security/sudo: Pacify portclippy

No functional changes intended Sponsored by: Rubicon Communications, LLC ("Netgate")

security/sudo: Pacify portclippy
0601dee6 · Renato Botelho · d65114f3 · 0601dee6
Commit 0601dee6 authored 1 year ago by Renato Botelho
--- a/security/sudo/Makefile
+++ b/security/sudo/Makefile
@@ -16,79 +16,84 @@ USES=		cpe libtool
 CPE_VENDOR=	todd_miller
 USE_LDCONFIG=	yes
 GNU_CONFIGURE=	yes
-LDFLAGS+=	-lgcc
-
 CONFIGURE_ARGS=	--sysconfdir=${PREFIX}/etc \
-		--with-ignore-dot \
-		--with-tty-tickets \
 		--with-env-editor \
+		--with-ignore-dot \
+		--with-logfac=${LOGFAC} \
 		--with-logincap \
 		--with-long-otp-prompt \
-		--with-rundir=/var/run/sudo
+		--with-rundir=/var/run/sudo \
+		--with-tty-tickets
+LDFLAGS+=	-lgcc

-OPTIONS_DEFINE=	LDAP INSULTS DISABLE_ROOT_SUDO DISABLE_AUTH NOARGS_SHELL \
-		AUDIT OPIE PAM PYTHON NLS SSSD DOCS EXAMPLES
-OPTIONS_RADIO=	KERBEROS
+OPTIONS_DEFINE=		AUDIT DISABLE_AUTH DISABLE_ROOT_SUDO DOCS EXAMPLES \
+			INSULTS LDAP NLS NOARGS_SHELL OPIE PAM PYTHON SSSD
 OPTIONS_DEFAULT=	AUDIT PAM
-OPTIONS_SUB=	yes
+OPTIONS_RADIO=		KERBEROS
+OPTIONS_RADIO_KERBEROS=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
+OPTIONS_SUB=		yes

-INSULTS_DESC=	Enable insults on failures
-DISABLE_ROOT_SUDO_DESC=	Do not allow root to run sudo
+AUDIT_DESC=		Enable BSM audit support
 DISABLE_AUTH_DESC=	Do not require authentication by default
+DISABLE_ROOT_SUDO_DESC=	Do not allow root to run sudo
+INSULTS_DESC=		Enable insults on failures
+KERBEROS_DESC=		Enable Kerberos 5 authentication (no PAM support)
 NOARGS_SHELL_DESC=	Run a shell if no arguments are given
-AUDIT_DESC=	Enable BSM audit support
-KERBEROS_DESC=	Enable Kerberos 5 authentication (no PAM support)
-OPIE_DESC=	Enable one-time passwords (no PAM support)
-PYTHON_DESC=	Enable python plugin support
-SSSD_DESC=	Enable SSSD backend support.
+OPIE_DESC=		Enable one-time passwords (no PAM support)
+PYTHON_DESC=		Enable python plugin support
+SSSD_DESC=		Enable SSSD backend support.

-PAM_PREVENTS=	OPIE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
-PAM_PREVENTS_MSG=	PAM cannot be combined with any other authentication plugin
+AUDIT_CONFIGURE_WITH=	bsm-audit

-LOGFAC?=	authpriv
-CONFIGURE_ARGS+=	--with-logfac=${LOGFAC}
+DISABLE_AUTH_CONFIGURE_ON=	--disable-authentication
+DISABLE_ROOT_SUDO_CONFIGURE_ON=	--disable-root-sudo

-# This is intentionally not an option.
-# SUDO_SECURE_PATH is a PATH string that will override the user's PATH.
-# ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
-.if defined(SUDO_SECURE_PATH)
-CONFIGURE_ARGS+=	--with-secure-path="${SUDO_SECURE_PATH}"
-.endif
+GSSAPI_BASE_USES=		gssapi
+GSSAPI_BASE_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
+GSSAPI_HEIMDAL_USES=		gssapi:heimdal
+GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
+GSSAPI_MIT_USES=		gssapi:mit
+GSSAPI_MIT_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}

-NLS_USES=	gettext
-NLS_CONFIGURE_ENABLE=	nls
-NLS_LDFLAGS=	-L${LOCALBASE}/lib -lintl
-NLS_CFLAGS=	-I${LOCALBASE}/include
+INSULTS_CONFIGURE_ON=	--with-insults --with-all-insults

-INSULTS_CONFIGURE_ON=	--with-insults
-INSULTS_CONFIGURE_ON+=	--with-all-insults
+LDAP_USES=		ldap
+LDAP_CONFIGURE_ON=	--with-ldap=${PREFIX} \
+			--with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF}

-LDAP_USES=	ldap
-LDAP_CONFIGURE_ON=	--with-ldap=${PREFIX}
-SUDO_LDAP_CONF?=	ldap.conf
-LDAP_CONFIGURE_ON+=	--with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF}
+NLS_USES=		gettext
+NLS_CONFIGURE_ENABLE=	nls
+NLS_CFLAGS=		-I${LOCALBASE}/include
+NLS_LDFLAGS=		-L${LOCALBASE}/lib -lintl

-DISABLE_ROOT_SUDO_CONFIGURE_ON=	--disable-root-sudo
-DISABLE_AUTH_CONFIGURE_ON=	--disable-authentication
 NOARGS_SHELL_CONFIGURE_ENABLE=	noargs-shell
-AUDIT_CONFIGURE_WITH=	bsm-audit
-PAM_CONFIGURE_ON=	--with-pam
+
 OPIE_CONFIGURE_ON=	--with-opie
-PYTHON_USES=	python
-PYTHON_CONFIGURE_ENABLE=	python
-SSSD_CONFIGURE_ON=	--with-sssd
+
+PAM_PREVENTS=		OPIE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
+PAM_PREVENTS_MSG=	PAM cannot be combined with any other authentication plugin
+PAM_CONFIGURE_ON=	--with-pam
+
+PYTHON_USES=		python
+PYTHON_CONFIGURE_ENABLE=python
+
 SSSD_RUN_DEPENDS=	sssd:security/sssd
+SSSD_CONFIGURE_ON=	--with-sssd
+
+LOGFAC?=		authpriv
+SUDO_LDAP_CONF?=	ldap.conf
+
+# This is intentionally not an option.
+# SUDO_SECURE_PATH is a PATH string that will override the user's PATH.
+# ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin"
+.if defined(SUDO_SECURE_PATH)
+CONFIGURE_ARGS+=	--with-secure-path="${SUDO_SECURE_PATH}"
+.endif

-OPTIONS_RADIO_KERBEROS=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
-GSSAPI_BASE_USES=	gssapi
-GSSAPI_BASE_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
-GSSAPI_HEIMDAL_USES=	gssapi:heimdal
-GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
-GSSAPI_MIT_USES=	gssapi:mit
-GSSAPI_MIT_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
 # This is intentionally not an option.
-# SUDO_KERB5_INSTANCE is an optional instance string that will be appended to kerberos
-# principals when to perform authentication. Common choices are "admin" and "sudo".
+# SUDO_KERB5_INSTANCE is an optional instance string that will be appended
+# to kerberos principals when to perform authentication. Common choices
+# are "admin" and "sudo".
 .if defined(SUDO_KERB5_INSTANCE)
 CONFIGURE_ARGS+=	--enable-kerb5-instance="${SUDO_KERB5_INSTANCE}"
 .endif