sudo: Add 1.7.2p1 and enable PAM support by default in newer sudo builds.

sudo.inc: Tweak include to support newer sudo versions.
* Apply in addition to earlier sudo recipe bumps.
* Tweak pam.d config file for sudo and add a (WIP) recipe for turning on support for the wheel group.
* Update pam.d service file to suggested upstream Linux-PAM layout.

4 files changed, 63 insertions, 6 deletions

diff --git a/recipes/sudo/files/sudo.pamd b/recipes/sudo/files/sudo.pamd
new file mode 100644
index 0000000000..c22c794c21
--- /dev/null
+++ b/recipes/sudo/files/sudo.pamd
@@ -0,0 +1,7 @@
+#%PAM-1.0
+
+auth       include      common-auth
+account    include      common-account
+
+session required pam_permit.so
+session required pam_limits.so
diff --git a/recipes/sudo/sudo-enable-wheel-group.bb b/recipes/sudo/sudo-enable-wheel-group.bb
new file mode 100644
index 0000000000..b281ddb09d
--- /dev/null
+++ b/recipes/sudo/sudo-enable-wheel-group.bb
@@ -0,0 +1,20 @@
+PR = "r0"
+
+RDEPENDS = "sudo"
+
+ALLOW_EMPTY_${PN} = "1"
+PACKAGE_ARCH = "all"
+
+# Edit sudoers to allow the use of the wheel group and non root users to mount/shutdown etc.
+# Please consider this when using.
+
+pkg_postinst() {
+#!/bin/sh
+mkdir -p $D${sysconfdir}/
+touch $D${sysconfdir}/sudoers
+sed -i /# %wheel/d $D${sysconfdir}/sudoers
+echo '%wheel	ALL=(ALL) ALL' >> $D${sysconfdir}/sudoers
+sed -i /# %users/d $D${sysconfdir}/sudoers
+echo '%users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom' >> $D${sysconfdir}/sudoers
+echo '%users  localhost=/sbin/shutdown -h now' >> $D${sysconfdir}/sudoers
+}
diff --git a/recipes/sudo/sudo.inc b/recipes/sudo/sudo.inc
index 0dfb22ba8a..2bb0d72836 100644
--- a/recipes/sudo/sudo.inc
+++ b/recipes/sudo/sudo.inc
@@ -3,19 +3,30 @@ administrator to give certain users (or groups of \
 users) the ability to run some (or all) commands \
 as root while logging all commands and arguments."
 LICENSE = "sudo"
-HOMEPAGE = "http://www.courtesan.com/sudo/"
+HOMEPAGE = "http://www.sudo.ws/"
 PRIORITY = "optional"
 SECTION = "admin"
 
 inherit autotools
 
-EXTRA_OECONF = "--with-editor=/bin/vi --with-env-editor"
+EXTRA_OECONF += "--with-editor=/bin/vi --with-env-editor --with-all-insults "
 
 do_configure_prepend () {
-	rm -f acsite.m4
-	if [ ! -e acinclude.m4 ]; then
-		cat aclocal.m4 > acinclude.m4
-	fi
+  # Make sure the build does not get clever.
+  export sudo_cv_uid_t_len=10
+  export sudo_cv_func_unsetenv_void=no
+
+  # Prevent binaries from being stripped.
+  sed -i 's/\($(INSTALL).*\) -s \(.*[(sudo|visudo)]\)/\1 \2/g' Makefile.in
+
+  rm -f acsite.m4
+  if [ ! -e acinclude.m4 ]; then
+    cat aclocal.m4 > acinclude.m4
+  fi
+}
+
+do_configure() { 
+   oe_runconf
 }
 
 pkg_postinst() {
diff --git a/recipes/sudo/sudo_1.7.2p1.bb b/recipes/sudo/sudo_1.7.2p1.bb
new file mode 100644
index 0000000000..bfa8afe650
--- /dev/null
+++ b/recipes/sudo/sudo_1.7.2p1.bb
@@ -0,0 +1,19 @@
+PR = "r3"
+
+DEPENDS = "libpam"
+RDEPENDS = "libpam libpam-meta"
+
+SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
+  file://sudo.pamd \
+"
+
+EXTRA_OECONF += " --with-pam "
+
+require sudo.inc
+
+# Do in the recipe not the common inc as not all SUDO recipes want PAM support.
+
+do_install_append() {
+  install -d ${D}${sysconfdir}/pam.d/  
+  install -m 0644 ${WORKDIR}/sudo.pamd ${D}${sysconfdir}/pam.d/sudo 
+}