dnl
dnl Process this file with GNU autoconf to produce a configure script.
-dnl $Sudo: configure.in,v 1.538 2008/12/09 21:13:01 millert Exp $
dnl
-dnl Copyright (c) 1994-1996,1998-2008 Todd C. Miller <Todd.Miller@courtesan.com>
+dnl Copyright (c) 1994-1996,1998-2010 Todd C. Miller <Todd.Miller@courtesan.com>
dnl
-AC_INIT([sudo], [1.7])
+AC_INIT([sudo], [1.7.2p6], [http://www.sudo.ws/bugs/], [sudo])
AC_CONFIG_HEADER(config.h pathnames.h)
dnl
dnl This won't work before AC_INIT
dnl
-AC_MSG_NOTICE([Configuring Sudo version 1.7])
+AC_MSG_NOTICE([Configuring Sudo version $PACKAGE_VERSION])
dnl
dnl Variables that get substituted in the Makefile and man pages
dnl
+AC_SUBST(HAVE_BSM_AUDIT)
AC_SUBST(LIBTOOL)
AC_SUBST(CFLAGS)
AC_SUBST(PROGS)
AC_SUBST(SELINUX_USAGE)
AC_SUBST(LDAP)
AC_SUBST(LOGINCAP_USAGE)
+AC_SUBST(NONUNIX_GROUPS_IMPL)
dnl
dnl Variables that get substituted in docs (not overridden by environment)
dnl
AC_SUBST(ldap_conf)
AC_SUBST(ldap_secret)
AC_SUBST(nsswitch_conf)
+AC_SUBST(netsvc_conf)
+AC_SUBST(secure_path)
dnl
dnl Initial values for above
dnl
insults=off
root_sudo=on
path_info=on
+secure_path="not set"
INSTALL_NOEXEC=
devdir='$(srcdir)'
dnl
dnl Deprecated --with options (these all warn or generate an error)
dnl
-AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
+AC_ARG_WITH(otp-only, [AS_HELP_STRING([--with-otp-only], [deprecated])],
[case $with_otp_only in
yes) with_passwd="no"
AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
;;
esac])
-AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
+AC_ARG_WITH(alertmail, [AS_HELP_STRING([--with-alertmail], [deprecated])],
[case $with_alertmail in
*) with_mailto="$with_alertmail"
AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
dnl Options for --with
dnl
-AC_ARG_WITH(CC, [ --with-CC C compiler to use],
+AC_ARG_WITH(CC, [AS_HELP_STRING([--with-CC], [C compiler to use])],
[case $with_CC in
yes) AC_MSG_ERROR(["must give --with-CC an argument."])
;;
;;
esac])
-AC_ARG_WITH(rpath, [ --with-rpath pass -R flag in addition to -L for lib paths],
+AC_ARG_WITH(rpath, [AS_HELP_STRING([--with-rpath], [pass -R flag in addition to -L for lib paths])],
[case $with_rpath in
yes|no) ;;
*) AC_MSG_ERROR(["--with-rpath does not take an argument."])
;;
esac])
-AC_ARG_WITH(blibpath, [ --with-blibpath[=PATH] pass -blibpath flag to ld for additional lib paths],
+AC_ARG_WITH(blibpath, [AS_HELP_STRING([--with-blibpath[=PATH]], [pass -blibpath flag to ld for additional lib paths])],
[case $with_blibpath in
yes|no) ;;
*) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
;;
esac])
-AC_ARG_WITH(incpath, [ --with-incpath additional places to look for include files],
+dnl
+dnl Handle BSM auditing support.
+dnl
+AC_ARG_WITH(bsm-audit, [AS_HELP_STRING([--with-bsm-audit], [enable BSM audit support])],
+[case $with_bsm_audit in
+ yes) AC_DEFINE(HAVE_BSM_AUDIT)
+ SUDO_LIBS="${SUDO_LIBS} -lbsm"
+ SUDO_OBJS="${SUDO_OBJS} bsm_audit.o"
+ ;;
+ no) ;;
+ *) AC_MSG_ERROR(["--with-bsm-audit does not take an argument."])
