From c9e958d2357fd3b21471d55aaa226eca86cb208d Mon Sep 17 00:00:00 2001 From: Xavier Beaudouin Date: Wed, 8 Jan 2025 16:50:21 +0100 Subject: [PATCH] Old makefile --- security/sudo/Makefile.old | 160 +++++++++++++++++++++++++++++++++++++ 1 file changed, 160 insertions(+) create mode 100644 security/sudo/Makefile.old diff --git a/security/sudo/Makefile.old b/security/sudo/Makefile.old new file mode 100644 index 0000000..37af775 --- /dev/null +++ b/security/sudo/Makefile.old @@ -0,0 +1,160 @@ +PORTNAME= sudo +PORTVERSION= 1.9.16p2 +CATEGORIES= security +MASTER_SITES= SUDO + +MAINTAINER= garga@FreeBSD.org +COMMENT= Allow others to run commands as root +WWW= https://www.sudo.ws/ + +LICENSE= sudo +LICENSE_NAME= Sudo license +LICENSE_FILE= ${WRKSRC}/LICENSE.md +LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept + +FLAVORS= default sssd +FLAVOR?= ${FLAVORS:[1]} +sssd_PKGNAMESUFFIX= -sssd + +USES= cpe libtool pkgconfig +CPE_VENDOR= todd_miller +USE_LDCONFIG= yes +GNU_CONFIGURE= yes +GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share +CONFIGURE_ARGS= --mandir=${PREFIX}/share/man \ + --sysconfdir=${PREFIX}/etc \ + --with-env-editor \ + --with-ignore-dot \ + --with-logfac=${LOGFAC} \ + --with-logincap \ + --with-long-otp-prompt \ + --with-rundir=/var/run/sudo \ + --with-tty-tickets +LDFLAGS+= -lgcc + +PORTSCOUT= ignore:1 + +OPTIONS_DEFINE= AUDIT DISABLE_AUTH DISABLE_ROOT_SUDO DOCS EXAMPLES \ + INSULTS LDAP NLS NOARGS_SHELL OPIE PAM PYTHON SSL +OPTIONS_DEFAULT= AUDIT PAM SSL +OPTIONS_RADIO= KERBEROS SSSD +OPTIONS_RADIO_KERBEROS= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT +OPTIONS_RADIO_SSSD= SSSD SSSD2 +OPTIONS_SUB= yes + +AUDIT_DESC= Enable BSM audit support +DISABLE_AUTH_DESC= Do not require authentication by default +DISABLE_ROOT_SUDO_DESC= Do not allow root to run sudo +INSULTS_DESC= Enable insults on failures +KERBEROS_DESC= Enable Kerberos 5 authentication (no PAM support) +NOARGS_SHELL_DESC= Run a shell if no arguments are given +OPIE_DESC= Enable one-time passwords (no PAM support) +PYTHON_DESC= Enable python plugin support +SSL_DESC= Use OpenSSL TLS and SHA2 functions +SSSD_DESC= Enable SSSD backend support (deprecated) +SSSD2_DESC= Enable SSSD2 backend support + +AUDIT_CONFIGURE_WITH= bsm-audit + +DISABLE_AUTH_CONFIGURE_ON= --disable-authentication +DISABLE_ROOT_SUDO_CONFIGURE_ON= --disable-root-sudo + +GSSAPI_BASE_USES= gssapi +GSSAPI_BASE_CONFIGURE_ON= --with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} +GSSAPI_HEIMDAL_USES= gssapi:heimdal +GSSAPI_HEIMDAL_CONFIGURE_ON= --with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} +GSSAPI_MIT_USES= gssapi:mit +GSSAPI_MIT_CONFIGURE_ON= --with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} + +INSULTS_CONFIGURE_ON= --with-insults --with-all-insults + +LDAP_USES= ldap +LDAP_CONFIGURE_ON= --with-ldap=${PREFIX} \ + --with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF} + +NLS_USES= gettext +NLS_CONFIGURE_ENABLE= nls +NLS_CFLAGS= -I${LOCALBASE}/include +NLS_LDFLAGS= -L${LOCALBASE}/lib -lintl + +NOARGS_SHELL_CONFIGURE_ENABLE= noargs-shell + +OPIE_CONFIGURE_ON= --with-opie + +PAM_PREVENTS= OPIE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT +PAM_PREVENTS_MSG= PAM cannot be combined with any other authentication plugin +PAM_CONFIGURE_ON= --with-pam + +PYTHON_USES= python +PYTHON_CONFIGURE_ENABLE=python + +SSL_USES= ssl +SSL_CONFIGURE_ON= --enable-openssl=${OPENSSLBASE} + +SSSD_PREVENTS= GSSAPI_HEIMDAL +SSSD_PREVENTS_MSG= sssd requires MIT kerberos and it conflicts with heimdal +SSSD_RUN_DEPENDS= sssd:security/sssd +SSSD_CONFIGURE_ON= --with-sssd + +.if ${FLAVOR:U} == sssd +OPTIONS_DEFAULTS+= SSSD2 +.endif + +SSSD2_RUN_DEPENDS= sssd:security/sssd2 +SSSD2_CONFIGURE_ON= --with-sssd + +LOGFAC?= authpriv +SUDO_LDAP_CONF?= ldap.conf + +# This is intentionally not an option. +# SUDO_SECURE_PATH is a PATH string that will override the user's PATH. +# ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin" +.if defined(SUDO_SECURE_PATH) +CONFIGURE_ARGS+= --with-secure-path="${SUDO_SECURE_PATH}" +.endif + +# This is intentionally not an option. +# SUDO_KERB5_INSTANCE is an optional instance string that will be appended +# to kerberos principals when to perform authentication. Common choices +# are "admin" and "sudo". +.if defined(SUDO_KERB5_INSTANCE) +CONFIGURE_ARGS+= --enable-kerb5-instance="${SUDO_KERB5_INSTANCE}" +.endif + +.include + +.if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1400072 +. if ${PORT_OPTIONS:MOPIE} +BUILD_DEPENDS+= opie>0:security/opie +RUN_DEPENDS+= opie>0:security/opie +. endif +.endif + +.if ${ARCH} == "arm" +CONFIGURE_ARGS+= --disable-pie +.endif + +post-patch: + @${REINPLACE_CMD} -E '/install-(binaries|noexec):/,/^$$/ \ + s/\$$\(INSTALL\)/& ${STRIP}/;s/-b\~/-b ~/' \ + ${WRKSRC}/src/Makefile.in + +post-install: + ${INSTALL_DATA} ${FILESDIR}/pam.conf ${STAGEDIR}${PREFIX}/etc/pam.d/sudo.default + ${MV} ${STAGEDIR}${PREFIX}/etc/sudo.conf ${STAGEDIR}${PREFIX}/etc/sudo.conf.sample + ${MV} ${STAGEDIR}${PREFIX}/etc/sudo_logsrvd.conf ${STAGEDIR}${PREFIX}/etc/sudo_logsrvd.conf.sample + ${RM} ${STAGEDIR}${PREFIX}/etc/sudoers + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/cvtsudoers + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/sudoreplay + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/sudo/sudo_intercept.so + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/sudo_logsrvd + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/sudo_sendlog + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/visudo +.for f in audit_json.so group_file.so libsudo_util.so sudoers.so system_group.so + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/sudo/${f} +.endfor + +post-install-PYTHON-on: + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/sudo/python_plugin.so + +.include