checking for $ac_word" >&5 +echo "configure:4445: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -4434,7 +4472,7 @@ test -n "$YACC" || YACC="yacc" if test -z "$with_sendmail"; then echo $ac_n "checking for sendmail""... $ac_c" 1>&6 -echo "configure:4438: checking for sendmail" >&5 +echo "configure:4476: checking for sendmail" >&5 if test -f "/usr/sbin/sendmail"; then echo "$ac_t""/usr/sbin/sendmail" 1>&6 cat >> confdefs.h <<\EOF @@ -4477,7 +4515,7 @@ fi fi echo $ac_n "checking for mv""... $ac_c" 1>&6 -echo "configure:4481: checking for mv" >&5 +echo "configure:4519: checking for mv" >&5 if test -f "/usr/bin/mv"; then echo "$ac_t""/usr/bin/mv" 1>&6 cat >> confdefs.h <<\EOF @@ -4507,7 +4545,7 @@ else fi echo $ac_n "checking for bourne shell""... $ac_c" 1>&6 -echo "configure:4511: checking for bourne shell" >&5 +echo "configure:4549: checking for bourne shell" >&5 if test -f "/bin/sh"; then echo "$ac_t""/bin/sh" 1>&6 cat >> confdefs.h <<\EOF @@ -4561,7 +4599,7 @@ else fi echo $ac_n "checking for vi""... $ac_c" 1>&6 -echo "configure:4565: checking for vi" >&5 +echo "configure:4603: checking for vi" >&5 if test -f "/usr/bin/vi"; then echo "$ac_t""/usr/bin/vi" 1>&6 cat >> confdefs.h <<\EOF @@ -4597,12 +4635,12 @@ else fi echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 -echo "configure:4601: checking for ANSI C header files" >&5 +echo "configure:4639: checking for ANSI C header files" >&5 if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -4610,7 +4648,7 @@ else #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4614: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4652: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4627,7 +4665,7 @@ rm -f conftest* if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -4645,7 +4683,7 @@ fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -4666,7 +4704,7 @@ if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') @@ -4677,7 +4715,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF -if { (eval echo configure:4681: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:4719: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then : else @@ -4705,12 +4743,12 @@ for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6 -echo "configure:4709: checking for $ac_hdr that defines DIR" >&5 +echo "configure:4747: checking for $ac_hdr that defines DIR" >&5 if eval "test \"`echo '$''{'ac_cv_header_dirent_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include <$ac_hdr> @@ -4718,7 +4756,7 @@ int main() { DIR *dirp = 0; ; return 0; } EOF -if { (eval echo configure:4722: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4760: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* eval "ac_cv_header_dirent_$ac_safe=yes" else @@ -4743,7 +4781,7 @@ done # Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. if test $ac_header_dirent = dirent.h; then echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6 -echo "configure:4747: checking for opendir in -ldir" >&5 +echo "configure:4785: checking for opendir in -ldir" >&5 if test -n ""; then ac_lib_var=`echo dir'_'opendir | sed 'y% ./+-%___p_%'` else @@ -4755,7 +4793,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldir $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4788,7 +4826,7 @@ fi else echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6 -echo "configure:4792: checking for opendir in -lx" >&5 +echo "configure:4830: checking for opendir in -lx" >&5 if test -n ""; then ac_lib_var=`echo x'_'opendir | sed 'y% ./+-%___p_%'` else @@ -4800,7 +4838,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lx $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4853: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4837,17 +4875,17 @@ for ac_hdr in string.h strings.h unistd.h malloc.h paths.h utime.h netgroup.h sy do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4841: checking for $ac_hdr" >&5 +echo "configure:4879: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4851: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4889: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4878,17 +4916,17 @@ if test "$OS" != "ultrix"; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4882: checking for $ac_hdr" >&5 +echo "configure:4920: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4892: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4930: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4918,17 +4956,17 @@ done do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4922: checking for $ac_hdr" >&5 +echo "configure:4960: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4932: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4970: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4951,12 +4989,12 @@ EOF for ac_func in tcgetattr do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:4955: checking for $ac_func" >&5 +echo "configure:4993: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5021: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5010,12 +5048,12 @@ done fi echo $ac_n "checking for mode_t""... $ac_c" 1>&6 -echo "configure:5014: checking for mode_t" >&5 +echo "configure:5052: checking for mode_t" >&5 if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5043,12 +5081,12 @@ EOF fi echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 -echo "configure:5047: checking for uid_t in sys/types.h" >&5 +echo "configure:5085: checking for uid_t in sys/types.h" >&5 if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF @@ -5077,12 +5115,12 @@ EOF fi echo $ac_n "checking for size_t""... $ac_c" 1>&6 -echo "configure:5081: checking for size_t" >&5 +echo "configure:5119: checking for size_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_size_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5112,12 +5150,12 @@ EOF fi echo $ac_n "checking for ssize_t""... $ac_c" 1>&6 -echo "configure:5116: checking for ssize_t" >&5 +echo "configure:5154: checking for ssize_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_ssize_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5147,12 +5185,12 @@ EOF fi echo $ac_n "checking for dev_t""... $ac_c" 1>&6 -echo "configure:5151: checking for dev_t" >&5 +echo "configure:5189: checking for dev_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_dev_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5182,12 +5220,12 @@ EOF fi echo $ac_n "checking for ino_t""... $ac_c" 1>&6 -echo "configure:5186: checking for ino_t" >&5 +echo "configure:5224: checking for ino_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_ino_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5217,9 +5255,9 @@ EOF fi echo $ac_n "checking for full void implementation""... $ac_c" 1>&6 -echo "configure:5221: checking for full void implementation" >&5 +echo "configure:5259: checking for full void implementation" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:5269: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define VOID void @@ -5247,7 +5285,7 @@ fi rm -f conftest* echo $ac_n "checking max length of uid_t""... $ac_c" 1>&6 -echo "configure:5251: checking max length of uid_t" >&5 +echo "configure:5289: checking max length of uid_t" >&5 if eval "test \"`echo '$''{'sudo_cv_uid_t_len'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5256,7 +5294,7 @@ if test "$cross_compiling" = yes; then { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext < #include @@ -5277,7 +5315,7 @@ main() { exit(0); } EOF -if { (eval echo configure:5281: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5319: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_uid_t_len=`cat conftestdata` else @@ -5300,16 +5338,16 @@ EOF echo $ac_n "checking for long long support""... $ac_c" 1>&6 -echo "configure:5304: checking for long long support" >&5 +echo "configure:5342: checking for long long support" >&5 cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5351: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_LONG_LONG 1 @@ -5319,11 +5357,11 @@ if test "$cross_compiling" = yes; then { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5365: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then cat >> confdefs.h <<\EOF #define LONG_IS_QUAD 1 @@ -5345,7 +5383,7 @@ else fi rm -f conftest* echo $ac_n "checking for sa_len field in struct sockaddr""... $ac_c" 1>&6 -echo "configure:5349: checking for sa_len field in struct sockaddr" >&5 +echo "configure:5387: checking for sa_len field in struct sockaddr" >&5 if eval "test \"`echo '$''{'sudo_cv_sock_sa_len'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5353,7 +5391,7 @@ else sudo_cv_sock_sa_len=no else cat > conftest.