54 lines
2.6 KiB
Plaintext
54 lines
2.6 KiB
Plaintext
Sudo porting hints
|
|
==================
|
|
|
|
Before trying to port sudo to a new architecture, please join the
|
|
sudo-workers mailing list (see the README file) and ask if anyone
|
|
has a port working or in-progress. Sudo should be fairly easy to
|
|
port. Since it uses a configure script, most of the work should
|
|
be done for you.
|
|
|
|
If your OS is an SVR4 derivative (or some approximation thereof), it may
|
|
be sufficient to tell configure you are runnng SVR4, something like:
|
|
configure foo-bar-sysv4
|
|
where foo is the hardware architecture and bar is the vendor.
|
|
|
|
A possible pitfall is getdtablesize(2) which is used to get the
|
|
maximum number of open files the process can have. If an OS has
|
|
the POSIX sysconf(2) it will be used instead of getdtablesize(2).
|
|
ulimit(2) or getrlimit(2) can also be used on some OS's. If all
|
|
else fails you can use the value of NOFILE in <sys/param.h>.
|
|
|
|
Sudo tries to clear the environment of dangerous envariables like
|
|
LD_* to prevent shared library spoofing. If you are porting sudo
|
|
to a new OS that has shared libraries you'll want to mask out the
|
|
variables that allow one to change the shared library path. See
|
|
badenv_table() in sudo.c to see how this is done for various OS's.
|
|
|
|
It is possible that on a really weird system, tgetpass() may not
|
|
compile. (The most common cause for this is that the "fd_set" type
|
|
is not defined in a place that sudo expects it to be. If you can
|
|
find the header file where "fd_set" is typedef'd, have tgetpass.c
|
|
include it and send in a bug report.)
|
|
Alternately, tgetpass.c may compile but not work (nothing happens
|
|
at the Password: prompt). It is possible that your C library
|
|
contains a broken or unusable crypt() function--try linking with
|
|
-lcrypt if that exists. Another possibility is that select() is
|
|
not fully functional; running configure with --with-password-timeout=0
|
|
will disable the use of select().
|
|
|
|
If you are trying to port to a system without standard Berkeley
|
|
networking you may find that interfaces.c will not compile. This
|
|
is most likely on OS's with STREAMS-based networking. It should be
|
|
possible to make it work by modifying the ISC streams support
|
|
(see the _ISC #ifdef's). However, if you don't care about ip address
|
|
and network address support, you can just run configure with the
|
|
--without-interfaces flag to get a do-nothing load_interfaces() stub function.
|
|
|
|
If you port sudo to a new architecture, please send the output of
|
|
"configure", the config.log file and your changes to:
|
|
sudo@courtesan.com
|
|
|
|
If you are unable to get sudo working, and you are willing to
|
|
give me an account on a machine, send mail to sudo@courtesan.com.
|
|
Note, however, that I can't make any promises.
|