diff options
author | Lenni vH | 2020-08-18 18:03:22 +0200 |
---|---|---|
committer | Lenni vH | 2020-08-18 18:03:22 +0200 |
commit | 4b78582491c876b6bd31c2055396644564f056c5 (patch) | |
tree | e3e296f220da95db609a0b2eea6f07a594654513 | |
parent | f53e14cee3b4fb5d91a483bf7f0e9ca8a87c5810 (diff) | |
download | aur-4b78582491c876b6bd31c2055396644564f056c5.tar.gz |
updated to 6.3p2, added example config, fixed some Makefile issues
-rw-r--r-- | .SRCINFO | 21 | ||||
-rw-r--r-- | .gitignore | 10 | ||||
-rw-r--r-- | 00-Makefile.patch | 54 | ||||
-rw-r--r-- | PKGBUILD | 27 | ||||
-rw-r--r-- | doas-pam | 10 | ||||
-rw-r--r-- | doas.conf | 43 | ||||
-rw-r--r-- | doas.patch | 145 |
7 files changed, 134 insertions, 176 deletions
@@ -1,23 +1,28 @@ pkgbase = doas - pkgdesc = Port of OpenBSD's doas(1), an alternative to sudo(1) - pkgver = 6.2p2 + pkgdesc = A port of OpenBSD's doas(1), an alternative to sudo(1) + pkgver = 6.3p2 pkgrel = 1 url = https://github.com/slicer69/doas arch = i686 arch = x86_64 arch = armv6h arch = armv7h - license = custom: ISC + license = BSD depends = pam + depends = bison provides = doas replaces = opendoas replaces = opendoas-git - source = doas-6.2p2.tar.gz::https://github.com/slicer69/doas/archive/6.2p2.tar.gz - source = doas.patch + backup = etc/doas.conf + backup = etc/pam.d/doas + source = doas-6.3p2.tar.gz::https://github.com/slicer69/doas/archive/6.3p2.tar.gz + source = 00-Makefile.patch source = doas-pam - sha256sums = b8dc7e3357d12335ab6890d8303523862112416136bb50f170400cf5746dfd16 - sha256sums = 44c737230bb5dcd797a856c3298a4154d49fea2c1823a0531dcb43076f42caee - sha256sums = f61f6b6d2e495dac44dd0d5ee870edf6d8bacbcc8a5059d74c4b91d2bf5c9d6f + source = doas.conf + sha256sums = 037813a404bfe35289f2c6cb22a8c4de6f636b2a491e546a90d2ae2afa54aa64 + sha256sums = 600c7686b4c52bb28951e6e0815530d4bc8fec159637ad93d9b0757e750bcabd + sha256sums = b064704fb3448c3511904c3963b0e167ecf6274aea48afb9c42d452447dfd042 + sha256sums = 1f28802fad6ae0eaa5b94bb8d945ada923631ddfb7ae63e934962dbe41774976 pkgname = doas diff --git a/.gitignore b/.gitignore index 6710816c579a..aa5449ee3fad 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,4 @@ -* -!/PKGBUILD -!/.SRCINFO -!/.gitignore -!/doas.patch -!/doas-pam +doas-*.pkg.* +doas-*.tar.gz +pkg/ +src/ diff --git a/00-Makefile.patch b/00-Makefile.patch new file mode 100644 index 000000000000..a4c5f0011801 --- /dev/null +++ b/00-Makefile.patch @@ -0,0 +1,54 @@ +--- src/doas-6.3p2/Makefile 2020-08-07 23:42:52.000000000 +0200 ++++ Makefile 2020-08-18 17:14:50.982152763 +0200 +@@ -2,10 +2,10 @@ + CC?=clang + YACC?=yacc + BIN=doas +-PREFIX?=/usr/local ++PREFIX=/usr + MANDIR?=$(DESTDIR)$(PREFIX)/man +-SYSCONFDIR?=$(DESTDIR)$(PREFIX)/etc +-OBJECTS=doas.o env.o compat/execvpe.o compat/reallocarray.o y.tab.o ++SYSCONFDIR?=$(DESTDIR)$(PREFIX)/etc ++OBJECTS=doas.o env.o compat/execvpe.o compat/reallocarray.o y.tab.o + OPT?