diff --git a/INSTALL b/INSTALL index 5c8ae504e..300c9ba47 100644 --- a/INSTALL +++ b/INSTALL @@ -186,6 +186,13 @@ Special features/options: `configure' changes; you should check to see if your platform can access DCE via PAM before using this option. + --with-logincap + Enable support for BSD login classes on FreeBSD. This adds support + for the login classes specified in /etc/login.conf. By default, + a login class is not applied unless the 'use_loginclass' option + is defined in sudoers or the user specifies a class on the command + line. + --disable-sia Disable SIA support. This is the "Security Integration Architecture" on Digital UNIX. If you disable SIA sudo will use its own diff --git a/Makefile.in b/Makefile.in index 58052cd10..930580845 100644 --- a/Makefile.in +++ b/Makefile.in @@ -85,12 +85,11 @@ visudodir = $(sbindir) sudoersdir = $(sysconfdir) # Directory in which to install the man page -# set mansect5 to 4 on sysV machines. mantype = @MANTYPE@ -mansect8 = 8 -mansect5 = 5 -mandir8 = $(mandir)/$(mantype)$(mansect8) -mandir5 = $(mandir)/$(mantype)$(mansect5) +mansectsu = @mansectsu@ +mansectform = @mansectform@ +mandirsu = $(mandir)/$(mantype)$(mansectsu) +mandirform = $(mandir)/$(mantype)$(mansectform) # User and group ids the installed files should be "owned" by install_uid = 0 @@ -145,8 +144,9 @@ DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES FAQ HISTORY INSTALL INSTALL.configure \ UPGRADE acsite.m4 aixcrypt.exp config.guess config.h.in config.sub \ configure configure.in fnmatch.3 indent.pro install-sh \ mkinstalldirs pathnames.h.in sample.pam sample.syslog.conf \ - sample.sudoers sudo.cat sudo.man sudo.pod sudoers sudoers.cat \ - sudoers.man sudoers.pod visudo.cat visudo.man visudo.pod auth/API + sample.sudoers sudo.cat sudo.man.in sudo.pod sudoers sudoers.cat \ + sudoers.man.in sudoers.pod visudo.cat visudo.man.in visudo.pod \ + auth/API BINFILES= BUGS CHANGES HISTORY LICENSE README TODO TROUBLESHOOTING \ UPGRADE install-sh mkinstalldirs sample.syslog.conf sample.sudoers \ @@ -251,35 +251,35 @@ securid.o: $(authdir)/securid.c $(AUTHDEP) sia.o: $(authdir)/sia.c $(AUTHDEP) $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sia.c -sudo.man: $(srcdir)/sudo.pod +sudo.man.in: $(srcdir)/sudo.pod @rm -f $(srcdir)/$@ - (cd $(srcdir); pod2man --section=$(mansect8) --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudo.pod > $(srcdir)/$@) + (cd $(srcdir); pod2man --section=`echo @MANSECTSU@|tr A-Z a-z` --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudo.pod > $(srcdir)/$@) sudo.cat: sudo.man -visudo.man: $(srcdir)/visudo.pod +visudo.man.in: $(srcdir)/visudo.pod @rm -f $(srcdir)/$@ - (cd $(srcdir); pod2man --section=$(mansect8) --release=$(VERSION) --center="MAINTENANCE COMMANDS" visudo.pod > $(srcdir)/$@) + (cd $(srcdir); pod2man --section=`echo @MANSECTSU@|tr A-Z a-z` --release=$(VERSION) --center="MAINTENANCE COMMANDS" visudo.pod > $(srcdir)/$@) visudo.cat: visudo.man -sudoers.man: $(srcdir)/sudoers.pod +sudoers.man.in: $(srcdir)/sudoers.pod @rm -f $(srcdir)/$@ - (cd $(srcdir); pod2man --section=$(mansect5) --release=$(VERSION) --center="FILE FORMATS" sudoers.pod > $(srcdir)/$@) + (cd $(srcdir); pod2man --section=`echo @MANSECTFORM@|tr A-Z a-z` --release=$(VERSION) --center="FILE FORMATS" sudoers.pod | sed 's/"\\f(CW""\\fR"/\\f(CW""\\fR/' > $(srcdir)/$@) sudoers.cat: sudoers.man install: install-dirs install-binaries install-sudoers install-man install-dirs: - $(SHELL) $(srcdir)/mkinstalldirs $(sudodir) $(visudodir) $(sudoersdir) $(mandir8) $(mandir5) + $(SHELL) $(srcdir)/mkinstalldirs $(sudodir) $(visudodir) $(sudoersdir) $(mandirsu) $(mandirform) install-binaries: $(PROGS) $(INSTALL) -o $(install_uid) -g $(install_gid) -m 4111 -s sudo $(sudodir)/sudo $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0111 -s visudo $(visudodir)/visudo install-sudoers: - @ if [ -f $(sudoersdir)/sudoers ]; then \ + @if [ -f $(sudoersdir)/sudoers ]; then \ echo "Setting user/group and mode on existing $(sudoersdir)/sudoers file."; \ chown $(sudoers_uid) $(sudoersdir)/sudoers; \ chgrp $(sudoers_gid) $(sudoersdir)/sudoers; \ @@ -290,9 +290,9 @@ install-sudoers: fi install-man: - $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudo.$(mantype) $(mandir8)/sudo.$(mansect8) - $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/visudo.$(mantype) $(mandir8)/visudo.$(mansect8) - $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudoers.$(mantype) $(mandir5)/sudoers.$(mansect5) + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudo.$(mantype) $(mandirsu)/sudo.$(mansectsu) + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/visudo.$(mantype) $(mandirsu)/visudo.$(mansectsu) + $(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 $(srcdir)/sudoers.$(mantype) $(mandirform)/sudoers.$(mansectform) @MAN_POSTINSTALL@ check: @@ -305,7 +305,7 @@ TAGS: $(SRCS) etags $(SRCS) clean: - -rm -f *.o $(PROGS) testsudoers core sudo.core visudo.core \ + -rm -f *.o $(PROGS) *.man testsudoers core sudo.core visudo.core \ testsudoers.core mostlyclean: clean diff --git a/aclocal.m4 b/aclocal.m4 index 3903c8840..5339f0b99 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -139,14 +139,15 @@ AC_DEFUN(SUDO_TIMEDIR, [AC_MSG_CHECKING(for timestamp file location) if test -n "$with_timedir"; then AC_MSG_RESULT($with_timedir) AC_DEFINE_UNQUOTED(_PATH_SUDO_TIMEDIR, "$with_timedir") + TIMEDIR="$with_timedir" elif test -d "/var/run"; then AC_MSG_RESULT(/var/run/sudo) AC_DEFINE(_PATH_SUDO_TIMEDIR, "/var/run/sudo") -elif test -d "/tmp"; then + TIMEDIR="/var/run/sudo" +else AC_MSG_RESULT(/tmp/.odus) AC_DEFINE(_PATH_SUDO_TIMEDIR, "/tmp/.odus") -else - AC_MSG_RESULT(unknown, you will have to set _PATH_SUDO_TIMEDIR by hand) + TIMEDIR="/tmp/.odus" fi ])dnl diff --git a/configure b/configure index ffbb124c5..3c800ae99 100755 --- a/configure +++ b/configure @@ -661,6 +661,9 @@ fi echo "Configuring Sudo version 1.6.3" + + + PROGS="sudo visudo" test -n "$MANTYPE" || MANTYPE="man" test -n "$SUDOERS_MODE" || SUDOERS_MODE=0440 @@ -824,7 +827,7 @@ if test "${with_passwd+set}" = set; then EOF echo $ac_n "checking whether to use shadow/passwd file authentication""... $ac_c" 1>&6 -echo "configure:828: checking whether to use shadow/passwd file authentication" >&5 +echo "configure:831: checking whether to use shadow/passwd file authentication" >&5 echo "$ac_t""no" 1>&6 ;; *) { echo "configure: error: "Sorry, --with-passwd does not take an argument."" 1>&2; exit 1; } @@ -845,7 +848,7 @@ if test "${with_skey+set}" = set; then EOF echo $ac_n "checking whether to try S/Key authentication""... $ac_c" 1>&6 -echo "configure:849: checking whether to try S/Key authentication" >&5 +echo "configure:852: checking whether to try S/Key authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} rfc1938.o" ;; @@ -868,7 +871,7 @@ if test "${with_opie+set}" = set; then EOF echo $ac_n "checking whether to try NRL OPIE authentication""... $ac_c" 1>&6 -echo "configure:872: checking whether to try NRL OPIE authentication" >&5 +echo "configure:875: checking whether to try NRL OPIE authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} rfc1938.o" ;; @@ -888,7 +891,7 @@ if test "${with_long_otp_prompt+set}" = set; then EOF echo $ac_n "checking whether to use a two line prompt for OTP authentication""... $ac_c" 1>&6 -echo "configure:892: checking whether to use a two line prompt for OTP authentication" >&5 +echo "configure:895: checking whether to use a two line prompt for OTP authentication" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -908,7 +911,7 @@ if test "${with_SecurID+set}" = set; then EOF echo $ac_n "checking whether to use SecurID for authentication""... $ac_c" 1>&6 -echo "configure:912: checking whether to use SecurID for authentication" >&5 +echo "configure:915: checking whether to use SecurID for authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="securid.o" @@ -926,7 +929,7 @@ if test "${with_fwtk+set}" = set; then EOF echo $ac_n "checking whether to use FWTK AuthSRV for authentication""... $ac_c" 1>&6 -echo "configure:930: checking whether to use FWTK AuthSRV for authentication" >&5 +echo "configure:933: checking whether to use FWTK AuthSRV for authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="fwtk.o" @@ -937,7 +940,7 @@ echo "configure:930: checking whether to use FWTK AuthSRV for authentication" >& EOF echo $ac_n "checking whether to use FWTK AuthSRV for authentication""... $ac_c" 1>&6 -echo "configure:941: checking whether to use FWTK AuthSRV for authentication" >&5 +echo "configure:944: checking whether to use FWTK AuthSRV for authentication" >&5 echo "$ac_t""yes" 1>&6 SUDO_LDFLAGS="${SUDO_LDFLAGS} -L${with_fwtk}" CPPFLAGS="${CPPFLAGS} -I${with_fwtk}" @@ -954,7 +957,7 @@ if test "${with_kerb4+set}" = set; then withval="$with_kerb4" case $with_kerb4 in yes) echo $ac_n "checking whether to try Kerberos 4 authentication""... $ac_c" 1>&6 -echo "configure:958: checking whether to try Kerberos 4 authentication" >&5 +echo "configure:961: checking whether to try Kerberos 4 authentication" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -969,7 +972,7 @@ if test "${with_kerb5+set}" = set; then withval="$with_kerb5" case $with_kerb5 in yes) echo $ac_n "checking whether to try Kerberos 5 authentication""... $ac_c" 1>&6 -echo "configure:973: checking whether to try Kerberos 5 authentication" >&5 +echo "configure:976: checking whether to try Kerberos 5 authentication" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -988,7 +991,7 @@ if test "${with_authenticate+set}" = set; then EOF echo $ac_n "checking whether to use AIX general authentication""... $ac_c" 1>&6 -echo "configure:992: checking whether to use AIX general authentication" >&5 +echo "configure:995: checking whether to use AIX general authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="aix_auth.o" @@ -1009,7 +1012,7 @@ if test "${with_pam+set}" = set; then EOF echo $ac_n "checking whether to use PAM authentication""... $ac_c" 1>&6 -echo "configure:1013: checking whether to use PAM authentication" >&5 +echo "configure:1016: checking whether to use PAM authentication" >&5 echo "$ac_t""yes" 1>&6 with_passwd=no AUTH_OBJS="pam.o" @@ -1030,7 +1033,7 @@ if test "${with_AFS+set}" = set; then EOF echo $ac_n "checking whether to try AFS (kerberos) authentication""... $ac_c" 1>&6 -echo "configure:1034: checking whether to try AFS (kerberos) authentication" >&5 +echo "configure:1037: checking whether to try AFS (kerberos) authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} afs.o" ;; @@ -1050,7 +1053,7 @@ if test "${with_DCE+set}" = set; then EOF echo $ac_n "checking whether to try DCE (kerberos) authentication""... $ac_c" 1>&6 -echo "configure:1054: checking whether to try DCE (kerberos) authentication" >&5 +echo "configure:1057: checking whether to try DCE (kerberos) authentication" >&5 echo "$ac_t""yes" 1>&6 AUTH_OBJS="${AUTH_OBJS} dce.o" ;; @@ -1070,7 +1073,7 @@ if test "${with_logincap+set}" = set; then EOF echo $ac_n "checking whether to try BSD login capabilities database""... $ac_c" 1>&6 -echo "configure:1074: checking whether to try BSD login capabilities database" >&5 +echo "configure:1077: checking whether to try BSD login capabilities database" >&5 echo "$ac_t""yes" 1>&6 ;; no) ;; @@ -1081,7 +1084,7 @@ fi echo $ac_n "checking whether to lecture users the first time they run sudo""... $ac_c" 1>&6 -echo "configure:1085: checking whether to lecture users the first time they run sudo" >&5 +echo "configure:1088: checking whether to lecture users the first time they run sudo" >&5 # Check whether --with-lecture or --without-lecture was given. if test "${with_lecture+set}" = set; then withval="$with_lecture" @@ -1103,7 +1106,7 @@ fi echo $ac_n "checking whether sudo should log via syslog or to a file by default""... $ac_c" 1>&6 -echo "configure:1107: checking whether sudo should log via syslog or to a file by default" >&5 +echo "configure:1110: checking whether sudo should log via syslog or to a file by default" >&5 # Check whether --with-logging or --without-logging was given. if test "${with_logging+set}" = set; then withval="$with_logging" @@ -1142,7 +1145,7 @@ fi echo $ac_n "checking which syslog facility sudo should log with""... $ac_c" 1>&6 -echo "configure:1146: checking which syslog facility sudo should log with" >&5 +echo "configure:1149: checking which syslog facility sudo should log with" >&5 # Check whether --with-logfac or --without-logfac was given. if test "${with_logfac+set}" = set; then withval="$with_logfac" @@ -1169,7 +1172,7 @@ fi echo $ac_n "checking at which syslog priority to log commands""... $ac_c" 1>&6 -echo "configure:1173: checking at which syslog priority to log commands" >&5 +echo "configure:1176: checking at which syslog priority to log commands" >&5 # Check whether --with-goodpri or --without-goodpri was given. if test "${with_goodpri+set}" = set; then withval="$with_goodpri" @@ -1196,7 +1199,7 @@ fi echo $ac_n "checking at which syslog priority to log failures""... $ac_c" 1>&6 -echo "configure:1200: checking at which syslog priority to log failures" >&5 +echo "configure:1203: checking at which syslog priority to log failures" >&5 # Check whether --with-badpri or --without-badpri was given. if test "${with_badpri+set}" = set; then withval="$with_badpri" @@ -1235,7 +1238,7 @@ fi echo $ac_n "checking how long a line in the log file should be""... $ac_c" 1>&6 -echo "configure:1239: checking how long a line in the log file should be" >&5 +echo "configure:1242: checking how long a line in the log file should be" >&5 # Check whether --with-loglen or --without-loglen was given. if test "${with_loglen+set}" = set; then