$ac_ext < #include @@ -5363,7 +5401,7 @@ s.sa_len = 0; exit(0); } EOF -if { (eval echo configure:5367: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5405: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_sock_sa_len=yes else @@ -5388,12 +5426,12 @@ fi case "$DEFS" in *"RETSIGTYPE"*) ;; *) echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 -echo "configure:5392: checking return type of signal handlers" >&5 +echo "configure:5430: checking return type of signal handlers" >&5 if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -5410,7 +5448,7 @@ int main() { int i; ; return 0; } EOF -if { (eval echo configure:5414: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:5452: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_type_signal=void else @@ -5432,12 +5470,12 @@ esac for ac_func in strchr strrchr memchr memcpy memset sysconf sigaction tzset seteuid strftime setrlimit initgroups fstat do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5436: checking for $ac_func" >&5 +echo "configure:5474: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5502: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5488,12 +5526,12 @@ if test -n "$SECUREWARE"; then for ac_func in bigcrypt do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5492: checking for $ac_func" >&5 +echo "configure:5530: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5558: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5543,12 +5581,12 @@ done for ac_func in set_auth_parameters do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5547: checking for $ac_func" >&5 +echo "configure:5585: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5613: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5598,12 +5636,12 @@ done for ac_func in initprivs do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5602: checking for $ac_func" >&5 +echo "configure:5640: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5668: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5653,12 +5691,12 @@ done fi if test -z "$BROKEN_GETCWD"; then echo $ac_n "checking for getcwd""... $ac_c" 1>&6 -echo "configure:5657: checking for getcwd" >&5 +echo "configure:5695: checking for getcwd" >&5 if eval "test \"`echo '$''{'ac_cv_func_getcwd'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5723: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getcwd=yes" else @@ -5706,12 +5744,12 @@ fi fi echo $ac_n "checking for lockf""... $ac_c" 1>&6 -echo "configure:5710: checking for lockf" >&5 +echo "configure:5748: checking for lockf" >&5 if eval "test \"`echo '$''{'ac_cv_func_lockf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5776: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_lockf=yes" else @@ -5757,12 +5795,12 @@ else for ac_func in flock do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5761: checking for $ac_func" >&5 +echo "configure:5799: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5827: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5812,12 +5850,12 @@ done fi echo $ac_n "checking for waitpid""... $ac_c" 1>&6 -echo "configure:5816: checking for waitpid" >&5 +echo "configure:5854: checking for waitpid" >&5 if eval "test \"`echo '$''{'ac_cv_func_waitpid'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5882: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_waitpid=yes" else @@ -5863,12 +5901,12 @@ else for ac_func in wait3 do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5867: checking for $ac_func" >&5 +echo "configure:5905: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5933: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5918,12 +5956,12 @@ done fi echo $ac_n "checking for innetgr""... $ac_c" 1>&6 -echo "configure:5922: checking for innetgr" >&5 +echo "configure:5960: checking for innetgr" >&5 if eval "test \"`echo '$''{'ac_cv_func_innetgr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5988: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_innetgr=yes" else @@ -5966,12 +6004,12 @@ EOF for ac_func in getdomainname do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5970: checking for $ac_func" >&5 +echo "configure:6008: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -6023,12 +6061,12 @@ else fi echo $ac_n "checking for lsearch""... $ac_c" 1>&6 -echo "configure:6027: checking for lsearch" >&5 +echo "configure:6065: checking for lsearch" >&5 if eval "test \"`echo '$''{'ac_cv_func_lsearch'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6093: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_lsearch=yes" else @@ -6072,7 +6110,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for lsearch in -lcompat""... $ac_c" 1>&6 -echo "configure:6076: checking for lsearch in -lcompat" >&5 +echo "configure:6114: checking for lsearch in -lcompat" >&5 if test -n ""; then ac_lib_var=`echo compat'_'lsearch | sed 'y% ./+-%___p_%'` else @@ -6084,7 +6122,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcompat $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6137: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6112,17 +6150,17 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_safe=`echo "search.h" | sed 'y%./+-%__p_%'` echo $ac_n "checking for search.h""... $ac_c" 1>&6 -echo "configure:6116: checking for search.h" >&5 +echo "configure:6154: checking for search.h" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6126: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:6164: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -6155,12 +6193,12 @@ fi fi echo $ac_n "checking for setenv""... $ac_c" 1>&6 -echo "configure:6159: checking for setenv" >&5 +echo "configure:6197: checking for setenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_setenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6225: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_setenv=yes" else @@ -6204,12 +6242,12 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for putenv""... $ac_c" 1>&6 -echo "configure:6208: checking for putenv" >&5 +echo "configure:6246: checking for putenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_putenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6274: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_putenv=yes" else @@ -6258,12 +6296,12 @@ fi fi echo $ac_n "checking for utime""... $ac_c" 1>&6 -echo "configure:6262: checking for utime" >&5 +echo "configure:6300: checking for utime" >&5 if eval "test \"`echo '$''{'ac_cv_func_utime'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6328: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_utime=yes" else @@ -6305,7 +6343,7 @@ if eval "test \"`echo '$ac_cv_func_'utime`\" = yes"; then EOF echo $ac_n "checking for POSIX utime""... $ac_c" 1>&6 -echo "configure:6309: checking for POSIX utime" >&5 +echo "configure:6347: checking for POSIX utime" >&5 if eval "test \"`echo '$''{'sudo_cv_func_utime_posix'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -6314,7 +6352,7 @@ if test "$cross_compiling" = yes; then sudo_cv_func_utime_posix=no else cat > conftest.$ac_ext < #include @@ -6326,7 +6364,7 @@ utime("conftestdata", &ut); exit(0); } EOF -if { (eval echo configure:6330: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:6368: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_func_utime_posix=yes else @@ -6354,7 +6392,7 @@ LIBOBJS="$LIBOBJS utime.o" fi echo $ac_n "checking for working fnmatch""... $ac_c" 1>&6 -echo "configure:6358: checking for working fnmatch" >&5 +echo "configure:6396: checking for working fnmatch" >&5 if eval "test \"`echo '$''{'sudo_cv_func_fnmatch'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -6363,13 +6401,13 @@ if test "$cross_compiling" = yes; then sudo_cv_func_fnmatch=no else cat > conftest.