From b1e966d9a1bfbf8957639f13ef90ced4302891fb Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Mon, 24 Mar 2014 20:52:41 +0100 Subject: update sudo --- package/sudo/Makefile | 11 +++-- package/sudo/patches/patch-compat_Makefile_in | 15 ++++++ package/sudo/patches/patch-plugins_sudoers_match_c | 54 ++++++++++++++++++++++ 3 files changed, 75 insertions(+), 5 deletions(-) create mode 100644 package/sudo/patches/patch-compat_Makefile_in create mode 100644 package/sudo/patches/patch-plugins_sudoers_match_c (limited to 'package/sudo') diff --git a/package/sudo/Makefile b/package/sudo/Makefile index bc1ba138d..4289c6e5f 100644 --- a/package/sudo/Makefile +++ b/package/sudo/Makefile @@ -4,9 +4,9 @@ include $(TOPDIR)/rules.mk PKG_NAME:= sudo -PKG_VERSION:= 1.7.4p4 -PKG_RELEASE:= 2 -PKG_MD5SUM:= 55d9906535d70a1de347cd3d3550ee87 +PKG_VERSION:= 1.8.10 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 954d64906c3f6e2436f33445a049c58b PKG_DESCR:= su do PKG_SECTION:= admin PKG_URL:= http://www.courtesan.com/sudo/ @@ -16,9 +16,10 @@ include $(TOPDIR)/mk/package.mk $(eval $(call PKG_template,SUDO,sudo,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) +CPPFLAGS_FOR_BUILD+= -I../ -I../include CONFIGURE_ARGS+= --without-pam \ - --with-env-editor \ - --with-timedir=/var/run + --without-sendmail \ + --with-env-editor sudo-install: $(INSTALL_DIR) $(IDIR_SUDO)/usr/bin diff --git a/package/sudo/patches/patch-compat_Makefile_in b/package/sudo/patches/patch-compat_Makefile_in new file mode 100644 index 000000000..e52c8a62c --- /dev/null +++ b/package/sudo/patches/patch-compat_Makefile_in @@ -0,0 +1,15 @@ +--- sudo-1.8.10.orig/compat/Makefile.in 2014-03-07 22:51:19.000000000 +0100 ++++ sudo-1.8.10/compat/Makefile.in 2014-03-24 15:58:28.000000000 +0100 +@@ -96,10 +96,10 @@ signame.c: mksigname + ./mksigname > $@ + + mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/missing.h $(top_builddir)/config.h +- $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@ ++ $(CC_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@ + + mksigname: $(srcdir)/mksigname.c $(srcdir)/mksigname.h $(incdir)/missing.h $(top_builddir)/config.h +- $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksigname.c -o $@ ++ $(CC_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksigname.c -o $@ + + fnm_test: fnm_test.o libreplace.la + $(LIBTOOL) --mode=link $(CC) -o $@ fnm_test.o libreplace.la $(PIE_LDFLAGS) $(SSP_LDFLAGS) diff --git a/package/sudo/patches/patch-plugins_sudoers_match_c b/package/sudo/patches/patch-plugins_sudoers_match_c new file mode 100644 index 000000000..57c49e55b --- /dev/null +++ b/package/sudo/patches/patch-plugins_sudoers_match_c @@ -0,0 +1,54 @@ +--- sudo-1.8.10.orig/plugins/sudoers/match.c 2014-03-07 22:51:19.000000000 +0100 ++++ sudo-1.8.10/plugins/sudoers/match.c 2014-03-24 16:16:24.000000000 +0100 +@@ -122,10 +122,12 @@ userlist_matches(const struct passwd *pw + case ALL: + matched = !m->negated; + break; ++#if 0 + case NETGROUP: + if (netgr_matches(m->name, NULL, NULL, pw->pw_name)) + matched = !m->negated; + break; ++#endif + case USERGROUP: + if (usergr_matches(m->name, pw->pw_name, pw)) + matched = !m->negated; +@@ -178,10 +180,12 @@ runaslist_matches(const struct member_li + case ALL: + user_matched = !m->negated; + break; ++#if 0 + case NETGROUP: + if (netgr_matches(m->name, NULL, NULL, runas_pw->pw_name)) + user_matched = !m->negated; + break; ++#endif + case USERGROUP: + if (usergr_matches(m->name, runas_pw->pw_name, runas_pw)) + user_matched = !m->negated; +@@ -278,10 +282,12 @@ hostlist_matches(const struct member_lis + case ALL: + matched = !m->negated; + break; ++#if 0 + case NETGROUP: + if (netgr_matches(m->name, user_runhost, user_srunhost, NULL)) + matched = !m->negated; + break; ++#endif + case NTWKADDR: + if (addr_matches(m->name)) + matched = !m->negated; +@@ -930,6 +936,7 @@ sudo_getdomainname(void) + * else return false. Either of "lhost", "shost" or "user" may be NULL + * in which case that argument is not checked... + */ ++#if 0 + bool + netgr_matches(const char *netgr, const char *lhost, const char *shost, const char *user) + { +@@ -972,3 +979,4 @@ netgr_matches(const char *netgr, const c + + debug_return_bool(rc); + } ++#endif -- cgit v1.2.3 From 891c9c1da76a4538712a213105e5c5b96cd32af8 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Tue, 25 Mar 2014 12:35:32 +0100 Subject: fix uclibc compile, disable ssp by default --- package/sudo/Makefile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'package/sudo') diff --git a/package/sudo/Makefile b/package/sudo/Makefile index 4289c6e5f..0c3d9562f 100644 --- a/package/sudo/Makefile +++ b/package/sudo/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:= sudo PKG_VERSION:= 1.8.10 -PKG_RELEASE:= 1 +PKG_RELEASE:= 2 PKG_MD5SUM:= 954d64906c3f6e2436f33445a049c58b PKG_DESCR:= su do PKG_SECTION:= admin @@ -21,6 +21,12 @@ CONFIGURE_ARGS+= --without-pam \ --without-sendmail \ --with-env-editor +ifeq ($(ADK_TOOLCHAIN_GCC_USE_SSP),y) +CONFIGURE_ARGS+= --enable-hardening +else +CONFIGURE_ARGS+= --disable-hardening +endif + sudo-install: $(INSTALL_DIR) $(IDIR_SUDO)/usr/bin $(INSTALL_DIR) $(IDIR_SUDO)/usr/sbin -- cgit v1.2.3