commit: 4a56cb83be37bab18e9941f58c226cfce97d08a1
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Fri Sep 23 00:58:38 2022 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Sep 23 00:58:38 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a56cb83
app-admin/sudo: drop 1.9.10-r1, 1.9.11_p2
Signed-off-by: Sam James <sam <AT> gentoo.org>
app-admin/sudo/Manifest | 4 -
app-admin/sudo/sudo-1.9.10-r1.ebuild | 263 --------------------------------
app-admin/sudo/sudo-1.9.11_p2.ebuild | 281 -----------------------------------
3 files changed, 548 deletions(-)
diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
index 5f2abb112918..fd7558ec2a90 100644
--- a/app-admin/sudo/Manifest
+++ b/app-admin/sudo/Manifest
@@ -1,6 +1,2 @@
-DIST sudo-1.9.10.tar.gz 4516568 BLAKE2B
94d97379e31b41917616a829cbece3d3fce7dd6ab9d04791b928981c14249c306508298655c19dc59a054ccf7deed4e69e65367cbfe9f6d8b5aba8895cfa6064
SHA512
65cf92b67b64413cb807da8b9602fc90b75e5b30dd1402d682ca36f276a3d6209a8a59c14e463898abc9856bc56263e5ba4bb6d44774f56a2885a9eea4a35375
-DIST sudo-1.9.10.tar.gz.sig 566 BLAKE2B
808919c826faa4f63efc283461f9f2089fd745aaf7462bcc41c505e7f978e7d56307202f96548d95844c99236fec10cada8438b935a1e1b6ea3601ee857d6900
SHA512
4ea0b736783b8e7be47645f770d7684d99c31f901177d3527f1ff78f5126d41592a94d36c67762bf5cb941eed80b9f585637aaa81d7f4920576d31a83f447323
-DIST sudo-1.9.11p2.tar.gz 4825417 BLAKE2B
b6b16f17ba8b6d5ab80f5515beebddf21579944376c2b0752111120d9fb6e2c3d3c40c8150a4f1c2c7165fb93e1f9ac3d03f77b0951a6f721e026a175cc948c4
SHA512
ca64ace6b663a61336a2aa45fb96eb585b5075a867e770b0b384aaf015479dfae48847226c83f824372e64f4697454e68c36305f7979f14b662185c284e1da67
-DIST sudo-1.9.11p2.tar.gz.sig 566 BLAKE2B
9ffe8ebf79f3d94c2df4ce18bb811f73854920b262774ef114ed77ff78a2f856765651c0408cd0cd71191b21840fa3c6a73ca7897baa7975dd7b655eead45ab1
SHA512
a452fb875b3f4a05cc8623df18f7b53192b8671cdd8fcdbb9360cc86160b9aadb1148a60f91f106fd381997b91a4dfcf06149f3cb43292284d27997a4d97473f
DIST sudo-1.9.11p3.tar.gz 4826520 BLAKE2B
f8508f65b514abd9979a11628d8bc0e085b2625993281e7d1f8794a576e88970bda6939d2f2f50d9485f00276970aba3489b19c102eca5625e389c9610f338dd
SHA512
ad5c3d623547d1e3016e1a721676fee6d6b7348e77b2c234041e0af40c7220e8934c8c27beef0d12fa6df11708d37de711dacfefc135d26de46abca7f91c55d1
DIST sudo-1.9.11p3.tar.gz.sig 566 BLAKE2B
8caf03b051222f0446eaf333b48563aa18d52acbd9f7e2d880f0a97043df1ec8d25d87cfd7b1b9543ab8f52f5dacff4cf031fe3e6b94593d576d1d351eb05aa4
SHA512
ea728cddbab50746a2cbb8ce6cb55df3def1c5e806a1d91ec6f2d65c8d246079bdb5799b961ab0da1cc2c347a36d93cc00d32c10856141a467b25e1224876e50
diff --git a/app-admin/sudo/sudo-1.9.10-r1.ebuild
b/app-admin/sudo/sudo-1.9.10-r1.ebuild
deleted file mode 100644
index 2f7cd3f35838..000000000000
--- a/app-admin/sudo/sudo-1.9.10-r1.ebuild
+++ /dev/null
@@ -1,263 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit pam libtool tmpfiles toolchain-funcs
-
-MY_P="${P/_/}"
-MY_P="${MY_P/beta/b}"
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="https://www.sudo.ws/";
