2 dnl Process this file with GNU autoconf to produce a configure script.
3 dnl $Sudo: configure.in,v 1.413.2.53 2008/06/22 20:23:56 millert Exp $
5 dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller <Todd.Miller@courtesan.com>
7 AC_INIT([sudo], [1.6.9])
8 AC_CONFIG_HEADER(config.h pathnames.h)
10 dnl This won't work before AC_INIT
12 AC_MSG_NOTICE([Configuring Sudo version 1.6.9])
14 dnl Variables that get substituted in the Makefile and man pages
21 AC_SUBST(SUDO_LDFLAGS)
27 AC_SUBST(GETGROUPS_LIB)
31 AC_SUBST(MAN_POSTINSTALL)
32 AC_SUBST(SUDOERS_MODE)
46 AC_SUBST(INSTALL_NOEXEC)
47 AC_SUBST(DONT_LEAK_PATH_INFO)
49 dnl Variables that get substituted in docs (not overridden by environment)
51 AC_SUBST(timedir)dnl initial value from SUDO_TIMEDIR
53 AC_SUBST(password_timeout)
56 AC_SUBST(long_otp_prompt)
63 AC_SUBST(mail_no_user)
64 AC_SUBST(mail_no_host)
65 AC_SUBST(mail_no_perms)
68 AC_SUBST(badpass_message)
70 AC_SUBST(runas_default)
72 AC_SUBST(passwd_tries)
78 dnl Initial values for above
83 passprompt="Password:"
95 mailsub='*** SECURITY information for %h ***'
96 badpass_message='Sorry, try again.'
107 dnl Initial values for Makefile variables listed above
108 dnl May be overridden by environment variables..
113 : ${SUDOERS_MODE='0440'}
134 shadow_libs_optional=
137 dnl Override default configure dirs...
139 if test X"$prefix" = X"NONE"; then
140 test "$mandir" = '${datarootdir}/man' && mandir='$(prefix)/man'
142 test "$mandir" = '${datarootdir}/man' && mandir='$(datarootdir)/man'
144 test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
145 test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
146 test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
149 dnl Deprecated --with options (these all warn or generate an error)
152 AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
153 [case $with_otp_only in
154 yes) with_passwd="no"
155 AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
159 AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
160 [case $with_alertmail in
161 *) with_mailto="$with_alertmail"
162 AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
167 dnl Options for --with
170 AC_ARG_WITH(CC, [ --with-CC C compiler to use],
172 yes) AC_MSG_ERROR(["must give --with-CC an argument."])
174 no) AC_MSG_ERROR(["illegal argument: --without-CC."])
180 AC_ARG_WITH(rpath, [ --with-rpath pass -R flag in addition to -L for lib paths],
183 *) AC_MSG_ERROR(["--with-rpath does not take an argument."])
187 AC_ARG_WITH(blibpath, [ --with-blibpath[=PATH] pass -blibpath flag to ld for additional lib paths],
188 [case $with_blibpath in
190 *) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
194 AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files],
195 [case $with_incpath in
196 yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
198 no) AC_MSG_ERROR(["--without-incpath not supported."])
200 *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
201 for i in ${with_incpath}; do
202 CPPFLAGS="${CPPFLAGS} -I${i}"
207 AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries],
208 [case $with_libpath in
209 yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
211 no) AC_MSG_ERROR(["--without-libpath not supported."])
213 *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
217 AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with],
218 [case $with_libraries in
219 yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
221 no) AC_MSG_ERROR(["--without-libraries not supported."])
223 *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
227 AC_ARG_WITH(devel, [ --with-devel add development options],
229 yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
230 PROGS="${PROGS} testsudoers"
231 OSDEFS="${OSDEFS} -DSUDO_DEVEL"
235 *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
239 AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging],
240 [case $with_efence in
241 yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
242 LIBS="${LIBS} -lefence"
243 if test -f /usr/local/lib/libefence.a; then
244 with_libpath="${with_libpath} /usr/local/lib"
248 *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
252 AC_ARG_WITH(csops, [ --with-csops add CSOps standard options],
254 yes) AC_MSG_NOTICE([Adding CSOps standard options])
258 with_classic_insults=yes
259 with_csops_insults=yes
265 *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
269 AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication],
270 [case $with_passwd in
271 yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
272 AC_MSG_RESULT($with_passwd)
274 test "$with_passwd" = "yes" && AUTH_REG="$AUTH_REG passwd"
276 *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
280 AC_ARG_WITH(skey, [ --with-skey[=DIR] enable S/Key support ],
284 *) AC_DEFINE(HAVE_SKEY)
285 AC_MSG_CHECKING(whether to try S/Key authentication)
287 AUTH_REG="$AUTH_REG S/Key"
291 AC_ARG_WITH(opie, [ --with-opie[=DIR] enable OPIE support ],
295 *) AC_DEFINE(HAVE_OPIE)
296 AC_MSG_CHECKING(whether to try NRL OPIE authentication)
298 AUTH_REG="$AUTH_REG NRL_OPIE"
302 AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt],
303 [case $with_long_otp_prompt in
304 yes) AC_DEFINE(LONG_OTP_PROMPT)
305 AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
309 no) long_otp_prompt=off
311 *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
315 AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support],
316 [case $with_SecurID in
317 no) with_SecurID="";;
318 *) AC_DEFINE(HAVE_SECURID)
319 AC_MSG_CHECKING(whether to use SecurID for authentication)
321 AUTH_EXCL="$AUTH_EXCL SecurID"
325 AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support],
328 *) AC_DEFINE(HAVE_FWTK)
329 AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
331 AUTH_EXCL="$AUTH_EXCL FWTK"
335 AC_ARG_WITH(kerb4, [ --with-kerb4[[=DIR]] enable Kerberos IV support],
338 *) AC_MSG_CHECKING(whether to try kerberos IV authentication)
340 AUTH_REG="$AUTH_REG kerb4"
344 AC_ARG_WITH(kerb5, [ --with-kerb5[[=DIR]] enable Kerberos V support],
347 *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
349 AUTH_REG="$AUTH_REG kerb5"
353 AC_ARG_WITH(aixauth, [ --with-aixauth enable AIX general authentication support],
354 [case $with_aixauth in
355 yes) AUTH_EXCL="$AUTH_EXCL AIX_AUTH";;
357 *) AC_MSG_ERROR(["--with-aixauth does not take an argument."])
361 AC_ARG_WITH(pam, [ --with-pam enable PAM support],
363 yes) AUTH_EXCL="$AUTH_EXCL PAM";;
365 *) AC_MSG_ERROR(["--with-pam does not take an argument."])
369 AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
371 yes) AC_DEFINE(HAVE_AFS)
372 AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
374 AUTH_REG="$AUTH_REG AFS"
377 *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
381 AC_ARG_WITH(DCE, [ --with-DCE enable DCE support],
383 yes) AC_DEFINE(HAVE_DCE)
384 AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
386 AUTH_REG="$AUTH_REG DCE"
389 *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
393 AC_ARG_WITH(logincap, [ --with-logincap enable BSD login class support],
394 [case $with_logincap in
396 *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
400 AC_ARG_WITH(bsdauth, [ --with-bsdauth enable BSD authentication support],
401 [case $with_bsdauth in
402 yes) AUTH_EXCL="$AUTH_EXCL BSD_AUTH";;
404 *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
408 AC_ARG_WITH(project, [ --with-project enable Solaris project support],
409 [case $with_project in
412 *) AC_MSG_ERROR(["--with-project does not take an argument."])
416 AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
417 AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
418 [case $with_lecture in
419 yes|short|always) lecture=once
421 no|none|never) lecture=never
423 *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
426 if test "$lecture" = "once"; then
429 AC_DEFINE(NO_LECTURE)
433 AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
434 AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
435 [case $with_logging in
436 yes) AC_MSG_ERROR(["must give --with-logging an argument."])
438 no) AC_MSG_ERROR(["--without-logging not supported."])
440 syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG)
441 AC_MSG_RESULT(syslog)
443 file) AC_DEFINE(LOGGING, SLOG_FILE)
446 both) AC_DEFINE(LOGGING, SLOG_BOTH)
449 *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
451 esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
453 AC_MSG_CHECKING(which syslog facility sudo should log with)
454 AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")],
455 [case $with_logfac in
456 yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
458 no) AC_MSG_ERROR(["--without-logfac not supported."])