+ ;;
+esac])
+
+AC_ARG_WITH(incpath, [AS_HELP_STRING([--with-incpath], [additional places to look for include files])],
[case $with_incpath in
yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
;;
;;
esac])
-AC_ARG_WITH(libpath, [ --with-libpath additional places to look for libraries],
+AC_ARG_WITH(libpath, [AS_HELP_STRING([--with-libpath], [additional places to look for libraries])],
[case $with_libpath in
yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
;;
;;
esac])
-AC_ARG_WITH(libraries, [ --with-libraries additional libraries to link with],
+AC_ARG_WITH(libraries, [AS_HELP_STRING([--with-libraries], [additional libraries to link with])],
[case $with_libraries in
yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
;;
;;
esac])
-AC_ARG_WITH(devel, [ --with-devel add development options],
+AC_ARG_WITH(devel, [AS_HELP_STRING([--with-devel], [add development options])],
[case $with_devel in
yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
PROGS="${PROGS} testsudoers"
;;
esac])
-AC_ARG_WITH(efence, [ --with-efence link with -lefence for malloc() debugging],
+AC_ARG_WITH(efence, [AS_HELP_STRING([--with-efence], [link with -lefence for malloc() debugging])],
[case $with_efence in
yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
LIBS="${LIBS} -lefence"
;;
esac])
-AC_ARG_WITH(csops, [ --with-csops add CSOps standard options],
+AC_ARG_WITH(csops, [AS_HELP_STRING([--with-csops], [add CSOps standard options])],
[case $with_csops in
yes) AC_MSG_NOTICE([Adding CSOps standard options])
CHECKSIA=false
;;
esac])
-AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication],
+AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])],
[case $with_passwd in
yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
AC_MSG_RESULT($with_passwd)
;;
esac])
-AC_ARG_WITH(skey, [ --with-skey[=DIR] enable S/Key support ],
+AC_ARG_WITH(skey, [AS_HELP_STRING([--with-skey[=DIR]], [enable S/Key support ])],
[case $with_skey in
no) with_skey=""
;;
;;
esac])
-AC_ARG_WITH(opie, [ --with-opie[=DIR] enable OPIE support ],
+AC_ARG_WITH(opie, [AS_HELP_STRING([--with-opie[=DIR]], [enable OPIE support ])],
[case $with_opie in
no) with_opie=""
;;
;;
esac])
-AC_ARG_WITH(long-otp-prompt, [ --with-long-otp-prompt use a two line OTP (skey/opie) prompt],
+AC_ARG_WITH(long-otp-prompt, [AS_HELP_STRING([--with-long-otp-prompt], [use a two line OTP (skey/opie) prompt])],
[case $with_long_otp_prompt in
yes) AC_DEFINE(LONG_OTP_PROMPT)
AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
;;
esac])
-AC_ARG_WITH(SecurID, [ --with-SecurID[[=DIR]] enable SecurID support],
+AC_ARG_WITH(SecurID, [AS_HELP_STRING([--with-SecurID[[=DIR]]], [enable SecurID support])],
[case $with_SecurID in
no) with_SecurID="";;
*) AC_DEFINE(HAVE_SECURID)
;;
esac])
-AC_ARG_WITH(fwtk, [ --with-fwtk[[=DIR]] enable FWTK AuthSRV support],
+AC_ARG_WITH(fwtk, [AS_HELP_STRING([--with-fwtk[[=DIR]]], [enable FWTK AuthSRV support])],
[case $with_fwtk in
no) with_fwtk="";;
*) AC_DEFINE(HAVE_FWTK)
;;
esac])
-AC_ARG_WITH(kerb4, [ --with-kerb4[[=DIR]] enable Kerberos IV support],
+AC_ARG_WITH(kerb4, [AS_HELP_STRING([--with-kerb4[[=DIR]]], [enable Kerberos IV support])],
[case $with_kerb4 in
no) with_kerb4="";;
*) AC_MSG_CHECKING(whether to try kerberos IV authentication)
;;
esac])
-AC_ARG_WITH(kerb5, [ --with-kerb5[[=DIR]] enable Kerberos V support],
+AC_ARG_WITH(kerb5, [AS_HELP_STRING([--with-kerb5[[=DIR]]], [enable Kerberos V support])],
[case $with_kerb5 in
no) with_kerb5="";;
*) AC_MSG_CHECKING(whether to try Kerberos V authentication)
;;
esac])
-AC_ARG_WITH(aixauth, [ --with-aixauth enable AIX general authentication support],
+AC_ARG_WITH(aixauth, [AS_HELP_STRING([--with-aixauth], [enable AIX general authentication support])],
[case $with_aixauth in
yes) AUTH_EXCL="$AUTH_EXCL AIX_AUTH";;
no) ;;
;;
esac])
-AC_ARG_WITH(pam, [ --with-pam enable PAM support],
+AC_ARG_WITH(pam, [AS_HELP_STRING([--with-pam], [enable PAM support])],
[case $with_pam in
yes) AUTH_EXCL="$AUTH_EXCL PAM";;
no) ;;
;;
esac])
-AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
+AC_ARG_WITH(AFS, [AS_HELP_STRING([--with-AFS], [enable AFS support])],
[case $with_AFS in
yes) AC_DEFINE(HAVE_AFS)
AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
;;
esac])
-AC_ARG_WITH(DCE, [ --with-DCE enable DCE support],
+AC_ARG_WITH(DCE, [AS_HELP_STRING([--with-DCE], [enable DCE support])],
[case $with_DCE in
yes) AC_DEFINE(HAVE_DCE)
AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
;;
esac])
-AC_ARG_WITH(logincap, [ --with-logincap enable BSD login class support],
+AC_ARG_WITH(logincap, [AS_HELP_STRING([--with-logincap], [enable BSD login class support])],
[case $with_logincap in
yes|no) ;;
*) AC_MSG_ERROR(["--with-logincap does not take an argument."])
;;
esac])
-AC_ARG_WITH(bsdauth, [ --with-bsdauth enable BSD authentication support],
+AC_ARG_WITH(bsdauth, [AS_HELP_STRING([--with-bsdauth], [enable BSD authentication support])],
[case $with_bsdauth in
yes) AUTH_EXCL="$AUTH_EXCL BSD_AUTH";;
no) ;;
;;
esac])
-AC_ARG_WITH(project, [ --with-project enable Solaris project support],
+AC_ARG_WITH(project, [AS_HELP_STRING([--with-project], [enable Solaris project support])],
[case $with_project in
yes|no) ;;
no) ;;
esac])
AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
-AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
+AC_ARG_WITH(lecture, [AS_HELP_STRING([--without-lecture], [don't print lecture for first-time sudoer])],
[case $with_lecture in
yes|short|always) lecture=once
;;
fi
AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
-AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
+AC_ARG_WITH(logging, [AS_HELP_STRING([--with-logging], [log via syslog, file, or both])],
[case $with_logging in
yes) AC_MSG_ERROR(["must give --with-logging an argument."])
