6 files changed, 67 insertions, 53 deletions

diff --git a/core/libsasl/PKGBUILD b/core/libsasl/PKGBUILD
index e8cd341aa..beb08d3c7 100644
--- a/core/libsasl/PKGBUILD
+++ b/core/libsasl/PKGBUILD
@@ -1,4 +1,4 @@
-# $Id: PKGBUILD 197827 2013-10-30 11:05:21Z allan $
+# $Id: PKGBUILD 205603 2014-02-09 10:29:30Z andyrtr $
 # Maintainer: Jan de Groot <jgc@archlinux.org>
 
 # This package spans multiple repositories. 
@@ -8,13 +8,13 @@
 #pkgname=('cyrus-sasl' 'cyrus-sasl-gssapi' 'cyrus-sasl-ldap' 'cyrus-sasl-sql')
 pkgname=libsasl
 pkgver=2.1.26
-pkgrel=6
+pkgrel=7
 pkgdesc="Cyrus Simple Authentication Service Layer (SASL) library"
 arch=('i686' 'x86_64')
 url="http://cyrusimap.web.cmu.edu/"
 license=('custom')
 options=('!makeflags')
-makedepends=('postgresql-libs' 'libmariadbclient' 'libldap' 'krb5' 'openssl' 'sqlite2')
+makedepends=('postgresql-libs' 'libmariadbclient' 'libldap' 'krb5' 'openssl' 'sqlite')
 source=(ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-${pkgver}.tar.gz
         cyrus-sasl-2.1.22-qa.patch
         cyrus-sasl-2.1.26-size_t.patch
@@ -26,7 +26,8 @@ source=(ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-${pkgver}.tar.gz
         saslauthd.service
         saslauthd.conf.d
         tmpfiles.conf
-        CVE-2013-4122.patch)
+        CVE-2013-4122.patch
+        cyrus-sasl-sql.patch)
 md5sums=('a7f4e5e559a0e37b3ffc438c9456e425'
          '79b8a5e8689989e2afd4b7bda595a7b1'
          'f45aa8c42b32e0569ab3d14a83485b37'
@@ -38,7 +39,8 @@ md5sums=('a7f4e5e559a0e37b3ffc438c9456e425'
          '3499dcd610ad1ad58e0faffde2aa7a23'
          '49219af5641150edec288a3fdb65e7c1'
          '45bb0192d2f188066240b9a66ee6365f'
-         'c5f0ec88c584a75c14d7f402eaeed7ef')
+         'c5f0ec88c584a75c14d7f402eaeed7ef'
+         '82c0f66fdc5c1145eb48ea9116c27931')
 
 prepare() {
   cd cyrus-sasl-$pkgver
@@ -50,6 +52,7 @@ prepare() {
   patch -Np1 -i ../0026_drop_krb5support_dependency.patch
   patch -Np1 -i ../0030-dont_use_la_files_for_opening_plugins.patch
   patch -Np1 -i ../CVE-2013-4122.patch
+  patch -Np0 -i ../cyrus-sasl-sql.patch
 
   sed 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' -i configure.in
 }
@@ -100,11 +103,15 @@ build() {
       --enable-ntlm \
       --disable-passdss \
       --enable-sql \
+      --with-mysql \
+      --with-pgsql=/usr/lib \
+      --with-sqlite3=/usr/lib \
       --enable-ldapdb \
       --disable-macos-framework \
       --with-pam \
       --with-saslauthd=/var/run/saslauthd \
       --with-ldap \
+      --with-dblib=gdbm \
       --with-configdir=/etc/sasl2:/etc/sasl:/usr/lib/sasl2 \
       --sysconfdir=/etc \
       --with-devrandom=/dev/urandom
@@ -174,7 +181,7 @@ package_cyrus-sasl-ldap() {
 
 package_cyrus-sasl-sql() {
   pkgdesc="SQL auxprop module for Cyrus SASL"
-  depends=("libsasl=${pkgver}" 'postgresql-libs' 'libmariadbclient' 'sqlite2')
+  depends=("libsasl=${pkgver}" 'postgresql-libs' 'libmariadbclient' 'sqlite')
   replaces=('cyrus-sasl-plugins')
 
