From: Andrey Volkov <volkov@ekb-info.ru>
Date: Thu, 17 Oct 2019 20:35:00 +0000 (+0500)
Subject: app-admin/sudo: improve sasl support
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=27de80068de9259b38894b8d59bcfd0107f5f55b;p=gentoo.git

app-admin/sudo: improve sasl support

Bug: https://bugs.gentoo.org/698830
Package-Manager: Portage-2.3.78, Repoman-2.3.17
Signed-off-by: Andrey Volkov <volkov@ekb-info.ru>
Closes: https://github.com/gentoo/gentoo/pull/13330
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
---

diff --git a/app-admin/sudo/sudo-1.8.28_p1.ebuild b/app-admin/sudo/sudo-1.8.28_p1.ebuild
index d22f403b4434..06397f8cdcbe 100644
--- a/app-admin/sudo/sudo-1.8.28_p1.ebuild
+++ b/app-admin/sudo/sudo-1.8.28_p1.ebuild
@@ -36,7 +36,10 @@ DEPEND="
 	sys-libs/zlib:=
 	ldap? (
 		>=net-nds/openldap-2.1.30-r1
-		dev-libs/cyrus-sasl
+		sasl? (
+			dev-libs/cyrus-sasl
+			net-nds/openldap[sasl]
+		)
 	)
 	pam? ( sys-libs/pam )
 	sasl? ( dev-libs/cyrus-sasl )
@@ -183,6 +186,14 @@ src_install() {
 		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
 		EOF
 
+		if use sasl ; then
+			cat <<-EOF >> "${T}"/ldap.conf.sudo
+
+			# SASL directives: use_sasl, sasl_mech, sasl_auth_id
+			# sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
+			EOF
+		fi
+
 		insinto /etc
 		doins "${T}"/ldap.conf.sudo
 		fperms 0440 /etc/ldap.conf.sudo
diff --git a/app-admin/sudo/sudo-1.8.29.ebuild b/app-admin/sudo/sudo-1.8.29.ebuild
index d53e24703c68..4aba6ef09a1a 100644
--- a/app-admin/sudo/sudo-1.8.29.ebuild
+++ b/app-admin/sudo/sudo-1.8.29.ebuild
@@ -36,7 +36,10 @@ DEPEND="
 	sys-libs/zlib:=
 	ldap? (
 		>=net-nds/openldap-2.1.30-r1
-		dev-libs/cyrus-sasl
+		sasl? (
+			dev-libs/cyrus-sasl
+			net-nds/openldap[sasl]
+		)
 	)
 	pam? ( sys-libs/pam )
 	sasl? ( dev-libs/cyrus-sasl )
@@ -183,6 +186,14 @@ src_install() {
 		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
 		EOF
 
+		if use sasl ; then
+			cat <<-EOF >> "${T}"/ldap.conf.sudo
+
+			# SASL directives: use_sasl, sasl_mech, sasl_auth_id
+			# sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
+			EOF
+		fi
+
 		insinto /etc
 		doins "${T}"/ldap.conf.sudo
 		fperms 0440 /etc/ldap.conf.sudo
diff --git a/app-admin/sudo/sudo-9999.ebuild b/app-admin/sudo/sudo-9999.ebuild
index d53e24703c68..4aba6ef09a1a 100644
--- a/app-admin/sudo/sudo-9999.ebuild
+++ b/app-admin/sudo/sudo-9999.ebuild
@@ -36,7 +36,10 @@ DEPEND="
 	sys-libs/zlib:=
 	ldap? (
 		>=net-nds/openldap-2.1.30-r1
-		dev-libs/cyrus-sasl
+		sasl? (
+			dev-libs/cyrus-sasl
+			net-nds/openldap[sasl]
+		)
 	)
 	pam? ( sys-libs/pam )
 	sasl? ( dev-libs/cyrus-sasl )
@@ -183,6 +186,14 @@ src_install() {
 		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
 		EOF
 
+		if use sasl ; then
+			cat <<-EOF >> "${T}"/ldap.conf.sudo
+
+			# SASL directives: use_sasl, sasl_mech, sasl_auth_id
+			# sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
+			EOF
+		fi
+
 		insinto /etc
 		doins "${T}"/ldap.conf.sudo
 		fperms 0440 /etc/ldap.conf.sudo