sudo: add PACKAGECONFIG for pam-wheel

The pam_wheel PAM module is used to enforce the so-called wheel group.
By default it permits root access to the system if the applicant user is
a member of the wheel group.
Add PACKAGECONFIG to enable pam_wheel module for sudo.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index 6e57669a01d55ca500819f950cc9798ce1fced54..69dccde592de512b50cf9caa45c265c35711ae27 100644 (file)
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -19,6 +19,7 @@ inherit autotools
 
 PACKAGECONFIG ??= ""
 PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib"
+PACKAGECONFIG[pam-wheel] = ",,,pam-plugin-wheel"
 
 CONFFILES_${PN} = "${sysconfdir}/sudoers"
 

diff --git a/meta/recipes-extended/sudo/sudo_1.8.23.bb b/meta/recipes-extended/sudo/sudo_1.8.23.bb
index 9756fe26d7194310285cf2e85afbc0c6a83fc542..ab9c8cbea20ea22c2199ca0b7f4c0ce3fdcd902b 100644 (file)
--- a/meta/recipes-extended/sudo/sudo_1.8.23.bb
+++ b/meta/recipes-extended/sudo/sudo_1.8.23.bb
@@ -22,6 +22,10 @@ EXTRA_OECONF += " \
 do_install_append () {
        if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
                install -D -m 644 ${WORKDIR}/sudo.pam ${D}/${sysconfdir}/pam.d/sudo
+               if ${@bb.utils.contains('PACKAGECONFIG', 'pam-wheel', 'true', 'false', d)} ; then
+                       echo 'auth       required     pam_wheel.so use_uid' >>${D}${sysconfdir}/pam.d/sudo
+                       sed -i 's/# \(%wheel ALL=(ALL) ALL\)/\1/' ${D}${sysconfdir}/sudoers
+               fi
        fi
 
        chmod 4111 ${D}${bindir}/sudo