[Buildroot] [PATCH 1/2] sudo: Add ldap support for sudoers rules

Chris Frederick cdf123 at cdf123.net
Mon Oct 24 14:13:17 UTC 2016


Added Config.in options to enable/disable the option, and check options
in sudo.mk to add openldap as a dependancy and compile with --with-ldap.
Also added more help text to describe behaviour changes.

Signed-off-by: Chris Frederick <cdf123 at cdf123.net>
---
 package/sudo/Config.in | 14 ++++++++++++++
 package/sudo/sudo.mk   |  7 +++++++
 2 files changed, 21 insertions(+)

diff --git a/package/sudo/Config.in b/package/sudo/Config.in
index cbef15d..ae8dbf9 100644
--- a/package/sudo/Config.in
+++ b/package/sudo/Config.in
@@ -9,3 +9,17 @@ config BR2_PACKAGE_SUDO
 	  but still allow people to get their work done.
 
 	  http://www.sudo.ws/sudo/
+
+if BR2_PACKAGE_SUDO && BR2_PACKAGE_OPENLDAP
+config BR2_PACKAGE_SUDO_LDAP
+	bool "ldap integration"
+	depends on BR2_PACKAGE_SUDO
+	help
+	  Allows you to manage sudoers rules in a centralized ldap
+	  directory. This restricts the /etc/sudoers file from
+	  defining rules, only defaults will be read. All rules will
+	  need to be provided via ldap configured in /etc/ldap.conf
+
+	  http://www.sudo.ws/man/1.8.15/sudoers.ldap.man.html
+endif
+
diff --git a/package/sudo/sudo.mk b/package/sudo/sudo.mk
index f28312a..45273bb 100644
--- a/package/sudo/sudo.mk
+++ b/package/sudo/sudo.mk
@@ -30,6 +30,13 @@ else
 SUDO_CONF_OPTS += --without-pam
 endif
 
+ifeq ($(BR2_PACKAGE_SUDO_LDAP),y)
+SUDO_DEPENDENCIES += openldap
+SUDO_CONF_OPTS += --with-ldap
+else
+SUDO_CONF_OPTS += --without-ldap
+endif
+
 # mksigname/mksiglist needs to run on build host to generate source files
 define SUDO_BUILD_MKSIGNAME_MKSIGLIST_HOST
 	$(MAKE) $(HOST_CONFIGURE_OPTS) \
-- 
2.7.3



More information about the buildroot mailing list