;;
esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
AC_MSG_CHECKING(which syslog facility sudo should log with)
-AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is "local2")],
+AC_ARG_WITH(logfac, [AS_HELP_STRING([--with-logfac], [syslog facility to log with (default is "local2")])],
[case $with_logfac in
yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
;;
AC_MSG_RESULT($logfac)
AC_MSG_CHECKING(at which syslog priority to log commands)
-AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is "notice")],
+AC_ARG_WITH(goodpri, [AS_HELP_STRING([--with-goodpri], [syslog priority for commands (def is "notice")])],
[case $with_goodpri in
yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
;;
AC_MSG_RESULT($goodpri)
AC_MSG_CHECKING(at which syslog priority to log failures)
-AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is "alert")],
+AC_ARG_WITH(badpri, [AS_HELP_STRING([--with-badpri], [syslog priority for failures (def is "alert")])],
[case $with_badpri in
yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
;;
AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
AC_MSG_RESULT($badpri)
-AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
+AC_ARG_WITH(logpath, [AS_HELP_STRING([--with-logpath], [path to the sudo log file])],
[case $with_logpath in
yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
;;
esac])
AC_MSG_CHECKING(how long a line in the log file should be)
-AC_ARG_WITH(loglen, [ --with-loglen maximum length of a log file line (default is 80)],
+AC_ARG_WITH(loglen, [AS_HELP_STRING([--with-loglen], [maximum length of a log file line (default is 80)])],
[case $with_loglen in
yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
;;
AC_MSG_RESULT($loglen)
AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
-AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
+AC_ARG_WITH(ignore-dot, [AS_HELP_STRING([--with-ignore-dot], [ignore '.' in the PATH])],
[case $with_ignore_dot in
yes) ignore_dot=on
;;
fi
AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
-AC_ARG_WITH(mail-if-no-user, [ --without-mail-if-no-user do not send mail if user not in sudoers],
+AC_ARG_WITH(mail-if-no-user, [AS_HELP_STRING([--without-mail-if-no-user], [do not send mail if user not in sudoers])],
[case $with_mail_if_no_user in
yes) mail_no_user=on
;;
fi
AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
-AC_ARG_WITH(mail-if-no-host, [ --with-mail-if-no-host send mail if user in sudoers but not for this host],
+AC_ARG_WITH(mail-if-no-host, [AS_HELP_STRING([--with-mail-if-no-host], [send mail if user in sudoers but not for this host])],
[case $with_mail_if_no_host in
yes) mail_no_host=on
;;
fi
AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
-AC_ARG_WITH(mail-if-noperms, [ --with-mail-if-noperms send mail if user not allowed to run command],
+AC_ARG_WITH(mail-if-noperms, [AS_HELP_STRING([--with-mail-if-noperms], [send mail if user not allowed to run command])],
[case $with_mail_if_noperms in
yes) mail_noperms=on
;;
fi
AC_MSG_CHECKING(who should get the mail that sudo sends)
-AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
+AC_ARG_WITH(mailto, [AS_HELP_STRING([--with-mailto], [who should get sudo mail (default is "root")])],
[case $with_mailto in
yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
;;
AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
AC_MSG_RESULT([$mailto])
-AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
+AC_ARG_WITH(mailsubject, [AS_HELP_STRING([--with-mailsubject], [subject of sudo mail])],
[case $with_mailsubject in
yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
;;
AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
AC_MSG_CHECKING(for bad password prompt)
-AC_ARG_WITH(passprompt, [ --with-passprompt default password prompt],
+AC_ARG_WITH(passprompt, [AS_HELP_STRING([--with-passprompt], [default password prompt])],
[case $with_passprompt in
yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
;;
AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
AC_MSG_CHECKING(for bad password message)
-AC_ARG_WITH(badpass-message, [ --with-badpass-message message the user sees when the password is wrong],
+AC_ARG_WITH(badpass-message, [AS_HELP_STRING([--with-badpass-message], [message the user sees when the password is wrong])],
[case $with_badpass_message in
yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
;;
AC_MSG_RESULT([$badpass_message])
AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
-AC_ARG_WITH(fqdn, [ --with-fqdn expect fully qualified hosts in sudoers],
+AC_ARG_WITH(fqdn, [AS_HELP_STRING([--with-fqdn], [expect fully qualified hosts in sudoers])],
[case $with_fqdn in
yes) fqdn=on
;;
AC_MSG_RESULT(no)
fi
-AC_ARG_WITH(timedir, [ --with-timedir path to the sudo timestamp dir],
+AC_ARG_WITH(timedir, [AS_HELP_STRING([--with-timedir], [path to the sudo timestamp dir])],
[case $with_timedir in
yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
;;
;;
esac])
-AC_ARG_WITH(sendmail, [ --with-sendmail=path set path to sendmail
- --without-sendmail do not send mail at all],
+AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail])
+AS_HELP_STRING([--without-sendmail], [do not send mail at all])],
[case $with_sendmail in
yes) with_sendmail=""
;;
;;
esac])
-AC_ARG_WITH(sudoers-mode, [ --with-sudoers-mode mode of sudoers file (defaults to 0440)],
+AC_ARG_WITH(sudoers-mode, [AS_HELP_STRING([--with-sudoers-mode], [mode of sudoers file (defaults to 0440)])],
[case $with_sudoers_mode in
yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
;;
;;
esac])
-AC_ARG_WITH(sudoers-uid, [ --with-sudoers-uid uid that owns sudoers file (defaults to 0)],
+AC_ARG_WITH(sudoers-uid, [AS_HELP_STRING([--with-sudoers-uid], [uid that owns sudoers file (defaults to 0)])],
[case $with_sudoers_uid in
yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
;;
;;
esac])
-AC_ARG_WITH(sudoers-gid, [ --with-sudoers-gid gid that owns sudoers file (defaults to 0)],
+AC_ARG_WITH(sudoers-gid, [AS_HELP_STRING([--with-sudoers-gid], [gid that owns sudoers file (defaults to 0)])],
[case $with_sudoers_gid in
yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
;;
esac])
AC_MSG_CHECKING(for umask programs should be run with)
-AC_ARG_WITH(umask, [ --with-umask umask with which the prog should run (default is 022)
- --without-umask Preserves the umask of the user invoking sudo.],
+AC_ARG_WITH(umask, [AS_HELP_STRING([--with-umask], [umask with which the prog should run (default is 022)])
+AS_HELP_STRING([--without-umask], [Preserves the umask of the user invoking sudo.])],
[case $with_umask in
yes) AC_MSG_ERROR(["must give --with-umask an argument."])