=-O2 + # Can set GLOBAL_PATH here to set PATH for target user. + # TARGETPATH=-DGLOBAL_PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:\" +@@ -13,32 +13,11 @@ + CPPFLAGS+=-include compat/compat.h + LDFLAGS+=-lpam + UNAME_S := $(shell uname -s) +-ifeq ($(UNAME_S),Linux) +- LDFLAGS+=-lpam_misc +- CPPFLAGS+=-Icompat +- CFLAGS+=-D_GNU_SOURCE +- COMPAT+=closefrom.o errc.o getprogname.o setprogname.o strlcat.o strlcpy.o strtonum.o verrc.o +- OBJECTS+=$(COMPAT:%.o=compat/%.o) +-endif +-ifeq ($(UNAME_S),FreeBSD) +- CFLAGS+=-DHAVE_LOGIN_CAP_H +- LDFLAGS+=-lutil +-endif +-ifeq ($(UNAME_S),SunOS) +- SAFE_PATH?=/bin:/sbin:/usr/bin:/usr/sbin:$(PREFIX)/bin:$(PREFIX)/sbin +- GLOBAL_PATH?=/bin:/sbin:/usr/bin:/usr/sbin:$(PREFIX)/bin:$(PREFIX)/sbin +- CPPFLAGS+=-Icompat +- CFLAGS+=-DSOLARIS_PAM -DSAFE_PATH=\"$(SAFE_PATH)\" -DGLOBAL_PATH=\"$(GLOBAL_PATH)\" +- COMPAT=errc.o pm_pam_conv.o setresuid.o verrc.o +- OBJECTS+=$(COMPAT:%.o=compat/%.o) +-endif +-ifeq ($(UNAME_S),Darwin) +- CPPFLAGS+=-Icompat +- COMPAT+=bsd-closefrom.o +- OBJECTS+=$(COMPAT:%.o=compat/%.o) +- # On MacOS the default man page path is /usr/local/share/man +- MANDIR=$(DESTDIR)$(PREFIX)/share/man +-endif ++LDFLAGS+=-lpam_misc ++CPPFLAGS+=-Icompat ++CFLAGS+=-D_GNU_SOURCE ++COMPAT+=closefrom.o errc.o getprogname.o setprogname.o strlcat.o strlcpy.o strtonum.o verrc.o ++OBJECTS+=$(COMPAT:%.o=compat/%.o) + + all: $(OBJECTS) doas.1.final doas.conf.5.final + $(CC) -o $(BIN) $(OBJECTS) $(LDFLAGS) @@ -1,24 +1,28 @@ -# Maintainer: Stephen Gregoratto <dev@sgregoratto.me> +# Maintainer: lennivh24@gmail.com pkgname=doas -pkgver=6.2p2 +pkgver=6.3p2 pkgrel=1 -pkgdesc="Port of OpenBSD's doas(1), an alternative to sudo(1)" -license=('custom: ISC') +pkgdesc="A port of OpenBSD's doas(1), an alternative to sudo(1)" +license=('BSD') url="https://github.com/slicer69/doas" arch=('i686' 'x86_64' 'armv6h' 'armv7h') -depends=('pam') +depends=('pam' 'bison') +backup=('etc/doas.conf' + 'etc/pam.d/doas') provides=('doas') replaces=('opendoas' 'opendoas-git') source=("$pkgname-$pkgver.tar.gz::$url/archive/$pkgver.tar.gz" - 'doas.patch' - 'doas-pam') -sha256sums=('b8dc7e3357d12335ab6890d8303523862112416136bb50f170400cf5746dfd16' - '44c737230bb5dcd797a856c3298a4154d49fea2c1823a0531dcb43076f42caee' - 'f61f6b6d2e495dac44dd0d5ee870edf6d8bacbcc8a5059d74c4b91d2bf5c9d6f') + '00-Makefile.patch' + 'doas-pam' + 'doas.conf') +sha256sums=('037813a404bfe35289f2c6cb22a8c4de6f636b2a491e546a90d2ae2afa54aa64' + '600c7686b4c52bb28951e6e0815530d4bc8fec159637ad93d9b0757e750bcabd' + 'b064704fb3448c3511904c3963b0e167ecf6274aea48afb9c42d452447dfd042' + '1f28802fad6ae0eaa5b94bb8d945ada923631ddfb7ae63e934962dbe41774976') prepare() { cd "$pkgname-$pkgver" - patch -Np1 -i "${srcdir}/$pkgname.patch" + patch -i "${srcdir}/00-Makefile.patch" } build() { @@ -28,6 +32,7 @@ build() { package() { install -Dm644 "doas-pam" "$pkgdir/etc/pam.d/doas" + install -Dm644 "doas.conf" "$pkgdir/etc/doas.conf" cd "$pkgname-$pkgver" make DESTDIR="$pkgdir" install install -Dm644 "LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE" @@ -1,7 +1,5 @@ #%PAM-1.0 -auth required