Changeset 217
- Timestamp:
- 04/06/05 10:27:18 (4 years ago)
- Files:
-
- op/trunk/ChangeLog (modified) (1 diff)
- op/trunk/Makefile (modified) (4 diffs)
- op/trunk/op.1 (modified) (3 diffs)
- op/trunk/op.conf.complex (moved) (moved from op/trunk/op.conf)
- op/trunk/op.list.in (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
op/trunk/ChangeLog
r213 r217 118 118 The xauth directive can now be given a target user, into whose environment the 119 119 X authentication information is imported. 120 121 07/04/05 - op 1.26 122 ================== 123 op will now read all config files in /etc/op.d with a .conf extension. This is 124 a clean way of adding extra commands without having to manipulate op.conf. 125 op.conf does not have to be present at all. Useful for dropping in op config 126 with other packages or when adding config to systems in bulk. Thanks to Kyle 127 Hyland for this idea. 128 129 Also made error reporting a bit smarter when config files are missing or have 130 incorrect permissions. op/trunk/Makefile
r215 r217 12 12 BINGRP= bin 13 13 BINMODE= 4755 14 INSTALL =install -o $(BINOWN) -g $(BINGRP) -m $(BINMODE) op $(BINDIR)15 14 MANOWN= bin 16 15 MANGRP= bin … … 18 17 MANEXT=1 19 18 MANDIR= $(DESTDIR)$(PREFIX)/share/man/man$(MANEXT) 19 # Command to install binary and man page 20 INSTALL =install -o $(BINOWN) -g $(BINGRP) -m $(BINMODE) op $(BINDIR) 20 21 INSTALL-MAN =install -o $(MANOWN) -g $(MANGRP) -m $(MANMODE) op.$(MANEXT) $(MANDIR) 21 #GLOBALOPTS=-DDEBUG 22 # 23 # Linux with PAM 24 # 25 #OPTS= -DXAUTH=\"/usr/X11R6/bin/xauth\" -DUSE_PAM -DHAVE_SNPRINTF -g 26 #LDFLAGS = -g -lpam 27 # 28 # Linux without PAM (eg. Slackware) 29 # 30 OPTS= -DXAUTH=\"/usr/X11R6/bin/xauth\" -DHAVE_SNPRINTF -DUSE_SHADOW -g 31 # 22 23 ######################### USER CONFIGURABLE SECTION ########################### 24 # Enable debugging 25 OPTS += -g -DDEBUG 26 LDFLAGS += -g 27 28 # Enable PAM support 29 #OPTS += -DUSE_PAM 30 #LDFLAGS += -lpam 31 32 # Enable shadow support (generally not used in conjunction with PAM) 33 OPTS += -DUSE_SHADOW 34 35 # Enable XAUTH support 36 OPTS += -DXAUTH=\"/usr/X11R6/bin/xauth\" 37 38 # We have snprintf(3) 39 OPTS += -DHAVE_SNPRINTF 40 41 ############################ LEGACY CONFIG #################################### 32 42 # 33 43 # Solaris 2.x - SunPro c compiler … … 79 89 $(CC) $(LDFLAGS) $(CFLAGS) -o $@ $(LDFLAGS) $(SECURIDLIBDIR) $(OBJ) $(SECURIDLIB) $(LIBS) 80 90 clean: 81 rm -f $(OBJ) op core* lex.c \#* *~82 op.list: op.list.in91 rm -f $(OBJ) op.list op core* lex.c \#* *~ 92 op.list: defs.h op.list.in 83 93 sed -e "s/@VERSION@/`grep VERSION defs.h | cut -d\\\" -f2`/" < op.list.in > op.list 84 94 install: op … … 93 103 94 104 dist: clean 95 (V=`grep VERSION defs.h | cut -d\" -f2`; rm -rf pkg; rm -f op-$$V.tar.gz; cd .. && mv op op-$$V && tar --exclude ' .*.swp' --exclude '.svn' -czv -f op-$$V.tar.gz op-$$V && mv op-$$V op && mv op-$$V.tar.gz op)105 (V=`grep VERSION defs.h | cut -d\" -f2`; rm -rf pkg; rm -f op-$$V.tar.gz; cd .. && mv op op-$$V && tar --exclude 'op.list' --exclude '.*.swp' --exclude '.svn' -czv -f op-$$V.tar.gz op-$$V && mv op-$$V op && mv op-$$V.tar.gz op) op/trunk/op.1
r213 r217 16 16 security-related aspects of environment of each 17 17 operation can be carefully controlled. 18 .PP 19 Configuration entries are read from 20 .B /etc/op.conf 21 and all files in 22 .B /etc/op.d 23 with the extension 24 .B .conf. 25 Files must be owned by 26 .I root 27 and not have 28 .I group 29 or 30 .I other 31 permissions set. 18 32 .PP 19 The fields of the entries in 20 .I op.conf 21 are separated by white space. Each entry may span several lines and 22 continues until the next alphanumeric string is found at the beginning of 23 a lines (which is taken to be the next 33 The fields of the entries in the configuration files are separated by white 34 space. Each entry may span several lines and continues until the next 35 alphanumeric string is found at the beginning of a lines (which is taken to be 36 the next 24 37 .I mnemonic or variable definition, 25 38 and thus the beginning of a new entry). Comments may be embedded 26 beginning with a # character. Each entry in op 27 .I op.conf 28 has the following form: 39 beginning with a # character. Each entry in the configuration files has the 40 following form: 29 41 .RS 30 42 .DT … … 315 327 316 328 .SH FILES 317 .DT 318 /etc/op.conf access control description 329 .TP 330 .B /etc/op.conf 331 Access control description file. 332 .TP 333 .B /etc/op.d/*.conf 334 Access control description files. 319 335 .SH "SEE ALSO" 320 su (1), chroot(2), egrep(1)336 sudo(1), su(1), chroot(2), egrep(1) 321 337 .SH CREDIT 322 338 .B "Op: A flexible Tool for Restricted Superuser Access", … … 331 347 . 332 348 .SH BUG REPORTS TO 333 alec@ korn.ch349 alec@swapoff.org 334 350 .SH COPYRIGHTS 335 351 \fB\(co\fR\s12 Copyright 1991 by David Koblas op/trunk/op.list.in
r212 r217 18 18 19 19 d 755 root sys /etc - 20 d 755 root sys /etc/op.d - 20 21 c 600 root sys /etc/op.conf op.conf 21 22