;;
fi
AC_MSG_CHECKING(for default user to run commands as)
-AC_ARG_WITH(runas-default, [ --with-runas-default User to run commands as (default is "root")],
+AC_ARG_WITH(runas-default, [AS_HELP_STRING([--with-runas-default], [User to run commands as (default is "root")])],
[case $with_runas_default in
yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
;;
AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
AC_MSG_RESULT([$runas_default])
-AC_ARG_WITH(exempt, [ --with-exempt=group no passwd needed for users in this group],
+AC_ARG_WITH(exempt, [AS_HELP_STRING([--with-exempt=group], [no passwd needed for users in this group])],
[case $with_exempt in
yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
;;
esac])
AC_MSG_CHECKING(for editor that visudo should use)
-AC_ARG_WITH(editor, [ --with-editor=path Default editor for visudo (defaults to vi)],
+AC_ARG_WITH(editor, [AS_HELP_STRING([--with-editor=path], [Default editor for visudo (defaults to vi)])],
[case $with_editor in
yes) AC_MSG_ERROR(["must give --with-editor an argument."])
;;
esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
-AC_ARG_WITH(env-editor, [ --with-env-editor Use the environment variable EDITOR for visudo],
+AC_ARG_WITH(env-editor, [AS_HELP_STRING([--with-env-editor], [Use the environment variable EDITOR for visudo])],
[case $with_env_editor in
yes) env_editor=on
;;
fi
AC_MSG_CHECKING(number of tries a user gets to enter their password)
-AC_ARG_WITH(passwd-tries, [ --with-passwd-tries number of tries to enter password (default is 3)],
+AC_ARG_WITH(passwd-tries, [AS_HELP_STRING([--with-passwd-tries], [number of tries to enter password (default is 3)])],
[case $with_passwd_tries in
yes) ;;
no) AC_MSG_ERROR(["--without-editor not supported."])
AC_MSG_RESULT($passwd_tries)
AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
-AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5 minutes)],
+AC_ARG_WITH(timeout, [AS_HELP_STRING([--with-timeout], [minutes before sudo asks for passwd again (def is 5 minutes)])],
[case $with_timeout in
yes) ;;
no) timeout=0
AC_MSG_RESULT($timeout)
AC_MSG_CHECKING(time in minutes after the password prompt will time out)
-AC_ARG_WITH(password-timeout, [ --with-password-timeout passwd prompt timeout in minutes (default is 5 minutes)],
+AC_ARG_WITH(password-timeout, [AS_HELP_STRING([--with-password-timeout], [passwd prompt timeout in minutes (default is 5 minutes)])],
[case $with_password_timeout in
yes) ;;
no) password_timeout=0
AC_MSG_RESULT($password_timeout)
AC_MSG_CHECKING(whether to use per-tty ticket files)
-AC_ARG_WITH(tty-tickets, [ --with-tty-tickets use a different ticket file for each tty],
+AC_ARG_WITH(tty-tickets, [AS_HELP_STRING([--with-tty-tickets], [use a different ticket file for each tty])],
[case $with_tty_tickets in
yes) tty_tickets=on
;;
fi
AC_MSG_CHECKING(whether to include insults)
-AC_ARG_WITH(insults, [ --with-insults insult the user for entering an incorrect password],
+AC_ARG_WITH(insults, [AS_HELP_STRING([--with-insults], [insult the user for entering an incorrect password])],
[case $with_insults in
yes) insults=on
with_classic_insults=yes
AC_MSG_RESULT(no)
fi
-AC_ARG_WITH(all-insults, [ --with-all-insults include all the sudo insult sets],
+AC_ARG_WITH(all-insults, [AS_HELP_STRING([--with-all-insults], [include all the sudo insult sets])],
[case $with_all_insults in
yes) with_classic_insults=yes
with_csops_insults=yes
;;
esac])
-AC_ARG_WITH(classic-insults, [ --with-classic-insults include the insults from the "classic" sudo],
+AC_ARG_WITH(classic-insults, [AS_HELP_STRING([--with-classic-insults], [include the insults from the "classic" sudo])],
[case $with_classic_insults in
yes) AC_DEFINE(CLASSIC_INSULTS)
;;
;;
esac])
-AC_ARG_WITH(csops-insults, [ --with-csops-insults include CSOps insults],
+AC_ARG_WITH(csops-insults, [AS_HELP_STRING([--with-csops-insults], [include CSOps insults])],
[case $with_csops_insults in
yes) AC_DEFINE(CSOPS_INSULTS)
;;
;;
esac])
-AC_ARG_WITH(hal-insults, [ --with-hal-insults include 2001-like insults],