460 authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
462 *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
465 AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
466 AC_MSG_RESULT($logfac)
468 AC_MSG_CHECKING(at which syslog priority to log commands)
469 AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")],
470 [case $with_goodpri in
471 yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
473 no) AC_MSG_ERROR(["--without-goodpri not supported."])
475 alert|crit|debug|emerg|err|info|notice|warning)
476 goodpri=$with_goodpri
478 *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
481 AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
482 AC_MSG_RESULT($goodpri)
484 AC_MSG_CHECKING(at which syslog priority to log failures)
485 AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")],
486 [case $with_badpri in
487 yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
489 no) AC_MSG_ERROR(["--without-badpri not supported."])
491 alert|crit|debug|emerg|err|info|notice|warning)
494 *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
497 AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
498 AC_MSG_RESULT($badpri)
500 AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
501 [case $with_logpath in
502 yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
504 no) AC_MSG_ERROR(["--without-logpath not supported."])
508 AC_MSG_CHECKING(how long a line in the log file should be)
509 AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)],
510 [case $with_loglen in
511 yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
513 no) AC_MSG_ERROR(["--without-loglen not supported."])
515 [[0-9]]*) loglen=$with_loglen
517 *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
520 AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
521 AC_MSG_RESULT($loglen)
523 AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
524 AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
525 [case $with_ignore_dot in
530 *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
533 if test "$ignore_dot" = "on"; then
534 AC_DEFINE(IGNORE_DOT_PATH)
540 AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
541 AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers],
542 [case $with_mail_if_no_user in
547 *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
550 if test "$mail_no_user" = "on"; then
551 AC_DEFINE(SEND_MAIL_WHEN_NO_USER)
557 AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
558 AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host],
559 [case $with_mail_if_no_host in
564 *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
567 if test "$mail_no_host" = "on"; then
568 AC_DEFINE(SEND_MAIL_WHEN_NO_HOST)
574 AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
575 AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command],
576 [case $with_mail_if_noperms in
581 *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
584 if test "$mail_noperms" = "on"; then
585 AC_DEFINE(SEND_MAIL_WHEN_NOT_OK)
591 AC_MSG_CHECKING(who should get the mail that sudo sends)
592 AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
593 [case $with_mailto in
594 yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
596 no) AC_MSG_ERROR(["--without-mailto not supported."])
598 *) mailto=$with_mailto
601 AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
602 AC_MSG_RESULT([$mailto])
604 AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
605 [case $with_mailsubject in
606 yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
608 no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
610 *) mailsub="$with_mailsubject"
611 AC_MSG_CHECKING(sudo mail subject)
612 AC_MSG_RESULT([Using alert mail subject: $mailsub])
615 AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
617 AC_MSG_CHECKING(for bad password prompt)
618 AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt],
619 [case $with_passprompt in
620 yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
622 no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
624 *) passprompt="$with_passprompt"
626 AC_MSG_RESULT($passprompt)
627 AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
629 AC_MSG_CHECKING(for bad password message)
630 AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong],
631 [case $with_badpass_message in
632 yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
634 no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
636 *) badpass_message="$with_badpass_message"
639 AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
640 AC_MSG_RESULT([$badpass_message])
642 AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
643 AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers],
649 *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
652 if test "$fqdn" = "on"; then
659 AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir],
660 [case $with_timedir in
661 yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
663 no) AC_MSG_ERROR(["--without-timedir not supported."])
667 AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail
668 --without-sendmail do not send mail at all],
669 [case $with_sendmail in
670 yes) with_sendmail=""
673 *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
677 AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)],
678 [case $with_sudoers_mode in
679 yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
681 no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
683 [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
685 0*) SUDOERS_MODE=$with_sudoers_mode
687 *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
691 AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)],
692 [case $with_sudoers_uid in
693 yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
695 no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
697 [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
699 *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
703 AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)],
704 [case $with_sudoers_gid in
705 yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
707 no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
709 [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
711 *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
715 AC_MSG_CHECKING(for umask programs should be run with)
716 AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022)
717 --without-umask Preserves the umask of the user invoking sudo.],
719 yes) AC_MSG_ERROR(["must give --with-umask an argument."])
723 [[0-9]]*) sudo_umask=$with_umask
725 *) AC_MSG_ERROR(["you must enter a numeric mask."])
728 AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
729 if test "$sudo_umask" = "0777"; then
732 AC_MSG_RESULT($sudo_umask)
735 AC_MSG_CHECKING(for default user to run commands as)
736 AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")],
737 [case $with_runas_default in
738 yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
740 no) AC_MSG_ERROR(["--without-runas-default not supported."])
742 *) runas_default="$with_runas_default"
745 AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
746 AC_MSG_RESULT([$runas_default])
748 AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group],
749 [case $with_exempt in
750 yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
752 no) AC_MSG_ERROR(["--without-exempt not supported."])
754 *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
755 AC_MSG_CHECKING(for group to be exempt from password)
756 AC_MSG_RESULT([$with_exempt])
760 AC_MSG_CHECKING(for editor that visudo should use)
761 AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)],
762 [case $with_editor in
763 yes) AC_MSG_ERROR(["must give --with-editor an argument."])
765 no) AC_MSG_ERROR(["--without-editor not supported."])
767 *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
768 AC_MSG_RESULT([$with_editor])
770 esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
772 AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
773 AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo],
774 [case $with_env_editor in
779 *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
782 if test "$env_editor" = "on"; then
783 AC_DEFINE(ENV_EDITOR)
789 AC_MSG_CHECKING(number of tries a user gets to enter their password)
790 AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)],
791 [case $with_passwd_tries in
793 no) AC_MSG_ERROR(["--without-editor not supported."])
795 [[1-9]]*) passwd_tries=$with_passwd_tries
797 *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
800 AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
801 AC_MSG_RESULT($passwd_tries)
803 AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
804 AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)],
805 [case $with_timeout in
809 [[0-9]]*) timeout=$with_timeout
811 *) AC_MSG_ERROR(["you must enter the numer of minutes."])
814 AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
815 AC_MSG_RESULT($timeout)
817 AC_MSG_CHECKING(time in minutes after the password prompt will time out)
818 AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)],
819 [case $with_password_timeout in
821 no) password_timeout=0
823 [[0-9]]*) password_timeout=$with_password_timeout
825 *) AC_MSG_ERROR(["you must enter the numer of minutes."])
828 AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
829 AC_MSG_RESULT($password_timeout)
831 AC_MSG_CHECKING(whether to use per-tty ticket files)
832 AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty],
833 [case $with_tty_tickets in
838 *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
841 if test "$tty_tickets" = "on"; then
842 AC_DEFINE(USE_TTY_TICKETS)
848 AC_MSG_CHECKING(whether to include insults)
849 AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password],
850 [case $with_insults in
852 with_classic_insults=yes
853 with_csops_insults=yes
857 *) AC_MSG_ERROR(["--with-insults does not take an argument."])
860 if test "$insults" = "on"; then
861 AC_DEFINE(USE_INSULTS)
867 AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets],
868 [case $with_all_insults in
869 yes) with_classic_insults=yes
870 with_csops_insults=yes
872 with_goons_insults=yes
875 *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
879 AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo],
880 [case $with_classic_insults in
881 yes) AC_DEFINE(CLASSIC_INSULTS)
884 *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
888 AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults],
889 [case $with_csops_insults in
890 yes) AC_DEFINE(CSOPS_INSULTS)
893 *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
897 AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults],
898 [case $with_hal_insults in
899 yes) AC_DEFINE(HAL_INSULTS)
902 *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
906 AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"],
907 [case $with_goons_insults in
908 yes) AC_DEFINE(GOONS_INSULTS)
911 *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
915 AC_ARG_WITH(ldap, [ --with-ldap[[=DIR]] enable LDAP support],
918 *) AC_DEFINE(HAVE_LDAP)
919 AC_MSG_CHECKING(whether to use sudoers from LDAP)
923 AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file],
924 [AC_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "$with_ldap_conf_file", [Path to the ldap.conf file])])
925 AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP secret password file],
926 [AC_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$with_ldap_secret_file", [Path to the ldap.secret file])])
928 AC_ARG_WITH(pc-insults, [ --with-pc-insults replace politically incorrect insults with less offensive ones],
929 [case $with_pc_insults in
930 yes) AC_DEFINE(PC_INSULTS)
933 *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."])
