Substitute python plugin file name in sudo_plugin_python documentation.

Also use prefix for group plugin fallback path section in sudoers manual.
2022-12-30 13:38:40 -07:00
parent ad55f8ccee
commit 4b0dc2eecb
6 changed files with 71 additions and 58 deletions
--- a/7
+++ b/7
@@ -723,6 +723,7 @@ OBJEXT
 EXEEXT
 ac_ct_CC
 CC
 python_plugin
 sudoers_plugin
 plugindir
 pam_login_service
@@ -3594,6 +3595,7 @@ ac_config_headers="$ac_config_headers config.h pathnames.h"
 #
@@ -3645,6 +3647,7 @@ pam_session=on
 pam_login_service=sudo
 plugindir="$libexecdir/sudo"
 sudoers_plugin="sudoers.so"
 python_plugin="python_plugin.so"
 DIGEST=digest.lo
 devsearch="/dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev"
 #
@@ -17151,6 +17154,7 @@ aix*)
 	noexec_file="$libexecdir/sudo/sudo_noexec.a(sudo_noexec.so)"
 	intercept_file="$libexecdir/sudo/sudo_intercept.a(sudo_intercept.so)"
 	sudoers_plugin="sudoers.a(sudoers.so)"
 	python_plugin="python_plugin.a(python_plugin.so)"
    fi
    ;;
 esac
@@ -36640,6 +36644,9 @@ echo " Pathnames:" >&6
 echo "  log directory			: ${log_dir}" >&6
 echo "  plugin directory		: ${plugindir}" >&6
 echo "  sudoers plugin			: ${sudoers_plugin}" >&6
 if test "${enable_python-no}" != "no"; then
    echo "  python plugin			: ${python_plugin}" >&6
 fi
 echo "  run directory			: ${rundir}" >&6
 echo "  var directory			: ${vardir}" >&6
 echo "  I/O log directory		: ${iolog_dir}" >&6
--- a/configure.ac
+++ b/configure.ac
@@ -179,6 +179,7 @@ AC_SUBST([pam_session])
 AC_SUBST([pam_login_service])
 AC_SUBST([plugindir])
 AC_SUBST([sudoers_plugin])
 AC_SUBST([python_plugin])
 #
 # Begin initial values for man page substitution
 #
@@ -228,6 +229,7 @@ pam_session=on
 pam_login_service=sudo
 plugindir="$libexecdir/sudo"
 sudoers_plugin="sudoers.so"
 python_plugin="python_plugin.so"
 DIGEST=digest.lo
 devsearch="/dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev"
 #
@@ -1685,6 +1687,7 @@ aix*)
 	noexec_file="$libexecdir/sudo/sudo_noexec.a(sudo_noexec.so)"
 	intercept_file="$libexecdir/sudo/sudo_intercept.a(sudo_intercept.so)"
 	sudoers_plugin="sudoers.a(sudoers.so)"
 	python_plugin="python_plugin.a(python_plugin.so)"
    fi
    ;;
 esac
@@ -4424,6 +4427,9 @@ echo " Pathnames:" >&AS_MESSAGE_FD
 echo "  log directory			: ${log_dir}" >&AS_MESSAGE_FD
 echo "  plugin directory		: ${plugindir}" >&AS_MESSAGE_FD
 echo "  sudoers plugin			: ${sudoers_plugin}" >&AS_MESSAGE_FD
 if test "${enable_python-no}" != "no"; then
    echo "  python plugin			: ${python_plugin}" >&AS_MESSAGE_FD
 fi
 echo "  run directory			: ${rundir}" >&AS_MESSAGE_FD
 echo "  var directory			: ${vardir}" >&AS_MESSAGE_FD
 echo "  I/O log directory		: ${iolog_dir}" >&AS_MESSAGE_FD
--- a/docs/sudo_plugin_python.man.in
+++ b/docs/sudo_plugin_python.man.in
@@ -151,7 +151,7 @@ Running the Python interpreter and bridging between C and Python is
 handled by the
 \fBsudo\fR
 plugin
-\fIpython_plugin.so\fR.
