--enable-static prepare for static build
--without-pam disable pam support
- --without-pam disable shadow support
+ --without-shadow disable shadow support
+
+ --with-timestamp enable timestamp support
+
+ --uid-max=NUM set UID_MAX (default 65535)
+ --gid-max=NUM set GID_MAX (default 65535)
--help, -h display this help and exit
EOF
exit 0
}
+# defaults
+WITHOUT_TIMESTAMP=yes
+UID_MAX=65535
+GID_MAX=65535
+
for x; do
opt=${x%%=*}
var=${x#*=}
--with-shadow) WITHOUT_SHADOW=; WITHOUT_PAM=yes ;;
--without-pam) WITHOUT_PAM=yes ;;
--without-shadow) WITHOUT_SHADOW=yes ;;
+ --with-timestamp) WITHOUT_TIMESTAMP= ;;
+ --without-timestamp) WITHOUT_TIMESTAMP=yes ;;
+ --uid-max) UID_MAX=$var ;;
+ --gid-max) UID_MAX=$var ;;
--help|-h) usage ;;
*) die "Error: unknown option $opt" ;;
esac
CONFIG_MK=config.mk
rm -f "$CONFIG_MK"
-# : ${VERSION:="$(git describe --dirty --tags --long --always)"}
-: ${VERSION:="6.0"}
-
cat <<EOF >>$CONFIG_MK
PREFIX ?= ${PREFIX:="/usr"}
EPREFIX ?= ${EPREFIX:="${PREFIX}"}
MANDIR ?= ${MANDIR:="${SHAREDIR}/man"}
SYSCONFDIR?= ${SYSCONFDIR:="/etc"}
PAMDIR ?= ${PAMDIR:="${SYSCONFDIR}/pam.d"}
-CFLAGS += -DVERSION="\"${VERSION}\""
EOF
if [ -z "$BUILD" ]; then
case "$OS" in
linux)
- OS_CFLAGS="$OS_CFLAGS -D_DEFAULT_SOURCE -D_GNU_SOURCE -DUID_MAX=60000 -DGID_MAX=60000"
+ OS_CFLAGS="$OS_CFLAGS -D_DEFAULT_SOURCE -D_GNU_SOURCE -DUID_MAX=${UID_MAX} -DGID_MAX=${GID_MAX}"
printf 'CURDIR := .\n' >>$CONFIG_MK
[ -z "$WITHOUT_PAM" ] && \
printf 'PAM_DOAS = pam.d__doas__linux\n' >>$CONFIG_MK
}
authmethod() {
- #
- # Check for bsd_auth.h.
- #
- src='
-#include <bsd_auth.h>
-int main(void) {
- return 0;
-}'
- check_func "bsd_auth_h" "$src" && {
- have_bsd_auth_h=1
- printf 'bsd\n'
- return 0
- }
-
#
# Check for pam_appl.h.
#
[ -z "$WITHOUT_PAM" ] && check_func "pam_appl_h" "$src" && {
printf 'SRCS += pam.c\n' >>$CONFIG_MK
printf 'LDFLAGS += -lpam\n' >>$CONFIG_MK
+ printf 'CPPFLAGS += -DUSE_PAM\n' >>$CONFIG_MK
printf 'pam\n'
return 0
}
return 0;
}'
[ -z "$WITHOUT_SHADOW" ] && check_func "shadow_h" "$src" && {
+ printf 'SRCS += shadow.c\n' >>$CONFIG_MK
printf 'LDFLAGS += -lcrypt\n' >>$CONFIG_MK
+ printf 'CPPFLAGS += -DUSE_SHADOW\n' >>$CONFIG_MK
printf 'shadow\n'
return 0
}
return 1
}
+persistmethod() {
+ [ -z "$WITHOUT_TIMESTAMP" ] && {
+ printf 'CPPFLAGS += -DUSE_TIMESTAMP\n' >>$CONFIG_MK
+ printf 'SRCS += timestamp.c\n' >>$CONFIG_MK
+ printf 'timestamp\n'
+ return 0
+ }
+ return 1
+}
+
#
# Check for explicit_bzero().
#
execvpe("", p, p);
return 0;
}'
-check_func "execvpe" "$src" || {
- printf 'OPENBSD += execvpe.o\n' >>$CONFIG_MK
-}
+check_func "execvpe" "$src" || die "system has no execvpe(3): not supported"
#
# Check for setresuid().
setresuid(0, 0, 0);
return 0;
}'
-check_func "setresuid" "$src" || {
- printf 'OPENBSD += setresuid.o\n' >>$CONFIG_MK
-}
-
-#
-# Check for pledge().
-#
-src='
-#include <unistd.h>
-int main(void) {
- pledge("", NULL);
- return 0;
-}'
-check_func "pledge" "$src" || {
- printf 'OPENBSD += pledge-noop.o\n' >>$CONFIG_MK
-}
+check_func "setresuid" "$src" || die "system has no setresuid(2): not supported"
#
# Check for closefrom().
printf 'Error auth method\t\t\n' >&2
exit 1
fi
+
+persist=$(persistmethod)
+if [ $? -eq 0 ]; then
+ printf 'Using persist method\t\t\t%s.\n' "$persist" >&2
+else
+ printf 'Using persist method\t\t\tnone.\n' >&2
+fi
+printf 'Setting UID_MAX\t\t\t\t%d.\n' "$UID_MAX" >&2
+printf 'Setting GID_MAX\t\t\t\t%d.\n' "$GID_MAX" >&2