Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 12 Aug 2007 14:50:34 +0300
From:      Vasil Dimov <vd@FreeBSD.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        tmclaugh@FreeBSD.org
Subject:   ports/115442: [patch] security/sudo: workaround a bug in configure.in
Message-ID:  <20070812115034.GA72899@polejan.hw.v5d.org>
Resent-Message-ID: <200708121200.l7CC08uQ082129@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         115442
>Category:       ports
>Synopsis:       [patch] security/sudo: workaround a bug in configure.in
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Aug 12 12:00:07 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Vasil Dimov
>Release:        FreeBSD 6.2-STABLE i386
>Organization:
N/A
>Environment:

6.2-STABLE FreeBSD 6.2-STABLE #2: Sat Aug 11 10:36:45 EEST 2007

>Description:

When using the NOEXEC option I get this error:

/libexec/ld-elf.so.1: Cannot open "/usr/local/libexec/sudo_noexec"

this is because for some reason the shrext variable in configure.in is
empty, thus sudo_noexec.so becomes sudo_noexec

The patch is just a workaround.

>How-To-Repeat:

Use sudo with NOEXEC option in sudoers.

>Fix:

--- sudo_noexec.diff begins here ---
--- sudo/Makefile.orig	2007-08-12 14:42:57.000000000 +0300
+++ sudo/Makefile	2007-08-12 14:46:43.000000000 +0300
@@ -7,7 +7,7 @@
 
 PORTNAME=	sudo
 PORTVERSION=	1.6.9.3
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	http://www.sudo.ws/sudo/dist/ \
 		http://probsd.org/sudoftp/ \
@@ -33,7 +33,8 @@
 		--with-env-editor \
 		--with-logincap \
 		--with-long-otp-prompt \
-		--with-pam
+		--with-pam \
+		--with-noexec=${PREFIX}/libexec/sudo_noexec.so
 
 OPTIONS=	LDAP	"With LDAP support" off \
 		INSULTS "With all insults" off \
--- sudo_noexec.diff ends here ---


-- 
Vasil Dimov
moc.elcaro@vomid.lisav        Software Developer @ Oracle/Innobase Oy
gro.DSBeerF@dv                Committer @ FreeBSD.org
gro.d5v@dv                    Home @ Sofia, Bulgaria
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070812115034.GA72899>