+\fI@python_plugin@\fR.
 This shared object can be loaded like any other dynamic
 \fBsudo\fR
 plugin and should receive the path and the class name of the Python
@@ -162,10 +162,10 @@ sudo.conf(@mansectform@):
 .nf
 .sp
 .RS 4n
-Plugin python_policy python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_policy @python_plugin@ ModulePath=<path> ClassName=<class>
-Plugin python_io python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_io @python_plugin@ ModulePath=<path> ClassName=<class>
-Plugin python_audit python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_audit @python_plugin@ ModulePath=<path> ClassName=<class>
-Plugin python_approval python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_approval @python_plugin@ ModulePath=<path> ClassName=<class>
 .RE
 .fi
 .PP
@@ -175,7 +175,7 @@ file:
 .nf
 .sp
 .RS 4n
-Defaults group_plugin="python_plugin.so ModulePath=<path> ClassName=<class>"
+Defaults group_plugin="@python_plugin@ ModulePath=<path> ClassName=<class>"
 .RE
 .fi
 .PP
@@ -210,7 +210,7 @@ For example:
 .nf
 .sp
 .RS 4n
-Plugin python_policy python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_policy @python_plugin@ ModulePath=<path> ClassName=<class>
 .RE
 .fi
 .PP
@@ -568,7 +568,7 @@ To try it, register it by adding the following lines to
 .nf
 .sp
 .RS 0n
-Plugin python_policy python_plugin.so \e
+Plugin python_policy @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_policy_plugin.py \e
    ClassName=SudoPolicyPlugin
 .RE
@@ -586,7 +586,7 @@ For example:
 .nf
 .sp
 .RS 4n
-Plugin python_io python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_io @python_plugin@ ModulePath=<path> ClassName=<class>
 .RE
 .fi
 .PP
@@ -868,7 +868,7 @@ To try it, register it by adding the following lines to
 .nf
 .sp
 .RS 4n
-Plugin python_io python_plugin.so \e
+Plugin python_io @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_io_plugin.py \e
    ClassName=SudoIOPlugin
 .RE
@@ -880,7 +880,7 @@ For example:
 .nf
 .sp
 .RS 4n
-Plugin python_audit python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_audit @python_plugin@ ModulePath=<path> ClassName=<class>
 .RE
 .fi
 .PP
@@ -1188,7 +1188,7 @@ To try it, register it by adding the following lines to
 .nf
 .sp
 .RS 4n
-Plugin python_audit python_plugin.so \e
+Plugin python_audit @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_audit_plugin.py \e
    ClassName=SudoAuditPlugin
 .RE
@@ -1202,7 +1202,7 @@ For example:
 .nf
 .sp
 .RS 4n
-Plugin python_approval python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_approval @python_plugin@ ModulePath=<path> ClassName=<class>
 .RE
 .fi
 .PP
@@ -1332,7 +1332,7 @@ To try it, register it by adding the following lines to
 .nf
 .sp
 .RS 4n
-Plugin python_approval python_plugin.so \e
+Plugin python_approval @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_approval_plugin.py \e
    ClassName=BusinessHoursApprovalPlugin
 .RE
@@ -1348,7 +1348,7 @@ For example:
 .nf
 .sp
 .RS 4n
-Defaults group_plugin="python_plugin.so ModulePath=<path> ClassName=<class>"
+Defaults group_plugin="@python_plugin@ ModulePath=<path> ClassName=<class>"
 .RE
 .fi
 .PP
@@ -1429,7 +1429,7 @@ file by adding the following lines:
 .nf
 .sp
 .RS 4n
-Defaults group_plugin="python_plugin.so \e
+Defaults group_plugin="@python_plugin@ \e
    ModulePath=@EXAMPLES@/example_group_plugin.py \e
    ClassName=SudoGroupPlugin"
 .RE
@@ -1590,7 +1590,7 @@ To try it, register it by adding the following lines to
 .nf
 .sp
 .RS 4n
-Plugin python_io python_plugin.so \e
+Plugin python_io @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_conversation.py \e
    ClassName=ReasonLoggerIOPlugin
 .RE
@@ -1644,14 +1644,14 @@ To enable debug messages, add a
 line to
 sudo.conf(@mansectform@)
 with the program set to
-\fIpython_plugin.so\fR.
