From 415856bdd4f48ab4f2732996f0bae58595092bbe Mon Sep 17 00:00:00 2001
From: Parabola <dev@list.parabolagnulinux.org>
Date: Tue, 5 Apr 2011 14:26:38 +0000
Subject: Tue Apr  5 14:26:38 UTC 2011

---
 core/sudo/PKGBUILD                    | 52 +++++++++++++++++++++++++++++++++++
 core/sudo/sudo.pam                    |  3 ++
 core/sudo/sudo_l.patch                | 21 ++++++++++++++
 core/sudo/sudo_noninteractive.patch   | 15 ++++++++++
 core/sudo/sudo_validate_exitval.patch | 15 ++++++++++
 5 files changed, 106 insertions(+)
 create mode 100644 core/sudo/PKGBUILD
 create mode 100644 core/sudo/sudo.pam
 create mode 100644 core/sudo/sudo_l.patch
 create mode 100644 core/sudo/sudo_noninteractive.patch
 create mode 100644 core/sudo/sudo_validate_exitval.patch

(limited to 'core/sudo')

diff --git a/core/sudo/PKGBUILD b/core/sudo/PKGBUILD
new file mode 100644
index 000000000..7281b56b0
--- /dev/null
+++ b/core/sudo/PKGBUILD
@@ -0,0 +1,52 @@
+# $Id: PKGBUILD 113374 2011-03-08 13:08:35Z allan $
+# Maintainer: Allan McRae <allan@archlinux.org>
+# Contributor: Tom Newsom <Jeepster@gmx.co.uk>
+
+pkgname=sudo
+_ver=1.8.0
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+pkgrel=4
+pkgdesc="Give certain users the ability to run some commands as root"
+arch=('i686' 'x86_64')
+url="http://www.sudo.ws/sudo/"
+license=('custom')
+depends=('glibc' 'pam')
+backup=('etc/sudoers' 'etc/pam.d/sudo')
+source=(ftp://ftp.sudo.ws/pub/sudo/$pkgname-$_ver.tar.gz
+	sudo_l.patch
+	sudo_validate_exitval.patch
+	sudo_noninteractive.patch
+        sudo.pam)
+options=('!libtool' '!makeflags')
+md5sums=('fa0a35330691af14cb1869f64a65aebc'
+         '29656b2f2365e14fa0f8eb94e61f3690'
+         '4751aa5557fe43fd8e03e0c7b5affcfc'
+         '47d152ade2c9a726684fa1227e46bfe3'
+         '4e7ad4ec8f2fe6a40e12bcb2c0b256e3')
+
+build() {
+  cd $srcdir/$pkgname-$_ver
+
+  # http://www.sudo.ws/bugs/show_bug.cgi?id=474
+  patch -Np1 -i $srcdir/sudo_l.patch
+  
+  # http://www.sudo.ws/bugs/show_bug.cgi?id=479
+  patch -Np1 -i $srcdir/sudo_validate_exitval.patch
+
+  # http://www.sudo.ws/bugs/show_bug.cgi?id=478
+  patch -Np1 -i $srcdir/sudo_noninteractive.patch
+
+  ./configure --prefix=/usr --with-pam --libexecdir=/usr/lib \
+    --with-env-editor --with-all-insults --with-logfac=auth
+  make
+}
+
+package() {
+  cd $srcdir/$pkgname-$_ver
+  install -dm755 $pkgdir/var/lib
+
+  make DESTDIR=$pkgdir install
+  install -Dm644 $srcdir/sudo.pam $pkgdir/etc/pam.d/sudo
+
+  install -Dm644 doc/LICENSE $pkgdir/usr/share/licenses/sudo/LICENSE
+}
diff --git a/core/sudo/sudo.pam b/core/sudo/sudo.pam
new file mode 100644
index 000000000..4e586cd22
--- /dev/null
+++ b/core/sudo/sudo.pam
@@ -0,0 +1,3 @@
+#%PAM-1.0
+auth		required	pam_unix.so
+auth		required	pam_nologin.so
diff --git a/core/sudo/sudo_l.patch b/core/sudo/sudo_l.patch
new file mode 100644
index 000000000..2115ed760
--- /dev/null
+++ b/core/sudo/sudo_l.patch
@@ -0,0 +1,21 @@
+diff -r df1bb67fb168 plugins/sudoers/sudo_nss.c
+--- a/plugins/sudoers/sudo_nss.c	Wed Mar 02 12:39:11 2011 -0500
++++ b/plugins/sudoers/sudo_nss.c	Thu Mar 03 09:37:48 2011 -0500
+@@ -309,6 +309,7 @@
+ /*
+  * Check user_cmnd against sudoers and print the matching entry if the
+  * command is allowed.
++ * Returns TRUE if the command is allowed, else FALSE.
+  */
+ int
+ display_cmnd(struct sudo_nss_list *snl, struct passwd *pw)
+@@ -320,7 +321,7 @@
+ 
+     tq_foreach_fwd(snl, nss) {
+ 	if (nss->display_cmnd(nss, pw) == 0)
+-	    return 0;
++	    return TRUE;
+     }
+-    return 1;
++    return FALSE;
+ }
diff --git a/core/sudo/sudo_noninteractive.patch b/core/sudo/sudo_noninteractive.patch
new file mode 100644
index 000000000..c0c4c4515
--- /dev/null
+++ b/core/sudo/sudo_noninteractive.patch
@@ -0,0 +1,15 @@
+diff -r fc3dd3be67e9 plugins/sudoers/sudoers.c
+--- a/plugins/sudoers/sudoers.c	Sat Mar 05 15:34:30 2011 -0500
++++ b/plugins/sudoers/sudoers.c	Sun Mar 06 15:35:39 2011 -0500
+@@ -1172,6 +1172,11 @@
+ 		SET(flags, MODE_IGNORE_TICKET);
+ 	    continue;
+ 	}
++	if (MATCHES(*cur, "noninteractive=")) {
++	    if (atobool(*cur + sizeof("noninteractive=") - 1) == TRUE)
++		SET(flags, MODE_NONINTERACTIVE);
++	    continue;
++	}
+ 	if (MATCHES(*cur, "sudoedit=")) {
+ 	    if (atobool(*cur + sizeof("sudoedit=") - 1) == TRUE)
+ 		SET(flags, MODE_EDIT);
diff --git a/core/sudo/sudo_validate_exitval.patch b/core/sudo/sudo_validate_exitval.patch
new file mode 100644
index 000000000..ccda68921
--- /dev/null
+++ b/core/sudo/sudo_validate_exitval.patch
@@ -0,0 +1,15 @@
+diff -r 172f29597bd2 plugins/sudoers/sudoers.c
+--- a/plugins/sudoers/sudoers.c	Sun Mar 06 15:38:02 2011 -0500
++++ b/plugins/sudoers/sudoers.c	Sun Mar 06 15:52:06 2011 -0500
+@@ -546,8 +546,10 @@
+     if (def_group_plugin)
+ 	group_plugin_unload();
+ 
+-    if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST)))
++    if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST))) {
++	rval = TRUE;
+ 	goto done;
++    }
+ 
+     /*
+      * Set umask based on sudoers.
-- 
cgit v1.2.3-54-g00ecf