937 dnl include all insult sets on one line
938 if test "$insults" = "on"; then
939 AC_MSG_CHECKING(which insult sets to include)
941 test "$with_goons_insults" = "yes" && i="goons ${i}"
942 test "$with_hal_insults" = "yes" && i="hal ${i}"
943 test "$with_csops_insults" = "yes" && i="csops ${i}"
944 test "$with_classic_insults" = "yes" && i="classic ${i}"
948 AC_MSG_CHECKING(whether to override the user's path)
949 AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a built-in one],
950 [case $with_secure_path in
951 yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc")
952 AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc])
954 no) AC_MSG_RESULT(no)
956 *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
957 AC_MSG_RESULT([$with_secure_path])
959 esac], AC_MSG_RESULT(no))
961 AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
962 AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces],
963 [case $with_interfaces in
964 yes) AC_MSG_RESULT(yes)
966 no) AC_DEFINE(STUB_LOAD_INTERFACES)
969 *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
971 esac], AC_MSG_RESULT(yes))
973 AC_MSG_CHECKING(whether stow should be used)
974 AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging],
976 yes) AC_MSG_RESULT(yes)
979 no) AC_MSG_RESULT(no)
981 *) AC_MSG_ERROR(["--with-stow does not take an argument."])
983 esac], AC_MSG_RESULT(no))
986 dnl Options for --enable
989 AC_MSG_CHECKING(whether to do user authentication by default)
990 AC_ARG_ENABLE(authentication,
991 [ --disable-authentication
992 Do not require authentication by default],
993 [ case "$enableval" in
994 yes) AC_MSG_RESULT(yes)
996 no) AC_MSG_RESULT(no)
997 AC_DEFINE(NO_AUTHENTICATION)
1000 AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1003 ], AC_MSG_RESULT(yes))
1005 AC_MSG_CHECKING(whether to disable running the mailer as root)
1006 AC_ARG_ENABLE(root-mailer,
1007 [ --disable-root-mailer Don't run the mailer as root, run as the user],
1008 [ case "$enableval" in
1009 yes) AC_MSG_RESULT(no)
1011 no) AC_MSG_RESULT(yes)
1012 AC_DEFINE(NO_ROOT_MAILER)
1014 *) AC_MSG_RESULT(no)
1015 AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1018 ], AC_MSG_RESULT(no))
1020 AC_ARG_ENABLE(setreuid,
1021 [ --disable-setreuid Don't try to use the setreuid() function],
1022 [ case "$enableval" in
1023 no) SKIP_SETREUID=yes
1029 AC_ARG_ENABLE(setresuid,
1030 [ --disable-setresuid Don't try to use the setresuid() function],
1031 [ case "$enableval" in
1032 no) SKIP_SETRESUID=yes
1038 AC_MSG_CHECKING(whether to disable shadow password support)
1039 AC_ARG_ENABLE(shadow,
1040 [ --disable-shadow Never use shadow passwords],
1041 [ case "$enableval" in
1042 yes) AC_MSG_RESULT(no)
1044 no) AC_MSG_RESULT(yes)
1047 *) AC_MSG_RESULT(no)
1048 AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1051 ], AC_MSG_RESULT(no))
1053 AC_MSG_CHECKING(whether root should be allowed to use sudo)
1054 AC_ARG_ENABLE(root-sudo,
1055 [ --disable-root-sudo Don't allow root to run sudo],
1056 [ case "$enableval" in
1057 yes) AC_MSG_RESULT(yes)
1059 no) AC_DEFINE(NO_ROOT_SUDO)
1063 *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1066 ], AC_MSG_RESULT(yes))
1068 AC_MSG_CHECKING(whether to log the hostname in the log file)
1069 AC_ARG_ENABLE(log-host,
1070 [ --enable-log-host Log the hostname in the log file],
1071 [ case "$enableval" in
1072 yes) AC_MSG_RESULT(yes)
1073 AC_DEFINE(HOST_IN_LOG)
1075 no) AC_MSG_RESULT(no)
1077 *) AC_MSG_RESULT(no)
1078 AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1081 ], AC_MSG_RESULT(no))
1083 AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1084 AC_ARG_ENABLE(noargs-shell,
1085 [ --enable-noargs-shell If sudo is given no arguments run a shell],
1086 [ case "$enableval" in
1087 yes) AC_MSG_RESULT(yes)
1088 AC_DEFINE(SHELL_IF_NO_ARGS)
1090 no) AC_MSG_RESULT(no)
1092 *) AC_MSG_RESULT(no)
1093 AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1096 ], AC_MSG_RESULT(no))
1098 AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1099 AC_ARG_ENABLE(shell-sets-home,
1100 [ --enable-shell-sets-home
1101 set $HOME to target user in shell mode],
1102 [ case "$enableval" in
1103 yes) AC_MSG_RESULT(yes)
1104 AC_DEFINE(SHELL_SETS_HOME)
1106 no) AC_MSG_RESULT(no)
1108 *) AC_MSG_RESULT(no)
1109 AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1112 ], AC_MSG_RESULT(no))
1114 AC_MSG_CHECKING(whether to disable 'command not found' messages)
1115 AC_ARG_ENABLE(path_info,
1116 [ --disable-path-info Print 'command not allowed' not 'command not found'],
1117 [ case "$enableval" in
1118 yes) AC_MSG_RESULT(no)
1120 no) AC_MSG_RESULT(yes)
1121 AC_DEFINE(DONT_LEAK_PATH_INFO)
1124 *) AC_MSG_RESULT(no)
1125 AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1128 ], AC_MSG_RESULT(no))
1130 AC_ARG_WITH(selinux, [ --with-selinux enable SELinux support],
1131 [case $with_selinux in
1132 yes) AC_DEFINE(HAVE_SELINUX)
1133 SUDO_LIBS="${SUDO_LIBS} -lselinux"
1134 SUDO_OBJS="${SUDO_OBJS} selinux.o"
1135 PROGS="${PROGS} sesh"
1140 *) AC_MSG_ERROR(["--with-selinux does not take an argument."])
1145 dnl If we don't have egrep we can't do anything...
1147 AC_CHECK_PROG(EGREPPROG, egrep, egrep)
1148 if test -z "$EGREPPROG"; then
1149 AC_MSG_ERROR([Sorry, configure requires egrep to run.])
1153 dnl Prevent configure from adding the -g flag unless in devel mode
1155 if test "$with_devel" != "yes"; then
1160 dnl C compiler checks
1166 dnl Libtool magic; enable shared libs and disable static libs
1169 AC_CANONICAL_TARGET([])
1174 dnl Defer with_noexec until after libtool magic runs
1176 if test "$enable_shared" = "no"; then
1179 eval _shrext="$shrext_cmds"
1181 AC_MSG_CHECKING(path to sudo_noexec.so)
1182 AC_ARG_WITH(noexec, [ --with-noexec[=PATH] fully qualified pathname of sudo_noexec.so],
1183 [case $with_noexec in
1184 yes) with_noexec="$libexecdir/sudo_noexec$_shrext"
1188 esac], [with_noexec="$libexecdir/sudo_noexec$_shrext"])
1189 AC_MSG_RESULT($with_noexec)
1190 NOEXECFILE="sudo_noexec$_shrext"
1191 NOEXECDIR="`echo $with_noexec|sed 's:^\(.*\)/[[^/]]*:\1:'`"
1194 dnl It is now safe to modify CFLAGS and CPPFLAGS
1196 if test "$with_devel" = "yes" -a -n "$GCC"; then
1197 CFLAGS="${CFLAGS} -Wall"
1201 dnl Find programs we use
1203 AC_CHECK_PROG(UNAMEPROG, uname, uname)
1204 AC_CHECK_PROG(TRPROG, tr, tr)
1205 AC_CHECK_PROG(NROFFPROG, nroff, nroff)
1206 if test -z "$NROFFPROG"; then
1208 mansrcdir='$(srcdir)'
1212 dnl What kind of beastie are we being run on?
1213 dnl Barf if config.cache was generated on another host.
