aboutsummaryrefslogtreecommitdiffstats
path: root/recipes
diff options
context:
space:
mode:
authorDavid-John Willis <John.Willis@Distant-earth.com>2009-11-09 21:32:46 +0000
committerKoen Kooi <koen@openembedded.org>2009-11-24 11:08:36 +0100
commit873c8d85d639b4996e4613d1a85b819d98c5f2be (patch)
tree2568cd468514ccc02f871d4d47463dbc71793e2e /recipes
parent4677a67913c5ec376eb016e6aac21f9a7ad5e9c4 (diff)
downloadopenembedded-873c8d85d639b4996e4613d1a85b819d98c5f2be.tar.gz
sudo: Add 1.7.2p1 and enable PAM support by default in newer sudo builds.
sudo.inc: Tweak include to support newer sudo versions. * Apply in addition to earlier sudo recipe bumps. * Tweak pam.d config file for sudo and add a (WIP) recipe for turning on support for the wheel group. * Update pam.d service file to suggested upstream Linux-PAM layout.
Diffstat (limited to 'recipes')
-rw-r--r--recipes/sudo/files/sudo.pamd7
-rw-r--r--recipes/sudo/sudo-enable-wheel-group.bb20
-rw-r--r--recipes/sudo/sudo.inc23
-rw-r--r--recipes/sudo/sudo_1.7.2p1.bb19
4 files changed, 63 insertions, 6 deletions
diff --git a/recipes/sudo/files/sudo.pamd b/recipes/sudo/files/sudo.pamd
new file mode 100644
index 0000000000..c22c794c21
--- /dev/null
+++ b/recipes/sudo/files/sudo.pamd
@@ -0,0 +1,7 @@
+#%PAM-1.0
+
+auth include common-auth
+account include common-account
+
+session required pam_permit.so
+session required pam_limits.so
diff --git a/recipes/sudo/sudo-enable-wheel-group.bb b/recipes/sudo/sudo-enable-wheel-group.bb
new file mode 100644
index 0000000000..b281ddb09d
--- /dev/null
+++ b/recipes/sudo/sudo-enable-wheel-group.bb
@@ -0,0 +1,20 @@
+PR = "r0"
+
+RDEPENDS = "sudo"
+
+ALLOW_EMPTY_${PN} = "1"
+PACKAGE_ARCH = "all"
+
+# Edit sudoers to allow the use of the wheel group and non root users to mount/shutdown etc.
+# Please consider this when using.
+
+pkg_postinst() {
+#!/bin/sh
+mkdir -p $D${sysconfdir}/
+touch $D${sysconfdir}/sudoers
+sed -i /# %wheel/d $D${sysconfdir}/sudoers
+echo '%wheel ALL=(ALL) ALL' >> $D${sysconfdir}/sudoers
+sed -i /# %users/d $D${sysconfdir}/sudoers
+echo '%users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom' >> $D${sysconfdir}/sudoers
+echo '%users localhost=/sbin/shutdown -h now' >> $D${sysconfdir}/sudoers
+}
diff --git a/recipes/sudo/sudo.inc b/recipes/sudo/sudo.inc
index 0dfb22ba8a..2bb0d72836 100644
--- a/recipes/sudo/sudo.inc
+++ b/recipes/sudo/sudo.inc
@@ -3,19 +3,30 @@ administrator to give certain users (or groups of \
users) the ability to run some (or all) commands \
as root while logging all commands and arguments."
LICENSE = "sudo"
-HOMEPAGE = "http://www.courtesan.com/sudo/"
+HOMEPAGE = "http://www.sudo.ws/"
PRIORITY = "optional"
SECTION = "admin"
inherit autotools
-EXTRA_OECONF = "--with-editor=/bin/vi --with-env-editor"
+EXTRA_OECONF += "--with-editor=/bin/vi --with-env-editor --with-all-insults "
do_configure_prepend () {
- rm -f acsite.m4
- if [ ! -e acinclude.m4 ]; then
- cat aclocal.m4 > acinclude.m4
- fi
+ # Make sure the build does not get clever.
+ export sudo_cv_uid_t_len=10
+ export sudo_cv_func_unsetenv_void=no
+
+ # Prevent binaries from being stripped.
+ sed -i 's/\($(INSTALL).*\) -s \(.*[(sudo|visudo)]\)/\1 \2/g' Makefile.in
+
+ rm -f acsite.m4
+ if [ ! -e acinclude.m4 ]; then
+ cat aclocal.m4 > acinclude.m4
+ fi
+}
+
+do_configure() {
+ oe_runconf
}
pkg_postinst() {
diff --git a/recipes/sudo/sudo_1.7.2p1.bb b/recipes/sudo/sudo_1.7.2p1.bb
new file mode 100644
index 0000000000..bfa8afe650
--- /dev/null
+++ b/recipes/sudo/sudo_1.7.2p1.bb
@@ -0,0 +1,19 @@
+PR = "r3"
+
+DEPENDS = "libpam"
+RDEPENDS = "libpam libpam-meta"
+
+SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
+ file://sudo.pamd \
+"
+
+EXTRA_OECONF += " --with-pam "
+
+require sudo.inc
+
+# Do in the recipe not the common inc as not all SUDO recipes want PAM support.
+
+do_install_append() {
+ install -d ${D}${sysconfdir}/pam.d/
+ install -m 0644 ${WORKDIR}/sudo.pamd ${D}${sysconfdir}/pam.d/sudo
+}