$ac_ext < main() { exit(fnmatch("/*/bin/echo *", "/usr/bin/echo just a test", 0)); } EOF -if { (eval echo configure:6373: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:6411: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_func_fnmatch=yes else @@ -6396,12 +6434,12 @@ fi for ac_func in strerror strcasecmp do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:6400: checking for $ac_func" >&5 +echo "configure:6438: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6466: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -6451,12 +6489,12 @@ done echo $ac_n "checking for snprintf""... $ac_c" 1>&6 -echo "configure:6455: checking for snprintf" >&5 +echo "configure:6493: checking for snprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_snprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6521: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_snprintf=yes" else @@ -6503,12 +6541,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for vsnprintf""... $ac_c" 1>&6 -echo "configure:6507: checking for vsnprintf" >&5 +echo "configure:6545: checking for vsnprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_vsnprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6573: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_vsnprintf=yes" else @@ -6555,12 +6593,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for asprintf""... $ac_c" 1>&6 -echo "configure:6559: checking for asprintf" >&5 +echo "configure:6597: checking for asprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_asprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6625: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_asprintf=yes" else @@ -6607,12 +6645,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for vasprintf""... $ac_c" 1>&6 -echo "configure:6611: checking for vasprintf" >&5 +echo "configure:6649: checking for vasprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_vasprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6677: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_vasprintf=yes" else @@ -6663,12 +6701,12 @@ if test -n "$NEED_SNPRINTF"; then fi if test -z "$LIB_CRYPT"; then echo $ac_n "checking for crypt""... $ac_c" 1>&6 -echo "configure:6667: checking for crypt" >&5 +echo "configure:6705: checking for crypt" >&5 if eval "test \"`echo '$''{'ac_cv_func_crypt'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6733: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_crypt=yes" else @@ -6709,7 +6747,7 @@ if eval "test \"`echo '$ac_cv_func_'crypt`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6 -echo "configure:6713: checking for crypt in -lcrypt" >&5 +echo "configure:6751: checking for crypt in -lcrypt" >&5 if test -n ""; then ac_lib_var=`echo crypt'_'crypt | sed 'y% ./+-%___p_%'` else @@ -6721,7 +6759,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6774: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6751,7 +6789,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lcrypt_d""... $ac_c" 1>&6 -echo "configure:6755: checking for crypt in -lcrypt_d" >&5 +echo "configure:6793: checking for crypt in -lcrypt_d" >&5 if test -n ""; then ac_lib_var=`echo crypt_d'_'crypt | sed 'y% ./+-%___p_%'` else @@ -6763,7 +6801,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt_d $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6816: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6793,7 +6831,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lufc""... $ac_c" 1>&6 -echo "configure:6797: checking for crypt in -lufc" >&5 +echo "configure:6835: checking for crypt in -lufc" >&5 if test -n ""; then ac_lib_var=`echo ufc'_'crypt | sed 'y% ./+-%___p_%'` else @@ -6805,7 +6843,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lufc $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6858: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6844,12 +6882,12 @@ fi fi echo $ac_n "checking for socket""... $ac_c" 1>&6 -echo "configure:6848: checking for socket" >&5 +echo "configure:6886: checking for socket" >&5 if eval "test \"`echo '$''{'ac_cv_func_socket'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6914: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_socket=yes" else @@ -6890,7 +6928,7 @@ if eval "test \"`echo '$ac_cv_func_'socket`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 -echo "configure:6894: checking for socket in -lsocket" >&5 +echo "configure:6932: checking for socket in -lsocket" >&5 if test -n ""; then ac_lib_var=`echo socket'_'socket | sed 'y% ./+-%___p_%'` else @@ -6902,7 +6940,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6955: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6932,7 +6970,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6 -echo "configure:6936: checking for socket in -linet" >&5 +echo "configure:6974: checking for socket in -linet" >&5 if test -n ""; then ac_lib_var=`echo inet'_'socket | sed 'y% ./+-%___p_%'` else @@ -6944,7 +6982,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6997: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6975,7 +7013,7 @@ else echo "$ac_t""no" 1>&6 echo "configure: warning: unable to find socket() trying -lsocket -lnsl" 1>&2 echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 -echo "configure:6979: checking for socket in -lsocket" >&5 +echo "configure:7017: checking for socket in -lsocket" >&5 if test -n "-lnsl"; then ac_lib_var=`echo socket'_'socket-lnsl | sed 'y% ./+-%___p_%'` else @@ -6987,7 +7025,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket -lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7040: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7025,12 +7063,12 @@ fi fi echo $ac_n "checking for inet_addr""... $ac_c" 1>&6 -echo "configure:7029: checking for inet_addr" >&5 +echo "configure:7067: checking for inet_addr" >&5 if eval "test \"`echo '$''{'ac_cv_func_inet_addr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7095: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_inet_addr=yes" else @@ -7071,7 +7109,7 @@ if eval "test \"`echo '$ac_cv_func_'inet_addr`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for inet_addr in -lnsl""... $ac_c" 1>&6 -echo "configure:7075: checking for inet_addr in -lnsl" >&5 +echo "configure:7113: checking for inet_addr in -lnsl" >&5 if test -n ""; then ac_lib_var=`echo nsl'_'inet_addr | sed 'y% ./+-%___p_%'` else @@ -7083,7 +7121,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7136: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7113,7 +7151,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for inet_addr in -linet""... $ac_c" 1>&6 -echo "configure:7117: checking for inet_addr in -linet" >&5 +echo "configure:7155: checking for inet_addr in -linet" >&5 if test -n ""; then ac_lib_var=`echo inet'_'inet_addr | sed 'y% ./+-%___p_%'` else @@ -7125,7 +7163,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7178: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7156,7 +7194,7 @@ else echo "$ac_t""no" 1>&6 echo "configure: warning: unable to find socket() trying -lsocket -lnsl" 1>&2 echo $ac_n "checking for inet_addr in -lsocket""... $ac_c" 1>&6 -echo "configure:7160: checking for inet_addr in -lsocket" >&5 +echo "configure:7198: checking for inet_addr in -lsocket" >&5 if test -n "-lnsl"; then ac_lib_var=`echo socket'_'inet_addr-lnsl | sed 'y% ./+-%___p_%'` else @@ -7168,7 +7206,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket -lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7221: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7206,12 +7244,12 @@ fi fi echo $ac_n "checking for syslog""... $ac_c" 1>&6 -echo "configure:7210: checking for syslog" >&5 +echo "configure:7248: checking for syslog" >&5 if eval "test \"`echo '$''{'ac_cv_func_syslog'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7276: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_syslog=yes" else @@ -7252,7 +7290,7 @@ if eval "test \"`echo '$ac_cv_func_'syslog`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for syslog in -lsocket""... $ac_c" 1>&6 -echo "configure:7256: checking for syslog in -lsocket" >&5 +echo "configure:7294: checking for syslog in -lsocket" >&5 if test -n ""; then ac_lib_var=`echo socket'_'syslog | sed 'y% ./+-%___p_%'` else @@ -7264,7 +7302,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7317: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7294,7 +7332,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for syslog in -lnsl""... $ac_c" 1>&6 -echo "configure:7298: checking for syslog in -lnsl" >&5 +echo "configure:7336: checking for syslog in -lnsl" >&5 if test -n ""; then ac_lib_var=`echo nsl'_'syslog | sed 'y% ./+-%___p_%'` else @@ -7306,7 +7344,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7359: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7336,7 +7374,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for syslog in -linet""... $ac_c" 1>&6 -echo "configure:7340: checking for syslog in -linet" >&5 +echo "configure:7378: checking for syslog in -linet" >&5 if test -n ""; then ac_lib_var=`echo inet'_'syslog | sed 'y% ./+-%___p_%'` else @@ -7348,7 +7386,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7401: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7389,19 +7427,19 @@ if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works # for constant arguments. Useless! echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6 -echo "configure:7393: checking for working alloca.h" >&5 +echo "configure:7431: checking for working alloca.h" >&5 if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { char *p = alloca(2 * sizeof(int)); ; return 0; } EOF -if { (eval echo configure:7405: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7443: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_header_alloca_h=yes else @@ -7422,12 +7460,12 @@ EOF fi echo $ac_n "checking for alloca""... $ac_c" 1>&6 -echo "configure:7426: checking for alloca" >&5 +echo "configure:7464: checking for alloca" >&5 if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7492: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_func_alloca_works=yes else @@ -7482,12 +7520,12 @@ EOF echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6 -echo "configure:7486: checking whether alloca needs Cray hooks" >&5 +echo "configure:7524: checking whether alloca needs Cray hooks" >&5 if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&6 if test $ac_cv_os_cray = yes; then for ac_func in _getb67 GETB67 getb67; do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7516: checking for $ac_func" >&5 +echo "configure:7554: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7582: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -7567,7 +7605,7 @@ done fi echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6 -echo "configure:7571: checking stack direction for C alloca" >&5 +echo "configure:7609: checking stack direction for C alloca" >&5 if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7575,7 +7613,7 @@ else ac_cv_c_stack_direction=0 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then ac_cv_c_stack_direction=1 else @@ -7648,21 +7686,21 @@ fi if test "$with_pam" = "yes"; then echo $ac_n "checking for -ldl""... $ac_c" 1>&6 -echo "configure:7652: checking for -ldl" >&5 +echo "configure:7690: checking for -ldl" >&5 if eval "test \"`echo '$''{'ac_cv_lib_dl'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-ldl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7704: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_lib_dl=yes else @@ -7712,21 +7750,21 @@ EOF fi echo $ac_n "checking for -ldes""... $ac_c" 1>&6 -echo "configure:7716: checking for -ldes" >&5 +echo "configure:7754: checking for -ldes" >&5 if eval "test \"`echo '$''{'ac_cv_lib_des'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-ldes $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7768: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_lib_des=yes else @@ -7854,7 +7892,7 @@ if test "$with_authenticate" = "yes"; then fi echo $ac_n "checking for log file location""... $ac_c" 1>&6 -echo "configure:7858: checking for log file location" >&5 +echo "configure:7896: checking for log file location" >&5 if test -n "$with_logpath"; then echo "$ac_t""$with_logpath" 1>&6 cat >> confdefs.h <&6 -echo "configure:7888: checking for timestamp file location" >&5 +echo "configure:7926: checking for timestamp file location" >&5 if test -n "$with_timedir"; then echo "$ac_t""$with_timedir" 1>&6 cat >> confdefs.h <&6 cat >> confdefs.h <<\EOF #define _PATH_SUDO_TIMEDIR "/var/run/sudo" EOF -elif test -d "/tmp"; then + TIMEDIR="/var/run/sudo" +else echo "$ac_t""/tmp/.odus" 1>&6 cat >> confdefs.h <<\EOF #define _PATH_SUDO_TIMEDIR "/tmp/.odus" EOF -else - echo "$ac_t""unknown" 1>&6 + TIMEDIR="/tmp/.odus" fi @@ -8038,7 +8077,7 @@ done ac_given_srcdir=$srcdir -trap 'rm -fr `echo "Makefile config.h pathnames.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 +trap 'rm -fr `echo "Makefile sudo.man visudo.man sudoers.man config.h pathnames.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then diff --git a/configure.in b/configure.in index c381071e4..d31ed1d70 100644 --- a/configure.in +++ b/configure.in @@ -30,7 +30,10 @@ AC_SUBST(MAN_POSTINSTALL)dnl AC_SUBST(SUDOERS_MODE)dnl AC_SUBST(SUDOERS_UID)dnl AC_SUBST(SUDOERS_GID)dnl +AC_SUBST(TIMEDIR) AC_SUBST(DEV) +AC_SUBST(mansectsu) +AC_SUBST(mansectform) dnl dnl Initial values for Makefile variables listed above dnl Some may be overridden by environment variables.. @@ -1023,6 +1026,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lucb" fi + mansectsu=1m + mansectform=4 ;; *-*-aix*) # To get all prototypes (so we pass -Wall) @@ -1035,6 +1040,8 @@ case "$host" in AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"; SECUREWARE=1])) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux1[[0-9]]*) # uncomment this for a statically linked sudo @@ -1070,6 +1077,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux9*) # uncomment this for a statically linked sudo @@ -1115,6 +1124,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux*) @@ -1131,6 +1142,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-dec-osf*) # ignore envariables wrt dynamic lib path @@ -1213,6 +1226,8 @@ case "$host" in if test "$OSREV" -le 4; then AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"]) fi + mansectsu=1m + mansectform=4 ;; *-*-linux*) # To get crypt(3) and vasprintf() prototypes (so we pass -Wall) @@ -1246,6 +1261,8 @@ case "$host" in LIBS="${LIBS} -lsun -lbsd" CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd" OSDEFS="${OSDEFS} -D_MIPS" + mansectsu=1m + mansectform=4 ;; *-*-isc*) OSDEFS="${OSDEFS} -D_ISC" @@ -1257,6 +1274,8 @@ case "$host" in AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"]) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-sco*) if test "$CHECKSHADOW" = "true"; then @@ -1264,16 +1283,22 @@ case "$host" in AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"]) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-sequent-sysv*) if test "$CHECKSHADOW" = "true"; then AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"]) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-ccur-sysv4|*-ccur-sysvr4) LIBS="${LIBS} -lgen" SUDO_LIBS="${SUDO_LIBS} -lgen" + mansectsu=1m + mansectform=4 ;; *-*-bsdi*) # Use shlicc for BSD/OS 2.x unless asked to do otherwise @@ -1283,19 +1308,35 @@ case "$host" in ac_cv_prog_CC=shlicc CC="$ac_cv_prog_CC" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-freebsd*) if test "$with_skey" = "yes"; then SUDO_LIBS="${SUDO_LIBS} -lmd" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-*bsd*) if test "$CHECKSHADOW" = "true"; then CHECKSHADOW="false" fi ;; + *-*-sysv*) + mansectsu=1m + mansectform=4 + ;; esac +dnl +dnl Use BSD-style man sections by default +dnl +test -n "$mansectsu" || mansectsu=8 +test -n "$mansectform" || mansectform=5 + dnl dnl Check for shadow password routines if we have not already done so. dnl We check for SVR4-style first and then SecureWare-style. @@ -1655,9 +1696,9 @@ dnl test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)' dnl -dnl Substitute into the Makefiles +dnl Substitute into the Makefile and man pages dnl -AC_OUTPUT(Makefile) +AC_OUTPUT([Makefile sudo.man visudo.man sudoers.man]) dnl dnl Spew any text the user needs to know about diff --git a/sudo.cat b/sudo.cat index 99cde97ef..663e6ac8f 100644 --- a/sudo.cat +++ b/sudo.cat @@ -9,7 +9,8 @@ NNNNAAAAMMMMEEEE SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS ssssuuuuddddoooo ----VVVV | ----hhhh | ----llll | ----LLLL | ----vvvv | ----kkkk | ----KKKK | ----ssss | [ ----HHHH ] [----SSSS ] - [ ----bbbb ] | [ ----pppp prompt ] [ ----uuuu username/#uid ] _c_o_m_m_a_n_d + [ ----bbbb ] | [ ----pppp prompt ] [ ----cccc class|- ] [ ----uuuu username/#uid ] + _c_o_m_m_a_n_d DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN ssssuuuuddddoooo allows a permitted user to execute a _c_o_m_m_a_n_d as the @@ -60,8 +61,7 @@ OOOOPPPPTTTTIIIIOOOONNNNSSSS - -26/Feb/2000 1.6.3 1 +22/Mar/2000 1.6.3 1 @@ -102,7 +102,21 @@ sudo(8) MAINTENANCE COMMANDS sudo(8) replaced with the user's login name. Similarly, %h will be replaced with the local hostname. - -u The -u (_u_s_e_r) option causes sudo to run the specified + -c The -c (_c_l_a_s_s) option causes ssssuuuuddddoooo to run the specified + command with resources limited by the specified login + class. The _c_l_a_s_s argument can be either a class name + as defined in /etc/login.conf, or a single '-' + character. Specifying the _c_l_a_s_s as '-' means that the + command should be run restricted by the default login + capibilities of the user the command is run as. If + the _c_l_a_s_s argument specifies an existing user class, + the command must be run as root, or the ssssuuuuddddoooo command + must be run from a shell that is already root. This + option is only available on systems with BSD login + classes where ssssuuuuddddoooo has been configured with the + --with-logincap option. + + -u The -u (_u_s_e_r) option causes ssssuuuuddddoooo to run the specified command as a user other than _r_o_o_t. To specify a _u_i_d instead of a _u_s_e_r_n_a_m_e, use "#uid". @@ -110,6 +124,18 @@ sudo(8) MAINTENANCE COMMANDS sudo(8) _S_H_E_L_L environment variable if it is set or the shell as specified in _p_a_s_s_w_d(5). + + + +22/Mar/2000 1.6.3 2 + + + + + +sudo(8) MAINTENANCE COMMANDS sudo(8) + + -H The -H (_H_O_M_E) option sets the _H_O_M_E environment variable to the homedir of the target user (root by default) as specified in _p_a_s_s_w_d(5). By default, ssssuuuuddddoooo @@ -124,18 +150,6 @@ sudo(8) MAINTENANCE COMMANDS sudo(8) RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEESSSS ssssuuuuddddoooo quits with an exit value of 1 if there is a - - - -26/Feb/2000 1.6.3 2 - - - - - -sudo(8) MAINTENANCE COMMANDS sudo(8) - - configuration/permission problem or if ssssuuuuddddoooo cannot execute the given command. In the latter case the error string is printed to stderr. If ssssuuuuddddoooo cannot _s_t_a_t(2) one or more @@ -173,27 +187,13 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE statically. ssssuuuuddddoooo will check the ownership of its timestamp directory - (_/_v_a_r_/_r_u_n_/_s_u_d_o or _/_t_m_p_/_._o_d_u_s by default) and ignore the - directory's contents if it is not owned by root and only - writable by root. On systems that allow non-root users to - give away files via _c_h_o_w_n(2), if the timestamp directory - is located in a directory writable by anyone (ie: _/_t_m_p), - it is possible for a user to create the timestamp - directory before ssssuuuuddddoooo is run. However, because ssssuuuuddddoooo - checks the ownership and mode of the directory and its - contents, the only damage that can be done is to "hide" - files by putting them in the timestamp dir. This is - unlikely to happen since once the timestamp dir is owned - by root and inaccessible by any other user the user - placing files there would be unable to get them back out. - To get around this issue you can use a directory that is - not world-writable for the timestamps (_/_v_a_r_/_a_d_m_/_s_u_d_o for - instance) or create /tmp/.odus with the appropriate owner - (root) and permissions (0700) in the system startup files. + (_/_v_a_r_/_r_u_n_/_s_u_d_o by default) and ignore the directory's + contents if it is not owned by root and only writable by + root. On systems that allow non-root users to give away -26/Feb/2000 1.6.3 3 +22/Mar/2000 1.6.3 3 @@ -202,6 +202,21 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE sudo(8) MAINTENANCE COMMANDS sudo(8) + files via _c_h_o_w_n(2), if the timestamp directory is located + in a directory writable by anyone (eg: _/_t_m_p), it is + possible for a user to create the timestamp directory + before ssssuuuuddddoooo is run. However, because ssssuuuuddddoooo checks the + ownership and mode of the directory and its contents, the + only damage that can be done is to "hide" files by putting + them in the timestamp dir. This is unlikely to happen + since once the timestamp dir is owned by root and + inaccessible by any other user the user placing files + there would be unable to get them back out. To get around + this issue you can use a directory that is not world- + writable for the timestamps (_/_v_a_r_/_a_d_m_/_s_u_d_o for instance) + or create _/_v_a_r_/_r_u_n_/_s_u_d_o with the appropriate owner (root) + and permissions (0700) in the system startup files. + ssssuuuuddddoooo will not honor timestamps set far in the future. Timestamps with a date greater than current_time + 2 * TIMEOUT will be ignored and sudo will log and complain. @@ -241,25 +256,10 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT ssssuuuuddddoooo utilizes the following environment variables: - PATH Set to a sane value if SECURE_PATH is set - SHELL Used to determine shell to run with -s option - USER Set to the target user (root unless the -u option - is specified) - HOME In -s or -H mode (or if sudo was configured with - the --enable-shell-sets-home option), set to - homedir of the target user. - SUDO_PROMPT Used as the default password prompt - SUDO_COMMAND Set to the command run by sudo - SUDO_USER Set to the login of the user who invoked sudo - SUDO_UID Set to the uid of the user who invoked sudo - SUDO_GID Set to the gid of the user who invoked sudo - SUDO_PS1 If set, PS1 will be set to its value - - -26/Feb/2000 1.6.3 4 +22/Mar/2000 1.6.3 4 @@ -268,12 +268,6 @@ EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT sudo(8) MAINTENANCE COMMANDS sudo(8) -FFFFIIIILLLLEEEESSSS - /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - - ssssuuuuddddoooo utilizes the following environment variables: - PATH Set to a sane value if SECURE_PATH is set SHELL Used to determine shell to run with -s option USER Set to the target user (root unless the -u option @@ -291,8 +285,7 @@ FFFFIIIILLLLEEEESSSS FFFFIIIILLLLEEEESSSS /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - /tmp/.odus Same as above if no /var/run exists + /var/run/sudo Directory containing timestamps AAAAUUUUTTTTHHHHOOOORRRRSSSS @@ -322,10 +315,17 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS escapes. If users have sudo ALL there is nothing to prevent them + from creating their own program that gives them a root + shell regardless of any '!' elements in the user + specification. + + Running shell scripts via ssssuuuuddddoooo can expose the same kernel + bugs that make setuid shell scripts unsafe on some + operating systems (if your OS supports the /dev/fd/ -26/Feb/2000 1.6.3 5 +22/Mar/2000 1.6.3 5 @@ -334,17 +334,17 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS sudo(8) MAINTENANCE COMMANDS sudo(8) - from creating their own program that gives them a root - shell regardless of any '!' elements in the user - specification. - - Running shell scripts via ssssuuuuddddoooo can expose the same kernel - bugs that make setuid shell scripts unsafe on some - operating systems (if your OS supports the /dev/fd/ directory, setuid shell scripts are generally safe). SSSSEEEEEEEE AAAALLLLSSSSOOOO - _s_u_d_o_e_r_s(5), _v_i_s_u_d_o(8), _s_u(1). + _l_o_g_i_n___c_a_p(3), _s_u_d_o_e_r_s(5), _v_i_s_u_d_o(8), _s_u(1). + + + + + + + @@ -391,6 +391,6 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO -26/Feb/2000 1.6.3 6 +22/Mar/2000 1.6.3 6 diff --git a/sudo.man.in b/sudo.man.in index c45b76d3b..4a22bb9d1 100644 --- a/sudo.man.in +++ b/sudo.man.in @@ -2,8 +2,12 @@ ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ -''' Revision 1.1 2000/03/23 00:17:29 millert -''' configure does substitution on these to produce *.man +''' Revision 1.2 2000/03/23 00:35:58 millert +''' Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from +''' Michael D. Marchionna. +''' configure now does substitution on the man pages, allowing us to +''' fix up the paths and set the section correctly. Based on an idea +''' from Michael D. Marchionna. ''' ''' .de Sh @@ -96,7 +100,7 @@ .nr % 0 .rr F .