[Buildroot] [PATCH 1/2] sudo: Add ldap support for sudoers rules
Chris Frederick
cdf123 at cdf123.net
Mon Oct 24 14:13:17 UTC 2016
Added Config.in options to enable/disable the option, and check options
in sudo.mk to add openldap as a dependancy and compile with --with-ldap.
Also added more help text to describe behaviour changes.
Signed-off-by: Chris Frederick <cdf123 at cdf123.net>
---
package/sudo/Config.in | 14 ++++++++++++++
package/sudo/sudo.mk | 7 +++++++
2 files changed, 21 insertions(+)
diff --git a/package/sudo/Config.in b/package/sudo/Config.in
index cbef15d..ae8dbf9 100644
--- a/package/sudo/Config.in
+++ b/package/sudo/Config.in
@@ -9,3 +9,17 @@ config BR2_PACKAGE_SUDO
but still allow people to get their work done.
http://www.sudo.ws/sudo/
+
+if BR2_PACKAGE_SUDO && BR2_PACKAGE_OPENLDAP
+config BR2_PACKAGE_SUDO_LDAP
+ bool "ldap integration"
+ depends on BR2_PACKAGE_SUDO
+ help
+ Allows you to manage sudoers rules in a centralized ldap
+ directory. This restricts the /etc/sudoers file from
+ defining rules, only defaults will be read. All rules will
+ need to be provided via ldap configured in /etc/ldap.conf
+
+ http://www.sudo.ws/man/1.8.15/sudoers.ldap.man.html
+endif
+
diff --git a/package/sudo/sudo.mk b/package/sudo/sudo.mk
index f28312a..45273bb 100644
--- a/package/sudo/sudo.mk
+++ b/package/sudo/sudo.mk
@@ -30,6 +30,13 @@ else
SUDO_CONF_OPTS += --without-pam
endif
+ifeq ($(BR2_PACKAGE_SUDO_LDAP),y)
+SUDO_DEPENDENCIES += openldap
+SUDO_CONF_OPTS += --with-ldap
+else
+SUDO_CONF_OPTS += --without-ldap
+endif
+
# mksigname/mksiglist needs to run on build host to generate source files
define SUDO_BUILD_MKSIGNAME_MKSIGLIST_HOST
$(MAKE) $(HOST_CONFIGURE_OPTS) \
--
2.7.3
More information about the buildroot
mailing list