Annotation of embedaddon/sudo/configure.ac, revision 1.1.1.1
1.1 misho 1: dnl
2: dnl Use the top-level autogen.sh script to generate configure and config.h.in
3: dnl
4: dnl Copyright (c) 1994-1996,1998-2014 Todd C. Miller <Todd.Miller@courtesan.com>
5: dnl
6: AC_PREREQ([2.59])
7: AC_INIT([sudo], [1.8.10p3], [http://www.sudo.ws/bugs/], [sudo])
8: AC_CONFIG_HEADER([config.h pathnames.h])
9: AC_CONFIG_SRCDIR([src/sudo.c])
10: dnl
11: dnl Note: this must come after AC_INIT
12: dnl
13: AC_MSG_NOTICE([Configuring Sudo version $PACKAGE_VERSION])
14: dnl
15: dnl Variables that get substituted in the Makefile and man pages
16: dnl
17: AC_SUBST([HAVE_BSM_AUDIT])
18: AC_SUBST([SHELL])
19: AC_SUBST([LIBTOOL])
20: AC_SUBST([CFLAGS])
21: AC_SUBST([PROGS])
22: AC_SUBST([CPPFLAGS])
23: AC_SUBST([LDFLAGS])
24: AC_SUBST([SUDOERS_LDFLAGS])
25: AC_SUBST([LT_LDFLAGS])
26: AC_SUBST([LT_LDMAP])
27: AC_SUBST([LT_LDOPT])
28: AC_SUBST([LT_LDDEP])
29: AC_SUBST([LT_LDEXPORTS])
30: AC_SUBST([COMMON_OBJS])
31: AC_SUBST([SUDOERS_OBJS])
32: AC_SUBST([SUDO_OBJS])
33: AC_SUBST([LIBS])
34: AC_SUBST([SUDO_LIBS])
35: AC_SUBST([SUDOERS_LIBS])
36: AC_SUBST([STATIC_SUDOERS])
37: AC_SUBST([NET_LIBS])
38: AC_SUBST([AFS_LIBS])
39: AC_SUBST([REPLAY_LIBS])
40: AC_SUBST([GETGROUPS_LIB])
41: AC_SUBST([OSDEFS])
42: AC_SUBST([AUTH_OBJS])
43: AC_SUBST([MANTYPE])
44: AC_SUBST([MANDIRTYPE])
45: AC_SUBST([MANCOMPRESS])
46: AC_SUBST([MANCOMPRESSEXT])
47: AC_SUBST([SHLIB_MODE])
48: AC_SUBST([SHLIB_EXT])
49: AC_SUBST([SUDOERS_MODE])
50: AC_SUBST([SUDOERS_UID])
51: AC_SUBST([SUDOERS_GID])
52: AC_SUBST([DEVEL])
53: AC_SUBST([BAMAN])
54: AC_SUBST([LCMAN])
55: AC_SUBST([PSMAN])
56: AC_SUBST([SEMAN])
57: AC_SUBST([devdir])
58: AC_SUBST([mansectsu])
59: AC_SUBST([mansectform])
60: AC_SUBST([mansrcdir])
61: AC_SUBST([NOEXECFILE])
62: AC_SUBST([NOEXECDIR])
63: AC_SUBST([SOEXT])
64: AC_SUBST([noexec_file])
65: AC_SUBST([sesh_file])
66: AC_SUBST([INSTALL_NOEXEC])
67: AC_SUBST([DONT_LEAK_PATH_INFO])
68: AC_SUBST([BSDAUTH_USAGE])
69: AC_SUBST([SELINUX_USAGE])
70: AC_SUBST([LDAP])
71: AC_SUBST([LOGINCAP_USAGE])
72: AC_SUBST([ZLIB])
73: AC_SUBST([ZLIB_SRC])
74: AC_SUBST([LIBTOOL_DEPS])
75: AC_SUBST([ac_config_libobj_dir])
76: AC_SUBST([CONFIGURE_ARGS])
77: AC_SUBST([LIBDL])
78: AC_SUBST([LT_STATIC])
79: AC_SUBST([LIBINTL])
80: AC_SUBST([SUDO_NLS])
81: AC_SUBST([LOCALEDIR_SUFFIX])
82: AC_SUBST([COMPAT_TEST_PROGS])
83: AC_SUBST([CROSS_COMPILING])
84: AC_SUBST([PIE_LDFLAGS])
85: AC_SUBST([PIE_CFLAGS])
86: AC_SUBST([SSP_LDFLAGS])
87: AC_SUBST([SSP_CFLAGS])
88: AC_SUBST([NO_VIZ])
89: AC_SUBST([INIT_SCRIPT])
90: AC_SUBST([INIT_DIR])
91: AC_SUBST([RC_LINK])
92: dnl
93: dnl Variables that get substituted in docs (not overridden by environment)
94: dnl
95: AC_SUBST([iolog_dir])dnl real initial value from SUDO_IO_LOGDIR
96: AC_SUBST([rundir])dnl real initial value from SUDO_RUNDIR
97: AC_SUBST([vardir])dnl real initial value from SUDO_VARDIR
98: AC_SUBST([timeout])
99: AC_SUBST([password_timeout])
100: AC_SUBST([sudo_umask])
101: AC_SUBST([umask_override])
102: AC_SUBST([passprompt])
103: AC_SUBST([long_otp_prompt])
104: AC_SUBST([lecture])
105: AC_SUBST([logfac])
106: AC_SUBST([goodpri])
107: AC_SUBST([badpri])
108: AC_SUBST([loglen])
109: AC_SUBST([ignore_dot])
110: AC_SUBST([mail_no_user])
111: AC_SUBST([mail_no_host])
112: AC_SUBST([mail_no_perms])
113: AC_SUBST([mailto])
114: AC_SUBST([mailsub])
115: AC_SUBST([badpass_message])
116: AC_SUBST([fqdn])
117: AC_SUBST([runas_default])
118: AC_SUBST([env_editor])
119: AC_SUBST([env_reset])
120: AC_SUBST([passwd_tries])
121: AC_SUBST([tty_tickets])
122: AC_SUBST([insults])
123: AC_SUBST([root_sudo])
124: AC_SUBST([path_info])
125: AC_SUBST([ldap_conf])
126: AC_SUBST([ldap_secret])
127: AC_SUBST([sssd_lib])
128: AC_SUBST([nsswitch_conf])
129: AC_SUBST([netsvc_conf])
130: AC_SUBST([secure_path])
131: AC_SUBST([editor])
132: AC_SUBST([pam_session])
133: AC_SUBST([pam_login_service])
134: AC_SUBST([PLUGINDIR])
135: #
136: # Begin initial values for man page substitution
137: #
138: iolog_dir=/var/log/sudo-io
139: rundir=/var/run/sudo
140: vardir=/var/adm/sudo
141: timeout=5
142: password_timeout=5
143: sudo_umask=0022
144: umask_override=off
145: passprompt="Password:"
146: long_otp_prompt=off
147: lecture=once
148: logfac=auth
149: goodpri=notice
150: badpri=alert
151: loglen=80
152: ignore_dot=off
153: mail_no_user=on
154: mail_no_host=off
155: mail_no_perms=off
156: mailto=root
157: mailsub="*** SECURITY information for %h ***"
158: badpass_message="Sorry, try again."
159: fqdn=off
160: runas_default=root
161: env_editor=off
162: env_reset=on
163: editor=vi
164: passwd_tries=3
165: tty_tickets=on
166: insults=off
167: root_sudo=on
168: path_info=on
169: ldap_conf=/etc/ldap.conf
170: ldap_secret=/etc/ldap.secret
171: netsvc_conf=/etc/netsvc.conf
172: noexec_file=/usr/local/libexec/sudo/sudo_noexec.so
173: sesh_file=/usr/local/libexec/sudo/sesh
174: nsswitch_conf=/etc/nsswitch.conf
175: secure_path="not set"
176: pam_session=on
177: pam_login_service=sudo
178: PLUGINDIR=/usr/local/libexec/sudo
179: #
180: # End initial values for man page substitution
181: #
182: dnl
183: dnl Initial values for Makefile variables listed above
184: dnl May be overridden by environment variables..
185: dnl
186: INSTALL_NOEXEC=
187: devdir='$(srcdir)'
188: PROGS="sudo"
189: : ${MANDIRTYPE='man'}
190: : ${mansrcdir='.'}
191: : ${SHLIB_MODE='0644'}
192: : ${SUDOERS_MODE='0440'}
193: : ${SUDOERS_UID='0'}
194: : ${SUDOERS_GID='0'}
195: DEVEL=
196: LDAP="#"
197: BAMAN=0
198: LCMAN=0
199: PSMAN=0
200: SEMAN=0
201: LIBINTL=
202: ZLIB=
203: ZLIB_SRC=
204: AUTH_OBJS=
205: AUTH_REG=
206: AUTH_EXCL=
207: AUTH_EXCL_DEF=
208: AUTH_DEF=passwd
209: SUDO_NLS=disabled
210: LOCALEDIR_SUFFIX=
211: LT_LDEXPORTS="-export-symbols \$(shlib_exp)"
212: LT_LDDEP="\$(shlib_exp)"
213: NO_VIZ="-DNO_VIZ"
214: OS_INIT=os_init_common
215: INIT_SCRIPT=
216: INIT_DIR=
217: RC_LINK=
218:
219: dnl
220: dnl Other vaiables
221: dnl
222: CHECKSHADOW=true
223: shadow_defs=
224: shadow_funcs=
225: shadow_libs=
226: shadow_libs_optional=
227: CONFIGURE_ARGS="$@"
228:
229: dnl
230: dnl LD_PRELOAD equivalents
231: dnl
232: RTLD_PRELOAD_VAR="LD_PRELOAD"
233: RTLD_PRELOAD_ENABLE_VAR=
234: RTLD_PRELOAD_DELIM=":"
235: RTLD_PRELOAD_DEFAULT=
236:
237: dnl
238: dnl libc replacement functions live in compat
239: dnl
240: AC_CONFIG_LIBOBJ_DIR(compat)
241:
242: #
243: # Prior to sudo 1.8.7, sudo stored libexec files in $libexecdir.
244: # Starting with sudo 1.8.7, $libexecdir/sudo is used so strip
245: # off an extraneous "/sudo" from libexecdir.
246: #
247: case "$libexecdir" in
248: */sudo)
249: AC_MSG_WARN([libexecdir should not include the "sudo" subdirectory])
250: libexecdir=`expr "$libexecdir" : '\\(.*\\)/sudo$'`
251: ;;
252: esac
253:
254: dnl
255: dnl Deprecated --with options (these all warn or generate an error)
256: dnl
257:
258: AC_ARG_WITH(otp-only, [AS_HELP_STRING([--with-otp-only], [deprecated])],
259: [case $with_otp_only in
260: yes) with_passwd="no"
261: AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
262: ;;
263: esac])
264:
265: AC_ARG_WITH(alertmail, [AS_HELP_STRING([--with-alertmail], [deprecated])],
266: [case $with_alertmail in
267: *) with_mailto="$with_alertmail"
268: AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
269: ;;
270: esac])
271:
272: dnl
273: dnl Options for --with
274: dnl
275:
276: AC_ARG_WITH(devel, [AS_HELP_STRING([--with-devel], [add development options])],
277: [case $with_devel in
278: yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
279: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
280: DEVEL="true"
281: devdir=.
282: ;;
283: no) ;;
284: *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
285: ;;
286: esac])
287:
288: AC_ARG_WITH(CC, [AS_HELP_STRING([--with-CC], [C compiler to use])],
289: [case $with_CC in
290: *) AC_MSG_ERROR([the --with-CC option is no longer supported, please set the CC environment variable instead.])
291: ;;
292: esac])
293:
294: AC_ARG_WITH(rpath, [AS_HELP_STRING([--with-rpath], [deprecated, use --disable-rpath])],
295: [AC_MSG_WARN([--with-rpath deprecated, rpath is now the default])])
296:
297: AC_ARG_WITH(blibpath, [AS_HELP_STRING([--with-blibpath[=PATH]], [deprecated])],
298: [AC_MSG_WARN([--with-blibpath deprecated, use --with-libpath])])
299:
300: dnl
301: dnl Handle BSM auditing support.
302: dnl
303: AC_ARG_WITH(bsm-audit, [AS_HELP_STRING([--with-bsm-audit], [enable BSM audit support])],
304: [case $with_bsm_audit in
305: yes) AC_DEFINE(HAVE_BSM_AUDIT)
306: SUDOERS_LIBS="${SUDOERS_LIBS} -lbsm"
307: SUDOERS_OBJS="${SUDOERS_OBJS} bsm_audit.lo"
308: ;;
309: no) ;;
310: *) AC_MSG_ERROR(["--with-bsm-audit does not take an argument."])
311: ;;
312: esac])
313:
314: dnl
315: dnl Handle Linux auditing support.
316: dnl
317: AC_ARG_WITH(linux-audit, [AS_HELP_STRING([--with-linux-audit], [enable Linux audit support])],
318: [case $with_linux_audit in
319: yes) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <libaudit.h>]], [[int i = AUDIT_USER_CMD; (void)i;]])], [
320: AC_DEFINE(HAVE_LINUX_AUDIT)
321: SUDO_LIBS="${SUDO_LIBS} -laudit"
322: SUDOERS_LIBS="${SUDO_LIBS} -laudit"
323: SUDOERS_OBJS="${SUDOERS_OBJS} linux_audit.lo"
324: ], [
325: AC_MSG_ERROR([unable to find AUDIT_USER_CMD in libaudit.h for --with-linux-audit])
326: ])
327: ;;
328: no) ;;
329: *) AC_MSG_ERROR(["--with-linux-audit does not take an argument."])
330: ;;
331: esac])
332:
333: dnl
334: dnl Handle SSSD support.
335: dnl
336: AC_ARG_WITH(sssd, [AS_HELP_STRING([--with-sssd], [enable SSSD support])],
337: [case $with_sssd in
338: yes) SUDOERS_OBJS="${SUDOERS_OBJS} sssd.lo"
339: AC_DEFINE(HAVE_SSSD)
340: ;;
341: no) ;;
342: *) AC_MSG_ERROR(["--with-sssd does not take an argument."])
343: ;;
344: esac])
345:
346: AC_ARG_WITH(sssd-lib, [AS_HELP_STRING([--with-sssd-lib], [path to the SSSD library])])
347: sssd_lib="\"LIBDIR\""
348: test -n "$with_sssd_lib" && sssd_lib="$with_sssd_lib"
349: SUDO_DEFINE_UNQUOTED(_PATH_SSSD_LIB, "$sssd_lib", [Path to the SSSD library])
350:
351: AC_ARG_WITH(incpath, [AS_HELP_STRING([--with-incpath], [additional places to look for include files])],
352: [case $with_incpath in
353: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
354: ;;
355: no) AC_MSG_ERROR(["--without-incpath not supported."])
356: ;;
357: *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
358: for i in ${with_incpath}; do
359: SUDO_APPEND_CPPFLAGS(-I${i})
360: done
361: ;;
362: esac])
363:
364: AC_ARG_WITH(libpath, [AS_HELP_STRING([--with-libpath], [additional places to look for libraries])],
365: [case $with_libpath in
366: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
367: ;;
368: no) AC_MSG_ERROR(["--without-libpath not supported."])
369: ;;
370: *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
371: ;;
372: esac])
373:
374: AC_ARG_WITH(libraries, [AS_HELP_STRING([--with-libraries], [additional libraries to link with])],
375: [case $with_libraries in
376: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
377: ;;
378: no) AC_MSG_ERROR(["--without-libraries not supported."])
379: ;;
380: *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
381: ;;
382: esac])
383:
384: AC_ARG_WITH(efence, [AS_HELP_STRING([--with-efence], [link with -lefence for malloc() debugging])],
385: [case $with_efence in
386: yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
387: LIBS="${LIBS} -lefence"
388: if test -f /usr/local/lib/libefence.a; then
389: with_libpath="${with_libpath} /usr/local/lib"
390: fi
391: ;;
392: no) ;;
393: *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
394: ;;
395: esac])
396:
397: AC_ARG_WITH(csops, [AS_HELP_STRING([--with-csops], [add CSOps standard options])],
398: [case $with_csops in
399: yes) AC_MSG_NOTICE([Adding CSOps standard options])
400: CHECKSIA=false
401: with_ignore_dot=yes
402: insults=on
403: with_classic_insults=yes
404: with_csops_insults=yes
405: with_env_editor=yes
406: : ${mansectsu='8'}
407: : ${mansectform='5'}
408: ;;
409: no) ;;
410: *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
411: ;;
412: esac])
413:
414: AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])],
415: [case $with_passwd in
416: yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
417: AC_MSG_RESULT($with_passwd)
418: AUTH_DEF=""
419: test "$with_passwd" = "yes" && AUTH_REG="$AUTH_REG passwd"
420: ;;
421: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
422: ;;
423: esac])
424:
425: AC_ARG_WITH(skey, [AS_HELP_STRING([--with-skey[=DIR]], [enable S/Key support ])],
426: [case $with_skey in
427: no) ;;
428: *) AC_DEFINE(HAVE_SKEY)
429: AC_MSG_CHECKING(whether to try S/Key authentication)
430: AC_MSG_RESULT(yes)
431: AUTH_REG="$AUTH_REG S/Key"
432: ;;
433: esac])
434:
435: AC_ARG_WITH(opie, [AS_HELP_STRING([--with-opie[=DIR]], [enable OPIE support ])],
436: [case $with_opie in
437: no) ;;
438: *) AC_DEFINE(HAVE_OPIE)
439: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
440: AC_MSG_RESULT(yes)
441: AUTH_REG="$AUTH_REG NRL_OPIE"
442: ;;
443: esac])
444:
445: AC_ARG_WITH(long-otp-prompt, [AS_HELP_STRING([--with-long-otp-prompt], [use a two line OTP (skey/opie) prompt])],
446: [case $with_long_otp_prompt in
447: yes) AC_DEFINE(LONG_OTP_PROMPT)
448: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
449: AC_MSG_RESULT(yes)
450: long_otp_prompt=on
451: ;;
452: no) long_otp_prompt=off
453: ;;
454: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
455: ;;
456: esac])
457:
458: AC_ARG_WITH(SecurID, [AS_HELP_STRING([--with-SecurID[[=DIR]]], [enable SecurID support])],
459: [case $with_SecurID in
460: no) ;;
461: *) AC_DEFINE(HAVE_SECURID)
462: AC_MSG_CHECKING(whether to use SecurID for authentication)
463: AC_MSG_RESULT(yes)
464: AUTH_EXCL="$AUTH_EXCL SecurID"
465: ;;
466: esac])
467:
468: AC_ARG_WITH(fwtk, [AS_HELP_STRING([--with-fwtk[[=DIR]]], [enable FWTK AuthSRV support])],
469: [case $with_fwtk in
470: no) ;;
471: *) AC_DEFINE(HAVE_FWTK)
472: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
473: AC_MSG_RESULT(yes)
474: AUTH_EXCL="$AUTH_EXCL FWTK"
475: ;;
476: esac])
477:
478: AC_ARG_WITH(kerb5, [AS_HELP_STRING([--with-kerb5[[=DIR]]], [enable Kerberos V support])],
479: [case $with_kerb5 in
480: no) ;;
481: *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
482: AC_MSG_RESULT(yes)
483: AUTH_REG="$AUTH_REG kerb5"
484: ;;
485: esac])
486:
487: AC_ARG_WITH(aixauth, [AS_HELP_STRING([--with-aixauth], [enable AIX general authentication support])],
488: [case $with_aixauth in
489: yes) AUTH_EXCL="$AUTH_EXCL AIX_AUTH";;
490: no) ;;
491: *) AC_MSG_ERROR(["--with-aixauth does not take an argument."])
492: ;;
493: esac])
494:
495: AC_ARG_WITH(pam, [AS_HELP_STRING([--with-pam], [enable PAM support])],
496: [case $with_pam in
497: yes) AUTH_EXCL="$AUTH_EXCL PAM";;
498: no) ;;
499: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
500: ;;
501: esac])
502:
503: AC_ARG_WITH(AFS, [AS_HELP_STRING([--with-AFS], [enable AFS support])],
504: [case $with_AFS in
505: yes) AC_DEFINE(HAVE_AFS)
506: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
507: AC_MSG_RESULT(yes)
508: AUTH_REG="$AUTH_REG AFS"
509: ;;
510: no) ;;
511: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
512: ;;
513: esac])
514:
515: AC_ARG_WITH(DCE, [AS_HELP_STRING([--with-DCE], [enable DCE support])],
516: [case $with_DCE in
517: yes) AC_DEFINE(HAVE_DCE)
518: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
519: AC_MSG_RESULT(yes)
520: AUTH_REG="$AUTH_REG DCE"
521: ;;
522: no) ;;
523: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
524: ;;
525: esac])
526:
527: AC_ARG_WITH(logincap, [AS_HELP_STRING([--with-logincap], [enable BSD login class support])],
528: [case $with_logincap in
529: yes|no) ;;
530: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
531: ;;
532: esac])
533:
534: AC_ARG_WITH(bsdauth, [AS_HELP_STRING([--with-bsdauth], [enable BSD authentication support])],
535: [case $with_bsdauth in
536: yes) AUTH_EXCL="$AUTH_EXCL BSD_AUTH";;
537: no) ;;
538: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
539: ;;
540: esac])
541:
542: AC_ARG_WITH(project, [AS_HELP_STRING([--with-project], [enable Solaris project support])],
543: [case $with_project in
544: yes|no) ;;
545: no) ;;
546: *) AC_MSG_ERROR(["--with-project does not take an argument."])
