dnl
dnl Process this file with GNU autoconf to produce a configure script.
dnl
-dnl Copyright (c) 1994-1996,1998-2010 Todd C. Miller <Todd.Miller@courtesan.com>
+dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller <Todd.Miller@courtesan.com>
dnl
-AC_INIT([sudo], [1.7.4p6], [http://www.sudo.ws/bugs/], [sudo])
-AC_CONFIG_HEADER(config.h pathnames.h)
+AC_INIT([sudo], [1.7.6p1], [http://www.sudo.ws/bugs/], [sudo])
+AC_CONFIG_HEADER(config.h pathnames.h zlib/zconf.h)
dnl
-dnl This won't work before AC_INIT
+dnl Note: this must come after AC_INIT
dnl
AC_MSG_NOTICE([Configuring Sudo version $PACKAGE_VERSION])
dnl
AC_SUBST([REPLAY])
AC_SUBST([LOGINCAP_USAGE])
AC_SUBST([ZLIB])
+AC_SUBST([ZLIB_DEP])
AC_SUBST([CONFIGURE_ARGS])
dnl
dnl Variables that get substituted in docs (not overridden by environment)
dnl
+AC_SUBST([iolog_dir])dnl real initial value from SUDO_IO_LOGDIR
AC_SUBST([timedir])dnl real initial value from SUDO_TIMEDIR
AC_SUBST([timeout])
AC_SUBST([password_timeout])
AC_SUBST([sudo_umask])
+AC_SUBST([umask_override])
AC_SUBST([passprompt])
AC_SUBST([long_otp_prompt])
AC_SUBST([lecture])
AC_SUBST([fqdn])
AC_SUBST([runas_default])
AC_SUBST([env_editor])
+AC_SUBST([env_reset])
AC_SUBST([passwd_tries])
AC_SUBST([tty_tickets])
AC_SUBST([insults])
#
# Begin initial values for man page substitution
#
+iolog_dir=/var/log/sudo-io
timedir=/var/adm/sudo
timeout=5
password_timeout=5
sudo_umask=0022
+umask_override=off
passprompt="Password:"
long_otp_prompt=off
lecture=once
fqdn=off
runas_default=root
env_editor=off
+env_reset=on
editor=vi
passwd_tries=3
tty_tickets=on
LCMAN=0
SEMAN=0
ZLIB=
+ZLIB_DEP=
AUTH_OBJS=
AUTH_REG=
AUTH_EXCL=
*) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
;;
esac])
-if test X"$with_devel" != X"yes"; then
- ac_cv_prog_cc_g=no
-fi
AC_ARG_WITH(CC, [AS_HELP_STRING([--with-CC], [C compiler to use])],
[case $with_CC in
dnl
AC_ARG_WITH(linux-audit, [AS_HELP_STRING([--with-linux-audit], [enable Linux audit support])],
[case $with_linux_audit in
- yes)
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <libaudit.h>]], [[int i = AUDIT_USER_CMD; (void)i;]])], [
+ yes) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <libaudit.h>]], [[int i = AUDIT_USER_CMD; (void)i;]])], [
AC_DEFINE(HAVE_LINUX_AUDIT)
SUDO_LIBS="${SUDO_LIBS} -laudit"
SUDO_OBJS="${SUDO_OBJS} linux_audit.o"
AC_ARG_WITH(skey, [AS_HELP_STRING([--with-skey[=DIR]], [enable S/Key support ])],
[case $with_skey in
- no) with_skey=""
- ;;
+ no) ;;
*) AC_DEFINE(HAVE_SKEY)
AC_MSG_CHECKING(whether to try S/Key authentication)
AC_MSG_RESULT(yes)
AC_ARG_WITH(opie, [AS_HELP_STRING([--with-opie[=DIR]], [enable OPIE support ])],
[case $with_opie in
- no) with_opie=""
- ;;
+ no) ;;
*) AC_DEFINE(HAVE_OPIE)
AC_MSG_CHECKING(whether to try NRL OPIE authentication)
AC_MSG_RESULT(yes)
AC_ARG_WITH(SecurID, [AS_HELP_STRING([--with-SecurID[[=DIR]]], [enable SecurID support])],
[case $with_SecurID in
- no) with_SecurID="";;
+ no) ;;
*) AC_DEFINE(HAVE_SECURID)
AC_MSG_CHECKING(whether to use SecurID for authentication)
AC_MSG_RESULT(yes)
AC_ARG_WITH(fwtk, [AS_HELP_STRING([--with-fwtk[[=DIR]]], [enable FWTK AuthSRV support])],
[case $with_fwtk in
- no) with_fwtk="";;
+ no) ;;
*) AC_DEFINE(HAVE_FWTK)
AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
AC_MSG_RESULT(yes)
AC_ARG_WITH(kerb4, [AS_HELP_STRING([--with-kerb4[[=DIR]]], [enable Kerberos IV support])],
[case $with_kerb4 in
- no) with_kerb4="";;
+ no) ;;
*) AC_MSG_CHECKING(whether to try kerberos IV authentication)
AC_MSG_RESULT(yes)
AUTH_REG="$AUTH_REG kerb4"
AC_ARG_WITH(kerb5, [AS_HELP_STRING([--with-kerb5[[=DIR]]], [enable Kerberos V support])],
[case $with_kerb5 in
- no) with_kerb5="";;
+ no) ;;
*) AC_MSG_CHECKING(whether to try Kerberos V authentication)
AC_MSG_RESULT(yes)
AUTH_REG="$AUTH_REG kerb5"
*) AC_MSG_ERROR(["you must enter a numeric mask."])