+\fI@python_plugin@\fR.
 For example, to store debug output in
 \fI@log_dir@/sudo_python_debug\fR,
 use a line like the following:
 .nf
 .sp
 .RS 4n
-Debug python_plugin.so @log_dir@/sudo_python_debug \e
+Debug @python_plugin@ @log_dir@/sudo_python_debug \e
    plugin@trace,c_calls@trace
 .RE
 .fi
@@ -1666,7 +1666,7 @@ calls, use:
 .nf
 .sp
 .RS 4n
-Debug python_plugin.so @log_dir@/sudo_python_debug plugin@trace
+Debug @python_plugin@ @log_dir@/sudo_python_debug plugin@trace
 .RE
 .fi
 .PP
@@ -1769,11 +1769,11 @@ To try it, register it by adding the following lines to
 .nf
 .sp
 .RS 4n
-Plugin python_io python_plugin.so \e
+Plugin python_io @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_debugging.py \e
    ClassName=DebugDemoPlugin
-Debug python_plugin.so \e
+Debug @python_plugin@ \e
    @log_dir@/sudo_python_debug plugin@trace,c_calls@trace
 .RE
 .fi
@@ -1872,7 +1872,7 @@ If you believe you have found a bug in
 you can submit a bug report at https://bugzilla.sudo.ws/
 .SH "SECURITY CONSIDERATIONS"
 All Python plugin handling is implemented inside the
-\fIpython_plugin.so\fR
+\fI@python_plugin@\fR
 dynamic plugin.
 Therefore, if no Python plugin is registered in
 sudo.conf(@mansectform@)
--- a/docs/sudo_plugin_python.mdoc.in
+++ b/docs/sudo_plugin_python.mdoc.in
@@ -128,7 +128,7 @@ Running the Python interpreter and bridging between C and Python is
 handled by the
 .Nm sudo
 plugin
-.Pa python_plugin.so .
+.Pa @python_plugin@ .
 This shared object can be loaded like any other dynamic
 .Nm sudo
 plugin and should receive the path and the class name of the Python
@@ -137,17 +137,17 @@ plugin it is loading as arguments.
 Example usage in
 .Xr sudo.conf @mansectform@ :
 .Bd -literal -offset 4n
-Plugin python_policy python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_policy @python_plugin@ ModulePath=<path> ClassName=<class>
-Plugin python_io python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_io @python_plugin@ ModulePath=<path> ClassName=<class>
-Plugin python_audit python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_audit @python_plugin@ ModulePath=<path> ClassName=<class>
-Plugin python_approval python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_approval @python_plugin@ ModulePath=<path> ClassName=<class>
 .Ed
 .Pp
 Example group provider plugin usage in the
 .Em sudoers
 file:
 .Bd -literal -offset 4n
-Defaults group_plugin="python_plugin.so ModulePath=<path> ClassName=<class>"
+Defaults group_plugin="@python_plugin@ ModulePath=<path> ClassName=<class>"
 .Ed
 .Pp
 The plugin arguments are as follows:
@@ -179,7 +179,7 @@ Policy plugins must be registered in
 .Xr sudo.conf @mansectform@ .
 For example:
 .Bd -literal -offset 4n
-Plugin python_policy python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_policy @python_plugin@ ModulePath=<path> ClassName=<class>
 .Ed
 .Pp
 Currently, only a single policy plugin may be specified in
@@ -464,7 +464,7 @@ Sudo ships with an example Python policy plugin.
 To try it, register it by adding the following lines to
 .Pa @sysconfdir@/sudo.conf :
 .Bd -literal
-Plugin python_policy python_plugin.so \e
+Plugin python_policy @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_policy_plugin.py \e
    ClassName=SudoPolicyPlugin
 .Ed
@@ -479,7 +479,7 @@ I/O plugins must be registered in
 .Xr sudo.conf @mansectform@ .
