diff options
author | hubertf <hubertf@pkgsrc.org> | 1997-12-14 23:27:00 +0000 |
---|---|---|
committer | hubertf <hubertf@pkgsrc.org> | 1997-12-14 23:27:00 +0000 |
commit | e18979004418322ae56212e9503a7d8abb18a8c8 (patch) | |
tree | 583e441a7f4178673759a04c3258f832830ab15c /security/sudo/patches | |
parent | ee250e0d619feb3990ab698c8642d19793d025ba (diff) | |
download | pkgsrc-e18979004418322ae56212e9503a7d8abb18a8c8.tar.gz |
Import vanialla FreeBSD sudo.
Diffstat (limited to 'security/sudo/patches')
-rw-r--r-- | security/sudo/patches/patch-aa | 43 | ||||
-rw-r--r-- | security/sudo/patches/patch-ab | 10 | ||||
-rw-r--r-- | security/sudo/patches/patch-ac | 115 | ||||
-rw-r--r-- | security/sudo/patches/patch-ad | 35 |
4 files changed, 203 insertions, 0 deletions
diff --git a/security/sudo/patches/patch-aa b/security/sudo/patches/patch-aa new file mode 100644 index 00000000000..95030a59441 --- /dev/null +++ b/security/sudo/patches/patch-aa @@ -0,0 +1,43 @@ +--- configure.orig Sun Aug 25 12:32:03 1996 ++++ configure Thu Aug 29 10:26:50 1996 +@@ -37,6 +37,8 @@ + --with-libraries additional libraries to link with" + ac_help="$ac_help + --with-csops add CSOps standard options" ++ac_help="$ac_help ++ --with-fbsdops add FreeBSD standard options" + + # Initialize some variables set by options. + # The variables have the same names as the options, with +@@ -557,8 +559,8 @@ + + test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man' + test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin' +-test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/etc' +-test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' ++test "$sbindir" = '${exec_prefix}/sbin' || sbindir='$(exec_prefix)/etc' ++test "$sysconfdir" = '${prefix}/etc' || sysconfdir='/etc' + + + # Check whether --with-CC or --without-CC was given. +@@ -784,6 +786,20 @@ + yes) OPTIONS="${OPTIONS} -DIGNORE_DOT_PATH -DUSE_INSULTS -DCLASSIC_INSULTS -DCSOPS_INSULTS -DENV_EDITOR" + sbindir='$(exec_prefix)/sbin' + echo 'CSOps--adding options: IGNORE_DOT_PATH USE_INSULTS CLASSIC_INSULTS CSOPS_INSULTS ENV_EDITOR' ++ ;; ++ no) ;; ++ *) echo "Ignoring unknown argument to --with-csops: $with_csops" ++ ;; ++esac ++fi ++ ++# Check whether --with-fbsdops or --without-fbsdops was given. ++if test "${with_fbsdops+set}" = set; then ++ withval="$with_fbsdops" ++ case $with_fbsdops in ++ yes) OPTIONS="${OPTIONS} -DIGNORE_DOT_PATH -DENV_EDITOR -DUSE_TTY_TICKETS" ++ sbindir='$(exec_prefix)/sbin' ++ echo 'fbsdops--adding options: IGNORE_DOT_PATH ENV_EDITOR USE_TTY_TICKETS' + ;; + no) ;; + *) echo "Ignoring unknown argument to --with-csops: $with_csops" diff --git a/security/sudo/patches/patch-ab b/security/sudo/patches/patch-ab new file mode 100644 index 00000000000..9930c0de3e0 --- /dev/null +++ b/security/sudo/patches/patch-ab @@ -0,0 +1,10 @@ +--- ./Makefile.in.org Sun Aug 25 10:29:31 1996 ++++ ./Makefile.in Wed Oct 16 00:43:03 1996 +@@ -214,6 +214,7 @@ + else \ + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0440 $(srcdir)/sudoers $(sudoersdir)/sudoers; \ + fi ++ $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0440 $(srcdir)/sudoers $(sudoersdir)/sudoers.sample + + install-man: + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudo.$(mantype) $(mandir8)/sudo.$(mansect8) diff --git a/security/sudo/patches/patch-ac b/security/sudo/patches/patch-ac new file mode 100644 index 00000000000..253990f28d8 --- /dev/null +++ b/security/sudo/patches/patch-ac @@ -0,0 +1,115 @@ +--- ./sudo.man.org Wed Nov 13 17:58:50 1996 ++++ ./sudo.man Mon Dec 9 20:44:48 1996 +@@ -180,10 +180,11 @@ + .IX Header "DESCRIPTION" + \fBsudo\fR allows a permitted user to execute a \fIcommand\fR + as the superuser (real and effective uid and gid are set +-to \f(CW0\fR and root's group as set in the passwd file respectively). ++to \f(CW0\fR and root's group as set in the passwd file respectively) ++by using the user's own password. + .PP + \fBsudo\fR determines who is an authorized user by consulting the +-file \fI/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user ++file \fI/usr/local/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user + can update the time stamp without running a \fIcommand.\fR + The password prompt itself will also time out if the password is + not entered with N minutes (again, this is defined at installation +@@ -321,7 +322,7 @@ + .IX Header "FILES" + .PP + .Vb 1 +-\& /etc/sudoers file of authorized users. ++\& /usr/local/etc/sudoers file of authorized users. + .Ve + .SH "ENVIRONMENT VARIABLES" + .IX Header "ENVIRONMENT VARIABLES" +--- ./sudoers.man.org Wed Nov 13 17:58:50 1996 ++++ ./sudoers.man Mon Dec 9 20:38:43 1996 +@@ -296,7 +296,7 @@ + \fB\s-1DO\s0 \s-1NOT\s0\fR define an alias of \fI\s-1ALL\s0\fR, it will \fB\s-1NOT\s0\fR be used. + Note that \fI\s-1ALL\s0\fR implies the entire universe of hosts/users/commands. + You can subtract elements from the universe by using the syntax: +- user host=\s-1ALL\s0,!\s-1ALIAS1\s0,!/etc/halt... ++ user host=\s-1ALL\s0,!\s-1ALIAS1\s0,!/sbin/halt... + Note that the \*(L"!\*(R" notation only works in a user's command list. You + may not use it to subtract elements in a User_Alias, Host_Alias, + Cmnd_Alias or user list. +@@ -334,7 +334,7 @@ + \& Cmnd_Alias SHELLS=/bin/sh,/bin/csh,/bin/tcsh,/bin/ksh + \& Cmnd_Alias SU=/bin/su + \& Cmnd_Alias MISC=/bin/rm,/bin/cat:\e +-\& SHUTDOWN=/etc/halt,/etc/shutdown ++\& SHUTDOWN=/sbin/halt,/sbin/shutdown + .Ve + .Vb 14 + \& # User specification +@@ -344,11 +344,11 @@ + \& +interns +openlabs=ALL,!SHELLS,!SU + \& britt REMOTE=SHUTDOWN:ALL=LPCS + \& jimbo CUNETS=/bin/su ?*,!/bin/su root +-\& nieusma SERVERS=SHUTDOWN,/etc/reboot:\e ++\& nieusma SERVERS=SHUTDOWN,/sbin/reboot:\e + \& HUB=ALL,!SHELLS +-\& jill houdini=/etc/shutdown -[hr] now,MISC +-\& markm HUB=ALL,!MISC,!/etc/shutdown,!/etc/halt +-\& davehieb merlin=(OP) ALL:SERVERS=/etc/halt:\e ++\& jill houdini=/sbin/shutdown -[hr] now,MISC ++\& markm HUB=ALL,!MISC,!/sbin/shutdown,!