diff --git a/INSTALL.md b/INSTALL.md index 2261504b6..fe2366be0 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1003,6 +1003,13 @@ Defaults are listed in brackets after the description. is used. Sudoers option: secure_path + --with-secure-path-value[=PATH] + Sets the value of "secure_path" that is substituted into + the default sudoers file. This option is intended to be + used by package maintainers who wish to set "secure_path" + to a system-specific value in the default sudoers file. + It does not actually enable "secure-path". + --with-sendmail=PATH Override configure's guess as to the location of sendmail. Sudoers option: mailerpath diff --git a/configure b/configure index 42cf00472..18eb2bdf2 100755 --- a/configure +++ b/configure @@ -1002,6 +1002,7 @@ with_nsswitch with_ldap with_ldap_conf_file with_ldap_secret_file +with_secure_path_value with_secure_path with_interfaces with_askpass @@ -1883,6 +1884,8 @@ Optional Packages: --with-ldap[=DIR] enable LDAP support --with-ldap-conf-file path to LDAP configuration file --with-ldap-secret-file path to LDAP secret password file + --with-secure-path-value + value of secure_path in the default sudoers file --with-secure-path override the user's path with a built-in one --without-interfaces don't try to read the ip addr of network interfaces --with-askpass=PATH Fully qualified pathname of askpass helper @@ -6307,6 +6310,19 @@ EOF +# Check whether --with-secure-path-value was given. +if test ${with_secure_path_value+y} +then : + withval=$with_secure_path_value; case $with_secure_path_value in + yes|no) as_fn_error $? "must give --secure-path-value an argument." "$LINENO" 5 + ;; + *) secure_path="$with_secure_path_value" + ;; +esac +fi + + + # Check whether --with-secure-path was given. if test ${with_secure_path+y} then : diff --git a/configure.ac b/configure.ac index 1a8c0b318..28b63ef0d 100644 --- a/configure.ac +++ b/configure.ac @@ -1068,6 +1068,14 @@ AC_ARG_WITH(ldap-secret-file, [AS_HELP_STRING([--with-ldap-secret-file], [path t test -n "$with_ldap_secret_file" && ldap_secret="$with_ldap_secret_file" SUDO_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$ldap_secret", [Path to the ldap.secret file]) +AC_ARG_WITH(secure-path-value, [AS_HELP_STRING([--with-secure-path-value], [value of secure_path in the default sudoers file])], +[case $with_secure_path_value in + yes|no) AC_MSG_ERROR([must give --secure-path-value an argument.]) + ;; + *) secure_path="$with_secure_path_value" + ;; +esac]) + AC_ARG_WITH(secure-path, [AS_HELP_STRING([--with-secure-path], [override the user's path with a built-in one])], [case $with_secure_path in yes) with_secure_path="$secure_path"