 For example:
 .Bd -literal -offset 4n
-Plugin python_io python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_io @python_plugin@ ModulePath=<path> ClassName=<class>
 .Ed
 .Pp
 Sudo supports loading multiple I/O plugins.
@@ -706,7 +706,7 @@ Sudo ships with a Python I/O plugin example.
 To try it, register it by adding the following lines to
 .Pa @sysconfdir@/sudo.conf :
 .Bd -literal -offset 4n
-Plugin python_io python_plugin.so \e
+Plugin python_io @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_io_plugin.py \e
    ClassName=SudoIOPlugin
 .Ed
@@ -715,7 +715,7 @@ Audit plugins must be registered in
 .Xr sudo.conf @mansectform@ .
 For example:
 .Bd -literal -offset 4n
-Plugin python_audit python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_audit @python_plugin@ ModulePath=<path> ClassName=<class>
 .Ed
 .Pp
 Sudo supports loading multiple audit plugins.
@@ -955,7 +955,7 @@ Sudo ships with a Python Audit plugin example.
 To try it, register it by adding the following lines to
 .Pa @sysconfdir@/sudo.conf :
 .Bd -literal -offset 4n
-Plugin python_audit python_plugin.so \e
+Plugin python_audit @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_audit_plugin.py \e
    ClassName=SudoAuditPlugin
 .Ed
@@ -966,7 +966,7 @@ Approval plugins must be registered in
 .Xr sudo.conf @mansectform@ .
 For example:
 .Bd -literal -offset 4n
-Plugin python_approval python_plugin.so ModulePath=<path> ClassName=<class>
+Plugin python_approval @python_plugin@ ModulePath=<path> ClassName=<class>
 .Ed
 .Pp
 Sudo supports loading multiple approval plugins.
@@ -1064,7 +1064,7 @@ Sudo ships with a Python Approval plugin example.
 To try it, register it by adding the following lines to
 .Pa @sysconfdir@/sudo.conf :
 .Bd -literal -offset 4n
-Plugin python_approval python_plugin.so \e
+Plugin python_approval @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_approval_plugin.py \e
    ClassName=BusinessHoursApprovalPlugin
 .Ed
@@ -1077,7 +1077,7 @@ A group provider plugin is registered in the
 file.
 For example:
 .Bd -literal -offset 4n
-Defaults group_plugin="python_plugin.so ModulePath=<path> ClassName=<class>"
+Defaults group_plugin="@python_plugin@ ModulePath=<path> ClassName=<class>"
 .Ed
 .Pp
 Currently, only a single group plugin can be registered in
@@ -1141,7 +1141,7 @@ To try it, register it in the
 .Em sudoers
 file by adding the following lines:
 .Bd -literal -offset 4n
-Defaults group_plugin="python_plugin.so \e
+Defaults group_plugin="@python_plugin@ \e
    ModulePath=@EXAMPLES@/example_group_plugin.py \e
    ClassName=SudoGroupPlugin"
 .Ed
@@ -1279,7 +1279,7 @@ Sudo ships with an example plugin demonstrating the Python conversation API.
 To try it, register it by adding the following lines to
 .Pa @sysconfdir@/sudo.conf :
 .Bd -literal -offset 4n
-Plugin python_io python_plugin.so \e
+Plugin python_io @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_conversation.py \e
    ClassName=ReasonLoggerIOPlugin
 .Ed
@@ -1329,12 +1329,12 @@ To enable debug messages, add a
 line to
 .Xr sudo.conf @mansectform@
 with the program set to
-.Pa python_plugin.so .
+.Pa @python_plugin@ .