1215 if test -n "$sudo_cv_prev_host"; then
1216 if test "$sudo_cv_prev_host" != "$host"; then
1217 AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1219 AC_MSG_CHECKING(previous host type)
1220 AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1221 AC_MSG_RESULT([$sudo_cv_prev_host])
1224 # this will produce no output since there is no cached value
1225 AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1229 dnl We want to be able to differentiate between different rev's
1231 if test -n "$host_os"; then
1232 OS=`echo $host_os | sed 's/[[0-9]].*//'`
1233 OSREV=`echo $host_os | sed 's/^[[^0-9\.]]*\([[0-9\.]]*\).*$/\1/'`
1234 OSMAJOR=`echo $OSREV | sed 's/\..*$//'`
1243 # getcwd(3) opens a pipe to getpwd(1)!?!
1246 # system headers lack prototypes but gcc helps...
1247 if test -n "$GCC"; then
1248 OSDEFS="${OSDEFS} -D__USE_FIXED_PROTOTYPES__"
1251 shadow_funcs="getpwanam issecure"
1254 # To get the crypt(3) prototype (so we pass -Wall)
1255 OSDEFS="${OSDEFS} -D__EXTENSIONS__"
1256 # AFS support needs -lucb
1257 if test "$with_AFS" = "yes"; then
1258 AFS_LIBS="-lc -lucb"
1261 : ${mansectform='4'}
1262 : ${with_rpath='yes'}
1263 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1266 # To get all prototypes (so we pass -Wall)
1267 OSDEFS="${OSDEFS} -D_XOPEN_EXTENDED_SOURCE -D_ALL_SOURCE"
1268 SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1269 if test X"$with_blibpath" != X"no"; then
1270 AC_MSG_CHECKING([if linker accepts -Wl,-blibpath])
1271 O_LDFLAGS="$LDFLAGS"
1272 LDFLAGS="$O_LDFLAGS -Wl,-blibpath:/usr/lib:/lib"
1273 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], [
1274 if test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
1275 blibpath="$with_blibpath"
1276 elif test -n "$GCC"; then
1277 blibpath="/usr/lib:/lib:/usr/local/lib"
1279 blibpath="/usr/lib:/lib"
1282 ], [AC_MSG_RESULT(no)])
1284 LDFLAGS="$O_LDFLAGS"
1286 # Use authenticate(3) as the default authentication method
1287 if test X"$with_aixauth" = X""; then
1288 AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
1293 : ${mansectform='4'}
1296 # AFS support needs -lBSD
1297 if test "$with_AFS" = "yes"; then
1298 AFS_LIBS="-lc -lBSD"
1301 : ${mansectform='4'}
1305 AC_DEFINE(BROKEN_SYSLOG)
1307 # Not sure if setuid binaries are safe in < 9.x
1308 if test -n "$GCC"; then
1309 SUDO_LDFLAGS="${SUDO_LDFLAGS} -static"
1311 SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-a,archive"
1315 AC_DEFINE(BROKEN_SYSLOG)
1317 shadow_funcs="getspwuid"
1319 # DCE support (requires ANSI C compiler)
1320 if test "$with_DCE" = "yes"; then
1321 # order of libs in 9.X is important. -lc_r must be last
1322 SUDO_LIBS="${SUDO_LIBS} -ldce -lM -lc_r"
1323 LIBS="${LIBS} -ldce -lM -lc_r"
1324 CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1328 shadow_funcs="getprpwnam iscomsec"
1332 shadow_funcs="getspnam iscomsec"
1334 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1339 # ignore envariables wrt dynamic lib path
1340 SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement"
1342 : ${CHECKSIA='true'}
1343 AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1345 [ --disable-sia Disable SIA on Digital UNIX],
1346 [ case "$enableval" in
1347 yes) AC_MSG_RESULT(no)
1350 no) AC_MSG_RESULT(yes)
1353 *) AC_MSG_RESULT(no)
1354 AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1357 ], AC_MSG_RESULT(no))
1359 shadow_funcs="getprpwnam dispcrypt"
1360 # OSF/1 4.x and higher need -ldb too
1361 if test $OSMAJOR -lt 4; then
1362 shadow_libs="-lsecurity -laud -lm"
1364 shadow_libs="-lsecurity -ldb -laud -lm"
1367 # use SIA by default, if we have it
1368 test "$CHECKSIA" = "true" && AUTH_EXCL_DEF="SIA"
1371 # Some versions of Digital Unix ship with a broken
1372 # copy of prot.h, which we need for shadow passwords.
1373 # XXX - make should remove this as part of distclean
1375 AC_MSG_CHECKING([for broken prot.h])
1376 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1377 #include <sys/types.h>
1378 #include <sys/security.h>
1380 ]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
1381 sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1384 : ${mansectform='4'}
1387 OSDEFS="${OSDEFS} -D_BSD_TYPES"
1388 if test -z "$NROFFPROG"; then
1389 MAN_POSTINSTALL=' /bin/rm -f $(mandirsu)/sudo.$(mansectsu).z $(mandirsu)/visudo.$(mansectsu).z $(mandirform)/sudoers.$(mansectform).z ; /usr/bin/pack $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform)'
1390 if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1391 if test -d /usr/share/catman/local; then
1392 mandir="/usr/share/catman/local"
1394 mandir="/usr/catman/local"
1398 if test "$prefix" = "/usr/local" -a "$mandir" = '$(prefix)/man'; then
1399 if test -d "/usr/share/man/local"; then
1400 mandir="/usr/share/man/local"
1402 mandir="/usr/man/local"
1406 # IRIX <= 4 needs -lsun
1407 if test "$OSMAJOR" -le 4; then
1408 AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1411 : ${mansectform='4'}
1413 *-*-linux*|*-*-k*bsd*-gnu)
1414 OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1415 # Some Linux versions need to link with -lshadow
1416 shadow_funcs="getspnam"
1417 shadow_libs_optional="-lshadow"
1418 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1421 OSDEFS="${OSDEFS} -D_CONVEX_SOURCE"
1422 if test -z "$GCC"; then
1423 CFLAGS="${CFLAGS} -D__STDC__"
1426 shadow_defs="-D_AUDIT -D_ACL -DSecureWare"
1427 shadow_funcs="getprpwnam"
1428 shadow_libs="-lprot"
1432 shadow_funcs="getauthuid"
1433 shadow_libs="-lauth"
1436 LIBS="${LIBS} -lsun -lbsd"
1437 CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1438 OSDEFS="${OSDEFS} -D_MIPS"
1440 : ${mansectform='4'}
1443 OSDEFS="${OSDEFS} -D_ISC"
1445 SUDO_LIBS="${SUDO_LIBS} -lcrypt"
1446 LIBS="${LIBS} -lcrypt"
1448 shadow_funcs="getspnam"
1452 : ${mansectform='4'}
1455 shadow_funcs="getprpwnam"
1456 shadow_libs="-lprot -lx"
1458 : ${mansectform='4'}
1460 m88k-motorola-sysv*)
1461 # motorolla's cc (a variant of gcc) does -O but not -O2
1462 CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1464 : ${mansectform='4'}
1467 shadow_funcs="getspnam"
1470 : ${mansectform='4'}
1471 : ${with_rpath='yes'}
1473 *-ncr-sysv4*|*-ncr-sysvr4*)
1474 AC_CHECK_LIB(c89, strcasecmp, AC_DEFINE(HAVE_STRCASECMP) [LIBS="${LIBS} -lc89"; ac_cv_func_strcasecmp=yes])
1476 : ${mansectform='4'}
1477 : ${with_rpath='yes'}
1479 *-ccur-sysv4*|*-ccur-sysvr4*)
1480 LIBS="${LIBS} -lgen"
1481 SUDO_LIBS="${SUDO_LIBS} -lgen"
1483 : ${mansectform='4'}
1484 : ${with_rpath='yes'}
1488 # Use shlicc for BSD/OS [23].x unless asked to do otherwise
1489 if test "${with_CC+set}" != set -a "$ac_cv_prog_CC" = gcc; then
1491 2|3) AC_MSG_NOTICE([using shlicc as CC])
1492 ac_cv_prog_CC=shlicc
1497 # Check for newer BSD auth API (just check for >= 3.0?)
1498 if test -z "$with_bsdauth"; then
1499 AC_CHECK_FUNCS(auth_challenge, [AUTH_EXCL_DEF="BSD_AUTH"])
1503 # FreeBSD has a real setreuid(2) starting with 2.1 and
1504 # backported to 2.0.5. We just take 2.1 and above...
1510 if test "$with_skey" = "yes"; then
1511 SUDO_LIBS="${SUDO_LIBS} -lmd"
1514 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1515 : ${with_logincap='maybe'}
1518 # OpenBSD has a real setreuid(2) starting with 3.3 but
1519 # we will use setreuid(2) instead.
