Add a configure option to turn off use of POSIX saved IDs

INSTALL

@@ -68,13 +68,16 @@ Configuration:
   --cache-file=FILE
 	Cache test results in FILE
 
-  --help
+  --config-cache, -C
+	Alias for `--cache-file=config.cache'
+
+  --help, -h
 	Print the usage/help info
 
-  --no-create
+  --no-create, -n
 	Do not create output files
 
-  --quiet, --silent
+  --quiet, --silent, -q
 	Do not print `checking...' messages
 
 Directory and file names:
@@ -193,12 +196,20 @@ Special features/options:
 	command line.
 
   --with-bsdauth
-	Enable support for BSD authentication on BSD/OS.  This option
+        Enable support for BSD authentication on BSD/OS and OpenBSD.
-	assumes --with-logincap as well.  It is not possible to mix
+        This option assumes --with-logincap as well.  It is not
-	BSD authentication with other authentication methods (and there
+        possible to mix BSD authentication with other authentication
-	really should be no need to do so).  Note that only the newer
+        methods (and there really should be no need to do so).  Note
-	BSD authentication API is supported.  If you don't have
+        that only the newer BSD authentication API is supported.
-	/usr/include/bsd_auth.h then you cannot use this.
+        If you don't have /usr/include/bsd_auth.h then you cannot
+        use this.
+
+  --disable-saved-ids
+	Disable use of POSIX saved IDs.  Normally, sudo will try to
+	use POSIX saved IDs if they are supported.  However, some
+	implementations are broken.  If sudo aborts with an error like:
+	    "seteuid(0): Operation not permitted"
+	you probably need to disable POSIX saved ID support.
 
   --disable-sia
 	Disable SIA support.  This is the "Security Integration Architecture"
@@ -583,12 +594,11 @@ Linux:
     the "#define HAVE_LSEARCH 1" line in config.h and add lsearch.o
     to the LIBOBJS line in the Makefile.
 
-    It is not possible to access the sudoers file via NFS on Linux.
+    If you are using a Linux kernel older than 2.4 it is not possible
-    This is due to a bug in the Linux client-side NFS implementation.
+    to access the sudoers file via NFS.  This is due to a bug in
-    It has been fixed in the developement kernel but, as of Aug 27,
+    the Linux client-side NFS implementation that has since been
-    1999, the fixes have not made it into the mainstream kernel.
+    fixed.  There is a workaround on the sudo ftp site, linux_nfs.patch,
-    There is a workaround on the sudo ftp site, linux_nfs.patch,
+    if you need to NFS-mount sudoers on older Linux kernels.
-    if you need to NFS-mount sudoers on Linux.
 
 Mac OS X:
     It has been reported that for sudo to work on Mac OS X it must

TROUBLESHOOTING

@@ -17,6 +17,12 @@ A) Sudo must be setuid root to do its work.  You need to do something like
    your $PATH before the directory containing sudo.  If you are going
    to have '.' in your path you should make sure it is at the end.
 
+Q) Sudo compiles but when I run it I get "seteuid(0): Operation not permitted"
+   and sudo quits.
+A) The operating system you are running probably has broken support for
+   POSIX saved IDs.  You should run configure with the "--disable-saved-ids"
+   option and rebuild sudo.
+
 Q) Sudo never gives me a chance to enter a password using PAM, it just
    says 'Sorry, try again.' three times and quits.
 A) You didn't setup PAM to work with sudo.  On Linux this generally

config.h.in

@@ -358,6 +358,9 @@
 /* Define if root should not be allowed to use sudo. */
 #undef NO_ROOT_SUDO
 
+/* Define to avoid using POSIX saved ids. */
+#undef NO_SAVED_IDS
+
 /* The default password prompt. */
 #undef PASSPROMPT
 

configure.in

@@ -964,6 +964,21 @@ AC_ARG_ENABLE(authentication,
   esac
 ], AC_MSG_RESULT(yes))
 
+AC_MSG_CHECKING(whether to disable use of POSIX saved ids)
+AC_ARG_ENABLE(saved-ids,
+[  --saved-ids             Don't try to use POSIX saved ids],
+[ case "$enableval" in
+    yes)	AC_MSG_RESULT(no)
+		;;
+    no)		AC_MSG_RESULT(yes)
+		AC_DEFINE(NO_SAVED_IDS, 1, [Define to avoid using POSIX saved ids.])
+		;;
+    *)		AC_MSG_RESULT(no)
+    		echo "Ignoring unknown argument to --enable-saved-ids: $enableval"
+		;;
+  esac
+], AC_MSG_RESULT(no))
+
 AC_MSG_CHECKING(whether to disable shadow password support)
 AC_ARG_ENABLE(shadow,
 [  --disable-shadow        Never use shadow passwords],

set_perms.c

@@ -75,7 +75,7 @@ static const char rcsid[] = "$Sudo$";
 static void runas_setup		__P((void));
 static void fatal		__P((char *));
 
-#if defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
+#if !defined(NO_SAVED_IDS) && defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
 /*
  * Set real and effective uids and gids based on perm.
  * Since we have POSIX saved IDs we can get away with just
@@ -140,7 +140,7 @@ set_perms_posix(perm, sudo_mode)
 			      	break;
     }
 }
-#endif /* _SC_SAVED_IDS && _SC_VERSION */
+#endif /* !NO_SAVED_IDS && _SC_SAVED_IDS && _SC_VERSION */
 
 #ifdef HAVE_SETREUID
 /*

sudo.c

@@ -260,7 +260,7 @@ main(argc, argv, envp)
      * set the real, effective and saved uids to 0 and use set_perms_fallback()
      * instead of set_perms_posix().
      */
-#if defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
+#if !defined(NO_SAVED_IDS) && defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
     if (!def_flag(I_STAY_SETUID) && set_perms == set_perms_posix) {
 	if (setuid(0)) {
 	    perror("setuid(0)");
@@ -888,7 +888,7 @@ initial_setup()
     (void) sigaction(SIGCHLD, &sa, NULL);
 
     /* Set set_perms pointer to the correct function */
-#if defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
+#if !defined(NO_SAVED_IDS) && defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
     if (sysconf(_SC_SAVED_IDS) == 1 && sysconf(_SC_VERSION) >= 199009)
 	set_perms = set_perms_posix;
     else