Commit eeacb333 authored by James Knight's avatar James Knight Committed by Peter Korsgaard
Browse files

sudo: add optional pam support 



Configure the sudo utility to support PAM if the framework is enabled.

[Peter: use install -D, reword commit message]
Signed-off-by: default avatarJames Knight <james.knight@rockwellcollins.com>
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent 8d10204b

package/sudo/sudo.mk

+12 −1
Original line number Diff line number Diff line
@@ -16,9 +16,20 @@ SUDO_CONF_OPTS = \ 
	--without-umask \

	--with-logging=syslog \

	--without-interfaces \

	--without-pam \

	--with-env-editor



ifeq ($(BR2_PACKAGE_LINUX_PAM),y)

define SUDO_INSTALL_PAM_CONF

	$(INSTALL) -D -m 0644 package/sudo/sudo.pam $(TARGET_DIR)/etc/pam.d/sudo

endef



SUDO_DEPENDENCIES += linux-pam

SUDO_CONF_OPTS += --with-pam

SUDO_POST_INSTALL_TARGET_HOOKS += SUDO_INSTALL_PAM_CONF

else

SUDO_CONF_OPTS += --without-pam

endif



# mksigname/mksiglist needs to run on build host to generate source files

define SUDO_BUILD_MKSIGNAME_MKSIGLIST_HOST

	$(MAKE) $(HOST_CONFIGURE_OPTS) \

package/sudo/sudo.pam

0 → 100644
+12 −0
Original line number Diff line number Diff line 
auth        sufficient   pam_rootok.so

auth        required     pam_wheel.so use_uid

auth        required     pam_env.so

auth        required     pam_unix.so nullok



account     required     pam_unix.so



password    required     pam_unix.so nullok



session     required     pam_limits.so

session     required     pam_env.so

session     required     pam_unix.so