Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 1 | SUMMARY = "Provide limited super user privileges to specific users" |
| 2 | DESCRIPTION = "Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments." |
| 3 | HOMEPAGE = "http://www.sudo.ws" |
| 4 | BUGTRACKER = "http://www.sudo.ws/bugs/" |
| 5 | SECTION = "admin" |
Andrew Geissler | d159c7f | 2021-09-02 21:05:58 -0500 | [diff] [blame] | 6 | LICENSE = "ISC & BSD-3-Clause & BSD-2-Clause & Zlib" |
Andrew Geissler | d1e8949 | 2021-02-12 15:35:20 -0600 | [diff] [blame] | 7 | LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=fdff64d4fd19126330aa81b94d167173 \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 8 | file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \ |
| 9 | file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \ |
| 10 | file://lib/util/fnmatch.c;beginline=3;endline=27;md5=004d7d2866ba1f5b41174906849d2e0f \ |
| 11 | file://lib/util/getcwd.c;beginline=2;endline=27;md5=50f8d9667750e18dea4e84a935c12009 \ |
| 12 | file://lib/util/glob.c;beginline=2;endline=31;md5=2852f68687544e3eb8a0a61665506f0e \ |
| 13 | file://lib/util/snprintf.c;beginline=3;endline=33;md5=b70df6179969e38fcf68da91b53b8029 \ |
| 14 | file://include/sudo_queue.h;beginline=2;endline=27;md5=ad578e9664d17a010b63e4bc0576ee8d \ |
| 15 | file://lib/util/inet_pton.c;beginline=3;endline=17;md5=27785c9f5835093eda42aa0816a2d0b4 \ |
| 16 | file://lib/util/arc4random.c;beginline=3;endline=20;md5=ced8636ecefa2ba907cfe390bc3bd964 \ |
| 17 | file://lib/util/arc4random_uniform.c;beginline=3;endline=17;md5=e30c2b777cdc00cfcaf7c445a10b262f \ |
| 18 | file://lib/util/getentropy.c;beginline=1;endline=19;md5=a0f58be3d60b6dcd898ec5fe0866d36f \ |
Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 19 | " |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 20 | |
| 21 | inherit autotools |
| 22 | |
| 23 | PACKAGECONFIG ??= "" |
| 24 | PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib" |
Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 25 | PACKAGECONFIG[pam-wheel] = ",,,pam-plugin-wheel" |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 26 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 27 | CONFFILES:${PN} = "${sysconfdir}/sudoers" |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 28 | |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 29 | EXTRA_OECONF = "--with-editor=${base_bindir}/vi --with-env-editor" |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 30 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 31 | EXTRA_OECONF:append:libc-musl = " --disable-hardening " |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 32 | |
| 33 | # mksigname/mksiglist are used on build host to generate source files |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 34 | do_compile:prepend () { |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 35 | # Remove build host references from sudo_usage.h |
| 36 | sed -i \ |
| 37 | -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ |
| 38 | -e 's,--build=${BUILD_SYS},,g' \ |
| 39 | -e 's,--host=${HOST_SYS},,g' \ |
| 40 | ${B}/src/sudo_usage.h |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 41 | oe_runmake SSP_CFLAGS="" SSP_LDFLAGS="" CC="$BUILD_CC" CFLAGS="$BUILD_CFLAGS" CPPFLAGS="$BUILD_CPPFLAGS -I${S}/include -I${S} -I${B}" -C lib/util mksigname mksiglist |
| 42 | } |
| 43 | |
| 44 | # Explicitly create ${localstatedir}/lib before do_install to ensure |
| 45 | # the directory is accessible by all users. Otherwise the mkinstalldirs |
| 46 | # script (from sudo) will recursively create ${localstatedir}/lib/sudo |
| 47 | # and then chmod each directory with 0700 permissions, which isn't what |
| 48 | # we want (i.e, users would not be able to access /var/lib). |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 49 | do_install:prepend (){ |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 50 | mkdir -p ${D}/${localstatedir}/lib |
| 51 | } |
Andrew Geissler | 95ac1b8 | 2021-03-31 14:34:31 -0500 | [diff] [blame] | 52 | |
| 53 | CVE_VERSION_SUFFIX = "patch" |