withval="$with_loglen" @@ -1262,7 +1265,7 @@ fi echo $ac_n "checking whether sudo should ignore '.' or '' in \$PATH""... $ac_c" 1>&6 -echo "configure:1266: checking whether sudo should ignore '.' or '' in \$PATH" >&5 +echo "configure:1269: checking whether sudo should ignore '.' or '' in \$PATH" >&5 # Check whether --with-ignore-dot or --without-ignore-dot was given. if test "${with_ignore_dot+set}" = set; then withval="$with_ignore_dot" @@ -1284,7 +1287,7 @@ fi echo $ac_n "checking who should get the mail that sudo sends""... $ac_c" 1>&6 -echo "configure:1288: checking who should get the mail that sudo sends" >&5 +echo "configure:1291: checking who should get the mail that sudo sends" >&5 # Check whether --with-mailto or --without-mailto was given. if test "${with_mailto+set}" = set; then withval="$with_mailto" @@ -1321,7 +1324,7 @@ if test "${with_mailsubject+set}" = set; then EOF echo $ac_n "checking sudo mail subject""... $ac_c" 1>&6 -echo "configure:1325: checking sudo mail subject" >&5 +echo "configure:1328: checking sudo mail subject" >&5 echo "$ac_t""Using alert mail subject: $with_mailsubject" 1>&6 ;; esac @@ -1334,7 +1337,7 @@ fi echo $ac_n "checking whether to send mail when a user is not in sudoers""... $ac_c" 1>&6 -echo "configure:1338: checking whether to send mail when a user is not in sudoers" >&5 +echo "configure:1341: checking whether to send mail when a user is not in sudoers" >&5 # Check whether --with-mail-if-no-user or --without-mail-if-no-user was given. if test "${with_mail_if_no_user+set}" = set; then withval="$with_mail_if_no_user" @@ -1359,7 +1362,7 @@ fi echo $ac_n "checking whether to send mail when user listed but not for this host""... $ac_c" 1>&6 -echo "configure:1363: checking whether to send mail when user listed but not for this host" >&5 +echo "configure:1366: checking whether to send mail when user listed but not for this host" >&5 # Check whether --with-mail-if-no-host or --without-mail-if-no-host was given. if test "${with_mail_if_no_host+set}" = set; then withval="$with_mail_if_no_host" @@ -1381,7 +1384,7 @@ fi echo $ac_n "checking whether to send mail when a user tries a disallowed command""... $ac_c" 1>&6 -echo "configure:1385: checking whether to send mail when a user tries a disallowed command" >&5 +echo "configure:1388: checking whether to send mail when a user tries a disallowed command" >&5 # Check whether --with-mail-if-noperms or --without-mail-if-noperms was given. if test "${with_mail_if_noperms+set}" = set; then withval="$with_mail_if_noperms" @@ -1403,7 +1406,7 @@ fi echo $ac_n "checking for bad password prompt""... $ac_c" 1>&6 -echo "configure:1407: checking for bad password prompt" >&5 +echo "configure:1410: checking for bad password prompt" >&5 # Check whether --with-passprompt or --without-passprompt was given. if test "${with_passprompt+set}" = set; then withval="$with_passprompt" @@ -1428,7 +1431,7 @@ fi echo $ac_n "checking for bad password message""... $ac_c" 1>&6 -echo "configure:1432: checking for bad password message" >&5 +echo "configure:1435: checking for bad password message" >&5 # Check whether --with-badpass-message or --without-badpass-message was given. if test "${with_badpass_message+set}" = set; then withval="$with_badpass_message" @@ -1453,7 +1456,7 @@ fi echo $ac_n "checking whether to expect fully qualified hosts in sudoers""... $ac_c" 1>&6 -echo "configure:1457: checking whether to expect fully qualified hosts in sudoers" >&5 +echo "configure:1460: checking whether to expect fully qualified hosts in sudoers" >&5 # Check whether --with-fqdn or --without-fqdn was given. if test "${with_fqdn+set}" = set; then withval="$with_fqdn" @@ -1553,7 +1556,7 @@ fi echo $ac_n "checking for umask programs should be run with""... $ac_c" 1>&6 -echo "configure:1557: checking for umask programs should be run with" >&5 +echo "configure:1560: checking for umask programs should be run with" >&5 # Check whether --with-umask or --without-umask was given. if test "${with_umask+set}" = set; then withval="$with_umask" @@ -1580,7 +1583,7 @@ fi echo $ac_n "checking for default user to run commands as""... $ac_c" 1>&6 -echo "configure:1584: checking for default user to run commands as" >&5 +echo "configure:1587: checking for default user to run commands as" >&5 # Check whether --with-runas-default or --without-runas-default was given. if test "${with_runas_default+set}" = set; then withval="$with_runas_default" @@ -1617,7 +1620,7 @@ if test "${with_exempt+set}" = set; then EOF echo $ac_n "checking for group to be exempt from password""... $ac_c" 1>&6 -echo "configure:1621: checking for group to be exempt from password" >&5 +echo "configure:1624: checking for group to be exempt from password" >&5 echo "$ac_t""$with_exempt" 1>&6 ;; esac @@ -1625,7 +1628,7 @@ fi echo $ac_n "checking for editor that visudo should use""... $ac_c" 1>&6 -echo "configure:1629: checking for editor that visudo should use" >&5 +echo "configure:1632: checking for editor that visudo should use" >&5 # Check whether --with-editor or --without-editor was given. if test "${with_editor+set}" = set; then withval="$with_editor" @@ -1650,7 +1653,7 @@ fi echo $ac_n "checking whether to obey EDITOR and VISUAL environment variables""... $ac_c" 1>&6 -echo "configure:1654: checking whether to obey EDITOR and VISUAL environment variables" >&5 +echo "configure:1657: checking whether to obey EDITOR and VISUAL environment variables" >&5 # Check whether --with-env-editor or --without-env-editor was given. if test "${with_env_editor+set}" = set; then withval="$with_env_editor" @@ -1672,7 +1675,7 @@ fi echo $ac_n "checking number of tries a user gets to enter their password""... $ac_c" 1>&6 -echo "configure:1676: checking number of tries a user gets to enter their password" >&5 +echo "configure:1679: checking number of tries a user gets to enter their password" >&5 # Check whether --with-passwd-tries or --without-passwd-tries was given. if test "${with_passwd_tries+set}" = set; then withval="$with_passwd_tries" @@ -1703,7 +1706,7 @@ fi echo $ac_n "checking time in minutes after which sudo will ask for a password again""... $ac_c" 1>&6 -echo "configure:1707: checking time in minutes after which sudo will ask for a password again" >&5 +echo "configure:1710: checking time in minutes after which sudo will ask for a password again" >&5 # Check whether --with-timeout or --without-timeout was given. if test "${with_timeout+set}" = set; then withval="$with_timeout" @@ -1738,7 +1741,7 @@ fi echo $ac_n "checking time in minutes after the password prompt will time out""... $ac_c" 1>&6 -echo "configure:1742: checking time in minutes after the password prompt will time out" >&5 +echo "configure:1745: checking time in minutes after the password prompt will time out" >&5 # Check whether --with-password-timeout or --without-password-timeout was given. if test "${with_password_timeout+set}" = set; then withval="$with_password_timeout" @@ -1773,7 +1776,7 @@ fi echo $ac_n "checking whether to use execvp or execv""... $ac_c" 1>&6 -echo "configure:1777: checking whether to use execvp or execv" >&5 +echo "configure:1780: checking whether to use execvp or execv" >&5 # Check whether --with-execv or --without-execv was given. if test "${with_execv+set}" = set; then withval="$with_execv" @@ -1795,7 +1798,7 @@ fi echo $ac_n "checking whether to use per-tty ticket files""... $ac_c" 1>&6 -echo "configure:1799: checking whether to use per-tty ticket files" >&5 +echo "configure:1802: checking whether to use per-tty ticket files" >&5 # Check whether --with-tty-tickets or --without-tty-tickets was given. if test "${with_tty_tickets+set}" = set; then withval="$with_tty_tickets" @@ -1817,7 +1820,7 @@ fi echo $ac_n "checking whether to include insults""... $ac_c" 1>&6 -echo "configure:1821: checking whether to include insults" >&5 +echo "configure:1824: checking whether to include insults" >&5 # Check whether --with-insults or --without-insults was given. if test "${with_insults+set}" = set; then withval="$with_insults" @@ -1922,7 +1925,7 @@ fi if test "$with_insults" = "yes"; then echo $ac_n "checking which insult sets to include""... $ac_c" 1>&6 -echo "configure:1926: checking which insult sets to include" >&5 +echo "configure:1929: checking which insult sets to include" >&5 i="" test "$with_goons_insults" = "yes" && i="goons ${i}" test "$with_hal_insults" = "yes" && i="hal ${i}" @@ -1932,7 +1935,7 @@ echo "configure:1926: checking which insult sets to include" >&5 fi echo $ac_n "checking whether to override the user's path""... $ac_c" 1>&6 -echo "configure:1936: checking whether to override the user's path" >&5 +echo "configure:1939: checking whether to override the user's path" >&5 # Check whether --with-secure-path or --without-secure-path was given. if test "${with_secure_path+set}" = set; then withval="$with_secure_path" @@ -1958,7 +1961,7 @@ fi echo $ac_n "checking whether to get ip addresses from the network interfaces""... $ac_c" 1>&6 -echo "configure:1962: checking whether to get ip addresses from the network interfaces" >&5 +echo "configure:1965: checking whether to get ip addresses from the network interfaces" >&5 # Check whether --with-interfaces or --without-interfaces was given. if test "${with_interfaces+set}" = set; then withval="$with_interfaces" @@ -1981,7 +1984,7 @@ fi echo $ac_n "checking whether to do user authentication by default""... $ac_c" 1>&6 -echo "configure:1985: checking whether to do user authentication by default" >&5 +echo "configure:1988: checking whether to do user authentication by default" >&5 # Check whether --enable-authentication or --disable-authentication was given. if test "${enable_authentication+set}" = set; then enableval="$enable_authentication" @@ -2005,7 +2008,7 @@ fi echo $ac_n "checking whether to disable shadow password support""... $ac_c" 1>&6 -echo "configure:2009: checking whether to disable shadow password support" >&5 +echo "configure:2012: checking whether to disable shadow password support" >&5 # Check whether --enable-shadow or --disable-shadow was given. if test "${enable_shadow+set}" = set; then enableval="$enable_shadow" @@ -2026,7 +2029,7 @@ fi echo $ac_n "checking whether root should be allowed to use sudo""... $ac_c" 1>&6 -echo "configure:2030: checking whether root should be allowed to use sudo" >&5 +echo "configure:2033: checking whether root should be allowed to use sudo" >&5 # Check whether --enable-root-sudo or --disable-root-sudo was given. if test "${enable_root_sudo+set}" = set; then enableval="$enable_root_sudo" @@ -2049,7 +2052,7 @@ fi echo $ac_n "checking whether to log the hostname in the log file""... $ac_c" 1>&6 -echo "configure:2053: checking whether to log the hostname in the log file" >&5 +echo "configure:2056: checking whether to log the hostname in the log file" >&5 # Check whether --enable-log-host or --disable-log-host was given. if test "${enable_log_host+set}" = set; then enableval="$enable_log_host" @@ -2073,7 +2076,7 @@ fi echo $ac_n "checking whether to invoke a shell if sudo is given no arguments""... $ac_c" 1>&6 -echo "configure:2077: checking whether to invoke a shell if sudo is given no arguments" >&5 +echo "configure:2080: checking whether to invoke a shell if sudo is given no arguments" >&5 # Check whether --enable-noargs-shell or --disable-noargs-shell was given. if test "${enable_noargs_shell+set}" = set; then enableval="$enable_noargs_shell" @@ -2097,7 +2100,7 @@ fi echo $ac_n "checking whether to set \$HOME to target user in shell mode""... $ac_c" 1>&6 -echo "configure:2101: checking whether to set \$HOME to target user in shell mode" >&5 +echo "configure:2104: checking whether to set \$HOME to target user in shell mode" >&5 # Check whether --enable-shell-sets-home or --disable-shell-sets-home was given. if test "${enable_shell_sets_home+set}" = set; then enableval="$enable_shell_sets_home" @@ -2121,7 +2124,7 @@ fi echo $ac_n "checking whether to disable 'command not found' messages""... $ac_c" 1>&6 -echo "configure:2125: checking whether to disable 'command not found' messages" >&5 +echo "configure:2128: checking whether to disable 'command not found' messages" >&5 # Check whether --enable-path_info or --disable-path_info was given. if test "${enable_path_info+set}" = set; then enableval="$enable_path_info" @@ -2147,7 +2150,7 @@ fi # Extract the first word of "egrep", so it can be a program name with args. set dummy egrep; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2151: checking for $ac_word" >&5 +echo "configure:2154: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_EGREPPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2182,7 +2185,7 @@ cross_compiling="no" # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2186: checking for $ac_word" >&5 +echo "configure:2189: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2211,7 +2214,7 @@ if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2215: checking for $ac_word" >&5 +echo "configure:2218: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2259,7 +2262,7 @@ fi fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 -echo "configure:2263: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 +echo "configure:2266: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. @@ -2269,11 +2272,11 @@ ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS cross_compiling=$ac_cv_prog_cc_cross cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then ac_cv_prog_cc_works=yes # If we can't run a trivial program, we are probably using a cross compiler. if (./conftest; exit) 2>/dev/null; then @@ -2293,12 +2296,12 @@ if test $ac_cv_prog_cc_works = no; then { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 -echo "configure:2297: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +echo "configure:2300: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 cross_compiling=$ac_cv_prog_cc_cross echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 -echo "configure:2302: checking whether we are using GNU C" >&5 +echo "configure:2305: checking whether we are using GNU C" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2307,7 +2310,7 @@ else yes; #endif EOF -if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2311: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then +if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2314: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ac_cv_prog_gcc=yes else ac_cv_prog_gcc=no @@ -2322,7 +2325,7 @@ if test $ac_cv_prog_gcc = yes; then ac_save_CFLAGS="$CFLAGS" CFLAGS= echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 -echo "configure:2326: checking whether ${CC-cc} accepts -g" >&5 +echo "configure:2329: checking whether ${CC-cc} accepts -g" >&5 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2352,7 +2355,7 @@ fi ac_cv_prog_cc_cross="no" cross_compiling="no" echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 -echo "configure:2356: checking how to run the C preprocessor" >&5 +echo "configure:2359: checking how to run the C preprocessor" >&5 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= @@ -2367,13 +2370,13 @@ else # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2377: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:2380: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then : @@ -2384,13 +2387,13 @@ else rm -rf conftest* CPP="${CC-cc} -E -traditional-cpp" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2394: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:2397: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then : @@ -2413,7 +2416,7 @@ fi echo "$ac_t""$CPP" 1>&6 echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6 -echo "configure:2417: checking for POSIXized ISC" >&5 +echo "configure:2420: checking for POSIXized ISC" >&5 if test -d /etc/conf/kconfig.d && grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 then @@ -2441,7 +2444,7 @@ fi # Extract the first word of "uname", so it can be a program name with args. set dummy uname; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2445: checking for $ac_word" >&5 +echo "configure:2448: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_UNAMEPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2469,7 +2472,7 @@ fi # Extract the first word of "tr", so it can be a program name with args. set dummy tr; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2473: checking for $ac_word" >&5 +echo "configure:2476: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_TRPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2497,7 +2500,7 @@ fi # Extract the first word of "sed", so it can be a program name with args. set dummy sed; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2501: checking for $ac_word" >&5 +echo "configure:2504: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_SEDPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2525,7 +2528,7 @@ fi # Extract the first word of "nroff", so it can be a program name with args. set dummy nroff; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2529: checking for $ac_word" >&5 +echo "configure:2532: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_NROFFPROG'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2580,7 +2583,7 @@ else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; } fi echo $ac_n "checking host system type""... $ac_c" 1>&6 -echo "configure:2584: checking host system type" >&5 +echo "configure:2587: checking host system type" >&5 host_alias=$host case "$host_alias" in @@ -2609,7 +2612,7 @@ if test -n "$sudo_cv_prev_host"; then exit 1 else echo $ac_n "checking previous host type""... $ac_c" 1>&6 -echo "configure:2613: checking previous host type" >&5 +echo "configure:2616: checking previous host type" >&5 if eval "test \"`echo '$''{'sudo_cv_prev_host'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2649,12 +2652,12 @@ case "$host" in # check for password adjunct functions (shadow passwords) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getpwanam""... $ac_c" 1>&6 -echo "configure:2653: checking for getpwanam" >&5 +echo "configure:2656: checking for getpwanam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getpwanam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2684: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getpwanam=yes" else @@ -2697,12 +2700,12 @@ EOF for ac_func in issecure do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2701: checking for $ac_func" >&5 +echo "configure:2704: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2732: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2763,6 +2766,8 @@ fi if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lucb" fi + mansectsu=1m + mansectform=4 ;; *-*-aix*) # To get all prototypes (so we pass -Wall) @@ -2776,7 +2781,7 @@ EOF *-*-hiuxmpp*) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:2780: checking for getprpwnam in -lsec" >&5 +echo "configure:2785: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -2788,7 +2793,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2821,7 +2826,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6 -echo "configure:2825: checking for getprpwnam in -lsecurity" >&5 +echo "configure:2830: checking for getprpwnam in -lsecurity" >&5 if test -n ""; then ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -2833,7 +2838,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsecurity $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2853: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2871,6 +2876,8 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux1[0-9]*) # uncomment this for a statically linked sudo @@ -2891,7 +2898,7 @@ fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:2895: checking for getprpwnam in -lsec" >&5 +echo "configure:2902: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -2903,7 +2910,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2925: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2933,7 +2940,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then #define HAVE_GETPRPWNAM 1 EOF echo $ac_n "checking for iscomsec in -lsec""... $ac_c" 1>&6 -echo "configure:2937: checking for iscomsec in -lsec" >&5 +echo "configure:2944: checking for iscomsec in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'iscomsec | sed 'y% ./+-%___p_%'` else @@ -2945,7 +2952,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2967: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2998,6 +3005,8 @@ fi if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux9*) # uncomment this for a statically linked sudo @@ -3025,12 +3034,12 @@ EOF for ac_func in getspwuid do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3029: checking for $ac_func" >&5 +echo "configure:3038: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3066: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3100,6 +3109,8 @@ done if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux*) @@ -3119,13 +3130,15 @@ EOF if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-dec-osf*) # ignore envariables wrt dynamic lib path SUDO_LDFLAGS="${SUDO_LDFLAGS} -Wl,-no_library_replacement" echo $ac_n "checking whether to disable sia support on Digital UNIX""... $ac_c" 1>&6 -echo "configure:3129: checking whether to disable sia support on Digital UNIX" >&5 +echo "configure:3142: checking whether to disable sia support on Digital UNIX" >&5 # Check whether --enable-sia or --disable-sia was given. if test "${enable_sia+set}" = set; then enableval="$enable_sia" @@ -3149,12 +3162,12 @@ fi # unless overridden on the command line if test "$CHECKSIA" = "true"; then echo $ac_n "checking for sia_ses_init""... $ac_c" 1>&6 -echo "configure:3153: checking for sia_ses_init" >&5 +echo "configure:3166: checking for sia_ses_init" >&5 if eval "test \"`echo '$''{'ac_cv_func_sia_ses_init'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3194: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_sia_ses_init=yes" else @@ -3205,7 +3218,7 @@ fi fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6 -echo "configure:3209: checking for getprpwnam in -lsecurity" >&5 +echo "configure:3222: checking for getprpwnam in -lsecurity" >&5 if test -n ""; then ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -3217,7 +3230,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsecurity $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3245: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3258,12 +3271,12 @@ EOF # -ldb includes bogus versions of snprintf/vsnprintf echo $ac_n "checking for snprintf""... $ac_c" 1>&6 -echo "configure:3262: checking for snprintf" >&5 +echo "configure:3275: checking for snprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_snprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3303: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_snprintf=yes" else @@ -3310,12 +3323,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for vsnprintf""... $ac_c" 1>&6 -echo "configure:3314: checking for vsnprintf" >&5 +echo "configure:3327: checking for vsnprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_vsnprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3355: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_vsnprintf=yes" else @@ -3363,7 +3376,7 @@ fi # 4.x and higher need -ldb too... echo $ac_n "checking for dbopen in -ldb""... $ac_c" 1>&6 -echo "configure:3367: checking for dbopen in -ldb" >&5 +echo "configure:3380: checking for dbopen in -ldb" >&5 if test -n ""; then ac_lib_var=`echo db'_'dbopen | sed 'y% ./+-%___p_%'` else @@ -3375,7 +3388,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldb $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3403: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3410,12 +3423,12 @@ fi for ac_func in dispcrypt do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3414: checking for $ac_func" >&5 +echo "configure:3427: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3455: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3463,9 +3476,9 @@ fi done echo $ac_n "checking for broken /usr/include/prot.h""... $ac_c" 1>&6 -echo "configure:3467: checking for broken /usr/include/prot.h" >&5 +echo "configure:3480: checking for broken /usr/include/prot.h" >&5 cat > conftest.$ac_ext < @@ -3476,7 +3489,7 @@ int main() { exit(0); ; return 0; } EOF -if { (eval echo configure:3480: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3493: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* echo "$ac_t""no" 1>&6 else @@ -3522,7 +3535,7 @@ EOF # IRIX <= 4 needs -lsun if test "$OSREV" -le 4; then echo $ac_n "checking for getpwnam in -lsun""... $ac_c" 1>&6 -echo "configure:3526: checking for getpwnam in -lsun" >&5 +echo "configure:3539: checking for getpwnam in -lsun" >&5 if test -n ""; then ac_lib_var=`echo sun'_'getpwnam | sed 'y% ./+-%___p_%'` else @@ -3534,7 +3547,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsun $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3562: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3566,6 +3579,8 @@ else fi fi + mansectsu=1m + mansectform=4 ;; *-*-linux*) # To get crypt(3) and vasprintf() prototypes (so we pass -Wall) @@ -3577,12 +3592,12 @@ EOF # Some Linux versions need to link with -lshadow if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam""... $ac_c" 1>&6 -echo "configure:3581: checking for getspnam" >&5 +echo "configure:3596: checking for getspnam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getspnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3624: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getspnam=yes" else @@ -3626,7 +3641,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getspnam in -lshadow""... $ac_c" 1>&6 -echo "configure:3630: checking for getspnam in -lshadow" >&5 +echo "configure:3645: checking for getspnam in -lshadow" >&5 if test -n ""; then ac_lib_var=`echo shadow'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3638,7 +3653,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lshadow $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3668: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3688,7 +3703,7 @@ EOF if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:3692: checking for getprpwnam in -lsec" >&5 +echo "configure:3707: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -3700,7 +3715,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3730: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3741,7 +3756,7 @@ fi OS="ultrix" if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getauthuid in -lauth""... $ac_c" 1>&6 -echo "configure:3745: checking for getauthuid in -lauth" >&5 +echo "configure:3760: checking for getauthuid in -lauth" >&5 if test -n ""; then ac_lib_var=`echo auth'_'getauthuid | sed 'y% ./+-%___p_%'` else @@ -3753,7 +3768,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lauth $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3783: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3794,6 +3809,8 @@ fi LIBS="${LIBS} -lsun -lbsd" CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd" OSDEFS="${OSDEFS} -D_MIPS" + mansectsu=1m + mansectform=4 ;; *-*-isc*) OSDEFS="${OSDEFS} -D_ISC" @@ -3803,7 +3820,7 @@ fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam in -lsec""... $ac_c" 1>&6 -echo "configure:3807: checking for getspnam in -lsec" >&5 +echo "configure:3824: checking for getspnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3815,7 +3832,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3847: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3851,11 +3868,13 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-sco*) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam in -lprot""... $ac_c" 1>&6 -echo "configure:3859: checking for getprpwnam in -lprot" >&5 +echo "configure:3878: checking for getprpwnam in -lprot" >&5 if test -n "-lx"; then ac_lib_var=`echo prot'_'getprpwnam-lx | sed 'y% ./+-%___p_%'` else @@ -3867,7 +3886,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lprot -lx $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3901: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3902,7 +3921,7 @@ else fi echo $ac_n "checking for getspnam in -lgen""... $ac_c" 1>&6 -echo "configure:3906: checking for getspnam in -lgen" >&5 +echo "configure:3925: checking for getspnam in -lgen" >&5 if test -n ""; then ac_lib_var=`echo gen'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3914,7 +3933,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lgen $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3948: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3950,11 +3969,13 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-sequent-sysv*) if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam in -lsec""... $ac_c" 1>&6 -echo "configure:3958: checking for getspnam in -lsec" >&5 +echo "configure:3979: checking for getspnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getspnam | sed 'y% ./+-%___p_%'` else @@ -3966,7 +3987,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4002,10 +4023,14 @@ fi CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-ccur-sysv4|*-ccur-sysvr4) LIBS="${LIBS} -lgen" SUDO_LIBS="${SUDO_LIBS} -lgen" + mansectsu=1m + mansectform=4 ;; *-*-bsdi*) # Use shlicc for BSD/OS 2.x unless asked to do otherwise @@ -4015,27 +4040,40 @@ fi ac_cv_prog_CC=shlicc CC="$ac_cv_prog_CC" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-freebsd*) if test "$with_skey" = "yes"; then SUDO_LIBS="${SUDO_LIBS} -lmd" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-*bsd*) if test "$CHECKSHADOW" = "true"; then CHECKSHADOW="false" fi ;; + *-*-sysv*) + mansectsu=1m + mansectform=4 + ;; esac +test -n "$mansectsu" || mansectsu=8 +test -n "$mansectform" || mansectform=5 + if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getspnam""... $ac_c" 1>&6 -echo "configure:4034: checking for getspnam" >&5 +echo "configure:4072: checking for getspnam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getspnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4100: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getspnam=yes" else @@ -4083,12 +4121,12 @@ fi fi if test "$CHECKSHADOW" = "true"; then echo $ac_n "checking for getprpwnam""... $ac_c" 1>&6 -echo "configure:4087: checking for getprpwnam" >&5 +echo "configure:4125: checking for getprpwnam" >&5 if eval "test \"`echo '$''{'ac_cv_func_getprpwnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4153: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getprpwnam=yes" else @@ -4132,7 +4170,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6 -echo "configure:4136: checking for getprpwnam in -lsec" >&5 +echo "configure:4174: checking for getprpwnam in -lsec" >&5 if test -n ""; then ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -4144,7 +4182,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsec $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4197: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4177,7 +4215,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6 -echo "configure:4181: checking for getprpwnam in -lsecurity" >&5 +echo "configure:4219: checking for getprpwnam in -lsecurity" >&5 if test -n ""; then ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -4189,7 +4227,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsecurity $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4242: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4222,7 +4260,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for getprpwnam in -lprot""... $ac_c" 1>&6 -echo "configure:4226: checking for getprpwnam in -lprot" >&5 +echo "configure:4264: checking for getprpwnam in -lprot" >&5 if test -n ""; then ac_lib_var=`echo prot'_'getprpwnam | sed 'y% ./+-%___p_%'` else @@ -4234,7 +4272,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lprot $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4287: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4278,13 +4316,13 @@ fi if test $ac_cv_prog_gcc = yes; then echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6 -echo "configure:4282: checking whether ${CC-cc} needs -traditional" >&5 +echo "configure:4320: checking whether ${CC-cc} needs -traditional" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_pattern="Autoconf.*'x'" cat > conftest.$ac_ext < Autoconf TIOCGETP @@ -4302,7 +4340,7 @@ rm -f conftest* if test $ac_cv_prog_gcc_traditional = no; then cat > conftest.$ac_ext < Autoconf TCGETA @@ -4324,12 +4362,12 @@ echo "$ac_t""$ac_cv_prog_gcc_traditional" 1>&6 fi echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:4328: checking for working const" >&5 +echo "configure:4366: checking for working const" >&5 if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4420: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else @@ -4403,7 +4441,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:4407: checking for $ac_word" >&5 +echo "configure:4445: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -4434,7 +4472,7 @@ test -n "$YACC" || YACC="yacc" if test -z "$with_sendmail"; then echo $ac_n "checking for sendmail""... $ac_c" 1>&6 -echo "configure:4438: checking for sendmail" >&5 +echo "configure:4476: checking for sendmail" >&5 if test -f "/usr/sbin/sendmail"; then echo "$ac_t""/usr/sbin/sendmail" 1>&6 cat >> confdefs.h <<\EOF @@ -4477,7 +4515,7 @@ fi fi echo $ac_n "checking for mv""... $ac_c" 1>&6 -echo "configure:4481: checking for mv" >&5 +echo "configure:4519: checking for mv" >&5 if test -f "/usr/bin/mv"; then echo "$ac_t""/usr/bin/mv" 1>&6 cat >> confdefs.h <<\EOF @@ -4507,7 +4545,7 @@ else fi echo $ac_n "checking for bourne shell""... $ac_c" 1>&6 -echo "configure:4511: checking for bourne shell" >&5 +echo "configure:4549: checking for bourne shell" >&5 if test -f "/bin/sh"; then echo "$ac_t""/bin/sh" 1>&6 cat >> confdefs.h <<\EOF @@ -4561,7 +4599,7 @@ else fi echo $ac_n "checking for vi""... $ac_c" 1>&6 -echo "configure:4565: checking for vi" >&5 +echo "configure:4603: checking for vi" >&5 if test -f "/usr/bin/vi"; then echo "$ac_t""/usr/bin/vi" 1>&6 cat >> confdefs.h <<\EOF @@ -4597,12 +4635,12 @@ else fi echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 -echo "configure:4601: checking for ANSI C header files" >&5 +echo "configure:4639: checking for ANSI C header files" >&5 if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -4610,7 +4648,7 @@ else #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4614: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4652: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4627,7 +4665,7 @@ rm -f conftest* if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -4645,7 +4683,7 @@ fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -4666,7 +4704,7 @@ if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') @@ -4677,7 +4715,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF -if { (eval echo configure:4681: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:4719: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then : else @@ -4705,12 +4743,12 @@ for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6 -echo "configure:4709: checking for $ac_hdr that defines DIR" >&5 +echo "configure:4747: checking for $ac_hdr that defines DIR" >&5 if eval "test \"`echo '$''{'ac_cv_header_dirent_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include <$ac_hdr> @@ -4718,7 +4756,7 @@ int main() { DIR *dirp = 0; ; return 0; } EOF -if { (eval echo configure:4722: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4760: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* eval "ac_cv_header_dirent_$ac_safe=yes" else @@ -4743,7 +4781,7 @@ done # Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. if test $ac_header_dirent = dirent.h; then echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6 -echo "configure:4747: checking for opendir in -ldir" >&5 +echo "configure:4785: checking for opendir in -ldir" >&5 if test -n ""; then ac_lib_var=`echo dir'_'opendir | sed 'y% ./+-%___p_%'` else @@ -4755,7 +4793,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldir $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4788,7 +4826,7 @@ fi else echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6 -echo "configure:4792: checking for opendir in -lx" >&5 +echo "configure:4830: checking for opendir in -lx" >&5 if test -n ""; then ac_lib_var=`echo x'_'opendir | sed 'y% ./+-%___p_%'` else @@ -4800,7 +4838,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lx $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4853: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4837,17 +4875,17 @@ for ac_hdr in string.h strings.h unistd.h malloc.h paths.h utime.h netgroup.h sy do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4841: checking for $ac_hdr" >&5 +echo "configure:4879: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4851: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4889: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4878,17 +4916,17 @@ if test "$OS" != "ultrix"; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4882: checking for $ac_hdr" >&5 +echo "configure:4920: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4892: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4930: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4918,17 +4956,17 @@ done do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4922: checking for $ac_hdr" >&5 +echo "configure:4960: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4932: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4970: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -4951,12 +4989,12 @@ EOF for ac_func in tcgetattr do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:4955: checking for $ac_func" >&5 +echo "configure:4993: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5021: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5010,12 +5048,12 @@ done fi echo $ac_n "checking for mode_t""... $ac_c" 1>&6 -echo "configure:5014: checking for mode_t" >&5 +echo "configure:5052: checking for mode_t" >&5 if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5043,12 +5081,12 @@ EOF fi echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 -echo "configure:5047: checking for uid_t in sys/types.h" >&5 +echo "configure:5085: checking for uid_t in sys/types.h" >&5 if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF @@ -5077,12 +5115,12 @@ EOF fi echo $ac_n "checking for size_t""... $ac_c" 1>&6 -echo "configure:5081: checking for size_t" >&5 +echo "configure:5119: checking for size_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_size_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5112,12 +5150,12 @@ EOF fi echo $ac_n "checking for ssize_t""... $ac_c" 1>&6 -echo "configure:5116: checking for ssize_t" >&5 +echo "configure:5154: checking for ssize_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_ssize_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5147,12 +5185,12 @@ EOF fi echo $ac_n "checking for dev_t""... $ac_c" 1>&6 -echo "configure:5151: checking for dev_t" >&5 +echo "configure:5189: checking for dev_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_dev_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5182,12 +5220,12 @@ EOF fi echo $ac_n "checking for ino_t""... $ac_c" 1>&6 -echo "configure:5186: checking for ino_t" >&5 +echo "configure:5224: checking for ino_t" >&5 if eval "test \"`echo '$''{'sudo_cv_type_ino_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -5217,9 +5255,9 @@ EOF fi echo $ac_n "checking for full void implementation""... $ac_c" 1>&6 -echo "configure:5221: checking for full void implementation" >&5 +echo "configure:5259: checking for full void implementation" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:5269: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define VOID void @@ -5247,7 +5285,7 @@ fi rm -f conftest* echo $ac_n "checking max length of uid_t""... $ac_c" 1>&6 -echo "configure:5251: checking max length of uid_t" >&5 +echo "configure:5289: checking max length of uid_t" >&5 if eval "test \"`echo '$''{'sudo_cv_uid_t_len'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5256,7 +5294,7 @@ if test "$cross_compiling" = yes; then { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext < #include @@ -5277,7 +5315,7 @@ main() { exit(0); } EOF -if { (eval echo configure:5281: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5319: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_uid_t_len=`cat conftestdata` else @@ -5300,16 +5338,16 @@ EOF echo $ac_n "checking for long long support""... $ac_c" 1>&6 -echo "configure:5304: checking for long long support" >&5 +echo "configure:5342: checking for long long support" >&5 cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5351: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_LONG_LONG 1 @@ -5319,11 +5357,11 @@ if test "$cross_compiling" = yes; then { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5365: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then cat >> confdefs.h <<\EOF #define LONG_IS_QUAD 1 @@ -5345,7 +5383,7 @@ else fi rm -f conftest* echo $ac_n "checking for sa_len field in struct sockaddr""... $ac_c" 1>&6 -echo "configure:5349: checking for sa_len field in struct sockaddr" >&5 +echo "configure:5387: checking for sa_len field in struct sockaddr" >&5 if eval "test \"`echo '$''{'sudo_cv_sock_sa_len'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5353,7 +5391,7 @@ else sudo_cv_sock_sa_len=no else cat > conftest.