-if [[ ${PV} == "9999" ]] ; then
- inherit mercurial
- EHG_REPO_URI="https://www.sudo.ws/repos/sudo";
-else
- inherit verify-sig
- VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/sudo.ws.asc
- BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-sudo )"
-
- uri_prefix=
- case ${P} in
- *_beta*|*_rc*) uri_prefix=beta/ ;;
- esac
-
- SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
- ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz
- verify-sig? (
-
https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz.sig
-
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz.sig
- )"
- if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips
ppc ppc64 ~riscv ~s390 sparc x86 ~sparc-solaris"
- fi
-fi
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-IUSE="gcrypt ldap nls offensive pam sasl +secure-path selinux +sendmail skey
ssl sssd"
-
-DEPEND="
- sys-libs/zlib:=
- virtual/libcrypt:=
- gcrypt? ( dev-libs/libgcrypt:= )
- ldap? (
- >=net-nds/openldap-2.1.30-r1:=
- sasl? (
- dev-libs/cyrus-sasl
- net-nds/openldap:=[sasl]
- )
- )
- pam? ( sys-libs/pam )
- sasl? ( dev-libs/cyrus-sasl )
- skey? ( >=sys-auth/skey-1.1.5-r1 )
- ssl? ( dev-libs/openssl:0= )
- sssd? ( sys-auth/sssd[sudo] )
-"
-RDEPEND="
- ${DEPEND}
- >=app-misc/editor-wrapper-3
- virtual/editor
- ldap? ( dev-lang/perl )
- pam? ( sys-auth/pambase )
- selinux? ( sec-policy/selinux-sudo )
- sendmail? ( virtual/mta )
-"
-BDEPEND+="
- sys-devel/bison
- virtual/pkgconfig
-"
-
-S="${WORKDIR}/${MY_P}"
-
-REQUIRED_USE="
- ?? ( pam skey )
- ?? ( gcrypt ssl )
-"
-
-MAKEOPTS+=" SAMPLES="
-
-src_prepare() {
- default
- elibtoolize
-}
-
-set_secure_path() {
- # first extract the default ROOTPATH from build env
- SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env;
- echo "${ROOTPATH}")
- case "${SECURE_PATH}" in
- */usr/sbin*) ;;
- *) SECURE_PATH=$(unset PATH;
- . "${EPREFIX}"/etc/profile.env; echo "${PATH}")
- ;;
- esac
- if [[ -z ${SECURE_PATH} ]] ; then
- ewarn " Failed to detect SECURE_PATH, please report this"
- fi
-
- # then remove duplicate path entries
- cleanpath() {
- local newpath thisp IFS=:
- for thisp in $1 ; do
- if [[ :${newpath}: != *:${thisp}:* ]] ; then
- newpath+=:${thisp}
- else
- einfo " Duplicate entry ${thisp} removed..."
- fi
- done
- SECURE_PATH=${newpath#:}
- }
- cleanpath
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
-
- # finally, strip gcc paths #136027
- rmpath() {
- local e newpath thisp IFS=:
- for thisp in ${SECURE_PATH} ; do
- for e ; do [[ ${thisp} == ${e} ]] && continue 2 ; done
- newpath+=:${thisp}
- done
- SECURE_PATH=${newpath#:}
- }
- rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-}
-
-src_configure() {
- local SECURE_PATH
- set_secure_path
- tc-export PKG_CONFIG #767712
-
- # audit: somebody got to explain me how I can test this before I
- # enable it.. - Diego
- # plugindir: autoconf code is crappy and does not delay evaluation
- # until `make` time, so we have to use a full path here rather than
- # basing off other values.
