--- a/components/sudo/Makefile Tue May 29 15:25:04 2012 -0700
+++ b/components/sudo/Makefile Tue Jun 05 09:51:55 2012 -0700
@@ -25,12 +25,13 @@
include ../../make-rules/shared-macros.mk
COMPONENT_NAME= sudo
-SRC_VERSION= 1.8.3
-SRC_PATCH_VERSION= 2
+SRC_VERSION= 1.8.4
+SRC_PATCH_VERSION= 5
COMPONENT_VERSION= $(SRC_VERSION).$(SRC_PATCH_VERSION)
COMPONENT_SRC= $(COMPONENT_NAME)-$(SRC_VERSION)p$(SRC_PATCH_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
-COMPONENT_ARCHIVE_HASH= sha1:37d70b133f809116ce631229fa0e727d9f5125ad
+COMPONENT_ARCHIVE_HASH= \
+ sha256:cf41ea1ada17c0dfbd8480dd9dc800999e0db9f2972ffa8f7a2944751ad32aba
COMPONENT_ARCHIVE_URL= http://www.sudo.ws/sudo/dist/$(COMPONENT_ARCHIVE)
COMPONENT_PROJECT_URL= http://www.sudo.ws/
--- a/components/sudo/patches/audit-event.patch Tue May 29 15:25:04 2012 -0700
+++ b/components/sudo/patches/audit-event.patch Tue Jun 05 09:51:55 2012 -0700
@@ -1,72 +1,63 @@
---- sudo-1.8.3p2/plugins/sudoers/bsm_audit.c Fri Oct 21 14:01:25 2011
-+++ /tmp/bsm_audit.c Mon Jan 30 17:06:00 2012
-@@ -30,8 +30,10 @@
- #include <errno.h>
- #include <unistd.h>
-
-+#include "gettext.h"
- #include "bsm_audit.h"
-
-+
- /*
- * Solaris auditon() returns EINVAL if BSM audit not configured.
- * OpenBSM returns ENOSYS for unimplemented options.
-@@ -100,7 +102,7 @@
+diff -rupN sudo-1.8.4p5.orig/plugins/sudoers/bsm_audit.c sudo-1.8.4p5/plugins/sudoers/bsm_audit.c
+--- sudo-1.8.4p5.orig/plugins/sudoers/bsm_audit.c 2012-03-29 10:37:01.000000000 -0700
++++ sudo-1.8.4p5/plugins/sudoers/bsm_audit.c 2012-05-18 14:20:39.003982000 -0700
+@@ -104,7 +104,7 @@ bsm_audit_success(char **exec_args)
log_error(0, _("au_open: failed"));
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
- getuid(), pid, pid, &ainfo_addr.ai_termid);
-+ getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
++ getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
} else if (errno == ENOSYS) {
/*
* NB: We should probably watch out for ERANGE here.
-@@ -108,7 +110,7 @@
+@@ -112,7 +112,7 @@ bsm_audit_success(char **exec_args)
if (getaudit(&ainfo) < 0)
log_error(0, _("getaudit: failed"));
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
- getuid(), pid, pid, &ainfo.ai_termid);
-+ getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid);
++ getuid(), pid, ainfo.ai_asid, &ainfo.ai_termid);
} else
log_error(0, _("getaudit: failed"));
if (tok == NULL)
-@@ -122,7 +124,7 @@
+@@ -126,7 +126,7 @@ bsm_audit_success(char **exec_args)
if (tok == NULL)
log_error(0, _("au_to_return32: failed"));
au_write(aufd, tok);
- if (au_close(aufd, 1, AUE_sudo) == -1)
+ if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
log_error(0, _("unable to commit audit record"));
+ debug_return;
}
-
-@@ -142,7 +144,7 @@
+@@ -148,7 +148,7 @@ bsm_audit_failure(char **exec_args, char
/*
* If we are not auditing, don't cut an audit record; just return.
