nixpkgs/pkgs/tools/security/sudo/default.nix

{ stdenv, fetchurl, coreutils, pam, groff, keepVisudo ? false }:

stdenv.mkDerivation rec {
  name = "sudo-1.8.9p4";

  src = fetchurl {
    urls =
      [ "ftp://ftp.sudo.ws/pub/sudo/${name}.tar.gz"
        "ftp://ftp.sudo.ws/pub/sudo/OLD/${name}.tar.gz"
      ];
    sha256 = "19y75bsh4z2kid5jk2r84z7rvmnh90n8cb9fbn9l4rcw83lzjhqr";
  };

  postConfigure = ''
    cat >> pathnames.h <<EOF
    #undef  _PATH_SUDO_LOGFILE
    #define _PATH_SUDO_LOGFILE "/var/log/sudo.log"
    #undef  _PATH_SUDO_TIMEDIR
    #define _PATH_SUDO_TIMEDIR "/run/sudo"
    #undef  _PATH_VI
    #define _PATH_VI "/run/current-system/sw/bin/nano"
    #undef  _PATH_MV
    #define _PATH_MV "${coreutils}/bin/mv"
    EOF

    makeFlags="install_uid=$(id -u) install_gid=$(id -g)"
    installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc timedir=$TMPDIR/dummy"
  '';

  buildInputs = [ coreutils pam groff ];

  enableParallelBuilding = true;

  postInstall = ''
    # ‘visudo’ does not make sense on NixOS - except for checking sudoers
    # file syntax
    rm ${if keepVisudo then "" else "$out/sbin/visudo"} \
        $out/share/man/man8/visudo.8

    rm $out/share/doc/sudo/ChangeLog
  '';

  meta = {
    description = "A command to run commands as root";

    longDescription = ''
      Sudo (su "do") allows a system administrator to delegate
      authority to give certain users (or groups of users) the ability
      to run some (or all) commands as root or another user while
      providing an audit trail of the commands and their arguments.
    '';

    homepage = http://www.sudo.ws/;

    license = http://www.sudo.ws/sudo/license.html;

    maintainers = [ stdenv.lib.maintainers.eelco ];
  };
}
-												Allow to keep visudo. Useful for checking sudoers syntax

											
										
										
											2014-06-08 20:53:25 +00:00
+								{ stdenv, fetchurl, coreutils, pam, groff, keepVisudo ? false }:
-												* Sudo 1.6.9p4.

svn path=/nixpkgs/trunk/; revision=9148

											
										
										
											2007-08-17 13:37:28 +00:00
-												Sudo 1.6.9p17.

svn path=/nixpkgs/trunk/; revision=12841

											
										
										
											2008-09-11 14:31:37 +00:00
+								stdenv.mkDerivation rec {
-												sudo: Update to 1.8.9p4

											
										
										
											2014-01-23 10:21:38 +00:00
+								  name = "sudo-1.8.9p4";
-												Adding forgot new files for sudo and BitTornado

svn path=/nixpkgs/trunk/; revision=8899

											
										
										
											2007-06-20 09:34:42 +00:00
 								  src = fetchurl {
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								    urls =
-												* Fix a broken URL, and update sudo while we're at it.

svn path=/nixpkgs/trunk/; revision=16972

											
										
										
											2009-09-06 21:36:51 +00:00
+								      [ "ftp://ftp.sudo.ws/pub/sudo/${name}.tar.gz"
 								        "ftp://ftp.sudo.ws/pub/sudo/OLD/${name}.tar.gz"
 								      ];
-												sudo: Update to 1.8.9p4

											
										
										
											2014-01-23 10:21:38 +00:00
+								    sha256 = "19y75bsh4z2kid5jk2r84z7rvmnh90n8cb9fbn9l4rcw83lzjhqr";
-												Adding forgot new files for sudo and BitTornado

svn path=/nixpkgs/trunk/; revision=8899

											
										
										
											2007-06-20 09:34:42 +00:00
+								  };
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								  postConfigure = ''
 								    cat >> pathnames.h <<EOF
 								    #undef  _PATH_SUDO_LOGFILE
 								    #define _PATH_SUDO_LOGFILE "/var/log/sudo.log"
 								    #undef  _PATH_SUDO_TIMEDIR
 								    #define _PATH_SUDO_TIMEDIR "/run/sudo"
 								    #undef  _PATH_VI
 								    #define _PATH_VI "/run/current-system/sw/bin/nano"
 								    #undef  _PATH_MV
 								    #define _PATH_MV "${coreutils}/bin/mv"
 								    EOF
-												Adding forgot new files for sudo and BitTornado

svn path=/nixpkgs/trunk/; revision=8899

											
										
										
											2007-06-20 09:34:42 +00:00
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								    makeFlags="install_uid=$(id -u) install_gid=$(id -g)"
-												sudo: Fix building outside of a chroot

											
										
										
											2013-04-05 17:38:07 +00:00
+								    installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc timedir=$TMPDIR/dummy"
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								  '';
-												Adding forgot new files for sudo and BitTornado

svn path=/nixpkgs/trunk/; revision=8899

											
										
										
											2007-06-20 09:34:42 +00:00
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								  buildInputs = [ coreutils pam groff ];
-												Adding forgot new files for sudo and BitTornado

svn path=/nixpkgs/trunk/; revision=8899

											
										
										
											2007-06-20 09:34:42 +00:00
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								  enableParallelBuilding = true;
 								  postInstall = ''
-												Allow to keep visudo. Useful for checking sudoers syntax

											
										
										
											2014-06-08 20:53:25 +00:00
+								    # ‘visudo’ does not make sense on NixOS - except for checking sudoers
 								    # file syntax
 								    rm ${if keepVisudo then "" else "$out/sbin/visudo"} \
 								        $out/share/man/man8/visudo.8
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
 								    rm $out/share/doc/sudo/ChangeLog
 								  '';
-												Sudo 1.6.9p17.

svn path=/nixpkgs/trunk/; revision=12841

											
										
										
											2008-09-11 14:31:37 +00:00
 								  meta = {
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
+								    description = "A command to run commands as root";
-												Sudo 1.6.9p17.

svn path=/nixpkgs/trunk/; revision=12841

											
										
										
											2008-09-11 14:31:37 +00:00
 								    longDescription = ''
 								      Sudo (su "do") allows a system administrator to delegate
 								      authority to give certain users (or groups of users) the ability
 								      to run some (or all) commands as root or another user while
 								      providing an audit trail of the commands and their arguments.
 								    '';
 								    homepage = http://www.sudo.ws/;
 								    license = http://www.sudo.ws/sudo/license.html;
-												sudo: Update to 1.8.7p7

Ouch, our sudo was criminally outdated.

CVE-2013-1775, CVE-2013-1776, CVE-2012-2337, CVE-2011-0010.

											
										
										
											2013-04-03 11:10:53 +00:00
 								    maintainers = [ stdenv.lib.maintainers.eelco ];
-												Sudo 1.6.9p17.

svn path=/nixpkgs/trunk/; revision=12841

											
										
										
											2008-09-11 14:31:37 +00:00
+								  };
-												Adding forgot new files for sudo and BitTornado

svn path=/nixpkgs/trunk/; revision=8899

											
										
										
											2007-06-20 09:34:42 +00:00
+								}