- myeconfargs=(
- # requires some python eclass
- --disable-python
- --enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
- --enable-zlib=system
- --with-editor="${EPREFIX}"/usr/libexec/editor
- --with-env-editor
- --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
- --with-rundir="${EPREFIX}"/run/sudo
- --with-vardir="${EPREFIX}"/var/db/sudo
- --without-linux-audit
- --without-opie
- $(use_enable gcrypt)
- $(use_enable nls)
- $(use_enable sasl)
- $(use_enable ssl openssl)
- $(use_with ldap)
- $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
- $(use_with offensive insults)
- $(use_with offensive all-insults)
- $(use_with pam)
- $(use_with pam pam-login)
- $(use_with secure-path secure-path "${SECURE_PATH}")
- $(use_with selinux)
- $(use_with sendmail)
- $(use_with skey)
- $(use_with sssd)
- )
-
- econf "${myeconfargs[@]}"
-}
-
-src_install() {
- default
-
- if use ldap ; then
- dodoc README.LDAP.md
-
- cat <<-EOF > "${T}"/ldap.conf.sudo
- # See ldap.conf(5) and README.LDAP.md for details
- # This file should only be readable by root
-
- # supported directives: host, port, ssl, ldap_version
- # uri, binddn, bindpw, sudoers_base, sudoers_debug
- # tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
- EOF
-
- if use sasl ; then
- cat <<-EOF >> "${T}"/ldap.conf.sudo
-
- # SASL directives: use_sasl, sasl_mech, sasl_auth_id
- # sasl_secprops, rootuse_sasl, rootsasl_auth_id,
krb5_ccname
- EOF
- fi
-
- insinto /etc
- doins "${T}"/ldap.conf.sudo
- fperms 0440 /etc/ldap.conf.sudo
-
- insinto /etc/openldap/schema
- newins docs/schema.OpenLDAP sudo.schema
- fi
-
- if use pam; then
- pamd_mimic system-auth sudo auth account session
- pamd_mimic system-auth sudo-i auth account session
- fi
-
- keepdir /var/db/sudo/lectured
- fperms 0700 /var/db/sudo/lectured
- fperms 0711 /var/db/sudo #652958
-
- # Don't install into /run as that is a tmpfs most of the time
- # (bug #504854)
- rm -rf "${ED}"/run || die
-
- find "${ED}" -type f -name "*.la" -delete || die #697812
-}
-
-pkg_postinst() {
- tmpfiles_process sudo.conf
-
- #652958
- local sudo_db="${EROOT}/var/db/sudo"
- if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
- chmod 711 "${sudo_db}" || die
- fi
-
- if use ldap ; then
- ewarn
- ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap
configuration."
- ewarn
- if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf
; then
- ewarn "In 1.7 series, LDAP is no more consulted, unless
explicitly"
- ewarn "configured in /etc/nsswitch.conf."
- ewarn
- ewarn "To make use of LDAP, add this line to your
/etc/nsswitch.conf:"
- ewarn " sudoers: ldap files"
- ewarn
- fi
- fi
- if use prefix ; then
- ewarn
- ewarn "To use sudo, you need to change file ownership and
permissions"
- ewarn "with root privileges, as follows:"
- ewarn
- ewarn " # chown root:root ${EPREFIX}/usr/bin/sudo"
- ewarn " # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
- ewarn " # chown root:root ${EPREFIX}/etc/sudoers"
- ewarn " # chown root:root ${EPREFIX}/etc/sudoers.d"
- ewarn " # chown root:root ${EPREFIX}/var/db/sudo"
- ewarn " # chmod 4111 ${EPREFIX}/usr/bin/sudo"
- ewarn
- fi
-
- elog "To use the -A (askpass) option, you need to install a compatible"
- elog "password program from the following list. Starred packages will"
- elog "automatically register for the use with sudo (but will not force"
- elog "the -A option):"
- elog ""
- elog " [*] net-misc/ssh-askpass-fullscreen"
- elog " net-misc/x11-ssh-askpass"
- elog ""
- elog "You can override the choice by setting the SUDO_ASKPASS
environmnent"
- elog "variable to the program you want to use."
-}
diff --git a/app-admin/sudo/sudo-1.9.11_p2.ebuild
b/app-admin/sudo/sudo-1.9.11_p2.ebuild
deleted file mode 100644
index afb8327d1680..000000000000
--- a/app-admin/sudo/sudo-1.9.11_p2.ebuild
+++ /dev/null
@@ -1,281 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit pam libtool tmpfiles toolchain-funcs
-
-MY_P="${P/_/}"
-MY_P="${MY_P/beta/b}"
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="https://www.sudo.ws/";
-if [[ ${PV} == 9999 ]] ; then
- inherit mercurial
- EHG_REPO_URI="https://www.sudo.ws/repos/sudo";
-else
-
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/sudo.ws.asc
- inherit verify-sig
-
- uri_prefix=
- case ${P} in
- *_beta*|*_rc*) uri_prefix=beta/ ;;
- esac
-
- SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
- ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz
- verify-sig? (
-
https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz.sig
-
ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz.sig
- )"
- if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k
~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~sparc-solaris"
- fi
-
- BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-sudo )"
-fi
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-IUSE="gcrypt ldap nls offensive pam sasl +secure-path selinux +sendmail skey
ssl sssd"
-
-DEPEND="
- sys-libs/zlib:=
- virtual/libcrypt:=
- gcrypt? ( dev-libs/libgcrypt:= )
- ldap? (
- >=net-nds/openldap-2.1.30-r1:=
- sasl? (
- dev-libs/cyrus-sasl
- net-nds/openldap:=[sasl]
- )
- )
- pam? ( sys-libs/pam )
- sasl? ( dev-libs/cyrus-sasl )
- skey? ( >=sys-auth/skey-1.1.5-r1 )
- ssl? ( dev-libs/openssl:0= )
- sssd? ( sys-auth/sssd[sudo] )
-"
-RDEPEND="
- ${DEPEND}
- >=app-misc/editor-wrapper-3
- virtual/editor
- ldap? ( dev-lang/perl )
- pam? ( sys-auth/pambase )
- selinux? ( sec-policy/selinux-sudo )
- sendmail? ( virtual/mta )
-"
-BDEPEND+="
- sys-devel/bison
- virtual/pkgconfig
-"
-
-S="${WORKDIR}/${MY_P}"
-
-REQUIRED_USE="
- ?? ( pam skey )
- ?? ( gcrypt ssl )
-"
-
-MAKEOPTS+=" SAMPLES="
-
-src_prepare() {
- default
-
- elibtoolize
-}
-
-set_secure_path() {
- # First extract the default ROOTPATH from build env
- SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo
"${ROOTPATH}")
-
- case "${SECURE_PATH}" in
- */usr/sbin*)
- ;;
- *)
- SECURE_PATH=$(unset PATH; .
"${EPREFIX}"/etc/profile.env; echo "${PATH}")
- ;;
- esac
-
- if [[ -z ${SECURE_PATH} ]] ; then
- ewarn " Failed to detect SECURE_PATH, please report this"
- fi
-
- # Then remove duplicate path entries
- cleanpath() {
- local newpath thisp IFS=:
- for thisp in $1 ; do
- if [[ :${newpath}: != *:${thisp}:* ]] ; then
- newpath+=:${thisp}
- else
- einfo " Duplicate entry ${thisp} removed..."
- fi
- done
- SECURE_PATH=${newpath#:}
- }
- cleanpath
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
-
- # Finally, strip gcc paths, bug #136027
- rmpath() {
- local e newpath thisp IFS=:
- for thisp in ${SECURE_PATH} ; do
- for e ; do
- [[ ${thisp} == ${e} ]] && continue 2 ;
- done
- newpath+=:${thisp}
- done
- SECURE_PATH=${newpath#:}
- }
- rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-}
-
-src_configure() {
- local SECURE_PATH
-
- set_secure_path
-
- # bug #767712
- tc-export PKG_CONFIG
-
- # - audit: somebody got to explain me how I can test this before I
- # enable it.. - Diego
- # - plugindir: autoconf code is crappy and does not delay evaluation
- # until `make` time, so we have to use a full path here rather than
- # basing off other values.
- local myeconfargs=(
- # We set all of the relevant options by ourselves (patched
- # into the toolchain) and setting these in the build system
- # actually causes a downgrade when using e.g.
-D_FORTIFY_SOURCE=3
- # (it'll downgrade to =2). So, this has no functional effect on
- # the hardening for users. It's safe.
