sudo: upgraded package to upstream
Upgraded app-admin/sudo to version 1.9.5_p2 on amd64, arm, arm64
Also added tc-export PKG_CONFIG on line 132 and filed a bug with
upstream gentoo.
BUG=b/178626482
TEST=presubmit
RELEASE_NOTE=Upgraded app-admin/sudo to version 1.9.5_p2
Change-Id: I071ea95ff760f66522e301e4aaba22f7c8cf2331
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/overlays/portage-stable/+/2653491
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Greg Kerr <kerrnel@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Nicole Anderson-Au <nvaa@google.com>
Tested-by: Nicole Anderson-Au <nvaa@google.com>
Auto-Submit: Nicole Anderson-Au <nvaa@google.com>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/11450
Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
index d708aa4..d9bad02 100644
--- a/app-admin/sudo/Manifest
+++ b/app-admin/sudo/Manifest
@@ -1 +1 @@
-DIST sudo-1.8.31.tar.gz 3350674 BLAKE2B de5a968732fdd58933b4c513d13c43a08cb50075a00c3e0d338c9892570a416a2b3a8f19940c0893715f4eeab991e804831a87ef656ffd91e7f1ba047c119261 SHA512 b9e408a322938c7a712458e9012d8a5f648fba5b23a5057cf5d8372c7f931262595f1575c32c32b9cb1a04af670ff4611e7df48d197e5c4cc038d6b65439a28a
+DIST sudo-1.9.5p2.tar.gz 4012277 BLAKE2B 41913887463e4f775564af8d614fb5ed762200aa777dc789ec333842d4f432323474fc952a531fe929b33607cdfbcd18d7fe7470a15d67139deaf855841ed11f SHA512 f0fe914963c31a6f8ab6c86847ff6cdd125bd5a839b27f46dcae03963f4fc413b3d4cca54c1979feb825c8479b44c7df0642c07345c941eecf6f9f1e03ea0e27
diff --git a/app-admin/sudo/metadata.xml b/app-admin/sudo/metadata.xml
index 72faa06..a99f4f7 100644
--- a/app-admin/sudo/metadata.xml
+++ b/app-admin/sudo/metadata.xml
@@ -18,10 +18,6 @@
<flag name="sendmail">Allow sudo to send emails with sendmail</flag>
<flag name="sssd">Add System Security Services Daemon support</flag>
<flag name="secure-path">Replace PATH variable with compile time secure paths</flag>
- <flag name="system-digest">
- Use message digest functions from <pkg>dev-libs/libgcrypt</pkg>, <pkg>dev-libs/libressl</pkg>
- or <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2 implementation
- </flag>
</use>
<upstream>
<remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id>
diff --git a/app-admin/sudo/sudo-1.8.31.ebuild b/app-admin/sudo/sudo-1.9.5_p2.ebuild
similarity index 91%
rename from app-admin/sudo/sudo-1.8.31.ebuild
rename to app-admin/sudo/sudo-1.9.5_p2.ebuild
index fa49076..da52a82 100644
--- a/app-admin/sudo/sudo-1.8.31.ebuild
+++ b/app-admin/sudo/sudo-1.9.5_p2.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-inherit pam multilib libtool tmpfiles
+inherit pam multilib libtool systemd tmpfiles
MY_P="${P/_/}"
MY_P="${MY_P/beta/b}"
@@ -30,10 +30,11 @@
# 3-clause BSD license
LICENSE="ISC BSD"
SLOT="0"
-IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey sssd system-digest"
+IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
DEPEND="
sys-libs/zlib:=
+ gcrypt? ( dev-libs/libgcrypt:= )
ldap? (
>=net-nds/openldap-2.1.30-r1
sasl? (
@@ -44,14 +45,11 @@
pam? ( sys-libs/pam )
sasl? ( dev-libs/cyrus-sasl )
skey? ( >=sys-auth/skey-1.1.5-r1 )
- sssd? ( sys-auth/sssd[sudo] )
- system-digest? (
- gcrypt? ( dev-libs/libgcrypt:= )
- !gcrypt? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:0= )
- )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
)
+ sssd? ( sys-auth/sssd[sudo] )
"
RDEPEND="
${DEPEND}
@@ -64,13 +62,14 @@
"
BDEPEND="
sys-devel/bison
+ virtual/pkgconfig
"
S="${WORKDIR}/${MY_P}"
REQUIRED_USE="
- pam? ( !skey )
- skey? ( !pam )
+ ?? ( pam skey )
+ ?? ( gcrypt ssl )
"
MAKEOPTS+=" SAMPLES="