$ac_ext < #include @@ -5363,7 +5401,7 @@ s.sa_len = 0; exit(0); } EOF -if { (eval echo configure:5367: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5405: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_sock_sa_len=yes else @@ -5388,12 +5426,12 @@ fi case "$DEFS" in *"RETSIGTYPE"*) ;; *) echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 -echo "configure:5392: checking return type of signal handlers" >&5 +echo "configure:5430: checking return type of signal handlers" >&5 if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -5410,7 +5448,7 @@ int main() { int i; ; return 0; } EOF -if { (eval echo configure:5414: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:5452: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_type_signal=void else @@ -5432,12 +5470,12 @@ esac for ac_func in strchr strrchr memchr memcpy memset sysconf sigaction tzset seteuid strftime setrlimit initgroups fstat do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5436: checking for $ac_func" >&5 +echo "configure:5474: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5502: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5488,12 +5526,12 @@ if test -n "$SECUREWARE"; then for ac_func in bigcrypt do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5492: checking for $ac_func" >&5 +echo "configure:5530: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5558: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5543,12 +5581,12 @@ done for ac_func in set_auth_parameters do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5547: checking for $ac_func" >&5 +echo "configure:5585: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5613: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5598,12 +5636,12 @@ done for ac_func in initprivs do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5602: checking for $ac_func" >&5 +echo "configure:5640: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5668: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5653,12 +5691,12 @@ done fi if test -z "$BROKEN_GETCWD"; then echo $ac_n "checking for getcwd""... $ac_c" 1>&6 -echo "configure:5657: checking for getcwd" >&5 +echo "configure:5695: checking for getcwd" >&5 if eval "test \"`echo '$''{'ac_cv_func_getcwd'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5723: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_getcwd=yes" else @@ -5706,12 +5744,12 @@ fi fi echo $ac_n "checking for lockf""... $ac_c" 1>&6 -echo "configure:5710: checking for lockf" >&5 +echo "configure:5748: checking for lockf" >&5 if eval "test \"`echo '$''{'ac_cv_func_lockf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5776: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_lockf=yes" else @@ -5757,12 +5795,12 @@ else for ac_func in flock do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5761: checking for $ac_func" >&5 +echo "configure:5799: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5827: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5812,12 +5850,12 @@ done fi echo $ac_n "checking for waitpid""... $ac_c" 1>&6 -echo "configure:5816: checking for waitpid" >&5 +echo "configure:5854: checking for waitpid" >&5 if eval "test \"`echo '$''{'ac_cv_func_waitpid'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5882: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_waitpid=yes" else @@ -5863,12 +5901,12 @@ else for ac_func in wait3 do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5867: checking for $ac_func" >&5 +echo "configure:5905: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5933: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -5918,12 +5956,12 @@ done fi echo $ac_n "checking for innetgr""... $ac_c" 1>&6 -echo "configure:5922: checking for innetgr" >&5 +echo "configure:5960: checking for innetgr" >&5 if eval "test \"`echo '$''{'ac_cv_func_innetgr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:5988: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_innetgr=yes" else @@ -5966,12 +6004,12 @@ EOF for ac_func in getdomainname do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5970: checking for $ac_func" >&5 +echo "configure:6008: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -6023,12 +6061,12 @@ else fi echo $ac_n "checking for lsearch""... $ac_c" 1>&6 -echo "configure:6027: checking for lsearch" >&5 +echo "configure:6065: checking for lsearch" >&5 if eval "test \"`echo '$''{'ac_cv_func_lsearch'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6093: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_lsearch=yes" else @@ -6072,7 +6110,7 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for lsearch in -lcompat""... $ac_c" 1>&6 -echo "configure:6076: checking for lsearch in -lcompat" >&5 +echo "configure:6114: checking for lsearch in -lcompat" >&5 if test -n ""; then ac_lib_var=`echo compat'_'lsearch | sed 'y% ./+-%___p_%'` else @@ -6084,7 +6122,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcompat $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6137: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6112,17 +6150,17 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_safe=`echo "search.h" | sed 'y%./+-%__p_%'` echo $ac_n "checking for search.h""... $ac_c" 1>&6 -echo "configure:6116: checking for search.h" >&5 +echo "configure:6154: checking for search.h" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6126: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:6164: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out` if test -z "$ac_err"; then rm -rf conftest* @@ -6155,12 +6193,12 @@ fi fi echo $ac_n "checking for setenv""... $ac_c" 1>&6 -echo "configure:6159: checking for setenv" >&5 +echo "configure:6197: checking for setenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_setenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6225: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_setenv=yes" else @@ -6204,12 +6242,12 @@ EOF else echo "$ac_t""no" 1>&6 echo $ac_n "checking for putenv""... $ac_c" 1>&6 -echo "configure:6208: checking for putenv" >&5 +echo "configure:6246: checking for putenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_putenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6274: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_putenv=yes" else @@ -6258,12 +6296,12 @@ fi fi echo $ac_n "checking for utime""... $ac_c" 1>&6 -echo "configure:6262: checking for utime" >&5 +echo "configure:6300: checking for utime" >&5 if eval "test \"`echo '$''{'ac_cv_func_utime'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6328: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_utime=yes" else @@ -6305,7 +6343,7 @@ if eval "test \"`echo '$ac_cv_func_'utime`\" = yes"; then EOF echo $ac_n "checking for POSIX utime""... $ac_c" 1>&6 -echo "configure:6309: checking for POSIX utime" >&5 +echo "configure:6347: checking for POSIX utime" >&5 if eval "test \"`echo '$''{'sudo_cv_func_utime_posix'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -6314,7 +6352,7 @@ if test "$cross_compiling" = yes; then sudo_cv_func_utime_posix=no else cat > conftest.$ac_ext < #include @@ -6326,7 +6364,7 @@ utime("conftestdata", &ut); exit(0); } EOF -if { (eval echo configure:6330: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:6368: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_func_utime_posix=yes else @@ -6354,7 +6392,7 @@ LIBOBJS="$LIBOBJS utime.o" fi echo $ac_n "checking for working fnmatch""... $ac_c" 1>&6 -echo "configure:6358: checking for working fnmatch" >&5 +echo "configure:6396: checking for working fnmatch" >&5 if eval "test \"`echo '$''{'sudo_cv_func_fnmatch'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -6363,13 +6401,13 @@ if test "$cross_compiling" = yes; then sudo_cv_func_fnmatch=no else cat > conftest.$ac_ext < main() { exit(fnmatch("/*/bin/echo *", "/usr/bin/echo just a test", 0)); } EOF -if { (eval echo configure:6373: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:6411: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then sudo_cv_func_fnmatch=yes else @@ -6396,12 +6434,12 @@ fi for ac_func in strerror strcasecmp do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:6400: checking for $ac_func" >&5 +echo "configure:6438: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6466: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -6451,12 +6489,12 @@ done echo $ac_n "checking for snprintf""... $ac_c" 1>&6 -echo "configure:6455: checking for snprintf" >&5 +echo "configure:6493: checking for snprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_snprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6521: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_snprintf=yes" else @@ -6503,12 +6541,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for vsnprintf""... $ac_c" 1>&6 -echo "configure:6507: checking for vsnprintf" >&5 +echo "configure:6545: checking for vsnprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_vsnprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6573: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_vsnprintf=yes" else @@ -6555,12 +6593,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for asprintf""... $ac_c" 1>&6 -echo "configure:6559: checking for asprintf" >&5 +echo "configure:6597: checking for asprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_asprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6625: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_asprintf=yes" else @@ -6607,12 +6645,12 @@ NEED_SNPRINTF=1 fi echo $ac_n "checking for vasprintf""... $ac_c" 1>&6 -echo "configure:6611: checking for vasprintf" >&5 +echo "configure:6649: checking for vasprintf" >&5 if eval "test \"`echo '$''{'ac_cv_func_vasprintf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6677: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_vasprintf=yes" else @@ -6663,12 +6701,12 @@ if test -n "$NEED_SNPRINTF"; then fi if test -z "$LIB_CRYPT"; then echo $ac_n "checking for crypt""... $ac_c" 1>&6 -echo "configure:6667: checking for crypt" >&5 +echo "configure:6705: checking for crypt" >&5 if eval "test \"`echo '$''{'ac_cv_func_crypt'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6733: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_crypt=yes" else @@ -6709,7 +6747,7 @@ if eval "test \"`echo '$ac_cv_func_'crypt`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6 -echo "configure:6713: checking for crypt in -lcrypt" >&5 +echo "configure:6751: checking for crypt in -lcrypt" >&5 if test -n ""; then ac_lib_var=`echo crypt'_'crypt | sed 'y% ./+-%___p_%'` else @@ -6721,7 +6759,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6774: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6751,7 +6789,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lcrypt_d""... $ac_c" 1>&6 -echo "configure:6755: checking for crypt in -lcrypt_d" >&5 +echo "configure:6793: checking for crypt in -lcrypt_d" >&5 if test -n ""; then ac_lib_var=`echo crypt_d'_'crypt | sed 'y% ./+-%___p_%'` else @@ -6763,7 +6801,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt_d $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6816: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6793,7 +6831,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lufc""... $ac_c" 1>&6 -echo "configure:6797: checking for crypt in -lufc" >&5 +echo "configure:6835: checking for crypt in -lufc" >&5 if test -n ""; then ac_lib_var=`echo ufc'_'crypt | sed 'y% ./+-%___p_%'` else @@ -6805,7 +6843,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lufc $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6858: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6844,12 +6882,12 @@ fi fi echo $ac_n "checking for socket""... $ac_c" 1>&6 -echo "configure:6848: checking for socket" >&5 +echo "configure:6886: checking for socket" >&5 if eval "test \"`echo '$''{'ac_cv_func_socket'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6914: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_socket=yes" else @@ -6890,7 +6928,7 @@ if eval "test \"`echo '$ac_cv_func_'socket`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 -echo "configure:6894: checking for socket in -lsocket" >&5 +echo "configure:6932: checking for socket in -lsocket" >&5 if test -n ""; then ac_lib_var=`echo socket'_'socket | sed 'y% ./+-%___p_%'` else @@ -6902,7 +6940,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6955: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6932,7 +6970,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6 -echo "configure:6936: checking for socket in -linet" >&5 +echo "configure:6974: checking for socket in -linet" >&5 if test -n ""; then ac_lib_var=`echo inet'_'socket | sed 'y% ./+-%___p_%'` else @@ -6944,7 +6982,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:6997: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6975,7 +7013,7 @@ else echo "$ac_t""no" 1>&6 echo "configure: warning: unable to find socket() trying -lsocket -lnsl" 1>&2 echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 -echo "configure:6979: checking for socket in -lsocket" >&5 +echo "configure:7017: checking for socket in -lsocket" >&5 if test -n "-lnsl"; then ac_lib_var=`echo socket'_'socket-lnsl | sed 'y% ./+-%___p_%'` else @@ -6987,7 +7025,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket -lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7040: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7025,12 +7063,12 @@ fi fi echo $ac_n "checking for inet_addr""... $ac_c" 1>&6 -echo "configure:7029: checking for inet_addr" >&5 +echo "configure:7067: checking for inet_addr" >&5 if eval "test \"`echo '$''{'ac_cv_func_inet_addr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7095: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_inet_addr=yes" else @@ -7071,7 +7109,7 @@ if eval "test \"`echo '$ac_cv_func_'inet_addr`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for inet_addr in -lnsl""... $ac_c" 1>&6 -echo "configure:7075: checking for inet_addr in -lnsl" >&5 +echo "configure:7113: checking for inet_addr in -lnsl" >&5 if test -n ""; then ac_lib_var=`echo nsl'_'inet_addr | sed 'y% ./+-%___p_%'` else @@ -7083,7 +7121,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7136: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7113,7 +7151,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for inet_addr in -linet""... $ac_c" 1>&6 -echo "configure:7117: checking for inet_addr in -linet" >&5 +echo "configure:7155: checking for inet_addr in -linet" >&5 if test -n ""; then ac_lib_var=`echo inet'_'inet_addr | sed 'y% ./+-%___p_%'` else @@ -7125,7 +7163,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7178: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7156,7 +7194,7 @@ else echo "$ac_t""no" 1>&6 echo "configure: warning: unable to find socket() trying -lsocket -lnsl" 1>&2 echo $ac_n "checking for inet_addr in -lsocket""... $ac_c" 1>&6 -echo "configure:7160: checking for inet_addr in -lsocket" >&5 +echo "configure:7198: checking for inet_addr in -lsocket" >&5 if test -n "-lnsl"; then ac_lib_var=`echo socket'_'inet_addr-lnsl | sed 'y% ./+-%___p_%'` else @@ -7168,7 +7206,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket -lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7221: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7206,12 +7244,12 @@ fi fi echo $ac_n "checking for syslog""... $ac_c" 1>&6 -echo "configure:7210: checking for syslog" >&5 +echo "configure:7248: checking for syslog" >&5 if eval "test \"`echo '$''{'ac_cv_func_syslog'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7276: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_syslog=yes" else @@ -7252,7 +7290,7 @@ if eval "test \"`echo '$ac_cv_func_'syslog`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for syslog in -lsocket""... $ac_c" 1>&6 -echo "configure:7256: checking for syslog in -lsocket" >&5 +echo "configure:7294: checking for syslog in -lsocket" >&5 if test -n ""; then ac_lib_var=`echo socket'_'syslog | sed 'y% ./+-%___p_%'` else @@ -7264,7 +7302,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7317: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7294,7 +7332,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for syslog in -lnsl""... $ac_c" 1>&6 -echo "configure:7298: checking for syslog in -lnsl" >&5 +echo "configure:7336: checking for syslog in -lnsl" >&5 if test -n ""; then ac_lib_var=`echo nsl'_'syslog | sed 'y% ./+-%___p_%'` else @@ -7306,7 +7344,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7359: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7336,7 +7374,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then else echo "$ac_t""no" 1>&6 echo $ac_n "checking for syslog in -linet""... $ac_c" 1>&6 -echo "configure:7340: checking for syslog in -linet" >&5 +echo "configure:7378: checking for syslog in -linet" >&5 if test -n ""; then ac_lib_var=`echo inet'_'syslog | sed 'y% ./+-%___p_%'` else @@ -7348,7 +7386,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7401: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -7389,19 +7427,19 @@ if test "$with_DCE" = "yes" -o "$ac_cv_prog_YACC" = "bison -y"; then # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works # for constant arguments. Useless! echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6 -echo "configure:7393: checking for working alloca.h" >&5 +echo "configure:7431: checking for working alloca.h" >&5 if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { char *p = alloca(2 * sizeof(int)); ; return 0; } EOF -if { (eval echo configure:7405: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7443: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_header_alloca_h=yes else @@ -7422,12 +7460,12 @@ EOF fi echo $ac_n "checking for alloca""... $ac_c" 1>&6 -echo "configure:7426: checking for alloca" >&5 +echo "configure:7464: checking for alloca" >&5 if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7492: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_func_alloca_works=yes else @@ -7482,12 +7520,12 @@ EOF echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6 -echo "configure:7486: checking whether alloca needs Cray hooks" >&5 +echo "configure:7524: checking whether alloca needs Cray hooks" >&5 if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&6 if test $ac_cv_os_cray = yes; then for ac_func in _getb67 GETB67 getb67; do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7516: checking for $ac_func" >&5 +echo "configure:7554: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7582: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -7567,7 +7605,7 @@ done fi echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6 -echo "configure:7571: checking stack direction for C alloca" >&5 +echo "configure:7609: checking stack direction for C alloca" >&5 if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7575,7 +7613,7 @@ else ac_cv_c_stack_direction=0 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null then ac_cv_c_stack_direction=1 else @@ -7648,21 +7686,21 @@ fi if test "$with_pam" = "yes"; then echo $ac_n "checking for -ldl""... $ac_c" 1>&6 -echo "configure:7652: checking for -ldl" >&5 +echo "configure:7690: checking for -ldl" >&5 if eval "test \"`echo '$''{'ac_cv_lib_dl'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-ldl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7704: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_lib_dl=yes else @@ -7712,21 +7750,21 @@ EOF fi echo $ac_n "checking for -ldes""... $ac_c" 1>&6 -echo "configure:7716: checking for -ldes" >&5 +echo "configure:7754: checking for -ldes" >&5 if eval "test \"`echo '$''{'ac_cv_lib_des'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-ldes $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:7768: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* ac_cv_lib_des=yes else @@ -7854,7 +7892,7 @@ if test "$with_authenticate" = "yes"; then fi echo $ac_n "checking for log file location""... $ac_c" 1>&6 -echo "configure:7858: checking for log file location" >&5 +echo "configure:7896: checking for log file location" >&5 if test -n "$with_logpath"; then echo "$ac_t""$with_logpath" 1>&6 cat >> confdefs.h <&6 -echo "configure:7888: checking for timestamp file location" >&5 +echo "configure:7926: checking for timestamp file location" >&5 if test -n "$with_timedir"; then echo "$ac_t""$with_timedir" 1>&6 cat >> confdefs.h <&6 cat >> confdefs.h <<\EOF #define _PATH_SUDO_TIMEDIR "/var/run/sudo" EOF -elif test -d "/tmp"; then + TIMEDIR="/var/run/sudo" +else echo "$ac_t""/tmp/.odus" 1>&6 cat >> confdefs.h <<\EOF #define _PATH_SUDO_TIMEDIR "/tmp/.odus" EOF -else - echo "$ac_t""unknown" 1>&6 + TIMEDIR="/tmp/.odus" fi @@ -8038,7 +8077,7 @@ done ac_given_srcdir=$srcdir -trap 'rm -fr `echo "Makefile config.h pathnames.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 +trap 'rm -fr `echo "Makefile sudo.man visudo.man sudoers.man config.h pathnames.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then diff --git a/configure.in b/configure.in index c381071e4..d31ed1d70 100644 --- a/configure.in +++ b/configure.in @@ -30,7 +30,10 @@ AC_SUBST(MAN_POSTINSTALL)dnl AC_SUBST(SUDOERS_MODE)dnl AC_SUBST(SUDOERS_UID)dnl AC_SUBST(SUDOERS_GID)dnl +AC_SUBST(TIMEDIR) AC_SUBST(DEV) +AC_SUBST(mansectsu) +AC_SUBST(mansectform) dnl dnl Initial values for Makefile variables listed above dnl Some may be overridden by environment variables.. @@ -1023,6 +1026,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lucb" fi + mansectsu=1m + mansectform=4 ;; *-*-aix*) # To get all prototypes (so we pass -Wall) @@ -1035,6 +1040,8 @@ case "$host" in AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"; SECUREWARE=1], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"; SECUREWARE=1])) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux1[[0-9]]*) # uncomment this for a statically linked sudo @@ -1070,6 +1077,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux9*) # uncomment this for a statically linked sudo @@ -1115,6 +1124,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-*-hpux*) @@ -1131,6 +1142,8 @@ case "$host" in if test "$with_AFS" = "yes"; then AFS_LIBS="-lc -lBSD" fi + mansectsu=1m + mansectform=4 ;; *-dec-osf*) # ignore envariables wrt dynamic lib path @@ -1213,6 +1226,8 @@ case "$host" in if test "$OSREV" -le 4; then AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"]) fi + mansectsu=1m + mansectform=4 ;; *-*-linux*) # To get crypt(3) and vasprintf() prototypes (so we pass -Wall) @@ -1246,6 +1261,8 @@ case "$host" in LIBS="${LIBS} -lsun -lbsd" CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd" OSDEFS="${OSDEFS} -D_MIPS" + mansectsu=1m + mansectform=4 ;; *-*-isc*) OSDEFS="${OSDEFS} -D_ISC" @@ -1257,6 +1274,8 @@ case "$host" in AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"]) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-*-sco*) if test "$CHECKSHADOW" = "true"; then @@ -1264,16 +1283,22 @@ case "$host" in AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"]) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-sequent-sysv*) if test "$CHECKSHADOW" = "true"; then AC_CHECK_LIB(sec, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"]) CHECKSHADOW="false" fi + mansectsu=1m + mansectform=4 ;; *-ccur-sysv4|*-ccur-sysvr4) LIBS="${LIBS} -lgen" SUDO_LIBS="${SUDO_LIBS} -lgen" + mansectsu=1m + mansectform=4 ;; *-*-bsdi*) # Use shlicc for BSD/OS 2.x unless asked to do otherwise @@ -1283,19 +1308,35 @@ case "$host" in ac_cv_prog_CC=shlicc CC="$ac_cv_prog_CC" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-freebsd*) if test "$with_skey" = "yes"; then SUDO_LIBS="${SUDO_LIBS} -lmd" fi + if test "$CHECKSHADOW" = "true"; then + CHECKSHADOW="false" + fi ;; *-*-*bsd*) if test "$CHECKSHADOW" = "true"; then CHECKSHADOW="false" fi ;; + *-*-sysv*) + mansectsu=1m + mansectform=4 + ;; esac +dnl +dnl Use BSD-style man sections by default +dnl +test -n "$mansectsu" || mansectsu=8 +test -n "$mansectform" || mansectform=5 + dnl dnl Check for shadow password routines if we have not already done so. dnl We check for SVR4-style first and then SecureWare-style. @@ -1655,9 +1696,9 @@ dnl test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)' dnl -dnl Substitute into the Makefiles +dnl Substitute into the Makefile and man pages dnl -AC_OUTPUT(Makefile) +AC_OUTPUT([Makefile sudo.man visudo.man sudoers.man]) dnl dnl Spew any text the user needs to know about diff --git a/sudo.cat b/sudo.cat index 99cde97ef..663e6ac8f 100644 --- a/sudo.cat +++ b/sudo.cat @@ -9,7 +9,8 @@ NNNNAAAAMMMMEEEE SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS ssssuuuuddddoooo ----VVVV | ----hhhh | ----llll | ----LLLL | ----vvvv | ----kkkk | ----KKKK | ----ssss | [ ----HHHH ] [----SSSS ] - [ ----bbbb ] | [ ----pppp prompt ] [ ----uuuu username/#uid ] _c_o_m_m_a_n_d + [ ----bbbb ] | [ ----pppp prompt ] [ ----cccc class|- ] [ ----uuuu username/#uid ] + _c_o_m_m_a_n_d DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN ssssuuuuddddoooo allows a permitted user to execute a _c_o_m_m_a_n_d as the @@ -60,8 +61,7 @@ OOOOPPPPTTTTIIIIOOOONNNNSSSS - -26/Feb/2000 1.6.3 1 +22/Mar/2000 1.6.3 1 @@ -102,7 +102,21 @@ sudo(8) MAINTENANCE COMMANDS sudo(8) replaced with the user's login name. Similarly, %h will be replaced with the local hostname. - -u The -u (_u_s_e_r) option causes sudo to run the specified + -c The -c (_c_l_a_s_s) option causes ssssuuuuddddoooo to run the specified + command with resources limited by the specified login + class. The _c_l_a_s_s argument can be either a class name + as defined in /etc/login.conf, or a single '-' + character. Specifying the _c_l_a_s_s as '-' means that the + command should be run restricted by the default login + capibilities of the user the command is run as. If + the _c_l_a_s_s argument specifies an existing user class, + the command must be run as root, or the ssssuuuuddddoooo command + must be run from a shell that is already root. This + option is only available on systems with BSD login + classes where ssssuuuuddddoooo has been configured with the + --with-logincap option. + + -u The -u (_u_s_e_r) option causes ssssuuuuddddoooo to run the specified command as a user other than _r_o_o_t. To specify a _u_i_d instead of a _u_s_e_r_n_a_m_e, use "#uid". @@ -110,6 +124,18 @@ sudo(8) MAINTENANCE COMMANDS sudo(8) _S_H_E_L_L environment variable if it is set or the shell as specified in _p_a_s_s_w_d(5). + + + +22/Mar/2000 1.6.3 2 + + + + + +sudo(8) MAINTENANCE COMMANDS sudo(8) + + -H The -H (_H_O_M_E) option sets the _H_O_M_E environment variable to the homedir of the target user (root by default) as specified in _p_a_s_s_w_d(5). By default, ssssuuuuddddoooo @@ -124,18 +150,6 @@ sudo(8) MAINTENANCE COMMANDS sudo(8) RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEESSSS ssssuuuuddddoooo quits with an exit value of 1 if there is a - - - -26/Feb/2000 1.6.3 2 - - - - - -sudo(8) MAINTENANCE COMMANDS sudo(8) - - configuration/permission problem or if ssssuuuuddddoooo cannot execute the given command. In the latter case the error string is printed to stderr. If ssssuuuuddddoooo cannot _s_t_a_t(2) one