   cd cyrus-sasl-$pkgver/plugins
diff --git a/core/libsasl/cyrus-sasl-sql.patch b/core/libsasl/cyrus-sasl-sql.patch
new file mode 100644
index 000000000..2dcdad822
--- /dev/null
+++ b/core/libsasl/cyrus-sasl-sql.patch
@@ -0,0 +1,39 @@
+--- configure.in	2012-10-12 16:05:48.000000000 +0200
++++ configure.in	2013-05-11 18:48:59.021848013 +0200
+@@ -861,9 +860,9 @@
+     notfound) AC_WARN([SQLite Library not found]); true;;
+     *)
+      if test -d ${with_sqlite}/lib; then
+-         LIB_SQLITE="-L${with_sqlite}/lib -R${with_sqlite}/lib"
++         LIB_SQLITE="-L${with_sqlite}/lib"
+      else
+-         LIB_SQLITE="-L${with_sqlite} -R${with_sqlite}"
++         LIB_SQLITE="-L${with_sqlite}"
+      fi
+ 
+      LIB_SQLITE_DIR=$LIB_SQLITE
+@@ -913,9 +912,9 @@
+     notfound) AC_WARN([SQLite3 Library not found]); true;;
+     *)
+      if test -d ${with_sqlite3}/lib; then
+-         LIB_SQLITE3="-L${with_sqlite3}/lib -R${with_sqlite3}/lib"
++         LIB_SQLITE3="-L${with_sqlite3}/lib"
+      else
+-         LIB_SQLITE3="-L${with_sqlite3} -R${with_sqlite3}"
++         LIB_SQLITE3="-L${with_sqlite3}"
+      fi
+ 
+      LIB_SQLITE3_DIR=$LIB_SQLITE3
+--- configure.in
++++ configure.in
+@@ -674,7 +674,9 @@
+      LIB_PGSQL_DIR=$LIB_PGSQL
+      LIB_PGSQL="$LIB_PGSQL -lpq"
+ 
+-     if test -d ${with_pgsql}/include/pgsql; then
++     if test -d ${with_pgsql}/include/postgresql/pgsql; then
++         CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include/postgresql/pgsql"
++     elif test -d ${with_pgsql}/include/pgsql; then
+          CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include/pgsql"
+      elif test -d ${with_pgsql}/pgsql/include; then
+          CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/pgsql/include"
diff --git a/core/pam/PKGBUILD b/core/pam/PKGBUILD
index ed09c6a0c..9f4968505 100644
--- a/core/pam/PKGBUILD
+++ b/core/pam/PKGBUILD
@@ -1,15 +1,15 @@
-# $Id: PKGBUILD 197836 2013-10-30 11:06:23Z allan $
+# $Id: PKGBUILD 205604 2014-02-09 10:29:31Z andyrtr $
 # Maintainer: Tobias Powalowski <tpowa@archlinux.org>
 # Contributor: judd <jvinet@zeroflux.org>
 
 pkgname=pam
 pkgver=1.1.8
-pkgrel=2
+pkgrel=3
 pkgdesc="PAM (Pluggable Authentication Modules) library"
 arch=('i686' 'x86_64')
 license=('GPL2')
-url="http://www.kernel.org/pub/linux/libs/pam/"
-depends=('glibc' 'db' 'cracklib' 'libtirpc' 'pambase')
+url="http://linux-pam.org"
+depends=('glibc' 'cracklib' 'libtirpc' 'pambase')
 makedepends=('flex' 'w3m' 'docbook-xml>=4.4' 'docbook-xsl')
 backup=(etc/security/{access.conf,group.conf,limits.conf,namespace.conf,namespace.init,pam_env.conf,time.conf} etc/default/passwd etc/environment)
 source=(https://fedorahosted.org/releases/l/i/linux-pam/Linux-PAM-$pkgver.tar.bz2
@@ -23,7 +23,7 @@ md5sums=('35b6091af95981b1b2cd60d813b5e4ee'
 
 build() {
   cd $srcdir/Linux-PAM-$pkgver
-  ./configure --libdir=/usr/lib --sbindir=/usr/bin
+  ./configure --libdir=/usr/lib --sbindir=/usr/bin --disable-db
   make
 
   cd $srcdir/pam_unix2-2.9.1
diff --git a/core/sudo/PKGBUILD b/core/sudo/PKGBUILD
index 4e5c7e5bf..451604289 100644
--- a/core/sudo/PKGBUILD
+++ b/core/sudo/PKGBUILD
@@ -1,10 +1,10 @@
-# $Id: PKGBUILD 204571 2014-01-23 02:27:37Z foutrelis $
+# $Id: PKGBUILD 205612 2014-02-09 15:37:47Z foutrelis $
 # Maintainer: Evangelos Foutras <evangelos@foutrelis.com>
 # Contributor: Allan McRae <allan@archlinux.org>
 # Contributor: Tom Newsom <Jeepster@gmx.co.uk>
 