pam_unix.so -account required pam_unix.so -session optional pam_xauth.so -session optional pam_umask.so usergroups umask=022 -session required pam_env.so -session required pam_unix.so +auth sufficient pam_fprintd.so +auth include system-auth +account include system-auth +session include system-auth diff --git a/doas.conf b/doas.conf new file mode 100644 index 000000000000..818e1040aff0 --- /dev/null +++ b/doas.conf @@ -0,0 +1,43 @@ +## Sample configuration file for doas +## Please see doas.conf manual page for information on setting +## up a doas.conf file. +## +## This file should be edited using `vidoas` to prevent syntax errors +## +## doas.conf is read from top to bottom, and the last matching rule +## will be used + +## This file defines which users should (not) be allowed to use doas + +## Allow root user to use doas: +permit root +## alternatively: permit 0 + +## Allow members of the wheel group to use doas (note the colon): +# permit :wheel + +## Deny user malloy to use doas: +# deny malloy + +## Allow alice to 'doas' bob: +# permit alice as bob + +## Deny Bob to run pacman: +# deny bob cmd pacman + +# Allow Bob to update packages using pacman +# allow bob cmd /usr/bin/pacman -Syu + +## If a command without path is specified, +## the command will be searched in +## usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +## (not PATH). + +## Allow Bob to update packages without entering his pasword: +# allow nopass bob cmd /usr/bin/pacman -Syu + +## Maintain the user's environment: +# allow keepenv alice +## Variables may also be set using setenv { \ +## PKG_CACHE RELEASE_DIR=/var/local/ \ +## } diff --git a/doas.patch b/doas.patch deleted file mode 100644 index 70e5c3ad20ad..000000000000 --- a/doas.patch +++ /dev/null @@ -1,145 +0,0 @@ -diff -ura doas-6.2p2-old/doas.1 doas-6.2p2-new/doas.1 ---- doas-6.2p2-old/doas.1 2019-10-13 02:07:28.000000000 +1100 -+++ doas-6.2p2-new/doas.1 2019-11-07 13:03:09.849984860 +1100 -@@ -91,7 +91,7 @@ - .Bl -bullet -compact - .It - The config file --.Pa /usr/local/etc/doas.conf -+.Pa /etc/doas.conf - could not be parsed. - .It - The user attempted to run a command which is not permitted. -diff -ura doas-6.2p2-old/doas.conf.5 doas-6.2p2-new/doas.conf.5 ---- doas-6.2p2-old/doas.conf.5 2019-10-13 02:07:28.000000000 +1100 -+++ doas-6.2p2-new/doas.conf.5 2019-11-07 13:03:09.849984860 +1100 -@@ -20,7 +20,7 @@ - .Nm doas.conf - .Nd doas configuration file - .Sh SYNOPSIS --.Nm /usr/local/etc/doas.conf -+.Nm doas.conf - .Sh DESCRIPTION - The - .Xr doas 1 -@@ -125,6 +125,11 @@ - If quotes or backslashes are used in a word, - it is not considered a keyword. - .El -+.Sh FILES -+.Bl -tag -width "/etc/doas.conf" -+.It Pa /etc/doas.conf -+doas configuration file. -+.El - .Sh EXAMPLES - The following example permits users in group wsrc to build ports; - wheel to execute commands as any user while keeping the environment -diff -ura doas-6.2p2-old/Makefile doas-6.2p2-new/Makefile ---- doas-6.2p2-old/Makefile 2019-10-13 02:07:28.000000000 +1100 -+++ doas-6.2p2-new/Makefile 2019-11-07 13:05:35.273137128 +1100 -@@ -1,68 +1,38 @@ --CC?