diff options
-rw-r--r-- | security/sudo/Makefile | 17 | ||||
-rw-r--r-- | security/sudo/files/md5 | 4 | ||||
-rw-r--r-- | security/sudo/files/patch-sum | 8 | ||||
-rw-r--r-- | security/sudo/patches/patch-ab | 24 | ||||
-rw-r--r-- | security/sudo/patches/patch-ac | 14 | ||||
-rw-r--r-- | security/sudo/patches/patch-ae | 61 | ||||
-rw-r--r-- | security/sudo/patches/patch-af | 41 |
7 files changed, 54 insertions, 115 deletions
diff --git a/security/sudo/Makefile b/security/sudo/Makefile index 0a0cf992524..7cebeaf6399 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,12 +1,12 @@ -# $NetBSD: Makefile,v 1.18 1999/09/14 02:32:26 kim Exp $ +# $NetBSD: Makefile,v 1.19 1999/12/30 22:51:28 jlam Exp $ # FreeBSD Id: Makefile,v 1.9 1997/11/12 03:24:41 obrien Exp # -DISTNAME= cu-sudo.v1.5.9p4 -PKGNAME= sudo-1.5.9p4 -WRKSRC= ${WRKDIR}/sudo.v1.5.9p4 +DISTNAME= sudo-1.6.1 CATEGORIES= security -MASTER_SITES= ftp://ftp.cs.colorado.edu/pub/sudo/ +MASTER_SITES= ftp://ftp.cs.colorado.edu/pub/sudo/ \ + ftp://ftp.uu.net/pub/security/sudo/ \ + ftp://ftp.tux.org/pub/security/sudo/ MAINTAINER= packages@netbsd.org HOMEPAGE= http://www.courtesan.com/sudo/ @@ -37,7 +37,12 @@ CONFIGURE_ARGS+=--with-kerb5 CONFIGURE_ARGS+=--without-kerb5 .endif -CONFIGURE_ARGS+=--with-C2 --with-nbsdops --disable-path-info +CONFIGURE_ARGS+=--with-nbsdops --disable-path-info + +# The UPGRADE file has important information on upgrading from a previous +# version of sudo. +# +MESSAGE_FILE= ${WRKSRC}/UPGRADE pre-configure: cd ${WRKSRC}; ${LOCALBASE}/bin/autoconf diff --git a/security/sudo/files/md5 b/security/sudo/files/md5 index e9540b52577..a6124bdfc4c 100644 --- a/security/sudo/files/md5 +++ b/security/sudo/files/md5 @@ -1,3 +1,3 @@ -$NetBSD: md5,v 1.7 1999/08/31 19:26:40 jlam Exp $ +$NetBSD: md5,v 1.8 1999/12/30 22:51:29 jlam Exp $ -MD5 (cu-sudo.v1.5.9p4.tar.gz) = a61f52769f0aa1925dcd2001577c7f1b +MD5 (sudo-1.6.1.tar.gz) = 9ddb779a7f378ca013e1b327292afba9 diff --git a/security/sudo/files/patch-sum b/security/sudo/files/patch-sum index a2eb3e45927..4137b34f2d4 100644 --- a/security/sudo/files/patch-sum +++ b/security/sudo/files/patch-sum @@ -1,6 +1,4 @@ -$NetBSD: patch-sum,v 1.2 1999/08/31 19:26:40 jlam Exp $ +$NetBSD: patch-sum,v 1.3 1999/12/30 22:51:29 jlam Exp $ -MD5 (patch-ab) = 8daaa7164de55a13b6fbabfa72684f4f -MD5 (patch-ac) = 9fed2f00eeaf8862161f24b5ca578fe3 -MD5 (patch-ae) = 07f67d3aae8da474e9fc963179494d9c -MD5 (patch-af) = 4df3e6587e14080636becfa674315ea6 +MD5 (patch-ab) = da4fc241e92a8a244c923d083bbadaf0 +MD5 (patch-af) = bca79c3e2453b758e5277954820f53f9 diff --git a/security/sudo/patches/patch-ab b/security/sudo/patches/patch-ab index 8469db63157..85aa06f4d0a 100644 --- a/security/sudo/patches/patch-ab +++ b/security/sudo/patches/patch-ab @@ -1,13 +1,13 @@ -$NetBSD: patch-ab,v 1.4 1999/08/31 19:26:41 jlam Exp $ +$NetBSD: patch-ab,v 1.5 1999/12/30 22:51:29 jlam Exp $ ---- check.c.orig Sat May 29 14:34:02 1999 -+++ check.c Sun Aug 29 05:42:50 1999 -@@ -1078,7 +1078,7 @@ - (void) fclose(user_skey->keyfile); - - /* get the skey part of the prompt */ -- if ((rval = skeychallenge(user_skey, user_name, challenge)) != 0) { -+ if ((rval = skeychallenge(user_skey, user_name, challenge, sizeof(challenge))) != 0) { - #ifdef OTP_ONLY - (void) fprintf(stderr, - "%s: You do not exist in the s/key database.