+AC_ARG_WITH(hal-insults, [AS_HELP_STRING([--with-hal-insults], [include 2001-like insults])],
[case $with_hal_insults in
yes) AC_DEFINE(HAL_INSULTS)
;;
;;
esac])
-AC_ARG_WITH(goons-insults, [ --with-goons-insults include the insults from the "Goon Show"],
+AC_ARG_WITH(goons-insults, [AS_HELP_STRING([--with-goons-insults], [include the insults from the "Goon Show"])],
[case $with_goons_insults in
yes) AC_DEFINE(GOONS_INSULTS)
;;
;;
esac])
-AC_ARG_WITH(nsswitch, [ --with-nsswitch[[=PATH]] path to nsswitch.conf],
+AC_ARG_WITH(nsswitch, [AS_HELP_STRING([--with-nsswitch[[=PATH]]], [path to nsswitch.conf])],
[case $with_nsswitch in
no) ;;
yes) with_nsswitch="/etc/nsswitch.conf"
;;
*) ;;
esac])
-if test ${with_nsswitch-"yes"} != "no"; then
- SUDO_DEFINE_UNQUOTED(_PATH_NSSWITCH_CONF, "${with_nsswitch-/etc/nsswitch.conf}")
- nsswitch_conf=${with_nsswitch-/etc/nsswitch.conf}
-else
- nsswitch_conf='/etc/nsswitch.conf'
-fi
-AC_ARG_WITH(ldap, [ --with-ldap[[=DIR]] enable LDAP support],
+AC_ARG_WITH(ldap, [AS_HELP_STRING([--with-ldap[[=DIR]]], [enable LDAP support])],
[case $with_ldap in
- no) with_ldap="";;
+ no) ;;
*) AC_DEFINE(HAVE_LDAP)
AC_MSG_CHECKING(whether to use sudoers from LDAP)
AC_MSG_RESULT(yes)
;;
esac])
-AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file])
+AC_ARG_WITH(ldap-conf-file, [AS_HELP_STRING([--with-ldap-conf-file], [path to LDAP configuration file])])
SUDO_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "${with_ldap_conf_file-/etc/ldap.conf}", [Path to the ldap.conf file])
ldap_conf=${with_ldap_conf_file-'/etc/ldap.conf'}
-AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP secret password file])
+AC_ARG_WITH(ldap-secret-file, [AS_HELP_STRING([--with-ldap-secret-file], [path to LDAP secret password file])])
SUDO_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "${with_ldap_secret_file-/etc/ldap.secret}", [Path to the ldap.secret file])
ldap_secret=${with_ldap_secret_file-'/etc/ldap.secret'}
-AC_ARG_WITH(pc-insults, [ --with-pc-insults replace politically incorrect insults with less offensive ones],
+AC_ARG_WITH(pc-insults, [AS_HELP_STRING([--with-pc-insults], [replace politically incorrect insults with less offensive ones])],
[case $with_pc_insults in
yes) AC_DEFINE(PC_INSULTS)
;;
fi
AC_MSG_CHECKING(whether to override the user's path)
-AC_ARG_WITH(secure-path, [ --with-secure-path override the user's path with a built-in one],
+AC_ARG_WITH(secure-path, [AS_HELP_STRING([--with-secure-path], [override the user's path with a built-in one])],
[case $with_secure_path in
- yes) AC_DEFINE_UNQUOTED(SECURE_PATH, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc")
- AC_MSG_RESULT([:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc])
+ yes) with_secure_path="/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc"
+ AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
+ AC_MSG_RESULT([$with_secure_path])
+ secure_path="set to $with_secure_path"
;;
no) AC_MSG_RESULT(no)
;;
*) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
AC_MSG_RESULT([$with_secure_path])
+ secure_path="set to F<$with_secure_path>"
;;
esac], AC_MSG_RESULT(no))
AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
-AC_ARG_WITH(interfaces, [ --without-interfaces don't try to read the ip addr of ether interfaces],
+AC_ARG_WITH(interfaces, [AS_HELP_STRING([--without-interfaces], [don't try to read the ip addr of ether interfaces])],
[case $with_interfaces in
yes) AC_MSG_RESULT(yes)
;;
esac], AC_MSG_RESULT(yes))
AC_MSG_CHECKING(whether stow should be used)
-AC_ARG_WITH(stow, [ --with-stow properly handle GNU stow packaging],
+AC_ARG_WITH(stow, [AS_HELP_STRING([--with-stow], [properly handle GNU stow packaging])],
[case $with_stow in
yes) AC_MSG_RESULT(yes)
AC_DEFINE(USE_STOW)
esac], AC_MSG_RESULT(no))
AC_MSG_CHECKING(whether to use an askpass helper)
-AC_ARG_WITH(askpass, [ --with-askpass=PATH Fully qualified pathname of askpass helper],
+AC_ARG_WITH(askpass, [AS_HELP_STRING([--with-askpass=PATH], [Fully qualified pathname of askpass helper])],
[case $with_askpass in
yes) AC_MSG_ERROR(["--with-askpass takes a path as an argument."])