547: ;;
548: esac])
549:
550: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
551: AC_ARG_WITH(lecture, [AS_HELP_STRING([--without-lecture], [don't print lecture for first-time sudoer])],
552: [case $with_lecture in
553: yes|short|always) lecture=once
554: ;;
555: no|none|never) lecture=never
556: ;;
557: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
558: ;;
559: esac])
560: if test "$lecture" = "once"; then
561: AC_MSG_RESULT(yes)
562: else
563: AC_DEFINE(NO_LECTURE)
564: AC_MSG_RESULT(no)
565: fi
566:
567: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
568: AC_ARG_WITH(logging, [AS_HELP_STRING([--with-logging], [log via syslog, file, or both])],
569: [case $with_logging in
570: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
571: ;;
572: no) AC_MSG_ERROR(["--without-logging not supported."])
573: ;;
574: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG)
575: AC_MSG_RESULT(syslog)
576: ;;
577: file) AC_DEFINE(LOGGING, SLOG_FILE)
578: AC_MSG_RESULT(file)
579: ;;
580: both) AC_DEFINE(LOGGING, SLOG_BOTH)
581: AC_MSG_RESULT(both)
582: ;;
583: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
584: ;;
585: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
586:
587: AC_ARG_WITH(logfac, [AS_HELP_STRING([--with-logfac], [syslog facility to log with (default is "auth")])],
588: [case $with_logfac in
589: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
590: ;;
591: no) AC_MSG_ERROR(["--without-logfac not supported."])
592: ;;
593: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
594: ;;
595: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
596: ;;
597: esac])
598:
599: AC_MSG_CHECKING(at which syslog priority to log commands)
600: AC_ARG_WITH(goodpri, [AS_HELP_STRING([--with-goodpri], [syslog priority for commands (def is "notice")])],
601: [case $with_goodpri in
602: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
603: ;;
604: no) AC_MSG_ERROR(["--without-goodpri not supported."])
605: ;;
606: alert|crit|debug|emerg|err|info|notice|warning)
607: goodpri=$with_goodpri
608: ;;
609: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
610: ;;
611: esac])
612: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
613: AC_MSG_RESULT($goodpri)
614:
615: AC_MSG_CHECKING(at which syslog priority to log failures)
616: AC_ARG_WITH(badpri, [AS_HELP_STRING([--with-badpri], [syslog priority for failures (def is "alert")])],
617: [case $with_badpri in
618: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
619: ;;
620: no) AC_MSG_ERROR(["--without-badpri not supported."])
621: ;;
622: alert|crit|debug|emerg|err|info|notice|warning)
623: badpri=$with_badpri
624: ;;
625: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
626: ;;
627: esac])
628: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
629: AC_MSG_RESULT($badpri)
630:
631: AC_ARG_WITH(logpath, [AS_HELP_STRING([--with-logpath], [path to the sudo log file])],
632: [case $with_logpath in
633: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
634: ;;
635: no) AC_MSG_ERROR(["--without-logpath not supported."])
636: ;;
637: esac])
638:
639: AC_MSG_CHECKING(how long a line in the log file should be)
640: AC_ARG_WITH(loglen, [AS_HELP_STRING([--with-loglen], [maximum length of a log file line (default is 80)])],
641: [case $with_loglen in
642: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
643: ;;
644: no) AC_MSG_ERROR(["--without-loglen not supported."])
645: ;;
646: [[0-9]]*) loglen=$with_loglen
647: ;;
648: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
649: ;;
650: esac])
651: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
652: AC_MSG_RESULT($loglen)
653:
654: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
655: AC_ARG_WITH(ignore-dot, [AS_HELP_STRING([--with-ignore-dot], [ignore '.' in the PATH])],
656: [case $with_ignore_dot in
657: yes) ignore_dot=on
658: ;;
659: no) ignore_dot=off
660: ;;
661: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
662: ;;
663: esac])
664: if test "$ignore_dot" = "on"; then
665: AC_DEFINE(IGNORE_DOT_PATH)
666: AC_MSG_RESULT(yes)
667: else
668: AC_MSG_RESULT(no)
669: fi
670:
671: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
672: AC_ARG_WITH(mail-if-no-user, [AS_HELP_STRING([--without-mail-if-no-user], [do not send mail if user not in sudoers])],
673: [case $with_mail_if_no_user in
674: yes) mail_no_user=on
675: ;;
676: no) mail_no_user=off
677: ;;
678: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
679: ;;
680: esac])
681: if test "$mail_no_user" = "on"; then
682: AC_DEFINE(SEND_MAIL_WHEN_NO_USER)
683: AC_MSG_RESULT(yes)
684: else
685: AC_MSG_RESULT(no)
686: fi
687:
688: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
689: AC_ARG_WITH(mail-if-no-host, [AS_HELP_STRING([--with-mail-if-no-host], [send mail if user in sudoers but not for this host])],
690: [case $with_mail_if_no_host in
691: yes) mail_no_host=on
692: ;;
693: no) mail_no_host=off
694: ;;
695: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
696: ;;
697: esac])
698: if test "$mail_no_host" = "on"; then
699: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST)
700: AC_MSG_RESULT(yes)
701: else
702: AC_MSG_RESULT(no)
703: fi
704:
705: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
706: AC_ARG_WITH(mail-if-noperms, [AS_HELP_STRING([--with-mail-if-noperms], [send mail if user not allowed to run command])],
707: [case $with_mail_if_noperms in
708: yes) mail_noperms=on
709: ;;
710: no) mail_noperms=off
711: ;;
712: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
713: ;;
714: esac])
715: if test "$mail_noperms" = "on"; then
716: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK)
717: AC_MSG_RESULT(yes)
718: else
719: AC_MSG_RESULT(no)
720: fi
721:
722: AC_MSG_CHECKING(who should get the mail that sudo sends)
723: AC_ARG_WITH(mailto, [AS_HELP_STRING([--with-mailto], [who should get sudo mail (default is "root")])],
724: [case $with_mailto in
725: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
726: ;;
727: no) AC_MSG_ERROR(["--without-mailto not supported."])
728: ;;
729: *) mailto=$with_mailto
730: ;;
731: esac])
732: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
733: AC_MSG_RESULT([$mailto])
734:
735: AC_ARG_WITH(mailsubject, [AS_HELP_STRING([--with-mailsubject], [subject of sudo mail])],
736: [case $with_mailsubject in
737: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
738: ;;
739: no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
740: ;;
741: *) mailsub="$with_mailsubject"
742: AC_MSG_CHECKING(sudo mail subject)
743: AC_MSG_RESULT([Using alert mail subject: $mailsub])
744: ;;
745: esac])
746: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
747:
748: AC_MSG_CHECKING(for bad password prompt)
749: AC_ARG_WITH(passprompt, [AS_HELP_STRING([--with-passprompt], [default password prompt])],
750: [case $with_passprompt in
751: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
752: ;;
753: no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
754: ;;
755: *) passprompt="$with_passprompt"
756: esac])
757: AC_MSG_RESULT($passprompt)
758: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
759:
760: AC_MSG_CHECKING(for bad password message)
761: AC_ARG_WITH(badpass-message, [AS_HELP_STRING([--with-badpass-message], [message the user sees when the password is wrong])],
762: [case $with_badpass_message in
763: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
764: ;;
765: no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
766: ;;
767: *) badpass_message="$with_badpass_message"
768: ;;
769: esac])
770: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
771: AC_MSG_RESULT([$badpass_message])
772:
773: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
774: AC_ARG_WITH(fqdn, [AS_HELP_STRING([--with-fqdn], [expect fully qualified hosts in sudoers])],
775: [case $with_fqdn in
776: yes) fqdn=on
777: ;;
778: no) fqdn=off
779: ;;
780: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
781: ;;
782: esac])
783: if test "$fqdn" = "on"; then
784: AC_DEFINE(FQDN)
785: AC_MSG_RESULT(yes)
786: else
787: AC_MSG_RESULT(no)
788: fi
789:
790: AC_ARG_WITH(timedir, [AS_HELP_STRING([--with-timedir=DIR], [deprecated])],
791: [case $with_timedir in
792: *) AC_MSG_ERROR(["--without-timedir no longer supported, see --with-rundir."])
793: ;;
794: esac])
795:
796: AC_ARG_WITH(rundir, [AS_HELP_STRING([--with-rundir=DIR], [path to the sudo time stamp parent dir])],
797: [case $with_rundir in
798: yes) AC_MSG_ERROR(["must give --with-rundir an argument."])
799: ;;
800: no) AC_MSG_ERROR(["--without-rundir not supported."])
801: ;;
802: esac])
803:
804: AC_ARG_WITH(vardir, [AS_HELP_STRING([--with-vardir=DIR], [path to the sudo var dir])],
805: [case $with_vardir in
806: yes) AC_MSG_ERROR(["must give --with-vardirdir an argument."])
807: ;;
808: no) AC_MSG_ERROR(["--without-vardirdir not supported."])
809: ;;
810: esac])
811:
812: AC_ARG_WITH(iologdir, [AS_HELP_STRING([--with-iologdir=DIR], [directory to store sudo I/O log files in])],
813: [case $with_iologdir in
814: yes) ;;
815: no) AC_MSG_ERROR(["--without-iologdir not supported."])
816: ;;
817: esac])
818:
819: AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail])
820: AS_HELP_STRING([--without-sendmail], [do not send mail at all])],
821: [case $with_sendmail in
822: yes) with_sendmail=""
823: ;;
824: no) ;;
825: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
826: ;;
827: esac])
828:
829: AC_ARG_WITH(sudoers-mode, [AS_HELP_STRING([--with-sudoers-mode], [mode of sudoers file (defaults to 0440)])],
830: [case $with_sudoers_mode in
831: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
832: ;;
833: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
834: ;;
835: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
836: ;;
837: 0*) SUDOERS_MODE=$with_sudoers_mode
838: ;;
839: *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
840: ;;
841: esac])
842:
843: AC_ARG_WITH(sudoers-uid, [AS_HELP_STRING([--with-sudoers-uid], [uid that owns sudoers file (defaults to 0)])],
844: [case $with_sudoers_uid in
845: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
846: ;;
847: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
848: ;;
849: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
850: ;;
851: *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
852: ;;
853: esac])
854:
855: AC_ARG_WITH(sudoers-gid, [AS_HELP_STRING([--with-sudoers-gid], [gid that owns sudoers file (defaults to 0)])],
856: [case $with_sudoers_gid in
857: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
858: ;;
859: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
860: ;;
861: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
862: ;;
863: *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
864: ;;
865: esac])
866:
867: AC_MSG_CHECKING(for umask programs should be run with)
868: AC_ARG_WITH(umask, [AS_HELP_STRING([--with-umask], [umask with which the prog should run (default is 022)])
869: AS_HELP_STRING([--without-umask], [Preserves the umask of the user invoking sudo.])],
870: [case $with_umask in
871: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
872: ;;
873: no) sudo_umask=0777
874: ;;
875: [[0-9]]*) sudo_umask=$with_umask
876: ;;
877: *) AC_MSG_ERROR(["you must enter a numeric mask."])
878: ;;
879: esac])
880: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the sudo-run prog should use.])
881: if test "$sudo_umask" = "0777"; then
882: AC_MSG_RESULT(user)
883: else
884: AC_MSG_RESULT($sudo_umask)
885: fi
886:
887: AC_ARG_WITH(umask-override, [AS_HELP_STRING([--with-umask-override], [Use the umask specified in sudoers even if it is less restrictive than the user's.])],
888: [case $with_umask_override in
889: yes) AC_DEFINE(UMASK_OVERRIDE)
890: umask_override=on
891: ;;
892: no) umask_override=off
893: ;;
894: *) AC_MSG_ERROR(["--with-umask-override does not take an argument."])
895: ;;
896: esac])
897:
898: AC_MSG_CHECKING(for default user to run commands as)
899: AC_ARG_WITH(runas-default, [AS_HELP_STRING([--with-runas-default], [User to run commands as (default is "root")])],
900: [case $with_runas_default in
901: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
902: ;;
903: no) AC_MSG_ERROR(["--without-runas-default not supported."])
904: ;;
905: *) runas_default="$with_runas_default"
906: ;;
907: esac])
908: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
909: AC_MSG_RESULT([$runas_default])
910:
911: AC_ARG_WITH(exempt, [AS_HELP_STRING([--with-exempt=group], [no passwd needed for users in this group])],
912: [case $with_exempt in
913: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
914: ;;
915: no) AC_MSG_ERROR(["--without-exempt not supported."])
916: ;;
917: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
918: AC_MSG_CHECKING(for group to be exempt from password)
919: AC_MSG_RESULT([$with_exempt])
920: ;;
921: esac])
922:
923: AC_MSG_CHECKING(for editor that visudo should use)
924: AC_ARG_WITH(editor, [AS_HELP_STRING([--with-editor=path], [Default editor for visudo (defaults to vi)])],
925: [case $with_editor in
926: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
927: ;;
928: no) AC_MSG_ERROR(["--without-editor not supported."])
929: ;;
930: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
931: AC_MSG_RESULT([$with_editor])
932: editor="$with_editor"
933: ;;
934: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
935:
936: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
937: AC_ARG_WITH(env-editor, [AS_HELP_STRING([--with-env-editor], [Use the environment variable EDITOR for visudo])],
938: [case $with_env_editor in
939: yes) env_editor=on
940: ;;
941: no) env_editor=off
942: ;;
943: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
944: ;;
945: esac])
946: if test "$env_editor" = "on"; then
947: AC_DEFINE(ENV_EDITOR)
948: AC_MSG_RESULT(yes)
949: else
950: AC_MSG_RESULT(no)
951: fi
952:
953: AC_MSG_CHECKING(number of tries a user gets to enter their password)
954: AC_ARG_WITH(passwd-tries, [AS_HELP_STRING([--with-passwd-tries], [number of tries to enter password (default is 3)])],
955: [case $with_passwd_tries in
956: yes) ;;
957: no) AC_MSG_ERROR(["--without-editor not supported."])
958: ;;
959: [[1-9]]*) passwd_tries=$with_passwd_tries
960: ;;
961: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
962: ;;
963: esac])
964: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
965: AC_MSG_RESULT($passwd_tries)
966:
967: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
968: AC_ARG_WITH(timeout, [AS_HELP_STRING([--with-timeout], [minutes before sudo asks for passwd again (def is 5 minutes)])],
969: [case $with_timeout in
970: yes) ;;
971: no) timeout=0
972: ;;
973: [[0-9]]*) timeout=$with_timeout
974: ;;
975: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
976: ;;
977: esac])
978: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
979: AC_MSG_RESULT($timeout)
980:
981: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
982: AC_ARG_WITH(password-timeout, [AS_HELP_STRING([--with-password-timeout], [passwd prompt timeout in minutes (default is 5 minutes)])],
983: [case $with_password_timeout in
984: yes) ;;
985: no) password_timeout=0
986: ;;
987: [[0-9]]*) password_timeout=$with_password_timeout
988: ;;
989: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
990: ;;
991: esac])
992: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
993: AC_MSG_RESULT($password_timeout)
994:
995: AC_MSG_CHECKING(whether to use per-tty ticket files)
996: AC_ARG_WITH(tty-tickets, [AS_HELP_STRING([--with-tty-tickets], [use a different ticket file for each tty])],
997: [case $with_tty_tickets in
998: yes) tty_tickets=on
999: ;;
1000: no) tty_tickets=off
1001: ;;
1002: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
1003: ;;
1004: esac])
1005: if test "$tty_tickets" = "off"; then
1006: AC_DEFINE(NO_TTY_TICKETS)
1007: AC_MSG_RESULT(no)
1008: else
1009: AC_MSG_RESULT(yes)
1010: fi
1011:
1012: AC_MSG_CHECKING(whether to include insults)
1013: AC_ARG_WITH(insults, [AS_HELP_STRING([--with-insults], [insult the user for entering an incorrect password])],
1014: [case $with_insults in
1015: yes) insults=on
1016: with_classic_insults=yes
1017: with_csops_insults=yes
1018: ;;
1019: disabled) insults=off
1020: with_classic_insults=yes
1021: with_csops_insults=yes
1022: ;;
1023: no) insults=off
1024: ;;
1025: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
1026: ;;
1027: esac])
1028: if test "$insults" = "on"; then
1029: AC_DEFINE(USE_INSULTS)
1030: AC_MSG_RESULT(yes)
1031: else
1032: AC_MSG_RESULT(no)
1033: fi
1034:
1035: AC_ARG_WITH(all-insults, [AS_HELP_STRING([--with-all-insults], [include all the sudo insult sets])],
1036: [case $with_all_insults in
1037: yes) with_classic_insults=yes
1038: with_csops_insults=yes
1039: with_hal_insults=yes
1040: with_goons_insults=yes
1041: ;;
1042: no) ;;
1043: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
1044: ;;
1045: esac])
1046:
1047: AC_ARG_WITH(classic-insults, [AS_HELP_STRING([--with-classic-insults], [include the insults from the "classic" sudo])],
1048: [case $with_classic_insults in
1049: yes) AC_DEFINE(CLASSIC_INSULTS)
1050: ;;
1051: no) ;;
1052: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
1053: ;;
1054: esac])
1055:
1056: AC_ARG_WITH(csops-insults, [AS_HELP_STRING([--with-csops-insults], [include CSOps insults])],
1057: [case $with_csops_insults in
1058: yes) AC_DEFINE(CSOPS_INSULTS)
1059: ;;
1060: no) ;;
1061: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
1062: ;;
1063: esac])
1064:
1065: AC_ARG_WITH(hal-insults, [AS_HELP_STRING([--with-hal-insults], [include 2001-like insults])],
1066: [case $with_hal_insults in
1067: yes) AC_DEFINE(HAL_INSULTS)
1068: ;;
1069: no) ;;
1070: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
1071: ;;
1072: esac])
1073:
1074: AC_ARG_WITH(goons-insults, [AS_HELP_STRING([--with-goons-insults], [include the insults from the "Goon Show"])],
1075: [case $with_goons_insults in
1076: yes) AC_DEFINE(GOONS_INSULTS)
1077: ;;
1078: no) ;;
1079: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
1080: ;;
1081: esac])
1082:
1083: AC_ARG_WITH(nsswitch, [AS_HELP_STRING([--with-nsswitch[[=PATH]]], [path to nsswitch.conf])],
1084: [case $with_nsswitch in
1085: no) ;;
1086: yes) with_nsswitch="/etc/nsswitch.conf"
1087: ;;
1088: *) ;;
1089: esac])
1090:
1091: AC_ARG_WITH(ldap, [AS_HELP_STRING([--with-ldap[[=DIR]]], [enable LDAP support])],
1092: [case $with_ldap in
1093: no) ;;
1094: *) AC_DEFINE(HAVE_LDAP)
1095: AC_MSG_CHECKING(whether to use sudoers from LDAP)
1096: AC_MSG_RESULT(yes)
1097: ;;
1098: esac])
1099:
1100: AC_ARG_WITH(ldap-conf-file, [AS_HELP_STRING([--with-ldap-conf-file], [path to LDAP configuration file])])
1101: test -n "$with_ldap_conf_file" && ldap_conf="$with_ldap_conf_file"
1102: SUDO_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "$ldap_conf", [Path to the ldap.conf file])
1103:
1104: AC_ARG_WITH(ldap-secret-file, [AS_HELP_STRING([--with-ldap-secret-file], [path to LDAP secret password file])])
1105: test -n "$with_ldap_secret_file" && ldap_secret="$with_ldap_secret_file"
1106: SUDO_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$ldap_secret", [Path to the ldap.secret file])
1107:
1108: AC_ARG_WITH(pc-insults, [AS_HELP_STRING([--with-pc-insults], [replace politically incorrect insults with less offensive ones])],
1109: [case $with_pc_insults in
1110: yes) AC_DEFINE(PC_INSULTS)
1111: ;;
1112: no) ;;
1113: *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."])