 For example, to store debug output in
 .Pa @log_dir@/sudo_python_debug ,
 use a line like the following:
 .Bd -literal -offset 4n
-Debug python_plugin.so @log_dir@/sudo_python_debug \e
+Debug @python_plugin@ @log_dir@/sudo_python_debug \e
    plugin@trace,c_calls@trace
 .Ed
 .Pp
@@ -1346,7 +1346,7 @@ For example to just see the debug output of
 .Fn sudo.debug
 calls, use:
 .Bd -literal -offset 4n
-Debug python_plugin.so @log_dir@/sudo_python_debug plugin@trace
+Debug @python_plugin@ @log_dir@/sudo_python_debug plugin@trace
 .Ed
 .Pp
 See
@@ -1428,11 +1428,11 @@ Sudo ships with an example debug plugin.
 To try it, register it by adding the following lines to
 .Pa @sysconfdir@/sudo.conf :
 .Bd -literal -offset 4n
-Plugin python_io python_plugin.so \e
+Plugin python_io @python_plugin@ \e
    ModulePath=@EXAMPLES@/example_debugging.py \e
    ClassName=DebugDemoPlugin
-Debug python_plugin.so \e
+Debug @python_plugin@ \e
    @log_dir@/sudo_python_debug plugin@trace,c_calls@trace
 .Ed
 .Ss Option conversion API
@@ -1523,7 +1523,7 @@ If you believe you have found a bug in
 you can submit a bug report at https://bugzilla.sudo.ws/
 .Sh SECURITY CONSIDERATIONS
 All Python plugin handling is implemented inside the
-.Pa python_plugin.so
+.Pa @python_plugin@
 dynamic plugin.
 Therefore, if no Python plugin is registered in
 .Xr sudo.conf @mansectform@
--- a/docs/sudoers.man.in
+++ b/docs/sudoers.man.in
@@ -5147,23 +5147,23 @@ On Solaris, if the plugin is stored in a directory ending in
 will create a fallback path by appending
 \(lq/64\(rq
 to the directory name;
-\fI/usr/lib/sudo_plugin.so\fR
+\fI@prefix@/lib/group_plugin.so\fR
 becomes
-\fI/usr/lib/64/sudo_plugin.so\fR.
+\fI@prefix@/lib/64/group_plugin.so\fR.
 On Linux, a directory ending in
 \(lqlib\(rq
 will be transformed to
 \(lqlib64\(rq
 as the fallback path;
-\fI/usr/lib/sudo_plugin.so\fR
+\fI@prefix@/lib/group_plugin.so\fR
 becomes
-\fI/usr/lib64/sudo_plugin.so\fR.
+\fI@prefix@/lib64/group_plugin.so\fR.
 On all other systems, the fallback path is generated by adding a
 \(lq64\(rq
 before the file extension;
-\fIsudo_plugin.so\fR
+\fIgroup_plugin.so\fR
 becomes
-\fIsudo_plugin64.so\fR.
+\fIgroup_plugin64.so\fR.
 .sp
 For more information see
 \fIGROUP PROVIDER PLUGINS\fR.
--- a/docs/sudoers.mdoc.in
+++ b/docs/sudoers.mdoc.in
@@ -4845,23 +4845,23 @@ On Solaris, if the plugin is stored in a directory ending in
 will create a fallback path by appending
 .Dq /64
 to the directory name;
-.Pa /usr/lib/sudo_plugin.so
+.Pa @prefix@/lib/group_plugin.so
 becomes
-.Pa /usr/lib/64/sudo_plugin.so .
+.Pa @prefix@/lib/64/group_plugin.so .
 On Linux, a directory ending in
 .Dq lib
 will be transformed to
 .Dq lib64
 as the fallback path;
-.Pa /usr/lib/sudo_plugin.so
+.Pa @prefix@/lib/group_plugin.so
 becomes
-.Pa /usr/lib64/sudo_plugin.so .
+.Pa @prefix@/lib64/group_plugin.so .
 On all other systems, the fallback path is generated by adding a
 .Dq 64
 before the file extension;
-.Pa sudo_plugin.so
+.Pa group_plugin.so
 becomes
-.Pa sudo_plugin64.so .
+.Pa group_plugin64.so .
 .Pp
 For more information see
 .Sx "GROUP PROVIDER PLUGINS" .