1522 # OpenBSD >= 3.0 supports BSD auth
1523 if test -z "$with_bsdauth"; then
1528 AUTH_EXCL_DEF="BSD_AUTH"
1532 : ${with_logincap='maybe'}
1535 # NetBSD has a real setreuid(2) starting with 1.3.2
1537 0.9*|1.[012]*|1.3|1.3.1)
1542 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1543 : ${with_logincap='maybe'}
1546 if test "$with_skey" = "yes"; then
1547 SUDO_LIBS="${SUDO_LIBS} -lmd"
1550 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1551 : ${with_logincap='yes'}
1559 test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1560 : ${with_logincap='yes'}
1563 # lockf() on is broken on the NeXT -- use flock instead
1565 ac_cv_func_flock=yes
1569 : ${mansectform='4'}
1570 : ${with_rpath='yes'}
1574 : ${mansectform='4'}
1577 OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1582 dnl Check for mixing mutually exclusive and regular auth methods
1584 AUTH_REG=${AUTH_REG# }
1585 AUTH_EXCL=${AUTH_EXCL# }
1586 if test -n "$AUTH_EXCL"; then
1588 if test $# != 1; then
1589 AC_MSG_ERROR([More than one mutually exclusive authentication method specified: $AUTH_EXCL])
1591 if test -n "$AUTH_REG"; then
1592 AC_MSG_ERROR([Cannot mix mutually exclusive ($AUTH_EXCL) and regular ($AUTH_REG) authentication methods])
1596 dnl Only one of S/Key and OPIE may be specified
1598 if test X"${with_skey}${with_opie}" = X"yesyes"; then
1599 AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
1603 dnl Use BSD-style man sections by default
1606 : ${mansectform='5'}
1609 dnl Add in any libpaths or libraries specified via configure
1611 if test -n "$with_libpath"; then
1612 for i in ${with_libpath}; do
1613 SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
1616 if test -n "$with_libraries"; then
1617 for i in ${with_libraries}; do
1629 dnl C compiler checks (to be done after os checks)
1631 AC_PROG_GCC_TRADITIONAL
1640 if test -z "$with_sendmail"; then
1643 if test -z "$with_editor"; then
1647 dnl Header file checks
1652 AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h)
1653 AC_CHECK_HEADERS([err.h], [], [AC_LIBOBJ(err)])
1654 dnl ultrix termio/termios are broken
1655 if test "$OS" != "ultrix"; then
1656 AC_SYS_POSIX_TERMIOS
1657 if test "$ac_cv_sys_posix_termios" = "yes"; then
1658 AC_DEFINE(HAVE_TERMIOS_H)
1660 AC_CHECK_HEADERS(termio.h)
1663 if test ${with_logincap-'no'} != "no"; then
1664 AC_CHECK_HEADERS(login_cap.h, [LCMAN=""
1666 freebsd|netbsd) SUDO_LIBS="${SUDO_LIBS} -lutil"
1671 if test ${with_project-'no'} != "no"; then
1672 AC_CHECK_HEADER(project.h, AC_DEFINE(HAVE_PROJECT_H)
1673 [SUDO_LIBS="${SUDO_LIBS} -lproject"], -)
1680 AC_CHECK_TYPES([sig_atomic_t], , [AC_DEFINE(sig_atomic_t, int)], [#include <sys/types.h>
1681 #include <signal.h>])
1682 AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T)], [], [#include <sys/types.h>
1683 #include <signal.h>])
1684 AC_CHECK_TYPE([struct timespec], [AC_DEFINE(HAVE_TIMESPEC)], [], [#include <sys/types.h>
1685 #if TIME_WITH_SYS_TIME
1686 # include <sys/time.h>
1689 AC_CHECK_TYPES([struct in6_addr], [AC_DEFINE(HAVE_IN6_ADDR)], [], [#include <sys/types.h>
1690 #include <netinet/in.h>])
1700 dnl only set RETSIGTYPE if it is not set already
1710 AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
1711 strftime setrlimit initgroups getgroups fstat gettimeofday \
1712 setlocale getaddrinfo setsid)
1713 if test -z "$SKIP_SETRESUID"; then
1714 AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes])
1716 if test -z "$SKIP_SETREUID"; then
1717 AC_CHECK_FUNCS(setreuid, [SKIP_SETEUID=yes])
1719 if test -z "$SKIP_SETEUID"; then
1720 AC_CHECK_FUNCS(seteuid)
1722 if test X"$with_interfaces" != X"no"; then
1723 AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
1725 if test -z "$BROKEN_GETCWD"; then
1726 AC_REPLACE_FUNCS(getcwd)
1728 AC_CHECK_FUNCS(glob, [AC_MSG_CHECKING(for GLOB_BRACE and GLOB_TILDE in glob.h)
1729 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <glob.h>]], [[int i = GLOB_BRACE | GLOB_TILDE; (void)i;]])], [AC_DEFINE(HAVE_EXTENDED_GLOB)
1730 AC_MSG_RESULT(yes)], [AC_LIBOBJ(glob)
1731 AC_MSG_RESULT(no)])], [AC_LIBOBJ(glob)])
1732 AC_CHECK_FUNCS(lockf flock, [break])
1733 AC_CHECK_FUNCS(waitpid wait3, [break])
1734 AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
1735 AC_CHECK_FUNCS(lsearch, [], [AC_CHECK_LIB([compat], [lsearch], [AC_CHECK_HEADER([search.h], [AC_DEFINE(HAVE_LSEARCH)] [LIBS="${LIBS} -lcompat"], [AC_LIBOBJ(lsearch)], -)], [AC_LIBOBJ(lsearch)])])
1736 AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
1737 SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH)], [AC_LIBOBJ(fnmatch)])
1739 AC_REPLACE_FUNCS(memrchr strerror strcasecmp sigaction strlcpy strlcat)
1740 AC_CHECK_FUNCS(closefrom, [], [AC_LIBOBJ(closefrom)
1741 AC_CHECK_DECL(F_CLOSEM, AC_DEFINE(HAVE_FCNTL_CLOSEM), [],
1742 [ #include <limits.h>
1743 #include <fcntl.h> ])
1745 AC_CHECK_FUNCS(mkstemp, [], [SUDO_OBJS="${SUDO_OBJS} mkstemp.o"
1746 AC_CHECK_FUNCS(random lrand48, [break])
1748 AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
1749 if test X"$ac_cv_type_struct_timespec" != X"no"; then
1750 AC_CHECK_MEMBER([struct stat.st_mtim], [AC_DEFINE(HAVE_ST_MTIM)]
1751 [AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
1752 [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
1753 AC_MSG_CHECKING([for two-parameter timespecsub])
1754 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1755 #include <sys/time.h>]], [[struct timespec ts1, ts2;
1756 ts1.tv_sec = 1; ts1.tv_nsec = 0; ts2.tv_sec = 0; ts2.tv_nsec = 0;
1758 #error missing timespecsub
1760 timespecsub(&ts1, &ts2);]])], [AC_DEFINE(HAVE_TIMESPECSUB2)
1761 AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no)])
1764 dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR.
1766 AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
1767 #include <$ac_header_dirent>]], [[DIR *d; (void)dirfd(d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_TRY_LINK([#include <sys/types.h>
1768 #include <$ac_header_dirent>], [DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);], [AC_DEFINE(HAVE_DD_FD)])])
1770 dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
1771 dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
1773 if test -n "$NEED_SNPRINTF"; then
1777 dnl If socket(2) not in libc, check -lsocket and -linet
1778 dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1779 dnl In this case we look for main(), not socket() to avoid using a cached value
1781 AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
1782 AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
1784 dnl If inet_addr(3) not in libc, check -lnsl and -linet
1785 dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
1787 AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
1788 AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
1790 dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
1792 AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
1794 dnl Bison and DCE use alloca(3), if not in libc, use the sudo one (from gcc)
1795 dnl (gcc includes its own alloca(3) but other compilers may not)
1797 if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then
1801 dnl Check for getprogname() or __progname
1803 AC_CHECK_FUNCS(getprogname, , [
1804 AC_MSG_CHECKING([for __progname])
1805 AC_CACHE_VAL(sudo_cv___progname, [
1806 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern char *__progname; (void)puts(__progname);]])], [sudo_cv___progname=yes], [sudo_cv___progname=no])])
1807 if test "$sudo_cv___progname" = "yes"; then
1808 AC_DEFINE(HAVE___PROGNAME)
1810 AC_LIBOBJ(getprogname)
1812 AC_MSG_RESULT($sudo_cv___progname)
1816 dnl Mutually exclusive auth checks come first, followed by
1817 dnl non-exclusive ones. Note: passwd must be last of all!