or more @@ -173,27 +187,13 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE statically. ssssuuuuddddoooo will check the ownership of its timestamp directory - (_/_v_a_r_/_r_u_n_/_s_u_d_o or _/_t_m_p_/_._o_d_u_s by default) and ignore the - directory's contents if it is not owned by root and only - writable by root. On systems that allow non-root users to - give away files via _c_h_o_w_n(2), if the timestamp directory - is located in a directory writable by anyone (ie: _/_t_m_p), - it is possible for a user to create the timestamp - directory before ssssuuuuddddoooo is run. However, because ssssuuuuddddoooo - checks the ownership and mode of the directory and its - contents, the only damage that can be done is to "hide" - files by putting them in the timestamp dir. This is - unlikely to happen since once the timestamp dir is owned - by root and inaccessible by any other user the user - placing files there would be unable to get them back out. - To get around this issue you can use a directory that is - not world-writable for the timestamps (_/_v_a_r_/_a_d_m_/_s_u_d_o for - instance) or create /tmp/.odus with the appropriate owner - (root) and permissions (0700) in the system startup files. + (_/_v_a_r_/_r_u_n_/_s_u_d_o by default) and ignore the directory's + contents if it is not owned by root and only writable by + root. On systems that allow non-root users to give away -26/Feb/2000 1.6.3 3 +22/Mar/2000 1.6.3 3 @@ -202,6 +202,21 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE sudo(8) MAINTENANCE COMMANDS sudo(8) + files via _c_h_o_w_n(2), if the timestamp directory is located + in a directory writable by anyone (eg: _/_t_m_p), it is + possible for a user to create the timestamp directory + before ssssuuuuddddoooo is run. However, because ssssuuuuddddoooo checks the + ownership and mode of the directory and its contents, the + only damage that can be done is to "hide" files by putting + them in the timestamp dir. This is unlikely to happen + since once the timestamp dir is owned by root and + inaccessible by any other user the user placing files + there would be unable to get them back out. To get around + this issue you can use a directory that is not world- + writable for the timestamps (_/_v_a_r_/_a_d_m_/_s_u_d_o for instance) + or create _/_v_a_r_/_r_u_n_/_s_u_d_o with the appropriate owner (root) + and permissions (0700) in the system startup files. + ssssuuuuddddoooo will not honor timestamps set far in the future. Timestamps with a date greater than current_time + 2 * TIMEOUT will be ignored and sudo will log and complain. @@ -241,25 +256,10 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT ssssuuuuddddoooo utilizes the following environment variables: - PATH Set to a sane value if SECURE_PATH is set - SHELL Used to determine shell to run with -s option - USER Set to the target user (root unless the -u option - is specified) - HOME In -s or -H mode (or if sudo was configured with - the --enable-shell-sets-home option), set to - homedir of the target user. - SUDO_PROMPT Used as the default password prompt - SUDO_COMMAND Set to the command run by sudo - SUDO_USER Set to the login of the user who invoked sudo - SUDO_UID Set to the uid of the user who invoked sudo - SUDO_GID Set to the gid of the user who invoked sudo - SUDO_PS1 If set, PS1 will be set to its value - - -26/Feb/2000 1.6.3 4 +22/Mar/2000 1.6.3 4 @@ -268,12 +268,6 @@ EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT sudo(8) MAINTENANCE COMMANDS sudo(8) -FFFFIIIILLLLEEEESSSS - /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - - ssssuuuuddddoooo utilizes the following environment variables: - PATH Set to a sane value if SECURE_PATH is set SHELL Used to determine shell to run with -s option USER Set to the target user (root unless the -u option @@ -291,8 +285,7 @@ FFFFIIIILLLLEEEESSSS FFFFIIIILLLLEEEESSSS /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - /tmp/.odus Same as above if no /var/run exists + /var/run/sudo Directory containing timestamps AAAAUUUUTTTTHHHHOOOORRRRSSSS @@ -322,10 +315,17 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS escapes. If users have sudo ALL there is nothing to prevent them + from creating their own program that gives them a root + shell regardless of any '!' elements in the user + specification. + + Running shell scripts via ssssuuuuddddoooo can expose the same kernel + bugs that make setuid shell scripts unsafe on some + operating systems (if your OS supports the /dev/fd/ -26/Feb/2000 1.6.3 5 +22/Mar/2000 1.6.3 5 @@ -334,17 +334,10 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS sudo(8) MAINTENANCE COMMANDS sudo(8) - from creating their own program that gives them a root - shell regardless of any '!' elements in the user - specification. - - Running shell scripts via ssssuuuuddddoooo can expose the same kernel - bugs that make setuid shell scripts unsafe on some - operating systems (if your OS supports the /dev/fd/ directory, setuid shell scripts are generally safe). SSSSEEEEEEEE AAAALLLLSSSSOOOO - _s_u_d_o_e_r_s(5), _v_i_s_u_d_o(8), _s_u(1). + _l_o_g_i_n___c_a_p(3), _s_u_d_o_e_r_s(5), _v_i_s_u_d_o(8), _s_u(1). @@ -391,6 +384,13 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO -26/Feb/2000 1.6.3 6 + + + + + + + +22/Mar/2000 1.6.3 6 diff --git a/sudo.man.in b/sudo.man.in index c45b76d3b..4a22bb9d1 100644 --- a/sudo.man.in +++ b/sudo.man.in @@ -2,8 +2,12 @@ ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ -''' Revision 1.1 2000/03/23 00:17:29 millert -''' configure does substitution on these to produce *.man +''' Revision 1.2 2000/03/23 00:35:58 millert +''' Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from +''' Michael D. Marchionna. +''' configure now does substitution on the man pages, allowing us to +''' fix up the paths and set the section correctly. Based on an idea +''' from Michael D. Marchionna. ''' ''' .de Sh @@ -96,7 +100,7 @@ .nr % 0 .rr F .\} -.TH sudo.pod.in @mansectsu@ "1.6.3" "22/Mar/2000" "MAINTENANCE COMMANDS" +.TH sudo @mansectsu@ "1.6.3" "22/Mar/2000" "MAINTENANCE COMMANDS" .UC .if n .hy 0 .if n .na @@ -327,22 +331,22 @@ not disable user-defined library search paths for setuid programs (most do), you should either use a linker option that disables this behavior or link \fBsudo\fR statically. .PP -\fBsudo\fR will check the ownership of its timestamp directory (\fI@TIMEDIR@\fR) -and ignore the directory's contents if it is not owned by root and -only writable by root. On systems that allow non-root users to -give away files via \fIchown\fR\|(2), if the timestamp directory is located -in a directory writable by anyone (eg: \fI/tmp\fR), it is possible for -a user to create the timestamp directory before \fBsudo\fR is run. -However, because \fBsudo\fR checks the ownership and mode of the -directory and its contents, the only damage that can be done is to -\*(L"hide\*(R" files by putting them in the timestamp dir. This is unlikely -to happen since once the timestamp dir is owned by root and -inaccessible by any other user the user placing files there would -be unable to get them back out. To get around this issue you can -use a directory that is not world-writable for the timestamps -(\fI/var/adm/sudo\fR for instance) or create \fI@TIMEDIR@\fR with the -appropriate owner (root) and permissions (0700) in the system startup -files. +\fBsudo\fR will check the ownership of its timestamp directory +(\fI@TIMEDIR@\fR by default) and ignore the directory's contents if +it is not owned by root and only writable by root. On systems that +allow non-root users to give away files via \fIchown\fR\|(2), if the timestamp +directory is located in a directory writable by anyone (eg: \fI/tmp\fR), +it is possible for a user to create the timestamp directory before +\fBsudo\fR is run. However, because \fBsudo\fR checks the ownership and +mode of the directory and its contents, the only damage that can +be done is to \*(L"hide\*(R" files by putting them in the timestamp dir. +This is unlikely to happen since once the timestamp dir is owned +by root and inaccessible by any other user the user placing files +there would be unable to get them back out. To get around this +issue you can use a directory that is not world-writable for the +timestamps (\fI/var/adm/sudo\fR for instance) or create \fI@TIMEDIR@\fR +with the appropriate owner (root) and permissions (0700) in the +system startup files. .PP \fBsudo\fR will not honor timestamps set far in the future. Timestamps with a date greater than current_time + 2 * \f(CWTIMEOUT\fR @@ -438,7 +442,7 @@ are generally safe). \fIlogin_cap\fR\|(3), \fIsudoers\fR\|(5), \fIvisudo\fR\|(8), \fIsu\fR\|(1). .rn }` '' -.IX Title "sudo.pod.in @mansectsu@" +.IX Title "sudo @mansectsu@" .IX Name "sudo - execute a command as another user" .IX Header "NAME" diff --git a/sudo.pod b/sudo.pod index 9169e8826..b29df316b 100644 --- a/sudo.pod +++ b/sudo.pod @@ -42,7 +42,7 @@ sudo - execute a command as another user =head1 SYNOPSIS B B<-V> | B<-h> | B<-l> | B<-L> | B<-v> | B<-k> | B<-K> | B<-s> | -[ B<-H> ] [B<-S> ] [ B<-b> ] | [ B<-p> prompt ] +[ B<-H> ] [B<-S> ] [ B<-b> ] | [ B<-p> prompt ] [ B<-c> class|- ] [ B<-u> username/#uid ] I =head1 DESCRIPTION @@ -59,7 +59,7 @@ user may then use sudo without a password for a short period of time (five minutes by default). B determines who is an authorized user by consulting the -file F. By giving B the C<-v> flag a user +file F<@sysconfdir@/sudoers>. By giving B the C<-v> flag a user can update the time stamp without running a I The password prompt itself will also time out if the user's password is not entered with N minutes (again, this is defined at configure @@ -137,9 +137,22 @@ contains the C<%u> escape, C<%u> will be replaced with the user's login name. Similarly, C<%h> will be replaced with the local hostname. +=item -c + +The C<-c> (I) option causes B to run the specified command +with resources limited by the specified login class. The I +argument can be either a class name as defined in /etc/login.conf, +or a single '-' character. Specifying the I as '-' means +that the command should be run restricted by the default login +capibilities of the user the command is run as. If the I +argument specifies an existing user class, the command must be run +as root, or the B command must be run from a shell that is already +root. This option is only available on systems with BSD login classes +where B has been configured with the --with-logincap option. + =item -u -The C<-u> (I) option causes sudo to run the specified command +The C<-u> (I) option causes B to run the specified command as a user other than I. To specify a I instead of a I, use "#uid". @@ -205,21 +218,21 @@ not disable user-defined library search paths for setuid programs behavior or link B statically. B will check the ownership of its timestamp directory -(F or F by default) and ignore the -directory's contents if it is not owned by root and only writable -by root. On systems that allow non-root users to give away files -via chown(2), if the timestamp directory is located in a directory -writable by anyone (ie: F), it is possible for a user to -create the timestamp directory before B is run. However, -because B checks the ownership and mode of the directory and -its contents, the only damage that can be done is to "hide" files -by putting them in the timestamp dir. This is unlikely to happen -since once the timestamp dir is owned by root and inaccessible by -any other user the user placing files there would be unable to get -them back out. To get around this issue you can use a directory -that is not world-writable for the timestamps (F for -instance) or create /tmp/.odus with the appropriate owner (root) -and permissions (0700) in the system startup files. +(F<@TIMEDIR@> by default) and ignore the directory's contents if +it is not owned by root and only writable by root. On systems that +allow non-root users to give away files via chown(2), if the timestamp +directory is located in a directory writable by anyone (eg: F), +it is possible for a user to create the timestamp directory before +B is run. However, because B checks the ownership and +mode of the directory and its contents, the only damage that can +be done is to "hide" files by putting them in the timestamp dir. +This is unlikely to happen since once the timestamp dir is owned +by root and inaccessible by any other user the user placing files +there would be unable to get them back out. To get around this +issue you can use a directory that is not world-writable for the +timestamps (F for instance) or create F<@TIMEDIR@> +with the appropriate owner (root) and permissions (0700) in the +system startup files. B will not honor timestamps set far in the future. Timestamps with a date greater than current_time + 2 * C @@ -274,30 +287,8 @@ B utilizes the following environment variables: =head1 FILES - /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - -B utilizes the following environment variables: - - PATH Set to a sane value if SECURE_PATH is set - SHELL Used to determine shell to run with -s option - USER Set to the target user (root unless the -u option - is specified) - HOME In -s or -H mode (or if sudo was configured with - the --enable-shell-sets-home option), set to - homedir of the target user. - SUDO_PROMPT Used as the default password prompt - SUDO_COMMAND Set to the command run by sudo - SUDO_USER Set to the login of the user who invoked sudo - SUDO_UID Set to the uid of the user who invoked sudo - SUDO_GID Set to the gid of the user who invoked sudo - SUDO_PS1 If set, PS1 will be set to its value - -=head1 FILES - - /etc/sudoers List of who can run