*/
- if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
+ if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)
- return;
+ debug_return;
log_error(0, _("Could not determine audit condition"));
-@@ -157,12 +159,12 @@
+@@ -163,12 +163,12 @@ bsm_audit_failure(char **exec_args, char
log_error(0, _("au_open: failed"));
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
- getuid(), pid, pid, &ainfo_addr.ai_termid);
-+ getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
++ getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
} else if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)
log_error(0, _("getaudit: failed"));
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
- getuid(), pid, pid, &ainfo.ai_termid);
-+ getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid);
++ getuid(), pid, ainfo.ai_asid, &ainfo.ai_termid);
} else
log_error(0, _("getaudit: failed"));
if (tok == NULL)
-@@ -181,6 +183,6 @@
+@@ -187,7 +187,7 @@ bsm_audit_failure(char **exec_args, char
if (tok == NULL)
log_error(0, _("au_to_return32: failed"));
au_write(aufd, tok);
- if (au_close(aufd, 1, AUE_sudo) == -1)
+ if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
log_error(0, _("unable to commit audit record"));
+ debug_return;
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/sudo/patches/compat-Makefile-in.patch Tue Jun 05 09:51:55 2012 -0700
@@ -0,0 +1,12 @@
+diff -rupN sudo-1.8.4p5.orig/compat/Makefile.in sudo-1.8.4p5/compat/Makefile.in
+--- sudo-1.8.4p5.orig/compat/Makefile.in 2012-03-29 10:37:00.000000000 -0700
++++ sudo-1.8.4p5/compat/Makefile.in 2012-05-17 11:19:30.429987000 -0700
+@@ -181,6 +181,8 @@ mktemp.lo: $(srcdir)/mktemp.c $(top_buil
+ nanosleep.lo: $(srcdir)/nanosleep.c $(top_builddir)/config.h \
+ $(top_srcdir)/compat/timespec.h $(incdir)/missing.h
+ $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/nanosleep.c
++pw_dup.lo: $(srcdir)/pw_dup.c $(top_builddir)/config.h
++ $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/pw_dup.c
+ setenv.lo: $(srcdir)/setenv.c $(top_builddir)/config.h $(incdir)/missing.h
+ $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/setenv.c
+ siglist.lo: siglist.c $(top_builddir)/config.h $(incdir)/missing.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/sudo/patches/sudo_debug.patch Tue Jun 05 09:51:55 2012 -0700
@@ -0,0 +1,11 @@
+diff -rupN sudo-1.8.4p5.orig/include/sudo_debug.h sudo-1.8.4p5/include/sudo_debug.h
+--- sudo-1.8.4p5.orig/include/sudo_debug.h 2012-03-29 10:37:01.000000000 -0700
++++ sudo-1.8.4p5/include/sudo_debug.h 2012-05-18 11:18:27.886010000 -0700
+@@ -17,6 +17,7 @@
+ #ifndef _SUDO_DEBUG_H
+ #define _SUDO_DEBUG_H
+
++#include "missing.h"
+ #include <stdarg.h>
+
+ /*
--- a/components/sudo/sudo.license Tue May 29 15:25:04 2012 -0700
+++ b/components/sudo/sudo.license Tue Jun 05 09:51:55 2012 -0700
@@ -1,6 +1,15 @@
-Sudo is distributed under the following ISC-style license:
+----------------
+- sudo 1.8.4p5 -
+----------------
+
+Oracle Internal Tracking Number: 5104
- Copyright (c) 1994-1996, 1998-2011
+Copyright (c) 2009 Christian S.J. Peron
+Copyright (c) 2008 Dan Walsh <[email protected]>
+
+Sudo is distributed under the following license:
+
+ Copyright (c) 1994-1996, 1998-2012
Todd C. Miller <[email protected]>
Permission to use, copy, modify, and distribute this software for any
@@ -19,10 +28,31 @@
Agency (DARPA) and Air Force Research Laboratory, Air Force
Materiel Command, USAF, under agreement number F39502-99-1-0512.
-The files fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h and snprintf.c
-bear the following UCB license:
+The file redblack.c bears the following license:
- Copyright (c) 1987, 1989, 1990, 1991, 1992, 1993, 1994
+ Copyright (c) 2001 Emin Martinian
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that neither the name of Emin
+ Martinian nor the names of any contributors are be used to endorse or
+ promote products derived from this software without specific prior
+ written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+The files getcwd.c, glob.c, glob.h and snprintf.c bear the following license:
+
+ Copyright (c) 1989, 1990, 1991, 1993
The Regents of the University of California. All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -49,6 +79,33 @@
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
+The file fnmatch.c bears the following license:
+
+ Copyright (c) 2011, VMware, Inc.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the VMware, Inc. nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL VMWARE, INC. OR CONTRIBUTORS BE LIABLE FOR
+ ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
The embedded copy of zlib bears the following license:
Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
--- a/components/sudo/sudo.p5m Tue May 29 15:25:04 2012 -0700
+++ b/components/sudo/sudo.p5m Tue Jun 05 09:51:55 2012 -0700
@@ -44,14 +44,12 @@
dir path=usr/share
dir path=usr/share/doc
dir path=usr/share/doc/sudo
-dir path=usr/share/lib
-dir path=usr/share/lib/ldif group=sys
dir path=usr/share/man
dir path=usr/share/man/man1m
dir path=usr/share/man/man4
-file path=etc/sudoers original_name=SUNWsudo:etc/sudoers preserve=true \
- mode=0440 group=root
+file path=etc/sudoers original_name=SUNWsudo:etc/sudoers overlay=allow \
+ preserve=true mode=0440 group=root
file path=usr/bin/sudo mode=4511
file path=usr/bin/sudoreplay mode=0511
file path=usr/sbin/visudo mode=0511
@@ -85,7 +83,3 @@
hardlink path=usr/bin/sudoedit target=sudo
license sudo.license license="ISC-like, BSD, zlib license"
-
-legacy pkg=SUNWsudo \
- desc="sudo - Tool to allow certain tasks to be run as root by ordinary users." \
- name="sudo - Tool to allow certain tasks to be run as root by ordinary users."