Annotation of embedaddon/sudo/configure.in, revision 1.1.1.1
1.1 misho 1: dnl
2: dnl Process this file with GNU autoconf to produce a configure script.
3: dnl
4: dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller <Todd.Miller@courtesan.com>
5: dnl
6: AC_INIT([sudo], [1.8.3p2], [http://www.sudo.ws/bugs/], [sudo])
7: AC_CONFIG_HEADER([config.h pathnames.h])
8: dnl
9: dnl Note: this must come after AC_INIT
10: dnl
11: AC_MSG_NOTICE([Configuring Sudo version $PACKAGE_VERSION])
12: dnl
13: dnl Variables that get substituted in the Makefile and man pages
14: dnl
15: AC_SUBST([HAVE_BSM_AUDIT])
16: AC_SUBST([SHELL])
17: AC_SUBST([LIBTOOL])
18: AC_SUBST([CFLAGS])
19: AC_SUBST([PROGS])
20: AC_SUBST([CPPFLAGS])
21: AC_SUBST([LDFLAGS])
22: AC_SUBST([SUDOERS_LDFLAGS])
23: AC_SUBST([LTLDFLAGS])
24: AC_SUBST([COMMON_OBJS])
25: AC_SUBST([SUDOERS_OBJS])
26: AC_SUBST([SUDO_OBJS])
27: AC_SUBST([LIBS])
28: AC_SUBST([SUDO_LIBS])
29: AC_SUBST([SUDOERS_LIBS])
30: AC_SUBST([NET_LIBS])
31: AC_SUBST([AFS_LIBS])
32: AC_SUBST([REPLAY_LIBS])
33: AC_SUBST([GETGROUPS_LIB])
34: AC_SUBST([OSDEFS])
35: AC_SUBST([AUTH_OBJS])
36: AC_SUBST([MANTYPE])
37: AC_SUBST([MAN_POSTINSTALL])
38: AC_SUBST([SUDOERS_MODE])
39: AC_SUBST([SUDOERS_UID])
40: AC_SUBST([SUDOERS_GID])
41: AC_SUBST([DEV])
42: AC_SUBST([BAMAN])
43: AC_SUBST([LCMAN])
44: AC_SUBST([SEMAN])
45: AC_SUBST([devdir])
46: AC_SUBST([mansectsu])
47: AC_SUBST([mansectform])
48: AC_SUBST([mansrcdir])
49: AC_SUBST([NOEXECFILE])
50: AC_SUBST([NOEXECDIR])
51: AC_SUBST([PLUGINDIR])
52: AC_SUBST([SOEXT])
53: AC_SUBST([noexec_file])
54: AC_SUBST([INSTALL_NOEXEC])
55: AC_SUBST([DONT_LEAK_PATH_INFO])
56: AC_SUBST([BSDAUTH_USAGE])
57: AC_SUBST([SELINUX_USAGE])
58: AC_SUBST([LDAP])
59: AC_SUBST([LOGINCAP_USAGE])
60: AC_SUBST([ZLIB])
61: AC_SUBST([ZLIB_SRC])
62: AC_SUBST([LIBTOOL_DEPS])
63: AC_SUBST([ac_config_libobj_dir])
64: AC_SUBST([CONFIGURE_ARGS])
65: AC_SUBST([LIBDL])
66: AC_SUBST([LT_STATIC])
67: AC_SUBST([LIBINTL])
68: AC_SUBST([SUDO_NLS])
69: dnl
70: dnl Variables that get substituted in docs (not overridden by environment)
71: dnl
72: AC_SUBST([iolog_dir])dnl real initial value from SUDO_IO_LOGDIR
73: AC_SUBST([timedir])dnl real initial value from SUDO_TIMEDIR
74: AC_SUBST([timeout])
75: AC_SUBST([password_timeout])
76: AC_SUBST([sudo_umask])
77: AC_SUBST([umask_override])
78: AC_SUBST([passprompt])
79: AC_SUBST([long_otp_prompt])
80: AC_SUBST([lecture])
81: AC_SUBST([logfac])
82: AC_SUBST([goodpri])
83: AC_SUBST([badpri])
84: AC_SUBST([loglen])
85: AC_SUBST([ignore_dot])
86: AC_SUBST([mail_no_user])
87: AC_SUBST([mail_no_host])
88: AC_SUBST([mail_no_perms])
89: AC_SUBST([mailto])
90: AC_SUBST([mailsub])
91: AC_SUBST([badpass_message])
92: AC_SUBST([fqdn])
93: AC_SUBST([runas_default])
94: AC_SUBST([env_editor])
95: AC_SUBST([env_reset])
96: AC_SUBST([passwd_tries])
97: AC_SUBST([tty_tickets])
98: AC_SUBST([insults])
99: AC_SUBST([root_sudo])
100: AC_SUBST([path_info])
101: AC_SUBST([ldap_conf])
102: AC_SUBST([ldap_secret])
103: AC_SUBST([nsswitch_conf])
104: AC_SUBST([netsvc_conf])
105: AC_SUBST([secure_path])
106: AC_SUBST([editor])
107: #
108: # Begin initial values for man page substitution
109: #
110: iolog_dir=/var/log/sudo-io
111: timedir=/var/adm/sudo
112: timeout=5
113: password_timeout=5
114: sudo_umask=0022
115: umask_override=off
116: passprompt="Password:"
117: long_otp_prompt=off
118: lecture=once
119: logfac=auth
120: goodpri=notice
121: badpri=alert
122: loglen=80
123: ignore_dot=off
124: mail_no_user=on
125: mail_no_host=off
126: mail_no_perms=off
127: mailto=root
128: mailsub="*** SECURITY information for %h ***"
129: badpass_message="Sorry, try again."
130: fqdn=off
131: runas_default=root
132: env_editor=off
133: env_reset=on
134: editor=vi
135: passwd_tries=3
136: tty_tickets=on
137: insults=off
138: root_sudo=on
139: path_info=on
140: ldap_conf=/etc/ldap.conf
141: ldap_secret=/etc/ldap.secret
142: netsvc_conf=/etc/netsvc.conf
143: noexec_file=/usr/local/libexec/sudo_noexec.so
144: nsswitch_conf=/etc/nsswitch.conf
145: secure_path="not set"
146: #
147: # End initial values for man page substitution
148: #
149: dnl
150: dnl Initial values for Makefile variables listed above
151: dnl May be overridden by environment variables..
152: dnl
153: INSTALL_NOEXEC=
154: devdir='$(srcdir)'
155: PROGS="sudo"
156: : ${MANTYPE='man'}
157: : ${mansrcdir='.'}
158: : ${SUDOERS_MODE='0440'}
159: : ${SUDOERS_UID='0'}
160: : ${SUDOERS_GID='0'}
161: DEV="#"
162: LDAP="#"
163: BAMAN=0
164: LCMAN=0
165: SEMAN=0
166: LIBINTL=
167: ZLIB=
168: ZLIB_SRC=
169: AUTH_OBJS=
170: AUTH_REG=
171: AUTH_EXCL=
172: AUTH_EXCL_DEF=
173: AUTH_DEF=passwd
174: SUDO_NLS=disabled
175:
176: dnl
177: dnl Other vaiables
178: dnl
179: CHECKSHADOW=true
180: shadow_defs=
181: shadow_funcs=
182: shadow_libs=
183: shadow_libs_optional=
184: CONFIGURE_ARGS="$@"
185:
186: dnl
187: dnl libc replacement functions live in compat
188: dnl
189: AC_CONFIG_LIBOBJ_DIR(compat)
190:
191: dnl
192: dnl Deprecated --with options (these all warn or generate an error)
193: dnl
194:
195: AC_ARG_WITH(otp-only, [AS_HELP_STRING([--with-otp-only], [deprecated])],
196: [case $with_otp_only in
197: yes) with_passwd="no"
198: AC_MSG_NOTICE([--with-otp-only option deprecated, treating as --without-passwd])
199: ;;
200: esac])
201:
202: AC_ARG_WITH(alertmail, [AS_HELP_STRING([--with-alertmail], [deprecated])],
203: [case $with_alertmail in
204: *) with_mailto="$with_alertmail"
205: AC_MSG_NOTICE([--with-alertmail option deprecated, treating as --mailto])
206: ;;
207: esac])
208:
209: dnl
210: dnl Options for --with
211: dnl
212:
213: AC_ARG_WITH(devel, [AS_HELP_STRING([--with-devel], [add development options])],
214: [case $with_devel in
215: yes) AC_MSG_NOTICE([Setting up for development: -Wall, flex, yacc])
216: OSDEFS="${OSDEFS} -DSUDO_DEVEL"
217: DEV=""
218: devdir=.
219: ;;
220: no) ;;
221: *) AC_MSG_WARN([Ignoring unknown argument to --with-devel: $with_devel])
222: ;;
223: esac])
224:
225: AC_ARG_WITH(CC, [AS_HELP_STRING([--with-CC], [C compiler to use])],
226: [case $with_CC in
227: *) AC_MSG_ERROR([the --with-CC option is no longer supported, please set the CC environment variable instead.])
228: ;;
229: esac])
230:
231: AC_ARG_WITH(rpath, [AS_HELP_STRING([--with-rpath], [pass -R flag in addition to -L for lib paths])],
232: [case $with_rpath in
233: yes|no) ;;
234: *) AC_MSG_ERROR(["--with-rpath does not take an argument."])
235: ;;
236: esac])
237:
238: AC_ARG_WITH(blibpath, [AS_HELP_STRING([--with-blibpath[=PATH]], [pass -blibpath flag to ld for additional lib paths])],
239: [case $with_blibpath in
240: yes|no) ;;
241: *) AC_MSG_NOTICE([will pass -blibpath:${with_blibpath} to the loader.])
242: ;;
243: esac])
244:
245: dnl
246: dnl Handle BSM auditing support.
247: dnl
248: AC_ARG_WITH(bsm-audit, [AS_HELP_STRING([--with-bsm-audit], [enable BSM audit support])],
249: [case $with_bsm_audit in
250: yes) AC_DEFINE(HAVE_BSM_AUDIT)
251: SUDOERS_LIBS="${SUDOERS_LIBS} -lbsm"
252: SUDOERS_OBJS="${SUDOERS_OBJS} bsm_audit.lo"
253: ;;
254: no) ;;
255: *) AC_MSG_ERROR(["--with-bsm-audit does not take an argument."])
256: ;;
257: esac])
258:
259: dnl
260: dnl Handle Linux auditing support.
261: dnl
262: AC_ARG_WITH(linux-audit, [AS_HELP_STRING([--with-linux-audit], [enable Linux audit support])],
263: [case $with_linux_audit in
264: yes) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <libaudit.h>]], [[int i = AUDIT_USER_CMD; (void)i;]])], [
265: AC_DEFINE(HAVE_LINUX_AUDIT)
266: SUDO_LIBS="${SUDO_LIBS} -laudit"
267: SUDOERS_LIBS="${SUDO_LIBS} -laudit"
268: SUDOERS_OBJS="${SUDOERS_OBJS} linux_audit.lo"
269: ], [
270: AC_MSG_ERROR([unable to find AUDIT_USER_CMD in libaudit.h for --with-linux-audit])
271: ])
272: ;;
273: no) ;;
274: *) AC_MSG_ERROR(["--with-linux-audit does not take an argument."])
275: ;;
276: esac])
277:
278: AC_ARG_WITH(incpath, [AS_HELP_STRING([--with-incpath], [additional places to look for include files])],
279: [case $with_incpath in
280: yes) AC_MSG_ERROR(["must give --with-incpath an argument."])
281: ;;
282: no) AC_MSG_ERROR(["--without-incpath not supported."])
283: ;;
284: *) AC_MSG_NOTICE([Adding ${with_incpath} to CPPFLAGS])
285: for i in ${with_incpath}; do
286: CPPFLAGS="${CPPFLAGS} -I${i}"
287: done
288: ;;
289: esac])
290:
291: AC_ARG_WITH(libpath, [AS_HELP_STRING([--with-libpath], [additional places to look for libraries])],
292: [case $with_libpath in
293: yes) AC_MSG_ERROR(["must give --with-libpath an argument."])
294: ;;
295: no) AC_MSG_ERROR(["--without-libpath not supported."])
296: ;;
297: *) AC_MSG_NOTICE([Adding ${with_libpath} to LDFLAGS])
298: ;;
299: esac])
300:
301: AC_ARG_WITH(libraries, [AS_HELP_STRING([--with-libraries], [additional libraries to link with])],
302: [case $with_libraries in
303: yes) AC_MSG_ERROR(["must give --with-libraries an argument."])
304: ;;
305: no) AC_MSG_ERROR(["--without-libraries not supported."])
306: ;;
307: *) AC_MSG_NOTICE([Adding ${with_libraries} to LIBS])
308: ;;
309: esac])
310:
311: AC_ARG_WITH(efence, [AS_HELP_STRING([--with-efence], [link with -lefence for malloc() debugging])],
312: [case $with_efence in
313: yes) AC_MSG_NOTICE([Sudo will link with -lefence (Electric Fence)])
314: LIBS="${LIBS} -lefence"
315: if test -f /usr/local/lib/libefence.a; then
316: with_libpath="${with_libpath} /usr/local/lib"
317: fi
318: ;;
319: no) ;;
320: *) AC_MSG_WARN([Ignoring unknown argument to --with-efence: $with_efence])
321: ;;
322: esac])
323:
324: AC_ARG_WITH(csops, [AS_HELP_STRING([--with-csops], [add CSOps standard options])],
325: [case $with_csops in
326: yes) AC_MSG_NOTICE([Adding CSOps standard options])
327: CHECKSIA=false
328: with_ignore_dot=yes
329: insults=on
330: with_classic_insults=yes
331: with_csops_insults=yes
332: with_env_editor=yes
333: : ${mansectsu='8'}
334: : ${mansectform='5'}
335: ;;
336: no) ;;
337: *) AC_MSG_WARN([Ignoring unknown argument to --with-csops: $with_csops])
338: ;;
339: esac])
340:
341: AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])],
342: [case $with_passwd in
343: yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
344: AC_MSG_RESULT($with_passwd)
345: AUTH_DEF=""
346: test "$with_passwd" = "yes" && AUTH_REG="$AUTH_REG passwd"
347: ;;
348: *) AC_MSG_ERROR(["Sorry, --with-passwd does not take an argument."])
349: ;;
350: esac])
351:
352: AC_ARG_WITH(skey, [AS_HELP_STRING([--with-skey[=DIR]], [enable S/Key support ])],
353: [case $with_skey in
354: no) ;;
355: *) AC_DEFINE(HAVE_SKEY)
356: AC_MSG_CHECKING(whether to try S/Key authentication)
357: AC_MSG_RESULT(yes)
358: AUTH_REG="$AUTH_REG S/Key"
359: ;;
360: esac])
361:
362: AC_ARG_WITH(opie, [AS_HELP_STRING([--with-opie[=DIR]], [enable OPIE support ])],
363: [case $with_opie in
364: no) ;;
365: *) AC_DEFINE(HAVE_OPIE)
366: AC_MSG_CHECKING(whether to try NRL OPIE authentication)
367: AC_MSG_RESULT(yes)
368: AUTH_REG="$AUTH_REG NRL_OPIE"
369: ;;
370: esac])
371:
372: AC_ARG_WITH(long-otp-prompt, [AS_HELP_STRING([--with-long-otp-prompt], [use a two line OTP (skey/opie) prompt])],
373: [case $with_long_otp_prompt in
374: yes) AC_DEFINE(LONG_OTP_PROMPT)
375: AC_MSG_CHECKING(whether to use a two line prompt for OTP authentication)
376: AC_MSG_RESULT(yes)
377: long_otp_prompt=on
378: ;;
379: no) long_otp_prompt=off
380: ;;
381: *) AC_MSG_ERROR(["--with-long-otp-prompt does not take an argument."])
382: ;;
383: esac])
384:
385: AC_ARG_WITH(SecurID, [AS_HELP_STRING([--with-SecurID[[=DIR]]], [enable SecurID support])],
386: [case $with_SecurID in
387: no) ;;
388: *) AC_DEFINE(HAVE_SECURID)
389: AC_MSG_CHECKING(whether to use SecurID for authentication)
390: AC_MSG_RESULT(yes)
391: AUTH_EXCL="$AUTH_EXCL SecurID"
392: ;;
393: esac])
394:
395: AC_ARG_WITH(fwtk, [AS_HELP_STRING([--with-fwtk[[=DIR]]], [enable FWTK AuthSRV support])],
396: [case $with_fwtk in
397: no) ;;
398: *) AC_DEFINE(HAVE_FWTK)
399: AC_MSG_CHECKING(whether to use FWTK AuthSRV for authentication)
400: AC_MSG_RESULT(yes)
401: AUTH_EXCL="$AUTH_EXCL FWTK"
402: ;;
403: esac])
404:
405: AC_ARG_WITH(kerb4, [AS_HELP_STRING([--with-kerb4[[=DIR]]], [enable Kerberos IV support])],
406: [case $with_kerb4 in
407: no) ;;
408: *) AC_MSG_CHECKING(whether to try kerberos IV authentication)
409: AC_MSG_RESULT(yes)
410: AUTH_REG="$AUTH_REG kerb4"
411: ;;
412: esac])
413:
414: AC_ARG_WITH(kerb5, [AS_HELP_STRING([--with-kerb5[[=DIR]]], [enable Kerberos V support])],
415: [case $with_kerb5 in
416: no) ;;
417: *) AC_MSG_CHECKING(whether to try Kerberos V authentication)
418: AC_MSG_RESULT(yes)
419: AUTH_REG="$AUTH_REG kerb5"
420: ;;
421: esac])
422:
423: AC_ARG_WITH(aixauth, [AS_HELP_STRING([--with-aixauth], [enable AIX general authentication support])],
424: [case $with_aixauth in
425: yes) AUTH_EXCL="$AUTH_EXCL AIX_AUTH";;
426: no) ;;
427: *) AC_MSG_ERROR(["--with-aixauth does not take an argument."])
428: ;;
429: esac])
430:
431: AC_ARG_WITH(pam, [AS_HELP_STRING([--with-pam], [enable PAM support])],
432: [case $with_pam in
433: yes) AUTH_EXCL="$AUTH_EXCL PAM";;
434: no) ;;
435: *) AC_MSG_ERROR(["--with-pam does not take an argument."])
436: ;;
437: esac])
438:
439: AC_ARG_WITH(AFS, [AS_HELP_STRING([--with-AFS], [enable AFS support])],
440: [case $with_AFS in
441: yes) AC_DEFINE(HAVE_AFS)
442: AC_MSG_CHECKING(whether to try AFS (kerberos) authentication)
443: AC_MSG_RESULT(yes)
444: AUTH_REG="$AUTH_REG AFS"
445: ;;
446: no) ;;
447: *) AC_MSG_ERROR(["--with-AFS does not take an argument."])