;;
;;
esac], AC_MSG_RESULT(no))
+dnl
+dnl If enabled, set LIBVAS_SO, LIBVAS_RPATH and USING_NONUNIX_GROUPS
+dnl
+AC_ARG_WITH(libvas, [AS_HELP_STRING([--with-libvas=NAME], [Name of the libvas shared library (default=libvas.so)])],
+[case $with_libvas in
+ yes) with_libvas=libvas.so
+ ;;
+ no) ;;
+ *) AC_DEFINE_UNQUOTED([LIBVAS_SO], ["$with_with_libvas"], [The name of libvas.so])
+ ;;
+esac
+if test X"$with_libvas" != X"no"; then
+ AC_DEFINE_UNQUOTED([LIBVAS_SO], ["$with_libvas"], [The name of libvas.so])
+ AC_DEFINE(USING_NONUNIX_GROUPS)
+ NONUNIX_GROUPS_IMPL="vasgroups.o"
+ AC_ARG_WITH([libvas-rpath],
+ [AS_HELP_STRING([--with-libvas-rpath=PATH],
+ [Path to look for libvas in [default=/opt/quest/lib]])],
+ [LIBVAS_RPATH=$withval],
+ [LIBVAS_RPATH=/opt/quest/lib])
+fi
+])
+
dnl
dnl Options for --enable
dnl
AC_MSG_CHECKING(whether to do user authentication by default)
AC_ARG_ENABLE(authentication,
-[ --disable-authentication
- Do not require authentication by default],
+[AS_HELP_STRING([--disable-authentication], [Do not require authentication by default])],
[ case "$enableval" in
yes) AC_MSG_RESULT(yes)
;;
AC_MSG_CHECKING(whether to disable running the mailer as root)
AC_ARG_ENABLE(root-mailer,
-[ --disable-root-mailer Don't run the mailer as root, run as the user],
+[AS_HELP_STRING([--disable-root-mailer], [Don't run the mailer as root, run as the user])],
[ case "$enableval" in
yes) AC_MSG_RESULT(no)
;;
], AC_MSG_RESULT(no))
AC_ARG_ENABLE(setreuid,
-[ --disable-setreuid Don't try to use the setreuid() function],
+[AS_HELP_STRING([--disable-setreuid], [Don't try to use the setreuid() function])],
[ case "$enableval" in
no) SKIP_SETREUID=yes
;;
])
AC_ARG_ENABLE(setresuid,
-[ --disable-setresuid Don't try to use the setresuid() function],
+[AS_HELP_STRING([--disable-setresuid], [Don't try to use the setresuid() function])],
[ case "$enableval" in
no) SKIP_SETRESUID=yes
;;
AC_MSG_CHECKING(whether to disable shadow password support)
AC_ARG_ENABLE(shadow,
-[ --disable-shadow Never use shadow passwords],
+[AS_HELP_STRING([--disable-shadow], [Never use shadow passwords])],
[ case "$enableval" in
yes) AC_MSG_RESULT(no)
;;
AC_MSG_CHECKING(whether root should be allowed to use sudo)
AC_ARG_ENABLE(root-sudo,
-[ --disable-root-sudo Don't allow root to run sudo],
+[AS_HELP_STRING([--disable-root-sudo], [Don't allow root to run sudo])],
[ case "$enableval" in
yes) AC_MSG_RESULT(yes)
;;
AC_MSG_CHECKING(whether to log the hostname in the log file)
AC_ARG_ENABLE(log-host,
-[ --enable-log-host Log the hostname in the log file],
+[AS_HELP_STRING([--enable-log-host], [Log the hostname in the log file])],
[ case "$enableval" in
yes) AC_MSG_RESULT(yes)
AC_DEFINE(HOST_IN_LOG)
AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
AC_ARG_ENABLE(noargs-shell,
-[ --enable-noargs-shell If sudo is given no arguments run a shell],
+[AS_HELP_STRING([--enable-noargs-shell], [If sudo is given no arguments run a shell])],
[ case "$enableval" in
yes) AC_MSG_RESULT(yes)
AC_DEFINE(SHELL_IF_NO_ARGS)
AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
AC_ARG_ENABLE(shell-sets-home,
-[ --enable-shell-sets-home
- Set $HOME to target user in shell mode],
+[AS_HELP_STRING([--enable-shell-sets-home], [Set $HOME to target user in shell mode])],
[ case "$enableval" in
yes) AC_MSG_RESULT(yes)
AC_DEFINE(SHELL_SETS_HOME)
AC_MSG_CHECKING(whether to disable 'command not found' messages)
AC_ARG_ENABLE(path_info,
-[ --disable-path-info Print 'command not allowed' not 'command not found'],
+[AS_HELP_STRING([--disable-path-info], [Print 'command not allowed' not 'command not found'])],
[ case "$enableval" in
yes) AC_MSG_RESULT(no)
;;
esac
], AC_MSG_RESULT(no))
-AC_ARG_WITH(selinux, [ --with-selinux enable SELinux support],
+AC_MSG_CHECKING(whether to enable environment debugging)
+AC_ARG_ENABLE(env_debug,
+[AS_HELP_STRING([--enable-env-debug], [Whether to enable environment debugging.])],
