diff -u sudo-1.6.8p12/config.guess sudo-1.6.8p12/config.guess --- sudo-1.6.8p12/config.guess +++ sudo-1.6.8p12/config.guess @@ -4,7 +4,7 @@ # 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, # Inc. -timestamp='2006-07-02' +timestamp='2007-03-06' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -161,6 +161,7 @@ arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; *) machine=${UNAME_MACHINE_ARCH}-unknown ;; esac # The Operating System including object format, if it has switched @@ -780,7 +781,7 @@ i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; - i*:MINGW*:*) + *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; i*:windows32*:*) @@ -790,12 +791,15 @@ i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; - x86:Interix*:[3456]*) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - EM64T:Interix*:[3456]*) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; + *:Interix*:[3456]*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + EM64T | authenticamd) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks exit ;; @@ -950,6 +954,9 @@ x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu exit ;; + xtensa:Linux:*:*) + echo xtensa-unknown-linux-gnu + exit ;; i*86:Linux:*:*) # The BFD linker knows what the default object file format is, so # first see if it will tell us. cd to the root directory to prevent @@ -1208,6 +1215,15 @@ SX-6:SUPER-UX:*:*) echo sx6-nec-superux${UNAME_RELEASE} exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit ;; diff -u sudo-1.6.8p12/config.sub sudo-1.6.8p12/config.sub --- sudo-1.6.8p12/config.sub +++ sudo-1.6.8p12/config.sub @@ -4,7 +4,7 @@ # 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, # Inc. -timestamp='2006-09-20' +timestamp='2007-01-18' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -245,12 +245,12 @@ | bfin \ | c4x | clipper \ | d10v | d30v | dlx | dsp16xx \ - | fr30 | frv \ + | fido | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore \ + | maxq | mb | microblaze | mcore | mep \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -324,7 +324,7 @@ | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ @@ -925,6 +925,9 @@ basic_machine=sh-hitachi os=-hms ;; + sh5el) + basic_machine=sh5le-unknown + ;; sh64) basic_machine=sh64-unknown ;; @@ -1219,7 +1222,7 @@ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers*) + | -skyos* | -haiku* | -rdos* | -toppers* | -drops*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1414,6 +1417,9 @@ m68*-cisco) os=-aout ;; + mep-*) + os=-elf + ;; mips*-cisco) os=-elf ;; diff -u sudo-1.6.8p12/debian/changelog sudo-1.6.8p12/debian/changelog --- sudo-1.6.8p12/debian/changelog +++ sudo-1.6.8p12/debian/changelog @@ -1,3 +1,9 @@ +sudo (1.6.8p12-5scanplus1) unstable; urgency=low + + * add -krb5 subpackage + + -- Rene Engelhard Wed, 27 Jun 2007 09:59:26 +0200 + sudo (1.6.8p12-5) unstable; urgency=low * update debian/copyright to reflect new upstream URL, closes: #368746 diff -u sudo-1.6.8p12/debian/control sudo-1.6.8p12/debian/control --- sudo-1.6.8p12/debian/control +++ sudo-1.6.8p12/debian/control @@ -2,7 +2,7 @@ Section: admin Priority: optional Maintainer: Bdale Garbee -Build-Depends: debhelper (>= 5), libpam0g-dev, libldap2-dev, autotools-dev, bison, flex +Build-Depends: debhelper (>= 5), libpam0g-dev, libldap2-dev, autotools-dev, bison, flex, libkrb5-dev Standards-Version: 3.7.2 Package: sudo @@ -32,0 +33,14 @@ + +Package: sudo-krb5 +Architecture: any +Depends: ${shlibs:Depends}, libpam-modules +Conflicts: sudo +Replaces: sudo +Provides: sudo +Description: Provide limited super user privileges to specific users + Sudo is a program designed to allow a sysadmin to give limited root + privileges to users and log root activity. The basic philosophy is to give + as few privileges as possible but still allow people to get their work done. + . + This version is built with Kerberos support. + diff -u sudo-1.6.8p12/debian/rules sudo-1.6.8p12/debian/rules --- sudo-1.6.8p12/debian/rules +++ sudo-1.6.8p12/debian/rules @@ -41,6 +41,21 @@ --mandir=/usr/share/man --libexecdir=/usr/lib/sudo \ --with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin" + # krb5 version + mkdir -p build-krb5 + cd build-krb5 && NROFFPROG=/usr/bin/nroff ../configure \ + --prefix=/usr -v \ + --with-all-insults \ + --with-exempt=sudo --with-pam --with-kerb5 --with-fqdn \ + --with-logging=syslog --with-logfac=authpriv \ + --with-env-editor --with-editor=/usr/bin/editor \ + --with-timeout=15 --with-password-timeout=0 \ + --disable-root-mailer --disable-setresuid \ + --with-sendmail=/usr/sbin/sendmail \ + --with-ldap-conf-file=/etc/ldap/ldap.conf \ + --mandir=/usr/share/man --libexecdir=/usr/lib/sudo \ + --with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin" + touch config-stamp build: build-stamp @@ -52,6 +67,7 @@ $(MAKE) -C build-simple $(MAKE) -C build-ldap + $(MAKE) -C build-krb5 touch build-stamp @@ -59,7 +75,7 @@ dh_testdir dh_testroot rm -f config-stamp build-stamp - rm -rf build-simple build-ldap + rm -rf build-simple build-ldap build-krb5 rm -f config.cache -test -r /usr/share/misc/config.sub && \ @@ -77,6 +93,7 @@ $(MAKE) -C build-simple install DESTDIR=$(CURDIR)/debian/sudo $(MAKE) -C build-ldap install DESTDIR=$(CURDIR)/debian/sudo-ldap + $(MAKE) -C build-krb5 install DESTDIR=$(CURDIR)/debian/sudo-krb5 # remove stuff we don't want rm -f $(CURDIR)/debian/sudo/etc/sudoers \ @@ -87,11 +104,15 @@ debian/sudo/etc/pam.d/sudo install -o root -g root -m 0644 $(CURDIR)/debian/sudo.pam \ debian/sudo-ldap/etc/pam.d/sudo + install -o root -g root -m 0644 $(CURDIR)/debian/sudo.pam \ + debian/sudo-krb5/etc/pam.d/sudo install -o root -g root -m 0644 $(CURDIR)/debian/sudo.lintian \ debian/sudo/usr/share/lintian/overrides/sudo install -o root -g root -m 0644 $(CURDIR)/debian/sudo-ldap.lintian \ debian/sudo-ldap/usr/share/lintian/overrides/sudo-ldap + install -o root -g root -m 0644 $(CURDIR)/debian/sudo-ldap.lintian \ + debian/sudo-krb5/usr/share/lintian/overrides/sudo-ldap binary-indep: build install @@ -107,8 +128,10 @@ dh_strip dh_compress dh_fixperms - chown root.root debian/sudo/usr/bin/sudo debian/sudo-ldap/usr/bin/sudo - chmod 4755 debian/sudo/usr/bin/sudo debian/sudo-ldap/usr/bin/sudo + chown root.root debian/sudo/usr/bin/sudo debian/sudo-ldap/usr/bin/sudo \ + debian/sudo-krb5/usr/bin/sudo + chmod 4755 debian/sudo/usr/bin/sudo debian/sudo-ldap/usr/bin/sudo \ + debian/sudo-krb5/usr/bin/sudo dh_installdeb dh_shlibdeps dh_gencontrol only in patch2: unchanged: --- sudo-1.6.8p12.orig/debian/sudo-krb5.postinst +++ sudo-1.6.8p12/debian/sudo-krb5.postinst @@ -0,0 +1,62 @@ +#!/usr/bin/perl + +# remove old link + +unlink ("/etc/alternatives/sudo") if ( -l "/etc/alternatives/sudo"); + +# make sure we have a sudoers file +if ( ! -f "/etc/sudoers") { + + print "No /etc/sudoers found... creating one for you.