diff options
Diffstat (limited to 'meta/recipes-extended/sudo')
-rw-r--r-- | meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch | 34 | ||||
-rw-r--r-- | meta/recipes-extended/sudo/sudo.inc | 31 | ||||
-rw-r--r-- | meta/recipes-extended/sudo/sudo_1.9.15p5.bb (renamed from meta/recipes-extended/sudo/sudo_1.9.5p2.bb) | 20 |
3 files changed, 48 insertions, 37 deletions
diff --git a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch index f7ccfdd623..041c717e00 100644 --- a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch +++ b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch | |||
@@ -1,4 +1,7 @@ | |||
1 | sudo.conf.in: fix conflict with multilib | 1 | From 6e835350b7413210c410d3578cfab804186b7a4f Mon Sep 17 00:00:00 2001 |
2 | From: Kai Kang <kai.kang@windriver.com> | ||
3 | Date: Tue, 17 Nov 2020 11:13:40 +0800 | ||
4 | Subject: [PATCH] sudo.conf.in: fix conflict with multilib | ||
2 | 5 | ||
3 | When pass ${libdir} to --libexecdir of sudo, it fails to install sudo | 6 | When pass ${libdir} to --libexecdir of sudo, it fails to install sudo |
4 | and lib32-sudo at same time: | 7 | and lib32-sudo at same time: |
@@ -12,12 +15,13 @@ Update the comments in sudo.conf.in to avoid the conflict. | |||
12 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | 15 | Signed-off-by: Kai Kang <kai.kang@windriver.com> |
13 | 16 | ||
14 | Upstream-Status: Inappropriate [OE configuration specific] | 17 | Upstream-Status: Inappropriate [OE configuration specific] |
18 | |||
15 | --- | 19 | --- |
16 | examples/sudo.conf.in | 6 +++--- | 20 | examples/sudo.conf.in | 8 ++++---- |
17 | 1 file changed, 3 insertions(+), 3 deletions(-) | 21 | 1 file changed, 4 insertions(+), 4 deletions(-) |
18 | 22 | ||
19 | diff --git a/examples/sudo.conf.in b/examples/sudo.conf.in | 23 | diff --git a/examples/sudo.conf.in b/examples/sudo.conf.in |
20 | index 19e33ff..af78235 100644 | 24 | index 2187457..0908d24 100644 |
21 | --- a/examples/sudo.conf.in | 25 | --- a/examples/sudo.conf.in |
22 | +++ b/examples/sudo.conf.in | 26 | +++ b/examples/sudo.conf.in |
23 | @@ -4,7 +4,7 @@ | 27 | @@ -4,7 +4,7 @@ |
@@ -29,16 +33,25 @@ index 19e33ff..af78235 100644 | |||
29 | # fully qualified. | 33 | # fully qualified. |
30 | # The plugin_name corresponds to a global symbol in the plugin | 34 | # The plugin_name corresponds to a global symbol in the plugin |
31 | # that contains the plugin interface structure. | 35 | # that contains the plugin interface structure. |
32 | @@ -50,7 +50,7 @@ Plugin sudoers_audit sudoers.so | 36 | @@ -51,7 +51,7 @@ |
37 | # The compiled-in value is usually sufficient and should only be changed | ||
38 | # if you rename or move the sudo_intercept.so file. | ||
39 | # | ||
40 | -#Path intercept @intercept_file@ | ||
41 | +#Path intercept $intercept_file | ||
42 | |||
43 | # | ||
44 | # Sudo noexec: | ||
45 | @@ -65,7 +65,7 @@ | ||
33 | # The compiled-in value is usually sufficient and should only be changed | 46 | # The compiled-in value is usually sufficient and should only be changed |
34 | # if you rename or move the sudo_noexec.so file. | 47 | # if you rename or move the sudo_noexec.so file. |
35 | # | 48 | # |
36 | -#Path noexec @plugindir@/sudo_noexec.so | 49 | -#Path noexec @noexec_file@ |
37 | +#Path noexec $plugindir/sudo_noexec.so | 50 | +#Path noexec $noexec_file |
38 | 51 | ||
39 | # | 52 | # |
40 | # Sudo plugin directory: | 53 | # Sudo plugin directory: |
41 | @@ -59,7 +59,7 @@ Plugin sudoers_audit sudoers.so | 54 | @@ -74,7 +74,7 @@ |
42 | # The default directory to use when searching for plugins that are | 55 | # The default directory to use when searching for plugins that are |
43 | # specified without a fully qualified path name. | 56 | # specified without a fully qualified path name. |
44 | # | 57 | # |
@@ -46,7 +59,4 @@ index 19e33ff..af78235 100644 | |||
46 | +#Path plugin_dir $plugindir | 59 | +#Path plugin_dir $plugindir |