+[ case "$enableval" in
+ yes) AC_MSG_RESULT(yes)
+ AC_DEFINE(ENV_DEBUG)
+ ;;
+ no) AC_MSG_RESULT(no)
+ ;;
+ *) AC_MSG_RESULT(no)
+ AC_MSG_WARN([Ignoring unknown argument to --enable-env-debug: $enableval])
+ ;;
+ esac
+], AC_MSG_RESULT(no))
+
+AC_ARG_WITH(selinux, [AS_HELP_STRING([--with-selinux], [enable SELinux support])],
[case $with_selinux in
yes) SELINUX_USAGE="[[-r role]] [[-t type]] "
AC_DEFINE(HAVE_SELINUX)
dnl
dnl gss_krb5_ccache_name() may not work on Heimdal so we don't use it by default
dnl
-AC_ARG_ENABLE(gss_krb5_ccache_name, [ --enable-gss-krb5-ccache-name
- Use GSS-API to set the Kerberos V cred cache name], [check_gss_krb5_ccache_name=$enableval], [check_gss_krb5_ccache_name=no])
+AC_ARG_ENABLE(gss_krb5_ccache_name,
+[AS_HELP_STRING([--enable-gss-krb5-ccache-name], [Use GSS-API to set the Kerberos V cred cache name])],
+[check_gss_krb5_ccache_name=$enableval], [check_gss_krb5_ccache_name=no])
dnl
dnl If we don't have egrep we can't do anything...
dnl Libtool magic; enable shared libs and disable static libs
dnl
AC_CANONICAL_HOST
-AC_CANONICAL_TARGET([])
AC_DISABLE_STATIC
+AC_LIBTOOL_DLOPEN
AC_PROG_LIBTOOL
dnl
eval _shrext="$shrext_cmds"
fi
AC_MSG_CHECKING(path to sudo_noexec.so)
-AC_ARG_WITH(noexec, [ --with-noexec[=PATH] fully qualified pathname of sudo_noexec.so],
+AC_ARG_WITH(noexec, [AS_HELP_STRING([--with-noexec[=PATH]], [fully qualified pathname of sudo_noexec.so])],
[case $with_noexec in
yes) with_noexec="$libexecdir/sudo_noexec$_shrext"
;;
AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
fi
+ # AIX analog of nsswitch.conf, enabled by default
+ AC_ARG_WITH(netsvc, [AS_HELP_STRING([--with-netsvc[[=PATH]]], [path to netsvc.conf])],
+ [case $with_netsvc in
+ no) ;;
+ yes) with_netsvc="/etc/netsvc.conf"
+ ;;
+ *) ;;
+ esac])
+ if test -z "$with_nsswitch" -a -z "$with_netsvc"; then
+ with_netsvc="/etc/netsvc.conf"
+ fi
+
# AIX-specific functions
AC_CHECK_FUNCS(getuserattr)
SUDO_OBJS="$SUDO_OBJS aix.o"
if test "x$ac_cv_prog_cc_c89" = "xno"; then
with_noexec=no
fi
+
+ # Use the +DAportable flag if it is supported
+ _CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS +DAportable"
+ AC_CACHE_CHECK([whether $CC understands +DAportable],
+ [sudo_cv_var_daportable],
+ [AC_TRY_LINK([], [], [sudo_cv_var_daportable=yes],
+ [sudo_cv_var_daportable=no])]
+ )
+ if test X"$sudo_cv_var_daportable" != X"yes"; then
+ CFLAGS="$_CFLAGS"
+ fi
+
case "$host" in
*-*-hpux[1-8].*)
AC_DEFINE(BROKEN_SYSLOG)
: ${CHECKSIA='true'}
AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
AC_ARG_ENABLE(sia,
- [ --disable-sia Disable SIA on Digital UNIX],
+ [AS_HELP_STRING([--disable-sia], [Disable SIA on Digital UNIX])],
[ case "$enableval" in
yes) AC_MSG_RESULT(no)
CHECKSIA=true
dnl Program checks
dnl
AC_PROG_YACC
+AC_PATH_PROG([FLEX], [flex], [flex])
SUDO_PROG_MV
SUDO_PROG_BSHELL
if test -z "$with_sendmail"; then
AC_FUNC_GETGROUPS
AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
strftime setrlimit initgroups getgroups fstat gettimeofday \
- setlocale getaddrinfo setsid)
+ setlocale getaddrinfo setsid setenv setrlimit64)
+AC_CHECK_FUNCS(unsetenv, SUDO_FUNC_UNSETENV_VOID)
+SUDO_FUNC_PUTENV_CONST
if test -z "$SKIP_SETRESUID"; then
AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes])
fi
AC_MSG_RESULT($sudo_cv___progname)
])
+dnl
+dnl nsswitch.conf and its equivalents
+dnl
+netsvc_conf='/etc/netsvc.conf'
+nsswitch_conf='/etc/nsswitch.conf'
+if test ${with_netsvc-"no"} != "no"; then
+ SUDO_DEFINE_UNQUOTED(_PATH_NETSVC_CONF, "${with_netsvc-/etc/netsvc.conf}")
+ netsvc_conf=${with_netsvc-/etc/netsvc.conf}
+elif test ${with_nsswitch-"yes"} != "no"; then
+ SUDO_DEFINE_UNQUOTED(_PATH_NSSWITCH_CONF, "${with_nsswitch-/etc/nsswitch.conf}")
+ nsswitch_conf=${with_nsswitch-/etc/nsswitch.conf}
+fi
+
dnl
dnl Mutually exclusive auth checks come first, followed by
dnl non-exclusive ones. Note: passwd must be last of all!
