diff --git a/.circleci/config.yml b/.circleci/config.yml index 18e5f0f7f..66d7af326 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -4,6 +4,10 @@ jobs: build_linux: description: Configure, build and package sudo (Linux) parameters: + krb5: + description: if true, build sudo's Kerberos V support + default: false + type: boolean ldap: description: if true, build sudo's LDAP support default: false @@ -31,7 +35,7 @@ jobs: - checkout - run: name: "Building and packaging sudo (Linux)" - command: ./scripts/mkpkg <<# parameters.ldap >>--flavor=ldap --with-sssd --with-sssd-lib=/usr/lib/x86_64-linux-gnu <><<# parameters.wolfssl >>--enable-wolfssl <><<^ parameters.logsrvd >>--disable-log-server --disable-log-client <><<^ parameters.intercept >>--disable-intercept <><<# parameters.static_sudoers >>--enable-static-sudoers <>--enable-warnings --enable-werror --enable-sanitizer + command: ./scripts/mkpkg <<# parameters.krb5 >>--with-kerb5 <><<# parameters.ldap >>--flavor=ldap --with-sssd --with-sssd-lib=/usr/lib/x86_64-linux-gnu <><<# parameters.wolfssl >>--enable-wolfssl <><<^ parameters.logsrvd >>--disable-log-server --disable-log-client <><<^ parameters.intercept >>--disable-intercept <><<# parameters.static_sudoers >>--enable-static-sudoers <>--enable-warnings --enable-werror --enable-sanitizer # Save workspace for subsequent jobs (i.e. test) - persist_to_workspace: root: . @@ -84,6 +88,12 @@ workflows: version: 2 build_and_test: jobs: + - build_linux: + name: build-linux-krb5 + krb5: true + filters: + branches: + only: main - build_linux: name: build-linux-ldap ldap: true @@ -119,6 +129,10 @@ workflows: filters: branches: only: main + - test_linux: + name: test-linux-krb5 + requires: + - build-linux-krb5 - test_linux: name: test-linux-ldap requires: diff --git a/docker/debian/latest/Dockerfile b/docker/debian/latest/Dockerfile index aae608e51..6621cecdd 100644 --- a/docker/debian/latest/Dockerfile +++ b/docker/debian/latest/Dockerfile @@ -3,7 +3,8 @@ FROM docker.io/library/debian:latest RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ - libaudit-dev libldap2-dev libpam0g-dev libpython3-dev libsasl2-dev \ - libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev lsb-release \ - ncurses-term openssh-client pkg-config procps python3-dev ssh zlib1g-dev + libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ + libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ + lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ + ssh zlib1g-dev RUN useradd -ms /bin/bash build diff --git a/docker/debian/testing/Dockerfile b/docker/debian/testing/Dockerfile index 969c7d5b8..83f0e4a16 100644 --- a/docker/debian/testing/Dockerfile +++ b/docker/debian/testing/Dockerfile @@ -3,7 +3,8 @@ FROM docker.io/library/debian:testing RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ - libaudit-dev libldap2-dev libpam0g-dev libpython3-dev libsasl2-dev \ - libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev lsb-release \ - ncurses-term openssh-client pkg-config procps python3-dev ssh zlib1g-dev + libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ + libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ + lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ + ssh zlib1g-dev RUN useradd -ms /bin/bash build diff --git a/docker/fedora/latest/Dockerfile b/docker/fedora/latest/Dockerfile index 649323fa8..dec471a0b 100644 --- a/docker/fedora/latest/Dockerfile +++ b/docker/fedora/latest/Dockerfile @@ -1,7 +1,7 @@ FROM docker.io/library/fedora:latest ENV TZ=America/Denver -RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel \ +RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel krb5-devel \ libasan libubsan libselinux-devel libsepol-devel make openldap-devel \ openssl-devel pam-devel python3-devel rpm-build zlib-devel binutils \ ed gcc gdb git openssh pkg-config procps which diff --git a/docker/fedora/rawhide/Dockerfile b/docker/fedora/rawhide/Dockerfile index a2154270b..21b400db4 100644 --- a/docker/fedora/rawhide/Dockerfile +++ b/docker/fedora/rawhide/Dockerfile @@ -1,7 +1,7 @@ FROM docker.io/library/fedora:rawhide ENV TZ=America/Denver -RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel \ +RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel krb5-devel \ libasan libubsan libselinux-devel libsepol-devel make openldap-devel \ openssl-devel pam-devel python3-devel rpm-build zlib-devel binutils \ ed gcc gdb git openssh pkg-config procps which diff --git a/docker/ubuntu/devel/Dockerfile b/docker/ubuntu/devel/Dockerfile index 4d2852b8d..f5d305a68 100644 --- a/docker/ubuntu/devel/Dockerfile +++ b/docker/ubuntu/devel/Dockerfile @@ -3,7 +3,8 @@ FROM docker.io/library/ubuntu:devel RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ - libaudit-dev libldap2-dev libpam0g-dev libpython3-dev libsasl2-dev \ - libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev lsb-release \ - ncurses-term openssh-client pkg-config procps python3-dev ssh zlib1g-dev + libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ + libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ + lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ + ssh zlib1g-dev RUN useradd -ms /bin/bash build diff --git a/docker/ubuntu/latest/Dockerfile b/docker/ubuntu/latest/Dockerfile index 0e1b2105c..582baae26 100644 --- a/docker/ubuntu/latest/Dockerfile +++ b/docker/ubuntu/latest/Dockerfile @@ -3,7 +3,8 @@ FROM docker.io/library/ubuntu:latest RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ - libaudit-dev libldap2-dev libpam0g-dev libpython3-dev libsasl2-dev \ - libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev lsb-release \ - ncurses-term openssh-client pkg-config procps python3-dev ssh zlib1g-dev + libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ + libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ + lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ + ssh zlib1g-dev RUN useradd -ms /bin/bash build diff --git a/docker/ubuntu/rolling/Dockerfile b/docker/ubuntu/rolling/Dockerfile index 8ed923e3a..bf31a9674 100644 --- a/docker/ubuntu/rolling/Dockerfile +++ b/docker/ubuntu/rolling/Dockerfile @@ -3,7 +3,8 @@ FROM docker.io/library/ubuntu:rolling RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ - libaudit-dev libldap2-dev libpam0g-dev libpython3-dev libsasl2-dev \ - libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev lsb-release \ - ncurses-term openssh-client pkg-config procps python3-dev ssh zlib1g-dev + libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ + libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ + lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ + ssh zlib1g-dev RUN useradd -ms /bin/bash build