448: ;;
449: esac])
450:
451: AC_ARG_WITH(DCE, [AS_HELP_STRING([--with-DCE], [enable DCE support])],
452: [case $with_DCE in
453: yes) AC_DEFINE(HAVE_DCE)
454: AC_MSG_CHECKING(whether to try DCE (kerberos) authentication)
455: AC_MSG_RESULT(yes)
456: AUTH_REG="$AUTH_REG DCE"
457: ;;
458: no) ;;
459: *) AC_MSG_ERROR(["--with-DCE does not take an argument."])
460: ;;
461: esac])
462:
463: AC_ARG_WITH(logincap, [AS_HELP_STRING([--with-logincap], [enable BSD login class support])],
464: [case $with_logincap in
465: yes|no) ;;
466: *) AC_MSG_ERROR(["--with-logincap does not take an argument."])
467: ;;
468: esac])
469:
470: AC_ARG_WITH(bsdauth, [AS_HELP_STRING([--with-bsdauth], [enable BSD authentication support])],
471: [case $with_bsdauth in
472: yes) AUTH_EXCL="$AUTH_EXCL BSD_AUTH";;
473: no) ;;
474: *) AC_MSG_ERROR(["--with-bsdauth does not take an argument."])
475: ;;
476: esac])
477:
478: AC_ARG_WITH(project, [AS_HELP_STRING([--with-project], [enable Solaris project support])],
479: [case $with_project in
480: yes|no) ;;
481: no) ;;
482: *) AC_MSG_ERROR(["--with-project does not take an argument."])
483: ;;
484: esac])
485:
486: AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
487: AC_ARG_WITH(lecture, [AS_HELP_STRING([--without-lecture], [don't print lecture for first-time sudoer])],
488: [case $with_lecture in
489: yes|short|always) lecture=once
490: ;;
491: no|none|never) lecture=never
492: ;;
493: *) AC_MSG_ERROR(["unknown argument to --with-lecture: $with_lecture"])
494: ;;
495: esac])
496: if test "$lecture" = "once"; then
497: AC_MSG_RESULT(yes)
498: else
499: AC_DEFINE(NO_LECTURE)
500: AC_MSG_RESULT(no)
501: fi
502:
503: AC_MSG_CHECKING(whether sudo should log via syslog or to a file by default)
504: AC_ARG_WITH(logging, [AS_HELP_STRING([--with-logging], [log via syslog, file, or both])],
505: [case $with_logging in
506: yes) AC_MSG_ERROR(["must give --with-logging an argument."])
507: ;;
508: no) AC_MSG_ERROR(["--without-logging not supported."])
509: ;;
510: syslog) AC_DEFINE(LOGGING, SLOG_SYSLOG)
511: AC_MSG_RESULT(syslog)
512: ;;
513: file) AC_DEFINE(LOGGING, SLOG_FILE)
514: AC_MSG_RESULT(file)
515: ;;
516: both) AC_DEFINE(LOGGING, SLOG_BOTH)
517: AC_MSG_RESULT(both)
518: ;;
519: *) AC_MSG_ERROR(["unknown argument to --with-logging: $with_logging"])
520: ;;
521: esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
522:
523: AC_ARG_WITH(logfac, [AS_HELP_STRING([--with-logfac], [syslog facility to log with (default is "auth")])],
524: [case $with_logfac in
525: yes) AC_MSG_ERROR(["must give --with-logfac an argument."])
526: ;;
527: no) AC_MSG_ERROR(["--without-logfac not supported."])
528: ;;
529: authpriv|auth|daemon|user|local0|local1|local2|local3|local4|local5|local6|local7) logfac=$with_logfac
530: ;;
531: *) AC_MSG_ERROR(["$with_logfac is not a supported syslog facility."])
532: ;;
533: esac])
534:
535: AC_MSG_CHECKING(at which syslog priority to log commands)
536: AC_ARG_WITH(goodpri, [AS_HELP_STRING([--with-goodpri], [syslog priority for commands (def is "notice")])],
537: [case $with_goodpri in
538: yes) AC_MSG_ERROR(["must give --with-goodpri an argument."])
539: ;;
540: no) AC_MSG_ERROR(["--without-goodpri not supported."])
541: ;;
542: alert|crit|debug|emerg|err|info|notice|warning)
543: goodpri=$with_goodpri
544: ;;
545: *) AC_MSG_ERROR(["$with_goodpri is not a supported syslog priority."])
546: ;;
547: esac])
548: AC_DEFINE_UNQUOTED(PRI_SUCCESS, "$goodpri", [The syslog priority sudo will use for successful attempts.])
549: AC_MSG_RESULT($goodpri)
550:
551: AC_MSG_CHECKING(at which syslog priority to log failures)
552: AC_ARG_WITH(badpri, [AS_HELP_STRING([--with-badpri], [syslog priority for failures (def is "alert")])],
553: [case $with_badpri in
554: yes) AC_MSG_ERROR(["must give --with-badpri an argument."])
555: ;;
556: no) AC_MSG_ERROR(["--without-badpri not supported."])
557: ;;
558: alert|crit|debug|emerg|err|info|notice|warning)
559: badpri=$with_badpri
560: ;;
561: *) AC_MSG_ERROR([$with_badpri is not a supported syslog priority.])
562: ;;
563: esac])
564: AC_DEFINE_UNQUOTED(PRI_FAILURE, "$badpri", [The syslog priority sudo will use for unsuccessful attempts/errors.])
565: AC_MSG_RESULT($badpri)
566:
567: AC_ARG_WITH(logpath, [AS_HELP_STRING([--with-logpath], [path to the sudo log file])],
568: [case $with_logpath in
569: yes) AC_MSG_ERROR(["must give --with-logpath an argument."])
570: ;;
571: no) AC_MSG_ERROR(["--without-logpath not supported."])
572: ;;
573: esac])
574:
575: AC_MSG_CHECKING(how long a line in the log file should be)
576: AC_ARG_WITH(loglen, [AS_HELP_STRING([--with-loglen], [maximum length of a log file line (default is 80)])],
577: [case $with_loglen in
578: yes) AC_MSG_ERROR(["must give --with-loglen an argument."])
579: ;;
580: no) AC_MSG_ERROR(["--without-loglen not supported."])
581: ;;
582: [[0-9]]*) loglen=$with_loglen
583: ;;
584: *) AC_MSG_ERROR(["you must enter a number, not $with_loglen"])
585: ;;
586: esac])
587: AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $loglen, [The max number of chars per log file line (for line wrapping).])
588: AC_MSG_RESULT($loglen)
589:
590: AC_MSG_CHECKING(whether sudo should ignore '.' or '' in \$PATH)
591: AC_ARG_WITH(ignore-dot, [AS_HELP_STRING([--with-ignore-dot], [ignore '.' in the PATH])],
592: [case $with_ignore_dot in
593: yes) ignore_dot=on
594: ;;
595: no) ignore_dot=off
596: ;;
597: *) AC_MSG_ERROR(["--with-ignore-dot does not take an argument."])
598: ;;
599: esac])
600: if test "$ignore_dot" = "on"; then
601: AC_DEFINE(IGNORE_DOT_PATH)
602: AC_MSG_RESULT(yes)
603: else
604: AC_MSG_RESULT(no)
605: fi
606:
607: AC_MSG_CHECKING(whether to send mail when a user is not in sudoers)
608: AC_ARG_WITH(mail-if-no-user, [AS_HELP_STRING([--without-mail-if-no-user], [do not send mail if user not in sudoers])],
609: [case $with_mail_if_no_user in
610: yes) mail_no_user=on
611: ;;
612: no) mail_no_user=off
613: ;;
614: *) AC_MSG_ERROR(["--with-mail-if-no-user does not take an argument."])
615: ;;
616: esac])
617: if test "$mail_no_user" = "on"; then
618: AC_DEFINE(SEND_MAIL_WHEN_NO_USER)
619: AC_MSG_RESULT(yes)
620: else
621: AC_MSG_RESULT(no)
622: fi
623:
624: AC_MSG_CHECKING(whether to send mail when user listed but not for this host)
625: AC_ARG_WITH(mail-if-no-host, [AS_HELP_STRING([--with-mail-if-no-host], [send mail if user in sudoers but not for this host])],
626: [case $with_mail_if_no_host in
627: yes) mail_no_host=on
628: ;;
629: no) mail_no_host=off
630: ;;
631: *) AC_MSG_ERROR(["--with-mail-if-no-host does not take an argument."])
632: ;;
633: esac])
634: if test "$mail_no_host" = "on"; then
635: AC_DEFINE(SEND_MAIL_WHEN_NO_HOST)
636: AC_MSG_RESULT(yes)
637: else
638: AC_MSG_RESULT(no)
639: fi
640:
641: AC_MSG_CHECKING(whether to send mail when a user tries a disallowed command)
642: AC_ARG_WITH(mail-if-noperms, [AS_HELP_STRING([--with-mail-if-noperms], [send mail if user not allowed to run command])],
643: [case $with_mail_if_noperms in
644: yes) mail_noperms=on
645: ;;
646: no) mail_noperms=off
647: ;;
648: *) AC_MSG_ERROR(["--with-mail-if-noperms does not take an argument."])
649: ;;
650: esac])
651: if test "$mail_noperms" = "on"; then
652: AC_DEFINE(SEND_MAIL_WHEN_NOT_OK)
653: AC_MSG_RESULT(yes)
654: else
655: AC_MSG_RESULT(no)
656: fi
657:
658: AC_MSG_CHECKING(who should get the mail that sudo sends)
659: AC_ARG_WITH(mailto, [AS_HELP_STRING([--with-mailto], [who should get sudo mail (default is "root")])],
660: [case $with_mailto in
661: yes) AC_MSG_ERROR(["must give --with-mailto an argument."])
662: ;;
663: no) AC_MSG_ERROR(["--without-mailto not supported."])
664: ;;
665: *) mailto=$with_mailto
666: ;;
667: esac])
668: AC_DEFINE_UNQUOTED(MAILTO, "$mailto", [The user or email address that sudo mail is sent to.])
669: AC_MSG_RESULT([$mailto])
670:
671: AC_ARG_WITH(mailsubject, [AS_HELP_STRING([--with-mailsubject], [subject of sudo mail])],
672: [case $with_mailsubject in
673: yes) AC_MSG_ERROR(["must give --with-mailsubject an argument."])
674: ;;
675: no) AC_MSG_WARN([Sorry, --without-mailsubject not supported.])
676: ;;
677: *) mailsub="$with_mailsubject"
678: AC_MSG_CHECKING(sudo mail subject)
679: AC_MSG_RESULT([Using alert mail subject: $mailsub])
680: ;;
681: esac])
682: AC_DEFINE_UNQUOTED(MAILSUBJECT, "$mailsub", [The subject of the mail sent by sudo to the MAILTO user/address.])
683:
684: AC_MSG_CHECKING(for bad password prompt)
685: AC_ARG_WITH(passprompt, [AS_HELP_STRING([--with-passprompt], [default password prompt])],
686: [case $with_passprompt in
687: yes) AC_MSG_ERROR(["must give --with-passprompt an argument."])
688: ;;
689: no) AC_MSG_WARN([Sorry, --without-passprompt not supported.])
690: ;;
691: *) passprompt="$with_passprompt"
692: esac])
693: AC_MSG_RESULT($passprompt)
694: AC_DEFINE_UNQUOTED(PASSPROMPT, "$passprompt", [The default password prompt.])
695:
696: AC_MSG_CHECKING(for bad password message)
697: AC_ARG_WITH(badpass-message, [AS_HELP_STRING([--with-badpass-message], [message the user sees when the password is wrong])],
698: [case $with_badpass_message in
699: yes) AC_MSG_ERROR(["Must give --with-badpass-message an argument."])
700: ;;
701: no) AC_MSG_WARN([Sorry, --without-badpass-message not supported.])
702: ;;
703: *) badpass_message="$with_badpass_message"
704: ;;
705: esac])
706: AC_DEFINE_UNQUOTED(INCORRECT_PASSWORD, "$badpass_message", [The message given when a bad password is entered.])
707: AC_MSG_RESULT([$badpass_message])
708:
709: AC_MSG_CHECKING(whether to expect fully qualified hosts in sudoers)
710: AC_ARG_WITH(fqdn, [AS_HELP_STRING([--with-fqdn], [expect fully qualified hosts in sudoers])],
711: [case $with_fqdn in
712: yes) fqdn=on
713: ;;
714: no) fqdn=off
715: ;;
716: *) AC_MSG_ERROR(["--with-fqdn does not take an argument."])
717: ;;
718: esac])
719: if test "$fqdn" = "on"; then
720: AC_DEFINE(FQDN)
721: AC_MSG_RESULT(yes)
722: else
723: AC_MSG_RESULT(no)
724: fi
725:
726: AC_ARG_WITH(timedir, [AS_HELP_STRING([--with-timedir], [path to the sudo timestamp dir])],
727: [case $with_timedir in
728: yes) AC_MSG_ERROR(["must give --with-timedir an argument."])
729: ;;
730: no) AC_MSG_ERROR(["--without-timedir not supported."])
731: ;;
732: esac])
733:
734: AC_ARG_WITH(iologdir, [AS_HELP_STRING([--with-iologdir=DIR], [directory to store sudo I/O log files in])],
735: [case $with_iologdir in
736: yes) ;;
737: no) AC_MSG_ERROR(["--without-iologdir not supported."])
738: ;;
739: esac])
740:
741: AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail])
742: AS_HELP_STRING([--without-sendmail], [do not send mail at all])],
743: [case $with_sendmail in
744: yes) with_sendmail=""
745: ;;
746: no) ;;
747: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SENDMAIL, "$with_sendmail")
748: ;;
749: esac])
750:
751: AC_ARG_WITH(sudoers-mode, [AS_HELP_STRING([--with-sudoers-mode], [mode of sudoers file (defaults to 0440)])],
752: [case $with_sudoers_mode in
753: yes) AC_MSG_ERROR(["must give --with-sudoers-mode an argument."])
754: ;;
755: no) AC_MSG_ERROR(["--without-sudoers-mode not supported."])
756: ;;
757: [[1-9]]*) SUDOERS_MODE=0${with_sudoers_mode}
758: ;;
759: 0*) SUDOERS_MODE=$with_sudoers_mode
760: ;;
761: *) AC_MSG_ERROR(["you must use an octal mode, not a name."])
762: ;;
763: esac])
764:
765: AC_ARG_WITH(sudoers-uid, [AS_HELP_STRING([--with-sudoers-uid], [uid that owns sudoers file (defaults to 0)])],
766: [case $with_sudoers_uid in
767: yes) AC_MSG_ERROR(["must give --with-sudoers-uid an argument."])
768: ;;
769: no) AC_MSG_ERROR(["--without-sudoers-uid not supported."])
770: ;;
771: [[0-9]]*) SUDOERS_UID=$with_sudoers_uid
772: ;;
773: *) AC_MSG_ERROR(["you must use an unsigned numeric uid, not a name."])
774: ;;
775: esac])
776:
777: AC_ARG_WITH(sudoers-gid, [AS_HELP_STRING([--with-sudoers-gid], [gid that owns sudoers file (defaults to 0)])],
778: [case $with_sudoers_gid in
779: yes) AC_MSG_ERROR(["must give --with-sudoers-gid an argument."])
780: ;;
781: no) AC_MSG_ERROR(["--without-sudoers-gid not supported."])
782: ;;
783: [[0-9]]*) SUDOERS_GID=$with_sudoers_gid
784: ;;
785: *) AC_MSG_ERROR(["you must use an unsigned numeric gid, not a name."])
786: ;;
787: esac])
788:
789: AC_MSG_CHECKING(for umask programs should be run with)
790: AC_ARG_WITH(umask, [AS_HELP_STRING([--with-umask], [umask with which the prog should run (default is 022)])
791: AS_HELP_STRING([--without-umask], [Preserves the umask of the user invoking sudo.])],
792: [case $with_umask in
793: yes) AC_MSG_ERROR(["must give --with-umask an argument."])
794: ;;
795: no) sudo_umask=0777
796: ;;
797: [[0-9]]*) sudo_umask=$with_umask
798: ;;
799: *) AC_MSG_ERROR(["you must enter a numeric mask."])
800: ;;
801: esac])
802: AC_DEFINE_UNQUOTED(SUDO_UMASK, $sudo_umask, [The umask that the sudo-run prog should use.])
803: if test "$sudo_umask" = "0777"; then
804: AC_MSG_RESULT(user)
805: else
806: AC_MSG_RESULT($sudo_umask)
807: fi
808:
809: AC_ARG_WITH(umask-override, [AS_HELP_STRING([--with-umask-override], [Use the umask specified in sudoers even if it is less restrictive than the user's.])],
810: [case $with_umask_override in
811: yes) AC_DEFINE(UMASK_OVERRIDE)
812: umask_override=on
813: ;;
814: no) umask_override=off
815: ;;
816: *) AC_MSG_ERROR(["--with-umask-override does not take an argument."])
817: ;;
818: esac])
819:
820: AC_MSG_CHECKING(for default user to run commands as)
821: AC_ARG_WITH(runas-default, [AS_HELP_STRING([--with-runas-default], [User to run commands as (default is "root")])],
822: [case $with_runas_default in
823: yes) AC_MSG_ERROR(["must give --with-runas-default an argument."])
824: ;;
825: no) AC_MSG_ERROR(["--without-runas-default not supported."])
826: ;;
827: *) runas_default="$with_runas_default"
828: ;;
829: esac])
830: AC_DEFINE_UNQUOTED(RUNAS_DEFAULT, "$runas_default", [The user sudo should run commands as by default.])
831: AC_MSG_RESULT([$runas_default])
832:
833: AC_ARG_WITH(exempt, [AS_HELP_STRING([--with-exempt=group], [no passwd needed for users in this group])],
834: [case $with_exempt in
835: yes) AC_MSG_ERROR(["must give --with-exempt an argument."])
836: ;;
837: no) AC_MSG_ERROR(["--without-exempt not supported."])
838: ;;
839: *) AC_DEFINE_UNQUOTED(EXEMPTGROUP, "$with_exempt", [If defined, users in this group need not enter a passwd (ie "sudo").])
840: AC_MSG_CHECKING(for group to be exempt from password)
841: AC_MSG_RESULT([$with_exempt])
842: ;;
843: esac])
844:
845: AC_MSG_CHECKING(for editor that visudo should use)
846: AC_ARG_WITH(editor, [AS_HELP_STRING([--with-editor=path], [Default editor for visudo (defaults to vi)])],
847: [case $with_editor in
848: yes) AC_MSG_ERROR(["must give --with-editor an argument."])
849: ;;
850: no) AC_MSG_ERROR(["--without-editor not supported."])
851: ;;
852: *) AC_DEFINE_UNQUOTED(EDITOR, "$with_editor", [A colon-separated list of pathnames to be used as the editor for visudo.])
853: AC_MSG_RESULT([$with_editor])
854: editor="$with_editor"
855: ;;
856: esac], [AC_DEFINE(EDITOR, _PATH_VI) AC_MSG_RESULT(vi)])
857:
858: AC_MSG_CHECKING(whether to obey EDITOR and VISUAL environment variables)
859: AC_ARG_WITH(env-editor, [AS_HELP_STRING([--with-env-editor], [Use the environment variable EDITOR for visudo])],
860: [case $with_env_editor in
861: yes) env_editor=on
862: ;;
863: no) env_editor=off
864: ;;
865: *) AC_MSG_ERROR(["--with-env-editor does not take an argument."])