\} -.TH sudo.pod.in @mansectsu@ "1.6.3" "22/Mar/2000" "MAINTENANCE COMMANDS" +.TH sudo @mansectsu@ "1.6.3" "22/Mar/2000" "MAINTENANCE COMMANDS" .UC .if n .hy 0 .if n .na @@ -327,22 +331,22 @@ not disable user-defined library search paths for setuid programs (most do), you should either use a linker option that disables this behavior or link \fBsudo\fR statically. .PP -\fBsudo\fR will check the ownership of its timestamp directory (\fI@TIMEDIR@\fR) -and ignore the directory's contents if it is not owned by root and -only writable by root. On systems that allow non-root users to -give away files via \fIchown\fR\|(2), if the timestamp directory is located -in a directory writable by anyone (eg: \fI/tmp\fR), it is possible for -a user to create the timestamp directory before \fBsudo\fR is run. -However, because \fBsudo\fR checks the ownership and mode of the -directory and its contents, the only damage that can be done is to -\*(L"hide\*(R" files by putting them in the timestamp dir. This is unlikely -to happen since once the timestamp dir is owned by root and -inaccessible by any other user the user placing files there would -be unable to get them back out. To get around this issue you can -use a directory that is not world-writable for the timestamps -(\fI/var/adm/sudo\fR for instance) or create \fI@TIMEDIR@\fR with the -appropriate owner (root) and permissions (0700) in the system startup -files. +\fBsudo\fR will check the ownership of its timestamp directory +(\fI@TIMEDIR@\fR by default) and ignore the directory's contents if +it is not owned by root and only writable by root. On systems that +allow non-root users to give away files via \fIchown\fR\|(2), if the timestamp +directory is located in a directory writable by anyone (eg: \fI/tmp\fR), +it is possible for a user to create the timestamp directory before +\fBsudo\fR is run. However, because \fBsudo\fR checks the ownership and +mode of the directory and its contents, the only damage that can +be done is to \*(L"hide\*(R" files by putting them in the timestamp dir. +This is unlikely to happen since once the timestamp dir is owned +by root and inaccessible by any other user the user placing files +there would be unable to get them back out. To get around this +issue you can use a directory that is not world-writable for the +timestamps (\fI/var/adm/sudo\fR for instance) or create \fI@TIMEDIR@\fR +with the appropriate owner (root) and permissions (0700) in the +system startup files. .PP \fBsudo\fR will not honor timestamps set far in the future. Timestamps with a date greater than current_time + 2 * \f(CWTIMEOUT\fR @@ -438,7 +442,7 @@ are generally safe). \fIlogin_cap\fR\|(3), \fIsudoers\fR\|(5), \fIvisudo\fR\|(8), \fIsu\fR\|(1). .rn }` '' -.IX Title "sudo.pod.in @mansectsu@" +.IX Title "sudo @mansectsu@" .IX Name "sudo - execute a command as another user" .IX Header "NAME" diff --git a/sudo.pod b/sudo.pod index 9169e8826..b29df316b 100644 --- a/sudo.pod +++ b/sudo.pod @@ -42,7 +42,7 @@ sudo - execute a command as another user =head1 SYNOPSIS B B<-V> | B<-h> | B<-l> | B<-L> | B<-v> | B<-k> | B<-K> | B<-s> | -[ B<-H> ] [B<-S> ] [ B<-b> ] | [ B<-p> prompt ] +[ B<-H> ] [B<-S> ] [ B<-b> ] | [ B<-p> prompt ] [ B<-c> class|- ] [ B<-u> username/#uid ] I =head1 DESCRIPTION @@ -59,7 +59,7 @@ user may then use sudo without a password for a short period of time (five minutes by default). B determines who is an authorized user by consulting the -file F. By giving B the C<-v> flag a user +file F<@sysconfdir@/sudoers>. By giving B the C<-v> flag a user can update the time stamp without running a I The password prompt itself will also time out if the user's password is not entered with N minutes (again, this is defined at configure @@ -137,9 +137,22 @@ contains the C<%u> escape, C<%u> will be replaced with the user's login name. Similarly, C<%h> will be replaced with the local hostname. +=item -c + +The C<-c> (I) option causes B to run the specified command +with resources limited by the specified login class. The I +argument can be either a class name as defined in /etc/login.conf, +or a single '-' character. Specifying the I as '-' means +that the command should be run restricted by the default login +capibilities of the user the command is run as. If the I +argument specifies an existing user class, the command must be run +as root, or the B command must be run from a shell that is already +root. This option is only available on systems with BSD login classes +where B has been configured with the --with-logincap option. + =item -u -The C<-u> (I) option causes sudo to run the specified command +The C<-u> (I) option causes B to run the specified command as a user other than I. To specify a I instead of a I, use "#uid". @@ -205,21 +218,21 @@ not disable user-defined library search paths for setuid programs behavior or link B statically. B will check the ownership of its timestamp directory -(F or F by default) and ignore the -directory's contents if it is not owned by root and only writable -by root. On systems that allow non-root users to give away files -via chown(2), if the timestamp directory is located in a directory -writable by anyone (ie: F), it is possible for a user to -create the timestamp directory before B is run. However, -because B checks the ownership and mode of the directory and -its contents, the only damage that can be done is to "hide" files -by putting them in the timestamp dir. This is unlikely to happen -since once the timestamp dir is owned by root and inaccessible by -any other user the user placing files there would be unable to get -them back out. To get around this issue you can use a directory -that is not world-writable for the timestamps (F for -instance) or create /tmp/.odus with the appropriate owner (root) -and permissions (0700) in the system startup files. +(F<@TIMEDIR@> by default) and ignore the directory's contents if +it is not owned by root and only writable by root. On systems that +allow non-root users to give away files via chown(2), if the timestamp +directory is located in a directory writable by anyone (eg: F), +it is possible for a user to create the timestamp directory before +B is run. However, because B checks the ownership and +mode of the directory and its contents, the only damage that can +be done is to "hide" files by putting them in the timestamp dir. +This is unlikely to happen since once the timestamp dir is owned +by root and inaccessible by any other user the user placing files +there would be unable to get them back out. To get around this +issue you can use a directory that is not world-writable for the +timestamps (F for instance) or create F<@TIMEDIR@> +with the appropriate owner (root) and permissions (0700) in the +system startup files. B will not honor timestamps set far in the future. Timestamps with a date greater than current_time + 2 * C @@ -274,30 +287,8 @@ B utilizes the following environment variables: =head1 FILES - /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - -B utilizes the following environment variables: - - PATH Set to a sane value if SECURE_PATH is set - SHELL Used to determine shell to run with -s option - USER Set to the target user (root unless the -u option - is specified) - HOME In -s or -H mode (or if sudo was configured with - the --enable-shell-sets-home option), set to - homedir of the target user. - SUDO_PROMPT Used as the default password prompt - SUDO_COMMAND Set to the command run by sudo - SUDO_USER Set to the login of the user who invoked sudo - SUDO_UID Set to the uid of the user who invoked sudo - SUDO_GID Set to the gid of the user who invoked sudo - SUDO_PS1 If set, PS1 will be set to its value - -=head1 FILES - - /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - /tmp/.odus Same as above if no /var/run exists + @sysconfdir@/sudoers List of who can run what + @TIMEDIR@ Directory containing timestamps =head1 AUTHORS @@ -338,4 +329,4 @@ are generally safe). =head1 SEE ALSO -sudoers(5), visudo(8), su(1). +login_cap(3), sudoers(5), visudo(8), su(1). diff --git a/sudoers.cat b/sudoers.cat index 9e7533a87..a98a5db2c 100644 --- a/sudoers.cat +++ b/sudoers.cat @@ -61,7 +61,7 @@ DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN -18/Feb/2000 1.6.3 1 +22/Mar/2000 1.6.3 1 @@ -127,7 +127,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 2 +22/Mar/2000 1.6.3 2 @@ -193,7 +193,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 3 +22/Mar/2000 1.6.3 3 @@ -259,7 +259,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 4 +22/Mar/2000 1.6.3 4 @@ -325,7 +325,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 