/sbin/halt ++\& davehieb merlin=(OP) ALL:SERVERS=/sbin/halt:\e + \& kodiakthorn=NOPASSWD: ALL + \& steve CSNETS=(operator) /usr/op_commands/ + .Ve +@@ -405,24 +405,24 @@ + .Ip "nieusma" 16 + .IX Item "nieusma" + The user \f(CWnieusma\fR may run commands in the \f(CWSHUTDOWN\fR alias +-as well as \fI/etc/reboot\fR on the \f(CWSERVER\fR machines and ++as well as \fI/sbin/reboot\fR on the \f(CWSERVER\fR machines and + any command except those in the \f(CWSHELLS\fR alias on the \f(CWHUB\fR + machines. + .Ip "jill" 16 + .IX Item "jill" +-The user \f(CWjill\fR may run \f(CW/etc/shutdown -h now\fR or +-\f(CW/etc/shutdown -r now\fR as well as the commands in the ++The user \f(CWjill\fR may run \f(CW/sbin/shutdown -h now\fR or ++\f(CW/sbin/shutdown -r now\fR as well as the commands in the + \f(CWMISC\fR alias on houdini. + .Ip "markm" 16 + .IX Item "markm" + The user \f(CWmarkm\fR may run any command on the \f(CWHUB\fR machines +-except \fI/etc/shutdown\fR, \fI/etc/halt\fR, and commands listed ++except \fI/sbin/shutdown\fR, \fI/sbin/halt\fR, and commands listed + in the \f(CWMISC\fR alias. + .Ip "davehieb" 16 + .IX Item "davehieb" + The user \f(CWdavehieb\fR may run any command on \f(CWmerlin\fR as any + user in the Runas_Alias \s-1OP\s0 (ie: root or operator). He may +-also run \fI/etc/halt\fR on the \f(CWSERVERS\fR and any command ++also run \fI/sbin/halt\fR on the \f(CWSERVERS\fR and any command + on \f(CWkodiakthorn\fR (no password required on \f(CWkodiakthorn\fR). + .Ip "steve" 16 + .IX Item "steve" +@@ -438,8 +438,8 @@ + .IX Header "FILES" + .PP + .Vb 2 +-\& /etc/sudoers file of authorized users. +-\& /etc/netgroup list of network groups. ++\& /usr/local/etc/sudoers file of authorized users. ++\& /etc/netgroup list of network groups. + .Ve + .SH "SEE ALSO" + .IX Header "SEE ALSO" +--- ./visudo.man.org Wed Nov 13 17:58:51 1996 ++++ ./visudo.man Mon Dec 9 20:39:01 1996 +@@ -211,8 +211,8 @@ + .IX Header "FILES" + .PP + .Vb 2 +-\& /etc/sudoers file of authorized users. +-\& /etc/stmp lock file for visudo. ++\& /usr/local/etc/sudoers file of authorized users. ++\& /usr/local/etc/stmp lock file for visudo. + .Ve + .SH "ENVIRONMENT VARIABLES" + .IX Header "ENVIRONMENT VARIABLES" diff --git a/security/sudo/patches/patch-ad b/security/sudo/patches/patch-ad new file mode 100644 index 00000000000..30e3d2c3026 --- /dev/null +++ b/security/sudo/patches/patch-ad @@ -0,0 +1,35 @@ +*** tgetpass.c.dist Wed Feb 19 00:09:13 1997 +--- tgetpass.c Wed Feb 19 00:09:21 1997 +*************** +*** 206,223 **** + tv.tv_sec = timeout; + tv.tv_usec = 0; + +- /* how many file descriptors may we have? */ +- #ifdef HAVE_SYSCONF +- n = sysconf(_SC_OPEN_MAX); +- #else +- n = getdtablesize(); +- #endif /* HAVE_SYSCONF */ +- + /* + * get password or return empty string if nothing to read by timeout + */ + buf[0] = '\0'; +! if (select(n, &readfds, 0, 0, &tv) > 0 && fgets(buf, sizeof(buf), input)) { + n = strlen(buf); + if (buf[n - 1] == '\n') + buf[n - 1] = '\0'; +--- 206,216 ---- + tv.tv_sec = timeout; + tv.tv_usec = 0; + + /* + * get password or return empty string if nothing to read by timeout + */ + buf[0] = '\0'; +! if (select(fileno(input)+1, &readfds, 0, 0, &tv) > 0 && fgets(buf, sizeof(buf), input)) { + n = strlen(buf); + if (buf[n - 1] == '\n') + buf[n - 1] = '\0'; + |