=clang --YACC?=yacc --BIN=doas --PREFIX?=/usr/local --MANDIR?=$(DESTDIR)$(PREFIX)/man --SYSCONFDIR?=$(DESTDIR)$(PREFIX)/etc --OBJECTS=doas.o env.o compat/execvpe.o compat/reallocarray.o y.tab.o --OPT?=-O2 --# Can set GLOBAL_PATH here to set PATH for target user. --# TARGETPATH=-DGLOBAL_PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:\" --CFLAGS+=-Wall $(OPT) -DUSE_PAM -DDOAS_CONF=\"${SYSCONFDIR}/doas.conf\" $(TARGETPATH) --CPPFLAGS+=-include compat/compat.h --LDFLAGS+=-lpam --UNAME_S := $(shell uname -s) --ifeq ($(UNAME_S),Linux) -- LDFLAGS+=-lpam_misc -- CPPFLAGS+=-Icompat -- CFLAGS+=-D_GNU_SOURCE -- COMPAT+=closefrom.o errc.o getprogname.o setprogname.o strlcat.o strlcpy.o strtonum.o verrc.o -- OBJECTS+=$(COMPAT:%.o=compat/%.o) --endif --ifeq ($(UNAME_S),FreeBSD) -- CFLAGS+=-DHAVE_LOGIN_CAP_H -- LDFLAGS+=-lutil --endif --ifeq ($(UNAME_S),SunOS) -- SAFE_PATH?=/bin:/sbin:/usr/bin:/usr/sbin:$(PREFIX)/bin:$(PREFIX)/sbin -- GLOBAL_PATH?=/bin:/sbin:/usr/bin:/usr/sbin:$(PREFIX)/bin:$(PREFIX)/sbin -- CPPFLAGS+=-Icompat -- CFLAGS+=-DSOLARIS_PAM -DSAFE_PATH=\"$(SAFE_PATH)\" -DGLOBAL_PATH=\"$(GLOBAL_PATH)\" -- COMPAT=errc.o pm_pam_conv.o setresuid.o verrc.o -- OBJECTS+=$(COMPAT:%.o=compat/%.o) --endif --ifeq ($(UNAME_S),Darwin) -- CPPFLAGS+=-Icompat -- COMPAT+=bsd-closefrom.o -- OBJECTS+=$(COMPAT:%.o=compat/%.o) -- # On MacOS the default man page path is /usr/local/share/man -- MANDIR=$(DESTDIR)$(PREFIX)/share/man --endif -- --all: $(OBJECTS) -- $(CC) -o $(BIN) $(OBJECTS) $(LDFLAGS) -- --env.o: doas.h env.c -- --execvpe.o: doas.h execvpe.c -- --doas.o: doas.h doas.c parse.y -- --reallocarray.o: doas.h reallocarray.c -- --y.tab.o: parse.y -- $(YACC) parse.y -- $(CC) $(CPPFLAGS) $(CFLAGS) -c y.tab.c -- --install: $(BIN) -- mkdir -p $(DESTDIR)$(PREFIX)/bin -- cp $(BIN) $(DESTDIR)$(PREFIX)/bin/ -- chmod 4755 $(DESTDIR)$(PREFIX)/bin/$(BIN) -- mkdir -p $(MANDIR)/man1 -- cp doas.1 $(MANDIR)/man1/ -- mkdir -p $(MANDIR)/man5 -- cp doas.conf.5 $(MANDIR)/man5/ -- -+PREFIX := /usr -+BINDIR := $(PREFIX)/bin -+MANDIR := $(PREFIX)/share/man -+ -+CPPFLAGS += -include compat/compat.h -Icompat -+CFLAGS += -DUSE_PAM -DDOAS_CONF=\"/etc/doas.conf\" -D_GNU_SOURCE -+LDFLAGS := -lpam -lpam_misc $(LDFLAGS) -+ -+OBJS = \ -+ compat/closefrom.o \ -+ compat/errc.o \ -+ compat/execvpe.o \ -+ compat/getprogname.o \ -+ compat/reallocarray.o \ -+ compat/setprogname.o \ -+ compat/strlcat.o \ -+ compat/strlcpy.o \ -+ compat/strtonum.o \ -+ compat/verrc.o \ -+ doas.o \ -+ env.o \ -+ parse.o -+ -+doas: $(OBJS) -+ $(CC) $(LDFLAGS) -o $@ $(OBJS) -+ -+compat/execvpe.o: doas.h -+compat/reallocarray.o: doas.h -+doas.o: doas.h -+env.o: doas.h -+ -+install: doas -+ install -Dm4755 doas $(DESTDIR)$(BINDIR)/doas -+ install -Dm0644 doas.1 $(DESTDIR)$(MANDIR)/man1/doas.1 -+ install -Dm0644 doas.conf.5 $(DESTDIR)$(MANDIR)/man5/doas.conf.5 -+ - clean: -- rm -f $(BIN) $(OBJECTS) y.tab.c -- -+ rm -f $(OBJS) doas |