866: ;;
867: esac])
868: if test "$env_editor" = "on"; then
869: AC_DEFINE(ENV_EDITOR)
870: AC_MSG_RESULT(yes)
871: else
872: AC_MSG_RESULT(no)
873: fi
874:
875: AC_MSG_CHECKING(number of tries a user gets to enter their password)
876: AC_ARG_WITH(passwd-tries, [AS_HELP_STRING([--with-passwd-tries], [number of tries to enter password (default is 3)])],
877: [case $with_passwd_tries in
878: yes) ;;
879: no) AC_MSG_ERROR(["--without-editor not supported."])
880: ;;
881: [[1-9]]*) passwd_tries=$with_passwd_tries
882: ;;
883: *) AC_MSG_ERROR(["you must enter the numer of tries, > 0"])
884: ;;
885: esac])
886: AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $passwd_tries, [The number of tries a user gets to enter their password.])
887: AC_MSG_RESULT($passwd_tries)
888:
889: AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again)
890: AC_ARG_WITH(timeout, [AS_HELP_STRING([--with-timeout], [minutes before sudo asks for passwd again (def is 5 minutes)])],
891: [case $with_timeout in
892: yes) ;;
893: no) timeout=0
894: ;;
895: [[0-9]]*) timeout=$with_timeout
896: ;;
897: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
898: ;;
899: esac])
900: AC_DEFINE_UNQUOTED(TIMEOUT, $timeout, [The number of minutes before sudo asks for a password again.])
901: AC_MSG_RESULT($timeout)
902:
903: AC_MSG_CHECKING(time in minutes after the password prompt will time out)
904: AC_ARG_WITH(password-timeout, [AS_HELP_STRING([--with-password-timeout], [passwd prompt timeout in minutes (default is 5 minutes)])],
905: [case $with_password_timeout in
906: yes) ;;
907: no) password_timeout=0
908: ;;
909: [[0-9]]*) password_timeout=$with_password_timeout
910: ;;
911: *) AC_MSG_ERROR(["you must enter the numer of minutes."])
912: ;;
913: esac])
914: AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $password_timeout, [The passwd prompt timeout (in minutes).])
915: AC_MSG_RESULT($password_timeout)
916:
917: AC_MSG_CHECKING(whether to use per-tty ticket files)
918: AC_ARG_WITH(tty-tickets, [AS_HELP_STRING([--with-tty-tickets], [use a different ticket file for each tty])],
919: [case $with_tty_tickets in
920: yes) tty_tickets=on
921: ;;
922: no) tty_tickets=off
923: ;;
924: *) AC_MSG_ERROR(["--with-tty-tickets does not take an argument."])
925: ;;
926: esac])
927: if test "$tty_tickets" = "off"; then
928: AC_DEFINE(NO_TTY_TICKETS)
929: AC_MSG_RESULT(no)
930: else
931: AC_MSG_RESULT(yes)
932: fi
933:
934: AC_MSG_CHECKING(whether to include insults)
935: AC_ARG_WITH(insults, [AS_HELP_STRING([--with-insults], [insult the user for entering an incorrect password])],
936: [case $with_insults in
937: yes) insults=on
938: with_classic_insults=yes
939: with_csops_insults=yes
940: ;;
941: disabled) insults=off
942: with_classic_insults=yes
943: with_csops_insults=yes
944: ;;
945: no) insults=off
946: ;;
947: *) AC_MSG_ERROR(["--with-insults does not take an argument."])
948: ;;
949: esac])
950: if test "$insults" = "on"; then
951: AC_DEFINE(USE_INSULTS)
952: AC_MSG_RESULT(yes)
953: else
954: AC_MSG_RESULT(no)
955: fi
956:
957: AC_ARG_WITH(all-insults, [AS_HELP_STRING([--with-all-insults], [include all the sudo insult sets])],
958: [case $with_all_insults in
959: yes) with_classic_insults=yes
960: with_csops_insults=yes
961: with_hal_insults=yes
962: with_goons_insults=yes
963: ;;
964: no) ;;
965: *) AC_MSG_ERROR(["--with-all-insults does not take an argument."])
966: ;;
967: esac])
968:
969: AC_ARG_WITH(classic-insults, [AS_HELP_STRING([--with-classic-insults], [include the insults from the "classic" sudo])],
970: [case $with_classic_insults in
971: yes) AC_DEFINE(CLASSIC_INSULTS)
972: ;;
973: no) ;;
974: *) AC_MSG_ERROR(["--with-classic-insults does not take an argument."])
975: ;;
976: esac])
977:
978: AC_ARG_WITH(csops-insults, [AS_HELP_STRING([--with-csops-insults], [include CSOps insults])],
979: [case $with_csops_insults in
980: yes) AC_DEFINE(CSOPS_INSULTS)
981: ;;
982: no) ;;
983: *) AC_MSG_ERROR(["--with-csops-insults does not take an argument."])
984: ;;
985: esac])
986:
987: AC_ARG_WITH(hal-insults, [AS_HELP_STRING([--with-hal-insults], [include 2001-like insults])],
988: [case $with_hal_insults in
989: yes) AC_DEFINE(HAL_INSULTS)
990: ;;
991: no) ;;
992: *) AC_MSG_ERROR(["--with-hal-insults does not take an argument."])
993: ;;
994: esac])
995:
996: AC_ARG_WITH(goons-insults, [AS_HELP_STRING([--with-goons-insults], [include the insults from the "Goon Show"])],
997: [case $with_goons_insults in
998: yes) AC_DEFINE(GOONS_INSULTS)
999: ;;
1000: no) ;;
1001: *) AC_MSG_ERROR(["--with-goons-insults does not take an argument."])
1002: ;;
1003: esac])
1004:
1005: AC_ARG_WITH(nsswitch, [AS_HELP_STRING([--with-nsswitch[[=PATH]]], [path to nsswitch.conf])],
1006: [case $with_nsswitch in
1007: no) ;;
1008: yes) with_nsswitch="/etc/nsswitch.conf"
1009: ;;
1010: *) ;;
1011: esac])
1012:
1013: AC_ARG_WITH(ldap, [AS_HELP_STRING([--with-ldap[[=DIR]]], [enable LDAP support])],
1014: [case $with_ldap in
1015: no) ;;
1016: *) AC_DEFINE(HAVE_LDAP)
1017: AC_MSG_CHECKING(whether to use sudoers from LDAP)
1018: AC_MSG_RESULT(yes)
1019: ;;
1020: esac])
1021:
1022: AC_ARG_WITH(ldap-conf-file, [AS_HELP_STRING([--with-ldap-conf-file], [path to LDAP configuration file])])
1023: test -n "$with_ldap_conf_file" && ldap_conf="$with_ldap_conf_file"
1024: SUDO_DEFINE_UNQUOTED(_PATH_LDAP_CONF, "$ldap_conf", [Path to the ldap.conf file])
1025:
1026: AC_ARG_WITH(ldap-secret-file, [AS_HELP_STRING([--with-ldap-secret-file], [path to LDAP secret password file])])
1027: test -n "$with_ldap_secret_file" && ldap_secret="$with_ldap_secret_file"
1028: SUDO_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$ldap_secret", [Path to the ldap.secret file])
1029:
1030: AC_ARG_WITH(pc-insults, [AS_HELP_STRING([--with-pc-insults], [replace politically incorrect insults with less offensive ones])],
1031: [case $with_pc_insults in
1032: yes) AC_DEFINE(PC_INSULTS)
1033: ;;
1034: no) ;;
1035: *) AC_MSG_ERROR(["--with-pc-insults does not take an argument."])
1036: ;;
1037: esac])
1038:
1039: dnl include all insult sets on one line
1040: if test "$insults" = "on"; then
1041: AC_MSG_CHECKING(which insult sets to include)
1042: i=""
1043: test "$with_goons_insults" = "yes" && i="goons ${i}"
1044: test "$with_hal_insults" = "yes" && i="hal ${i}"
1045: test "$with_csops_insults" = "yes" && i="csops ${i}"
1046: test "$with_classic_insults" = "yes" && i="classic ${i}"
1047: AC_MSG_RESULT([$i])
1048: fi
1049:
1050: AC_MSG_CHECKING(whether to override the user's path)
1051: AC_ARG_WITH(secure-path, [AS_HELP_STRING([--with-secure-path], [override the user's path with a built-in one])],
1052: [case $with_secure_path in
1053: yes) with_secure_path="/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc"
1054: AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
1055: AC_MSG_RESULT([$with_secure_path])
1056: secure_path="set to $with_secure_path"
1057: ;;
1058: no) AC_MSG_RESULT(no)
1059: ;;
1060: *) AC_DEFINE_UNQUOTED(SECURE_PATH, "$with_secure_path")
1061: AC_MSG_RESULT([$with_secure_path])
1062: secure_path="set to F<$with_secure_path>"
1063: ;;
1064: esac], AC_MSG_RESULT(no))
1065:
1066: AC_MSG_CHECKING(whether to get ip addresses from the network interfaces)
1067: AC_ARG_WITH(interfaces, [AS_HELP_STRING([--without-interfaces], [don't try to read the ip addr of ether interfaces])],
1068: [case $with_interfaces in
1069: yes) AC_MSG_RESULT(yes)
1070: ;;
1071: no) AC_DEFINE(STUB_LOAD_INTERFACES)
1072: AC_MSG_RESULT(no)
1073: ;;
1074: *) AC_MSG_ERROR(["--with-interfaces does not take an argument."])
1075: ;;
1076: esac], AC_MSG_RESULT(yes))
1077:
1078: AC_MSG_CHECKING(whether stow should be used)
1079: AC_ARG_WITH(stow, [AS_HELP_STRING([--with-stow], [properly handle GNU stow packaging])],
1080: [case $with_stow in
1081: yes) AC_MSG_RESULT(yes)
1082: AC_DEFINE(USE_STOW)
1083: ;;
1084: no) AC_MSG_RESULT(no)
1085: ;;
1086: *) AC_MSG_ERROR(["--with-stow does not take an argument."])
1087: ;;
1088: esac], AC_MSG_RESULT(no))
1089:
1090: AC_MSG_CHECKING(whether to use an askpass helper)
1091: AC_ARG_WITH(askpass, [AS_HELP_STRING([--with-askpass=PATH], [Fully qualified pathname of askpass helper])],
1092: [case $with_askpass in
1093: yes) AC_MSG_ERROR(["--with-askpass takes a path as an argument."])
1094: ;;
1095: no) ;;
1096: *) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_ASKPASS, "$with_askpass", [The fully qualified pathname of askpass])
1097: ;;
1098: esac], AC_MSG_RESULT(no))
1099:
1100: AC_ARG_WITH(plugindir, [AS_HELP_STRING([--with-plugindir], [set directory to load plugins from])],
1101: [case $with_plugindir in
1102: no) AC_MSG_ERROR(["illegal argument: --without-plugindir."])
1103: ;;
1104: *) ;;
1105: esac], [with_plugindir="$libexecdir"])
1106:
1107: dnl
1108: dnl Options for --enable
1109: dnl
1110:
1111: AC_MSG_CHECKING(whether to do user authentication by default)
1112: AC_ARG_ENABLE(authentication,
1113: [AS_HELP_STRING([--disable-authentication], [Do not require authentication by default])],
1114: [ case "$enableval" in
1115: yes) AC_MSG_RESULT(yes)
1116: ;;
1117: no) AC_MSG_RESULT(no)
1118: AC_DEFINE(NO_AUTHENTICATION)
1119: ;;
1120: *) AC_MSG_RESULT(no)
1121: AC_MSG_WARN([Ignoring unknown argument to --enable-authentication: $enableval])
1122: ;;
1123: esac
1124: ], AC_MSG_RESULT(yes))
1125:
1126: AC_MSG_CHECKING(whether to disable running the mailer as root)
1127: AC_ARG_ENABLE(root-mailer,
1128: [AS_HELP_STRING([--disable-root-mailer], [Don't run the mailer as root, run as the user])],
1129: [ case "$enableval" in
1130: yes) AC_MSG_RESULT(no)
1131: ;;
1132: no) AC_MSG_RESULT(yes)
1133: AC_DEFINE(NO_ROOT_MAILER)
1134: ;;
1135: *) AC_MSG_RESULT(no)
1136: AC_MSG_WARN([Ignoring unknown argument to --enable-root-mailer: $enableval])
1137: ;;
1138: esac
1139: ], AC_MSG_RESULT(no))
1140:
1141: AC_ARG_ENABLE(setreuid,
1142: [AS_HELP_STRING([--disable-setreuid], [Don't try to use the setreuid() function])],
1143: [ case "$enableval" in
1144: no) SKIP_SETREUID=yes
1145: ;;
1146: *) ;;
1147: esac
1148: ])
1149:
1150: AC_ARG_ENABLE(setresuid,
1151: [AS_HELP_STRING([--disable-setresuid], [Don't try to use the setresuid() function])],
1152: [ case "$enableval" in
1153: no) SKIP_SETRESUID=yes
1154: ;;
1155: *) ;;
1156: esac
1157: ])
1158:
1159: AC_MSG_CHECKING(whether to disable shadow password support)
1160: AC_ARG_ENABLE(shadow,
1161: [AS_HELP_STRING([--disable-shadow], [Never use shadow passwords])],
1162: [ case "$enableval" in
1163: yes) AC_MSG_RESULT(no)
1164: ;;
1165: no) AC_MSG_RESULT(yes)
1166: CHECKSHADOW="false"
1167: ;;
1168: *) AC_MSG_RESULT(no)
1169: AC_MSG_WARN([Ignoring unknown argument to --enable-shadow: $enableval])
1170: ;;
1171: esac
1172: ], AC_MSG_RESULT(no))
1173:
1174: AC_MSG_CHECKING(whether root should be allowed to use sudo)
1175: AC_ARG_ENABLE(root-sudo,
1176: [AS_HELP_STRING([--disable-root-sudo], [Don't allow root to run sudo])],
1177: [ case "$enableval" in
1178: yes) AC_MSG_RESULT(yes)
1179: ;;
1180: no) AC_DEFINE(NO_ROOT_SUDO)
1181: AC_MSG_RESULT(no)
1182: root_sudo=off
1183: ;;
1184: *) AC_MSG_ERROR(["--enable-root-sudo does not take an argument."])
1185: ;;
1186: esac
1187: ], AC_MSG_RESULT(yes))
1188:
1189: AC_MSG_CHECKING(whether to log the hostname in the log file)
1190: AC_ARG_ENABLE(log-host,
1191: [AS_HELP_STRING([--enable-log-host], [Log the hostname in the log file])],
1192: [ case "$enableval" in
1193: yes) AC_MSG_RESULT(yes)
1194: AC_DEFINE(HOST_IN_LOG)
1195: ;;
1196: no) AC_MSG_RESULT(no)
1197: ;;
1198: *) AC_MSG_RESULT(no)
1199: AC_MSG_WARN([Ignoring unknown argument to --enable-log-host: $enableval])
1200: ;;
1201: esac
1202: ], AC_MSG_RESULT(no))
1203:
1204: AC_MSG_CHECKING(whether to invoke a shell if sudo is given no arguments)
1205: AC_ARG_ENABLE(noargs-shell,
1206: [AS_HELP_STRING([--enable-noargs-shell], [If sudo is given no arguments run a shell])],
1207: [ case "$enableval" in
1208: yes) AC_MSG_RESULT(yes)
1209: AC_DEFINE(SHELL_IF_NO_ARGS)
1210: ;;
1211: no) AC_MSG_RESULT(no)
1212: ;;
1213: *) AC_MSG_RESULT(no)
1214: AC_MSG_WARN([Ignoring unknown argument to --enable-noargs-shell: $enableval])
1215: ;;
1216: esac
1217: ], AC_MSG_RESULT(no))
1218:
1219: AC_MSG_CHECKING(whether to set \$HOME to target user in shell mode)
1220: AC_ARG_ENABLE(shell-sets-home,
1221: [AS_HELP_STRING([--enable-shell-sets-home], [Set $HOME to target user in shell mode])],
1222: [ case "$enableval" in
1223: yes) AC_MSG_RESULT(yes)
1224: AC_DEFINE(SHELL_SETS_HOME)
1225: ;;
1226: no) AC_MSG_RESULT(no)
1227: ;;
1228: *) AC_MSG_RESULT(no)
1229: AC_MSG_WARN([Ignoring unknown argument to --enable-shell-sets-home: $enableval])
1230: ;;
1231: esac
1232: ], AC_MSG_RESULT(no))
1233:
1234: AC_MSG_CHECKING(whether to disable 'command not found' messages)
1235: AC_ARG_ENABLE(path_info,
1236: [AS_HELP_STRING([--disable-path-info], [Print 'command not allowed' not 'command not found'])],
1237: [ case "$enableval" in
1238: yes) AC_MSG_RESULT(no)
1239: ;;
1240: no) AC_MSG_RESULT(yes)
1241: AC_DEFINE(DONT_LEAK_PATH_INFO)
1242: path_info=off
1243: ;;
1244: *) AC_MSG_RESULT(no)
1245: AC_MSG_WARN([Ignoring unknown argument to --enable-path-info: $enableval])
1246: ;;
1247: esac
1248: ], AC_MSG_RESULT(no))
1249:
1250: AC_MSG_CHECKING(whether to enable environment debugging)
1251: AC_ARG_ENABLE(env_debug,
1252: [AS_HELP_STRING([--enable-env-debug], [Whether to enable environment debugging.])],
1253: [ case "$enableval" in
1254: yes) AC_MSG_RESULT(yes)
1255: AC_DEFINE(ENV_DEBUG)
1256: ;;
1257: no) AC_MSG_RESULT(no)
1258: ;;
1259: *) AC_MSG_RESULT(no)
1260: AC_MSG_WARN([Ignoring unknown argument to --enable-env-debug: $enableval])
1261: ;;
1262: esac
1263: ], AC_MSG_RESULT(no))
1264:
1265: AC_ARG_ENABLE(zlib,
1266: [AS_HELP_STRING([--enable-zlib[[=PATH]]], [Whether to enable or disable zlib])],
1267: [], [enable_zlib=yes])
1268:
1269: AC_MSG_CHECKING(whether to enable environment resetting by default)
1270: AC_ARG_ENABLE(env_reset,
1271: [AS_HELP_STRING([--enable-env-reset], [Whether to enable environment resetting by default.])],
1272: [ case "$enableval" in
1273: yes) env_reset=on
1274: ;;
1275: no) env_reset=off
1276: ;;
1277: *) env_reset=on
1278: AC_MSG_WARN([Ignoring unknown argument to --enable-env-reset: $enableval])
1279: ;;
1280: esac
1281: ])
1282: if test "$env_reset" = "on"; then
1283: AC_MSG_RESULT(yes)
1284: AC_DEFINE(ENV_RESET, TRUE)
1285: else
1286: AC_MSG_RESULT(no)
1287: AC_DEFINE(ENV_RESET, FALSE)
1288: fi
1289:
1290: AC_ARG_ENABLE(warnings,
1291: [AS_HELP_STRING([--enable-warnings], [Whether to enable compiler warnings])],
1292: [ case "$enableval" in
1293: yes) ;;
1294: no) ;;
1295: *) AC_MSG_WARN([Ignoring unknown argument to --enable-warnings: $enableval])
1296: ;;
1297: esac
1298: ])
1299:
1300: AC_ARG_ENABLE(werror,
1301: [AS_HELP_STRING([--enable-werror], [Whether to enable the -Werror compiler option])],
1302: [ case "$enableval" in
1303: yes) ;;
1304: no) ;;
1305: *) AC_MSG_WARN([Ignoring unknown argument to --enable-werror: $enableval])
1306: ;;
1307: esac
1308: ])
1309:
1310: AC_ARG_ENABLE(admin-flag,
1311: [AS_HELP_STRING([--enable-admin-flag], [Whether to create a Ubuntu-style admin flag file])],
1312: [ case "$enableval" in
1313: yes) AC_DEFINE(USE_ADMIN_FLAG)
1314: ;;
1315: no) ;;
1316: *) AC_MSG_WARN([Ignoring unknown argument to --enable-admin-flag: $enableval])
1317: ;;
1318: esac
1319: ])
1320:
1321: AC_ARG_ENABLE(nls,
1322: [AS_HELP_STRING([--disable-nls], [Disable natural language support using gettext])],
1323: [], [enable_nls=yes])
1324:
1325: AC_ARG_WITH(selinux, [AS_HELP_STRING([--with-selinux], [enable SELinux support])],
1326: [case $with_selinux in
1327: yes) SELINUX_USAGE="[[-r role]] [[-t type]] "
1328: AC_DEFINE(HAVE_SELINUX)
1329: SUDO_LIBS="${SUDO_LIBS} -lselinux"
1330: SUDO_OBJS="${SUDO_OBJS} selinux.o"
1331: PROGS="${PROGS} sesh"
1332: SEMAN=1
1333: AC_CHECK_LIB([selinux], [setkeycreatecon],
1334: [AC_DEFINE(HAVE_SETKEYCREATECON)])
1335: ;;
1336: no) ;;
1337: *) AC_MSG_ERROR(["--with-selinux does not take an argument."])
