[OE-core] [PATCH] sudo: add PACKAGECONFIG for pam-wheel
Yi Zhao
yi.zhao at windriver.com
Wed Aug 1 06:46:38 UTC 2018
The pam_wheel PAM module is used to enforce the so-called wheel group.
By default it permits root access to the system if the applicant user is
a member of the wheel group.
Add PACKAGECONFIG to enable pam_wheel module for sudo.
Signed-off-by: Yi Zhao <yi.zhao at windriver.com>
---
meta/recipes-extended/sudo/sudo.inc | 1 +
meta/recipes-extended/sudo/sudo_1.8.23.bb | 4 ++++
2 files changed, 5 insertions(+)
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index 6e57669..69dccde 100644
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -19,6 +19,7 @@ inherit autotools
PACKAGECONFIG ??= ""
PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib"
+PACKAGECONFIG[pam-wheel] = ",,,pam-plugin-wheel"
CONFFILES_${PN} = "${sysconfdir}/sudoers"
diff --git a/meta/recipes-extended/sudo/sudo_1.8.23.bb b/meta/recipes-extended/sudo/sudo_1.8.23.bb
index 9756fe2..ab9c8cb 100644
--- a/meta/recipes-extended/sudo/sudo_1.8.23.bb
+++ b/meta/recipes-extended/sudo/sudo_1.8.23.bb
@@ -22,6 +22,10 @@ EXTRA_OECONF += " \
do_install_append () {
if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
install -D -m 644 ${WORKDIR}/sudo.pam ${D}/${sysconfdir}/pam.d/sudo
+ if ${@bb.utils.contains('PACKAGECONFIG', 'pam-wheel', 'true', 'false', d)} ; then
+ echo 'auth required pam_wheel.so use_uid' >>${D}${sysconfdir}/pam.d/sudo
+ sed -i 's/# \(%wheel ALL=(ALL) ALL\)/\1/' ${D}${sysconfdir}/sudoers
+ fi
fi
chmod 4111 ${D}${bindir}/sudo
--
2.7.4
More information about the Openembedded-core
mailing list