;;
esac])
-AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the root-run prog should use.])
+AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the sudo-run prog should use.])
if test "$sudo_umask" = "0777"; then
AC_MSG_RESULT(user)
else
AC_MSG_RESULT($sudo_umask)
fi
+AC_ARG_WITH(umask-override, [AS_HELP_STRING([--with-umask-override], [Use the umask specified in sudoers even if it is less restrictive than the user's.])],
+[case $with_umask_override in
+ yes) AC_DEFINE(UMASK_OVERRIDE)
+ umask_override=on
+ ;;
+ no) umask_override=off
+ ;;
+ *) AC_MSG_ERROR(["--with-umask-override does not take an argument."])
+ ;;
+esac])
+
AC_MSG_CHECKING(for default user to run commands as)
AC_ARG_WITH(runas-default, [AS_HELP_STRING([--with-runas-default], [User to run commands as (default is "root")])],
[case $with_runas_default in
esac
], AC_MSG_RESULT(no))
+AC_MSG_CHECKING(whether to enable environment resetting by default)
+AC_ARG_ENABLE(env_reset,
+[AS_HELP_STRING([--enable-env-reset], [Whether to enable environment resetting by default.])],
+[ case "$enableval" in
+ yes) env_reset=on
+ ;;
+ no) env_reset=off
+ ;;
+ *) env_reset=on
+ AC_MSG_WARN([Ignoring unknown argument to --enable-env-reset: $enableval])
+ ;;
+ esac
+])
+if test "$env_reset" = "on"; then
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(ENV_RESET, TRUE)
+else
+ AC_MSG_RESULT(no)
+ AC_DEFINE(ENV_RESET, FALSE)
+fi
+
AC_ARG_ENABLE(warnings,
[AS_HELP_STRING([--enable-warnings], [Whether to enable compiler warnings])],
[ case "$enableval" in
AC_PROG_CPP
AC_CHECK_TOOL(AR, ar, false)
AC_CHECK_TOOL(RANLIB, ranlib, :)
+if test X"$AR" = X"false"; then
+ AC_MSG_ERROR([the "ar" utility is required to build sudo])
+fi
dnl
dnl Libtool setup, we require libtool 2.2.6b or higher
if test -z "$GCC"; then
# HP-UX bundled compiler can't generate shared objects
- if -z "$pic_flag"; then
+ if test "x$ac_cv_prog_cc_c89" = "xno"; then
with_noexec=no
fi
*-*-hpux10.*)
shadow_funcs="getprpwnam iscomsec"
shadow_libs="-lsec"
+ # HP-UX 10.20 libc has an incompatible getline
+ ac_cv_func_getline="no"
;;
*)
shadow_funcs="getspnam iscomsec"
SKIP_SETREUID=yes
;;
esac
- if test "$with_skey" = "yes"; then
+ if test "${with_skey-'no'}" = "yes"; then
SUDO_LIBS="${SUDO_LIBS} -lmd"
fi
CHECKSHADOW="false"
: ${with_logincap='maybe'}
;;
*-*-dragonfly*)
- if test "$with_skey" = "yes"; then
+ if test "${with_skey-'no'}" = "yes"; then
SUDO_LIBS="${SUDO_LIBS} -lmd"
fi
CHECKSHADOW="false"
AC_HEADER_STDC
AC_HEADER_DIRENT
AC_HEADER_TIME
-AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h)
+AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h)
+dnl
+dnl Check for large file support. HP-UX 11.23 has a broken sys/type.h
+dnl when large files support is enabled so work around it.
+dnl
+AC_SYS_LARGEFILE
+case "$host" in
+ *-*-hpux11.*)
+ AC_CACHE_CHECK([whether sys/types.h needs _XOPEN_SOURCE_EXTENDED], [sudo_cv_xopen_source_extended],
+ [AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
+ #include <sys/socket.h>], [])], [sudo_cv_xopen_source_extended=no], [
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#define _XOPEN_SOURCE_EXTENDED
+ AC_INCLUDES_DEFAULT
+ #include <sys/socket.h>], [])], [sudo_cv_xopen_source_extended=yes],
+ [sudo_cv_xopen_source_extended=error])
+ ])])
+ if test "$sudo_cv_xopen_source_extended" = "yes"; then
+ OSDEFS="${OSDEFS} -D_XOPEN_SOURCE_EXTENDED"
+ SUDO_DEFINE(_XOPEN_SOURCE_EXTENDED)
+ fi
+ ;;
+esac
AC_SYS_POSIX_TERMIOS
if test "$ac_cv_sys_posix_termios" = "yes"; then
AC_DEFINE(HAVE_TERMIOS_H)
AC_FUNC_GETGROUPS
AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
strftime setrlimit initgroups getgroups fstat gettimeofday \
- regcomp setlocale getaddrinfo setenv vhangup \
+ regcomp setlocale nl_langinfo getaddrinfo setenv \
mbr_check_membership setrlimit64)
AC_CHECK_FUNCS(getline, [], [
AC_LIBOBJ(getline)
AC_FUNC_SETPGRP
])
-AC_CHECK_FUNCS(sysctl getutid getutxid, [break])
+AC_CHECK_FUNCS(sysctl getutxid getutid, [break])
AC_CHECK_FUNCS(openpty, [AC_CHECK_HEADERS(util.h pty.h, [break])], [
AC_CHECK_LIB(util, openpty, [
dnl
dnl extra S/Key lib and includes
dnl
-if test ${with_skey-'no'} = "yes"; then
+if test "${with_skey-'no'}" = "yes"; then
O_LDFLAGS="$LDFLAGS"
if test "$with_skey" != "yes"; then
CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
dnl
dnl extra OPIE lib and includes
dnl
-if test ${with_opie-'no'} = "yes"; then
+if test "${with_opie-'no'}" = "yes"; then
O_LDFLAGS="$LDFLAGS"
if test "$with_opie" != "yes"; then
CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
dnl
dnl if crypt(3) not in libc, look elsewhere
dnl
- if test -z "$LIB_CRYPT" -a "$with_passwd" != "no"; then
+ if test -z "$LIB_CRYPT"; then
AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDO_LIBS="${SUDO_LIBS} $ac_res"])
fi
AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s)], [break])
AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
- AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_search_ext_s ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
+ AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
+ AC_CHECK_FUNCS(ldap_search_ext_s ldap_search_st, [break])
if test X"$check_gss_krb5_ccache_name" = X"yes"; then
AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,
REPLAY=""
AC_ARG_ENABLE(zlib,
- [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])],
- [ case "$enable_zlib" in
- yes) AC_DEFINE(HAVE_ZLIB_H)
- ZLIB="-lz"
- ;;
- no) ;;
- *) AC_DEFINE(HAVE_ZLIB_H)
- CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
- SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
- ZLIB="${ZLIB} -lz"
- ;;
- esac
- ])
- if test X"$enable_zlib" = X""; then
- AC_CHECK_LIB(z, gzdopen, [
- AC_CHECK_HEADERS(zlib.h, [ZLIB="-lz"])
- ])
+ [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])], [])
+ case ${enable_zlib-"yes"} in
+ yes)
+ AC_CHECK_LIB(z, gzdopen, [
+ AC_CHECK_HEADERS(zlib.h, [ZLIB="-lz"], [enable_zlib=builtin])
+ ])
+ ;;
+ no)
+ ;;
+ system)
+ AC_DEFINE(HAVE_ZLIB_H)
+ ZLIB="-lz"
+ ;;
+ builtin)
+ # handled below
+ ;;
+ *)
+ AC_DEFINE(HAVE_ZLIB_H)
+ CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
+ SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
+ ZLIB="${ZLIB} -lz"
+ ;;
+ esac
+ if test X"$enable_zlib" = X"builtin"; then
+ AC_DEFINE(HAVE_ZLIB_H)
+ CPPFLAGS="${CPPFLAGS}"' -I$(srcdir)/zlib'
+ ZLIB="${ZLIB} libz.a"
+ ZLIB_DEP=libz.a
fi
], [
AC_MSG_WARN([Disabling I/O log support due to lack of tcsetpgrp function])
fi
dnl
-dnl Use passwd (and secureware) auth modules?
+dnl Use passwd auth module?
dnl
case "$with_passwd" in
yes|maybe)
- AUTH_OBJS="$AUTH_OBJS passwd.o"
+ AUTH_OBJS="$AUTH_OBJS getspwuid.o passwd.o"
;;
*)
AC_DEFINE(WITHOUT_PASSWD)
;;
esac
AUTH_OBJS=${AUTH_OBJS# }
-_AUTH=`echo "$AUTH_OBJS" | sed 's/\.o//g'`
+_AUTH=`echo "$AUTH_OBJS" | sed -e 's/\.o//g' -e 's/getspwuid *//'`
AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
dnl
AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
AH_TEMPLATE(ENV_DEBUG, [Define to 1 to enable environment function debugging.])
+AH_TEMPLATE(ENV_RESET, [Define to 1 to enable environment resetting by default.])
AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
+AH_TEMPLATE(UMASK_OVERRIDE, [Define to 1 to use the umask specified in sudoers even when it is less restrictive than the invoking user's.])
AH_TEMPLATE(USE_ADMIN_FLAG, [Define to 1 if you want to create ~/.sudo_as_admin_successful if the user is in the admin group the first time they run sudo.])
AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])