1821 dnl Convert default authentication methods to with_* if
1822 dnl no explicit authentication scheme was specified.
1824 if test -z "${AUTH_EXCL}${AUTH_REG}" -a -n "$AUTH_EXCL_DEF"; then
1825 for auth in $AUTH_EXCL_DEF; do
1827 AIX_AUTH) with_aixauth=maybe;;
1828 BSD_AUTH) with_bsdauth=maybe;;
1829 PAM) with_pam=maybe;;
1830 SIA) CHECKSIA=true;;
1836 dnl PAM support. Systems that use PAM by default set with_pam=default
1837 dnl and we do the actual tests here.
1839 if test ${with_pam-"no"} != "no"; then
1841 dnl Linux may need this
1843 AC_CHECK_LIB([dl], [main], [SUDO_LIBS="${SUDO_LIBS} -lpam -ldl"], [SUDO_LIBS="${SUDO_LIBS} -lpam"])
1844 ac_cv_lib_dl=ac_cv_lib_dl_main
1847 dnl Some PAM implementations (MacOS X for example) put the PAM headers
1848 dnl in /usr/include/pam instead of /usr/include/security...
1850 AC_CHECK_HEADERS([security/pam_appl.h] [pam/pam_appl.h], [with_pam=yes; break])
1851 if test "$with_pam" = "yes"; then
1853 AUTH_OBJS="$AUTH_OBJS pam.o";
1855 AC_MSG_CHECKING(whether to use PAM session support)
1856 AC_ARG_ENABLE(pam_session,
1857 [ --disable-pam-session Disable PAM session support],
1858 [ case "$enableval" in
1859 yes) AC_MSG_RESULT(yes)
1861 no) AC_MSG_RESULT(no)
1862 AC_DEFINE(NO_PAM_SESSION)
1864 *) AC_MSG_RESULT(no)
1865 AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval])
1867 esac], AC_MSG_RESULT(yes))
1869 *-*-linux*|*-*-solaris*)
1870 # dgettext() may be defined to dgettext_libintl in the
1871 # header file, so first check that it links w/ additional
1872 # libs, then try with -lintl
1873 AC_LINK_IFELSE([AC_LANG_PROGRAM(
1874 [[#include <libintl.h>]], [(void)dgettext((char *)0, (char *)0);])],
1875 [AC_DEFINE(HAVE_DGETTEXT)],
1876 [AC_CHECK_LIB(intl, dgettext, [LIBS="${LIBS} -lintl"]
1877 [AC_DEFINE(HAVE_DGETTEXT)])])
1884 dnl AIX general authentication
1885 dnl If set to "maybe" only enable if no other exclusive method in use.
1887 if test ${with_aixauth-'no'} != "no"; then
1888 if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
1889 AC_MSG_NOTICE([using AIX general authentication])
1890 AC_DEFINE(HAVE_AIXAUTH)
1891 AUTH_OBJS="$AUTH_OBJS aix_auth.o";
1892 SUDO_LIBS="${SUDO_LIBS} -ls"
1898 dnl BSD authentication
1899 dnl If set to "maybe" only enable if no other exclusive method in use.
1901 if test ${with_bsdauth-'no'} != "no"; then
1902 AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
1903 [AUTH_OBJS="$AUTH_OBJS bsdauth.o"]
1904 [AUTH_EXCL=BSD_AUTH; BAMAN=""],
1905 [AC_MSG_ERROR([BSD authentication was specified but bsd_auth.h could not be found])])
1909 dnl SIA authentication for Tru64 Unix
1911 if test ${CHECKSIA-'false'} = "true"; then
1912 AC_CHECK_FUNCS(sia_ses_init, [found=true], [found=false])
1913 if test "$found" = "true"; then
1915 AUTH_OBJS="$AUTH_OBJS sia.o"
1920 dnl extra FWTK libs + includes
1922 if test ${with_fwtk-'no'} != "no"; then
1923 if test "$with_fwtk" != "yes"; then
1924 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_fwtk}])
1925 CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
1928 SUDO_LIBS="${SUDO_LIBS} -lauth -lfwall"
1929 AUTH_OBJS="$AUTH_OBJS fwtk.o"
1933 dnl extra SecurID lib + includes
1935 if test ${with_SecurID-'no'} != "no"; then
1936 if test "$with_SecurID" != "yes"; then
1938 elif test -d /usr/ace/examples; then
1939 with_SecurID=/usr/ace/examples
1941 with_SecurID=/usr/ace
1943 CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
1944 _LDFLAGS="${LDFLAGS}"
1945 SUDO_APPEND_LIBPATH(LDFLAGS, [${with_SecurID}])
1947 # Determine whether to use the new or old SecurID API
1949 AC_CHECK_LIB(aceclnt, SD_Init,
1951 AUTH_OBJS="$AUTH_OBJS securid5.o";
1952 SUDO_LIBS="${SUDO_LIBS} -laceclnt -lpthread"
1955 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_SecurID}])
1957 AUTH_OBJS="$AUTH_OBJS securid.o";
1958 SUDO_LIBS="${SUDO_LIBS} ${with_SecurID}/sdiclient.a"
1964 LDFLAGS="${_LDFLAGS}"
1968 dnl Non-mutually exclusive auth checks come next.
1969 dnl Note: passwd must be last of all!
1973 dnl Convert default authentication methods to with_* if
1974 dnl no explicit authentication scheme was specified.
1976 if test -z "${AUTH_EXCL}" -a -n "$AUTH_DEF"; then
1977 for auth in $AUTH_DEF; do
1979 passwd) : ${with_passwd='maybe'};;
1987 if test ${with_kerb4-'no'} != "no"; then
1988 AC_DEFINE(HAVE_KERB4)
1990 dnl Use the specified directory, if any, else search for correct inc dir
1992 O_LDFLAGS="$LDFLAGS"
1993 if test "$with_kerb4" = "yes"; then
1995 O_CPPFLAGS="$CPPFLAGS"
1996 for dir in "" "kerberosIV/" "krb4/" "kerberos4/" "kerberosv4/"; do
1997 CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
1998 AC_PREPROC_IFELSE([#include <krb.h>], [found=yes; break])
2000 test X"$found" = X"no" && CPPFLAGS="$O_CPPFLAGS"
2002 SUDO_APPEND_LIBPATH(LDFLAGS, [${with_kerb4}/lib])
2003 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb4}/lib])
2004 CPPFLAGS="$CPPFLAGS -I${with_kerb4}/include"
2005 AC_CHECK_HEADER([krb.h], [found=yes], [found=no])
2007 if test X"$found" = X"no"; then
2008 AC_MSG_WARN([Unable to locate Kerberos IV include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
2012 dnl Check for -ldes vs. -ldes425
2014 AC_CHECK_LIB(des, des_cbc_encrypt, [K4LIBS="-ldes"], [
2015 AC_CHECK_LIB(des425, des_cbc_encrypt, [K4LIBS="-ldes425"], [K4LIBS=""])
2018 dnl Try to determine whether we have KTH or MIT/CNS Kerberos IV
2020 AC_MSG_CHECKING(whether we are using KTH Kerberos IV)
2021 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb.h>]], [[const char *tmp = krb4_version;]])], [
2023 K4LIBS="${K4LIBS} -lcom_err"
2024 AC_CHECK_LIB(roken, main, [K4LIBS="${K4LIBS} -lroken"])
2030 dnl The actual Kerberos IV lib might be -lkrb or -lkrb4
2032 AC_CHECK_LIB(krb, main, [K4LIBS="-lkrb $K4LIBS"], [
2033 AC_CHECK_LIB(krb4, main, [K4LIBS="-lkrb4 $K4LIBS"],
2034 [K4LIBS="-lkrb $K4LIBS"]
2035 [AC_MSG_WARN([Unable to locate Kerberos IV libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS and possibly add Kerberos libs to SUDO_LIBS])]
2038 LDFLAGS="$O_LDFLAGS"
2039 SUDO_LIBS="${SUDO_LIBS} $K4LIBS"
2040 AUTH_OBJS="$AUTH_OBJS kerb4.o"
2045 dnl There is an easy way and a hard way...