\n", +--- auth/rfc1938.c.orig Thu Oct 7 17:21:07 1999 ++++ auth/rfc1938.c Thu Dec 30 17:23:44 1999 +@@ -109,7 +109,7 @@ + * If the user is not in the OTP db, only post a fatal error if + * we are running alone (since they may just use a normal passwd). + */ +- if (rfc1938challenge(&rfc1938, pw->pw_name, challenge) != 0) { ++ if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge)) != 0) { + if (IS_ONEANDONLY(auth)) { + (void) fprintf(stderr, + "%s: You do not exist in the %s database.\n", diff --git a/security/sudo/patches/patch-ac b/security/sudo/patches/patch-ac deleted file mode 100644 index d4eefa15e26..00000000000 --- a/security/sudo/patches/patch-ac +++ /dev/null @@ -1,14 +0,0 @@ -$NetBSD: patch-ac,v 1.5 1999/08/31 19:26:41 jlam Exp $ - ---- sudo.man.orig Sun Mar 28 23:37:03 1999 -+++ sudo.man Sun Aug 29 05:44:36 1999 -@@ -198,7 +198,8 @@ - .SH "DESCRIPTION" - \fBsudo\fR allows a permitted user to execute a \fIcommand\fR - as the superuser (real and effective uid and gid are set --to \f(CW0\fR and root's group as set in the passwd file respectively). -+to \f(CW0\fR and root's group as set in the passwd file respectively) -+by using the user's own password. - .PP - \fBsudo\fR determines who is an authorized user by consulting the - file \fI/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user diff --git a/security/sudo/patches/patch-ae b/security/sudo/patches/patch-ae deleted file mode 100644 index fef3fc09bb1..00000000000 --- a/security/sudo/patches/patch-ae +++ /dev/null @@ -1,61 +0,0 @@ -$NetBSD: patch-ae,v 1.4 1999/08/31 19:26:41 jlam Exp $ - ---- sudoers.man.orig Sun Mar 28 23:37:04 1999 -+++ sudoers.man Sun Aug 29 05:48:46 1999 -@@ -333,11 +333,11 @@ - .Ve - .Vb 6 - \& # Command alias specification --\& Cmnd_Alias LPCS=/usr/etc/lpc,/usr/ucb/lprm -+\& Cmnd_Alias LPCS=/usr/sbin/lpc,/usr/bin/lprm - \& Cmnd_Alias SHELLS=/bin/sh,/bin/csh,/bin/tcsh,/bin/ksh - \& Cmnd_Alias SU=/bin/su - \& Cmnd_Alias MISC=/bin/rm,/bin/cat:\e --\& SHUTDOWN=/etc/halt,/etc/shutdown -+\& SHUTDOWN=/sbin/halt,/sbin/shutdown - .Ve - .Vb 14 - \& # User specification -@@ -347,11 +347,11 @@ - \& +interns +openlabs=ALL,!SHELLS,!SU - \& britt REMOTE=SHUTDOWN:ALL=LPCS - \& jimbo CUNETS=/bin/su ?*,!/bin/su *root* --\& nieusma SERVERS=SHUTDOWN,/etc/reboot:\e -+\& nieusma SERVERS=SHUTDOWN,/sbin/reboot:\e - \& HUB=ALL,!SHELLS --\& jill houdini=/etc/shutdown -[hr] now,MISC --\& markm HUB=ALL,!MISC,!/etc/shutdown,!/etc/halt --\& davehieb merlin=(OP) ALL:SERVERS=/etc/halt:\e -+\& jill houdini=/sbin/shutdown -[hr] now,MISC -+\& markm HUB=ALL,!MISC,!/sbin/shutdown,!