 pkgname=sudo
-_sudover=1.8.9p4
+_sudover=1.8.9p5
 pkgver=${_sudover/p/.p}
 pkgrel=1
 pkgdesc="Give certain users the ability to run some commands as root"
@@ -12,13 +12,13 @@ arch=('i686' 'x86_64')
 url="http://www.sudo.ws/sudo/"
 license=('custom')
 groups=('base-devel')
-depends=('glibc' 'pam')
+depends=('glibc' 'pam' 'libldap')
 backup=('etc/sudoers' 'etc/pam.d/sudo')
 source=(http://www.sudo.ws/sudo/dist/$pkgname-$_sudover.tar.gz{,.sig}
         sudo.pam)
-sha256sums=('1943f9e9409c6542935d2e2d862c48d0d69dcf27288b294b8b537c02f52ac7a7'
+sha256sums=('bc9d5c96de5f8b4d2b014f87a37870aef60d2891c869202454069150a21a5c21'
             'SKIP'
-            'e7de79d2c73f2b32b20a8e797e54777a2bf19788ec03e48decd6c15cd93718ae')
+            'd1738818070684a5d2c9b26224906aad69a4fea77aabd960fc2675aee2df1fa2')
 
 build() {
   cd "$srcdir/$pkgname-$_sudover"
@@ -29,6 +29,8 @@ build() {
     --libexecdir=/usr/lib \
     --with-logfac=auth \
     --with-pam \
+    --with-ldap \
+    --with-ldap-conf-file=/etc/openldap/ldap.conf \
     --with-env-editor \
     --with-passprompt="[sudo] password for %p: " \
     --with-all-insults
diff --git a/core/sudo/sudo-1.8.9p3-remove-backchannel-event-if-we-get-eof.patch b/core/sudo/sudo-1.8.9p3-remove-backchannel-event-if-we-get-eof.patch
deleted file mode 100644
index 684aedaec..000000000
--- a/core/sudo/sudo-1.8.9p3-remove-backchannel-event-if-we-get-eof.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-
-# HG changeset patch
-# User Todd C. Miller <Todd.Miller@courtesan.com>
-# Date 1389722096 25200
-# Node ID a204b69d91f786444899ce3fc95ed535b6e32d33
-# Parent  987087ce465828da121b9d67412f42feaea06d56
-If not logging I/O we may get EOF when the command is executed and
-the other end of the backchannel is closed.  Just remove the
-backchannel event in this case or we will continue to receive
-the event.  Bug #631
-
-diff -r 987087ce4658 -r a204b69d91f7 src/exec.c
---- a/src/exec.c	Tue Jan 14 09:26:14 2014 -0700
-+++ b/src/exec.c	Tue Jan 14 10:54:56 2014 -0700
-@@ -230,11 +230,14 @@
- 	    /* Short read or EOF. */
- 	    sudo_debug_printf(SUDO_DEBUG_ERROR,
- 		"failed to read child status: %s", n ? "short read" : "EOF");
--	    /*
--	     * If not logging I/O we may get EOF when the command is
--	     * executed and sv is closed.  It is safe to ignore this.
--	     */
--	    if (ec->log_io || n != 0) {
-+	    if (!ec->log_io && n == 0) {
-+		/*
-+		 * If not logging I/O we may get EOF when the command is
-+		 * executed and the other end of the backchannel is closed.
-+		 * Just remove the event in this case.
-+		 */
-+		(void)sudo_ev_del(ec->evbase, backchannel_event);
-+	    } else {
- 		/* XXX - need new CMD_ type for monitor errors. */
- 		errno = n ? EIO : ECONNRESET;
- 		ec->cstat->type = CMD_ERRNO;
-
diff --git a/core/sudo/sudo.pam b/core/sudo/sudo.pam
index 4e586cd22..ab053c543 100644
--- a/core/sudo/sudo.pam
+++ b/core/sudo/sudo.pam
@@ -1,3 +1,4 @@
 #%PAM-1.0
-auth		required	pam_unix.so
-auth		required	pam_nologin.so
+auth		include		system-auth
+account		include		system-auth
+session		include		system-auth