Date: Sun, 12 Aug 2007 14:50:34 +0300 From: Vasil Dimov <vd@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: tmclaugh@FreeBSD.org Subject: ports/115442: [patch] security/sudo: workaround a bug in configure.in Message-ID: <20070812115034.GA72899@polejan.hw.v5d.org> Resent-Message-ID: <200708121200.l7CC08uQ082129@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 115442 >Category: ports >Synopsis: [patch] security/sudo: workaround a bug in configure.in >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Aug 12 12:00:07 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Vasil Dimov >Release: FreeBSD 6.2-STABLE i386 >Organization: N/A >Environment: 6.2-STABLE FreeBSD 6.2-STABLE #2: Sat Aug 11 10:36:45 EEST 2007 >Description: When using the NOEXEC option I get this error: /libexec/ld-elf.so.1: Cannot open "/usr/local/libexec/sudo_noexec" this is because for some reason the shrext variable in configure.in is empty, thus sudo_noexec.so becomes sudo_noexec The patch is just a workaround. >How-To-Repeat: Use sudo with NOEXEC option in sudoers. >Fix: --- sudo_noexec.diff begins here --- --- sudo/Makefile.orig 2007-08-12 14:42:57.000000000 +0300 +++ sudo/Makefile 2007-08-12 14:46:43.000000000 +0300 @@ -7,7 +7,7 @@ PORTNAME= sudo PORTVERSION= 1.6.9.3 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= http://www.sudo.ws/sudo/dist/ \ http://probsd.org/sudoftp/ \ @@ -33,7 +33,8 @@ --with-env-editor \ --with-logincap \ --with-long-otp-prompt \ - --with-pam + --with-pam \ + --with-noexec=${PREFIX}/libexec/sudo_noexec.so OPTIONS= LDAP "With LDAP support" off \ INSULTS "With all insults" off \ --- sudo_noexec.diff ends here --- -- Vasil Dimov moc.elcaro@vomid.lisav Software Developer @ Oracle/Innobase Oy gro.DSBeerF@dv Committer @ FreeBSD.org gro.d5v@dv Home @ Sofia, Bulgaria >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070812115034.GA72899>