1114: ;;
1115: esac])
1116:
1117: dnl include all insult sets on one line
1118: if test "$insults" = "on"; then
1119: AC_MSG_CHECKING(which insult sets to include)
1120: i=""
1121: test "$with_goons_insults" = "yes" && i="goons ${i}"
1122: test "$with_hal_insults" = "yes" && i="hal ${i}"
1123: test "$with_csops_insults" = "yes" && i="csops ${i}"
1124: test "$with_classic_insults" = "yes" && i="classic ${i}"
1125: AC_MSG_RESULT([$i])
1126: fi
1127:
1128: AC_MSG_CHECKING(whether to override the user's path)
1129: AC_ARG_WITH(secure-path, [AS_HELP_STRING([--with-secure-path], [override the user's path with a built-in one])],
1130: [case $with_secure_path in
1131: yes) with_secure_path="/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc"
1132: AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
1133: AC_MSG_RESULT([$with_secure_path])
1134: secure_path="set to $with_secure_path"
1135: ;;
1136: no) AC_MSG_RESULT(no)
1137: ;;
1138: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
1139: AC_MSG_RESULT([$with_secure_path])
1140: secure_path="set to F<$with_secure_path>"
1141: ;;
1142: esac], AC_MSG_RESULT(no))
1143:
1144: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
1145: AC_ARG_WITH(interfaces, [AS_HELP_STRING([--without-interfaces], [don't try to read the ip addr of ether interfaces])],
1146: [case $with_interfaces in
1147: yes) AC_MSG_RESULT(yes)
1148: ;;
1149: no) AC_DEFINE(STUB_LOAD_INTERFACES)
1150: AC_MSG_RESULT(no)
1151: ;;
1152: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
1153: ;;
1154: esac], AC_MSG_RESULT(yes))
1155:
1156: AC_ARG_WITH(stow, [AS_HELP_STRING([--with-stow], [deprecated])],
1157: [case $with_stow in
1158: *) AC_MSG_NOTICE([--with-stow option deprecated, now is defalt behavior])
1159: ;;
1160: esac])
1161:
1162: AC_MSG_CHECKING(whether to use an askpass helper)
1163: AC_ARG_WITH(askpass, [AS_HELP_STRING([--with-askpass=PATH], [Fully qualified pathname of askpass helper])],
1164: [case $with_askpass in
1165: yes) AC_MSG_ERROR(["--with-askpass takes a path as an argument."])
1166: ;;
1167: no) ;;
1168: *) ;;
1169: esac], [
1170: with_askpass=no
1171: AC_MSG_RESULT(no)
1172: ])
1173: if test X"$with_askpass" != X"no"; then
1174: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_ASKPASS, "$with_askpass")
1175: else
1176: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_ASKPASS, NULL)
1177: fi
1178:
1179: AC_ARG_WITH(plugindir, [AS_HELP_STRING([--with-plugindir=DIR], [set directory to load plugins from])],
1180: [case $with_plugindir in
1181: no) AC_MSG_ERROR(["illegal argument: --without-plugindir."])
1182: ;;
1183: *) ;;
1184: esac], [with_plugindir="$libexecdir/sudo"])
1185:
1186: AC_ARG_WITH(man, [AS_HELP_STRING([--with-man], [manual pages use man macros])],
1187: [case $with_man in
1188: yes) MANTYPE=man
1189: ;;
1190: no) AC_MSG_ERROR(["--without-man not supported."])
1191: ;;
1192: *) AC_MSG_ERROR(["ignoring unknown argument to --with-man: $with_man."])
1193: ;;
1194: esac])
1195:
1196: AC_ARG_WITH(mdoc, [AS_HELP_STRING([--with-mdoc], [manual pages use mdoc macros])],
1197: [case $with_mdoc in
1198: yes) MANTYPE=mdoc
1199: ;;
1200: no) AC_MSG_ERROR(["--without-mdoc not supported."])
1201: ;;
1202: *) AC_MSG_ERROR(["ignoring unknown argument to --with-mdoc: $with_mdoc."])
1203: ;;
1204: esac])
1205:
1206: dnl
1207: dnl Options for --enable
1208: dnl
1209:
1210: AC_MSG_CHECKING(whether to do user authentication by default)
1211: AC_ARG_ENABLE(authentication,
1212: [AS_HELP_STRING([--disable-authentication], [Do not require authentication by default])],
1213: [ case "$enableval" in
1214: yes) AC_MSG_RESULT(yes)
1215: ;;
1216: no) AC_MSG_RESULT(no)
1217: AC_DEFINE(NO_AUTHENTICATION)
1218: ;;
1219: *) AC_MSG_RESULT(no)
1220: AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1221: ;;
1222: esac
1223: ], AC_MSG_RESULT(yes))
1224:
1225: AC_MSG_CHECKING(whether to disable running the mailer as root)
1226: AC_ARG_ENABLE(root-mailer,
1227: [AS_HELP_STRING([--disable-root-mailer], [Don't run the mailer as root, run as the user])],
1228: [ case "$enableval" in
1229: yes) AC_MSG_RESULT(no)
1230: ;;
1231: no) AC_MSG_RESULT(yes)
1232: AC_DEFINE(NO_ROOT_MAILER)
1233: ;;
1234: *) AC_MSG_RESULT(no)
1235: AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1236: ;;
1237: esac
1238: ], AC_MSG_RESULT(no))
1239:
1240: AC_ARG_ENABLE(setreuid,
1241: [AS_HELP_STRING([--disable-setreuid], [Don't try to use the setreuid() function])],
1242: [ case "$enableval" in
1243: no) SKIP_SETREUID=yes
1244: ;;
1245: *) ;;
1246: esac
1247: ])
1248:
1249: AC_ARG_ENABLE(setresuid,
1250: [AS_HELP_STRING([--disable-setresuid], [Don't try to use the setresuid() function])],
1251: [ case "$enableval" in
1252: no) SKIP_SETRESUID=yes
1253: ;;
1254: *) ;;
1255: esac
1256: ])
1257:
1258: AC_MSG_CHECKING(whether to disable shadow password support)
1259: AC_ARG_ENABLE(shadow,
1260: [AS_HELP_STRING([--disable-shadow], [Never use shadow passwords])],
1261: [ case "$enableval" in
1262: yes) AC_MSG_RESULT(no)
1263: ;;
1264: no) AC_MSG_RESULT(yes)
1265: CHECKSHADOW="false"
1266: ;;
1267: *) AC_MSG_RESULT(no)
1268: AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1269: ;;
1270: esac
1271: ], AC_MSG_RESULT(no))
1272:
1273: AC_MSG_CHECKING(whether root should be allowed to use sudo)
1274: AC_ARG_ENABLE(root-sudo,
1275: [AS_HELP_STRING([--disable-root-sudo], [Don't allow root to run sudo])],
1276: [ case "$enableval" in
1277: yes) AC_MSG_RESULT(yes)
1278: ;;
1279: no) AC_DEFINE(NO_ROOT_SUDO)
1280: AC_MSG_RESULT(no)
1281: root_sudo=off
1282: ;;
1283: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1284: ;;
1285: esac
1286: ], AC_MSG_RESULT(yes))
1287:
1288: AC_MSG_CHECKING(whether to log the hostname in the log file)
1289: AC_ARG_ENABLE(log-host,
1290: [AS_HELP_STRING([--enable-log-host], [Log the hostname in the log file])],
1291: [ case "$enableval" in
1292: yes) AC_MSG_RESULT(yes)
1293: AC_DEFINE(HOST_IN_LOG)
1294: ;;
1295: no) AC_MSG_RESULT(no)
1296: ;;
1297: *) AC_MSG_RESULT(no)
1298: AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1299: ;;
1300: esac
1301: ], AC_MSG_RESULT(no))
1302:
1303: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1304: AC_ARG_ENABLE(noargs-shell,
1305: [AS_HELP_STRING([--enable-noargs-shell], [If sudo is given no arguments run a shell])],
1306: [ case "$enableval" in
1307: yes) AC_MSG_RESULT(yes)
1308: AC_DEFINE(SHELL_IF_NO_ARGS)
1309: ;;
1310: no) AC_MSG_RESULT(no)
1311: ;;
1312: *) AC_MSG_RESULT(no)
1313: AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1314: ;;
1315: esac
1316: ], AC_MSG_RESULT(no))
1317:
1318: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1319: AC_ARG_ENABLE(shell-sets-home,
1320: [AS_HELP_STRING([--enable-shell-sets-home], [Set $HOME to target user in shell mode])],
1321: [ case "$enableval" in
1322: yes) AC_MSG_RESULT(yes)
1323: AC_DEFINE(SHELL_SETS_HOME)
1324: ;;
1325: no) AC_MSG_RESULT(no)
1326: ;;
1327: *) AC_MSG_RESULT(no)
1328: AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1329: ;;
1330: esac
1331: ], AC_MSG_RESULT(no))
1332:
1333: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1334: AC_ARG_ENABLE(path_info,
1335: [AS_HELP_STRING([--disable-path-info], [Print 'command not allowed' not 'command not found'])],
1336: [ case "$enableval" in
1337: yes) AC_MSG_RESULT(no)
1338: ;;
1339: no) AC_MSG_RESULT(yes)
1340: AC_DEFINE(DONT_LEAK_PATH_INFO)
1341: path_info=off
1342: ;;
1343: *) AC_MSG_RESULT(no)
1344: AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1345: ;;
1346: esac
1347: ], AC_MSG_RESULT(no))
1348:
1349: AC_MSG_CHECKING(whether to enable environment debugging)
1350: AC_ARG_ENABLE(env_debug,
1351: [AS_HELP_STRING([--enable-env-debug], [Whether to enable environment debugging.])],
1352: [ case "$enableval" in
1353: yes) AC_MSG_RESULT(yes)
1354: AC_DEFINE(ENV_DEBUG)
1355: ;;
1356: no) AC_MSG_RESULT(no)
1357: ;;
1358: *) AC_MSG_RESULT(no)
1359: AC_MSG_WARN([Ignoring unknown argument to --enable-env-debug: $enableval])
1360: ;;
1361: esac
1362: ], AC_MSG_RESULT(no))
1363:
1364: AC_ARG_ENABLE(zlib,
1365: [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])],
1366: [], [enable_zlib=yes])
1367:
1368: AC_MSG_CHECKING(whether to enable environment resetting by default)
1369: AC_ARG_ENABLE(env_reset,
1370: [AS_HELP_STRING([--enable-env-reset], [Whether to enable environment resetting by default.])],
1371: [ case "$enableval" in
1372: yes) env_reset=on
1373: ;;
1374: no) env_reset=off
1375: ;;
1376: *) env_reset=on
1377: AC_MSG_WARN([Ignoring unknown argument to --enable-env-reset: $enableval])
1378: ;;
1379: esac
1380: ])
1381: if test "$env_reset" = "on"; then
1382: AC_MSG_RESULT(yes)
1383: AC_DEFINE(ENV_RESET, 1)
1384: else
1385: AC_MSG_RESULT(no)
1386: AC_DEFINE(ENV_RESET, 0)
1387: fi
1388:
1389: AC_ARG_ENABLE(warnings,
1390: [AS_HELP_STRING([--enable-warnings], [Whether to enable compiler warnings])],
1391: [ case "$enableval" in
1392: yes) ;;
1393: no) ;;
1394: *) AC_MSG_WARN([Ignoring unknown argument to --enable-warnings: $enableval])
1395: ;;
1396: esac
1397: ])
1398:
1399: AC_ARG_ENABLE(werror,
1400: [AS_HELP_STRING([--enable-werror], [Whether to enable the -Werror compiler option])],
1401: [ case "$enableval" in
1402: yes) ;;
1403: no) ;;
1404: *) AC_MSG_WARN([Ignoring unknown argument to --enable-werror: $enableval])
1405: ;;
1406: esac
1407: ])
1408:
1409: AC_ARG_ENABLE(hardening,
1410: [AS_HELP_STRING([--disable-hardening], [Do not use compiler/linker exploit mitigation options])],
1411: [], [enable_hardening=yes])
1412:
1413: AC_ARG_ENABLE(pie,
1414: [AS_HELP_STRING([--enable-pie], [Build sudo as a position independent executable.])])
1415:
1416: AC_ARG_ENABLE(poll,
1417: [AS_HELP_STRING([--disable-poll], [Use select() instead of poll().])])
1418:
1419: AC_ARG_ENABLE(admin-flag,
1420: [AS_HELP_STRING([--enable-admin-flag], [Whether to create a Ubuntu-style admin flag file])],
1421: [ case "$enableval" in
1422: yes) AC_DEFINE(USE_ADMIN_FLAG)
1423: ;;
1424: no) ;;
1425: *) AC_MSG_WARN([Ignoring unknown argument to --enable-admin-flag: $enableval])
1426: ;;
1427: esac
1428: ])
1429:
1430: AC_ARG_ENABLE(nls,
1431: [AS_HELP_STRING([--disable-nls], [Disable natural language support using gettext])],
1432: [], [enable_nls=yes])
1433:
1434: AC_ARG_ENABLE(rpath,
1435: [AS_HELP_STRING([--disable-rpath], [Disable passing of -Rpath to the linker])],
1436: [], [enable_rpath=yes])
1437:
1438: AC_ARG_ENABLE(static-sudoers,
1439: [AS_HELP_STRING([--enable-static-sudoers], [Build the sudoers policy module as part of the sudo binary instead as a plugin])],
1440: [], [enable_static_sudoers=no])
1441:
1442: AC_ARG_WITH(selinux, [AS_HELP_STRING([--with-selinux], [enable SELinux support])],
1443: [case $with_selinux in
1444: yes) SELINUX_USAGE="[[-r role]] [[-t type]] "
1445: AC_DEFINE(HAVE_SELINUX)
1446: SUDO_LIBS="${SUDO_LIBS} -lselinux"
1447: SUDO_OBJS="${SUDO_OBJS} selinux.o"
1448: PROGS="${PROGS} sesh"
1449: SEMAN=1
1450: AC_CHECK_LIB([selinux], [setkeycreatecon],
1451: [AC_DEFINE(HAVE_SETKEYCREATECON)])
1452: ;;
1453: no) ;;
1454: *) AC_MSG_ERROR(["--with-selinux does not take an argument."])
1455: ;;
1456: esac], [with_selinux=no])
1457:
1458: dnl
1459: dnl gss_krb5_ccache_name() may not work on Heimdal so we don't use it by default
1460: dnl
1461: AC_ARG_ENABLE(gss_krb5_ccache_name,
1462: [AS_HELP_STRING([--enable-gss-krb5-ccache-name], [Use GSS-API to set the Kerberos V cred cache name])],
1463: [check_gss_krb5_ccache_name=$enableval], [check_gss_krb5_ccache_name=no])
1464:
1465: dnl
1466: dnl C compiler checks
1467: dnl
1468: AC_SEARCH_LIBS([strerror], [cposix])
1469: AC_PROG_CPP
1470: AC_CHECK_TOOL(AR, ar, false)
1471: AC_CHECK_TOOL(RANLIB, ranlib, :)
1472: if test X"$AR" = X"false"; then
1473: AC_MSG_ERROR([the "ar" utility is required to build sudo])
1474: fi
1475:
1476: if test "x$ac_cv_prog_cc_c89" = "xno"; then
1477: AC_MSG_ERROR([Sudo version $PACKAGE_VERSION requires an ANSI C compiler to build.])
1478: fi
1479:
1480: dnl
1481: dnl If the user specified --disable-static, override them or we'll
1482: dnl be unable to build the executables in the sudoers plugin dir.
1483: dnl
1484: if test "$enable_static" = "no"; then
1485: AC_MSG_WARN([Ignoring --disable-static, sudo does not install static libs])
1486: enable_static=yes
1487: fi
1488:
1489: dnl
1490: dnl Libtool setup, we require libtool 2.2.6b or higher
1491: dnl
1492: AC_CANONICAL_HOST
1493: AC_CONFIG_MACRO_DIR([m4])
1494: LT_PREREQ([2.2.6b])
1495: LT_INIT([dlopen])
1496:
1497: dnl
1498: dnl Allow the user to specify an alternate libtool.
1499: dnl XXX - should be able to skip LT_INIT if we are using a different libtool
1500: dnl
1501: AC_ARG_WITH(libtool, [AS_HELP_STRING([--with-libtool=PATH], [specify path to libtool])],
1502: [case $with_libtool in
1503: yes|builtin) ;;
1504: no) AC_MSG_ERROR(["--without-libtool not supported."])
1505: ;;
1506: system) LIBTOOL=libtool
1507: ;;
1508: *) LIBTOOL="$with_libtool"
1509: ;;
1510: esac])
1511:
1512: dnl
1513: dnl Defer with_noexec until after libtool magic runs
1514: dnl
1515: if test "$enable_shared" = "no"; then
1516: with_noexec=no
1517: enable_dlopen=no
1518: lt_cv_dlopen=none
1519: lt_cv_dlopen_libs=
1520: ac_cv_func_dlopen=no
1521: LT_LDFLAGS=-static
1522: else
1523: eval _shrext="$shrext_cmds"
1524: # Darwin uses .dylib for libraries but .so for modules
1525: if test X"$_shrext" = X".dylib"; then
1526: SOEXT=".so"
1527: SHLIB_EXT=".dylib"
1528: else
1529: SOEXT="$_shrext"
1530: SHLIB_EXT="$_shrext"
1531: fi
1532: fi
1533: LIBDL="$lt_cv_dlopen_libs"
1534:
1535: AC_MSG_CHECKING(path to sudo_noexec.so)
1536: AC_ARG_WITH(noexec, [AS_HELP_STRING([--with-noexec[=PATH]], [fully qualified pathname of sudo_noexec.so])],
1537: [case $with_noexec in
1538: yes) with_noexec="$libexecdir/sudo/sudo_noexec.so"
1539: ;;
1540: no) ;;
1541: *) ;;
1542: esac], [with_noexec="$libexecdir/sudo/sudo_noexec.so"])
1543: AC_MSG_RESULT($with_noexec)
1544: NOEXECFILE="sudo_noexec.so"
1545: NOEXECDIR="`echo $with_noexec|sed -e 's:^${\([[^}]]*\)}:$(\1):' -e 's:^\(.*\)/[[^/]]*:\1:'`"
1546:
1547: dnl
1548: dnl Find programs we use
1549: dnl
1550: AC_PATH_PROG(UNAMEPROG, [uname], [uname])
1551: AC_PATH_PROG(TRPROG, [tr], [tr])
1552: AC_PATH_PROG(MANDOCPROG, [mandoc], [mandoc])
1553: if test "$MANDOCPROG" != "mandoc"; then
1554: : ${MANTYPE='mdoc'}
1555: else
1556: AC_PATH_PROG(NROFFPROG, [nroff])
1557: if test -n "$NROFFPROG"; then
1558: test -n "$MANTYPE" && sudo_cv_var_mantype="$MANTYPE"
1559: AC_CACHE_CHECK([which macro set to use for manual pages],
1560: [sudo_cv_var_mantype],
1561: [
1562: sudo_cv_var_mantype="man"
1563: echo ".Sh NAME" > conftest
1564: echo ".Nm sudo" >> conftest
1565: echo ".Nd sudo" >> conftest
1566: echo ".Sh DESCRIPTION" >> conftest
1567: echo "sudo" >> conftest
1568: if $NROFFPROG -mdoc conftest >/dev/null 2>&1; then
1569: sudo_cv_var_mantype="mdoc"
1570: fi
1571: rm -f conftest
1572: ]
1573: )
1574: MANTYPE="$sudo_cv_var_mantype"
1575: else
1576: MANTYPE=cat
1577: MANDIRTYPE=cat
1578: mansrcdir='$(srcdir)'
1579: fi
1580: fi
1581:
1582: dnl
1583: dnl What kind of beastie are we being run on?
1584: dnl Barf if config.cache was generated on another host.
1585: dnl
1586: if test -n "$sudo_cv_prev_host"; then
1587: if test "$sudo_cv_prev_host" != "$host"; then
1588: AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1589: else
1590: AC_MSG_CHECKING(previous host type)
1591: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1592: AC_MSG_RESULT([$sudo_cv_prev_host])
1593: fi
1594: else
1595: # this will produce no output since there is no cached value
1596: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1597: fi
1598:
1599: dnl
1600: dnl We want to be able to differentiate between different rev's
1601: dnl
1602: if test -n "$host_os"; then
1603: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1604: OSREV=`echo $host_os | sed 's/^[[^0-9\.]]*\([[0-9\.]]*\).*$/\1/'`
1605: OSMAJOR=`echo $OSREV | sed 's/\..*$//'`
1606: else
1607: OS="unknown"
1608: OSREV=0
1609: OSMAJOR=0
1610: fi
1611:
1612: case "$host" in
1613: *-*-sunos4*)
1614: # LD_PRELOAD is space-delimited
1615: RTLD_PRELOAD_DELIM=" "
1616:
1617: # getcwd(3) opens a pipe to getpwd(1)!?!
1618: BROKEN_GETCWD=1
1619:
1620: # system headers lack prototypes but gcc helps...