2047 if test ${with_kerb5-'no'} != "no"; then
2048 AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
2049 if test -n "$KRB5CONFIG"; then
2050 AC_DEFINE(HAVE_KERB5)
2051 AUTH_OBJS="$AUTH_OBJS kerb5.o"
2052 CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
2053 SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"
2055 dnl Try to determine whether we have Heimdal or MIT Kerberos
2057 AC_MSG_CHECKING(whether we are using Heimdal)
2058 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
2060 AC_DEFINE(HAVE_HEIMDAL)
2067 if test ${with_kerb5-'no'} != "no" -a -z "$KRB5CONFIG"; then
2068 AC_DEFINE(HAVE_KERB5)
2070 dnl Use the specified directory, if any, else search for correct inc dir
2072 if test "$with_kerb5" = "yes"; then
2074 O_CPPFLAGS="$CPPFLAGS"
2075 for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
2076 CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
2077 AC_PREPROC_IFELSE([#include <krb5.h>], [found=yes; break])
2079 if test X"$found" = X"no"; then
2080 CPPFLAGS="$O_CPPFLAGS"
2081 AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
2084 dnl XXX - try to include krb5.h here too
2085 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_kerb5}/lib])
2086 CPPFLAGS="$CPPFLAGS -I${with_kerb5}/include"
2090 dnl Try to determine whether we have Heimdal or MIT Kerberos
2092 AC_MSG_CHECKING(whether we are using Heimdal)
2093 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
2095 AC_DEFINE(HAVE_HEIMDAL)
2096 SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lcrypto -ldes -lcom_err -lasn1"
2097 AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"])
2100 SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
2101 AC_CHECK_LIB(krb5support, main, [SUDO_LIBS="${SUDO_LIBS} -lkrb5support,"])
2103 AUTH_OBJS="$AUTH_OBJS kerb5.o"
2105 LIBS="${LIBS} ${SUDO_LIBS}"
2106 AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
2111 dnl extra AFS libs and includes
2113 if test ${with_AFS-'no'} = "yes"; then
2115 # looks like the "standard" place for AFS libs is /usr/afsws/lib
2116 AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
2117 for i in $AFSLIBDIRS; do
2118 if test -d ${i}; then
2119 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [$i])
2120 FOUND_AFSLIBDIR=true
2123 if test -z "$FOUND_AFSLIBDIR"; then
2124 AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDO_LDFLAGS or rerun configure with the --with-libpath options.])
2127 # Order is important here. Note that we build AFS_LIBS from right to left
2128 # since AFS_LIBS may be initialized with BSD compat libs that must go last
2129 AFS_LIBS="-laudit ${AFS_LIBS}"
2130 for i in $AFSLIBDIRS; do
2131 if test -f ${i}/util.a; then
2132 AFS_LIBS="${i}/util.a ${AFS_LIBS}"
2137 if test -z "$FOUND_UTIL_A"; then
2138 AFS_LIBS="-lutil ${AFS_LIBS}"
2140 AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
2142 # AFS includes may live in /usr/include on some machines...
2143 for i in /usr/afsws/include; do
2144 if test -d ${i}; then
2145 CPPFLAGS="${CPPFLAGS} -I${i}"
2146 FOUND_AFSINCDIR=true
2150 if test -z "$FOUND_AFSLIBDIR"; then
2151 AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
2154 AUTH_OBJS="$AUTH_OBJS afs.o"
2158 dnl extra DCE obj + lib
2159 dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
2161 if test ${with_DCE-'no'} = "yes"; then
2162 DCE_OBJS="${DCE_OBJS} dce_pwent.o"
2163 SUDO_LIBS="${SUDO_LIBS} -ldce"
2164 AUTH_OBJS="$AUTH_OBJS dce.o"
2168 dnl extra S/Key lib and includes
2170 if test ${with_skey-'no'} = "yes"; then
2171 O_LDFLAGS="$LDFLAGS"
2172 if test "$with_skey" != "yes"; then
2173 CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
2174 SUDO_APPEND_LIBPATH(LDFLAGS, [${with_skey}/lib])
2175 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_skey}/lib])
2176 AC_PREPROC_IFELSE([#include <skey.h>], [found=yes], [found=no])
2179 O_CPPFLAGS="$CPPFLAGS"
2180 for dir in "" "/usr/local" "/usr/contrib"; do
2181 test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
2182 AC_PREPROC_IFELSE([#include <skey.h>], [found=yes; break])
2184 if test "$found" = "no" -o -z "$dir"; then
2185 CPPFLAGS="$O_CPPFLAGS"
2187 SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2188 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2191 if test "$found" = "no"; then
2192 AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
2194 AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDO_LDFLAGS])])
2195 AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
2196 LDFLAGS="$O_LDFLAGS"
2197 SUDO_LIBS="${SUDO_LIBS} -lskey"
2198 AUTH_OBJS="$AUTH_OBJS rfc1938.o"
2202 dnl extra OPIE lib and includes
2204 if test ${with_opie-'no'} = "yes"; then
2205 O_LDFLAGS="$LDFLAGS"
2206 if test "$with_opie" != "yes"; then
2207 CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
2208 SUDO_APPEND_LIBPATH(LDFLAGS, [${with_opie}/lib])
2209 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_opie}/lib])
2210 AC_PREPROC_IFELSE([#include <opie.h>], [found=yes], [found=no])
2213 O_CPPFLAGS="$CPPFLAGS"
2214 for dir in "" "/usr/local" "/usr/contrib"; do
2215 test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
2216 AC_PREPROC_IFELSE([#include <opie.h>], [found=yes; break])
2218 if test "$found" = "no" -o -z "$dir"; then
2219 CPPFLAGS="$O_CPPFLAGS"
2221 SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2222 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${dir}/lib])
2225 if test "$found" = "no"; then
2226 AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
2228 AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDO_LDFLAGS])])
2229 LDFLAGS="$O_LDFLAGS"
2230 SUDO_LIBS="${SUDO_LIBS} -lopie"
2231 AUTH_OBJS="$AUTH_OBJS rfc1938.o"
2235 dnl Check for shadow password routines if we have not already done so.
2236 dnl If there is a specific list of functions to check we do that first.
2237 dnl Otherwise, we check for SVR4-style and then SecureWare-style.
2239 if test ${with_passwd-'no'} != "no"; then
2241 dnl if crypt(3) not in libc, look elsewhere
2243 if test -z "$LIB_CRYPT" -a "$with_passwd" != "no"; then
2244 AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
2247 if test "$CHECKSHADOW" = "true" -a -n "$shadow_funcs"; then
2249 LIBS="$LIBS $shadow_libs"
2251 AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2252 if test "$found" = "yes"; then
2253 SUDO_LIBS="$SUDO_LIBS $shadow_libs"
2254 elif test -n "$shadow_libs_optional"; then
2255 LIBS="$LIBS $shadow_libs_optional"
2256 AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2257 if test "$found" = "yes"; then
2258 SUDO_LIBS="$SUDO_LIBS $shadow_libs $shadow_libs_optional"
2261 if test "$found" = "yes"; then
2262 case "$shadow_funcs" in
2263 *getprpwnam*) SECUREWARE=1;;
2265 test -n "$shadow_defs" && OSDEFS="${OSDEFS} $shadow_defs"
2271 if test "$CHECKSHADOW" = "true"; then
2272 AC_SEARCH_LIBS([getspnam], [gen], [AC_DEFINE(HAVE_GETSPNAM)] [CHECKSHADOW=false; test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
2274 if test "$CHECKSHADOW" = "true"; then
2275 AC_SEARCH_LIBS([getprpwnam], [sec security prot], [AC_DEFINE(HAVE_GETPRPWNAM)] [CHECKSHADOW=false; SECUREWARE=1; test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
2277 if test -n "$SECUREWARE"; then
2278 AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
2279 AUTH_OBJS="$AUTH_OBJS secureware.o"
2284 dnl extra lib and .o file for LDAP support
2286 if test ${with_ldap-'no'} != "no"; then
2288 if test "$with_ldap" != "yes"; then
2289 SUDO_APPEND_LIBPATH(SUDO_LDFLAGS, [${with_ldap}/lib])
2290 SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib])
2291 CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
2294 SUDO_OBJS="${SUDO_OBJS} ldap.o"
2296 AC_MSG_CHECKING([for LDAP libraries])
2300 for l in -lldap -llber '-lssl -lcrypto'; do
2302 LDAP_LIBS="${LDAP_LIBS} $l"
2303 AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2305 #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [found=yes; break])
2307 dnl if nothing linked just try with -lldap
2308 if test "$found" = "no"; then
2309 LIBS="${_LIBS} -lldap"
2311 AC_MSG_RESULT([not found, using -lldap])
2313 AC_MSG_RESULT([$LDAP_LIBS])
2315 dnl check if we need to link with -llber for ber_set_option
2317 AC_SEARCH_LIBS([ber_set_option], [lber], [found=yes], [found=no])
2318 if test X"$found" = X"yes" -a X"$LIBS" != X"$OLIBS"; then
2319 LDAP_LIBS="$LDAP_LIBS -llber"
2321 dnl check if ldap.h includes lber.h for us
2322 AC_MSG_CHECKING([whether lber.h is needed])
2323 AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2324 #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [AC_MSG_RESULT([no])], [
2325 AC_MSG_RESULT([yes])
2326 AC_DEFINE(HAVE_LBER_H)])
2328 AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength)
2329 AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
2331 SUDO_LIBS="${SUDO_LIBS} ${LDAP_LIBS}"
2334 # XXX - OpenLDAP has deprecated ldap_get_values()
2335 CPPFLAGS="${CPPFLAGS} -DLDAP_DEPRECATED"
2339 dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we
2340 dnl added -L dirpaths to SUDO_LDFLAGS.