47 | 60 | ||
48 | # | 61 | # |
49 | # Sudo developer mode: | 62 | # Core dumps: |
50 | -- | ||
51 | 2.17.1 | ||
52 | |||
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc index 97ecabe0fc..feb1cf35a7 100644 --- a/meta/recipes-extended/sudo/sudo.inc +++ b/meta/recipes-extended/sudo/sudo.inc | |||
@@ -3,12 +3,11 @@ DESCRIPTION = "Sudo (superuser do) allows a system administrator to give certain | |||
3 | HOMEPAGE = "http://www.sudo.ws" | 3 | HOMEPAGE = "http://www.sudo.ws" |
4 | BUGTRACKER = "http://www.sudo.ws/bugs/" | 4 | BUGTRACKER = "http://www.sudo.ws/bugs/" |
5 | SECTION = "admin" | 5 | SECTION = "admin" |
6 | LICENSE = "ISC & BSD & Zlib" | 6 | LICENSE = "ISC & BSD-3-Clause & BSD-2-Clause & Zlib" |
7 | LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=fdff64d4fd19126330aa81b94d167173 \ | 7 | LIC_FILES_CHKSUM = "file://LICENSE.md;md5=5100e20d35f9015f9eef6bdb27ba194f \ |
8 | file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \ | 8 | file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \ |
9 | file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \ | 9 | file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \ |
10 | file://lib/util/fnmatch.c;beginline=3;endline=27;md5=004d7d2866ba1f5b41174906849d2e0f \ | 10 | file://lib/util/fnmatch.c;beginline=3;endline=27;md5=004d7d2866ba1f5b41174906849d2e0f \ |
11 | file://lib/util/getcwd.c;beginline=2;endline=27;md5=50f8d9667750e18dea4e84a935c12009 \ | ||
12 | file://lib/util/glob.c;beginline=2;endline=31;md5=2852f68687544e3eb8a0a61665506f0e \ | 11 | file://lib/util/glob.c;beginline=2;endline=31;md5=2852f68687544e3eb8a0a61665506f0e \ |
13 | file://lib/util/snprintf.c;beginline=3;endline=33;md5=b70df6179969e38fcf68da91b53b8029 \ | 12 | file://lib/util/snprintf.c;beginline=3;endline=33;md5=b70df6179969e38fcf68da91b53b8029 \ |
14 | file://include/sudo_queue.h;beginline=2;endline=27;md5=ad578e9664d17a010b63e4bc0576ee8d \ | 13 | file://include/sudo_queue.h;beginline=2;endline=27;md5=ad578e9664d17a010b63e4bc0576ee8d \ |
@@ -23,22 +22,20 @@ inherit autotools | |||
23 | PACKAGECONFIG ??= "" | 22 | PACKAGECONFIG ??= "" |
24 | PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib" | 23 | PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib" |
25 | PACKAGECONFIG[pam-wheel] = ",,,pam-plugin-wheel" | 24 | PACKAGECONFIG[pam-wheel] = ",,,pam-plugin-wheel" |
26 | 25 | PACKAGECONFIG[audit] = "--with-linux-audit,--without-linux-audit,audit" | |
27 | CONFFILES_${PN} = "${sysconfdir}/sudoers" | 26 | PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux" |
28 | 27 | ||
29 | EXTRA_OECONF = "--with-editor=${base_bindir}/vi --with-env-editor" | 28 | EXTRA_OECONF = "--with-editor=${base_bindir}/vi --with-env-editor" |
30 | 29 | ||
31 | EXTRA_OECONF_append_libc-musl = " --disable-hardening " | 30 | EXTRA_OECONF:append:libc-musl = " --disable-hardening " |
32 | 31 | ||
33 | # mksigname/mksiglist are used on build host to generate source files | 32 | do_compile:prepend () { |
34 | do_compile_prepend () { | 33 | # Remove build host references from config.h |
35 | # Remove build host references from sudo_usage.h | 34 | sed -i \ |
36 | sed -i \ | 35 | -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ |
37 | -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ | 36 | -e 's,--build=${BUILD_SYS},,g' \ |
38 | -e 's,--build=${BUILD_SYS},,g' \ | 37 | -e 's,--host=${HOST_SYS},,g' \ |
39 | -e 's,--host=${HOST_SYS},,g' \ | 38 | ${B}/config.h |
40 | ${B}/src/sudo_usage.h | ||
41 | oe_runmake SSP_CFLAGS="" SSP_LDFLAGS="" CC="$BUILD_CC" CFLAGS="$BUILD_CFLAGS" CPPFLAGS="$BUILD_CPPFLAGS -I${S}/include -I${S} -I${B}" -C lib/util mksigname mksiglist | ||
42 | } | 39 | } |
43 | 40 | ||
44 | # Explicitly create ${localstatedir}/lib before do_install to ensure | 41 | # Explicitly create ${localstatedir}/lib before do_install to ensure |
@@ -46,6 +43,8 @@ do_compile_prepend () { | |||
46 | # script (from sudo) will recursively create ${localstatedir}/lib/sudo | 43 | # script (from sudo) will recursively create ${localstatedir}/lib/sudo |
47 | # and then chmod each directory with 0700 permissions, which isn't what | 44 | # and then chmod each directory with 0700 permissions, which isn't what |
48 | # we want (i.e, users would not be able to access /var/lib). | 45 | # we want (i.e, users would not be able to access /var/lib). |
49 | do_install_prepend (){ | 46 | do_install:prepend (){ |
50 | mkdir -p ${D}/${localstatedir}/lib | 47 | mkdir -p ${D}/${localstatedir}/lib |
51 | } | 48 | } |
49 | |||
50 | CVE_VERSION_SUFFIX = "patch" | ||
diff --git a/meta/recipes-extended/sudo/sudo_1.9.5p2.bb b/meta/recipes-extended/sudo/sudo_1.9.15p5.bb index ca23e94ace..2fd2ae6d05 100644 --- a/meta/recipes-extended/sudo/sudo_1.9.5p2.bb +++ b/meta/recipes-extended/sudo/sudo_1.9.15p5.bb | |||
@@ -7,10 +7,10 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \ | |||
7 | 7 | ||
8 | PAM_SRC_URI = "file://sudo.pam" | 8 | PAM_SRC_URI = "file://sudo.pam" |
9 | 9 | ||
10 | SRC_URI[sha256sum] = "539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978" | 10 | SRC_URI[sha256sum] = "558d10b9a1991fb3b9fa7fa7b07ec4405b7aefb5b3cb0b0871dbc81e3a88e558" |
11 | 11 | ||
12 | DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" | 12 | DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" |
13 | RDEPENDS_${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}" | 13 | RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}" |
14 | 14 | ||
15 | CACHED_CONFIGUREVARS = " \ | 15 | CACHED_CONFIGUREVARS = " \ |
16 | ac_cv_type_rsize_t=no \ | 16 | ac_cv_type_rsize_t=no \ |
@@ -28,9 +28,9 @@ EXTRA_OECONF += " \ | |||
28 | --libexecdir=${libdir} \ | 28 | --libexecdir=${libdir} \ |
29 | " | 29 | " |
30 | 30 | ||
31 | do_install_append () { | 31 | do_install:append () { |
32 | if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then | 32 | if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then |
33 | install -D -m 644 ${WORKDIR}/sudo.pam ${D}/${sysconfdir}/pam.d/sudo | 33 | install -D -m 644 ${UNPACKDIR}/sudo.pam ${D}/${sysconfdir}/pam.d/sudo |
34 | if ${@bb.utils.contains('PACKAGECONFIG', 'pam-wheel', 'true', 'false', d)} ; then | 34 | if ${@bb.utils.contains('PACKAGECONFIG', 'pam-wheel', 'true', 'false', d)} ; then |
35 | echo 'auth required pam_wheel.so use_uid' >>${D}${sysconfdir}/pam.d/sudo | 35 | echo 'auth required pam_wheel.so use_uid' >>${D}${sysconfdir}/pam.d/sudo |
36 | sed -i 's/# \(%wheel ALL=(ALL) ALL\)/\1/' ${D}${sysconfdir}/sudoers | 36 | sed -i 's/# \(%wheel ALL=(ALL) ALL\)/\1/' ${D}${sysconfdir}/sudoers |
@@ -44,16 +44,18 @@ do_install_append () { | |||
44 | rmdir -p --ignore-fail-on-non-empty ${D}/run/sudo | 44 | rmdir -p --ignore-fail-on-non-empty ${D}/run/sudo |
45 | } | 45 | } |
46 | 46 | ||
47 | FILES_${PN}-dev += "${libdir}/${BPN}/lib*${SOLIBSDEV} ${libdir}/${BPN}/*.la \ | 47 | FILES:${PN}-dev += "${libdir}/${BPN}/lib*${SOLIBSDEV} ${libdir}/${BPN}/*.la \ |
48 | ${libdir}/lib*${SOLIBSDEV} ${libdir}/*.la" | 48 | ${libdir}/lib*${SOLIBSDEV} ${libdir}/*.la" |
49 | 49 | ||
50 | CONFFILES:${PN}-lib = "${sysconfdir}/sudoers" | ||
51 | |||
50 | SUDO_PACKAGES = "${PN}-sudo\ | 52 | SUDO_PACKAGES = "${PN}-sudo\ |
51 | ${PN}-lib" | 53 | ${PN}-lib" |
52 | 54 | ||
53 | PACKAGE_BEFORE_PN = "${SUDO_PACKAGES}" | 55 | PACKAGE_BEFORE_PN = "${SUDO_PACKAGES}" |
54 | 56 | ||
55 | RDEPENDS_${PN}-sudo = "${PN}-lib" | 57 | RDEPENDS:${PN}-sudo = "${PN}-lib" |
56 | RDEPENDS_${PN} += "${SUDO_PACKAGES}" | 58 | RDEPENDS:${PN} += "${SUDO_PACKAGES}" |
57 | 59 | ||
58 | FILES_${PN}-sudo = "${bindir}/sudo ${bindir}/sudoedit" | 60 | FILES:${PN}-sudo = "${bindir}/sudo ${bindir}/sudoedit" |
59 | FILES_${PN}-lib = "${localstatedir} ${libexecdir} ${sysconfdir} ${libdir} ${nonarch_libdir}" | 61 | FILES:${PN}-lib = "${localstatedir} ${libexecdir} ${sysconfdir} ${libdir} ${nonarch_libdir}" |