what - /var/run/sudo Directory containing timestamps - /tmp/.odus Same as above if no /var/run exists + @sysconfdir@/sudoers List of who can run what + @TIMEDIR@ Directory containing timestamps =head1 AUTHORS @@ -338,4 +329,4 @@ are generally safe). =head1 SEE ALSO -sudoers(5), visudo(8), su(1). +login_cap(3), sudoers(5), visudo(8), su(1). diff --git a/sudoers.cat b/sudoers.cat index 9e7533a87..a98a5db2c 100644 --- a/sudoers.cat +++ b/sudoers.cat @@ -61,7 +61,7 @@ DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN -18/Feb/2000 1.6.3 1 +22/Mar/2000 1.6.3 1 @@ -127,7 +127,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 2 +22/Mar/2000 1.6.3 2 @@ -193,7 +193,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 3 +22/Mar/2000 1.6.3 3 @@ -259,7 +259,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 4 +22/Mar/2000 1.6.3 4 @@ -325,7 +325,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 5 +22/Mar/2000 1.6.3 5 @@ -391,7 +391,7 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 6 +22/Mar/2000 1.6.3 6 @@ -405,6 +405,12 @@ sudoers(5) FILE FORMATS sudoers(5) root) instead of the password of the invoking user. + use_loginclass + If set, sudo will apply the defaults specified + for the target user's login class if one + exists. Only available if sudo is configured + with the --with-logincap option. + IIIInnnntttteeeeggggeeeerrrrssss: passwd_tries @@ -448,16 +454,10 @@ sudoers(5) FILE FORMATS sudoers(5) incorrect password. The default is "Sorry, try again." unless insults are enabled. - timestampdir - The directory in which ssssuuuuddddoooo stores its - timestamp files. The default is either - /var/run/sudo or /tmp/sudo. - - -18/Feb/2000 1.6.3 7 +22/Mar/2000 1.6.3 7 @@ -466,6 +466,10 @@ sudoers(5) FILE FORMATS sudoers(5) sudoers(5) FILE FORMATS sudoers(5) + timestampdir + The directory in which ssssuuuuddddoooo stores its + timestamp files. The default is _@_T_I_M_E_D_I_R_@. + passprompt The default prompt to use when asking for a password; can be overridden via the -p option or the SUDO_PROMPT environment variable. @@ -492,6 +496,10 @@ sudoers(5) FILE FORMATS sudoers(5) SSSSttttrrrriiiinnnnggggssss tttthhhhaaaatttt ccccaaaannnn bbbbeeee uuuusssseeeedddd iiiinnnn aaaa bbbboooooooolllleeeeaaaannnn ccccoooonnnntttteeeexxxxtttt: + logfile Path to the sudo log file (not the syslog log + file). Setting a path turns on logging to a + file, negating this option turns it off. + syslog Syslog facility if syslog is being used for logging (negate to disable syslog logging). Defaults to "local2". @@ -511,6 +519,19 @@ sudoers(5) FILE FORMATS sudoers(5) and PATH requirements. This is not set by default. + + + + +22/Mar/2000 1.6.3 8 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + secure_path Path used for every command run from ssssuuuuddddoooo. If you don't trust the people running sudo to have a sane PATH environment variable you may @@ -520,18 +541,6 @@ sudoers(5) FILE FORMATS sudoers(5) verifypw This option controls when a password will be required when a user runs sudo with the ----vvvv. - - - -18/Feb/2000 1.6.3 8 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - It has the following possible values: all All the user's I entries for the @@ -577,6 +586,18 @@ sudoers(5) FILE FORMATS sudoers(5) Parameter): aaaauuuutttthhhhpppprrrriiiivvvv (if your OS supports it), aaaauuuutttthhhh, ddddaaaaeeeemmmmoooonnnn, uuuusssseeeerrrr, llllooooccccaaaallll0000, llllooooccccaaaallll1111, llllooooccccaaaallll2222, llllooooccccaaaallll3333, llllooooccccaaaallll4444, llllooooccccaaaallll5555, llllooooccccaaaallll6666, and llllooooccccaaaallll7777. The following syslog + + + +22/Mar/2000 1.6.3 9 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + priorities are supported: aaaalllleeeerrrrtttt, ccccrrrriiiitttt, ddddeeeebbbbuuuugggg, eeeemmmmeeeerrrrgggg, eeeerrrrrrrr, iiiinnnnffffoooo, nnnnoooottttiiiicccceeee, and wwwwaaaarrrrnnnniiiinnnngggg. @@ -586,18 +607,6 @@ sudoers(5) FILE FORMATS sudoers(5) User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \ (':' User_Spec)* - - - -18/Feb/2000 1.6.3 9 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - Cmnd_Spec_List ::= Cmnd_Spec | Cmnd_Spec ',' Cmnd_Spec_List @@ -643,6 +652,18 @@ sudoers(5) FILE FORMATS sudoers(5) modified via the NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for the commands that follow it in the Cmnd_Spec_List. Conversely, the PASSWD tag can + + + +22/Mar/2000 1.6.3 10 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + be used to reverse things. For example: ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm @@ -653,17 +674,6 @@ sudoers(5) FILE FORMATS sudoers(5) able to run _/_b_i_n_/_k_i_l_l without a password the entry would be: - - -18/Feb/2000 1.6.3 10 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm Note however, that the PASSWD tag has no effect on users @@ -705,6 +715,21 @@ sudoers(5) FILE FORMATS sudoers(5) match /usr/bin/who but not /usr/bin/X11/xterm. + + + + + + +22/Mar/2000 1.6.3 11 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + EEEExxxxcccceeeeppppttttiiiioooonnnnssss ttttoooo wwwwiiiillllddddccccaaaarrrrdddd rrrruuuulllleeeessss:::: The following exceptions apply to the above rules: @@ -718,18 +743,6 @@ sudoers(5) FILE FORMATS sudoers(5) The pound sign ('#') is used to indicate a comment (unless it occurs in the context of a user name and is followed by - - - -18/Feb/2000 1.6.3 11 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - one or more digits, in which case it is treated as a uid). Both the comment character and any text after it, up to the end of the line, are ignored. @@ -770,6 +783,19 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS User_Alias PARTTIMERS = bostley, jwfox, crawl User_Alias WEBMASTERS = will, wendy, wim + + + + +22/Mar/2000 1.6.3 12 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + # Runas alias specification Runas_Alias OP = root, operator Runas_Alias DB = oracle, sybase @@ -784,18 +810,6 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS Host_Alias SERVERS = master, mail, www, ns Host_Alias CDROM = orion, perseus, hercules - - - -18/Feb/2000 1.6.3 12 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - # Cmnd alias specification Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ /usr/sbin/restore, /usr/sbin/rrestore @@ -836,6 +850,18 @@ sudoers(5) FILE FORMATS sudoers(5) FULLTIMERS ALL = NOPASSWD: ALL Full time sysadmins (mmmmiiiilllllllleeeerrrrtttt, mmmmiiiikkkkeeeeffff, and ddddoooowwwwddddyyyy) may run + + + +22/Mar/2000 1.6.3 13 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + any command on any host without authenticating themselves. PARTTIMERS ALL = ALL @@ -850,18 +876,6 @@ sudoers(5) FILE FORMATS sudoers(5) _C_S_N_E_T_S alias (the networks 128.138.243.0, 128.138.204.0, and 128.138.242.0). Of those networks, only <128.138.204.0> has an explicit netmask (in CIDR notation) - - - -18/Feb/2000 1.6.3 13 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - indicating it is a class C network. For the other networks in _C_S_N_E_T_S, the local machine's netmask will be used during matching. @@ -902,6 +916,18 @@ sudoers(5) FILE FORMATS sudoers(5) netgroup. SSSSuuuuddddoooo knows that "biglab" is a netgroup due to the '+' prefix. + + + +22/Mar/2000 1.6.3 14 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser Users in the sssseeeeccccrrrreeeettttaaaarrrriiiieeeessss netgroup need to help manage the @@ -916,18 +942,6 @@ sudoers(5) FILE FORMATS sudoers(5) john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* On the _A_L_P_H_A machines, user jjjjoooohhhhnnnn may su to anyone except - - - -18/Feb/2000 1.6.3 14 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - root but he is not allowed to give _s_u(1) any flags. jen ALL, !SERVERS = ALL @@ -967,6 +981,19 @@ sudoers(5) FILE FORMATS sudoers(5) type, so it is a prime candiate for encapsulating in a shell script. + + + + +22/Mar/2000 1.6.3 15 + + + + + +sudoers(5) FILE FORMATS sudoers(5) + + SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTEEEESSSS It is generally not effective to "subtract" commands from ALL using the '!' operator. A user can trivially @@ -982,18 +1009,6 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE restrictions should be considered advisory at best (and reinforced by policy). - - - -18/Feb/2000 1.6.3 15 - - - - - -sudoers(5) FILE FORMATS sudoers(5) - - CCCCAAAAVVVVEEEEAAAATTTTSSSS The _s_u_d_o_e_r_s file should aaaallllwwwwaaaayyyyssss be edited by the vvvviiiissssuuuuddddoooo command which locks the file and does grammatical @@ -1036,22 +1051,7 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO - - - - - - - - - - - - - - - -18/Feb/2000 1.6.3 16 +22/Mar/2000 1.6.3 16 @@ -1117,6 +1117,6 @@ sudoers(5) FILE FORMATS sudoers(5) -18/Feb/2000 1.6.3 17 +22/Mar/2000 1.6.3 17 diff --git a/sudoers.man.in b/sudoers.man.in index 79d1279f8..9697a2caf 100644 --- a/sudoers.man.in +++ b/sudoers.man.in @@ -2,8 +2,12 @@ ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ -''' Revision 1.1 2000/03/23 00:17:29 millert -''' configure does substitution on these to produce *.man +''' Revision 1.2 2000/03/23 00:35:59 millert +''' Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from +''' Michael D. Marchionna. +''' configure now does substitution on the man pages, allowing us to +''' fix up the paths and set the section correctly. Based on an idea +''' from Michael D. Marchionna. ''' ''' .de Sh @@ -96,7 +100,7 @@ .nr % 0 .rr F .\} -.TH sudoers.pod.in @mansectform@ "1.6.3" "22/Mar/2000" "FILE FORMATS" +.TH sudoers @mansectform@ "1.6.3" "22/Mar/2000" "FILE FORMATS" .UC .if n .hy 0 .if n .na @@ -970,7 +974,7 @@ as returned by the \f(CWhostname\fR command or use the \fIfqdn\fR option in \fIsudo\fR\|(8), \fIvisudo\fR\|(8), \fIsu\fR\|(1), \fIfnmatch\fR\|(3). .rn }` '' -.IX Title "sudoers.pod.in @mansectform@" +.IX Title "sudoers @mansectform@" .IX Name "sudoers - list of which users may execute what" .IX Header "NAME" diff --git a/sudoers.pod b/sudoers.pod index ef2cd72f0..c0b0f4b2a 100644 --- a/sudoers.pod +++ b/sudoers.pod @@ -370,6 +370,12 @@ If set, sudo will prompt for the password of the user specified by the C<-u> flag (defaults to root) instead of the password of the invoking user. +=item use_loginclass + +If set, sudo will apply the defaults specified for the target user's +login class if one exists. Only available if sudo is configured with +the --with-logincap option. + =back B: @@ -429,7 +435,7 @@ The default is "Sorry, try again." unless insults are enabled. =item timestampdir The directory in which B stores its timestamp files. -The default is either C or C. +The default is F<@TIMEDIR@>. =item passprompt @@ -464,6 +470,11 @@ B: =over 12 +=item logfile + +Path to the sudo log file (not the syslog log file). Setting a path +turns on logging to a file, negating this option turns it off. + =item syslog Syslog facility if syslog is being used for logging (negate to @@ -898,7 +909,7 @@ I. =head1 FILES - /etc/sudoers List of who can run what + @sysconfdir@/sudoers List of who can run what /etc/group Local groups file /etc/netgroup List of network groups diff --git a/visudo.cat b/visudo.cat index 1388512dd..5bab121ad 100644 --- a/visudo.cat +++ b/visudo.cat @@ -55,13 +55,13 @@ EEEERRRRRRRROOOORRRRSSSS sudoers file busy, try again later. Someone else is currently editing the _s_u_d_o_e_r_s file. - /etc/sudoers.tmp: Permission denied + @sysconf@/sudoers.tmp: Permission denied You didn't run vvvviiiissssuuuuddddoooo as root. -15/Feb/2000 1.6.3 1 +22/Mar/2000 1.6.3 1 @@ -91,8 +91,8 @@ EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT FFFFIIIILLLLEEEESSSS - /etc/sudoers List of who can run what - /etc/sudoers.tmp Lock file for visudo + @sysconf@/sudoers List of who can run what + @sysconf@/sudoers.tmp Lock file for visudo AAAAUUUUTTTTHHHHOOOORRRR @@ -127,7 +127,7 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO -15/Feb/2000 1.6.3 2 +22/Mar/2000 1.6.3 2 @@ -193,6 +193,6 @@ visudo(8) MAINTENANCE COMMANDS visudo(8) -15/Feb/2000 1.6.3 3 +22/Mar/2000 1.6.3 3 diff --git a/visudo.man.in b/visudo.man.in index 0edd2adad..ad24e7e81 100644 --- a/visudo.man.in +++ b/visudo.man.in @@ -2,8 +2,12 @@ ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ -''' Revision 1.1 2000/03/23 00:17:30 millert -''' configure does substitution on these to produce *.man +''' Revision 1.2 2000/03/23 00:35:59 millert +''' Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from +''' Michael D. Marchionna. +''' configure now does substitution on the man pages, allowing us to +''' fix up the paths and set the section correctly. Based on an idea +''' from Michael D. Marchionna. ''' ''' .de Sh @@ -96,7 +100,7 @@ .nr % 0 .rr F .\} -.TH visudo.pod.in @mansectsu@ "1.6.3" "18/Mar/2000" "MAINTENANCE COMMANDS" +.TH visudo @mansectsu@ "1.6.3" "22/Mar/2000" "MAINTENANCE COMMANDS" .UC .if n .hy 0 .if n .na @@ -280,7 +284,7 @@ the editor used by \fBvisudo\fR allows shell escapes. \fIsudo\fR\|(8), \fIvipw\fR\|(8). .rn }` '' -.IX Title "visudo.pod.in @mansectsu@" +.IX Title "visudo @mansectsu@" .IX Name "visudo - edit the sudoers file" .IX Header "NAME" diff --git a/visudo.pod b/visudo.pod index 86b0a25db..94a2aeb0d 100644 --- a/visudo.pod +++ b/visudo.pod @@ -98,7 +98,7 @@ and exit. Someone else is currently editing the I file. -=item /etc/sudoers.tmp: Permission denied +=item @sysconf@/sudoers.tmp: Permission denied You didn't run B as root. @@ -127,8 +127,8 @@ was configured with the I<--with-env-editor> option: =head1 FILES - /etc/sudoers List of who can run what - /etc/sudoers.tmp Lock file for visudo + @sysconf@/sudoers List of who can run what + @sysconf@/sudoers.tmp Lock file for visudo =head1 AUTHOR