@@ -130,6 +129,7 @@
src_configure() {
local SECURE_PATH
set_secure_path
+ tc-export PKG_CONFIG
# audit: somebody got to explain me how I can test this before I
# enable it.. - Diego
@@ -137,36 +137,34 @@
# until `make` time, so we have to use a full path here rather than
# basing off other values.
myeconfargs=(
- --enable-zlib=system
+ # requires some python eclass
+ --disable-python
--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
+ --enable-zlib=system
--with-editor="${EPREFIX}"/usr/libexec/editor
--with-env-editor
--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
--with-rundir="${EPREFIX}"/run/sudo
- $(use_with secure-path secure-path "${SECURE_PATH}")
--with-vardir="${EPREFIX}"/var/db/sudo
--without-linux-audit
--without-opie
$(use_enable gcrypt)
$(use_enable nls)
$(use_enable sasl)
+ $(use_enable ssl openssl)
+ $(use_with ldap)
+ $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
$(use_with offensive insults)
$(use_with offensive all-insults)
- $(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
- $(use_with ldap)
$(use_with pam)
- $(use_with skey)
- $(use_with sssd)
+ $(use_with pam pam-login)
+ $(use_with secure-path secure-path "${SECURE_PATH}")
$(use_with selinux)
$(use_with sendmail)
+ $(use_with skey)
+ $(use_with sssd)
)
- if use system-digest && ! use gcrypt; then
- myeconfargs+=("--enable-openssl")
- else
- myeconfargs+=("--disable-openssl")
- fi
-
econf "${myeconfargs[@]}"
}
@@ -200,8 +198,10 @@
insinto /etc/openldap/schema
newins doc/schema.OpenLDAP sudo.schema
fi
-
- pamd_mimic system-auth sudo auth account session
+ if use pam; then
+ pamd_mimic system-auth sudo auth account session
+ pamd_mimic system-auth sudo-i auth account session
+ fi
keepdir /var/db/sudo/lectured
fperms 0700 /var/db/sudo/lectured
@@ -209,7 +209,7 @@
# Don't install into /run as that is a tmpfs most of the time
# (bug #504854)
- rm -rf "${ED}"/run
+ rm -rf "${ED}"/run || die
find "${ED}" -type f -name "*.la" -delete || die #697812
}
diff --git a/metadata/md5-cache/app-admin/sudo-1.8.31 b/metadata/md5-cache/app-admin/sudo-1.8.31
deleted file mode 100644
index 05b0175..0000000
--- a/metadata/md5-cache/app-admin/sudo-1.8.31
+++ /dev/null
@@ -1,15 +0,0 @@
-BDEPEND=sys-devel/bison >=app-portage/elt-patches-20170815
-DEFINED_PHASES=configure install postinst prepare
-DEPEND=sys-libs/zlib:= ldap? ( >=net-nds/openldap-2.1.30-r1 sasl? ( dev-libs/cyrus-sasl net-nds/openldap[sasl] ) ) pam? ( sys-libs/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) system-digest? ( gcrypt? ( dev-libs/libgcrypt:= ) !gcrypt? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:0= ) ) )
-DESCRIPTION=Allows users or groups to run commands as other users
-EAPI=7
-HOMEPAGE=https://www.sudo.ws/
-IUSE=gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey sssd system-digest
-KEYWORDS=*
-LICENSE=ISC BSD
