--target=target-alias the machine that CC will produce code for
--enable-debug enable debugging
- --enable-seccomp enable seccomp
--enable-static prepare for static build
--help, -h display this help and exit
--host) HOST=$var;;
--target) TARGET=$var;;
--enable-debug) DEBUG=yes;;
- --enable-seccomp) BUILD_SECCOMP=yes;;
--enable-static) BUILD_STATIC=yes;;
+ --without-pam) WITHOUT_PAM=yes;;
--help|-h) usage;;
*) die "Error: unknown option $opt";;
esac
CONFIG_MK=config.mk
rm -f "$CONFIG_MK"
-: ${VERSION:="$(git describe --dirty --tags --long --always)"}
-# : ${VERSION:="0.1"}
+# : ${VERSION:="$(git describe --dirty --tags --long --always)"}
+: ${VERSION:="0.3"}
cat <<EOF >>$CONFIG_MK
PREFIX ?= ${PREFIX:="/usr"}
linux)
OS_CFLAGS="$OS_CFLAGS -D_DEFAULT_SOURCE -D_GNU_SOURCE -DUID_MAX=60000 -DGID_MAX=60000"
printf 'CURDIR := .\n' >>$CONFIG_MK
- printf 'PAM_DOAS = pam.d__doas__linux\n' >>$CONFIG_MK
+ [ -z "$WITHOUT_PAM" ] && \
+ printf 'PAM_DOAS = pam.d__doas__linux\n' >>$CONFIG_MK
;;
esac
check_func "bsd_auth_h" "$src" && \
have_bsd_auth_h=1
+#
+# Check for sys/tree.h.
+#
+src='
+#include <sys/tree.h>
+int main(void) {
+ return 0;
+}'
+check_func "sys_tree_h" "$src"
+
#
# Check for pam_appl.h.
#
int main(void) {
return 0;
}'
-[ -z "$have_bsd_auth_h" ] && \
+[ -z "$WITHOUT_PAM" -a -z "$have_bsd_auth_h" ] && \
check_func "pam_appl_h" "$src" && {
- printf 'SRCS += doas_pam.c\n' >>$CONFIG_MK
+ printf 'SRCS += pam.c\n' >>$CONFIG_MK
printf 'LDFLAGS += -lpam\n' >>$CONFIG_MK
}
#
-# Check for login_cap.h.
+# Check for shadow.h.
#
src='
-#include <login_cap.h>
+#include <shadow.h>
int main(void) {
return 0;
}'
-check_func "login_cap_h" "$src" || {
- printf 'OPENBSD += setusercontext.o\n' >>$CONFIG_MK
-}
+[ -z "$WITHOUT_PAM" -a -z "$have_bsd_auth_h" ] || \
+ check_func "shadow_h" "$src" && {
+ printf 'LDFLAGS += -lcrypt\n' >>$CONFIG_MK
+ }
#
# Check for execvpe().
pledge("", NULL);
return 0;
}'
-check_func "pledge" "$src" && {
- have_pledge=1
-}
-
-#
-# Check for seccomp.h
-#
-src='
-#include <linux/seccomp.h>
-#include <sys/prctl.h>
-#include <unistd.h>
-int main(void) {
- prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL);
- return 0;
-}'
-[ -z "$have_pledge" -a -n "$BUILD_SECCOMP" ] && \
- check_func "seccomp_h" "$src" && \
- {
- have_pledge=1
- printf 'OPENBSD += pledge-seccomp.o\n' >>$CONFIG_MK
- }
-
-[ -z "$have_pledge" ] && \
+check_func "pledge" "$src" || {
printf 'OPENBSD += pledge-noop.o\n' >>$CONFIG_MK
+}