/sbin/halt -+\& davehieb merlin=(OP) ALL:SERVERS=/sbin/halt:\e - \& kodiakthorn=NOPASSWD: ALL - \& steve CSNETS=(operator) /usr/op_commands/ - .Ve -@@ -397,21 +397,21 @@ - B network). - .Ip "nieusma" 16 - The user \f(CWnieusma\fR may run commands in the \f(CWSHUTDOWN\fR alias --as well as \fI/etc/reboot\fR on the \f(CWSERVER\fR machines and -+as well as \fI/sbin/reboot\fR on the \f(CWSERVER\fR machines and - any command except those in the \f(CWSHELLS\fR alias on the \f(CWHUB\fR - machines. - .Ip "jill" 16 --The user \f(CWjill\fR may run \f(CW/etc/shutdown -h now\fR or --\f(CW/etc/shutdown -r now\fR as well as the commands in the -+The user \f(CWjill\fR may run \f(CW/sbin/shutdown -h now\fR or -+\f(CW/sbin/shutdown -r now\fR as well as the commands in the - \f(CWMISC\fR alias on houdini. - .Ip "markm" 16 - The user \f(CWmarkm\fR may run any command on the \f(CWHUB\fR machines --except \fI/etc/shutdown\fR, \fI/etc/halt\fR, and commands listed -+except \fI/sbin/shutdown\fR, \fI/sbin/halt\fR, and commands listed - in the \f(CWMISC\fR alias. - .Ip "davehieb" 16 - The user \f(CWdavehieb\fR may run any command on \f(CWmerlin\fR as any - user in the Runas_Alias \s-1OP\s0 (ie: root or operator). He may --also run \fI/etc/halt\fR on the \f(CWSERVERS\fR and any command -+also run \fI/sbin/halt\fR on the \f(CWSERVERS\fR and any command - on \f(CWkodiakthorn\fR (no password required on \f(CWkodiakthorn\fR). - .Ip "steve" 16 - The user \f(CWsteve\fR may run any command in the \fI/usr/op_commands/\fR diff --git a/security/sudo/patches/patch-af b/security/sudo/patches/patch-af index 92dd4b7697a..56ba45e69fe 100644 --- a/security/sudo/patches/patch-af +++ b/security/sudo/patches/patch-af @@ -1,22 +1,33 @@ -$NetBSD: patch-af,v 1.4 1999/08/31 19:26:41 jlam Exp $ +$NetBSD: patch-af,v 1.5 1999/12/30 22:51:29 jlam Exp $ ---- configure.in.orig Thu Jul 29 03:20:38 1999 -+++ configure.in Sun Aug 29 05:54:13 1999 -@@ -141,6 +141,17 @@ +--- configure.in.orig Wed Dec 8 23:04:45 1999 ++++ configure.in Thu Dec 30 17:14:53 1999 +@@ -146,7 +146,7 @@ + DEV="" + ;; + no) ;; +- *) echo "Ignoring unknown argument to --with-devel: $with_csops" ++ *) echo "Ignoring unknown argument to --with-devel: $with_devel" ;; esac]) -+AC_ARG_WITH(nbsdops, [ --with-nbsdops add NetBSD standard options], -+[case $with_nbsdops in -+ yes) OPTIONS="${OPTIONS} -DIGNORE_DOT_PATH -DENV_EDITOR -DUSE_TTY_TICKETS" -+ sbindir='$(exec_prefix)/sbin' -+ echo 'nbsdops--adding options: IGNORE_DOT_PATH ENV_EDITOR USE_TTY_TICKETS' -+ ;; -+ no) ;; -+ *) echo "Ignoring unknown argument to --with-nbsdops: $with-nbsdops" +@@ -162,6 +162,19 @@ + ;; + no) ;; + *) echo "Ignoring unknown argument to --with-csops: $with_csops" + ;; +esac]) + - AC_ARG_WITH(skey, [ --with-skey enable S/Key support ], - [case $with_skey in - yes) AC_DEFINE(HAVE_SKEY) ++AC_ARG_WITH(nbsdops, [ --with-nbsdops add NetBSD standard options], ++[case $with_nbsdops in ++ yes) echo 'Adding NetBSD standard options' ++ CHECKSIA=false ++ with_ignore_dot=yes ++ with_env_editor=yes ++ with_tty_tickets=yes ++ ;; ++ no) ;; ++ *) echo "Ignoring unknown argument to --with-nbsdops: $with_nbsdops" + ;; + esac]) + |