security/sudo/Makefile


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140

# New ports collection makefile for:    sudo
# Date created:         Sun Aug 13 12:36:14 CDT 1995
# Whom:                 erich@rrnet.com
#
# $FreeBSD$
#

PORTNAME=	sudo
DISTVERSION=	1.8.2
CATEGORIES=	security
MASTER_SITES=	http://www.sudo.ws/sudo/dist/ \
		http://ftp.arcane-networks.fr/pub/mirrors/sudo/ \
		http://sudo.p8ra.de/sudo/dist/ \
		http://sudo.cybermirror.org/ \
		http://sudo-ftp.basemirror.de/ \
		http://core.ring.gr.jp/archives/misc/sudo/ \
		http://www.ring.gr.jp/archives/misc/sudo/ \
		http://ftp.twaren.net/Unix/Security/Sudo/ \
		ftp://ftp.sudo.ws/pub/sudo/ \
		ftp://plier.ucar.edu/pub/sudo/ \
		ftp://obsd.isc.org/pub/sudo/ \
		ftp://ftp.uwsg.indiana.edu/pub/security/sudo/ \
		ftp://ftp.tuwien.ac.at/utils/admin-tools/sudo/ \
		ftp://sunsite.ualberta.ca/pub/Mirror/sudo/ \
		ftp://ftp.csc.cuhk.edu.hk/pub/packages/unix-tools/sudo/ \
		ftp://zoot.tele.dk/pub/sudo/ \
		ftp://ftp.in2p3.fr/pub/sudo/ \
		ftp://ftp.arcane-networks.fr/pub/mirrors/sudo/ \
		ftp://ftp.usbm.de/pub/sudo/ \
		ftp://ftp.cs.tu-berlin.de/pub/misc/sudo/ \
		ftp://ftp.informatik.uni-hamburg.de/pub/os/unix/utils/sudo/ \
		ftp://ftp.st.ryukoku.ac.jp/pub/security/tool/sudo/ \
		ftp://ftp.cin.nihon-u.ac.jp/pub/misc/sudo/ \
		ftp://core.ring.gr.jp/pub/misc/sudo/ \
		ftp://ftp.ring.gr.jp/pub/misc/sudo/ \
		ftp://sunsite.icm.edu.pl/packages/sudo/ \
		ftp://mirror.cdmon.com/pub/sudo/ \
		ftp://ftp.twaren.net/Unix/Security/Sudo/

MAINTAINER=	wxs@FreeBSD.org
COMMENT=	Allow others to run commands as root

MAKE_JOBS_SAFE=	yes
GNU_CONFIGURE=	yes

CONFIGURE_ARGS=	--sysconfdir=${PREFIX}/etc \
		--with-ignore-dot \
		--with-tty-tickets \
		--with-env-editor \
		--with-logincap \
		--with-long-otp-prompt \
		--with-pam

OPTIONS=	LDAP "With LDAP support" off \
		INSULTS "With all insults" off \
		DISABLE_ROOT_SUDO "Disable root sudo" off \
		DISABLE_AUTH "Disable authentication" off \
		NOARGS_SHELL "Enable no arguments shell" off \
		AUDIT "Enable BSM audit support" on

LOGFAC?=	local2
CONFIGURE_ARGS+=	--with-logfac=${LOGFAC}

.include <bsd.port.options.mk>

.if !defined(WITHOUT_NLS)
USE_GETTEXT=	yes
LDFLAGS+=	-L${LOCALBASE}/lib -lintl
CFLAGS+=	-I${LOCALBASE}/include
PLIST_SUB+=	NLS=""
.else
CONFIGURE_ARGS+=	--disable-nls
PLIST_SUB+=	NLS="@comment "
.endif

# SUDO_SECURE_PATH is a PATH string that will override the user's PATH.
# ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
.if defined(SUDO_SECURE_PATH)
CONFIGURE_ARGS+=	--with-secure-path="${SUDO_SECURE_PATH}"
.endif

.if defined(WITH_INSULTS)
CONFIGURE_ARGS+=	--with-insults
CONFIGURE_ARGS+=	--with-all-insults
.endif

.if defined(WITH_LDAP)
USE_OPENLDAP=	yes
CONFIGURE_ARGS+=	--with-ldap=${PREFIX}
SUDO_LDAP_CONF?=	ldap.conf
CONFIGURE_ARGS+=	--with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF}
PLIST_SUB+=	LDAP=""
MAN5+=	sudoers.ldap.5
.else
PLIST_SUB+=	LDAP="@comment "
.endif

.if defined(WITH_DISABLE_ROOT_SUDO)
CONFIGURE_ARGS+=--disable-root-sudo
.endif

.if defined(WITH_DISABLE_AUTH)
CONFIGURE_ARGS+=--disable-authentication
.endif

.if defined(WITH_NOARGS_SHELL)
CONFIGURE_ARGS+=--enable-noargs-shell
.endif

.if defined(WITH_AUDIT)
CONFIGURE_ARGS+=--with-bsm-audit
.endif

MAN5+=		sudoers.5
MAN8=		sudo.8 visudo.8 sudoreplay.8 sudo_plugin.8
MLINKS=		sudo.8 sudoedit.8

post-patch:
	@${REINPLACE_CMD} -E '/install-(binaries|noexec):/,/^$$/ \
		s/\$$\(INSTALL\)/& ${STRIP}/;s/-b\~/-b ~/' \
		${WRKSRC}/src/Makefile.in
.if defined(NOPORTDOCS)
	@${REINPLACE_CMD} -e 's/mkinstalldirs $$(DESTDIR)$$(docdir)/mkinstalldirs/' \
		${WRKSRC}/doc/Makefile.in
	@${REINPLACE_CMD} -e '/for f in $$(OTHER_DOCS); do/d;/@LDAP@for f in $$(OTHER_DOCS_LDAP); do/d' ${WRKSRC}/doc/Makefile.in
	@${REINPLACE_CMD} -e 's/$$(DESTDIR)$$(sudoersdir) $$(DESTDIR)$$(docdir)/$$(DESTDIR)$$(sudoersdir)/' ${WRKSRC}/plugins/sudoers/Makefile.in
.endif

post-install:
	${INSTALL_DATA} ${FILESDIR}/pam.conf ${PREFIX}/etc/pam.d/sudo.default
	if [ ! -f ${PREFIX}/etc/pam.d/sudo ]; then \
		${CP} -p ${PREFIX}/etc/pam.d/sudo.default \
		${PREFIX}/etc/pam.d/sudo ; \
	fi
	if [ ! -f ${PREFIX}/etc/sudoers ]; then \
		${CP} -p ${PREFIX}/etc/sudoers.sample ${PREFIX}/etc/sudoers; \
	fi
	${TOUCH} ${PREFIX}/etc/sudoers.d/.keep-me

.include <bsd.port.mk>