# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0

name                sudo
epoch               1
version             1.9.17
revision            0
categories          sysutils security
license             ISC
maintainers         {mps @Schamschula}

description         Allow users to run programs as other users, e.g. root
long_description \
    Sudo is a program designed to allow a sysadmin to give limited root \
    privileges to users and log root activity.  The basic philosophy is to \
    give as few privileges as possible but still allow people to get their \
    work done.

platforms           darwin

homepage            http://www.sudo.ws/sudo/
master_sites        ${homepage}dist/ \
                    ${homepage}dist/OLD/

checksums           rmd160  995fd8201d99349845411a5588c9bddf04d3c0db \
                    sha256  3f212c69d534d5822b492d099abb02a593f91ca99f5afde5cb9bd3e1dcdad069 \
                    size    5447899

patchfiles          patch-configure.diff \
                    patch-lib-util-arc4random_buf.diff \
                    patch-sudoers.in.diff

if {${os.platform} eq "darwin" && ${os.major} < 12} {
    patchfiles-append \
                    patch-environ.diff
}

depends_build       port:gettext

depends_lib         port:gettext-runtime \
                    path:lib/libssl.dylib:openssl \
                    port:zlib

configure.args      --infodir=${prefix}/share/info \
                    --mandir=${prefix}/share/man \
                    --sysconfdir=${prefix}/etc \
                    --with-env-editor \
                    --with-ignore-dot \
                    --with-password-timeout=0 \
                    --with-pam \
                    --with-rundir=${prefix}/var/run/sudo \
                    --with-secure-path-value=${prefix}/sbin:${prefix}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
                    --with-tty-tickets

pre-destroot {
    if { [getuid] != 0 } {
        ui_msg "------------------------------------------------------------"
        ui_msg "Installing sudo as non-root doesn't really do anything"
        ui_msg "useful, so be sure to install sudo as root"
        ui_msg "------------------------------------------------------------"
    }
}

post-destroot {
    file attributes ${destroot}${prefix}/bin/sudo -permissions +s
    file delete ${destroot}${prefix}/etc/sudoers
    xinstall -d -m 0755 ${destroot}${prefix}/var/run/sudo
}
destroot.keepdirs ${destroot}${prefix}/var/run/sudo

post-activate {
    if {![file exists ${prefix}/etc/sudoers]} {
        copy ${prefix}/etc/sudoers.dist ${prefix}/etc/sudoers
    }
}

notes "
To complete the installation, run:

\t${prefix}/bin/sudo ${prefix}/sbin/visudo

Edit as necessary. (See the sudoers and visudo manpages for additional information.)

Please note that you may need to edit 'defaults secure_path' in the sudoers file if you use a non-standard \$PATH value
"

variant insults description {It can only be attributed to human error.} {
    configure.args-append   --with-insults --with-all-insults
}

variant openldap description {Add ldap support via OpenLDAP.} {
    depends_lib-append      path:lib/libldap.dylib:openldap

    configure.args-append   --with-ldap

    post-destroot {
        xinstall -d ${destroot}${prefix}/etc/openldap/schema
        xinstall -m 0644 ${worksrcpath}/schema.OpenLDAP \
            ${destroot}${prefix}/etc/openldap/schema/sudo.schema
    }
}

livecheck.type  regex
livecheck.url   [lindex ${master_sites} 0]
livecheck.regex >${name}-(\[0-9.p\]+)${extract.suffix}<
