Actually use the plugin_dir Path setting in sudo.conf.

plugins/sudoers/group_plugin.c

@@ -38,6 +38,8 @@
 #include "sudoers.h"
 #include "sudo_dso.h"
 
+const char *path_plugin_dir = _PATH_SUDO_PLUGIN_DIR;
+
 #if defined(HAVE_DLOPEN) || defined(HAVE_SHL_LOAD)
 
 static void *group_handle;
@@ -62,17 +64,17 @@ group_plugin_load(char *plugin_info)
      */
     if ((args = strpbrk(plugin_info, " \t")) != NULL) {
 	len = snprintf(path, sizeof(path), "%s%.*s",
-	    (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "",
+	    (*plugin_info != '/') ? path_plugin_dir : "",
 	    (int)(args - plugin_info), plugin_info);
 	args++;
     } else {
 	len = snprintf(path, sizeof(path), "%s%s",
-	    (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info);
+	    (*plugin_info != '/') ? path_plugin_dir : "", plugin_info);
     }
     if (len <= 0 || (size_t)len >= sizeof(path)) {
 	errno = ENAMETOOLONG;
 	sudo_warn("%s%s",
-	    (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info);
+	    (*plugin_info != '/') ? path_plugin_dir : "", plugin_info);
 	goto done;
     }
 

plugins/sudoers/policy.c

@@ -256,6 +256,10 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
 	    remhost = *cur + sizeof("remote_host=") - 1;
 	    continue;
 	}
+	if (MATCHES(*cur, "plugin_dir=")) {
+	    path_plugin_dir = *cur + sizeof("plugin_dir=") - 1;
+	    continue;
+	}
     }
 
     for (cur = info->user_info; *cur != NULL; cur++) {

plugins/sudoers/sudoers.h

@@ -369,6 +369,7 @@ int group_plugin_load(char *plugin_info);
 void group_plugin_unload(void);
 int group_plugin_query(const char *user, const char *group,
     const struct passwd *pwd);
+extern const char *path_plugin_dir;
 
 /* editor.c */
 char *resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,

src/load_plugins.c

@@ -74,12 +74,17 @@ sudo_stat_plugin(struct plugin_info *info, char *fullpath,
 	}
 #endif /* STATIC_SUDOERS_PLUGIN */
 
-	len = snprintf(fullpath, pathsize, "%s%s", _PATH_SUDO_PLUGIN_DIR,
+	if (sudo_conf_plugin_dir_path() == NULL) {
+	    errno = ENOENT;
+	    goto done;
+	}
+
+	len = snprintf(fullpath, pathsize, "%s%s", sudo_conf_plugin_dir_path(),
 	    info->path);
 	if (len <= 0 || (size_t)len >= pathsize) {
 	    sudo_warnx(U_("error in %s, line %d while loading plugin `%s'"),
 		_PATH_SUDO_CONF, info->lineno, info->symbol_name);
-	    sudo_warnx(U_("%s%s: %s"), _PATH_SUDO_PLUGIN_DIR, info->path,
+	    sudo_warnx(U_("%s%s: %s"), sudo_conf_plugin_dir_path(), info->path,
 		strerror(ENAMETOOLONG));
 	    goto done;
 	}
@@ -109,7 +114,9 @@ sudo_check_plugin(struct plugin_info *info, char *fullpath, size_t pathsize)
     if (sudo_stat_plugin(info, fullpath, pathsize, &sb) != 0) {
 	sudo_warnx(U_("error in %s, line %d while loading plugin `%s'"),
 	    _PATH_SUDO_CONF, info->lineno, info->symbol_name);
-	sudo_warn("%s%s", _PATH_SUDO_PLUGIN_DIR, info->path);
+	sudo_warn("%s%s",
+	    sudo_conf_plugin_dir_path() ? sudo_conf_plugin_dir_path() : "",
+	    info->path);
 	goto done;
     }
     if (sb.st_uid != ROOT_UID) {