sudo 1.6.4 beta3 now available

Bob Proulx rwp at hprwp.fc.hp.com
Mon Dec 31 12:59:57 EST 2001 

> The thrid beta version of sudo 1.6.4 is now available.  If there are no
> problems found I will rewrap this as a release candidate.

I have been using it briefly on HP-UX and Linux and have so far not
seen any issues.  It looks good.  Thanks for the addition of -c and -f
options to visudo.

I would like to make some suggestions concerning building sudo from
source.  Maybe not for this release since it is ready to go but
perhaps for the next release.  I don't have fully formed suggestions.
But I decided to start the discussion regardless since my thoughts
would probably never be fully formed.  :-)

I always build as a non-root user, then I always install into a
staging area with 'make prefix=/tmp/tmppath install' to create an
image, and then I package that image into a distributable package.
Unfortunately the Makefile.in includes commands to set the uid/gid
and mode as part of the installation and fails when run as non-root.
Which means I always have to modify the Makefile.in prior to configure
time to remove those commands when I build a new version of sudo.  (I
will include the differences at the end of this message for reference.
It is NOT suitable as a general patch.  I just want to make the
discussion concrete.)

It would be much nicer if there were different targets for installing
the files and then setting the uid/gid as a separate target.  This way
staging area images could be created much more easily.  Perhaps
something like:

  install: install-files install-sudoers install-ownerships

  install-files: install-dirs install-binaries install-man

This way the default behavior is maintained but a new target
'install-files' is available for people who are packaging the files in
a staging area.  The ownerships and the /etc/sudoers file will be set
by other means when packaging.  A new target 'install-ownerships'
would perform the actual chown commands by default when using
'install' but can be avoided by using 'install-files'.

Also part of this is that if you actually try to install for the very
first time into a staging area the install-sudoers target wants to see
/etc/sudoers there and is not happy unless one exists.  This creates a
bootstrapping issue.  Therefore it also needs to be a separate target.

I am not an automake expert but picking target names that are
compatible would be good for a future conversion to automake.  I took
a swag at 'install-files' but I am not sure that is the best name.  I
always strip distributed binaries and the automake target for that is
'install-strip' which leaves me wondering about 'install-files-strip'
or some such.  But then life starts getting way to complicated.

Supporting 'make DESTDIR=/tmp/path install' would be a plus.  Since I
package up a lot of things I always have to check different utilities,
does it support DESTDIR to redirect image builds or not?

I would like the ability to change the man page section at configure
time.  Currently a large case statement sets the man page section to
1m for a variety of platforms including hpux.  However I personally
like to use section 8 for compatibility reasons.  But there is no
method to override the script selection at this time.  Therefore I
usually have to munge the configure script to override the case
statement selected value.  It would be nicer if I could select an
override somehow.

Using autoconf-2.52 which has better support for hpux would improve
the configure script.  Your configure time case statement could be
shortened considerably for the hpux cases.  But I am not sure how
involved it would be for you to upgrade.  It is working suitably fine
as is with the older autoconf.

Bob


diff -ru ../sudo-1.6.4b3.original/Makefile.in ./Makefile.in
--- ../sudo-1.6.4b3.original/Makefile.in	Sun Dec 30 11:58:34 2001
+++ ./Makefile.in	Sun Dec 30 17:14:48 2001
@@ -285,14 +285,14 @@
 
 sudoers.cat: sudoers.man
 
-install: install-dirs install-binaries install-sudoers install-man
+install: install-dirs install-binaries install-man
 
 install-dirs:
 	$(SHELL) $(srcdir)/mkinstalldirs $(sudodir) $(visudodir) $(sudoersdir) $(mandirsu) $(mandirform)
 
 install-binaries: $(PROGS)
-	$(INSTALL) -o $(install_uid) -g $(install_gid) -m 4111 -s sudo $(sudodir)/sudo
-	$(INSTALL) -o $(install_uid) -g $(install_gid) -m 0111 -s visudo $(visudodir)/visudo
+	$(INSTALL) -s sudo $(sudodir)/sudo
+	$(INSTALL) -s visudo $(visudodir)/visudo
 
 install-sudoers:
 	@if [ -f $(sudoersdir)/sudoers ]; then \
@@ -301,14 +301,14 @@
 	    chgrp $(sudoers_gid) $(sudoersdir)/sudoers; \
 	    chmod $(sudoers_mode) $(sudoersdir)/sudoers; \
 	else \
-	    $(INSTALL) -o $(sudoers_uid) -g $(sudoers_gid) -m $(sudoers_mode) \
+	    $(INSTALL) \
 		$(srcdir)/sudoers $(sudoersdir)/sudoers; \
 	fi
 
 install-man:
-	$(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 @mansrcdir@/sudo.$(mantype) $(mandirsu)/sudo.$(mansectsu)
-	$(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 @mansrcdir@/visudo.$(mantype) $(mandirsu)/visudo.$(mansectsu)
-	$(INSTALL) -o $(install_uid) -g $(install_gid) -m 0444 @mansrcdir@/sudoers.$(mantype) $(mandirform)/sudoers.$(mansectform)
+	$(INSTALL) @mansrcdir@/sudo.$(mantype) $(mandirsu)/sudo.$(mansectsu)
+	$(INSTALL) @mansrcdir@/visudo.$(mantype) $(mandirsu)/visudo.$(mansectsu)
+	$(INSTALL) @mansrcdir@/sudoers.$(mantype) $(mandirform)/sudoers.$(mansectform)
 @MAN_POSTINSTALL@
 
 check:

More information about the sudo-workers mailing list