- --disable-hardening
-
- # requires some python eclass
- --disable-python
- --enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
- --enable-zlib=system
- --with-editor="${EPREFIX}"/usr/libexec/editor
- --with-env-editor
- --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
- --with-rundir="${EPREFIX}"/run/sudo
- --with-vardir="${EPREFIX}"/var/db/sudo
- --without-linux-audit
- --without-opie
- $(use_enable gcrypt)
- $(use_enable nls)
- $(use_enable sasl)
- $(use_enable ssl openssl)
- $(use_with ldap)
- $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
- $(use_with offensive insults)
- $(use_with offensive all-insults)
- $(use_with pam)
- $(use_with pam pam-login)
- $(use_with secure-path secure-path "${SECURE_PATH}")
- $(use_with selinux)
- $(use_with sendmail)
- $(use_with skey)
- $(use_with sssd)
- )
-
- econf "${myeconfargs[@]}"
-}
-
-src_install() {
- default
-
- if use ldap ; then
- dodoc README.LDAP.md
-
- cat <<-EOF > "${T}"/ldap.conf.sudo
- # See ldap.conf(5) and README.LDAP.md for details
- # This file should only be readable by root
-
- # supported directives: host, port, ssl, ldap_version
- # uri, binddn, bindpw, sudoers_base, sudoers_debug
- # tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
- EOF
-
- if use sasl ; then
- cat <<-EOF >> "${T}"/ldap.conf.sudo
-
- # SASL directives: use_sasl, sasl_mech, sasl_auth_id
- # sasl_secprops, rootuse_sasl, rootsasl_auth_id,
krb5_ccname
- EOF
- fi
-
- insinto /etc
- doins "${T}"/ldap.conf.sudo
- fperms 0440 /etc/ldap.conf.sudo
-
- insinto /etc/openldap/schema
- newins docs/schema.OpenLDAP sudo.schema
- fi
-
- if use pam ; then
- pamd_mimic system-auth sudo auth account session
- pamd_mimic system-auth sudo-i auth account session
- fi
-
- keepdir /var/db/sudo/lectured
- fperms 0700 /var/db/sudo/lectured
- # bug #652958
- fperms 0711 /var/db/sudo
-
- # Don't install into /run as that is a tmpfs most of the time
- # (bug #504854)
- rm -rf "${ED}"/run || die
-
- # bug #697812
- find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
- tmpfiles_process sudo.conf
-
- # bug #652958
- local sudo_db="${EROOT}/var/db/sudo"
- if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
- chmod 711 "${sudo_db}" || die
- fi
-
- if use ldap ; then
- ewarn
- ewarn "sudo uses the ${ROOT}/etc/ldap.conf.sudo file for ldap
configuration."
- ewarn
- if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf
; then
- ewarn "In 1.7 series, LDAP is no more consulted, unless
explicitly"
- ewarn "configured in ${ROOT}/etc/nsswitch.conf."
- ewarn
- ewarn "To make use of LDAP, add this line to your
${ROOT}/etc/nsswitch.conf:"
- ewarn " sudoers: ldap files"
- ewarn
- fi
- fi
- if use prefix ; then
- ewarn
- ewarn "To use sudo on Prefix, you need to change file ownership
and permissions"
- ewarn "with root privileges, as follows:"
- ewarn
- ewarn " # chown root:root ${EPREFIX}/usr/bin/sudo"
- ewarn " # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
- ewarn " # chown root:root ${EPREFIX}/etc/sudoers"
- ewarn " # chown root:root ${EPREFIX}/etc/sudoers.d"
- ewarn " # chown root:root ${EPREFIX}/var/db/sudo"
- ewarn " # chmod 4111 ${EPREFIX}/usr/bin/sudo"
- ewarn
- fi
-
- elog "To use the -A (askpass) option, you need to install a compatible"
- elog "password program from the following list. Starred packages will"
- elog "automatically register for the use with sudo (but will not force"
- elog "the -A option):"
- elog ""
- elog " [*] net-misc/ssh-askpass-fullscreen"
- elog " net-misc/x11-ssh-askpass"
- elog ""
- elog "You can override the choice by setting the SUDO_ASKPASS
environmnent"
- elog "variable to the program you want to use."
-}