AUTH_EXCL=PAM
AC_MSG_CHECKING(whether to use PAM session support)
AC_ARG_ENABLE(pam_session,
- [ --disable-pam-session Disable PAM session support],
+ [AS_HELP_STRING([--disable-pam-session], [Disable PAM session support])],
[ case "$enableval" in
yes) AC_MSG_RESULT(yes)
;;
], [
AC_MSG_RESULT(no)
SUDO_LIBS="${SUDO_LIBS} -lkrb5 -lk5crypto -lcom_err"
- AC_CHECK_LIB(krb5support, main, [SUDO_LIBS="${SUDO_LIBS} -lkrb5support,"])
+ AC_CHECK_LIB(krb5support, main, [SUDO_LIBS="${SUDO_LIBS} -lkrb5support"])
])
AUTH_OBJS="$AUTH_OBJS kerb5.o"
_LIBS="$LIBS"
LIBS="${LIBS} ${SUDO_LIBS}"
- AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context krb5_get_init_creds_opt_alloc)
- AC_CACHE_CHECK(whether krb5_get_init_creds_opt_free takes a two argument2,
- sudo_cv_krb5_get_init_creds_opt_free_two_args, [
- AC_TRY_COMPILE([#include <krb5.h>],
- [
- krb5_context context = NULL;
- krb5_get_init_creds_opt *opts = NULL;
- krb5_get_init_creds_opt_free(context, opts);
- ],
- [sudo_cv_krb5_get_init_creds_opt_free_two_args=yes],
- [sudo_cv_krb5_get_init_creds_opt_free_two_args=no]
- )
- ]
- )
+ AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
+ AC_CHECK_FUNCS(krb5_get_init_creds_opt_alloc, [
+ AC_CACHE_CHECK([whether krb5_get_init_creds_opt_free takes a context],
+ sudo_cv_krb5_get_init_creds_opt_free_two_args, [
+ AC_TRY_COMPILE([#include <krb5.h>],
+ [krb5_get_init_creds_opt_free(NULL, NULL);],
+ [sudo_cv_krb5_get_init_creds_opt_free_two_args=yes],
+ [sudo_cv_krb5_get_init_creds_opt_free_two_args=no]
+ )
+ ]
+ )
+ ])
if test X"$sudo_cv_krb5_get_init_creds_opt_free_two_args" = X"yes"; then
AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS)
fi
SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib])
CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
with_ldap=yes
- LDAP=""
fi
SUDO_OBJS="${SUDO_OBJS} ldap.o"
+ LDAP=""
AC_MSG_CHECKING([for LDAP libraries])
LDAP_LIBS=""
AC_MSG_RESULT([yes])
AC_DEFINE(HAVE_LBER_H)])
- AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldap_sasl_interactive_bind_s ldapssl_init ldapssl_set_strength ldap_search_ext_s ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s)
- AC_CHECK_HEADERS([sasl/sasl.h])
+ AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s)], [break])
AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
+ AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_search_ext_s ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
if test X"$check_gss_krb5_ccache_name" = X"yes"; then
AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,
LDFLAGS="$_LDFLAGS"
fi
+dnl
+dnl Add LIBVAS_RPATH to LDFLAGS
+dnl GNU ld accepts -R/path/ as an alias for -rpath /path/
+dnl
+if test X"$LIBVAS_RPATH" != X""; then
+ if test -n "$blibpath"; then
+ blibpath_add="${blibpath_add}:$LIBVAS_RPATH"
+ else
+ LDFLAGS="$LDFLAGS -R$LIBVAS_RPATH"
+ fi
+fi
+
dnl
dnl Add $blibpath to SUDO_LDFLAGS if specified by the user or if we
dnl added -L dirpaths to SUDO_LDFLAGS.
AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
+AH_TEMPLATE(HAVE_BSM_AUDIT, [Define to 1 to enable BSM auditing.])
AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.])
AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC, [Define to 1 if you have the `krb5_get_init_creds_opt_alloc' function.])
-AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS, [Define to 1 if your `krb5_get_init_creds_opt_alloc' function takes two arguments.])
+AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS, [Define to 1 if your `krb5_get_init_creds_opt_free' function takes two arguments.])
AH_TEMPLATE(HAVE_KRB5_INIT_SECURE_CONTEXT, [Define to 1 if you have the `krb5_init_secure_context' function.])
AH_TEMPLATE(HAVE_KRB5_VERIFY_USER, [Define to 1 if you have the `krb5_verify_user' function.])
AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not)])
AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
AH_TEMPLATE(__signed, [Define to `signed' or nothing if compiler does not support a signed type qualifier.])
+AH_TEMPLATE(USING_NONUNIX_GROUPS, [Define to 1 if using a non-Unix group lookup implementation.])
dnl
dnl Bits to copy verbatim into config.h.in