\n"; + + open (SUDOERS, "> /etc/sudoers"); + print SUDOERS "# /etc/sudoers\n", + "#\n", + "# This file MUST be edited with the 'visudo' command as root.\n", + "#\n", + "# See the man page for details on how to write a sudoers file.\n", + "#\n\nDefaults\tenv_reset\n\n", + "# Host alias specification\n\n", + "# User alias specification\n\n", + "# Cmnd alias specification\n\n", + "# User privilege specification\nroot\tALL=(ALL) ALL\n"; + close SUDOERS; + +} + +# make sure sudoers has the correct permissions and owner/group +system ('chown root:root /etc/sudoers'); +system ('chmod 440 /etc/sudoers'); + +# must do a remove first to un-do the "bad" links created by previous version +system ('update-rc.d -f sudo remove >/dev/null 2>&1'); + +system ('update-rc.d sudo start 75 S . >/dev/null'); + +# make sure we have a sudo group + +exit 0 if getgrnam("sudo"); # we're finished if there is a group sudo + +$gid = 27; # start searcg with gid 27 +setgrent; +while (getgrgid($gid)) { + ++$gid; +} +endgrent; + +if ($gid != 27) { + print "On Debian we normally use gid 27 for 'sudo'.\n"; + $gname = getgrgid(27); + print "However, on your system gid 27 is group '$gname'.\n\n"; + print "Would you like me to stop configuring sudo so that you can change this? [n] "; + $ans = ; + if ($ans =~ m/^[yY].*/) { + print "'dpkg --pending --configure' will restart the configuration.\n\n\n"; + exit 1; + } +} + +print "Creating group 'sudo' with gid = $gid\n"; +system("groupadd -g $gid sudo"); + +print ""; only in patch2: unchanged: --- sudo-1.6.8p12.orig/debian/sudo-krb5.dirs +++ sudo-1.6.8p12/debian/sudo-krb5.dirs @@ -0,0 +1,7 @@ +etc/pam.d +usr/bin +usr/share/man/man8 +usr/share/man/man5 +usr/sbin +usr/share/doc/sudo-krb5/examples +usr/share/lintian/overrides only in patch2: unchanged: --- sudo-1.6.8p12.orig/debian/sudo-krb5.init.d +++ sudo-1.6.8p12/debian/sudo-krb5.init.d @@ -0,0 +1,31 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: sudo +# Required-Start: $local_fs $remote_fs +# Required-Stop: +# Default-Start: S 1 2 3 4 5 +# Default-Stop: 0 6 +### END INIT INFO + +N=/etc/init.d/sudo + +set -e + +case "$1" in + start) + # make sure privileges don't persist across reboots + if [ -d /var/run/sudo ] + then + find /var/run/sudo -type f -exec touch -t 198501010000 '{}' \; + fi + ;; + stop|reload|restart|force-reload) + ;; + *) + echo "Usage: $N {start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac + +exit 0 only in patch2: unchanged: --- sudo-1.6.8p12.orig/debian/sudo-krb5.postrm +++ sudo-1.6.8p12/debian/sudo-krb5.postrm @@ -0,0 +1,20 @@ +#! /bin/sh + +set -e + +case "$1" in + purge) + ;; + + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + +esac + +#DEBHELPER# + +exit 0 only in patch2: unchanged: --- sudo-1.6.8p12.orig/debian/sudo-krb5.lintian +++ sudo-1.6.8p12/debian/sudo-krb5.lintian @@ -0,0 +1,4 @@ +sudo-ldap: setuid-binary usr/bin/sudo 4755 root/root +sudo-ldap: setuid-binary usr/bin/sudoedit 4755 root/root +sudo-ldap: postrm-contains-additional-updaterc.d-calls /etc/init.d/sudo-ldap +sudo-ldap: script-in-etc-init.d-not-registered-via-update-rc.d /etc/init.d/sudo-ldap only in patch2: unchanged: --- sudo-1.6.8p12.orig/debian/sudo-krb5.docs +++ sudo-1.6.8p12/debian/sudo-krb5.docs @@ -0,0 +1,11 @@ +debian/OPTIONS +BUGS +RUNSON +UPGRADE +PORTING +TODO +HISTORY +README +README.LDAP +TROUBLESHOOTING +sudoers2ldif