1338: ;;
1339: esac])
1340:
1341: dnl
1342: dnl gss_krb5_ccache_name() may not work on Heimdal so we don't use it by default
1343: dnl
1344: AC_ARG_ENABLE(gss_krb5_ccache_name,
1345: [AS_HELP_STRING([--enable-gss-krb5-ccache-name], [Use GSS-API to set the Kerberos V cred cache name])],
1346: [check_gss_krb5_ccache_name=$enableval], [check_gss_krb5_ccache_name=no])
1347:
1348: dnl
1349: dnl C compiler checks
1350: dnl
1351: AC_SEARCH_LIBS([strerror], [cposix])
1352: AC_PROG_CPP
1353: AC_CHECK_TOOL(AR, ar, false)
1354: AC_CHECK_TOOL(RANLIB, ranlib, :)
1355: if test X"$AR" = X"false"; then
1356: AC_MSG_ERROR([the "ar" utility is required to build sudo])
1357: fi
1358:
1359: if test "x$ac_cv_prog_cc_c89" = "xno"; then
1360: AC_MSG_ERROR([Sudo version $PACKAGE_VERSION requires an ANSI C compiler to build.])
1361: fi
1362:
1363: dnl
1364: dnl If the user specified --disable-static, override them or we'll
1365: dnl be unable to build the executables in the sudoers plugin dir.
1366: dnl
1367: if test "$enable_static" = "no"; then
1368: AC_MSG_WARN([Ignoring --disable-static, sudo does not install static libs])
1369: enable_static=yes
1370: fi
1371:
1372: dnl
1373: dnl Libtool setup, we require libtool 2.2.6b or higher
1374: dnl
1375: AC_CANONICAL_HOST
1376: AC_CONFIG_MACRO_DIR([m4])
1377: LT_PREREQ([2.2.6b])
1378: LT_INIT([dlopen])
1379:
1380: dnl
1381: dnl Defer with_noexec until after libtool magic runs
1382: dnl
1383: if test "$enable_shared" = "no"; then
1384: with_noexec=no
1385: enable_dlopen=no
1386: lt_cv_dlopen=none
1387: lt_cv_dlopen_libs=
1388: else
1389: eval _shrext="$shrext_cmds"
1390: # Darwin uses .dylib for libraries but .so for modules
1391: if test X"$_shrext" = X".dylib"; then
1392: SOEXT=".so"
1393: else
1394: SOEXT="$_shrext"
1395: fi
1396: fi
1397: AC_MSG_CHECKING(path to sudo_noexec.so)
1398: AC_ARG_WITH(noexec, [AS_HELP_STRING([--with-noexec[=PATH]], [fully qualified pathname of sudo_noexec.so])],
1399: [case $with_noexec in
1400: yes) with_noexec="$libexecdir/sudo_noexec$_shrext"
1401: ;;
1402: no) ;;
1403: *) ;;
1404: esac], [with_noexec="$libexecdir/sudo_noexec$_shrext"])
1405: AC_MSG_RESULT($with_noexec)
1406: NOEXECFILE="sudo_noexec$_shrext"
1407: NOEXECDIR="`echo $with_noexec|sed 's:^\(.*\)/[[^/]]*:\1:'`"
1408:
1409: dnl
1410: dnl Find programs we use
1411: dnl
1412: AC_CHECK_PROG(UNAMEPROG, [uname], [uname])
1413: AC_CHECK_PROG(TRPROG, [tr], [tr])
1414: AC_CHECK_PROGS(NROFFPROG, [nroff mandoc])
1415: if test -n "$NROFFPROG"; then
1416: AC_CACHE_CHECK([whether $NROFFPROG supports the -c option],
1417: [sudo_cv_var_nroff_opt_c],
1418: [if $NROFFPROG -c </dev/null >/dev/null 2>&1; then
1419: sudo_cv_var_nroff_opt_c=yes
1420: else
1421: sudo_cv_var_nroff_opt_c=no
1422: fi]
1423: )
1424: if test "$sudo_cv_var_nroff_opt_c" = "yes"; then
1425: NROFFPROG="$NROFFPROG -c"
1426: fi
1427: AC_CACHE_CHECK([whether $NROFFPROG supports the -Tascii option],
1428: [sudo_cv_var_nroff_opt_Tascii],
1429: [if $NROFFPROG -Tascii </dev/null >/dev/null 2>&1; then
1430: sudo_cv_var_nroff_opt_Tascii=yes
1431: else
1432: sudo_cv_var_nroff_opt_Tascii=no
1433: fi]
1434: if test "$sudo_cv_var_nroff_opt_Tascii" = "yes"; then
1435: NROFFPROG="$NROFFPROG -Tascii"
1436: fi
1437: )
1438: else
1439: MANTYPE="cat"
1440: mansrcdir='$(srcdir)'
1441: fi
1442:
1443: dnl
1444: dnl What kind of beastie are we being run on?
1445: dnl Barf if config.cache was generated on another host.
1446: dnl
1447: if test -n "$sudo_cv_prev_host"; then
1448: if test "$sudo_cv_prev_host" != "$host"; then
1449: AC_MSG_ERROR([config.cache was created on a different host; remove it and re-run configure.])
1450: else
1451: AC_MSG_CHECKING(previous host type)
1452: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1453: AC_MSG_RESULT([$sudo_cv_prev_host])
1454: fi
1455: else
1456: # this will produce no output since there is no cached value
1457: AC_CACHE_VAL(sudo_cv_prev_host, sudo_cv_prev_host="$host")
1458: fi
1459:
1460: dnl
1461: dnl We want to be able to differentiate between different rev's
1462: dnl
1463: if test -n "$host_os"; then
1464: OS=`echo $host_os | sed 's/[[0-9]].*//'`
1465: OSREV=`echo $host_os | sed 's/^[[^0-9\.]]*\([[0-9\.]]*\).*$/\1/'`
1466: OSMAJOR=`echo $OSREV | sed 's/\..*$//'`
1467: else
1468: OS="unknown"
1469: OSREV=0
1470: OSMAJOR=0
1471: fi
1472:
1473: case "$host" in
1474: *-*-sunos4*)
1475: # getcwd(3) opens a pipe to getpwd(1)!?!
1476: BROKEN_GETCWD=1
1477:
1478: # system headers lack prototypes but gcc helps...
1479: if test -n "$GCC"; then
1480: OSDEFS="${OSDEFS} -D__USE_FIXED_PROTOTYPES__"
1481: fi
1482:
1483: shadow_funcs="getpwanam issecure"
1484: ;;
1485: *-*-solaris2*)
1486: # To get the crypt(3) prototype (so we pass -Wall)
1487: OSDEFS="${OSDEFS} -D__EXTENSIONS__"
1488: # AFS support needs -lucb
1489: if test "$with_AFS" = "yes"; then
1490: AFS_LIBS="-lc -lucb"
1491: fi
1492: : ${mansectsu='1m'}
1493: : ${mansectform='4'}
1494: : ${with_rpath='yes'}
1495: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1496: AC_CHECK_FUNCS(priv_set)
1497: ;;
1498: *-*-aix*)
1499: # To get all prototypes (so we pass -Wall)
1500: OSDEFS="${OSDEFS} -D_ALL_SOURCE -D_LINUX_SOURCE_COMPAT"
1501: SUDOERS_LDFLAGS="${SUDOERS_LDFLAGS} -Wl,-bI:\$(srcdir)/aixcrypt.exp"
1502: if test X"$with_blibpath" != X"no"; then
1503: AC_MSG_CHECKING([if linker accepts -Wl,-blibpath])
1504: O_LDFLAGS="$LDFLAGS"
1505: LDFLAGS="$O_LDFLAGS -Wl,-blibpath:/usr/lib:/lib"
1506: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], [
1507: if test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
1508: blibpath="$with_blibpath"
1509: elif test -n "$GCC"; then
1510: blibpath="/usr/lib:/lib:/usr/local/lib"
1511: else
1512: blibpath="/usr/lib:/lib"
1513: fi
1514: AC_MSG_RESULT(yes)
1515: ], [AC_MSG_RESULT(no)])
1516: fi
1517: LDFLAGS="$O_LDFLAGS"
1518:
1519: # On AIX 6 and higher default to PAM, else default to LAM
1520: if test $OSMAJOR -ge 6; then
1521: if test X"$with_pam" = X""; then
1522: AUTH_EXCL_DEF="PAM"
1523: fi
1524: else
1525: if test X"$with_aixauth" = X""; then
1526: AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
1527: fi
1528: fi
1529:
1530: # AIX analog of nsswitch.conf, enabled by default
1531: AC_ARG_WITH(netsvc, [AS_HELP_STRING([--with-netsvc[[=PATH]]], [path to netsvc.conf])],
1532: [case $with_netsvc in
1533: no) ;;
1534: yes) with_netsvc="/etc/netsvc.conf"
1535: ;;
1536: *) ;;
1537: esac])
1538: if test -z "$with_nsswitch" -a -z "$with_netsvc"; then
1539: with_netsvc="/etc/netsvc.conf"
1540: fi
1541:
1542: # For implementing getgrouplist()
1543: AC_CHECK_FUNCS(getgrset)
1544:
1545: # LDR_PRELOAD is only supported in AIX 5.3 and later
1546: if test $OSMAJOR -lt 5; then
1547: with_noexec=no
1548: fi
1549:
1550: # AIX-specific functions
1551: AC_CHECK_FUNCS(getuserattr setauthdb)
1552: COMMON_OBJS="$COMMON_OBJS aix.lo"
1553: ;;
1554: *-*-hiuxmpp*)
1555: : ${mansectsu='1m'}
1556: : ${mansectform='4'}
1557: ;;
1558: *-*-hpux*)
1559: # AFS support needs -lBSD
1560: if test "$with_AFS" = "yes"; then
1561: AFS_LIBS="-lc -lBSD"
1562: fi
1563: : ${mansectsu='1m'}
1564: : ${mansectform='4'}
1565:
1566: # The HP bundled compiler cannot generate shared libs
1567: if test -z "$GCC"; then
1568: AC_CACHE_CHECK([for HP bundled C compiler],
1569: [sudo_cv_var_hpccbundled],
1570: [if $CC -V 2>&1 | grep '^(Bundled)' >/dev/null 2>&1; then
1571: sudo_cv_var_hpccbundled=yes
1572: else
1573: sudo_cv_var_hpccbundled=no
1574: fi]
1575: )
1576: if test "$sudo_cv_var_hpccbundled" = "yes"; then
1577: AC_MSG_ERROR([The HP bundled C compiler is unable to build Sudo, you must use gcc or the HP ANSI C compiler instead.])
1578: fi
1579: fi
1580:
1581: # Build PA-RISC1.1 objects for better portability
1582: case "$host_cpu" in
1583: hppa[[2-9]]*)
1584: _CFLAGS="$CFLAGS"
1585: if test -n "$GCC"; then
1586: portable_flag="-march=1.1"
1587: else
1588: portable_flag="+DAportable"
1589: fi
1590: CFLAGS="$CFLAGS $portable_flag"
1591: AC_CACHE_CHECK([whether $CC understands $portable_flag],
1592: [sudo_cv_var_daportable],
1593: [AC_LINK_IFELSE(
1594: [AC_LANG_PROGRAM([[]], [[]])],
1595: [sudo_cv_var_daportable=yes],
1596: [sudo_cv_var_daportable=no]
1597: )
1598: ]
1599: )
1600: if test X"$sudo_cv_var_daportable" != X"yes"; then
1601: CFLAGS="$_CFLAGS"
1602: fi
1603: ;;
1604: esac
1605:
1606: case "$host" in
1607: *-*-hpux[[1-8]].*)
1608: AC_DEFINE(BROKEN_SYSLOG)
1609: ;;
1610: *-*-hpux9.*)
1611: AC_DEFINE(BROKEN_SYSLOG)
1612:
1613: shadow_funcs="getspwuid"
1614:
1615: # DCE support (requires ANSI C compiler)
1616: if test "$with_DCE" = "yes"; then
1617: # order of libs in 9.X is important. -lc_r must be last
1618: SUDOERS_LIBS="${SUDOERS_LIBS} -ldce -lM -lc_r"
1619: LIBS="${LIBS} -ldce -lM -lc_r"
1620: CPPFLAGS="${CPPFLAGS} -D_REENTRANT -I/usr/include/reentrant"
1621: fi
1622: ;;
1623: *-*-hpux10.*)
1624: shadow_funcs="getprpwnam iscomsec"
1625: shadow_libs="-lsec"
1626: # HP-UX 10.20 libc has an incompatible getline
1627: ac_cv_func_getline="no"
1628: ;;
1629: *)
1630: shadow_funcs="getspnam iscomsec"
1631: shadow_libs="-lsec"
1632: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1633: ;;
1634: esac
1635: ;;
1636: *-dec-osf*)
1637: # ignore envariables wrt dynamic lib path
1638: SUDOERS_LDFLAGS="${SUDOERS_LDFLAGS} -Wl,-no_library_replacement"
1639:
1640: : ${CHECKSIA='true'}
1641: AC_MSG_CHECKING(whether to disable sia support on Digital UNIX)
1642: AC_ARG_ENABLE(sia,
1643: [AS_HELP_STRING([--disable-sia], [Disable SIA on Digital UNIX])],
1644: [ case "$enableval" in
1645: yes) AC_MSG_RESULT(no)
1646: CHECKSIA=true
1647: ;;
1648: no) AC_MSG_RESULT(yes)
1649: CHECKSIA=false
1650: ;;
1651: *) AC_MSG_RESULT(no)
1652: AC_MSG_WARN([Ignoring unknown argument to --enable-sia: $enableval])
1653: ;;
1654: esac
1655: ], AC_MSG_RESULT(no))
1656:
1657: shadow_funcs="getprpwnam dispcrypt"
1658: # OSF/1 4.x and higher need -ldb too
1659: if test $OSMAJOR -lt 4; then
1660: shadow_libs="-lsecurity -laud -lm"
1661: else
1662: shadow_libs="-lsecurity -ldb -laud -lm"
1663: fi
1664:
1665: # use SIA by default, if we have it
1666: test "$CHECKSIA" = "true" && AUTH_EXCL_DEF="SIA"
1667:
1668: #
1669: # Some versions of Digital Unix ship with a broken
1670: # copy of prot.h, which we need for shadow passwords.
1671: # XXX - make should remove this as part of distclean
1672: #
1673: AC_MSG_CHECKING([for broken prot.h])
1674: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1675: #include <sys/types.h>
1676: #include <sys/security.h>
1677: #include <prot.h>
1678: ]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
1679: sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
1680: ])
1681: : ${mansectsu='8'}
1682: : ${mansectform='4'}
1683: ;;
1684: *-*-irix*)
1685: OSDEFS="${OSDEFS} -D_BSD_TYPES"
1686: if test -z "$NROFFPROG"; then
1687: MAN_POSTINSTALL=' /bin/rm -f $(mandirsu)/sudo.$(mansectsu).z $(mandirsu)/visudo.$(mansectsu).z $(mandirform)/sudoers.$(mansectform).z ; /usr/bin/pack $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform)'
1688: if test "$prefix" = "/usr/local" -a "$mandir" = '${datarootdir}/man'; then
1689: if test -d /usr/share/catman/local; then
1690: mandir="/usr/share/catman/local"
1691: else
1692: mandir="/usr/catman/local"
1693: fi
1694: fi
1695: else
1696: if test "$prefix" = "/usr/local" -a "$mandir" = '${datarootdir}/man'; then
1697: if test -d "/usr/share/man/local"; then
1698: mandir="/usr/share/man/local"
1699: else
1700: mandir="/usr/man/local"
1701: fi
1702: fi
1703: fi
1704: # IRIX <= 4 needs -lsun
1705: if test "$OSMAJOR" -le 4; then
1706: AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
1707: fi
1708: : ${mansectsu='1m'}
1709: : ${mansectform='4'}
1710: ;;
1711: *-*-linux*|*-*-k*bsd*-gnu)
1712: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1713: # Some Linux versions need to link with -lshadow
1714: shadow_funcs="getspnam"
1715: shadow_libs_optional="-lshadow"
1716: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1717: ;;
1718: *-convex-bsd*)
1719: OSDEFS="${OSDEFS} -D_CONVEX_SOURCE"
1720: if test -z "$GCC"; then
1721: CFLAGS="${CFLAGS} -D__STDC__"
1722: fi
1723:
1724: shadow_defs="-D_AUDIT -D_ACL -DSecureWare"
1725: shadow_funcs="getprpwnam"
1726: shadow_libs="-lprot"
1727: ;;
1728: *-*-ultrix*)
1729: OS="ultrix"
1730: shadow_funcs="getauthuid"
1731: shadow_libs="-lauth"
1732: ;;
1733: *-*-riscos*)
1734: LIBS="${LIBS} -lsun -lbsd"
1735: CPPFLAGS="${CPPFLAGS} -I/usr/include -I/usr/include/bsd"
1736: OSDEFS="${OSDEFS} -D_MIPS"
1737: : ${mansectsu='1m'}
1738: : ${mansectform='4'}
1739: ;;
1740: *-*-isc*)
1741: OSDEFS="${OSDEFS} -D_ISC"
1742: LIB_CRYPT=1
1743: SUDOERS_LIBS="${SUDOERS_LIBS} -lcrypt"
1744:
1745: shadow_funcs="getspnam"
1746: shadow_libs="-lsec"
1747:
1748: : ${mansectsu='1m'}
1749: : ${mansectform='4'}
1750: ;;
1751: *-*-sco*|*-sco-*)
1752: shadow_funcs="getprpwnam"
1753: shadow_libs="-lprot -lx"
1754: : ${mansectsu='1m'}
1755: : ${mansectform='4'}
1756: ;;
1757: m88k-motorola-sysv*)
1758: # motorolla's cc (a variant of gcc) does -O but not -O2
1759: CFLAGS=`echo $CFLAGS | sed 's/-O2/-O/g'`
1760: : ${mansectsu='1m'}
1761: : ${mansectform='4'}
1762: ;;
1763: *-sequent-sysv*)
1764: shadow_funcs="getspnam"
1765: shadow_libs="-lsec"
1766: : ${mansectsu='1m'}
1767: : ${mansectform='4'}
1768: : ${with_rpath='yes'}
1769: ;;
1770: *-ncr-sysv4*|*-ncr-sysvr4*)
1771: AC_CHECK_LIB(c89, strcasecmp, [LIBS="${LIBS} -lc89"])
1772: : ${mansectsu='1m'}
1773: : ${mansectform='4'}
1774: : ${with_rpath='yes'}
1775: ;;
1776: *-ccur-sysv4*|*-ccur-sysvr4*)
1777: LIBS="${LIBS} -lgen"
1778: : ${mansectsu='1m'}
1779: : ${mansectform='4'}
1780: : ${with_rpath='yes'}
1781: ;;
1782: *-*-bsdi*)
1783: SKIP_SETREUID=yes
1784: # Check for newer BSD auth API
1785: if test -z "$with_bsdauth"; then
1786: AC_CHECK_FUNCS(auth_challenge, [AUTH_EXCL_DEF="BSD_AUTH"])
1787: fi
1788: ;;
1789: *-*-freebsd*)
1790: # FreeBSD has a real setreuid(2) starting with 2.1 and
1791: # backported to 2.0.5. We just take 2.1 and above...
1792: case "$OSREV" in
1793: 0.*|1.*|2.0*)
1794: SKIP_SETREUID=yes
1795: ;;
1796: esac
1797: OSDEFS="${OSDEFS} -D_BSD_SOURCE"
1798: if test "${with_skey-'no'}" = "yes"; then
1799: SUDOERS_LIBS="${SUDOERS_LIBS} -lmd"
1800: fi
1801: CHECKSHADOW="false"
1802: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1803: : ${with_logincap='maybe'}
1804: ;;
1805: *-*-*openbsd*)
1806: # OpenBSD has a real setreuid(2) starting with 3.3 but
1807: # we will use setresuid(2) instead.
1808: SKIP_SETREUID=yes
1809: OSDEFS="${OSDEFS} -D_BSD_SOURCE"
1810: CHECKSHADOW="false"
1811: # OpenBSD >= 3.0 supports BSD auth
1812: if test -z "$with_bsdauth"; then
1813: if test "$OSMAJOR" -ge 3; then
1814: AUTH_EXCL_DEF="BSD_AUTH"
1815: fi
1816: fi
1817: : ${with_logincap='maybe'}
1818: ;;
1819: *-*-*netbsd*)
1820: # NetBSD has a real setreuid(2) starting with 1.3.2
1821: case "$OSREV" in
1822: 0.9*|1.[[012]]*|1.3|1.3.1)
1823: SKIP_SETREUID=yes
1824: ;;
1825: esac
1826: CHECKSHADOW="false"
1827: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1828: : ${with_logincap='maybe'}
1829: ;;
1830: *-*-dragonfly*)
1831: OSDEFS="${OSDEFS} -D_BSD_SOURCE"
1832: if test "${with_skey-'no'}" = "yes"; then
1833: SUDOERS_LIBS="${SUDOERS_LIBS} -lmd"
1834: fi
1835: CHECKSHADOW="false"
1836: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1837: : ${with_logincap='yes'}
1838: ;;
1839: *-*-*bsd*)
1840: CHECKSHADOW="false"
1841: ;;
1842: *-*-darwin*)
1843: # Darwin has a real setreuid(2) starting with 9.0
1844: if test $OSMAJOR -lt 9; then
1845: SKIP_SETREUID=yes
1846: fi
1847: CHECKSHADOW="false"
1848: test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
1849: : ${with_logincap='yes'}
1850: ;;
1851: *-*-nextstep*)
1852: # lockf() on is broken on the NeXT -- use flock instead
1853: ac_cv_func_lockf=no
1854: ac_cv_func_flock=yes
1855: ;;
1856: *-*-*sysv4*)
1857: : ${mansectsu='1m'}
1858: : ${mansectform='4'}
1859: : ${with_rpath='yes'}
1860: ;;
1861: *-*-sysv*)
1862: : ${mansectsu='1m'}
1863: : ${mansectform='4'}
1864: ;;
1865: *-gnu*)
1866: OSDEFS="${OSDEFS} -D_GNU_SOURCE"
1867: ;;
1868: esac
1869:
1870: dnl
1871: dnl Check for mixing mutually exclusive and regular auth methods
1872: dnl
1873: AUTH_REG=${AUTH_REG# }
1874: AUTH_EXCL=${AUTH_EXCL# }
1875: if test -n "$AUTH_EXCL"; then
1876: set -- $AUTH_EXCL
1877: if test $# != 1; then
1878: AC_MSG_ERROR([More than one mutually exclusive authentication method specified: $AUTH_EXCL])
1879: fi
1880: if test -n "$AUTH_REG"; then
1881: AC_MSG_ERROR([Cannot mix mutually exclusive ($AUTH_EXCL) and regular ($AUTH_REG) authentication methods])
1882: fi
1883: fi
1884: dnl
1885: dnl Only one of S/Key and OPIE may be specified
1886: dnl
1887: if test X"${with_skey}${with_opie}" = X"yesyes"; then
1888: AC_MSG_ERROR(["cannot use both S/Key and OPIE"])
1889: fi
1890:
1891: dnl
1892: dnl Use BSD-style man sections by default
1893: dnl
1894: : ${mansectsu='8'}
1895: : ${mansectform='5'}
1896:
1897: dnl
1898: dnl Add in any libpaths or libraries specified via configure
1899: dnl
1900: if test -n "$with_libpath"; then
1901: for i in ${with_libpath}; do
1902: SUDO_APPEND_LIBPATH(LDFLAGS, [$i])
1903: done
1904: fi
1905: if test -n "$with_libraries"; then
1906: for i in ${with_libraries}; do
1907: case $i in
1908: -l*) ;;
1909: *.a) ;;
1910: *.o) ;;
1911: *) i="-l${i}";;
1912: esac
1913: LIBS="${LIBS} ${i}"
1914: done
1915: fi
1916:
1917: dnl
1918: dnl C compiler checks (to be done after os checks)
1919: dnl
1920: AC_PROG_GCC_TRADITIONAL
1921: AC_C_CONST
1922: AC_C_VOLATILE
1923: if test X"$with_gnu_ld" != "yes" -a -n "$GCC"; then
1924: _CFLAGS="$CFLAGS"
1925: CFLAGS="$CFLAGS -static-libgcc"
1926: AC_CACHE_CHECK([whether $CC understands -static-libgcc],
1927: [sudo_cv_var_gcc_static_libgcc],
1928: [AC_LINK_IFELSE(
1929: [AC_LANG_PROGRAM([[]], [[]])],
1930: [sudo_cv_var_gcc_static_libgcc=yes],
1931: [sudo_cv_var_gcc_static_libgcc=no]
1932: )
1933: ]
1934: )
1935: CFLAGS="$_CFLAGS"
1936: if test "$sudo_cv_var_gcc_static_libgcc" = "yes"; then
1937: LTLDFLAGS="$LTLDFLAGS -Wc,-static-libgcc"
1938: fi
1939: fi
1940: dnl
1941: dnl Program checks
1942: dnl
1943: AC_PROG_YACC
1944: AC_PATH_PROG([FLEX], [flex], [flex])
1945: SUDO_PROG_MV
1946: SUDO_PROG_BSHELL
1947: if test -z "$with_sendmail"; then
1948: SUDO_PROG_SENDMAIL
1949: fi
1950: SUDO_PROG_VI
1951: dnl
1952: dnl Check for authpriv support in syslog
1953: dnl
1954: AC_MSG_CHECKING(which syslog facility sudo should log with)
1955: if test X"$with_logfac" = X""; then
1956: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <syslog.h>]], [[int i = LOG_AUTHPRIV; (void)i;]])], [logfac=authpriv])
1957: fi
1958: AC_DEFINE_UNQUOTED(LOGFAC, "$logfac", [The syslog facility sudo will use.])
1959: AC_MSG_RESULT($logfac)
1960: dnl
1961: dnl Header file checks
1962: dnl
1963: AC_HEADER_STDC
1964: AC_HEADER_DIRENT
1965: AC_HEADER_TIME
1966: AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h utmpx.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h)
1967: dnl
1968: dnl Check for large file support. HP-UX 11.23 has a broken sys/type.h
1969: dnl when large files support is enabled so work around it.
1970: dnl
1971: AC_SYS_LARGEFILE
1972: case "$host" in
1973: *-*-hpux11.*)
1974: AC_CACHE_CHECK([whether sys/types.h needs _XOPEN_SOURCE_EXTENDED], [sudo_cv_xopen_source_extended],
1975: [AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
1976: #include <sys/socket.h>], [])], [sudo_cv_xopen_source_extended=no], [
1977: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#define _XOPEN_SOURCE_EXTENDED
1978: AC_INCLUDES_DEFAULT
1979: #include <sys/socket.h>], [])], [sudo_cv_xopen_source_extended=yes],
1980: [sudo_cv_xopen_source_extended=error])
1981: ])])
1982: if test "$sudo_cv_xopen_source_extended" = "yes"; then
1983: OSDEFS="${OSDEFS} -D_XOPEN_SOURCE_EXTENDED"
1984: SUDO_DEFINE(_XOPEN_SOURCE_EXTENDED)
1985: fi
1986: ;;
1987: esac
1988: AC_SYS_POSIX_TERMIOS
1989: if test "$ac_cv_sys_posix_termios" != "yes"; then
1990: AC_MSG_ERROR([Must have POSIX termios to build sudo])
1991: fi
1992: SUDO_MAILDIR
1993: if test ${with_logincap-'no'} != "no"; then
1994: AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN=1
1995: case "$OS" in
1996: freebsd|netbsd)
1997: SUDO_LIBS="${SUDO_LIBS} -lutil"
1998: SUDOERS_LIBS="${SUDOERS_LIBS} -lutil"
1999: ;;
2000: esac
2001: ])
2002: fi
2003: if test ${with_project-'no'} != "no"; then
2004: AC_CHECK_HEADER(project.h, [
2005: AC_CHECK_LIB(project, setproject, [
2006: AC_DEFINE(HAVE_PROJECT_H)
2007: SUDO_LIBS="${SUDO_LIBS} -lproject"
2008: ])
2009: ], [])
2010: fi
2011: dnl
2012: dnl typedef checks
2013: dnl
2014: AC_TYPE_MODE_T
2015: AC_TYPE_UID_T
2016: AC_CHECK_TYPE([__signed char], [], [AC_CHECK_TYPE([signed char], [AC_DEFINE(__signed, signed)], [AC_DEFINE(__signed, [])])])
2017: AC_CHECK_TYPE([sig_atomic_t], [], [AC_DEFINE(sig_atomic_t, int)], [#include <sys/types.h>
2018: #include <signal.h>])
2019: AC_CHECK_TYPES([sigaction_t], [AC_DEFINE(HAVE_SIGACTION_T)], [], [#include <sys/types.h>
2020: #include <signal.h>])
2021: AC_CHECK_TYPE([struct timespec], [AC_DEFINE(HAVE_TIMESPEC)], [], [#include <sys/types.h>
2022: #if TIME_WITH_SYS_TIME
2023: # include <sys/time.h>
2024: #endif
2025: #include <time.h>])
2026: AC_CHECK_TYPES([struct in6_addr], [AC_DEFINE(HAVE_IN6_ADDR)], [], [#include <sys/types.h>
2027: #include <netinet/in.h>])
2028: AC_TYPE_LONG_LONG_INT
2029: AC_CHECK_SIZEOF([long int])
2030: SUDO_TYPE_SIZE_T
2031: SUDO_TYPE_SSIZE_T
2032: SUDO_TYPE_DEV_T
2033: SUDO_TYPE_INO_T
2034: SUDO_UID_T_LEN
2035: SUDO_SOCK_SA_LEN
2036: dnl
2037: dnl Check for utmp/utmpx struct members.
2038: dnl We need to include OSDEFS for glibc which only has __e_termination
2039: dnl visible when _GNU_SOURCE is *not* defined.
2040: dnl
2041: _CFLAGS="$CFLAGS"
2042: CFLAGS="$CFLAGS $OSDEFS"
2043: if test $ac_cv_header_utmpx_h = "yes"; then
2044: AC_CHECK_MEMBERS([struct utmpx.ut_id, struct utmpx.ut_pid, struct utmpx.ut_tv, struct utmpx.ut_type], [], [], [
2045: #include <sys/types.h>
2046: #include <utmpx.h>
2047: ])
2048: dnl
2049: dnl Check for ut_exit.__e_termination first, then ut_exit.e_termination
2050: dnl
2051: AC_CHECK_MEMBERS([struct utmpx.ut_exit.__e_termination], [AC_DEFINE(HAVE_STRUCT_UTMPX_UT_EXIT)], [
2052: AC_CHECK_MEMBERS([struct utmpx.ut_exit.e_termination], [AC_DEFINE(HAVE_STRUCT_UTMPX_UT_EXIT)], [], [
2053: #include <sys/types.h>
2054: #include <utmpx.h>
2055: ])
2056: ], [
2057: #include <sys/types.h>
2058: #include <utmpx.h>
2059: ])
2060: else
2061: AC_CHECK_MEMBERS([struct utmp.ut_id, struct utmp.ut_pid, struct utmp.ut_tv, struct utmp.ut_type, struct utmp.ut_user], [], [], [
2062: #include <sys/types.h>
2063: #include <utmp.h>
2064: ])
2065: dnl
2066: dnl Check for ut_exit.__e_termination first, then ut_exit.e_termination
2067: dnl
2068: AC_CHECK_MEMBERS([struct utmp.ut_exit.__e_termination], [AC_DEFINE(HAVE_STRUCT_UTMP_UT_EXIT)], [
2069: AC_CHECK_MEMBERS([struct utmp.ut_exit.e_termination], [AC_DEFINE(HAVE_STRUCT_UTMP_UT_EXIT)], [], [
2070: #include <sys/types.h>
2071: #include <utmp.h>
2072: ])
2073: ], [
2074: #include <sys/types.h>
2075: #include <utmp.h>
2076: ])
2077: fi
2078: CFLAGS="$_CFLAGS"
2079:
2080: dnl
2081: dnl Function checks
2082: dnl
2083: AC_FUNC_GETGROUPS
2084: AC_CHECK_FUNCS(strrchr sysconf tzset strftime \
2085: regcomp setlocale nl_langinfo getaddrinfo mbr_check_membership \
2086: setrlimit64 sysctl)
2087: AC_REPLACE_FUNCS(getgrouplist)
2088: AC_CHECK_FUNCS(getline, [], [
2089: AC_LIBOBJ(getline)
2090: AC_CHECK_FUNCS(fgetln)
2091: ])
2092: utmp_style=LEGACY
2093: AC_CHECK_FUNCS(getutxid getutid, [utmp_style=POSIX; break])
2094: if test "$utmp_style" = "LEGACY"; then
2095: AC_CHECK_FUNCS(getttyent ttyslot, [break])
2096: fi
2097:
2098: AC_CHECK_FUNCS(openpty, [AC_CHECK_HEADERS(libutil.h util.h pty.h, [break])], [
2099: AC_CHECK_LIB(util, openpty, [
2100: AC_CHECK_HEADERS(libutil.h util.h pty.h, [break])
2101: case "$SUDO_LIBS" in
2102: *-lutil*) ;;
2103: *) SUDO_LIBS="${SUDO_LIBS} -lutil";;
2104: esac
2105: AC_DEFINE(HAVE_OPENPTY)
2106: ], [
2107: AC_CHECK_FUNCS(_getpty, [], [
2108: AC_CHECK_FUNCS(grantpt, [
2109: AC_CHECK_FUNCS(posix_openpt)
2110: ], [
2111: AC_CHECK_FUNCS(revoke)
2112: ])
2113: ])
2114: ])
2115: ])
2116: AC_CHECK_FUNCS(unsetenv, [SUDO_FUNC_UNSETENV_VOID], [AC_LIBOBJ(unsetenv)])
2117: if test -z "$SKIP_SETRESUID"; then
2118: AC_CHECK_FUNCS(setresuid, [
2119: SKIP_SETREUID=yes
2120: AC_CHECK_FUNCS(getresuid)
2121: ])
2122: fi
2123: if test -z "$SKIP_SETREUID"; then
2124: AC_CHECK_FUNCS(setreuid, [SKIP_SETEUID=yes])
2125: fi
2126: if test -z "$SKIP_SETEUID"; then
2127: AC_CHECK_FUNCS(seteuid)
2128: fi
2129: if test X"$with_interfaces" != X"no"; then
2130: AC_CHECK_FUNCS(getifaddrs, [AC_CHECK_FUNCS(freeifaddrs)])
2131: fi
2132: if test -z "$BROKEN_GETCWD"; then
2133: AC_REPLACE_FUNCS(getcwd)
2134: fi
2135: AC_CHECK_FUNCS(glob, [AC_MSG_CHECKING(for GLOB_BRACE and GLOB_TILDE in glob.h)
2136: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <glob.h>]], [[int i = GLOB_BRACE | GLOB_TILDE; (void)i;]])], [AC_DEFINE(HAVE_EXTENDED_GLOB)
2137: AC_MSG_RESULT(yes)], [AC_LIBOBJ(glob)
2138: AC_MSG_RESULT(no)])], [AC_LIBOBJ(glob)])
2139: AC_CHECK_FUNCS(lockf flock, [break])
2140: AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
2141: AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
2142: AC_CHECK_FUNCS(killpg, [], [AC_LIBOBJ(killpg)])
2143: SUDO_FUNC_FNMATCH([AC_DEFINE(HAVE_FNMATCH)], [AC_LIBOBJ(fnmatch)])
2144: SUDO_FUNC_ISBLANK
2145: AC_REPLACE_FUNCS(memrchr strlcpy strlcat setenv)
2146: AC_CHECK_FUNCS(nanosleep, [], [
2147: # On Solaris, nanosleep is in librt
2148: AC_CHECK_LIB(rt, nanosleep, [REPLAY_LIBS="${REPLAY_LIBS} -lrt"], [AC_LIBOBJ(nanosleep)])
2149: ])
2150: AC_CHECK_FUNCS(closefrom, [], [AC_LIBOBJ(closefrom)
2151: AC_CHECK_DECL(F_CLOSEM, AC_DEFINE(HAVE_FCNTL_CLOSEM), [],
2152: [ #include <limits.h>
2153: #include <fcntl.h> ])
2154: ])
2155: AC_CHECK_FUNCS(mkstemps mkdtemp, [], [
2156: AC_CHECK_FUNCS(random lrand48, [break])
2157: AC_LIBOBJ(mktemp)
2158: ])
2159: AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
2160: if test X"$ac_cv_type_struct_timespec" != X"no"; then
2161: AC_CHECK_MEMBER([struct stat.st_mtim], [AC_DEFINE(HAVE_ST_MTIM)]
2162: [AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
2163: [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
2164: fi
2165: dnl
2166: dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR.
2167: dnl
2168: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2169: #include <$ac_header_dirent>]], [[DIR *d; (void)dirfd(d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2170: #include <$ac_header_dirent>]], [[DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);]])], [AC_DEFINE(HAVE_DD_FD)], [])])
2171: dnl
2172: dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
2173: dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
2174: dnl
2175: if test -n "$NEED_SNPRINTF"; then
2176: AC_LIBOBJ(snprintf)
2177: fi
2178: dnl
2179: dnl If socket(2) not in libc, check -lsocket and -linet
2180: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
2181: dnl In this case we look for main(), not socket() to avoid using a cached value
2182: dnl
2183: AC_CHECK_FUNC(socket, , [AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find socket() trying -lsocket -lnsl)
2184: AC_CHECK_LIB(socket, socket, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl)))])
2185: dnl
2186: dnl If inet_addr(3) not in libc, check -lnsl and -linet
2187: dnl May need to link with *both* -lnsl and -lsocket due to unresolved symbols
2188: dnl
2189: AC_CHECK_FUNC(inet_addr, , [AC_CHECK_FUNC(__inet_addr, , AC_CHECK_LIB(nsl, inet_addr, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"], AC_MSG_WARN(unable to find inet_addr() trying -lsocket -lnsl)
2190: AC_CHECK_LIB(socket, inet_addr, [NET_LIBS="${NET_LIBS} -lsocket -lnsl"; LIBS="${LIBS} -lsocket -lnsl"], , -lnsl))))])
2191: dnl
2192: dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet
2193: dnl
2194: AC_CHECK_FUNC(syslog, , [AC_CHECK_LIB(socket, syslog, [NET_LIBS="${NET_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(nsl, syslog, [NET_LIBS="${NET_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, syslog, [NET_LIBS="${NET_LIBS} -linet"; LIBS="${LIBS} -linet"])))])
2195: dnl
2196: dnl Check for getprogname() or __progname
2197: dnl
2198: AC_CHECK_FUNCS(getprogname, , [
2199: AC_MSG_CHECKING([for __progname])
2200: AC_CACHE_VAL(sudo_cv___progname, [
2201: AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[extern char *__progname; (void)puts(__progname);]])], [sudo_cv___progname=yes], [sudo_cv___progname=no])])
2202: if test "$sudo_cv___progname" = "yes"; then
2203: AC_DEFINE(HAVE___PROGNAME)
2204: else
2205: AC_LIBOBJ(getprogname)
2206: fi
2207: AC_MSG_RESULT($sudo_cv___progname)
2208: ])
2209:
2210: # gettext() and friends may be located in libc (Linux and Solaris)
2211: # or in libintl. However, it is possible to have libintl installed
2212: # even when gettext() is present in libc. In the case of GNU libintl,
2213: # gettext() will be defined to gettext_libintl in libintl.h.
2214: # Since gcc prefers /usr/local/include to /usr/include, we need to
2215: # make sure we use the gettext() that matches the include file.
2216: if test "$enable_nls" != "no"; then
2217: if test "$enable_nls" != "yes"; then
2218: CPPFLAGS="${CPPFLAGS} -I${enable_nls}/include"
2219: SUDO_APPEND_LIBPATH(LDFLAGS, [$enable_nls/lib])
2220: fi
2221: OLIBS="$LIBS"
2222: for l in "libc" "-lintl" "-lintl -liconv"; do
2223: if test "$l" = "libc"; then
2224: # If user specified a dir for libintl ignore libc
2225: if test "$enable_nls" != "yes"; then
2226: continue
2227: fi
2228: gettext_name=sudo_cv_gettext
2229: AC_MSG_CHECKING([for gettext])
2230: else
2231: LIBS="$OLIBS $l"
2232: gettext_name=sudo_cv_gettext"`echo $l|sed -e 's/ //g' -e 's/-/_/g'`"
2233: AC_MSG_CHECKING([for gettext in $l])
2234: fi
2235: AC_CACHE_VAL($gettext_name, [
2236: AC_LINK_IFELSE(
2237: [
2238: AC_LANG_PROGRAM([[#include <libintl.h>]], [(void)gettext((char *)0);])
2239: ], [eval $gettext_name=yes], [eval $gettext_name=no]
2240: )
2241: ])
2242: eval gettext_result="\$$gettext_name"
2243: AC_MSG_RESULT($gettext_result)
2244: test "$gettext_result" = "yes" && break
2245: done
2246: LIBS="$OLIBS"
2247:
2248: if test "$sudo_cv_gettext" = "yes"; then
2249: AC_DEFINE(HAVE_LIBINTL_H)
2250: SUDO_NLS=enabled
2251: elif test "$sudo_cv_gettext_lintl" = "yes"; then
2252: AC_DEFINE(HAVE_LIBINTL_H)
2253: SUDO_NLS=enabled
2254: LIBINTL="-lintl"
2255: elif test "$sudo_cv_gettext_lintl_liconv" = "yes"; then
2256: AC_DEFINE(HAVE_LIBINTL_H)
2257: SUDO_NLS=enabled
2258: LIBINTL="-lintl -liconv"
2259: fi
2260: fi
2261:
2262: dnl
2263: dnl Deferred zlib option processing.
2264: dnl By default we use the system zlib if it is present.
2265: dnl
2266: case "$enable_zlib" in
2267: yes)
2268: AC_CHECK_LIB(z, gzdopen, [
2269: AC_CHECK_HEADERS(zlib.h, [ZLIB="-lz"], [enable_zlib=builtin])
2270: ])
2271: ;;
2272: no)
2273: ;;
2274: system)
2275: AC_DEFINE(HAVE_ZLIB_H)
2276: ZLIB="-lz"
2277: ;;
2278: builtin)
2279: # handled below
2280: ;;
2281: *)
2282: AC_DEFINE(HAVE_ZLIB_H)
2283: CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
2284: SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
2285: ZLIB="${ZLIB} -lz"
2286: ;;
2287: esac
2288: if test X"$enable_zlib" = X"builtin"; then
2289: AC_DEFINE(HAVE_ZLIB_H)
2290: CPPFLAGS="${CPPFLAGS}"' -I$(top_srcdir)/zlib'
2291: ZLIB="${ZLIB}"' $(top_builddir)/zlib/libz.la'
2292: ZLIB_SRC=zlib
2293: AC_CONFIG_HEADER([zlib/zconf.h])
2294: AC_CONFIG_FILES([zlib/Makefile])
2295: fi
2296:
2297: dnl
2298: dnl Check for errno declaration in errno.h
2299: dnl
2300: AC_CHECK_DECLS([errno], [], [], [
2301: AC_INCLUDES_DEFAULT
2302: #include <errno.h>
2303: ])
2304:
2305: dnl
2306: dnl Check for strsignal() or sys_siglist
2307: dnl
2308: AC_CHECK_FUNCS(strsignal, [], [
2309: AC_LIBOBJ(strsignal)
2310: HAVE_SIGLIST="false"
2311: AC_CHECK_DECLS([sys_siglist, _sys_siglist, __sys_siglist], [
2312: HAVE_SIGLIST="true"
2313: break
2314: ], [ ], [
2315: AC_INCLUDES_DEFAULT
2316: #include <signal.h>
2317: ])
2318: if test "$HAVE_SIGLIST" != "true"; then
2319: AC_LIBOBJ(siglist)
2320: fi
2321: ])
2322:
2323: dnl
2324: dnl nsswitch.conf and its equivalents
2325: dnl
2326: if test ${with_netsvc-"no"} != "no"; then
2327: SUDO_DEFINE_UNQUOTED(_PATH_NETSVC_CONF, "${with_netsvc-/etc/netsvc.conf}")
2328: netsvc_conf=${with_netsvc-/etc/netsvc.conf}
2329: elif test ${with_nsswitch-"yes"} != "no"; then
2330: SUDO_DEFINE_UNQUOTED(_PATH_NSSWITCH_CONF, "${with_nsswitch-/etc/nsswitch.conf}")
2331: nsswitch_conf=${with_nsswitch-/etc/nsswitch.conf}
2332: fi
2333:
2334: dnl
2335: dnl Mutually exclusive auth checks come first, followed by
2336: dnl non-exclusive ones. Note: passwd must be last of all!
2337: dnl
2338:
2339: dnl
2340: dnl Convert default authentication methods to with_* if
2341: dnl no explicit authentication scheme was specified.
2342: dnl
2343: if test -z "${AUTH_EXCL}${AUTH_REG}" -a -n "$AUTH_EXCL_DEF"; then
2344: for auth in $AUTH_EXCL_DEF; do
2345: case $auth in
2346: AIX_AUTH) with_aixauth=maybe;;
2347: BSD_AUTH) with_bsdauth=maybe;;
2348: PAM) with_pam=maybe;;
2349: SIA) CHECKSIA=true;;
2350: esac
2351: done
2352: fi
2353:
2354: dnl
2355: dnl PAM support. Systems that use PAM by default set with_pam=default
2356: dnl and we do the actual tests here.
2357: dnl
2358: if test ${with_pam-"no"} != "no"; then
2359: # We already link with -ldl (see LIBDL below) so no need for that here.
2360: SUDOERS_LIBS="${SUDOERS_LIBS} -lpam"
2361:
2362: dnl
2363: dnl Some PAM implementations (MacOS X for example) put the PAM headers
2364: dnl in /usr/include/pam instead of /usr/include/security...
2365: dnl
2366: AC_CHECK_HEADERS([security/pam_appl.h] [pam/pam_appl.h], [with_pam=yes; break])
2367: if test "$with_pam" = "yes"; then
2368: AC_DEFINE(HAVE_PAM)
2369: AUTH_OBJS="$AUTH_OBJS pam.lo";
2370: AUTH_EXCL=PAM
2371:
2372: AC_ARG_WITH(pam-login, [AS_HELP_STRING([--with-pam-login], [enable specific PAM session for sudo -i])],
2373: [case $with_pam_login in
2374: yes) AC_DEFINE([HAVE_PAM_LOGIN])
2375: AC_MSG_CHECKING(whether to use PAM login)
2376: AC_MSG_RESULT(yes)
2377: ;;
2378: no) ;;
2379: *) AC_MSG_ERROR(["--with-pam-login does not take an argument."])
2380: ;;
2381: esac])
2382:
2383: AC_MSG_CHECKING(whether to use PAM session support)
2384: AC_ARG_ENABLE(pam_session,
2385: [AS_HELP_STRING([--disable-pam-session], [Disable PAM session support])],
2386: [ case "$enableval" in
2387: yes) AC_MSG_RESULT(yes)
2388: ;;
2389: no) AC_MSG_RESULT(no)
2390: AC_DEFINE(NO_PAM_SESSION)
2391: ;;
2392: *) AC_MSG_RESULT(no)
2393: AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval])
2394: ;;
2395: esac], AC_MSG_RESULT(yes))
2396: fi
2397: fi
2398:
2399: dnl
2400: dnl AIX general authentication
2401: dnl If set to "maybe" only enable if no other exclusive method in use.
2402: dnl
2403: if test ${with_aixauth-'no'} != "no"; then
2404: if test X"$with_aixauth" != X"maybe" -o X"$AUTH_EXCL" = X""; then
2405: AC_MSG_NOTICE([using AIX general authentication])
2406: AC_DEFINE(HAVE_AIXAUTH)
2407: AUTH_OBJS="$AUTH_OBJS aix_auth.lo";
2408: SUDOERS_LIBS="${SUDOERS_LIBS} -ls"
2409: AUTH_EXCL=AIX_AUTH
2410: fi
2411: fi
2412:
2413: dnl
2414: dnl BSD authentication
2415: dnl If set to "maybe" only enable if no other exclusive method in use.
2416: dnl
2417: if test ${with_bsdauth-'no'} != "no"; then
2418: AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
2419: [AUTH_OBJS="$AUTH_OBJS bsdauth.lo"]
2420: [BSDAUTH_USAGE='[[-a auth_type]] ']
2421: [AUTH_EXCL=BSD_AUTH; BAMAN=1],
2422: [AC_MSG_ERROR([BSD authentication was specified but bsd_auth.h could not be found])])
2423: fi
2424:
2425: dnl
2426: dnl SIA authentication for Tru64 Unix
2427: dnl
2428: if test ${CHECKSIA-'false'} = "true"; then
2429: AC_CHECK_FUNCS(sia_ses_init, [found=true], [found=false])
2430: if test "$found" = "true"; then
2431: AUTH_EXCL=SIA
2432: AUTH_OBJS="$AUTH_OBJS sia.lo"
2433: fi
2434: fi
2435:
2436: dnl
2437: dnl extra FWTK libs + includes
2438: dnl
2439: if test ${with_fwtk-'no'} != "no"; then
2440: if test "$with_fwtk" != "yes"; then
2441: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_fwtk}])
2442: CPPFLAGS="${CPPFLAGS} -I${with_fwtk}"
2443: with_fwtk=yes
2444: fi
2445: SUDOERS_LIBS="${SUDOERS_LIBS} -lauth -lfwall"
2446: AUTH_OBJS="$AUTH_OBJS fwtk.lo"
2447: fi
2448:
2449: dnl
2450: dnl extra SecurID lib + includes
2451: dnl
2452: if test ${with_SecurID-'no'} != "no"; then
2453: if test "$with_SecurID" != "yes"; then
2454: :
2455: elif test -d /usr/ace/examples; then
2456: with_SecurID=/usr/ace/examples
2457: else
2458: with_SecurID=/usr/ace
2459: fi
2460: CPPFLAGS="${CPPFLAGS} -I${with_SecurID}"
2461: _LDFLAGS="${LDFLAGS}"
2462: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_SecurID}])
2463: #
2464: # Determine whether to use the new or old SecurID API
2465: #
2466: AC_CHECK_LIB(aceclnt, SD_Init,
2467: [
2468: AUTH_OBJS="$AUTH_OBJS securid5.lo";
2469: SUDOERS_LIBS="${SUDOERS_LIBS} -laceclnt -lpthread"
2470: ]
2471: [
2472: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_SecurID}])
2473: ], [
2474: AUTH_OBJS="$AUTH_OBJS securid.lo";
2475: SUDOERS_LIBS="${SUDOERS_LIBS} ${with_SecurID}/sdiclient.a"
2476: ],
2477: [
2478: -lpthread
2479: ]
2480: )
2481: LDFLAGS="${_LDFLAGS}"
2482: fi
2483:
2484: dnl
2485: dnl Non-mutually exclusive auth checks come next.
2486: dnl Note: passwd must be last of all!
2487: dnl
2488:
2489: dnl
2490: dnl Convert default authentication methods to with_* if
2491: dnl no explicit authentication scheme was specified.
2492: dnl
2493: if test -z "${AUTH_EXCL}" -a -n "$AUTH_DEF"; then
2494: for auth in $AUTH_DEF; do
2495: case $auth in
2496: passwd) : ${with_passwd='maybe'};;
2497: esac
2498: done
2499: fi
2500:
2501: dnl
2502: dnl Kerberos IV
2503: dnl
2504: if test ${with_kerb4-'no'} != "no"; then
2505: AC_DEFINE(HAVE_KERB4)
2506: dnl
2507: dnl Use the specified directory, if any, else search for correct inc dir
2508: dnl
2509: O_LDFLAGS="$LDFLAGS"
2510: if test "$with_kerb4" = "yes"; then
2511: found=no
2512: O_CPPFLAGS="$CPPFLAGS"
2513: for dir in "" "kerberosIV/" "krb4/" "kerberos4/" "kerberosv4/"; do
2514: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
2515: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <krb.h>]])], [found=yes; break])
2516: done
2517: test X"$found" = X"no" && CPPFLAGS="$O_CPPFLAGS"
2518: else
2519: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_kerb4}/lib])
2520: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_kerb4}/lib])
2521: CPPFLAGS="$CPPFLAGS -I${with_kerb4}/include"
2522: AC_CHECK_HEADER([krb.h], [found=yes], [found=no])
2523: fi
2524: if test X"$found" = X"no"; then
2525: AC_MSG_WARN([Unable to locate Kerberos IV include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
2526: fi
2527:
2528: dnl
2529: dnl Check for -ldes vs. -ldes425
2530: dnl
2531: AC_CHECK_LIB(des, des_cbc_encrypt, [K4LIBS="-ldes"], [
2532: AC_CHECK_LIB(des425, des_cbc_encrypt, [K4LIBS="-ldes425"], [K4LIBS=""])
2533: ])
2534: dnl
2535: dnl Try to determine whether we have KTH or MIT/CNS Kerberos IV
2536: dnl
2537: AC_MSG_CHECKING(whether we are using KTH Kerberos IV)
2538: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb.h>]], [[const char *tmp = krb4_version;]])], [
2539: AC_MSG_RESULT(yes)
2540: K4LIBS="${K4LIBS} -lcom_err"
2541: AC_CHECK_LIB(roken, main, [K4LIBS="${K4LIBS} -lroken"])
2542: ], [
2543: AC_MSG_RESULT(no)
2544: ]
2545: )
2546: dnl
2547: dnl The actual Kerberos IV lib might be -lkrb or -lkrb4
2548: dnl
2549: AC_CHECK_LIB(krb, main, [K4LIBS="-lkrb $K4LIBS"], [
2550: AC_CHECK_LIB(krb4, main, [K4LIBS="-lkrb4 $K4LIBS"],
2551: [K4LIBS="-lkrb $K4LIBS"]
2552: [AC_MSG_WARN([Unable to locate Kerberos IV libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDOERS_LDFLAGS and possibly add Kerberos libs to SUDOERS_LIBS])]
2553: , [$K4LIBS])
2554: ], [$K4LIBS])
2555: LDFLAGS="$O_LDFLAGS"
2556: SUDOERS_LIBS="${SUDOERS_LIBS} $K4LIBS"
2557: AUTH_OBJS="$AUTH_OBJS kerb4.lo"
2558: fi
2559:
2560: dnl
2561: dnl Kerberos V
2562: dnl There is an easy way and a hard way...
2563: dnl
2564: if test ${with_kerb5-'no'} != "no"; then
2565: AC_CHECK_PROG(KRB5CONFIG, krb5-config, yes, "")
2566: if test -n "$KRB5CONFIG"; then
2567: AC_DEFINE(HAVE_KERB5)
2568: AUTH_OBJS="$AUTH_OBJS kerb5.lo"
2569: CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"
2570: SUDOERS_LIBS="$SUDOERS_LIBS `krb5-config --libs`"
2571: dnl
2572: dnl Try to determine whether we have Heimdal or MIT Kerberos
2573: dnl
2574: AC_MSG_CHECKING(whether we are using Heimdal)
2575: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
2576: AC_MSG_RESULT(yes)
2577: AC_DEFINE(HAVE_HEIMDAL)
2578: ], [
2579: AC_MSG_RESULT(no)
2580: ]
2581: )
2582: else
2583: AC_DEFINE(HAVE_KERB5)
2584: dnl
2585: dnl Use the specified directory, if any, else search for correct inc dir
2586: dnl
2587: if test "$with_kerb5" = "yes"; then
2588: found=no
2589: O_CPPFLAGS="$CPPFLAGS"
2590: for dir in "" "kerberosV/" "krb5/" "kerberos5/" "kerberosv5/"; do
2591: CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
2592: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]])], [found=yes; break])
2593: done
2594: if test X"$found" = X"no"; then
2595: CPPFLAGS="$O_CPPFLAGS"
2596: AC_MSG_WARN([Unable to locate Kerberos V include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS])
2597: fi
2598: else
2599: dnl XXX - try to include krb5.h here too
2600: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_kerb5}/lib])
2601: CPPFLAGS="$CPPFLAGS -I${with_kerb5}/include"
2602: fi
2603:
2604: dnl
2605: dnl Try to determine whether we have Heimdal or MIT Kerberos
2606: dnl
2607: AC_MSG_CHECKING(whether we are using Heimdal)
2608: AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <krb5.h>]], [[const char *tmp = heimdal_version;]])], [
2609: AC_MSG_RESULT(yes)
2610: AC_DEFINE(HAVE_HEIMDAL)
2611: # XXX - need to check whether -lcrypo is needed!
2612: SUDOERS_LIBS="${SUDOERS_LIBS} -lkrb5 -lcrypto -ldes -lcom_err -lasn1"
2613: AC_CHECK_LIB(roken, main, [SUDOERS_LIBS="${SUDOERS_LIBS} -lroken"])
2614: ], [
2615: AC_MSG_RESULT(no)
2616: SUDOERS_LIBS="${SUDOERS_LIBS} -lkrb5 -lk5crypto -lcom_err"
2617: AC_CHECK_LIB(krb5support, main, [SUDOERS_LIBS="${SUDOERS_LIBS} -lkrb5support"])
2618: ])
2619: AUTH_OBJS="$AUTH_OBJS kerb5.lo"
2620: fi
2621: _LIBS="$LIBS"
2622: LIBS="${LIBS} ${SUDOERS_LIBS}"
2623: AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
2624: AC_CHECK_FUNCS(krb5_get_init_creds_opt_alloc, [
2625: AC_CACHE_CHECK([whether krb5_get_init_creds_opt_free takes a context],
2626: sudo_cv_krb5_get_init_creds_opt_free_two_args, [
2627: AC_COMPILE_IFELSE(
2628: [AC_LANG_PROGRAM(
2629: [[#include <krb5.h>]],
2630: [[krb5_get_init_creds_opt_free(NULL, NULL);]]
2631: )],
2632: [sudo_cv_krb5_get_init_creds_opt_free_two_args=yes],
2633: [sudo_cv_krb5_get_init_creds_opt_free_two_args=no]
2634: )
2635: ]
2636: )
2637: ])
2638: if test X"$sudo_cv_krb5_get_init_creds_opt_free_two_args" = X"yes"; then
2639: AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS)
2640: fi
2641: LIBS="$_LIBS"
2642: fi
2643:
2644: dnl
2645: dnl extra AFS libs and includes
2646: dnl
2647: if test ${with_AFS-'no'} = "yes"; then
2648:
2649: # looks like the "standard" place for AFS libs is /usr/afsws/lib
2650: AFSLIBDIRS="/usr/lib/afs /usr/afsws/lib /usr/afsws/lib/afs"
2651: for i in $AFSLIBDIRS; do
2652: if test -d ${i}; then
2653: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [$i])
2654: FOUND_AFSLIBDIR=true
2655: fi
2656: done
2657: if test -z "$FOUND_AFSLIBDIR"; then
2658: AC_MSG_WARN([Unable to locate AFS libraries, you will have to edit the Makefile and add -L/path/to/afs/libs to SUDOERS_LDFLAGS or rerun configure with the --with-libpath options.])
2659: fi
2660:
2661: # Order is important here. Note that we build AFS_LIBS from right to left
2662: # since AFS_LIBS may be initialized with BSD compat libs that must go last
2663: AFS_LIBS="-laudit ${AFS_LIBS}"
2664: for i in $AFSLIBDIRS; do
2665: if test -f ${i}/util.a; then
2666: AFS_LIBS="${i}/util.a ${AFS_LIBS}"
2667: FOUND_UTIL_A=true
2668: break;
2669: fi
2670: done
2671: if test -z "$FOUND_UTIL_A"; then
2672: AFS_LIBS="-lutil ${AFS_LIBS}"
2673: fi
2674: AFS_LIBS="-lkauth -lprot -lubik -lauth -lrxkad -lsys -ldes -lrx -llwp -lcom_err ${AFS_LIBS}"
2675:
2676: # AFS includes may live in /usr/include on some machines...
2677: for i in /usr/afsws/include; do
2678: if test -d ${i}; then
2679: CPPFLAGS="${CPPFLAGS} -I${i}"
2680: FOUND_AFSINCDIR=true
2681: fi
2682: done
2683:
2684: if test -z "$FOUND_AFSLIBDIR"; then
2685: AC_MSG_WARN([Unable to locate AFS include dir, you may have to edit the Makefile and add -I/path/to/afs/includes to CPPFLAGS or rerun configure with the --with-incpath options.])
2686: fi
2687:
2688: AUTH_OBJS="$AUTH_OBJS afs.lo"
2689: fi
2690:
2691: dnl
2692: dnl extra DCE obj + lib
2693: dnl Order of libs in HP-UX 10.x is important, -ldce must be last.
2694: dnl
2695: if test ${with_DCE-'no'} = "yes"; then
2696: DCE_OBJS="${DCE_OBJS} dce_pwent.o"
2697: SUDOERS_LIBS="${SUDOERS_LIBS} -ldce"
2698: AUTH_OBJS="$AUTH_OBJS dce.lo"
2699: fi
2700:
2701: dnl
2702: dnl extra S/Key lib and includes
2703: dnl
2704: if test "${with_skey-'no'}" = "yes"; then
2705: O_LDFLAGS="$LDFLAGS"
2706: if test "$with_skey" != "yes"; then
2707: CPPFLAGS="${CPPFLAGS} -I${with_skey}/include"
2708: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_skey}/lib])
2709: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_skey}/lib])
2710: AC_CHECK_HEADER([skey.h], [found=yes], [found=no], [#include <stdio.h>])
2711: else
2712: found=no
2713: O_CPPFLAGS="$CPPFLAGS"
2714: for dir in "" "/usr/local" "/usr/contrib"; do
2715: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
2716: AC_CHECK_HEADER([skey.h], [found=yes; break], [],
2717: [#include <stdio.h>])
2718: done
2719: if test "$found" = "no" -o -z "$dir"; then
2720: CPPFLAGS="$O_CPPFLAGS"
2721: else
2722: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2723: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${dir}/lib])
2724: fi
2725: if test "$found" = "no"; then
2726: AC_MSG_WARN([Unable to locate skey.h, you will have to edit the Makefile and add -I/path/to/skey/includes to CPPFLAGS])
2727: fi
2728: fi
2729: AC_CHECK_LIB(skey, main, [found=yes], [AC_MSG_WARN([Unable to locate libskey.a, you will have to edit the Makefile and add -L/path/to/skey/lib to SUDOERS_LDFLAGS])])
2730: AC_CHECK_LIB(skey, skeyaccess, AC_DEFINE(HAVE_SKEYACCESS))
2731:
2732: AC_MSG_CHECKING([for RFC1938-compliant skeychallenge])
2733: AC_COMPILE_IFELSE(
2734: [AC_LANG_PROGRAM(
2735: [[#include <stdio.h>
2736: #include <skey.h>]],
2737: [[skeychallenge(NULL, NULL, NULL, 0);]]
2738: )], [
2739: AC_DEFINE(HAVE_RFC1938_SKEYCHALLENGE)
2740: AC_MSG_RESULT([yes])
2741: ], [
2742: AC_MSG_RESULT([no])
2743: ]
2744: )
2745:
2746: LDFLAGS="$O_LDFLAGS"
2747: SUDOERS_LIBS="${SUDOERS_LIBS} -lskey"
2748: AUTH_OBJS="$AUTH_OBJS rfc1938.lo"
2749: fi
2750:
2751: dnl
2752: dnl extra OPIE lib and includes
2753: dnl
2754: if test "${with_opie-'no'}" = "yes"; then
2755: O_LDFLAGS="$LDFLAGS"
2756: if test "$with_opie" != "yes"; then
2757: CPPFLAGS="${CPPFLAGS} -I${with_opie}/include"
2758: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_opie}/lib])
2759: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_opie}/lib])
2760: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <opie.h>]])], [found=yes], [found=no])
2761: else
2762: found=no
2763: O_CPPFLAGS="$CPPFLAGS"
2764: for dir in "" "/usr/local" "/usr/contrib"; do
2765: test -n "$dir" && CPPFLAGS="$O_CPPFLAGS -I${dir}/include"
2766: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <opie.h>]])], [found=yes; break])
2767: done
2768: if test "$found" = "no" -o -z "$dir"; then
2769: CPPFLAGS="$O_CPPFLAGS"
2770: else
2771: SUDO_APPEND_LIBPATH(LDFLAGS, [${dir}/lib])
2772: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${dir}/lib])
2773: fi
2774: if test "$found" = "no"; then
2775: AC_MSG_WARN([Unable to locate opie.h, you will have to edit the Makefile and add -I/path/to/opie/includes to CPPFLAGS])
2776: fi
2777: fi
2778: AC_CHECK_LIB(opie, main, [found=yes], [AC_MSG_WARN([Unable to locate libopie.a, you will have to edit the Makefile and add -L/path/to/opie/lib to SUDOERS_LDFLAGS])])
2779: LDFLAGS="$O_LDFLAGS"
2780: SUDOERS_LIBS="${SUDOERS_LIBS} -lopie"
2781: AUTH_OBJS="$AUTH_OBJS rfc1938.lo"
2782: fi
2783:
2784: dnl
2785: dnl Check for shadow password routines if we have not already done so.
2786: dnl If there is a specific list of functions to check we do that first.
2787: dnl Otherwise, we check for SVR4-style and then SecureWare-style.
2788: dnl
2789: if test ${with_passwd-'no'} != "no"; then
2790: dnl
2791: dnl if crypt(3) not in libc, look elsewhere
2792: dnl
2793: if test -z "$LIB_CRYPT"; then
2794: _LIBS="$LIBS"
2795: AC_SEARCH_LIBS([crypt], [crypt crypt_d ufc], [test -n "$ac_lib" && SUDOERS_LIBS="${SUDOERS_LIBS} $ac_res"])
2796: LIBS="$_LIBS"
2797: fi
2798:
2799: if test "$CHECKSHADOW" = "true" -a -n "$shadow_funcs"; then
2800: _LIBS="$LIBS"
2801: LIBS="$LIBS $shadow_libs"
2802: found=no
2803: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2804: if test "$found" = "yes"; then
2805: SUDOERS_LIBS="$SUDOERS_LIBS $shadow_libs"
2806: elif test -n "$shadow_libs_optional"; then
2807: LIBS="$LIBS $shadow_libs_optional"
2808: AC_CHECK_FUNCS($shadow_funcs, [found=yes])
2809: if test "$found" = "yes"; then
2810: SUDOERS_LIBS="$SUDOERS_LIBS $shadow_libs $shadow_libs_optional"
2811: fi
2812: fi
2813: if test "$found" = "yes"; then
2814: case "$shadow_funcs" in
2815: *getprpwnam*) SECUREWARE=1;;
2816: esac
2817: test -n "$shadow_defs" && OSDEFS="${OSDEFS} $shadow_defs"
2818: else
2819: LIBS="$_LIBS"
2820: fi
2821: CHECKSHADOW=false
2822: fi
2823: if test "$CHECKSHADOW" = "true"; then
2824: AC_SEARCH_LIBS([getspnam], [gen], [AC_DEFINE(HAVE_GETSPNAM)] [CHECKSHADOW=false; test -n "$ac_lib" && SUDOERS_LIBS="${SUDOERS_LIBS} $ac_res"])
2825: fi
2826: if test "$CHECKSHADOW" = "true"; then
2827: AC_SEARCH_LIBS([getprpwnam], [sec security prot], [AC_DEFINE(HAVE_GETPRPWNAM)] [CHECKSHADOW=false; SECUREWARE=1; test -n "$ac_lib" && SUDOERS_LIBS="${SUDOERS_LIBS} $ac_res"])
2828: fi
2829: if test -n "$SECUREWARE"; then
2830: AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
2831: AUTH_OBJS="$AUTH_OBJS secureware.lo"
2832: fi
2833: fi
2834:
2835: dnl
2836: dnl extra lib and .o file for LDAP support
2837: dnl
2838: if test ${with_ldap-'no'} != "no"; then
2839: _LDFLAGS="$LDFLAGS"
2840: if test "$with_ldap" != "yes"; then
2841: SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_ldap}/lib])
2842: SUDO_APPEND_LIBPATH(LDFLAGS, [${with_ldap}/lib])
2843: CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
2844: with_ldap=yes
2845: fi
2846: SUDOERS_OBJS="${SUDOERS_OBJS} ldap.lo"
2847: LDAP=""
2848:
2849: AC_MSG_CHECKING([for LDAP libraries])
2850: LDAP_LIBS=""
2851: _LIBS="$LIBS"
2852: found=no
2853: for l in -lldap -llber '-lssl -lcrypto'; do
2854: LIBS="${LIBS} $l"
2855: LDAP_LIBS="${LDAP_LIBS} $l"
2856: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2857: #include <lber.h>
2858: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [found=yes; break])
2859: done
2860: if test "$found" = "no"; then
2861: LDAP_LIBS=""
2862: LIBS="$_LIBS"
2863: for l in -libmldap -lidsldif; do
2864: LIBS="${LIBS} $l"
2865: LDAP_LIBS="${LDAP_LIBS} $l"
2866: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2867: #include <lber.h>
2868: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [found=yes; break])
2869: done
2870: fi
2871: dnl if nothing linked just try with -lldap
2872: if test "$found" = "no"; then
2873: LIBS="${_LIBS} -lldap"
2874: LDAP_LIBS="-lldap"
2875: AC_MSG_RESULT([not found, using -lldap])
2876: else
2877: AC_MSG_RESULT([$LDAP_LIBS])
2878: fi
2879: dnl check if we need to link with -llber for ber_set_option
2880: OLIBS="$LIBS"
2881: AC_SEARCH_LIBS([ber_set_option], [lber], [found=yes], [found=no])
2882: if test X"$found" = X"yes" -a X"$LIBS" != X"$OLIBS"; then
2883: LDAP_LIBS="$LDAP_LIBS -llber"
2884: fi
2885: dnl check if ldap.h includes lber.h for us
2886: AC_MSG_CHECKING([whether lber.h is needed])
2887: AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
2888: #include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [AC_MSG_RESULT([no])], [
2889: AC_MSG_RESULT([yes])
2890: AC_DEFINE(HAVE_LBER_H)])
2891:
2892: AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s)], [break])
2893: AC_CHECK_HEADERS([ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
2894: AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_client_init ldap_start_tls_s_np)
2895: AC_CHECK_FUNCS(ldap_search_ext_s ldap_search_st, [break])
2896:
2897: if test X"$check_gss_krb5_ccache_name" = X"yes"; then
2898: AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,
2899: AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
2900: [LDAP_LIBS="${LDAP_LIBS} -lgssapi"],
2901: AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,
2902: AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
2903: [LDAP_LIBS="${LDAP_LIBS} -lgssapi_krb5"])
2904: )
2905:
2906: # gssapi headers may be separate or part of Kerberos V
2907: found=no
2908: O_CPPFLAGS="$CPPFLAGS"
2909: for dir in "" "kerberosV" "krb5" "kerberos5" "kerberosv5"; do
2910: test X"$dir" != X"" && CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
2911: AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <gssapi/gssapi.h>]])], [found="gssapi/gssapi.h"; break], [AC_PREPROC_IFELSE([AC_LANG_PROGRAM([[#include <gssapi.h>]])], [found="gssapi.h"; break])])
2912: done
2913: if test X"$found" != X"no"; then
2914: AC_CHECK_HEADERS([$found])
2915: if test X"$found" = X"gssapi/gssapi.h"; then
2916: AC_CHECK_HEADERS([gssapi/gssapi_krb5.h])
2917: fi
2918: else
2919: CPPFLAGS="$O_CPPFLAGS"
2920: AC_MSG_WARN([Unable to locate gssapi.h, you will have to edit the Makefile and add -I/path/to/gssapi/includes to CPPFLAGS])
2921: fi
2922: fi
2923:
2924: SUDOERS_LIBS="${SUDOERS_LIBS} ${LDAP_LIBS}"
2925: LIBS="$_LIBS"
2926: LDFLAGS="$_LDFLAGS"
2927: fi
2928:
2929: #
2930: # How to do dynamic object loading.
2931: # We support dlopen() and sh_load(), else fall back to static loading.
2932: #
2933: case "$lt_cv_dlopen" in
2934: dlopen)
2935: AC_DEFINE(HAVE_DLOPEN)
2936: SUDOERS_OBJS="$SUDOERS_OBJS plugin_error.lo"
2937: LT_STATIC="--tag=disable-static"
2938: ;;
2939: shl_load)
2940: AC_DEFINE(HAVE_SHL_LOAD)
2941: SUDOERS_OBJS="$SUDOERS_OBJS plugin_error.lo"
2942: LT_STATIC="--tag=disable-static"
2943: AC_LIBOBJ(dlopen)
2944: ;;
2945: *)
2946: if test X"${ac_cv_func_dlopen}" = X"yes"; then
2947: AC_MSG_ERROR(["dlopen present but libtool doesn't appear to support your platform."])
2948: fi
2949: # Preload sudoers module symbols
2950: SUDO_OBJS="${SUDO_OBJS} preload.o"
2951: SUDO_LIBS="${SUDO_LIBS} \$(top_builddir)/plugins/sudoers/sudoers.la"
2952: LT_STATIC=""
2953: AC_LIBOBJ(dlopen)
2954: ;;
2955: esac
2956:
2957: #
2958: # Add library needed for dynamic loading, if any.
2959: #
2960: LIBDL="$lt_cv_dlopen_libs"
2961: if test X"$LIBDL" != X""; then
2962: SUDO_LIBS="${SUDO_LIBS} $LIBDL"
2963: SUDOERS_LIBS="${SUDOERS_LIBS} $LIBDL"
2964: fi
2965:
2966: # On HP-UX, you cannot dlopen() a shared object that uses pthreads
2967: # unless the main program is linked against -lpthread. Since we
2968: # have no knowledge what libraries a plugin may depend on, we always
2969: # link against -lpthread on HP-UX if it is available.
2970: # This check should go after all other libraries tests.
2971: case "$host" in
2972: *-*-hpux*)
2973: AC_CHECK_LIB(pthread, main, [SUDO_LIBS="${SUDO_LIBS} -lpthread"])
2974: ;;
2975: esac
2976:
2977: dnl
2978: dnl Add $blibpath to SUDOERS_LDFLAGS if specified by the user or if we
2979: dnl added -L dirpaths to SUDOERS_LDFLAGS.
2980: dnl
2981: if test -n "$blibpath"; then
2982: if test -n "$blibpath_add"; then
2983: SUDOERS_LDFLAGS="$SUDOERS_LDFLAGS -Wl,-blibpath:${blibpath}${blibpath_add}"
2984: elif test -n "$with_blibpath" -a "$with_blibpath" != "yes"; then
2985: SUDOERS_LDFLAGS="$SUDOERS_LDFLAGS -Wl,-blibpath:${blibpath}"
2986: fi
2987: fi
2988:
2989: dnl
2990: dnl Check for log file, timestamp and iolog locations
2991: dnl
2992: if test "$utmp_style" = "LEGACY"; then
2993: SUDO_PATH_UTMP
2994: fi
2995: SUDO_LOGFILE
2996: SUDO_TIMEDIR
2997: SUDO_IO_LOGDIR
2998:
2999: dnl
3000: dnl Use passwd auth module?
3001: dnl
3002: case "$with_passwd" in
3003: yes|maybe)
3004: AUTH_OBJS="$AUTH_OBJS getspwuid.lo passwd.lo"
3005: ;;
3006: *)
3007: AC_DEFINE(WITHOUT_PASSWD)
3008: if test -z "$AUTH_OBJS"; then
3009: AC_MSG_ERROR([no authentication methods defined.])
3010: fi
3011: ;;
3012: esac
3013: AUTH_OBJS=${AUTH_OBJS# }
3014: _AUTH=`echo "$AUTH_OBJS" | sed -e 's/\.lo//g' -e 's/getspwuid *//'`
3015: AC_MSG_NOTICE([using the following authentication methods: $_AUTH])
3016:
3017: dnl
3018: dnl LIBS may contain duplicates from SUDO_LIBS, SUDOERS_LIBS, or NET_LIBS
3019: dnl
3020: if test -n "$LIBS"; then
3021: L="$LIBS"
3022: LIBS=
3023: for l in ${L}; do
3024: dupe=0
3025: for sl in ${SUDO_LIBS} ${SUDOERS_LIBS} ${NET_LIBS}; do
3026: test $l = $sl && dupe=1
3027: done
3028: test $dupe = 0 && LIBS="${LIBS} $l"
3029: done
3030: fi
3031:
3032: dnl
3033: dnl We add -Wall and -Werror after all tests so they don't cause failures
3034: dnl
3035: if test -n "$GCC"; then
3036: if test X"$enable_warnings" = X"yes" -o X"$with_devel" = X"yes"; then
3037: CFLAGS="${CFLAGS} -Wall"
3038: fi
3039: if test X"$enable_werror" = X"yes"; then
3040: CFLAGS="${CFLAGS} -Werror"
3041: fi
3042: fi
3043:
3044: dnl
3045: dnl Set exec_prefix
3046: dnl
3047: test "$exec_prefix" = "NONE" && exec_prefix='$(prefix)'
3048:
3049: dnl
3050: dnl Defer setting _PATH_SUDO_NOEXEC until after exec_prefix is set
3051: dnl XXX - this is gross!
3052: dnl
3053: if test X"$with_noexec" != X"no" -o X"$with_selinux" != X"no"; then
3054: oexec_prefix="$exec_prefix"
3055: if test "$exec_prefix" = '$(prefix)'; then
3056: if test "$prefix" = "NONE"; then
3057: exec_prefix="$ac_default_prefix"
3058: else
3059: exec_prefix="$prefix"
3060: fi
3061: fi
3062: if test X"$with_noexec" != X"no"; then
3063: PROGS="${PROGS} libsudo_noexec.la"
3064: INSTALL_NOEXEC="install-noexec"
3065:
3066: eval noexec_file="$with_noexec"
3067: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, "$noexec_file", [The fully qualified pathname of sudo_noexec.so])
3068: fi
3069: if test X"$with_selinux" != X"no"; then
3070: eval sesh_file="$libexecdir/sesh"
3071: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SESH, "$sesh_file", [The fully qualified pathname of sesh])
3072: fi
3073: eval PLUGINDIR="$with_plugindir"
3074: SUDO_DEFINE_UNQUOTED(_PATH_SUDO_PLUGIN_DIR, "$PLUGINDIR/")
3075: SUDO_DEFINE_UNQUOTED(SUDOERS_PLUGIN, "sudoers${SOEXT}")
3076: exec_prefix="$oexec_prefix"
3077: fi
3078:
3079: dnl
3080: dnl Override default configure dirs for the Makefile
3081: dnl
3082: if test X"$prefix" = X"NONE"; then
3083: test "$mandir" = '${datarootdir}/man' && mandir='$(prefix)/man'
3084: else
3085: test "$mandir" = '${datarootdir}/man' && mandir='$(datarootdir)/man'
3086: fi
3087: test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
3088: test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
3089: test "$libexecdir" = '${exec_prefix}/libexec' && libexecdir='$(exec_prefix)/libexec'
3090: test "$includedir" = '${prefix}/include' && includedir='$(prefix)/include'
3091: test "$datarootdir" = '${prefix}/share' && datarootdir='$(prefix)/share'
3092: test "$docdir" = '${datarootdir}/doc/${PACKAGE_TARNAME}' && docdir='$(datarootdir)/doc/$(PACKAGE_TARNAME)'
3093: test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
3094:
3095: dnl
3096: dnl Substitute into the Makefile and man pages
3097: dnl
3098: dnl AC_CONFIG_FILES([doc/sudo.man doc/visudo.man doc/sudoers.man doc/sudoers.ldap.man doc/sudoreplay.man src/Makefile src/sudo_usage.h])
3099: AC_CONFIG_FILES([Makefile common/Makefile compat/Makefile doc/Makefile include/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sample_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers])
3100: AC_OUTPUT
3101:
3102: dnl
3103: dnl Spew any text the user needs to know about
3104: dnl
3105: if test "$with_pam" = "yes"; then
3106: case $host in
3107: *-*-linux*)
3108: AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo])
3109: ;;
3110: esac
3111: fi
3112:
3113: dnl
3114: dnl Autoheader templates
3115: dnl
3116: AH_TEMPLATE(BROKEN_SYSLOG, [Define to 1 if the `syslog' function returns a non-zero int to denote failure.])
3117: AH_TEMPLATE(CLASSIC_INSULTS, [Define to 1 if you want the insults from the "classic" version sudo.])
3118: AH_TEMPLATE(CSOPS_INSULTS, [Define to 1 if you want insults culled from the twisted minds of CSOps.])
3119: AH_TEMPLATE(SUDOERS_PLUGIN, [The name of the sudoers plugin, including extension.])
3120: AH_TEMPLATE(DONT_LEAK_PATH_INFO, [Define to 1 if you want sudo to display "command not allowed" instead of "command not found" when a command cannot be found.])
3121: AH_TEMPLATE(ENV_DEBUG, [Define to 1 to enable environment function debugging.])
3122: AH_TEMPLATE(ENV_EDITOR, [Define to 1 if you want visudo to honor the EDITOR and VISUAL env variables.])
3123: AH_TEMPLATE(FQDN, [Define to 1 if you want to require fully qualified hosts in sudoers.])
3124: AH_TEMPLATE(ENV_RESET, [Define to 1 to enable environment resetting by default.])
3125: AH_TEMPLATE(GOONS_INSULTS, [Define to 1 if you want insults from the "Goon Show".])
3126: AH_TEMPLATE(HAL_INSULTS, [Define to 1 if you want 2001-like insults.])
3127: AH_TEMPLATE(HAVE_AFS, [Define to 1 if you use AFS.])
3128: AH_TEMPLATE(HAVE_AIXAUTH, [Define to 1 if you use AIX general authentication.])
3129: AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.])
3130: AH_TEMPLATE(HAVE_BSM_AUDIT, [Define to 1 to enable BSM audit support.])
3131: AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.])
3132: AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.])
3133: AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
3134: AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
3135: AH_TEMPLATE(HAVE_DLOPEN, [Define to 1 if you have the `dlopen' function.])
3136: AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.])
3137: AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
3138: AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
3139: AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
3140: AH_TEMPLATE(HAVE_GETAUTHUID, [Define to 1 if you have the `getauthuid' function. (ULTRIX 4.x shadow passwords)])
3141: AH_TEMPLATE(HAVE_GETPRPWNAM, [Define to 1 if you have the `getprpwnam' function. (SecureWare-style shadow passwords)])
3142: AH_TEMPLATE(HAVE_GETPWANAM, [Define to 1 if you have the `getpwanam' function. (SunOS 4.x shadow passwords)])
3143: AH_TEMPLATE(HAVE_GETSPNAM, [Define to 1 if you have the `getspnam' function (SVR4-style shadow passwords)])
3144: AH_TEMPLATE(HAVE_GETSPWUID, [Define to 1 if you have the `getspwuid' function. (HP-UX <= 9.X shadow passwords)])
3145: AH_TEMPLATE(HAVE_GSS_KRB5_CCACHE_NAME, [Define to 1 if you have the `gss_krb5_ccache_name' function.])
3146: AH_TEMPLATE(HAVE_HEIMDAL, [Define to 1 if your Kerberos is Heimdal.])
3147: AH_TEMPLATE(HAVE_IN6_ADDR, [Define to 1 if <netinet/in.h> contains struct in6_addr.])
3148: AH_TEMPLATE(HAVE_ISCOMSEC, [Define to 1 if you have the `iscomsec' function. (HP-UX >= 10.x check for shadow enabled)])
3149: AH_TEMPLATE(HAVE_ISSECURE, [Define to 1 if you have the `issecure' function. (SunOS 4.x check for shadow enabled)])
3150: AH_TEMPLATE(HAVE_KERB4, [Define to 1 if you use Kerberos IV.])
3151: AH_TEMPLATE(HAVE_KERB5, [Define to 1 if you use Kerberos V.])
3152: AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC, [Define to 1 if you have the `krb5_get_init_creds_opt_alloc' function.])
3153: AH_TEMPLATE(HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS, [Define to 1 if your `krb5_get_init_creds_opt_free' function takes two arguments.])
3154: AH_TEMPLATE(HAVE_KRB5_INIT_SECURE_CONTEXT, [Define to 1 if you have the `krb5_init_secure_context' function.])
3155: AH_TEMPLATE(HAVE_KRB5_VERIFY_USER, [Define to 1 if you have the `krb5_verify_user' function.])
3156: AH_TEMPLATE(HAVE_LBER_H, [Define to 1 if your LDAP needs <lber.h>. (OpenLDAP does not)])
3157: AH_TEMPLATE(HAVE_LDAP, [Define to 1 if you use LDAP for sudoers.])
3158: AH_TEMPLATE(HAVE_LIBINTL_H, [Define to 1 if you have the <libintl.h> header file.])
3159: AH_TEMPLATE(HAVE_LINUX_AUDIT, [Define to 1 to enable Linux audit support.])
3160: AH_TEMPLATE(HAVE_OPIE, [Define to 1 if you use NRL OPIE.])
3161: AH_TEMPLATE(HAVE_PAM, [Define to 1 if you use PAM authentication.])
3162: AH_TEMPLATE(HAVE_PAM_LOGIN, [Define to 1 if you use a specific PAM session for sudo -i.])
3163: AH_TEMPLATE(HAVE_PROJECT_H, [Define to 1 if you have the <project.h> header file.])
3164: AH_TEMPLATE(HAVE_SECURID, [Define to 1 if you use SecurID for authentication.])
3165: AH_TEMPLATE(HAVE_SELINUX, [Define to 1 to enable SELinux RBAC support.])
3166: AH_TEMPLATE(HAVE_SETKEYCREATECON, [Define to 1 if you have the `setkeycreatecon' function.])
3167: AH_TEMPLATE(HAVE_SHL_LOAD, [Define to 1 if you have the `shl_load' function.])
3168: AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if <signal.h> has the sigaction_t typedef.])
3169: AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
3170: AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
3171: AH_TEMPLATE(HAVE_RFC1938_SKEYCHALLENGE, [Define to 1 if the skeychallenge() function is RFC1938-compliant and takes 4 arguments])
3172: AH_TEMPLATE(HAVE_ST__TIM, [Define to 1 if your struct stat uses an st__tim union])
3173: AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member])
3174: AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member])
3175: AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h])
3176: AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.])
3177: AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.])
3178: AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements])
3179: AH_TEMPLATE(LOGGING, [Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH.])
3180: AH_TEMPLATE(LONG_OTP_PROMPT, [Define to 1 if you want a two line OTP (S/Key or OPIE) prompt.])
3181: AH_TEMPLATE(NO_AUTHENTICATION, [Define to 1 if you don't want sudo to prompt for a password by default.])
3182: AH_TEMPLATE(NO_LECTURE, [Define to 1 if you don't want users to get the lecture the first they user sudo.])
3183: AH_TEMPLATE(NO_PAM_SESSION, [Define to 1 if you don't want to use sudo's PAM session support])
3184: AH_TEMPLATE(NO_ROOT_MAILER, [Define to avoid runing the mailer as root.])
3185: AH_TEMPLATE(NO_ROOT_SUDO, [Define to 1 if root should not be allowed to use sudo.])
3186: AH_TEMPLATE(NO_TTY_TICKETS, [Define to 1 if you want a single ticket file instead of per-tty files.])
3187: AH_TEMPLATE(PC_INSULTS, [Define to 1 to replace politically incorrect insults with less offensive ones.])
3188: AH_TEMPLATE(SECURE_PATH, [Define to 1 to override the user's path with a built-in one.])
3189: AH_TEMPLATE(SEND_MAIL_WHEN_NOT_OK, [Define to 1 to send mail when the user is not allowed to run a command.])
3190: AH_TEMPLATE(SEND_MAIL_WHEN_NO_HOST, [Define to 1 to send mail when the user is not allowed to run sudo on this host.])
3191: AH_TEMPLATE(SEND_MAIL_WHEN_NO_USER, [Define to 1 to send mail when the user is not in the sudoers file.])
3192: AH_TEMPLATE(SHELL_IF_NO_ARGS, [Define to 1 if you want sudo to start a shell if given no arguments.])
3193: AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell mode.])
3194: AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
3195: AH_TEMPLATE(UMASK_OVERRIDE, [Define to 1 to use the umask specified in sudoers even when it is less restrictive than the invoking user's.])
3196: AH_TEMPLATE(USE_ADMIN_FLAG, [Define to 1 if you want to create ~/.sudo_as_admin_successful if the user is in the admin group the first time they run sudo.])
3197: AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
3198: AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
3199: AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
3200: AH_TEMPLATE(sig_atomic_t, [Define to `int' if <signal.h> does not define.])
3201: AH_TEMPLATE(__signed, [Define to `signed' or nothing if compiler does not support a signed type qualifier.])
3202: AH_TEMPLATE(HAVE_STRUCT_UTMP_UT_EXIT, [Define to 1 if `ut_exit' is a member of `struct utmp'.])
3203: AH_TEMPLATE(HAVE_STRUCT_UTMPX_UT_EXIT, [Define to 1 if `ut_exit' is a member of `struct utmpx'.])
3204:
3205: dnl
3206: dnl Bits to copy verbatim into config.h.in
3207: dnl
3208: AH_TOP([#ifndef _SUDO_CONFIG_H
3209: #define _SUDO_CONFIG_H])
3210:
3211: AH_BOTTOM([/*
3212: * Macros to convert ctime and mtime into timevals.
3213: */
3214: #define timespec2timeval(_ts, _tv) do { \
3215: (_tv)->tv_sec = (_ts)->tv_sec; \
3216: (_tv)->tv_usec = (_ts)->tv_nsec / 1000; \
3217: } while (0)
3218:
3219: #ifdef HAVE_ST_MTIM
3220: # ifdef HAVE_ST__TIM
3221: # define ctim_get(_x, _y) timespec2timeval(&(_x)->st_ctim.st__tim, (_y))
3222: # define mtim_get(_x, _y) timespec2timeval(&(_x)->st_mtim.st__tim, (_y))
3223: # else
3224: # define ctim_get(_x, _y) timespec2timeval(&(_x)->st_ctim, (_y))
3225: # define mtim_get(_x, _y) timespec2timeval(&(_x)->st_mtim, (_y))
3226: # endif
3227: #else
3228: # ifdef HAVE_ST_MTIMESPEC
3229: # define ctim_get(_x, _y) timespec2timeval(&(_x)->st_ctimespec, (_y))
3230: # define mtim_get(_x, _y) timespec2timeval(&(_x)->st_mtimespec, (_y))
3231: # else
3232: # define ctim_get(_x, _y) do { (_y)->tv_sec = (_x)->st_ctime; (_y)->tv_usec = 0; } while (0)
3233: # define mtim_get(_x, _y) do { (_y)->tv_sec = (_x)->st_mtime; (_y)->tv_usec = 0; } while (0)
3234: # endif /* HAVE_ST_MTIMESPEC */
3235: #endif /* HAVE_ST_MTIM */
3236:
3237: /* GNU stow needs /etc/sudoers to be a symlink. */
3238: #ifdef USE_STOW
3239: # define stat_sudoers stat
3240: #else
3241: # define stat_sudoers lstat
3242: #endif
3243:
3244: /* Macros to set/clear/test flags. */
3245: #undef SET
3246: #define SET(t, f) ((t) |= (f))
3247: #undef CLR
3248: #define CLR(t, f) ((t) &= ~(f))
3249: #undef ISSET
3250: #define ISSET(t, f) ((t) & (f))
3251:
3252: /* ANSI-style OS defs for HP-UX and ConvexOS. */
3253: #if defined(hpux) && !defined(__hpux)
3254: # define __hpux 1
3255: #endif /* hpux */
3256:
3257: #if defined(convex) && !defined(__convex__)
3258: # define __convex__ 1
3259: #endif /* convex */
3260:
3261: /* BSD compatibility on some SVR4 systems. */
3262: #ifdef __svr4__
3263: # define BSD_COMP
3264: #endif /* __svr4__ */
3265:
3266: #endif /* _SUDO_CONFIG_H */])
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to configure.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo