--- embedaddon/sudo/mkpkg 2012/02/21 16:23:02 1.1.1.1 +++ embedaddon/sudo/mkpkg 2013/10/14 07:56:33 1.1.1.5 @@ -1,5 +1,19 @@ #!/bin/sh # +# Copyright (c) 2010-2013 Todd C. Miller +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +# # Build a binary package using polypkg # Usage: mkpkg [--debug] [--flavor flavor] [--platform platform] [--osversion ver] # @@ -78,20 +92,6 @@ top_srcdir=`dirname $0` test -n "$osversion" || exit 1 osrelease=`echo "$osversion" | sed -e 's/^[^0-9]*//' -e 's/-.*$//'` -# Default paths -prefix=/usr/local - -# Linux distros may build binaries as pie files. -# This is really something libtool should figure out, but it does not. -case "$osversion" in - *-s390*|*-sparc*|*-alpha*) - F_PIE=-fPIE - ;; - *) - F_PIE=-fpie - ;; -esac - # Choose compiler options by osversion if not cross-compiling. if [ "$crossbuild" = "false" ]; then case "$osversion" in @@ -120,21 +120,19 @@ fi # We use the same configure options as vendor packages when possible. case "$osversion" in centos*|rhel*) - prefix=/usr if [ $osrelease -ge 40 ]; then # RHEL 4 and up support SELinux configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux" fi if [ $osrelease -ge 50 ]; then - # RHEL 5 and up build pies, have audit support and use a - # separate PAM config file for "sudo -i". - export CFLAGS="-O2 -g $F_PIE" LDFLAGS="-pie" + # RHEL 5 and up has audit support and uses a separate PAM + # config file for "sudo -i". configure_opts="${configure_opts}${configure_opts+$tab}--with-linux-audit" configure_opts="${configure_opts}${configure_opts+$tab}--with-pam-login" PPVARS="${PPVARS}${PPVARS+$space}linux_audit=1.4.0" fi # Note, must indent with tabs, not spaces due to IFS trickery - configure_opts="--prefix=$prefix + configure_opts="--prefix=/usr --with-logging=syslog --with-logfac=authpriv --with-pam @@ -145,15 +143,13 @@ case "$osversion" in --with-tty-tickets --with-ldap --with-passprompt=[sudo] password for %p: + --with-sendmail=/usr/sbin/sendmail $configure_opts" ;; sles*) - prefix=/usr if [ $osrelease -ge 10 ]; then - # SLES 10 and higher build pies - export CFLAGS="-O2 -g $F_PIE" LDFLAGS="-pie" + # SLES 11 and higher has SELinux if [ $osrelease -ge 11 ]; then - # SLES 11 and higher has SELinux configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux" fi fi @@ -165,8 +161,8 @@ case "$osversion" in esac # Note, must indent with tabs, not spaces due to IFS trickery # XXX - SuSE uses secure path but only for env_reset - configure_opts="--prefix=$prefix - --libexecdir=$prefix/$libexec/sudo + configure_opts="--prefix=/usr + --libexecdir=/usr/$libexec --with-logging=syslog --with-logfac=auth --with-all-insults @@ -179,12 +175,15 @@ case "$osversion" in --with-ldap --with-env-editor --with-passprompt=%p\'s password: + --with-sendmail=/usr/sbin/sendmail $configure_opts" make_opts='docdir=$(datarootdir)/doc/packages/$(PACKAGE_TARNAME)' ;; deb*|ubu*) - prefix=/usr + # Man pages should be compressed in .deb files + export MANCOMPRESS='gzip -9' + export MANCOMPRESSEXT='.gz' # If Ubuntu, add --enable-admin-flag case "$osversion" in ubu*) @@ -196,9 +195,9 @@ case "$osversion" in configure_opts="${configure_opts}${configure_opts+$tab}--with-ldap --with-ldap-conf-file=/etc/sudo-ldap.conf" fi + configure_opts="${configure_opts}${configure_opts+$tab}--with-selinux" configure_opts="--prefix=/usr --with-all-insults - --with-exempt=sudo --with-pam --enable-zlib=system --with-fqdn @@ -214,22 +213,85 @@ case "$osversion" in --disable-setresuid --with-sendmail=/usr/sbin/sendmail --mandir=/usr/share/man - --libexecdir=/usr/lib/sudo + --libexecdir=/usr/lib --with-secure-path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin $configure_opts" ;; + macos*) + case "$osversion" in + *i386|*x86_64) + # Build intel-only universal binaries + ARCH_FLAGS="-arch i386 -arch x86_64" + ;; + esac + if test "${osversion}" != "`$top_srcdir/pp --probe`"; then + sdkvers=`echo "${osversion}" | sed 's/^macos\([0-9][0-9]\)\([0-9]*\)-.*$/\1.\2/'` + # Newer Xcode puts /Developer under the app Contents dir. + SDK_DIR="/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs" + if test -d "${SDK_DIR}/MacOSX${sdkvers}.sdk"; then + SDK_DIR="${SDK_DIR}/MacOSX${sdkvers}.sdk" + elif test -d "/Developer/SDKs/MacOSX${sdkvers}.sdk"; then + SDK_DIR="/Developer/SDKs/MacOSX${sdkvers}.sdk" + fi + SDK_FLAGS="-isysroot ${SDK_DIR} -mmacosx-version-min=${sdkvers}" + fi + export CFLAGS="-O2 -g $ARCH_FLAGS $SDK_FLAGS" + export LDFLAGS="$ARCH_FLAGS $SDK_FLAGS" + # Note, must indent with tabs, not spaces due to IFS trickery + configure_opts="--with-pam + --with-bsm-audit + --without-tty-tickets + --enable-zlib=system + --with-ldap + --with-insults=disabled + --with-logging=syslog + --with-logfac=authpriv + --with-editor=/usr/bin/vim + --with-env-editor + $configure_opts" + ;; + aix*) + # Use -gxcoff with gcc instead of -g for dbx-style debugging symbols. + if test -z "$CC" && gcc -v >/dev/null 2>&1; then + CFLAGS=-gxcoff; export CFLAGS + fi + # Note, must indent with tabs, not spaces due to IFS trickery + # Note: we include our own zlib instead of relying on the + # AIX freeware version being installed. + configure_opts=" + --prefix=/opt/freeware + --mandir=/opt/freeware/man + --with-insults=disabled + --with-logging=syslog + --with-logfac=auth + --with-editor=/usr/bin/vi + --with-env-editor + --enable-zlib=builtin + --disable-nls + --with-sendmail=/usr/sbin/sendmail + $configure_opts" + PPVARS="${PPVARS}${PPVARS+$space}aix_freeware=true" + ;; *) # For Solaris, add project support and use let configure choose zlib. # For all others, use the builtin zlib and disable NLS support. case "$osversion" in - sol*) configure_opts="${configure_opts}${configure_opts+$tab}--with-project";; - *) configure_opts="${configure_opts}${configure_opts+$tab}--enable-zlib=builtin${tab}--disable-nls";; + sol*) + configure_opts="${configure_opts}${configure_opts+$tab}--with-project" + + if [ $osrelease -ge 11 ]; then + configure_opts="${configure_opts}${configure_opts+$tab}--with-bsm-audit" + fi + ;; + *) + configure_opts="${configure_opts}${configure_opts+$tab}--enable-zlib=builtin${tab}--disable-nls" + ;; esac if test "$flavor" = "ldap"; then configure_opts="${configure_opts}${configure_opts+$tab}--with-ldap" fi # Note, must indent with tabs, not spaces due to IFS trickery - configure_opts="--prefix=$prefix + configure_opts=" --with-insults=disabled --with-logging=syslog --with-logfac=auth