2342 if test -n "$blibpath"; then
2343 if test -n "$blibpath_add"; then
2344 SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}${blibpath_add}"
2345 elif test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
2346 SUDO_LDFLAGS="$SUDO_LDFLAGS -Wl,-blibpath:${blibpath}"
2351 dnl Check for log file and timestamp locations
2357 dnl Use passwd (and secureware) auth modules?
2359 case "$with_passwd" in
2361 AUTH_OBJS="$AUTH_OBJS passwd.o"
2364 AC_DEFINE(WITHOUT_PASSWD)
2365 if test -z "$AUTH_OBJS"; then
2366 AC_MSG_ERROR([no authentication methods defined.])
2370 AUTH_OBJS=${AUTH_OBJS# }
2371 _AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
2372 AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
2375 dnl LIBS may contain duplicates from SUDO_LIBS or NET_LIBS so prune it.
2377 if test -n "$LIBS"; then
2382 for sl in ${SUDO_LIBS} ${NET_LIBS}; do
2383 test $l = $sl && dupe=1
2385 test $dupe = 0 && LIBS="${LIBS} $l"
2392 test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
2395 dnl Defer setting _PATH_SUDO_NOEXEC and _PATH_SUDO_SESH
2396 dnl until after exec_prefix is set
2397 dnl XXX - this is gross!
2399 if test X"$with_noexec" != X"no" -o X"$with_selinux" != X"no"; then
2400 oexec_prefix="$exec_prefix"
2401 if test "$exec_prefix" = '$(prefix)'; then
2402 if test "$prefix" = "NONE"; then
2403 exec_prefix="$ac_default_prefix"
2405 exec_prefix="$prefix"
2408 if test X"$with_noexec" != X"no"; then
2409 PROGS="${PROGS} sudo_noexec.la"
2410 INSTALL_NOEXEC="install-noexec"
2412 eval noexec_file="$with_noexec"
2413 AC_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so])
2415 if test X"$with_selinux" != X"no"; then
2416 eval sesh_file="$libexecdir/sesh"
2417 AC_DEFINE_UNQUOTED(_PATH_SUDO_SESH, "$sesh_file", [The fully qualified pathname of sesh])
2419 exec_prefix="$oexec_prefix"
2423 dnl Substitute into the Makefile and man pages
2425 AC_CONFIG_FILES([Makefile sudo.man visudo.man sudoers.man])
2429 dnl Spew any text the user needs to know about
2431 if test "$with_pam" = "yes"; then
2434 AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
2440 dnl Autoheader templates
2442 AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.])
2443 AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.])
2444 AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.])
2445 AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
2446 AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
2447 AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
2448 AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
2449 AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
2450 AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
2451 AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
2452 AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
2453 AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
2454 AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
2455 AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
2456 AH_TEMPLATE(HAVE_DGETTEXT, [Define to 1 if you have the `dgettext' function.])
2457 AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
2458 AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.])
2459 AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
2460 AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
2461 AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
2462 AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)])
2463 AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
2464 AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
2465 AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords)])
2466 AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
2467 AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.])
2468 AH_TEMPLATE(HAVE_IN6_ADDR, [Define to 1 if <netinet/in.h> contains struct in6_addr.])
2469 AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])
2470 AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
2471 AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.])
2472 AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
2473 AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not)])
2474 AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.])
2475 AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.])
2476 AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.])
2477 AH_TEMPLATE(HAVE_PROJECT_H, [Define to 1 if you have the <project.h> header file.])
2478 AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.])
2479 AH_TEMPLATE(HAVE_SELINUX, [Define to 1 to enable SELinux RBAC support.])
2480 AH_TEMPLATE(HAVE_SIA, [Define to 1 if you use SIA authentication.])
2481 AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if <signal.h> has the sigaction_t typedef.])
2482 AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
2483 AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
2484 AH_TEMPLATE(HAVE_ST__TIM, [Define to 1 if your struct stat uses an st__tim union])
2485 AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member])
2486 AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member])
2487 AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the <termios.h> header file and the `tcgetattr' function.])
2488 AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h])
2489 AH_TEMPLATE(HAVE_TIMESPECSUB2, [Define to 1 if you have a timespecsub macro or function that takes two arguments (not three)])
2490 AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
2491 AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
2492 AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements])
2493 AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
2494 AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
2495 AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])
2496 AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.])
2497 AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.])
2498 AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.])
2499 AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.])
2500 AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.])
2501 AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.])
2502 AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.])
2503 AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.])
2504 AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
2505 AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
2506 AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
2507 AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
2508 AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
2509 AH_TEMPLATE(USE_TTY_TICKETS, [Define to 1 if you want a different ticket file for each tty.])
2510 AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
2511 AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
2514 dnl Bits to copy verbatim into config.h.in
2516 AH_TOP([#ifndef _SUDO_CONFIG_H
2517 #define _SUDO_CONFIG_H])
2520 * Macros to pull sec and nsec parts of mtime from struct stat.
2521 * We need to be able to convert between timeval and timespec
2522 * so the last 3 digits of tv_nsec are not significant.
2525 # ifdef HAVE_ST__TIM
2526 # define mtim_getsec(_x) ((_x).st_mtim.st__tim.tv_sec)
2527 # define mtim_getnsec(_x) (((_x).st_mtim.st__tim.tv_nsec / 1000) * 1000)
2529 # define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
2530 # define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
2533 # ifdef HAVE_ST_MTIMESPEC
2534 # define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec)
2535 # define mtim_getnsec(_x) (((_x).st_mtimespec.tv_nsec / 1000) * 1000)
2537 # define mtim_getsec(_x) ((_x).st_mtime)
2538 # define mtim_getnsec(_x) (0)
2539 # endif /* HAVE_ST_MTIMESPEC */
2540 #endif /* HAVE_ST_MTIM */
2543 * Emulate a subset of waitpid() if we don't have it.
2546 # define sudo_waitpid(p, s, o) waitpid(p, s, o)
2549 # define sudo_waitpid(p, s, o) wait3(s, o, NULL)
2553 /* GNU stow needs /etc/sudoers to be a symlink. */
2555 # define stat_sudoers stat
2557 # define stat_sudoers lstat
2560 /* Macros to set/clear/test flags. */
2562 #define SET(t, f) ((t) |= (f))
2564 #define CLR(t, f) ((t) &= ~(f))
2566 #define ISSET(t, f) ((t) & (f))
2568 /* New ANSI-style OS defs for HP-UX and ConvexOS. */
2569 #if defined(hpux) && !defined(__hpux)
2573 #if defined(convex) && !defined(__convex__)
2574 # define __convex__ 1
2577 /* BSD compatibility on some SVR4 systems. */
2580 #endif /* __svr4__ */
2582 #endif /* _SUDO_CONFIG_H */])
projects / debian / sudo / blob