-RDEPEND=sys-libs/zlib:= ldap? ( >=net-nds/openldap-2.1.30-r1 sasl? ( dev-libs/cyrus-sasl net-nds/openldap[sasl] ) ) pam? ( sys-libs/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) system-digest? ( gcrypt? ( dev-libs/libgcrypt:= ) !gcrypt? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:0= ) ) ) >=app-misc/editor-wrapper-3 virtual/editor ldap? ( dev-lang/perl ) pam? ( sys-auth/pambase ) selinux? ( sec-policy/selinux-sudo ) sendmail? ( virtual/mta ) virtual/tmpfiles
-REQUIRED_USE=pam? ( !skey ) skey? ( !pam )
-SLOT=0
-SRC_URI=https://www.sudo.ws/sudo/dist/sudo-1.8.31.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.31.tar.gz
-_eclasses_=eutils fcb2aa98e1948b835b5ae66ca52868c5 flag-o-matic 5d5921a298e95441da2f85be419894c0 libtool f143db5a74ccd9ca28c1234deffede96 multilib 2477ebe553d3e4d2c606191fe6c33602 pam 3f746974e1cc47cabe3bd488c08cdc8e tmpfiles 6170dc7770585fb3f16efdee789a3218 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
-_md5_=69c65c899b4c7a6d1c1d25a633984101
diff --git a/metadata/md5-cache/app-admin/sudo-1.9.5_p2 b/metadata/md5-cache/app-admin/sudo-1.9.5_p2
new file mode 100644
index 0000000..cd91ec1
--- /dev/null
+++ b/metadata/md5-cache/app-admin/sudo-1.9.5_p2
@@ -0,0 +1,15 @@
+BDEPEND=sys-devel/bison virtual/pkgconfig >=app-portage/elt-patches-20170815 virtual/pkgconfig
+DEFINED_PHASES=configure install postinst prepare
+DEPEND=sys-libs/zlib:= gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 sasl? ( dev-libs/cyrus-sasl net-nds/openldap[sasl] ) ) pam? ( sys-libs/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) ssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:0= ) ) sssd? ( sys-auth/sssd[sudo] )
+DESCRIPTION=Allows users or groups to run commands as other users
+EAPI=7
+HOMEPAGE=https://www.sudo.ws/
+IUSE=gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd
+KEYWORDS=*
+LICENSE=ISC BSD
+RDEPEND=sys-libs/zlib:= gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 sasl? ( dev-libs/cyrus-sasl net-nds/openldap[sasl] ) ) pam? ( sys-libs/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) ssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:0= ) ) sssd? ( sys-auth/sssd[sudo] ) >=app-misc/editor-wrapper-3 virtual/editor ldap? ( dev-lang/perl ) pam? ( sys-auth/pambase ) selinux? ( sec-policy/selinux-sudo ) sendmail? ( virtual/mta ) virtual/tmpfiles
+REQUIRED_USE=?? ( pam skey ) ?? ( gcrypt ssl )
+SLOT=0
+SRC_URI=https://www.sudo.ws/sudo/dist/sudo-1.9.5p2.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.5p2.tar.gz
+_eclasses_=eutils fcb2aa98e1948b835b5ae66ca52868c5 flag-o-matic 5d5921a298e95441da2f85be419894c0 libtool f143db5a74ccd9ca28c1234deffede96 multilib 2477ebe553d3e4d2c606191fe6c33602 pam 3f746974e1cc47cabe3bd488c08cdc8e systemd 71fd8d2065d102753fb9e4d20eaf3e9f tmpfiles 6170dc7770585fb3f16efdee789a3218 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
+_md5_=3f4855f965de0c13c8feb60cd47657d2