5 +22/Mar/2000 1.6.3 5 @@ -391,7 +391,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 6 +22/Mar/2000 1.6.3 6 @@ -405,6 +405,12 @@ sudoers(5) FILE FORMATS sudoers(5) root) instead of the password of the invoking user. + use_loginclass + If set, sudo will apply the defaults specified + for the target user's login class if one + exists. Only available if sudo is configured + with the --with-logincap option. + IIIInnnntttteeeeggggeeeerrrrssss: passwd_tries @@ -448,16 +454,10 @@ sudoers(5) FILE FORMATS sudoers(5) incorrect password. The default is "Sorry, try again." unless insults are enabled. - timestampdir - The directory in which ssssuuuuddddoooo stores its - timestamp files. The default is either - /var/run/sudo or /tmp/sudo. - - -18/Feb/2000 1.6.3 7 +22/Mar/2000 1.6.3 7 @@ -466,6 +466,10 @@ sudoers(5) FILE FORMATS sudoers(5) sudoers(5) FILE FORMATS sudoers(5) + timestampdir + The directory in which ssssuuuuddddoooo stores its + timestamp files. The default is _@_T_I_M_E_D_I_R_@. + passprompt The default prompt to use when asking for a password; can be overridden via the -p option or the SUDO_PROMPT environment variable. @@ -492,6 +496,10 @@ sudoers(5) FILE FORMATS sudoers(5) SSSSttttrrrriiiinnnnggggssss tttthhhhaaaatttt ccccaaaannnn bbbbeeee uuuusssseeeedddd iiiinnnn aaaa bbbboooooooolllleeeeaaaannnn ccccoooonnnntttteeeexxxxtttt: + logfile Path to the sudo log file (not the syslog log + file). Setting a path turns on logging to a + file, negating this option turns it off. + syslog Syslog facility if syslog is being used for logging (negate to disable syslog logging). Defaults to "local2". @@ -511,19 +519,11 @@ sudoers(5) FILE FORMATS sudoers(5) and PATH requirements. This is not set by default. - secure_path Path used for every command run from ssssuuuuddddoooo. If - you don't trust the people running sudo to - have a sane PATH environment variable you may - want to use this. Another use is if you want - to have the "root path" be separate from the - "user path." This is not set by default. - verifypw This option controls when a password will be - required when a user runs sudo with the ----vvvv. -18/Feb/2000 1.6.3 8 +22/Mar/2000 1.6.3 8 @@ -532,6 +532,15 @@ sudoers(5) FILE FORMATS sudoers(5) sudoers(5) FILE FORMATS sudoers(5) + secure_path Path used for every command run from ssssuuuuddddoooo. If + you don't trust the people running sudo to + have a sane PATH environment variable you may + want to use this. Another use is if you want + to have the "root path" be separate from the + "user path." This is not set by default. + + verifypw This option controls when a password will be + required when a user runs sudo with the ----vvvv. It has the following possible values: all All the user's I entries for the @@ -577,26 +586,26 @@ sudoers(5) FILE FORMATS sudoers(5) Parameter): aaaauuuutttthhhhpppprrrriiiivvvv (if your OS supports it), aaaauuuutttthhhh, ddddaaaaeeeemmmmoooonnnn, uuuusssseeeerrrr, llllooooccccaaaallll0000, llllooooccccaaaallll1111, llllooooccccaaaallll2222, llllooooccccaaaallll3333, llllooooccccaaaallll4444, llllooooccccaaaallll5555, llllooooccccaaaallll6666, and llllooooccccaaaallll7777. The following syslog - priorities are supported: aaaalllleeeerrrrtttt, ccccrrrriiiitttt, ddddeeeebbbbuuuugggg, eeeemmmmeeeerrrrgggg, eeeerrrrrrrr, - iiiinnnnffffoooo, nnnnoooottttiiiicccceeee, and wwwwaaaarrrrnnnniiiinnnngggg. - UUUUsssseeeerrrr SSSSppppeeeecccciiiiffffiiiiccccaaaattttiiiioooonnnn - User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \ - (':' User_Spec)* +22/Mar/2000 1.6.3 9 -18/Feb/2000 1.6.3 9 +sudoers(5) FILE FORMATS sudoers(5) + priorities are supported: aaaalllleeeerrrrtttt, ccccrrrriiiitttt, ddddeeeebbbbuuuugggg, eeeemmmmeeeerrrrgggg, eeeerrrrrrrr, + iiiinnnnffffoooo, nnnnoooottttiiiicccceeee, and wwwwaaaarrrrnnnniiiinnnngggg. + UUUUsssseeeerrrr SSSSppppeeeecccciiiiffffiiiiccccaaaattttiiiioooonnnn -sudoers(5) FILE FORMATS sudoers(5) + User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \ + (':' User_Spec)* Cmnd_Spec_List ::= Cmnd_Spec | Cmnd_Spec ',' Cmnd_Spec_List @@ -643,26 +652,27 @@ sudoers(5) FILE FORMATS sudoers(5) modified via the NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for the commands that follow it in the Cmnd_Spec_List. Conversely, the PASSWD tag can - be used to reverse things. For example: - ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm - would allow the user rrrraaaayyyy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and - _/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rrrrooooooootttt - without authenticating himself. If we only want rrrraaaayyyy to be - able to run _/_b_i_n_/_k_i_l_l without a password the entry would - be: +22/Mar/2000 1.6.3 10 -18/Feb/2000 1.6.3 10 +sudoers(5) FILE FORMATS sudoers(5) -sudoers(5) FILE FORMATS sudoers(5) + be used to reverse things. For example: + + ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm + would allow the user rrrraaaayyyy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and + _/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rrrrooooooootttt + without authenticating himself. If we only want rrrraaaayyyy to be + able to run _/_b_i_n_/_k_i_l_l without a password the entry would + be: ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm @@ -705,23 +715,13 @@ sudoers(5) FILE FORMATS sudoers(5) match /usr/bin/who but not /usr/bin/X11/xterm. - EEEExxxxcccceeeeppppttttiiiioooonnnnssss ttttoooo wwwwiiiillllddddccccaaaarrrrdddd rrrruuuulllleeeessss:::: - The following exceptions apply to the above rules: - "" If the empty string "" is the only command line - argument in the _s_u_d_o_e_r_s entry it means that - command is not allowed to be run with aaaannnnyyyy - arguments. - OOOOtttthhhheeeerrrr ssssppppeeeecccciiiiaaaallll cccchhhhaaaarrrraaaacccctttteeeerrrrssss aaaannnndddd rrrreeeesssseeeerrrrvvvveeeedddd wwwwoooorrrrddddssss:::: - The pound sign ('#') is used to indicate a comment (unless - it occurs in the context of a user name and is followed by - -18/Feb/2000 1.6.3 11 +22/Mar/2000 1.6.3 11 @@ -730,6 +730,19 @@ sudoers(5) FILE FORMATS sudoers(5) sudoers(5) FILE FORMATS sudoers(5) + EEEExxxxcccceeeeppppttttiiiioooonnnnssss ttttoooo wwwwiiiillllddddccccaaaarrrrdddd rrrruuuulllleeeessss:::: + + The following exceptions apply to the above rules: + + "" If the empty string "" is the only command line + argument in the _s_u_d_o_e_r_s entry it means that + command is not allowed to be run with aaaannnnyyyy + arguments. + + OOOOtttthhhheeeerrrr ssssppppeeeecccciiiiaaaallll cccchhhhaaaarrrraaaacccctttteeeerrrrssss aaaannnndddd rrrreeeesssseeeerrrrvvvveeeedddd wwwwoooorrrrddddssss:::: + + The pound sign ('#') is used to indicate a comment (unless + it occurs in the context of a user name and is followed by one or more digits, in which case it is treated as a uid). Both the comment character and any text after it, up to the end of the line, are ignored. @@ -770,6 +783,19 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS User_Alias PARTTIMERS = bostley, jwfox, crawl User_Alias WEBMASTERS = will, wendy, wim + + + + +22/Mar/2000 1.6.3 12 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + # Runas alias specification Runas_Alias OP = root, operator Runas_Alias DB = oracle, sybase @@ -784,18 +810,6 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS Host_Alias SERVERS = master, mail, www, ns Host_Alias CDROM = orion, perseus, hercules - - - -18/Feb/2000 1.6.3 12 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - # Cmnd alias specification Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ /usr/sbin/restore, /usr/sbin/rrestore @@ -836,32 +850,32 @@ sudoers(5) FILE FORMATS sudoers(5) FULLTIMERS ALL = NOPASSWD: ALL Full time sysadmins (mmmmiiiilllllllleeeerrrrtttt, mmmmiiiikkkkeeeeffff, and ddddoooowwwwddddyyyy) may run - any command on any host without authenticating themselves. - PARTTIMERS ALL = ALL - Part time sysadmins (bbbboooossssttttlllleeeeyyyy, jjjjwwwwffffooooxxxx, and ccccrrrraaaawwwwllll) may run - any command on any host but they must authenticate - themselves first (since the entry lacks the NOPASSWD tag). - jack CSNETS = ALL +22/Mar/2000 1.6.3 13 - The user jjjjaaaacccckkkk may run any command on the machines in the - _C_S_N_E_T_S alias (the networks 128.138.243.0, 128.138.204.0, - and 128.138.242.0). Of those networks, only - <128.138.204.0> has an explicit netmask (in CIDR notation) -18/Feb/2000 1.6.3 13 +sudoers(5) FILE FORMATS sudoers(5) + any command on any host without authenticating themselves. + PARTTIMERS ALL = ALL -sudoers(5) FILE FORMATS sudoers(5) + Part time sysadmins (bbbboooossssttttlllleeeeyyyy, jjjjwwwwffffooooxxxx, and ccccrrrraaaawwwwllll) may run + any command on any host but they must authenticate + themselves first (since the entry lacks the NOPASSWD tag). + jack CSNETS = ALL + The user jjjjaaaacccckkkk may run any command on the machines in the + _C_S_N_E_T_S alias (the networks 128.138.243.0, 128.138.204.0, + and 128.138.242.0). Of those networks, only + <128.138.204.0> has an explicit netmask (in CIDR notation) indicating it is a class C network. For the other networks in _C_S_N_E_T_S, the local machine's netmask will be used during matching. @@ -902,32 +916,32 @@ sudoers(5) FILE FORMATS sudoers(5) netgroup. SSSSuuuuddddoooo knows that "biglab" is a netgroup due to the '+' prefix. - +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser - Users in the sssseeeeccccrrrreeeettttaaaarrrriiiieeeessss netgroup need to help manage the - printers as well as add and remove users, so they are - allowed to run those commands on all machines. - fred ALL = (DB) NOPASSWD: ALL - The user ffffrrrreeeedddd can run commands as any user in the _D_B - Runas_Alias (oooorrrraaaacccclllleeee or ssssyyyybbbbaaaasssseeee) without giving a password. +22/Mar/2000 1.6.3 14 - john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* - On the _A_L_P_H_A machines, user jjjjoooohhhhnnnn may su to anyone except -18/Feb/2000 1.6.3 14 +sudoers(5) FILE FORMATS sudoers(5) + +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser + Users in the sssseeeeccccrrrreeeettttaaaarrrriiiieeeessss netgroup need to help manage the + printers as well as add and remove users, so they are + allowed to run those commands on all machines. + fred ALL = (DB) NOPASSWD: ALL -sudoers(5) FILE FORMATS sudoers(5) + The user ffffrrrreeeedddd can run commands as any user in the _D_B + Runas_Alias (oooorrrraaaacccclllleeee or ssssyyyybbbbaaaasssseeee) without giving a password. + john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* + On the _A_L_P_H_A machines, user jjjjoooohhhhnnnn may su to anyone except root but he is not allowed to give _s_u(1) any flags. jen ALL, !SERVERS = ALL @@ -967,6 +981,19 @@ sudoers(5) FILE FORMATS sudoers(5) type, so it is a prime candiate for encapsulating in a shell script. + + + + +22/Mar/2000 1.6.3 15 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTEEEESSSS It is generally not effective to "subtract" commands from ALL using the '!' operator. A user can trivially @@ -982,18 +1009,6 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE restrictions should be considered advisory at best (and reinforced by policy). - - - -18/Feb/2000 1.6.3 15 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - CCCCAAAAVVVVEEEEAAAATTTTSSSS The _s_u_d_o_e_r_s file should aaaallllwwwwaaaayyyyssss be edited by the vvvviiiissssuuuuddddoooo command which locks the file and does grammatical @@ -1036,22 +1051,7 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO - - - - - - - - - - - - - - - -18/Feb/2000 1.6.3 16 +22/Mar/2000 1.6.3 16 @@ -1117,6 +1117,6 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 17 +22/Mar/2000 1.6.3 17 diff --git a/sudoers.man.in b/sudoers.man.in index 79d1279f8..9697a2caf 100644 --- a/sudoers.man.in +++ b/sudoers.man.in @@ -2,8 +2,12 @@ ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ -''' Revision 1.1 2000/03/23 00:17:29 millert -''' configure does substitution on these to produce *.man +''' Revision 1.2 2000/03/23 00:35:59 millert +''' Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from +''' Michael D. Marchionna. +''' configure now does substitution on the man pages, allowing us to +''' fix up the paths and set the section correctly. Based on an idea +''' from Michael D. Marchionna. ''' ''' .de Sh @@ -96,7 +100,7 @@ .nr % 0 .rr F .\} -.TH sudoers.pod.in @mansectform@ "1.6.3" "22/Mar/2000" "FILE FORMATS" +.TH sudoers @mansectform@ "1.6.3" "22/Mar/2000" "FILE FORMATS" .UC .if n .hy 0 .if n .na @@ -970,7 +974,7 @@ as returned by the \f(CWhostname\fR command or use the \fIfqdn\fR option in \fIsudo\fR\|(8), \fIvisudo\fR\|(8), \fIsu\fR\|(1), \fIfnmatch\fR\|(3). .rn }` '' -.IX Title "sudoers.pod.in @mansectform@" +.IX Title "sudoers @mansectform@" .IX Name "sudoers - list of which users may execute what" .IX Header "NAME" diff --git a/sudoers.pod b/sudoers.pod index ef2cd72f0..c0b0f4b2a 100644 --- a/sudoers.pod +++ b/sudoers.pod @@ -370,6 +370,12 @@ If set, sudo will prompt for the password of the user specified by the C<-u> flag (defaults to root) instead of the password of the invoking user. +=item use_loginclass + +If set, sudo will apply the defaults specified for the target user's +login class if one exists. Only available if sudo is configured with +the --with-logincap option. + =back B: @@ -429,7 +435,7 @@ The default is "Sorry, try again." unless insults are enabled. =item timestampdir The directory in which B stores its timestamp files. -The default is either C or C. +The default is F<@TIMEDIR@>. =item passprompt @@ -464,6 +470,11 @@ B: =over 12 +=item logfile + +Path to the sudo log file (not the syslog log file). Setting a path +turns on logging to a file, negating this option turns it off. + =item syslog Syslog facility if syslog is being used for logging (negate to @@ -898,7 +909,7 @@ I. =head1 FILES - /etc/sudoers List of who can run what + @sysconfdir@/sudoers List of who can run what /etc/group Local groups file /etc/netgroup List of network groups diff --git a/visudo.cat b/visudo.cat index 1388512dd..5bab121ad 100644 --- a/visudo.cat +++ b/visudo.cat @@ -55,13 +55,13 @@ EEEERRRRRRRROOOORRRRSSSS sudoers file busy, try again later. Someone else is currently editing the _s_u_d_o_e_r_s file. - /etc/sudoers.tmp: Permission denied + @sysconf@/sudoers.tmp: Permission denied You didn't run vvvviiiissssuuuuddddoooo as root. -15/Feb/2000 1.6.3 1 +22/Mar/2000 1.6.3 1 @@ -91,8 +91,8 @@ EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT FFFFIIIILLLLEEEESSSS - /etc/sudoers List of who can run what - /etc/sudoers.tmp Lock file for visudo + @sysconf@/sudoers List of who can run what + @sysconf@/sudoers.tmp Lock file for visudo AAAAUUUUTTTTHHHHOOOORRRR @@ -127,7 +127,7 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO -15/Feb/2000 1.6.3 2 +22/Mar/2000 1.6.3 2 @@ -193,6 +193,6 @@ visudo(8) MAINTENANCE COMMANDS visudo(8) -15/Feb/2000 1.6.3 3 +22/Mar/2000 1.6.3 3 diff --git a/visudo.man.in b/visudo.man.in index 0edd2adad..ad24e7e81 100644 --- a/visudo.man.in +++ b/visudo.man.in @@ -2,8 +2,12 @@ ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ -''' Revision 1.1 2000/03/23 00:17:30 millert -''' configure does substitution on these to produce *.man +''' Revision 1.2 2000/03/23 00:35:59 millert +''' Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from +''' Michael D. Marchionna. +''' configure now does substitution on the man pages, allowing us to +''' fix up the paths and set the section correctly. Based on an idea +''' from Michael D. Marchionna. ''' ''' .de Sh @@ -96,7 +100,7 @@ .nr % 0 .rr F .\} -.TH visudo.pod.in @mansectsu@ "1.6.3" "18/Mar/2000" "MAINTENANCE COMMANDS" +.TH visudo @mansectsu@ "1.6.3" "22/Mar/2000" "MAINTENANCE COMMANDS" .UC .if n .hy 0 .if n .na @@ -280,7 +284,7 @@ the editor used by \fBvisudo\fR allows shell escapes. \fIsudo\fR\|(8), \fIvipw\fR\|(8). .rn }` '' -.IX Title "visudo.pod.in @mansectsu@" +.IX Title "visudo @mansectsu@" .IX Name "visudo - edit the sudoers file" .IX Header "NAME" diff --git a/visudo.pod b/visudo.pod index 86b0a25db..94a2aeb0d 100644 --- a/visudo.pod +++ b/visudo.pod @@ -98,7 +98,7 @@ and exit. Someone else is currently editing the I file. -=item /etc/sudoers.tmp: Permission denied +=item @sysconf@/sudoers.tmp: Permission denied You didn't run B as root. @@ -127,8 +127,8 @@ was configured with the I<--with-env-editor> option: =head1 FILES - /etc/sudoers List of who can run what - /etc/sudoers.tmp Lock file for visudo + @sysconf@/sudoers List of who can run what + @sysconf@/sudoers.tmp Lock file for visudo =head1 AUTHOR -- 2.50.1