From 56bd759df1d0c750a065b8c845e93d5dfa6b549d Mon Sep 17 00:00:00 2001
From: "Robin H. Johnson" <robbat2@gentoo.org>
Date: Sat, 8 Aug 2015 13:49:04 -0700
Subject: proj/gentoo: Initial commit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
---
 app-admin/sudo/sudo-9999.ebuild | 202 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 202 insertions(+)
 create mode 100644 app-admin/sudo/sudo-9999.ebuild

(limited to 'app-admin/sudo/sudo-9999.ebuild')

diff --git a/app-admin/sudo/sudo-9999.ebuild b/app-admin/sudo/sudo-9999.ebuild
new file mode 100644
index 000000000000..c1143830b2e5
--- /dev/null
+++ b/app-admin/sudo/sudo-9999.ebuild
@@ -0,0 +1,202 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils pam multilib libtool
+if [[ ${PV} == "9999" ]] ; then
+	EHG_REPO_URI="http://www.sudo.ws/repos/sudo"
+	inherit mercurial
+fi
+
+MY_P=${P/_/}
+MY_P=${MY_P/beta/b}
+
+uri_prefix=
+case ${P} in
+*_beta*|*_rc*) uri_prefix=beta/ ;;
+esac
+
+DESCRIPTION="Allows users or groups to run commands as other users"
+HOMEPAGE="http://www.sudo.ws/"
+if [[ ${PV} != "9999" ]] ; then
+	SRC_URI="http://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
+		ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~sparc-solaris"
+fi
+
+# Basic license is ISC-style as-is, some files are released under
+# 3-clause BSD license
+LICENSE="ISC BSD"
+SLOT="0"
+IUSE="ldap nls pam offensive selinux skey +sendmail"
+
+DEPEND="pam? ( virtual/pam )
+	skey? ( >=sys-auth/skey-1.1.5-r1 )
+	ldap? (
+		>=net-nds/openldap-2.1.30-r1
+		dev-libs/cyrus-sasl
+	)
+	sys-libs/zlib"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-sudo )
+	ldap? ( dev-lang/perl )
+	pam? ( sys-auth/pambase )
+	>=app-misc/editor-wrapper-3
+	virtual/editor
+	sendmail? ( virtual/mta )"
+DEPEND="${DEPEND}
+	sys-devel/bison"
+
+S=${WORKDIR}/${MY_P}
+
+REQUIRED_USE="pam? ( !skey ) skey? ( !pam )"
+
+MAKEOPTS+=" SAMPLES="
+
+src_prepare() {
+	elibtoolize
+}
+
+set_rootpath() {
+	# FIXME: secure_path is a compile time setting. using ROOTPATH
+	# is not perfect, env-update may invalidate this, but until it
+	# is available as a sudoers setting this will have to do.
+	einfo "Setting secure_path ..."
+
+	# first extract the default ROOTPATH from build env
+	ROOTPATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
+	if [[ -z ${ROOTPATH} ]] ; then
+		ewarn "	Failed to find ROOTPATH, please report this"
+	fi
+
+	# then remove duplicate path entries
+	cleanpath() {
+		local newpath thisp IFS=:
+		for thisp in $1 ; do
+			if [[ :${newpath}: != *:${thisp}:* ]] ; then
+				newpath+=:$thisp
+			else
+				einfo "   Duplicate entry ${thisp} removed..."
+			fi
+		done
+		ROOTPATH=${newpath#:}
+	}
+	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}}
+
+	# finally, strip gcc paths #136027
+	rmpath() {
+		local e newpath thisp IFS=:
+		for thisp in ${ROOTPATH} ; do
+			for e ; do [[ $thisp == $e ]] && continue 2 ; done
+			newpath+=:$thisp
+		done
+		ROOTPATH=${newpath#:}
+	}
+	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
+
+	einfo "... done"
+}
+
+src_configure() {
+	local ROOTPATH
+	set_rootpath
+
+	# audit: somebody got to explain me how I can test this before I
+	# enable it.. - Diego
+	# plugindir: autoconf code is crappy and does not delay evaluation
+	# until `make` time, so we have to use a full path here rather than
+	# basing off other values.
+	econf \
+		--enable-zlib=system \
+		--with-secure-path="${ROOTPATH}" \
+		--with-editor="${EPREFIX}"/usr/libexec/editor \
+		--with-env-editor \
+		$(use_with offensive insults) \
+		$(use_with offensive all-insults) \
+		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
+		$(use_with ldap) \
+		$(use_enable nls) \
+		$(use_with pam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_with sendmail) \
+		--without-opie \
+		--without-linux-audit \
+		--with-rundir="${EPREFIX}"/var/run/sudo \
+		--with-vardir="${EPREFIX}"/var/db/sudo \
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo \
+		--docdir="${EPREFIX}"/usr/share/doc/${PF}
+}
+
+src_install() {
+	default
+
+	if use ldap ; then
+		dodoc README.LDAP doc/schema.OpenLDAP
+		dosbin plugins/sudoers/sudoers2ldif
+
+		cat <<-EOF > "${T}"/ldap.conf.sudo
+		# See ldap.conf(5) and README.LDAP for details
+		# This file should only be readable by root
+
+		# supported directives: host, port, ssl, ldap_version
+		# uri, binddn, bindpw, sudoers_base, sudoers_debug
+		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
+		EOF
+
+		insinto /etc
+		doins "${T}"/ldap.conf.sudo
+		fperms 0440 /etc/ldap.conf.sudo
+	fi
+
+	pamd_mimic system-auth sudo auth account session
+
+	keepdir /var/db/sudo
+	fperms 0700 /var/db/sudo
+
+	# Don't install into /var/run as that is a tmpfs most of the time
+	# (bug #504854)
+	rm -rf "${D}"/var/run
+}
+
+pkg_postinst() {
+	if use ldap ; then
+		ewarn
+		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
+		ewarn
+		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
+			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
+			ewarn "configured in /etc/nsswitch.conf."
+			ewarn
+			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
+			ewarn "  sudoers: ldap files"
+			ewarn
+		fi
+	fi
+	if use prefix ; then
+		ewarn
+		ewarn "To use sudo, you need to change file ownership and permissions"
+		ewarn "with root privileges, as follows:"
+		ewarn
+		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
+		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
+		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
+		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
+		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
+		ewarn
+	fi
+
+	elog "To use the -A (askpass) option, you need to install a compatible"
+	elog "password program from the following list. Starred packages will"
+	elog "automatically register for the use with sudo (but will not force"
+	elog "the -A option):"
+	elog ""
+	elog " [*] net-misc/ssh-askpass-fullscreen"
+	elog "     net-misc/x11-ssh-askpass"
+	elog ""
+	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
+	elog "variable to the program you want to use."
+}
-- 
cgit v1.2.3-65-gdbad