1621: if test -n "$GCC"; then
1622: OSDEFS="${OSDEFS} -D__USE_FIXED_PROTOTYPES__"
1623: fi
1624:
1625: shadow_funcs="getpwanam issecure"
1626: ;;
1627: *-*-solaris2*)
1628: # LD_PRELOAD is space-delimited
1629: RTLD_PRELOAD_DELIM=" "
1630:
1631: # Solaris-specific initialization
1632: OS_INIT=os_init_solaris
1633: SUDO_OBJS="${SUDO_OBJS} solaris.o"
1634:
1635: # To get the crypt(3) prototype (so we pass -Wall)
1636: OSDEFS="${OSDEFS} -D__EXTENSIONS__"
1637: # AFS support needs -lucb
1638: if test "$with_AFS" = "yes"; then
1639: AFS_LIBS="-lc -lucb"
1640: fi
1641: : ${mansectsu='1m'}
1642: : ${mansectform='4'}
1643: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1644: AC_CHECK_FUNCS(priv_set, [PSMAN=1])
1645: ;;
1646: *-*-aix*)
1647: # To get all prototypes (so we pass -Wall)
1648: OSDEFS="${OSDEFS} -D_ALL_SOURCE -D_LINUX_SOURCE_COMPAT"
1649: SUDOERS_LDFLAGS="${SUDOERS_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1650:
1651: # On AIX 6 and higher default to PAM, else default to LAM
1652: if test $OSMAJOR -ge 6; then
1653: if test X"$with_pam" = X""; then
1654: AUTH_EXCL_DEF="PAM"
1655: fi
1656: else
1657: if test X"$with_aixauth" = X""; then
1658: AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
1659: fi
1660: fi
1661:
1662: # AIX analog of nsswitch.conf, enabled by default
1663: AC_ARG_WITH(netsvc, [AS_HELP_STRING([--with-netsvc[[=PATH]]], [path to netsvc.conf])],
1664: [case $with_netsvc in
1665: no) ;;
1666: yes) with_netsvc="/etc/netsvc.conf"
1667: ;;
1668: *) ;;
1669: esac])
1670: if test -z "$with_nsswitch" -a -z "$with_netsvc"; then
1671: with_netsvc="/etc/netsvc.conf"
1672: fi
1673:
1674: # LDR_PRELOAD is only supported in AIX 5.3 and later
1675: if test $OSMAJOR -lt 5; then
1676: with_noexec=no
1677: else
1678: RTLD_PRELOAD_VAR="LDR_PRELOAD"
1679: fi
1680:
1681: # Remove timedir on boot, AIX does not have /var/run
1682: INIT_SCRIPT=aix.sh
1683: INIT_DIR=/etc/rc.d/init.d
1684: RC_LINK=/etc/rc.d/rc2.d/S90sudo
1685:
1686: # AIX-specific functions
1687: AC_CHECK_FUNCS(getuserattr setauthdb setrlimit64)
1688: COMMON_OBJS="${COMMON_OBJS} aix.lo"
1689: ;;
1690: *-*-hiuxmpp*)
1691: : ${mansectsu='1m'}
1692: : ${mansectform='4'}
1693:
1694: # HP-UX does not clear /var/run so we need to do it
1695: INIT_SCRIPT=hpux.sh
1696: INIT_DIR=/sbin/init.d
1697: RC_LINK=/sbin/rc2.d/S900sudo
1698:
1699: # HP-UX shared libs must be executable
1700: SHLIB_MODE=0755
1701:
1702: AC_CHECK_FUNCS(pstat_getproc)
1703: ;;
1704: *-*-hpux*)
1705: # AFS support needs -lBSD
1706: if test "$with_AFS" = "yes"; then
1707: AFS_LIBS="-lc -lBSD"
1708: fi
1709: : ${mansectsu='1m'}
1710: : ${mansectform='4'}
1711:
1712: # HP-UX does not clear /var/run so we need to do it
1713: INIT_SCRIPT=hpux.sh
1714: INIT_DIR=/sbin/init.d
1715: RC_LINK=/sbin/rc2.d/S900sudo
1716:
1717: # HP-UX shared libs must be executable
1718: SHLIB_MODE=0755
1719:
1720: # The HP bundled compiler cannot generate shared libs
1721: if test -z "$GCC"; then
1722: AC_CACHE_CHECK([for HP bundled C compiler],
1723: [sudo_cv_var_hpccbundled],
1724: [if $CC -V 2>&1 | grep '^(Bundled)' >/dev/null 2>&1; then
1725: sudo_cv_var_hpccbundled=yes
1726: else
1727: sudo_cv_var_hpccbundled=no
1728: fi]
1729: )
1730: if test "$sudo_cv_var_hpccbundled" = "yes"; then
1731: AC_MSG_ERROR([The HP bundled C compiler is unable to build Sudo, you must use gcc or the HP ANSI C compiler instead.])
1732: fi
1733: fi
1734:
1735: # Build PA-RISC1.1 objects for better portability
1736: case "$host_cpu" in
1737: hppa[[2-9]]*)
1738: _CFLAGS="$CFLAGS"
1739: if test -n "$GCC"; then
1740: portable_flag="-march=1.1"
1741: else
1742: portable_flag="+DAportable"
1743: fi
1744: CFLAGS="$CFLAGS $portable_flag"
1745: AC_CACHE_CHECK([whether $CC understands $portable_flag],
1746: [sudo_cv_var_daportable],
1747: [AC_LINK_IFELSE(
1748: [AC_LANG_PROGRAM([[]], [[]])],
1749: [sudo_cv_var_daportable=yes],
1750: [sudo_cv_var_daportable=no]
1751: )
1752: ]
1753: )
1754: if test X"$sudo_cv_var_daportable" != X"yes"; then
1755: CFLAGS="$_CFLAGS"
1756: fi
1757: ;;
1758: esac
1759:
1760: case "$host_os" in
1761: hpux[[1-8]].*)
1762: AC_DEFINE(BROKEN_SYSLOG)
1763: ;;
1764: hpux9.*)
1765: AC_DEFINE(BROKEN_SYSLOG)
1766:
1767: shadow_funcs="getspwuid"
1768:
1769: # DCE support (requires ANSI C compiler)
1770: if test "$with_DCE" = "yes"; then
1771: # order of libs in 9.X is important. -lc_r must be last
1772: SUDOERS_LIBS="${SUDOERS_LIBS} -ldce -lM -lc_r"
1773: LIBS="${LIBS} -ldce -lM -lc_r"
1774: SUDO_APPEND_CPPFLAGS(-D_REENTRANT)
1775: SUDO_APPEND_CPPFLAGS(-I/usr/include/reentrant)
1776: fi
1777: ;;
1778: hpux10.*)
1779: shadow_funcs="getprpwnam iscomsec"
1780: shadow_libs="-lsec"
1781: # HP-UX 10.20 libc has an incompatible getline
1782: ac_cv_func_getline="no"
1783: ;;
1784: *)
1785: shadow_funcs="getspnam iscomsec"
1786: shadow_libs="-lsec"
1787: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1788: ;;
1789: esac
1790: AC_CHECK_FUNCS(pstat_getproc)
1791: ;;
1792: *-dec-osf*)
1793: # ignore envariables wrt dynamic lib path
1794: # XXX - sudo LDFLAGS instead?
1795: SUDOERS_LDFLAGS="${SUDOERS_LDFLAGS} -Wl,-no_library_replacement"
1796:
1797: : ${CHECKSIA='true'}
1798: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1799: AC_ARG_ENABLE(sia,
1800: [AS_HELP_STRING([--disable-sia], [Disable SIA on Digital UNIX])],
1801: [ case "$enableval" in
1802: yes) AC_MSG_RESULT(no)
1803: CHECKSIA=true
1804: ;;
1805: no) AC_MSG_RESULT(yes)
1806: CHECKSIA=false
1807: ;;
1808: *) AC_MSG_RESULT(no)
1809: AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1810: ;;
1811: esac
1812: ], AC_MSG_RESULT(no))
1813:
1814: shadow_funcs="getprpwnam dispcrypt"
1815: # OSF/1 4.x and higher need -ldb too
1816: if test $OSMAJOR -lt 4; then
1817: shadow_libs="-lsecurity -laud -lm"
1818: else
1819: shadow_libs="-lsecurity -ldb -laud -lm"
1820: fi
1821:
1822: # use SIA by default, if we have it
1823: test "$CHECKSIA" = "true" && AUTH_EXCL_DEF="SIA"
1824:
1825: #
1826: # Some versions of Digital Unix ship with a broken
1827: # copy of prot.h, which we need for shadow passwords.
1828: # XXX - make should remove this as part of distclean
1829: #
1830: AC_MSG_CHECKING([for broken prot.h])
1831: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1832: #include <sys/types.h>
1833: #include <sys/security.h>
1834: #include <prot.h>
1835: ]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
1836: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1837: ])
1838: # ":DEFAULT" must be appended to _RLD_LIST
1839: RTLD_PRELOAD_VAR="_RLD_LIST"
1840: RTLD_PRELOAD_DEFAULT="DEFAULT"
1841: : ${mansectsu='8'}
1842: : ${mansectform='4'}
1843: ;;
1844: *-*-irix*)
1845: OSDEFS="${OSDEFS} -D_BSD_TYPES"
1846: if test -z "$NROFFPROG"; then
1847: if test "$prefix" = "/usr/local" -a "$mandir" = '${datarootdir}/man'; then
1848: if test -d /usr/share/catman/local; then
1849: mandir="/usr/share/catman/local"
1850: else
1851: mandir="/usr/catman/local"
1852: fi
1853: fi
1854: # Compress cat pages with pack
1855: MANCOMPRESS='pack'
1856: MANCOMPRESSEXT='.z'
1857: else
1858: if test "$prefix" = "/usr/local" -a "$mandir" = '${datarootdir}/man'; then
1859: if test -d "/usr/share/man/local"; then
1860: mandir="/usr/share/man/local"
1861: else
1862: mandir="/usr/man/local"
1863: fi
1864: fi
1865: fi
1866: # IRIX <= 4 needs -lsun
1867: if test "$OSMAJOR" -le 4; then
1868: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1869: fi
1870: # ":DEFAULT" must be appended to _RLD_LIST
1871: RTLD_PRELOAD_VAR="_RLD_LIST"
1872: RTLD_PRELOAD_DEFAULT="DEFAULT"
1873: : ${mansectsu='1m'}
1874: : ${mansectform='4'}
1875: ;;
1876: *-*-linux*|*-*-k*bsd*-gnu)
1877: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1878: # Some Linux versions need to link with -lshadow
1879: shadow_funcs="getspnam"
1880: shadow_libs_optional="-lshadow"
1881: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1882: ;;
1883: *-convex-bsd*)
1884: OSDEFS="${OSDEFS} -D_CONVEX_SOURCE"
1885: if test -z "$GCC"; then
1886: CFLAGS="${CFLAGS} -D__STDC__"
1887: fi
1888:
1889: shadow_defs="-D_AUDIT -D_ACL -DSecureWare"
1890: shadow_funcs="getprpwnam"
1891: shadow_libs="-lprot"
1892: ;;
1893: *-*-ultrix*)
1894: OS="ultrix"
1895: shadow_funcs="getauthuid"
1896: shadow_libs="-lauth"
1897: ;;
1898: *-*-riscos*)
1899: LIBS="${LIBS} -lsun -lbsd"
1900: SUDO_APPEND_CPPFLAGS(-I/usr/include)
1901: SUDO_APPEND_CPPFLAGS(-I/usr/include/bsd)
1902: OSDEFS="${OSDEFS} -D_MIPS"
1903: : ${mansectsu='1m'}
1904: : ${mansectform='4'}
1905: ;;
1906: *-*-isc*)
1907: OSDEFS="${OSDEFS} -D_ISC"
1908: LIB_CRYPT=1
1909: SUDOERS_LIBS="${SUDOERS_LIBS} -lcrypt"
1910:
1911: shadow_funcs="getspnam"
1912: shadow_libs="-lsec"
1913:
1914: : ${mansectsu='1m'}
1915: : ${mansectform='4'}
1916: ;;
1917: *-*-sco*|*-sco-*)
1918: shadow_funcs="getprpwnam"
1919: shadow_libs="-lprot -lx"
1920: : ${mansectsu='1m'}
1921: : ${mansectform='4'}
1922: ;;
1923: m88k-motorola-sysv*)
1924: # motorolla's cc (a variant of gcc) does -O but not -O2
1925: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1926: : ${mansectsu='1m'}
1927: : ${mansectform='4'}
1928: ;;
1929: *-sequent-sysv*)
1930: shadow_funcs="getspnam"
1931: shadow_libs="-lsec"
1932: : ${mansectsu='1m'}
1933: : ${mansectform='4'}
1934: ;;
1935: *-ncr-sysv4*|*-ncr-sysvr4*)
1936: AC_CHECK_LIB(c89, strcasecmp, [LIBS="${LIBS} -lc89"])
1937: : ${mansectsu='1m'}
1938: : ${mansectform='4'}
1939: ;;
1940: *-ccur-sysv4*|*-ccur-sysvr4*)
1941: LIBS="${LIBS} -lgen"
1942: : ${mansectsu='1m'}
1943: : ${mansectform='4'}
1944: ;;
1945: *-*-bsdi*)
1946: SKIP_SETREUID=yes
1947: # Check for newer BSD auth API
1948: if test -z "$with_bsdauth"; then
1949: AC_CHECK_FUNCS(auth_challenge, [AUTH_EXCL_DEF="BSD_AUTH"])
1950: fi
1951: ;;
1952: *-*-freebsd*)
1953: # FreeBSD has a real setreuid(2) starting with 2.1 and
1954: # backported to 2.0.5. We just take 2.1 and above...
1955: case "$OSREV" in
1956: 0.*|1.*|2.0*)
1957: SKIP_SETREUID=yes
1958: ;;
1959: esac
1960: OSDEFS="${OSDEFS} -D_BSD_SOURCE"
1961: if test "${with_skey-'no'}" = "yes"; then
1962: SUDOERS_LIBS="${SUDOERS_LIBS} -lmd"
1963: fi
1964: CHECKSHADOW="false"
1965: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1966: : ${with_logincap='maybe'}
1967: ;;
1968: *-*-*openbsd*)
1969: # OpenBSD-specific initialization
1970: OS_INIT=os_init_openbsd
1971: SUDO_OBJS="${SUDO_OBJS} openbsd.o"
1972:
1973: # OpenBSD has a real setreuid(2) starting with 3.3 but
1974: # we will use setresuid(2) instead.
1975: SKIP_SETREUID=yes
1976: OSDEFS="${OSDEFS} -D_BSD_SOURCE"
1977: CHECKSHADOW="false"
1978: # OpenBSD >= 3.0 supports BSD auth
1979: if test -z "$with_bsdauth"; then
1980: if test "$OSMAJOR" -ge 3; then
1981: AUTH_EXCL_DEF="BSD_AUTH"
1982: fi
1983: fi
1984: : ${with_logincap='maybe'}
1985: ;;
1986: *-*-*netbsd*)
1987: # NetBSD has a real setreuid(2) starting with 1.3.2
1988: case "$OSREV" in
1989: 0.9*|1.[[012]]*|1.3|1.3.1)
1990: SKIP_SETREUID=yes
1991: ;;
1992: esac
1993: CHECKSHADOW="false"
1994: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1995: : ${with_logincap='maybe'}
1996: ;;
1997: *-*-dragonfly*)
1998: OSDEFS="${OSDEFS} -D_BSD_SOURCE"
1999: if test "${with_skey-'no'}" = "yes"; then
2000: SUDOERS_LIBS="${SUDOERS_LIBS} -lmd"
2001: fi
2002: CHECKSHADOW="false"
2003: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
2004: : ${with_logincap='yes'}
2005: ;;
2006: *-*-*bsd*)
2007: CHECKSHADOW="false"
2008: ;;
2009: *-*-darwin*)
2010: # Darwin has a real setreuid(2) starting with 9.0
2011: if test $OSMAJOR -lt 9; then
2012: SKIP_SETREUID=yes
2013: fi
2014: CHECKSHADOW="false"
2015: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
2016: : ${with_logincap='yes'}
2017: # Darwin has a broken poll()
2018: : ${enable_poll='no'}
2019: # Darwin 8 and above can interpose library symbols cleanly
2020: if test $OSMAJOR -ge 8; then
2021: AC_DEFINE(HAVE___INTERPOSE)
2022: dlyld_interpose=yes
2023: else
2024: RTLD_PRELOAD_ENABLE_VAR="DYLD_FORCE_FLAT_NAMESPACE"
2025: fi
2026: RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES"
2027: ;;
2028: *-*-nextstep*)
2029: # lockf() on is broken on the NeXT -- use flock instead
2030: ac_cv_func_lockf=no
2031: ac_cv_func_flock=yes
2032: RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES"
2033: RTLD_PRELOAD_ENABLE_VAR="DYLD_FORCE_FLAT_NAMESPACE"
2034: ;;
2035: *-*-*sysv4*)
2036: : ${mansectsu='1m'}
2037: : ${mansectform='4'}
2038: ;;
2039: *-*-sysv*)
2040: : ${mansectsu='1m'}
2041: : ${mansectform='4'}
2042: ;;
2043: *-gnu*)
2044: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
2045: ;;
2046: esac
2047:
2048: dnl
2049: dnl Library preloading to support NOEXEC
2050: dnl
2051: if test -n "$with_noexec"; then
2052: SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_VAR, "$RTLD_PRELOAD_VAR")
2053: SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_DELIM, "$RTLD_PRELOAD_DELIM")
2054: if test -n "$RTLD_PRELOAD_DEFAULT"; then
2055: SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_DEFAULT, "$RTLD_PRELOAD_DEFAULT")
2056: fi
2057: if test -n "$RTLD_PRELOAD_ENABLE_VAR"; then
2058: SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_ENABLE_VAR, "$RTLD_PRELOAD_ENABLE_VAR")
2059: fi
2060: fi
2061:
2062: dnl
2063: dnl Check for mixing mutually exclusive and regular auth methods
2064: dnl
2065: AUTH_REG=${AUTH_REG# }
2066: AUTH_EXCL=${AUTH_EXCL# }
2067: if test -n "$AUTH_EXCL"; then
2068: set -- $AUTH_EXCL
2069: if test $# != 1; then
2070: AC_MSG_ERROR([More than one mutually exclusive authentication method specified: $AUTH_EXCL])
2071: fi
2072: if test -n "$AUTH_REG"; then
2073: AC_MSG_ERROR([Cannot mix mutually exclusive ($AUTH_EXCL) and regular ($AUTH_REG) authentication methods])
2074: fi
2075: fi
2076: dnl
2077: dnl Only one of S/Key and OPIE may be specified
2078: dnl
2079: if test X"${with_skey}${with_opie}" = X"yesyes"; then
2080: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
2081: fi
2082:
2083: dnl
2084: dnl Use BSD-style man sections by default
2085: dnl
2086: : ${mansectsu='8'}
2087: : ${mansectform='5'}
2088:
2089: dnl
2090: dnl Add in any libpaths or libraries specified via configure
2091: dnl
2092: if test -n "$with_libpath"; then
2093: for i in ${with_libpath}; do
2094: SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
2095: done
2096: fi
2097: if test -n "$with_libraries"; then
2098: for i in ${with_libraries}; do
2099: case $i in
2100: -l*) ;;
2101: *.a) ;;
2102: *.o) ;;
2103: *) i="-l${i}";;
2104: esac
2105: LIBS="${LIBS} ${i}"
2106: done
2107: fi
2108:
2109: dnl
2110: dnl C compiler checks (to be done after os checks)
2111: dnl
2112: AC_PROG_GCC_TRADITIONAL
2113: AC_C_CONST
2114: AC_C_VOLATILE
2115: AC_MSG_CHECKING([for variadic macro support in cpp])
2116: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
2117: AC_INCLUDES_DEFAULT
2118: #if defined(__GNUC__) && __GNUC__ == 2
2119: # define sudo_fprintf(fp, fmt...) fprintf((fp), (fmt))
2120: #else
2121: # define sudo_fprintf(fp, ...) fprintf((fp), __VA_ARGS__)
2122: #endif
2123: ], [sudo_fprintf(stderr, "a %s", "test");])], [AC_MSG_RESULT([yes])],
2124: [AC_MSG_RESULT([no])
2125: AC_DEFINE([NO_VARIADIC_MACROS], [1], [Define if your C preprocessor does not support variadic macros.])
2126: AC_MSG_WARN([Your C preprocessor doesn't support variadic macros, debugging support will be limited])])
2127:
2128: dnl
2129: dnl Program checks
2130: dnl
2131: AC_PROG_YACC
2132: AC_PATH_PROG([FLEX], [flex], [flex])
2133: SUDO_PROG_MV
2134: SUDO_PROG_BSHELL
2135: if test -z "$with_sendmail"; then
2136: SUDO_PROG_SENDMAIL
2137: fi
2138: SUDO_PROG_VI
2139: dnl
2140: dnl Check for authpriv support in syslog
2141: dnl
2142: AC_MSG_CHECKING(which syslog facility sudo should log with)
2143: if test X"$with_logfac" = X""; then
2144: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <syslog.h>]], [[int i = LOG_AUTHPRIV; (void)i;]])], [logfac=authpriv])
2145: fi
2146: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
2147: AC_MSG_RESULT($logfac)
2148: dnl
2149: dnl Header file checks
2150: dnl
2151: AC_HEADER_STDC
2152: AC_HEADER_DIRENT
2153: AC_HEADER_TIME
2154: AC_HEADER_STDBOOL
2155: AC_HEADER_MAJOR
2156: AC_CHECK_HEADERS(malloc.h netgroup.h paths.h spawn.h utime.h utmpx.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h)
2157: AC_CHECK_HEADERS([endian.h] [sys/endian.h] [machine/endian.h], [break])
2158: AC_CHECK_HEADERS([procfs.h] [sys/procfs.h], [AC_CHECK_MEMBERS(struct psinfo.pr_ttydev, [AC_CHECK_FUNCS(_ttyname_dev)], [], [AC_INCLUDES_DEFAULT
2159: #ifdef HAVE_PROCFS_H
2160: #include <procfs.h>
2161: #endif
2162: #ifdef HAVE_SYS_PROCFS_H
2163: #include <sys/procfs.h>
2164: #endif
2165: ])]
2166: break)
2167: #
2168: # Check for large file support.
2169: #
2170: AC_SYS_LARGEFILE
2171: #
2172: # HP-UX may need to define _XOPEN_SOURCE_EXTENDED to expose MSG_WAITALL.
2173: # Also, HP-UX 11.23 has a broken sys/types.h when large files support
2174: # is enabled and _XOPEN_SOURCE_EXTENDED is not also defined.
2175: # The following test will define _XOPEN_SOURCE_EXTENDED in either case.
2176: #
2177: case "$host_os" in
2178: hpux*)
2179: AC_CACHE_CHECK([whether sys/socket.h needs _XOPEN_SOURCE_EXTENDED for MSG_WAITALL], [sudo_cv_xopen_source_extended],
2180: [AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
2181: # include <sys/socket.h>], [int a = MSG_WAITALL; return a;])],
2182: [sudo_cv_xopen_source_extended=no], [
2183: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#define _XOPEN_SOURCE_EXTENDED
2184: AC_INCLUDES_DEFAULT
2185: # include <sys/socket.h>], [int a = MSG_WAITALL; return a;])],
2186: [sudo_cv_xopen_source_extended=yes],
2187: [sudo_cv_xopen_source_extended=error])
2188: ])])
2189: if test "$sudo_cv_xopen_source_extended" = "yes"; then
2190: OSDEFS="${OSDEFS} -D_XOPEN_SOURCE_EXTENDED"
2191: SUDO_DEFINE(_XOPEN_SOURCE_EXTENDED)
2192: fi
2193: ;;
2194: esac
2195: AC_SYS_POSIX_TERMIOS
2196: if test "$ac_cv_sys_posix_termios" != "yes"; then
2197: AC_MSG_ERROR([Must have POSIX termios to build sudo])
2198: fi
2199: SUDO_MAILDIR
2200: if test ${with_logincap-'no'} != "no"; then
2201: AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class]] '; LCMAN=1
2202: case "$OS" in
2203: freebsd|netbsd)
2204: SUDO_LIBS="${SUDO_LIBS} -lutil"
2205: SUDOERS_LIBS="${SUDOERS_LIBS} -lutil"
2206: ;;
2207: esac
2208: ])
2209: fi
2210: if test ${with_project-'no'} != "no"; then
2211: AC_CHECK_HEADER(project.h, [
2212: AC_CHECK_LIB(project, setproject, [
2213: AC_DEFINE(HAVE_PROJECT_H)
2214: SUDO_LIBS="${SUDO_LIBS} -lproject"
2215: ])
2216: ], [])
2217: fi
2218: dnl
2219: dnl typedef checks
2220: dnl We need to define __STDC_WANT_LIB_EXT1__ for errno_t and rsize_t
2221: dnl
2222: SUDO_APPEND_CPPFLAGS(-D__STDC_WANT_LIB_EXT1__=1)
2223: AC_TYPE_MODE_T
2224: AC_TYPE_UID_T
2225: AC_CHECK_TYPE([clockid_t], [], [AC_DEFINE(clockid_t, int)], [#include <sys/types.h>
2226: #include <time.h>])
2227: AC_CHECK_TYPE([sig_atomic_t], [], [AC_DEFINE(sig_atomic_t, int)], [#include <sys/types.h>
2228: #include <signal.h>])
2229: AC_CHECK_TYPES([sigaction_t], [], [], [#include <sys/types.h>
2230: #include <signal.h>])
2231: AC_CHECK_TYPES([struct timespec], [], [], [#include <sys/types.h>
2232: #ifdef TIME_WITH_SYS_TIME
2233: # include <sys/time.h>
2234: #endif
2235: #include <time.h>])
2236: AC_CHECK_TYPES([struct in6_addr], [], [], [#include <sys/types.h>
2237: #include <netinet/in.h>])
2238: AC_TYPE_LONG_LONG_INT
2239: if test X"$ac_cv_type_long_long_int" != X"yes"; then
2240: AC_MSG_ERROR(["C compiler does not appear to support the long long int type"])
2241: fi
2242: AC_CHECK_SIZEOF([long int])
2243: AC_CHECK_TYPE(id_t, unsigned int)
2244: AC_CHECK_TYPE(size_t, unsigned int)
2245: AC_CHECK_TYPE(ssize_t, int)
2246: AC_CHECK_TYPE(dev_t, int)
2247: AC_CHECK_TYPE(ino_t, unsigned int)
2248: AC_CHECK_TYPE(uint8_t, unsigned char)
2249: AC_CHECK_TYPE(uint32_t, unsigned int)
2250: AC_CHECK_TYPE(uint64_t, unsigned long long)
2251: AC_CHECK_TYPE(socklen_t, [], [AC_DEFINE(socklen_t, unsigned int)], [
2252: AC_INCLUDES_DEFAULT
2253: #include <sys/socket.h>])
2254: AC_CHECK_TYPE(rsize_t, size_t)
2255: AC_CHECK_TYPE(errno_t, int)
2256: SUDO_UID_T_LEN
2257: SUDO_SOCK_SA_LEN
2258: SUDO_SOCK_SIN_LEN
2259: dnl
2260: dnl Check for utmp/utmpx struct members.
2261: dnl We need to include OSDEFS for glibc which only has __e_termination
2262: dnl visible when _GNU_SOURCE is *not* defined.
2263: dnl
2264: _CFLAGS="$CFLAGS"
2265: CFLAGS="$CFLAGS $OSDEFS"
2266: if test $ac_cv_header_utmpx_h = "yes"; then
2267: AC_CHECK_MEMBERS([struct utmpx.ut_id, struct utmpx.ut_pid, struct utmpx.ut_tv, struct utmpx.ut_type], [], [], [
2268: # include <sys/types.h>
2269: # include <utmpx.h>
2270: ])
2271: dnl
2272: dnl Check for ut_exit.__e_termination first, then ut_exit.e_termination
2273: dnl
2274: AC_CHECK_MEMBERS([struct utmpx.ut_exit.__e_termination], [AC_DEFINE(HAVE_STRUCT_UTMPX_UT_EXIT)], [
2275: AC_CHECK_MEMBERS([struct utmpx.ut_exit.e_termination], [AC_DEFINE(HAVE_STRUCT_UTMPX_UT_EXIT)], [], [
2276: # include <sys/types.h>
2277: # include <utmpx.h>
2278: ])
2279: ], [
2280: # include <sys/types.h>
2281: # include <utmpx.h>
2282: ])
2283: else
2284: AC_CHECK_MEMBERS([struct utmp.ut_id, struct utmp.ut_pid, struct utmp.ut_tv, struct utmp.ut_type, struct utmp.ut_user], [], [], [
2285: # include <sys/types.h>
2286: # include <utmp.h>
2287: ])
2288: dnl
2289: dnl Check for ut_exit.__e_termination first, then ut_exit.e_termination
2290: dnl
2291: AC_CHECK_MEMBERS([struct utmp.ut_exit.__e_termination], [AC_DEFINE(HAVE_STRUCT_UTMP_UT_EXIT)], [
2292: AC_CHECK_MEMBERS([struct utmp.ut_exit.e_termination], [AC_DEFINE(HAVE_STRUCT_UTMP_UT_EXIT)], [], [
2293: # include <sys/types.h>
2294: # include <utmp.h>
2295: ])
2296: ], [
2297: # include <sys/types.h>
2298: # include <utmp.h>
2299: ])
2300: fi
2301: CFLAGS="$_CFLAGS"
2302:
2303: dnl
2304: dnl Function checks
2305: dnl
2306: AC_FUNC_GETGROUPS
2307: AC_CHECK_FUNCS(glob nl_langinfo regcomp setenv strftime strrchr strtoll \
2308: sysconf tzset)
2309: AC_CHECK_FUNCS(getgrouplist, [], [
2310: case "$host_os" in
2311: aix*)
2312: AC_CHECK_FUNCS(getgrset)
2313: ;;
2314: *)
2315: AC_CHECK_FUNC(nss_search, [
2316: AC_CHECK_FUNC(_nss_XbyY_buf_alloc, [
2317: # Solaris
2318: AC_CHECK_FUNC(_nss_initf_group, [
2319: AC_CHECK_HEADERS(nss_dbdefs.h)
2320: AC_DEFINE([HAVE_NSS_SEARCH])
2321: AC_DEFINE([HAVE__NSS_XBYY_BUF_ALLOC])
2322: AC_DEFINE([HAVE__NSS_INITF_GROUP])
2323: ])
2324: ], [
2325: # HP-UX
2326: AC_CHECK_FUNC(__nss_XbyY_buf_alloc, [
2327: AC_CHECK_FUNC(__nss_initf_group, [
2328: AC_CHECK_HEADERS(nss_dbdefs.h)
2329: AC_DEFINE([HAVE_NSS_SEARCH])
2330: AC_DEFINE([HAVE___NSS_XBYY_BUF_ALLOC])
2331: AC_DEFINE([HAVE___NSS_INITF_GROUP])
2332: ])
2333: ])
2334: ])
2335: ])
2336: ;;
2337: esac
2338: AC_LIBOBJ(getgrouplist)
2339: ])
2340: AC_CHECK_FUNCS(getline, [], [
2341: AC_LIBOBJ(getline)
2342: AC_CHECK_FUNCS(fgetln)
2343: ])
2344: dnl
2345: dnl If libc supports _FORTIFY_SOURCE check functions, use it.
2346: dnl
2347: if test "$enable_hardening" != "no"; then
2348: O_CPPFLAGS="$CPPFLAGS"
2349: CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
2350: AC_CHECK_FUNC(__sprintf_chk, [
2351: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[char buf[4]; (void)sprintf(buf, "%s", "foo");]])], [OSDEFS="${OSDEFS} -D_FORTIFY_SOURCE=2"], [])
2352: ], [])
2353: CPPFLAGS="$O_CPPFLAGS"
2354: fi
2355:
2356: utmp_style=LEGACY
2357: AC_CHECK_FUNCS(getutxid getutid, [utmp_style=POSIX; break])
2358: if test "$utmp_style" = "LEGACY"; then
2359: AC_CHECK_FUNCS(getttyent ttyslot, [break])
2360: AC_CHECK_FUNCS(fseeko)
2361: fi
2362:
2363: AC_CHECK_FUNCS(sysctl, [AC_CHECK_MEMBERS([struct kinfo_proc.ki_tdev], [],
2364: [
2365: AC_CHECK_MEMBERS([struct kinfo_proc2.p_tdev], [], [
2366: AC_CHECK_MEMBERS([struct kinfo_proc.p_tdev], [], [
2367: AC_CHECK_MEMBERS([struct kinfo_proc.kp_eproc.e_tdev], [], [], [
2368: # include <sys/param.h>
2369: # include <sys/sysctl.h>
2370: ])
2371: ], [
2372: # include <sys/param.h>
2373: # include <sys/sysctl.h>
2374: ])
2375: ],
2376: [
2377: # include <sys/param.h>
2378: # include <sys/sysctl.h>
2379: ])
2380: ],
2381: [
2382: # include <sys/param.h>
2383: # include <sys/sysctl.h>
2384: # include <sys/user.h>
2385: ])
2386: ])
2387:
2388: AC_CHECK_FUNCS(openpty, [AC_CHECK_HEADERS(libutil.h util.h pty.h, [break])], [
2389: AC_CHECK_LIB(util, openpty, [
2390: AC_CHECK_HEADERS(libutil.h util.h pty.h, [break])
2391: case "$SUDO_LIBS" in
2392: *-lutil*) ;;
2393: *) SUDO_LIBS="${SUDO_LIBS} -lutil";;
2394: esac
2395: AC_DEFINE(HAVE_OPENPTY)
2396: ], [
2397: AC_CHECK_FUNCS(_getpty, [], [
2398: AC_CHECK_FUNCS(grantpt, [
2399: AC_CHECK_FUNCS(posix_openpt)
2400: ], [
2401: AC_CHECK_FUNCS(revoke)
2402: ])
2403: ])
2404: ])
2405: ])
2406: AC_CHECK_FUNCS(unsetenv, [SUDO_FUNC_UNSETENV_VOID], [])
2407: SUDO_FUNC_PUTENV_CONST
2408: if test -z "$SKIP_SETRESUID"; then
2409: AC_CHECK_FUNCS(setresuid, [
2410: SKIP_SETREUID=yes
2411: AC_CHECK_FUNCS(getresuid)
2412: ])
2413: fi
2414: if test -z "$SKIP_SETREUID"; then
2415: AC_CHECK_FUNCS(setreuid)
2416: fi
2417: AC_CHECK_FUNCS(seteuid)
2418: if test X"$with_interfaces" != X"no"; then
2419: AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
2420: fi
2421: if test -z "$BROKEN_GETCWD"; then
2422: AC_REPLACE_FUNCS(getcwd)
2423: fi
2424: AC_CHECK_FUNCS(lockf flock, [break])
2425: AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
2426: AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
2427: AC_CHECK_FUNCS(killpg, [], [AC_LIBOBJ(killpg)])
2428: SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH)], [AC_LIBOBJ(fnmatch)
2429: COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }fnm_test"
2430: ])
2431: SUDO_FUNC_ISBLANK
2432: AC_REPLACE_FUNCS(memrchr memset_s pw_dup strlcpy strlcat strtonum)
2433: AC_CHECK_FUNCS(clock_gettime, [], [
2434: # On Solaris, clock_gettime is in librt
2435: AC_CHECK_LIB(rt, clock_gettime, [
2436: AC_DEFINE(HAVE_CLOCK_GETTIME)
2437: SUDOERS_LIBS="${SUDOERS_LIBS} -lrt"
2438: ], [AC_LIBOBJ(clock_gettime)])
2439: ])
2440: AC_CHECK_FUNCS(getopt_long, [], [AC_LIBOBJ(getopt_long)
2441: AC_MSG_CHECKING([for optreset])
2442: AC_CACHE_VAL(sudo_cv_optreset, [
2443: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern int optreset; optreset = 1; return optreset;]])], [sudo_cv_optreset=yes], [sudo_cv_optreset=no])])
2444: if test "$sudo_cv_optreset" = "yes"; then
2445: AC_DEFINE(HAVE_OPTRESET)
2446: fi
2447: AC_MSG_RESULT($sudo_cv_optreset)
2448: ])
2449: AC_CHECK_FUNCS(closefrom, [], [AC_LIBOBJ(closefrom)
2450: AC_CHECK_DECL(F_CLOSEM, AC_DEFINE(HAVE_FCNTL_CLOSEM), [], [
2451: # include <limits.h>
2452: # include <fcntl.h> ])
2453: ])
2454: AC_CHECK_FUNCS(mkstemps mkdtemp, [], [
2455: AC_CHECK_FUNCS(random lrand48, [break])
2456: AC_LIBOBJ(mktemp)
2457: ])
2458: AX_FUNC_SNPRINTF
2459: AC_CHECK_FUNCS(asprintf vasprintf)
2460: if test X"$ac_cv_have_working_snprintf$ac_cv_have_working_vsnprintf" = X"yesyes"; then
2461: # Don't add snprintf to LIBOBJS if it is already present.
2462: if test X"$ac_cv_func_asprintf$ac_cv_func_vasprintf" != X"yesyes"; then
2463: AC_LIBOBJ(snprintf)
2464: fi
2465: fi
2466: # We wrap OpenBSD's strtonum() to get translatable error strings.
2467: AC_CHECK_FUNCS(strtonum)
2468: AC_LIBOBJ(strtonum)
2469: if test X"$ac_cv_type_struct_timespec" != X"no"; then
2470: AC_CHECK_MEMBER([struct stat.st_mtim], [AC_DEFINE(HAVE_ST_MTIM)]
2471: [AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
2472: [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
2473: fi
2474: dnl
2475: dnl Function checks for sudo_noexec
2476: dnl
2477: if test X"$with_noexec" != X"no"; then
2478: # Check for underscore versions of standard exec functions
2479: # unless we are using dyld symbole interposition
2480: if test X"$dlyld_interpose" != X"yes"; then
2481: AC_CHECK_FUNCS(_execl __execl)
2482: AC_CHECK_FUNCS(_execle __execle)
2483: AC_CHECK_FUNCS(_execlp __execlp)
2484: AC_CHECK_FUNCS(_execv __execv)
2485: AC_CHECK_FUNCS(_execve __execve)
2486: AC_CHECK_FUNCS(_execvp __execvp)
2487: fi
2488: # Check for non-standard exec functions including underscore versions
2489: AC_CHECK_FUNCS(exect, [
2490: if test X"$dlyld_interpose" != X"yes"; then
2491: AC_CHECK_FUNCS(_exect __exect)
2492: fi
2493: ])
2494: AC_CHECK_FUNCS(execvP, [
2495: if test X"$dlyld_interpose" != X"yes"; then
2496: AC_CHECK_FUNCS(_execvP __execvP)
2497: fi
2498: ])
2499: AC_CHECK_FUNCS(execvpe, [
2500: if test X"$dlyld_interpose" != X"yes"; then
2501: AC_CHECK_FUNCS(_execvpe __execvpe)
2502: fi
2503: ])
2504: AC_CHECK_FUNCS(fexecve, [
2505: if test X"$dlyld_interpose" != X"yes"; then
2506: AC_CHECK_FUNCS(_fexecve __fexecve)
2507: fi
2508: ])
2509: # Check for posix_spawn, posix_spawnp and any underscore versions
2510: AC_CHECK_FUNCS(posix_spawn, [
2511: if test X"$dlyld_interpose" != X"yes"; then
2512: AC_CHECK_FUNCS(_posix_spawn __posix_spawn)
2513: fi
2514: ])
2515: AC_CHECK_FUNCS(posix_spawnp, [
2516: if test X"$dlyld_interpose" != X"yes"; then
2517: AC_CHECK_FUNCS(_posix_spawnp __posix_spawnp)
2518: fi
2519: ])
2520: fi
2521:
2522: dnl
2523: dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR.
2524: dnl
2525: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2526: #include <$ac_header_dirent>]], [[DIR *d; (void)dirfd(d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2527: #include <$ac_header_dirent>]], [[DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);]])], [AC_DEFINE(HAVE_DD_FD)], [])])
2528: AC_CHECK_MEMBERS([struct dirent.d_type], [], [], [
2529: AC_INCLUDES_DEFAULT
2530: #include <$ac_header_dirent>
2531: ])
2532: dnl
2533: dnl If socket(2) not in libc, check -lsocket and -linet
2534: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
2535: dnl
2536: AC_CHECK_FUNC(socket, [], [
2537: for libs in "-lsocket" "-linet" "-lsocket -lnsl"; do
2538: _libs=
2539: for lib in $libs; do
2540: case "$NET_LIBS" in
2541: *"$lib"*) ;;
2542: *) _libs="$_libs $lib";;
2543: esac
2544: done
2545: libs="${_libs# }"
2546: test -z "$libs" && continue
2547: lib="`echo \"$libs\"|sed -e 's/^-l//' -e 's/ .*$//'`"
2548: extralibs="`echo \"$libs\"|sed 's/^-l[[^ ]]*//'`"
2549: SUDO_CHECK_LIB($lib, socket, [NET_LIBS="${NET_LIBS} $libs"; LIBS="${LIBS} $libs"; break], [], [$extralibs])
2550: done
2551: ])
2552: dnl
2553: dnl If inet_pton(3) not in libc, check -lnsl and -linet
2554: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
2555: dnl Some systems may have inet_pton() in libresolv.
2556: dnl
2557: AC_CHECK_FUNC(inet_pton, [], [
2558: for libs in "-lsocket" "-linet" "-lsocket -lnsl" "-lresolv"; do
2559: _libs=
2560: for lib in $libs; do
2561: case "$NET_LIBS" in
2562: *"$lib"*) ;;
2563: *) _libs="$_libs $lib";;
2564: esac
2565: done
2566: libs="${_libs# }"
2567: test -z "$libs" && continue
2568: lib="`echo \"$libs\"|sed -e 's/^-l//' -e 's/ .*$//'`"
2569: extralibs="`echo \"$libs\"|sed 's/^-l[[^ ]]*//'`"
2570: SUDO_CHECK_LIB($lib, inet_pton, [
2571: AC_DEFINE(HAVE_INET_PTON)
2572: NET_LIBS="${NET_LIBS} $libs"
2573: LIBS="${LIBS} $libs"
2574: break
2575: ], [], [$extralibs])
2576: done
2577: ])
2578: if test X"$ac_cv_func_inet_pton" != X"yes"; then
2579: AC_LIBOBJ(inet_pton)
2580: fi
2581: dnl
2582: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
2583: dnl
2584: AC_CHECK_FUNC(syslog, [], [
2585: for libs in "-lsocket" "-linet" "-lsocket -lnsl"; do
2586: _libs=
2587: for lib in $libs; do
2588: case "$NET_LIBS" in
2589: *"$lib"*) ;;
2590: *) _libs="$_libs $lib";;
2591: esac
2592: done
2593: libs="${_libs# }"
2594: test -z "$libs" && continue
2595: lib="`echo \"$libs\"|sed -e 's/^-l//' -e 's/ .*$//'`"
2596: extralibs="`echo \"$libs\"|sed 's/^-l[[^ ]]*//'`"
2597: SUDO_CHECK_LIB($lib, syslog, [NET_LIBS="${NET_LIBS} $libs"; LIBS="${LIBS} $libs"; break], [], [$extralibs])
2598: done
2599: ])
2600: #
2601: # Check for getaddrinfo and add any required libs to NET_LIBS
2602: #
2603: OLIBS="$LIBS"
2604: AX_FUNC_GETADDRINFO
2605: for lib in $LIBS; do
2606: case "$OLIBS" in
2607: *"$lib"*) ;;
2608: *) NET_LIBS="$NET_LIBS $lib";;
2609: esac
2610: done
2611: dnl
2612: dnl Check for getprogname() or __progname
2613: dnl
2614: AC_CHECK_FUNCS(getprogname, , [
2615: AC_MSG_CHECKING([for __progname])
2616: AC_CACHE_VAL(sudo_cv___progname, [
2617: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern char *__progname; (void)puts(__progname);]])], [sudo_cv___progname=yes], [sudo_cv___progname=no])])
2618: if test "$sudo_cv___progname" = "yes"; then
2619: AC_DEFINE(HAVE___PROGNAME)
2620: fi
2621: AC_MSG_RESULT($sudo_cv___progname)
2622: ])
2623: dnl
2624: dnl Check for __func__ or __FUNCTION__
2625: dnl
2626: AC_MSG_CHECKING([for __func__])
2627: AC_CACHE_VAL(sudo_cv___func__, [
2628: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[(void)puts(__func__);]])], [sudo_cv___func__=yes], [sudo_cv___func__=no])])
2629: AC_MSG_RESULT($sudo_cv___func__)
2630: if test "$sudo_cv___func__" = "yes"; then
2631: AC_DEFINE(HAVE___FUNC__)
2632: elif test -n "$GCC"; then
2633: AC_MSG_CHECKING([for __FUNCTION__])
2634: AC_CACHE_VAL(sudo_cv___FUNCTION__, [
2635: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[(void)puts(__FUNCTION__);]])], [sudo_cv___FUNCTION__=yes], [sudo_cv___FUNCTION__=no])])
2636: AC_MSG_RESULT($sudo_cv___FUNCTION__)
2637: if test "$sudo_cv___FUNCTION__" = "yes"; then
2638: AC_DEFINE(HAVE___FUNC__)
2639: AC_DEFINE(__func__, __FUNCTION__, [Define to __FUNCTION__ if your compiler supports __FUNCTION__ but not __func__])
2640: fi
2641: fi
2642:
2643: # gettext() and friends may be located in libc (Linux and Solaris)
2644: # or in libintl. However, it is possible to have libintl installed
2645: # even when gettext() is present in libc. In the case of GNU libintl,
2646: # gettext() will be defined to gettext_libintl in libintl.h.
2647: # Since gcc prefers /usr/local/include to /usr/include, we need to
2648: # make sure we use the gettext() that matches the include file.
2649: if test "$enable_nls" != "no"; then
2650: if test "$enable_nls" != "yes"; then
2651: SUDO_APPEND_CPPFLAGS(-I${enable_nls}/include)
2652: SUDO_APPEND_LIBPATH(LDFLAGS, [$enable_nls/lib])
2653: fi
2654: OLIBS="$LIBS"
2655: for l in "libc" "-lintl" "-lintl -liconv"; do
2656: if test "$l" = "libc"; then
2657: # If user specified a dir for libintl ignore libc
2658: if test "$enable_nls" != "yes"; then
2659: continue
2660: fi
2661: gettext_name=sudo_cv_gettext
2662: AC_MSG_CHECKING([for gettext])
2663: else
2664: LIBS="$OLIBS $l"
2665: gettext_name=sudo_cv_gettext"`echo $l|sed -e 's/ //g' -e 's/-/_/g'`"
2666: AC_MSG_CHECKING([for gettext in $l])
2667: fi
2668: AC_CACHE_VAL($gettext_name, [
2669: AC_LINK_IFELSE(
2670: [
2671: AC_LANG_PROGRAM([[#include <libintl.h>]], [(void)gettext((char *)0);])
2672: ], [eval $gettext_name=yes], [eval $gettext_name=no]
2673: )
2674: ])
2675: eval gettext_result="\$$gettext_name"
2676: AC_MSG_RESULT($gettext_result)
2677: if test "$gettext_result" = "yes"; then
2678: AC_CHECK_FUNCS(ngettext)
2679: break
2680: fi
2681: done
2682: LIBS="$OLIBS"
2683:
2684: if test "$sudo_cv_gettext" = "yes"; then
2685: AC_DEFINE(HAVE_LIBINTL_H)
2686: SUDO_NLS=enabled
2687: # For Solaris we need links from lang to lang.UTF-8 in localedir
2688: case "$host_os" in
2689: solaris2*) LOCALEDIR_SUFFIX=".UTF-8";;
2690: esac
2691: elif test "$sudo_cv_gettext_lintl" = "yes"; then
2692: AC_DEFINE(HAVE_LIBINTL_H)
2693: SUDO_NLS=enabled
2694: LIBINTL="-lintl"
2695: elif test "$sudo_cv_gettext_lintl_liconv" = "yes"; then
2696: AC_DEFINE(HAVE_LIBINTL_H)
2697: SUDO_NLS=enabled
2698: LIBINTL="-lintl -liconv"
2699: fi
2700: fi
2701:
2702: dnl
2703: dnl Deferred zlib option processing.
2704: dnl By default we use the system zlib if it is present.
2705: dnl If a directory was specified for zlib (or we are use sudo's version),
2706: dnl prepend the include dir to make sure we get the right zlib header.
2707: dnl
2708: case "$enable_zlib" in
2709: yes)
2710: AC_CHECK_LIB(z, gzdopen, [
2711: AC_CHECK_HEADERS(zlib.h, [ZLIB="-lz"], [enable_zlib=builtin])
2712: ])
2713: ;;
2714: no)
2715: ;;
2716: system)
2717: AC_DEFINE(HAVE_ZLIB_H)
2718: ZLIB="-lz"
2719: ;;
2720: builtin)
2721: # handled below
2722: ;;
2723: *)
2724: AC_DEFINE(HAVE_ZLIB_H)
2725: SUDO_APPEND_CPPFLAGS(-I${enable_zlib}/include)
2726: SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
2727: ZLIB="${ZLIB} -lz"
2728: ;;
2729: esac
2730: if test X"$enable_zlib" = X"builtin"; then
2731: AC_DEFINE(HAVE_ZLIB_H)
2732: CPPFLAGS='-I$(top_builddir)/zlib -I$(top_srcdir)/zlib '"${CPPFLAGS}"
2733: ZLIB="${ZLIB}"' $(top_builddir)/zlib/libz.la'
2734: ZLIB_SRC=zlib
2735: AC_CONFIG_HEADER([zlib/zconf.h])
2736: AC_CONFIG_FILES([zlib/Makefile])
2737: fi
2738:
2739: dnl
2740: dnl Check for errno declaration in errno.h
2741: dnl
2742: AC_CHECK_DECLS([errno], [], [], [
2743: AC_INCLUDES_DEFAULT
2744: #include <errno.h>
2745: ])
2746:
2747: dnl
2748: dnl Check for h_errno declaration in netdb.h
2749: dnl
2750: AC_CHECK_DECLS([h_errno], [], [], [
2751: AC_INCLUDES_DEFAULT
2752: #include <netdb.h>
2753: ])
2754:
2755: dnl
2756: dnl Check for strsignal() or sys_siglist
2757: dnl
2758: AC_CHECK_FUNCS(strsignal, [], [
2759: AC_LIBOBJ(strsignal)
2760: HAVE_SIGLIST="false"
2761: AC_CHECK_DECLS([sys_siglist, _sys_siglist, __sys_siglist], [
2762: HAVE_SIGLIST="true"
2763: break
2764: ], [ ], [
2765: AC_INCLUDES_DEFAULT
2766: #include <signal.h>
2767: ])
2768: if test "$HAVE_SIGLIST" != "true"; then
2769: AC_LIBOBJ(siglist)
2770: fi
2771: ])
2772:
2773: dnl
2774: dnl Check for sig2str(), sys_signame or sys_sigabbrev
2775: dnl
2776: AC_CHECK_FUNCS(sig2str, [], [
2777: AC_LIBOBJ(sig2str)
2778: HAVE_SIGNAME="false"
2779: AC_CHECK_DECLS([sys_signame, _sys_signame, __sys_signame, sys_sigabbrev], [
2780: HAVE_SIGNAME="true"
2781: break
2782: ], [ ], [
2783: AC_INCLUDES_DEFAULT
2784: #include <signal.h>
2785: ])
2786: if test "$HAVE_SIGNAME" != "true"; then
2787: AC_CACHE_CHECK([for undeclared sys_sigabbrev],
2788: [sudo_cv_var_sys_sigabbrev],
2789: [AC_LINK_IFELSE(
2790: [AC_LANG_PROGRAM([[extern char **sys_sigabbrev;]], [[return sys_sigabbrev[1];]])],
2791: [sudo_cv_var_sys_sigabbrev=yes],
2792: [sudo_cv_var_sys_sigabbrev=no]
2793: )
2794: ]
2795: )
2796: if test "$sudo_cv_var_sys_sigabbrev" = yes; then
2797: AC_DEFINE(HAVE_SYS_SIGABBREV)
2798: else
2799: AC_LIBOBJ(signame)
2800: fi
2801: fi
2802: ])
2803:
2804: dnl
2805: dnl nsswitch.conf and its equivalents
2806: dnl
2807: if test ${with_netsvc-"no"} != "no"; then
2808: SUDO_DEFINE_UNQUOTED(_PATH_NETSVC_CONF, "${with_netsvc-/etc/netsvc.conf}")
2809: netsvc_conf=${with_netsvc-/etc/netsvc.conf}
2810: elif test ${with_nsswitch-"yes"} != "no"; then
2811: SUDO_DEFINE_UNQUOTED(_PATH_NSSWITCH_CONF, "${with_nsswitch-/etc/nsswitch.conf}")
2812: nsswitch_conf=${with_nsswitch-/etc/nsswitch.conf}
2813: fi
2814:
2815: dnl
2816: dnl Mutually exclusive auth checks come first, followed by
2817: dnl non-exclusive ones. Note: passwd must be last of all!
2818: dnl
2819:
2820: dnl
2821: dnl Convert default authentication methods to with_* if
2822: dnl no explicit authentication scheme was specified.
2823: dnl
2824: if test -z "${AUTH_EXCL}${AUTH_REG}" -a -n "$AUTH_EXCL_DEF"; then
2825: for auth in $AUTH_EXCL_DEF; do
2826: case $auth in
2827: AIX_AUTH) with_aixauth=maybe;;
2828: BSD_AUTH) with_bsdauth=maybe;;
2829: PAM) with_pam=maybe;;
2830: SIA) CHECKSIA=true;;
2831: esac
2832: done
2833: fi
2834:
2835: dnl
2836: dnl PAM support. Systems that use PAM by default set with_pam=default
2837: dnl and we do the actual tests here.
2838: dnl
2839: if test ${with_pam-"no"} != "no"; then
2840: #
2841: # Check for pam_start() in libpam first, then for pam_appl.h.
2842: #
2843: found_pam_lib=no
2844: AC_CHECK_LIB(pam, pam_start, [found_pam_lib=yes], [], [$lt_cv_dlopen_libs])
2845: #
2846: # Some PAM implementations (MacOS X for example) put the PAM headers
2847: # in /usr/include/pam instead of /usr/include/security...
2848: #
2849: found_pam_hdrs=no
2850: AC_CHECK_HEADERS([security/pam_appl.h] [pam/pam_appl.h], [found_pam_hdrs=yes; break])
2851: if test "$found_pam_lib" = "yes" -a "$found_pam_hdrs" = "yes"; then
2852: # Found both PAM libs and headers
2853: with_pam=yes
2854: elif test "$with_pam" = "yes"; then
2855: if test "$found_pam_lib" = "no"; then
2856: AC_MSG_ERROR(["--with-pam specified but unable to locate PAM development library."])
2857: fi
2858: if test "$found_pam_hdrs" = "no"; then
2859: AC_MSG_ERROR(["--with-pam specified but unable to locate PAM development headers."])
2860: fi
2861: elif test "$found_pam_lib" != "$found_pam_hdrs"; then
2862: if test "$found_pam_lib" = "no"; then
2863: AC_MSG_ERROR(["found PAM headers but no PAM development library; specify --without-pam to build without PAM"])
2864: fi
2865: if test "$found_pam_hdrs" = "no"; then
2866: AC_MSG_ERROR(["found PAM library but no PAM development headers; specify --without-pam to build without PAM"])
2867: fi
2868: fi
2869:
2870: if test "$with_pam" = "yes"; then
2871: # Older PAM implementations lack pam_getenvlist
2872: OLIBS="$LIBS"
2873: LIBS="$LIBS -lpam $lt_cv_dlopen_libs"
2874: AC_CHECK_FUNCS(pam_getenvlist)
2875: LIBS="$OLIBS"
2876:
2877: # We already link with -ldl if needed (see LIBDL below)
2878: SUDOERS_LIBS="${SUDOERS_LIBS} -lpam"
2879: AC_DEFINE(HAVE_PAM)
2880: AUTH_OBJS="$AUTH_OBJS pam.lo";
2881: AUTH_EXCL=PAM
2882:
2883: AC_ARG_WITH(pam-login, [AS_HELP_STRING([--with-pam-login], [enable specific PAM session for sudo -i])],
2884: [case $with_pam_login in
2885: yes) AC_DEFINE([HAVE_PAM_LOGIN])
2886: AC_MSG_CHECKING(whether to use PAM login)
2887: AC_MSG_RESULT(yes)
2888: pam_login_service="sudo-i"
2889: ;;
2890: no) ;;
2891: *) AC_MSG_ERROR(["--with-pam-login does not take an argument."])
2892: ;;
2893: esac])
2894:
2895: AC_MSG_CHECKING(whether to use PAM session support)
2896: AC_ARG_ENABLE(pam_session,
2897: [AS_HELP_STRING([--disable-pam-session], [Disable PAM session support])],
2898: [ case "$enableval" in
2899: yes) AC_MSG_RESULT(yes)
2900: ;;
2901: no) AC_MSG_RESULT(no)
2902: AC_DEFINE(NO_PAM_SESSION)
2903: pam_session=off
2904: ;;
2905: *) AC_MSG_RESULT(no)
2906: AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval])
2907: ;;
2908: esac], AC_MSG_RESULT(yes))
2909: fi
2910: fi
2911:
2912: dnl
2913: dnl AIX general authentication
2914: dnl If set to "maybe" only enable if no other exclusive method in use.
2915: dnl
2916: if test ${with_aixauth-'no'} != "no"; then
2917: if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
2918: AC_MSG_NOTICE([using AIX general authentication])
2919: AC_DEFINE(HAVE_AIXAUTH)
2920: AUTH_OBJS="$AUTH_OBJS aix_auth.lo";
2921: SUDOERS_LIBS="${SUDOERS_LIBS} -ls"
2922: AUTH_EXCL=AIX_AUTH
2923: fi
2924: fi
2925:
2926: dnl
2927: dnl BSD authentication
2928: dnl If set to "maybe" only enable if no other exclusive method in use.
2929: dnl
2930: if test ${with_bsdauth-'no'} != "no"; then
2931: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
2932: [AUTH_OBJS="$AUTH_OBJS bsdauth.lo"]
2933: [BSDAUTH_USAGE='[[-a type]] ']
2934: [AUTH_EXCL=BSD_AUTH; BAMAN=1],
2935: [AC_MSG_ERROR([BSD authentication was specified but bsd_auth.h could not be found])])
2936: fi
2937:
2938: dnl
2939: dnl SIA authentication for Tru64 Unix
2940: dnl
2941: if test ${CHECKSIA-'false'} = "true"; then
2942: AC_CHECK_FUNCS(sia_ses_init, [found=true], [found=false])
2943: if test "$found" = "true"; then
2944: AUTH_EXCL=SIA
2945: AUTH_OBJS="$AUTH_OBJS sia.lo"
2946: fi
2947: fi
2948:
2949: dnl
2950: dnl extra FWTK libs + includes
2951: dnl
2952: if test ${with_fwtk-'no'} != "no"; then
2953: if test "$with_fwtk" != "yes"; then
2954: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_fwtk}])
2955: SUDO_APPEND_CPPFLAGS(-I${with_fwtk})
2956: with_fwtk=yes
2957: fi
2958: SUDOERS_LIBS="${SUDOERS_LIBS} -lauth -lfwall"
2959: AUTH_OBJS="$AUTH_OBJS fwtk.lo"
2960: fi
2961:
2962: dnl
2963: dnl extra SecurID lib + includes
2964: dnl
2965: if test ${with_SecurID-'no'} != "no"; then
2966: if test "$with_SecurID" != "yes"; then
2967: :
2968: elif test -d /usr/ace/examples; then
2969: with_SecurID=/usr/ace/examples
2970: else
2971: with_SecurID=/usr/ace
2972: fi
2973: SUDO_APPEND_CPPFLAGS(-I${with_SecurID})
2974: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_SecurID}])
2975: SUDOERS_LIBS="${SUDOERS_LIBS} -laceclnt -lpthread"
2976: AUTH_OBJS="$AUTH_OBJS securid5.lo";
2977: fi
2978:
2979: dnl
2980: dnl Non-mutually exclusive auth checks come next.
2981: dnl Note: passwd must be last of all!
2982: dnl
2983:
2984: dnl
2985: dnl Convert default authentication methods to with_* if
2986: dnl no explicit authentication scheme was specified.
2987: dnl
2988: if test -z "${AUTH_EXCL}" -a -n "$AUTH_DEF"; then
2989: for auth in $AUTH_DEF; do
2990: case $auth in
2991: passwd) : ${with_passwd='maybe'};;
2992: esac
2993: done
2994: fi
2995:
2996: dnl
2997: dnl Kerberos V
2998: dnl There is an easy way and a hard way...
2999: dnl
3000: if test ${with_kerb5-'no'} != "no"; then
3001: AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
3002: if test -n "$KRB5CONFIG"; then
3003: AC_DEFINE(HAVE_KERB5)
3004: AUTH_OBJS="$AUTH_OBJS kerb5.lo"
3005: CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
3006: SUDOERS_LIBS="$SUDOERS_LIBS `krb5-config --libs`"
3007: dnl
3008: dnl Try to determine whether we have Heimdal or MIT Kerberos
3009: dnl
3010: AC_MSG_CHECKING(whether we are using Heimdal)
3011: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
3012: AC_MSG_RESULT(yes)
3013: AC_DEFINE(HAVE_HEIMDAL)
3014: ], [
3015: AC_MSG_RESULT(no)
3016: ]
3017: )
3018: else
3019: AC_DEFINE(HAVE_KERB5)
3020: dnl
3021: dnl Use the specified directory, if any, else search for correct inc dir
3022: dnl
3023: if test "$with_kerb5" = "yes"; then
3024: found=no
3025: O_CPPFLAGS="$CPPFLAGS"
3026: for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
3027: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
3028: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]])], [found=yes; break])
3029: done
3030: if test X"$found" = X"no"; then
3031: CPPFLAGS="$O_CPPFLAGS"
3032: AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
3033: fi
3034: else
3035: dnl XXX - try to include krb5.h here too
3036: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_kerb5}/lib])
3037: SUDO_APPEND_CPPFLAGS(-I${with_kerb5}/include)
3038: fi
3039:
3040: dnl
3041: dnl Try to determine whether we have Heimdal or MIT Kerberos
3042: dnl
3043: AC_MSG_CHECKING(whether we are using Heimdal)
3044: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
3045: AC_MSG_RESULT(yes)
3046: AC_DEFINE(HAVE_HEIMDAL)
3047: # XXX - need to check whether -lcrypo is needed!
3048: SUDOERS_LIBS="${SUDOERS_LIBS} -lkrb5 -lcrypto -ldes -lcom_err -lasn1"
3049: AC_CHECK_LIB(roken, main, [SUDOERS_LIBS="${SUDOERS_LIBS} -lroken"])
3050: ], [
3051: AC_MSG_RESULT(no)
3052: SUDOERS_LIBS="${SUDOERS_LIBS} -lkrb5 -lk5crypto -lcom_err"
3053: AC_CHECK_LIB(krb5support, main, [SUDOERS_LIBS="${SUDOERS_LIBS} -lkrb5support"])
3054: ])
3055: AUTH_OBJS="$AUTH_OBJS kerb5.lo"
3056: fi
3057: _LIBS="$LIBS"
3058: LIBS="${LIBS} ${SUDOERS_LIBS}"
3059: AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
3060: AC_CHECK_FUNCS(krb5_get_init_creds_opt_alloc, [
3061: AC_CACHE_CHECK([whether krb5_get_init_creds_opt_free takes a context],
3062: sudo_cv_krb5_get_init_creds_opt_free_two_args, [
3063: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]],
3064: [[krb5_get_init_creds_opt_free(NULL, NULL);]]
3065: )],
3066: [sudo_cv_krb5_get_init_creds_opt_free_two_args=yes],
3067: [sudo_cv_krb5_get_init_creds_opt_free_two_args=no]
3068: )
3069: ]
3070: )
3071: ])
3072: if test X"$sudo_cv_krb5_get_init_creds_opt_free_two_args" = X"yes"; then
3073: AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS)
3074: fi
3075: LIBS="$_LIBS"
3076: AC_MSG_CHECKING(whether to use an instance name for Kerberos V)
3077: AC_ARG_ENABLE(kerb5-instance,
3078: [AS_HELP_STRING([--enable-kerb5-instance], [instance string to append to the username (separated by a slash)])],
3079: [ case "$enableval" in
3080: yes) AC_MSG_ERROR(["must give --enable-kerb5-instance an argument."])
3081: ;;
3082: no) AC_MSG_RESULT(no)
3083: ;;
3084: *) SUDO_DEFINE_UNQUOTED(SUDO_KRB5_INSTANCE, "$enableval")
3085: AC_MSG_RESULT([$enableval])
3086: ;;
3087: esac], AC_MSG_RESULT(no))
3088: fi
3089:
3090: dnl
3091: dnl extra AFS libs and includes
3092: dnl
3093: if test ${with_AFS-'no'} = "yes"; then
3094:
3095: # looks like the "standard" place for AFS libs is /usr/afsws/lib
3096: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
3097: for i in $AFSLIBDIRS; do
3098: if test -d ${i}; then
3099: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [$i])
3100: FOUND_AFSLIBDIR=true
3101: fi
3102: done
3103: if test -z "$FOUND_AFSLIBDIR"; then
3104: AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDOERS_LDFLAGS or rerun configure with the --with-libpath options.])
3105: fi
3106:
3107: # Order is important here. Note that we build AFS_LIBS from right to left
3108: # since AFS_LIBS may be initialized with BSD compat libs that must go last
3109: AFS_LIBS="-laudit ${AFS_LIBS}"
3110: for i in $AFSLIBDIRS; do
3111: if test -f ${i}/util.a; then
3112: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
3113: FOUND_UTIL_A=true
3114: break;
3115: fi
3116: done
3117: if test -z "$FOUND_UTIL_A"; then
3118: AFS_LIBS="-lutil ${AFS_LIBS}"
3119: fi
3120: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
3121:
3122: # AFS includes may live in /usr/include on some machines...
3123: for i in /usr/afsws/include; do
3124: if test -d ${i}; then
3125: SUDO_APPEND_CPPFLAGS(-I${i})
3126: FOUND_AFSINCDIR=true
3127: fi
3128: done
3129:
3130: if test -z "$FOUND_AFSLIBDIR"; then
3131: AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
3132: fi
3133:
3134: AUTH_OBJS="$AUTH_OBJS afs.lo"
3135: fi
3136:
3137: dnl
3138: dnl extra DCE obj + lib
3139: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
3140: dnl
3141: if test ${with_DCE-'no'} = "yes"; then
3142: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
3143: SUDOERS_LIBS="${SUDOERS_LIBS} -ldce"
3144: AUTH_OBJS="$AUTH_OBJS dce.lo"
3145: fi
3146:
3147: dnl
3148: dnl extra S/Key lib and includes
3149: dnl
3150: if test "${with_skey-'no'}" = "yes"; then
3151: O_LDFLAGS="$LDFLAGS"
3152: if test "$with_skey" != "yes"; then
3153: SUDO_APPEND_CPPFLAGS(-I${with_skey}/include)
3154: LDFLAGS="$LDFLAGS -L${with_skey}/lib"
3155: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_skey}/lib])
3156: AC_CHECK_HEADER([skey.h], [found=yes], [found=no], [#include <stdio.h>])
3157: else
3158: found=no
3159: O_CPPFLAGS="$CPPFLAGS"
3160: for dir in "" "/usr/local" "/usr/contrib"; do
3161: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
3162: AC_CHECK_HEADER([skey.h], [found=yes; break], [], [#include <stdio.h>])
3163: done
3164: if test "$found" = "no" -o -z "$dir"; then
3165: CPPFLAGS="$O_CPPFLAGS"
3166: else
3167: LDFLAGS="$LDFLAGS -L${dir}/lib"
3168: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${dir}/lib])
3169: fi
3170: if test "$found" = "no"; then
3171: AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
3172: fi
3173: fi
3174: AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDOERS_LDFLAGS])])
3175: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
3176:
3177: AC_MSG_CHECKING([for RFC1938-compliant skeychallenge])
3178: AC_COMPILE_IFELSE(
3179: [AC_LANG_PROGRAM([[
3180: # include <stdio.h>
3181: # include <skey.h>]],
3182: [[skeychallenge(NULL, NULL, NULL, 0);]]
3183: )], [
3184: AC_DEFINE(HAVE_RFC1938_SKEYCHALLENGE)
3185: AC_MSG_RESULT([yes])
3186: ], [
3187: AC_MSG_RESULT([no])
3188: ]
3189: )
3190:
3191: LDFLAGS="$O_LDFLAGS"
3192: SUDOERS_LIBS="${SUDOERS_LIBS} -lskey"
3193: AUTH_OBJS="$AUTH_OBJS rfc1938.lo"
3194: fi
3195:
3196: dnl
3197: dnl extra OPIE lib and includes
3198: dnl
3199: if test "${with_opie-'no'}" = "yes"; then
3200: O_LDFLAGS="$LDFLAGS"
3201: if test "$with_opie" != "yes"; then
3202: SUDO_APPEND_CPPFLAGS(-I${with_opie}/include)
3203: LDFLAGS="$LDFLAGS -L${with_opie}/lib"
3204: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_opie}/lib])
3205: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <opie.h>]])], [found=yes], [found=no])
3206: else
3207: found=no
3208: O_CPPFLAGS="$CPPFLAGS"
3209: for dir in "" "/usr/local" "/usr/contrib"; do
3210: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
3211: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <opie.h>]])], [found=yes; break])
3212: done
3213: if test "$found" = "no" -o -z "$dir"; then
3214: CPPFLAGS="$O_CPPFLAGS"
3215: else
3216: LDFLAGS="$LDFLAGS -L${dir}/lib"
3217: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${dir}/lib])
3218: fi
3219: if test "$found" = "no"; then
3220: AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
3221: fi
3222: fi
3223: AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDOERS_LDFLAGS])])
3224: LDFLAGS="$O_LDFLAGS"
3225: SUDOERS_LIBS="${SUDOERS_LIBS} -lopie"
3226: AUTH_OBJS="$AUTH_OBJS rfc1938.lo"
3227: fi
3228:
3229: dnl
3230: dnl Check for shadow password routines if we have not already done so.
3231: dnl If there is a specific list of functions to check we do that first.
3232: dnl Otherwise, we check for SVR4-style and then SecureWare-style.
3233: dnl
3234: if test ${with_passwd-'no'} != "no"; then
3235: dnl
3236: dnl if crypt(3) not in libc, look elsewhere
3237: dnl
3238: if test -z "$LIB_CRYPT"; then
3239: _LIBS="$LIBS"
3240: AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDOERS_LIBS="${SUDOERS_LIBS} $ac_res"])
3241: LIBS="$_LIBS"
3242: fi
3243:
3244: if test "$CHECKSHADOW" = "true" -a -n "$shadow_funcs"; then
3245: _LIBS="$LIBS"
3246: LIBS="$LIBS $shadow_libs"
3247: found=no
3248: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
3249: if test "$found" = "yes"; then
3250: SUDOERS_LIBS="$SUDOERS_LIBS $shadow_libs"
3251: elif test -n "$shadow_libs_optional"; then
3252: LIBS="$LIBS $shadow_libs_optional"
3253: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
3254: if test "$found" = "yes"; then
3255: SUDOERS_LIBS="$SUDOERS_LIBS $shadow_libs $shadow_libs_optional"
3256: fi
3257: fi
3258: if test "$found" = "yes"; then
3259: case "$shadow_funcs" in
3260: *getprpwnam*) SECUREWARE=1;;
3261: esac
3262: test -n "$shadow_defs" && OSDEFS="${OSDEFS} $shadow_defs"
3263: else
3264: LIBS="$_LIBS"
3265: fi
3266: CHECKSHADOW=false
3267: fi
3268: if test "$CHECKSHADOW" = "true"; then
3269: AC_SEARCH_LIBS([getspnam], [gen], [AC_DEFINE(HAVE_GETSPNAM)] [CHECKSHADOW=false; test -n "$ac_lib" && SUDOERS_LIBS="${SUDOERS_LIBS} $ac_res"])
3270: fi
3271: if test "$CHECKSHADOW" = "true"; then
3272: AC_SEARCH_LIBS([getprpwnam], [sec security prot], [AC_DEFINE(HAVE_GETPRPWNAM)] [CHECKSHADOW=false; SECUREWARE=1; test -n "$ac_lib" && SUDOERS_LIBS="${SUDOERS_LIBS} $ac_res"])
3273: fi
3274: if test -n "$SECUREWARE"; then
3275: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
3276: AUTH_OBJS="$AUTH_OBJS secureware.lo"
3277: fi
3278: fi
3279:
3280: dnl
3281: dnl Choose event subsystem backend: poll or select
3282: dnl
3283: if test X"$enable_poll" = X""; then
3284: AC_CHECK_FUNCS(poll, [enable_poll=yes], [enable_poll=no])
3285: elif test X"$enable_poll" = X"yes"; then
3286: AC_DEFINE(HAVE_POLL)
3287: fi
3288: if test "$enable_poll" = "yes"; then
3289: COMMON_OBJS="${COMMON_OBJS} event_poll.lo"
3290: else
3291: COMMON_OBJS="${COMMON_OBJS} event_select.lo"
3292: fi
3293:
3294: dnl
3295: dnl extra lib and .o file for LDAP support
3296: dnl
3297: if test ${with_ldap-'no'} != "no"; then
3298: O_LDFLAGS="$LDFLAGS"
3299: if test "$with_ldap" != "yes"; then
3300: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_ldap}/lib])
3301: LDFLAGS="$LDFLAGS -L${with_ldap}/lib"
3302: SUDO_APPEND_CPPFLAGS(-I${with_ldap}/include)
3303: with_ldap=yes
3304: fi
3305: SUDOERS_OBJS="${SUDOERS_OBJS} ldap.lo"
3306: LDAP=""
3307:
3308: _LIBS="$LIBS"
3309: LDAP_LIBS=""
3310: IBMLDAP_EXTRA=""
3311: found=no
3312: # On HP-UX, libibmldap has a hidden dependency on libCsup
3313: case "$host_os" in
3314: hpux*) AC_CHECK_LIB(Csup, main, [IBMLDAP_EXTRA=" -lCsup"]);;
3315: esac
3316: AC_SEARCH_LIBS(ldap_init, "ibmldap${IBMLDAP_EXTRA}" "ibmldap -lidsldif${IBMLDAP_EXTRA}" "ldap" "ldap -llber" "ldap -llber -lssl -lcrypto" "ibmldap${IBMLDAP_EXTRA}", [
3317: test "$ac_res" != "none required" && LDAP_LIBS="$ac_res"
3318: found=yes
3319: ])
3320: # If nothing linked, try -lldap and hope for the best
3321: if test "$found" = "no"; then
3322: LDAP_LIBS="-lldap"
3323: fi
3324: LIBS="${_LIBS} ${LDAP_LIBS}"
3325: dnl check if we need to link with -llber for ber_set_option
3326: OLIBS="$LIBS"
3327: AC_MSG_CHECKING([whether lber.h defines LBER_OPT_DEBUG_LEVEL])
3328: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
3329: # include <lber.h>]], [[int opt=LBER_OPT_DEBUG_LEVEL;]])], [
3330: AC_MSG_RESULT([yes])
3331: AC_SEARCH_LIBS([ber_set_option], [lber], [found=yes], [found=no])
3332: if test X"$found" = X"yes" -a X"$LIBS" != X"$OLIBS"; then
3333: LDAP_LIBS="$LDAP_LIBS -llber"
3334: fi
3335: ], [
3336: AC_MSG_RESULT([no])
3337: ])
3338: dnl check if ldap.h includes lber.h for us
3339: AC_MSG_CHECKING([whether lber.h is needed])
3340: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
3341: # include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [AC_MSG_RESULT([no])], [
3342: AC_MSG_RESULT([yes])
3343: AC_DEFINE(HAVE_LBER_H)])
3344:
3345: AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [
3346: AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s)
3347: break
3348: ])
3349: AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
3350: AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_init ldap_ssl_client_init ldap_start_tls_s_np)
3351: AC_CHECK_FUNCS(ldap_search_ext_s ldap_search_st, [break])
3352:
3353: if test X"$check_gss_krb5_ccache_name" = X"yes"; then
3354: AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,
3355: AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
3356: [LDAP_LIBS="${LDAP_LIBS} -lgssapi"],
3357: AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,
3358: AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
3359: [LDAP_LIBS="${LDAP_LIBS} -lgssapi_krb5"])
3360: )
3361:
3362: # gssapi headers may be separate or part of Kerberos V
3363: found=no
3364: O_CPPFLAGS="$CPPFLAGS"
3365: for dir in "" "kerberosV" "krb5" "kerberos5" "kerberosv5"; do
3366: test X"$dir" != X"" && CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
3367: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <gssapi/gssapi.h>]])], [found="gssapi/gssapi.h"; break], [AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <gssapi.h>]])], [found="gssapi.h"; break])])
3368: done
3369: if test X"$found" != X"no"; then
3370: AC_CHECK_HEADERS([$found])
3371: if test X"$found" = X"gssapi/gssapi.h"; then
3372: AC_CHECK_HEADERS([gssapi/gssapi_krb5.h])
3373: fi
3374: else
3375: CPPFLAGS="$O_CPPFLAGS"
3376: AC_MSG_WARN([Unable to locate gssapi.h, you will have to edit the Makefile and add -I/path/to/gssapi/includes to CPPFLAGS])
3377: fi
3378: fi
3379:
3380: SUDOERS_LIBS="${SUDOERS_LIBS} ${LDAP_LIBS}"
3381: LIBS="$_LIBS"
3382: LDFLAGS="$O_LDFLAGS"
3383: fi
3384:
3385: #
3386: # How to do dynamic object loading.
3387: # We support dlopen() and sh_load(), else fall back to static loading.
3388: #
3389: case "$lt_cv_dlopen" in
3390: dlopen)
3391: AC_DEFINE(HAVE_DLOPEN)
3392: if test "$enable_static_sudoers" = "yes"; then
3393: AC_DEFINE(STATIC_SUDOERS_PLUGIN)
3394: SUDO_OBJS="${SUDO_OBJS} preload.o"
3395: STATIC_SUDOERS="\$(top_builddir)/plugins/sudoers/sudoers.la"
3396: SUDOERS_LDFLAGS="${SUDOERS_LDFLAGS} --tag=disable-shared -static"
3397: LT_STATIC=""
3398: else
3399: SUDO_OBJS="$SUDO_OBJS locale_stub.o"
3400: LT_STATIC="--tag=disable-static"
3401: fi
3402: ;;
3403: shl_load)
3404: AC_DEFINE(HAVE_SHL_LOAD)
3405: if test "$enable_static_sudoers" = "yes"; then
3406: AC_DEFINE(STATIC_SUDOERS_PLUGIN)
3407: SUDO_OBJS="${SUDO_OBJS} preload.o"
3408: STATIC_SUDOERS="\$(top_builddir)/plugins/sudoers/sudoers.la"
3409: SUDOERS_LDFLAGS="${SUDOERS_LDFLAGS} --tag=disable-shared -static"
3410: LT_STATIC=""
3411: else
3412: SUDO_OBJS="$SUDO_OBJS locale_stub.o"
3413: LT_STATIC="--tag=disable-static"
3414: fi
3415: ;;
3416: *)
3417: if test X"${ac_cv_func_dlopen}" = X"yes"; then
3418: AC_MSG_ERROR(["dlopen present but libtool doesn't appear to support your platform."])
3419: fi
3420: # Preload sudoers module symbols
3421: SUDO_OBJS="${SUDO_OBJS} preload.o"
3422: STATIC_SUDOERS="\$(top_builddir)/plugins/sudoers/sudoers.la"
3423: LT_STATIC=""
3424: ;;
3425: esac
3426:
3427: # On HP-UX, you cannot dlopen() a shared object that uses pthreads unless
3428: # the main program is linked against -lpthread. We have no knowledge of
3429: # what libraries a plugin may depend on (e.g. HP-UX LDAP which uses pthreads)
3430: # so always link against -lpthread on HP-UX if it is available.
3431: # This check should go after all other libraries tests.
3432: case "$host_os" in
3433: hpux*)
3434: AC_CHECK_LIB(pthread, main, [SUDO_LIBS="${SUDO_LIBS} -lpthread"])
3435: OSDEFS="${OSDEFS} -D_REENTRANT"
3436: ;;
3437: esac
3438:
3439: dnl
3440: dnl Check for log file, timestamp and iolog locations
3441: dnl
3442: if test "$utmp_style" = "LEGACY"; then
3443: SUDO_PATH_UTMP
3444: fi
3445: SUDO_LOGFILE
3446: SUDO_RUNDIR
3447: SUDO_VARDIR
3448: SUDO_IO_LOGDIR
3449:
3450: dnl
3451: dnl Turn warnings into errors.
3452: dnl All compiler/loader tests after this point will fail if
3453: dnl a warning is displayed (nornally, warnings are not fata).
3454: dnl
3455: AC_LANG_WERROR
3456:
3457: dnl
3458: dnl If compiler supports the -static-libgcc flag use it unless we have
3459: dnl GNU ld (which can avoid linking in libgcc when it is not needed).
3460: dnl This test relies on AC_LANG_WERROR
3461: dnl
3462: if test -n "$GCC" -a "$lt_cv_prog_gnu_ld" != "yes" -a -n "$GCC"; then
3463: AX_CHECK_COMPILE_FLAG([-static-libgcc], [LT_LDFLAGS="$LT_LDFLAGS -Wc,-static-libgcc"])
3464: fi
3465:
3466: dnl
3467: dnl Check for symbol visibility support.
3468: dnl This test relies on AC_LANG_WERROR
3469: dnl
3470: if test -n "$GCC"; then
3471: AX_CHECK_COMPILE_FLAG([-fvisibility=hidden], [
3472: AC_DEFINE(HAVE_DSO_VISIBILITY)
3473: CFLAGS="${CFLAGS} -fvisibility=hidden"
3474: LT_LDEXPORTS=
3475: LT_LDDEP=
3476: NO_VIZ=
3477: ])
3478: else
3479: case "$host_os" in
3480: hpux*)
3481: AX_CHECK_COMPILE_FLAG([-Bhidden_def], [
3482: AC_DEFINE(HAVE_DSO_VISIBILITY)
3483: CFLAGS="${CFLAGS} -Bhidden_def"
3484: LT_LDEXPORTS=
3485: LT_LDDEP=
3486: ])
3487: ;;
3488: solaris2*)
3489: AX_CHECK_COMPILE_FLAG([-xldscope=hidden], [
3490: AC_DEFINE(HAVE_DSO_VISIBILITY)
3491: CFLAGS="${CFLAGS} -xldscope=hidden"
3492: LT_LDEXPORTS=
3493: LT_LDDEP=
3494: ])
3495: ;;
3496: esac
3497: fi
3498:
3499: dnl
3500: dnl If the compiler doesn't have symbol visibility support, it may
3501: dnl support version scripts (only GNU and Solaris ld).
3502: dnl This test relies on AC_LANG_WERROR
3503: dnl
3504: if test -n "$LT_LDEXPORTS"; then
3505: if test "$lt_cv_prog_gnu_ld" = "yes"; then
3506: AC_CACHE_CHECK([whether ld supports anonymous map files],
3507: [sudo_cv_var_gnu_ld_anon_map],
3508: [
3509: sudo_cv_var_gnu_ld_anon_map=no
3510: cat > conftest.map <<-EOF
3511: {
3512: global: foo;
3513: local: *;
3514: };
3515: EOF
3516: _CFLAGS="$CFLAGS"
3517: CFLAGS="$CFLAGS $lt_prog_compiler_pic"
3518: _LDFLAGS="$LDFLAGS"
3519: LDFLAGS="$LDFLAGS -fpic -shared -Wl,--version-script,./conftest.map"
3520: AC_LINK_IFELSE([AC_LANG_PROGRAM([[int foo;]], [[]])],
3521: [sudo_cv_var_gnu_ld_anon_map=yes])
3522: CFLAGS="$_CFLAGS"
3523: LDFLAGS="$_LDFLAGS"
3524: ]
3525: )
3526: if test "$sudo_cv_var_gnu_ld_anon_map" = "yes"; then
3527: LT_LDEXPORTS=; LT_LDDEP="\$(shlib_map)"; LT_LDMAP="-Wl,--version-script,\$(shlib_map)"
3528: fi
3529: else
3530: case "$host_os" in
3531: solaris2*)
3532: AC_CACHE_CHECK([whether ld supports anonymous map files],
3533: [sudo_cv_var_solaris_ld_anon_map],
3534: [
3535: sudo_cv_var_solaris_ld_anon_map=no
3536: cat > conftest.map <<-EOF
3537: {
3538: global: foo;
3539: local: *;
3540: };
3541: EOF
3542: _CFLAGS="$CFLAGS"
3543: CFLAGS="$CFLAGS $lt_prog_compiler_pic"
3544: _LDFLAGS="$LDFLAGS"
3545: LDFLAGS="$LDFLAGS -shared -Wl,-M,./conftest.map"
3546: AC_LINK_IFELSE([AC_LANG_PROGRAM([[int foo;]], [[]])],
3547: [sudo_cv_var_solaris_ld_anon_map=yes])
3548: CFLAGS="$_CFLAGS"
3549: LDFLAGS="$_LDFLAGS"
3550: ]
3551: )
3552: if test "$sudo_cv_var_solaris_ld_anon_map" = "yes"; then
3553: LT_LDEXPORTS=; LT_LDDEP="\$(shlib_map)"; LT_LDMAP="-Wl,-M,\$(shlib_map)"
3554: fi
3555: ;;
3556: hpux*)
3557: AC_CACHE_CHECK([whether ld supports controlling exported symbols],
3558: [sudo_cv_var_hpux_ld_symbol_export],
3559: [
3560: sudo_cv_var_hpux_ld_symbol_export=no
3561: echo "+e foo" > conftest.opt
3562: _CFLAGS="$CFLAGS"
3563: CFLAGS="$CFLAGS $lt_prog_compiler_pic"
3564: _LDFLAGS="$LDFLAGS"
3565: if test -n "$GCC"; then
3566: LDFLAGS="$LDFLAGS -shared -Wl,-c,./conftest.opt"
3567: else
3568: LDFLAGS="$LDFLAGS -Wl,-b -Wl,-c,./conftest.opt"
3569: fi
3570: AC_LINK_IFELSE([AC_LANG_PROGRAM([[int foo;]], [[]])],
3571: [sudo_cv_var_hpux_ld_symbol_export=yes])
3572: CFLAGS="$_CFLAGS"
3573: LDFLAGS="$_LDFLAGS"
3574: rm -f conftest.opt
3575: ]
3576: )
3577: if test "$sudo_cv_var_hpux_ld_symbol_export" = "yes"; then
3578: LT_LDEXPORTS=; LT_LDDEP="\$(shlib_opt)"; LT_LDOPT="-Wl,-c,\$(shlib_opt)"
3579: fi
3580: ;;
3581: esac
3582: fi
3583: fi
3584:
3585: dnl
3586: dnl Check for PIE executable support if using gcc.
3587: dnl This test relies on AC_LANG_WERROR
3588: dnl
3589: if test -n "$GCC"; then
3590: if test -z "$enable_pie"; then
3591: case "$host_os" in
3592: linux*)
3593: # Attempt to build with PIE support
3594: enable_pie="maybe"
3595: ;;
3596: esac
3597: fi
3598: if test -n "$enable_pie"; then
3599: if test "$enable_pie" = "no"; then
3600: AX_CHECK_COMPILE_FLAG([-fno-pie], [
3601: _CFLAGS="$CFLAGS"
3602: CFLAGS="$CFLAGS -fno-pie"
3603: AX_CHECK_LINK_FLAG([-nopie], [
3604: PIE_CFLAGS="-fno-pie"
3605: PIE_LDFLAGS="-nopie"
3606: ])
3607: CFLAGS="$_CFLAGS"
3608: ])
3609: else
3610: AX_CHECK_COMPILE_FLAG([-fPIE], [
3611: _CFLAGS="$CFLAGS"
3612: CFLAGS="$CFLAGS -fPIE"
3613: AX_CHECK_LINK_FLAG([-pie], [
3614: if test "$enable_pie" = "maybe"; then
3615: SUDO_WORKING_PIE([enable_pie=yes], [])
3616: fi
3617: if test "$enable_pie" = "yes"; then
3618: PIE_CFLAGS="-fPIE"
3619: PIE_LDFLAGS="-Wc,-fPIE -pie"
3620: fi
3621: ])
3622: CFLAGS="$_CFLAGS"
3623: ])
3624: fi
3625: fi
3626: fi
3627: if test "$enable_pie" != "yes"; then
3628: # Solaris 11.1 and higher supports tagging binaries to use ASLR
3629: case "$host_os" in
3630: solaris2.1[[1-9]]|solaris2.[[2-9]][[0-9]])
3631: AX_CHECK_LINK_FLAG([-Wl,-z,aslr], [PIE_LDFLAGS="${PIE_LDFLAGS}${PIE_LDFLAGS+ }-Wl,-z,aslr"])
3632: ;;
3633: esac
3634: fi
3635:
3636: dnl
3637: dnl Check for -fstack-protector and -z relro support
3638: dnl This test relies on AC_LANG_WERROR
3639: dnl
3640: if test "$enable_hardening" != "no"; then
3641: if test -n "$GCC"; then
3642: AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [
3643: AX_CHECK_LINK_FLAG([-fstack-protector-strong], [
3644: SSP_CFLAGS="-fstack-protector-strong"
3645: SSP_LDFLAGS="-Wc,-fstack-protector-strong"
3646: ])
3647: ])
3648: if test -z "$SSP_CFLAGS"; then
3649: AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [
3650: AX_CHECK_LINK_FLAG([-fstack-protector-all], [
3651: SSP_CFLAGS="-fstack-protector-all"
3652: SSP_LDFLAGS="-Wc,-fstack-protector-all"
3653: ])
3654: ])
3655: if test -z "$SSP_CFLAGS"; then
3656: AX_CHECK_COMPILE_FLAG([-fstack-protector], [
3657: AX_CHECK_LINK_FLAG([-fstack-protector], [
3658: SSP_CFLAGS="-fstack-protector"
3659: SSP_LDFLAGS="-Wc,-fstack-protector"
3660: ])
3661: ])
3662: fi
3663: fi
3664: fi
3665: AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="${LDFLAGS} -Wl,-z,relro"])
3666: fi
3667:
3668: dnl
3669: dnl Use passwd auth module?
3670: dnl
3671: case "$with_passwd" in
3672: yes|maybe)
3673: AUTH_OBJS="$AUTH_OBJS getspwuid.lo passwd.lo"
3674: ;;
3675: *)
3676: AC_DEFINE(WITHOUT_PASSWD)
3677: if test -z "$AUTH_OBJS"; then
3678: AC_MSG_ERROR([no authentication methods defined.])
3679: fi
3680: ;;
3681: esac
3682: AUTH_OBJS=${AUTH_OBJS# }
3683: _AUTH=`echo "$AUTH_OBJS" | sed -e 's/\.lo//g' -e 's/getspwuid *//'`
3684: AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
3685:
3686: dnl
3687: dnl LIBS may contain duplicates from SUDO_LIBS, SUDOERS_LIBS, or NET_LIBS
3688: dnl
3689: if test -n "$LIBS"; then
3690: L="$LIBS"
3691: LIBS=
3692: for l in ${L}; do
3693: dupe=0
3694: for sl in ${SUDO_LIBS} ${SUDOERS_LIBS} ${NET_LIBS}; do
3695: test $l = $sl && dupe=1
3696: done
3697: test $dupe = 0 && LIBS="${LIBS} $l"
3698: done
3699: fi
3700:
3701: dnl
3702: dnl OS-specific initialization
3703: dnl
3704: AC_DEFINE_UNQUOTED(os_init, $OS_INIT, [Define to an OS-specific initialization function or `os_init_common'.])
3705:
3706: dnl
3707: dnl We add -Wall and -Werror after all tests so they don't cause failures
3708: dnl
3709: if test -n "$GCC"; then
3710: if test X"$enable_warnings" = X"yes" -o X"$with_devel" = X"yes"; then
3711: CFLAGS="${CFLAGS} -Wall -Wsign-compare -Wold-style-definition -Wpointer-arith"
3712: fi
3713: if test X"$enable_werror" = X"yes"; then
3714: CFLAGS="${CFLAGS} -Werror"
3715: fi
3716: fi
3717:
3718: dnl
3719: dnl Skip regress tests and sudoers sanity check if cross compiling.
3720: dnl
3721: CROSS_COMPILING="$cross_compiling"
3722:
3723: dnl
3724: dnl Set exec_prefix
3725: dnl
3726: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
3727:
3728: dnl
3729: dnl Defer setting _PATH_SUDO_NOEXEC until after exec_prefix is set
3730: dnl XXX - this is gross!
3731: dnl
3732: if test X"$with_noexec" != X"no" -o X"$with_selinux" != X"no" -o "$enabled_shared" != X"no"; then
3733: oexec_prefix="$exec_prefix"
3734: if test "$exec_prefix" = '$(prefix)'; then
3735: if test "$prefix" = "NONE"; then
3736: exec_prefix="$ac_default_prefix"
3737: else
3738: exec_prefix="$prefix"
3739: fi
3740: fi
3741: if test X"$with_noexec" != X"no"; then
3742: PROGS="${PROGS} libsudo_noexec.la"
3743: INSTALL_NOEXEC="install-noexec"
3744:
3745: noexec_file="$with_noexec"
3746: _noexec_file=
3747: while test X"$noexec_file" != X"$_noexec_file"; do
3748: _noexec_file="$noexec_file"
3749: eval noexec_file="$_noexec_file"
3750: done
3751: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so])
3752: fi
3753: if test X"$with_selinux" != X"no"; then
3754: sesh_file="$libexecdir/sudo/sesh"
3755: _sesh_file=
3756: while test X"$sesh_file" != X"$_sesh_file"; do
3757: _sesh_file="$sesh_file"
3758: eval sesh_file="$_sesh_file"
3759: done
3760: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SESH, "$sesh_file")
3761: fi
3762: if test X"$enable_shared" != X"no"; then
3763: PLUGINDIR="$with_plugindir"
3764: _PLUGINDIR=
3765: while test X"$PLUGINDIR" != X"$_PLUGINDIR"; do
3766: _PLUGINDIR="$PLUGINDIR"
3767: eval PLUGINDIR="$_PLUGINDIR"
3768: done
3769: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_PLUGIN_DIR, "$PLUGINDIR/")
3770: fi
3771: exec_prefix="$oexec_prefix"
3772: fi
3773: if test X"$with_selinux" = X"no"; then
3774: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SESH, NULL)
3775: fi
3776:
3777: dnl
3778: dnl Add -R options to LDFLAGS, etc.
3779: dnl
3780: if test X"$LDFLAGS_R" != X""; then
3781: LDFLAGS="$LDFLAGS $LDFLAGS_R"
3782: fi
3783: if test X"$SUDOERS_LDFLAGS_R" != X""; then
3784: SUDOERS_LDFLAGS="$SUDOERS_LDFLAGS $SUDOERS_LDFLAGS_R"
3785: fi
3786: if test X"$ZLIB_R" != X""; then
3787: ZLIB="$ZLIB_R $ZLIB"
3788: fi
3789:
3790: dnl
3791: dnl Override default configure dirs for the Makefile
3792: dnl
3793: if test X"$prefix" = X"NONE"; then
3794: test "$mandir" = '${datarootdir}/man' && mandir='$(prefix)/man'
3795: else
3796: test "$mandir" = '${datarootdir}/man' && mandir='$(datarootdir)/man'
3797: fi
3798: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
3799: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
3800: test "$libexecdir" = '${exec_prefix}/libexec' && libexecdir='$(exec_prefix)/libexec'
3801: test "$includedir" = '${prefix}/include' && includedir='$(prefix)/include'
3802: test "$datarootdir" = '${prefix}/share' && datarootdir='$(prefix)/share'
3803: test "$docdir" = '${datarootdir}/doc/${PACKAGE_TARNAME}' && docdir='$(datarootdir)/doc/$(PACKAGE_TARNAME)'
3804: test "$localedir" = '${datarootdir}/locale' && localedir='$(datarootdir)/locale'
3805: test "$localstatedir" = '${prefix}/var' && localstatedir='$(prefix)/var'
3806: test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
3807:
3808: dnl
3809: dnl Substitute into the Makefile and man pages
3810: dnl
3811: AC_CONFIG_FILES([Makefile common/Makefile compat/Makefile doc/Makefile include/Makefile init.d/aix.sh init.d/hpux.sh src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/group_file/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers])
3812: AC_OUTPUT
3813:
3814: dnl
3815: dnl Spew any text the user needs to know about
3816: dnl
3817: if test "$with_pam" = "yes"; then
3818: case $host_os in
3819: hpux*)
3820: if test -f /usr/lib/security/libpam_hpsec.so.1; then
3821: AC_MSG_NOTICE([You may wish to add the following line to /etc/pam.conf])
3822: AC_MSG_NOTICE([sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login])
3823: fi
3824: ;;
3825: linux*)
3826: AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
3827: ;;
3828: esac
3829: fi
3830: dnl
3831: dnl Warn user if they may need to clear rundir manually.
3832: dnl
3833: case "$rundir" in
3834: /var/run*)
3835: clear_rundir=0
3836: ;;
3837: *)
3838: clear_rundir=1
3839: ;;
3840: esac
3841: if test $clear_rundir -eq 1; then
3842: AC_MSG_NOTICE([Warning: the $rundir/ts directory must be cleared at boot time.])
3843: AC_MSG_NOTICE([ You may need to create a startup item to do this.])
3844: fi
3845:
3846: dnl
3847: dnl Autoheader templates
3848: dnl
3849: AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.])
3850: AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.])
3851: AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.])
3852: AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
3853: AH_TEMPLATE(ENV_DEBUG, [Define to 1 to enable environment function debugging.])
3854: AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
3855: AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
3856: AH_TEMPLATE(ENV_RESET, [Define to 1 to enable environment resetting by default.])
3857: AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
3858: AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
3859: AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
3860: AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
3861: AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
3862: AH_TEMPLATE(HAVE_BSM_AUDIT, [Define to 1 to enable BSM audit support.])
3863: AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
3864: AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
3865: AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
3866: AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
3867: AH_TEMPLATE(HAVE_DLOPEN, [Define to 1 if you have the `dlopen' function.])
3868: AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
3869: AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
3870: AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
3871: AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords).])
3872: AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords).])
3873: AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords).])
3874: AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords).])
3875: AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords).])
3876: AH_TEMPLATE(HAVE_GSS_KRB5_CCACHE_NAME, [Define to 1 if you have the `gss_krb5_ccache_name' function.])
3877: AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.])
3878: AH_TEMPLATE(HAVE_INET_PTON, [Define to 1 if you have the `inet_pton' function.])
3879: AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled).])
3880: AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled).])
3881: AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
3882: AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC, [Define to 1 if you have the `krb5_get_init_creds_opt_alloc' function.])
3883: AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS, [Define to 1 if your `krb5_get_init_creds_opt_free' function takes two arguments.])
3884: AH_TEMPLATE(HAVE_KRB5_INIT_SECURE_CONTEXT, [Define to 1 if you have the `krb5_init_secure_context' function.])
3885: AH_TEMPLATE(HAVE_KRB5_VERIFY_USER, [Define to 1 if you have the `krb5_verify_user' function.])
3886: AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not).])
3887: AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.])
3888: AH_TEMPLATE(HAVE_LIBINTL_H, [Define to 1 if you have the <libintl.h> header file.])
3889: AH_TEMPLATE(HAVE_LINUX_AUDIT, [Define to 1 to enable Linux audit support.])
3890: AH_TEMPLATE(HAVE_SSSD, [Define to 1 to enable SSSD support.])
3891: AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.])
3892: AH_TEMPLATE(HAVE_OPTRESET, [Define to 1 if you have the `optreset' symbol.])
3893: AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.])
3894: AH_TEMPLATE(HAVE_PAM_LOGIN, [Define to 1 if you use a specific PAM session for sudo -i.])
3895: AH_TEMPLATE(HAVE_PROJECT_H, [Define to 1 if you have the <project.h> header file.])
3896: AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.])
3897: AH_TEMPLATE(HAVE_SELINUX, [Define to 1 to enable SELinux RBAC support.])
3898: AH_TEMPLATE(HAVE_SETKEYCREATECON, [Define to 1 if you have the `setkeycreatecon' function.])
3899: AH_TEMPLATE(HAVE_SHL_LOAD, [Define to 1 if you have the `shl_load' function.])
3900: AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
3901: AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
3902: AH_TEMPLATE(HAVE_RFC1938_SKEYCHALLENGE, [Define to 1 if the skeychallenge() function is RFC1938-compliant and takes 4 arguments.])
3903: AH_TEMPLATE(HAVE_ST__TIM, [Define to 1 if your struct stat uses an st__tim union.])
3904: AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member.])
3905: AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member.])
3906: AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
3907: AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
3908: AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements.])
3909: AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
3910: AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
3911: AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])
3912: AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.])
3913: AH_TEMPLATE(NO_PAM_SESSION, [Define to 1 if you don't want to use sudo's PAM session support.])
3914: AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.])
3915: AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.])
3916: AH_TEMPLATE(NO_TTY_TICKETS, [Define to 1 if you want a single ticket file instead of per-tty files.])
3917: AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.])
3918: AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.])
3919: AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.])
3920: AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.])
3921: AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.])
3922: AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
3923: AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
3924: AH_TEMPLATE(STATIC_SUDOERS_PLUGIN, [Define to 1 to compile the sudoers plugin statically into the sudo binary.])
3925: AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
3926: AH_TEMPLATE(UMASK_OVERRIDE, [Define to 1 to use the umask specified in sudoers even when it is less restrictive than the invoking user's.])
3927: AH_TEMPLATE(USE_ADMIN_FLAG, [Define to 1 if you want to create ~/.sudo_as_admin_successful if the user is in the admin group the first time they run sudo.])
3928: AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
3929: AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
3930: AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
3931: AH_TEMPLATE(clockid_t, [Define to `int' if <time.h> does not define.])
3932: AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
3933: AH_TEMPLATE(socklen_t, [Define to `unsigned int' if <sys/socket.h> doesn't define.])
3934: AH_TEMPLATE(HAVE_STRUCT_UTMP_UT_EXIT, [Define to 1 if `ut_exit' is a member of `struct utmp'.])
3935: AH_TEMPLATE(HAVE_STRUCT_UTMPX_UT_EXIT, [Define to 1 if `ut_exit' is a member of `struct utmpx'.])
3936: AH_TEMPLATE(HAVE___FUNC__, [Define to 1 if the compiler supports the C99 __func__ variable.])
3937: AH_TEMPLATE(HAVE___INTERPOSE, [Define to 1 if you have dyld with __interpose attribute support.])
3938: AH_TEMPLATE(SUDO_KRB5_INSTANCE, [An instance string to append to the username (separated by a slash) for Kerberos V authentication.])
3939: AH_TEMPLATE(RTLD_PRELOAD_VAR, [The environment variable that controls preloading of dynamic objects.])
3940: AH_TEMPLATE(RTLD_PRELOAD_ENABLE_VAR, [An extra environment variable that is required to enable preloading (if any).])
3941: AH_TEMPLATE(RTLD_PRELOAD_DELIM, [The delimiter to use when defining multiple preloaded objects.])
3942: AH_TEMPLATE(RTLD_PRELOAD_DEFAULT, [The default value of preloaded objects (if any).])
3943: AH_TEMPLATE(HAVE_DSO_VISIBILITY, [Define to 1 if the compiler supports the __visibility__ attribute.])
3944: AH_TEMPLATE(HAVE_SYS_SIGABBREV, [Define to 1 if your libc has the `sys_sigabbrev' symbol.])
3945: AH_TEMPLATE(HAVE_NSS_SEARCH, [Define to 1 if you have the `nss_search' function.])
3946: AH_TEMPLATE(HAVE__NSS_INITF_GROUP, [Define to 1 if you have the `_nss_initf_group' function.])
3947: AH_TEMPLATE(HAVE___NSS_INITF_GROUP, [Define to 1 if you have the `__nss_initf_group' function.])
3948: AH_TEMPLATE(HAVE__NSS_XBYY_BUF_ALLOC, [Define to 1 if you have the `_nss_XbyY_buf_alloc' function.])
3949: AH_TEMPLATE(HAVE___NSS_XBYY_BUF_ALLOC, [Define to 1 if you have the `__nss_XbyY_buf_alloc' function.])
3950:
3951: dnl
3952: dnl Bits to copy verbatim into config.h.in
3953: dnl
3954: AH_TOP([#ifndef _SUDO_CONFIG_H
3955: #define _SUDO_CONFIG_H])
3956:
3957: AH_BOTTOM([/* BSD compatibility on some SVR4 systems. */
3958: #ifdef __svr4__
3959: # define BSD_COMP
3960: #endif /* __svr4__ */
3961:
3962: #endif /* _SUDO_CONFIG_H */])
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to configure.ac CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo