app-admin/sudo: drop 1.9.13_p3-r1, 1.9.14_p2

Signed-off-by: Sam James <sam@gentoo.org>

4 files changed, 0 insertions, 685 deletions

diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
index a587ea9d2eaf..79ba81a81227 100644
--- a/app-admin/sudo/Manifest
+++ b/app-admin/sudo/Manifest
@@ -1,7 +1,3 @@
-DIST sudo-1.9.13p3.tar.gz 5100355 BLAKE2B 46218ecf4cf06d2280ccf4c257b12a6f697eda17b96a6b7aa56f6c7f22d847ec2a8036b9f615c3328d985656539c95f37a40c6c72dfa5f65786ab45a28cf353f SHA512 c0c5cd0c6308868afdad2ecf55b86fdcf1f49889b30831c9db3bc56a63dc3a07686c285c20b2500494b2a76653e2ec69196abdc583312609a5db1c81a6e4e737
-DIST sudo-1.9.13p3.tar.gz.sig 566 BLAKE2B 5b59c7178bf157b67500d972fe1b373bc86ab09345f59733cffa85700221ceec0d5be10bce4838f16e9238154c90a972570a7a933f48dbd56bc64b38dbc0043f SHA512 eebf36e86ebd03daca05838bc56d9b1fb7ea8584a83a9f0e03c5ff07e612d36472b23797c628eff1cf4301832d139de0de62ddc8b17e20f1498f769a4db1249a
-DIST sudo-1.9.14p2.tar.gz 5229966 BLAKE2B a350136731c1c6eca1317a852ce243b270df61ba275608bd0d0ec11760babdb2f9f489b818529484c15a43345fa53c96efd1aa47ab7cc0591c45928ba75c4c85 SHA512 d8ab03f6488cc5790c66941a2a8491df55a19bda6f0f8b683d4b3c22390b0ab19ebb0b02696d7c78b626975a408c34f005dc2d6b2100cf2a0efdf4cf1f504db9
-DIST sudo-1.9.14p2.tar.gz.sig 566 BLAKE2B f72469340cfbb5005540a7080410dcf72694966c6293274cc28a1167824ddafed8ab441478985564f674f8f0c48a7b738a36ea572e36ec7fafee91486d08b646 SHA512 5a3cd7fe28762ee435f52a03fda504ab820805e5cdc7462343291a579daad7d779f5dc3897d7dceb9bfce6468a08ee60fe1c517a7d18ba917291339031609383
 DIST sudo-1.9.14p3.tar.gz 5232320 BLAKE2B 702d0c5489658dfd35c5a57977431343d29e6c2d7bb44bb7a8fd9f7fc7b7094b3f3fe2348d1ab6b9aa037e2b5fd1019f127f45e99190bdfff077e94747dc17e1 SHA512 d4af836e3316c35d8b81a2c869ca199e8f2d5cb26dbd98b8ad031f29be62b154452afdf5a506ddabad21b80e5988a49f1f7c8f1ec44718ffcbd7e89ccbdef612
 DIST sudo-1.9.14p3.tar.gz.sig 566 BLAKE2B 61ea3ca0e6032ddabbfd7e5b56881f0e800b49eed0404738c1a28687160917a8ddde91378b915cb81c9576732629d398790eac31d300e536e117fa9bbf5b1f4a SHA512 e1723f589eb3b758bd7e7e0da158d21e9315976320f8d39159a97e801c9745768b42b7b16c697cdbb3917a3f3def0125acf868dc343b062834f9f0818d741608
 DIST sudo-1.9.15p2.tar.gz 5303642 BLAKE2B 002f820d6d82b3384a9206545a999765c2924b2650fd7f6331c191e3f631507064d71a042c606b4fcea0d518d38b5a24d3f44964bb09cb5774e50501abc3f524 SHA512 219fc138fb4850fff30c44a6dab767402172d545a83d31dba4a2a9ce27f8a9fe14f1f24f4e328517f2dd26e84906db5d2be388a9c82e89f5ca59740bb782a608
diff --git a/app-admin/sudo/files/sudo-1.9.13_p3-configure-clang16.patch b/app-admin/sudo/files/sudo-1.9.13_p3-configure-clang16.patch
deleted file mode 100644
index a9b9434c2b01..000000000000
--- a/app-admin/sudo/files/sudo-1.9.13_p3-configure-clang16.patch
+++ /dev/null
@@ -1,105 +0,0 @@
-ttps://www.sudo.ws/pipermail/sudo-workers/2023-April/001387.html
-https://github.com/sudo-project/sudo/commit/b83140e0f18fb27d310a4839a14f5c3febd2770b
-https://github.com/sudo-project/sudo/commit/075ee0f9dc234f9a7e680b16304809e5546965d5
-
-From b83140e0f18fb27d310a4839a14f5c3febd2770b Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Wed, 26 Apr 2023 11:10:46 -0600
-Subject: [PATCH] Use ldap_msgfree() instead of ldap_init() for the lber.h
- test. The ldap_init() function is marked as deprecated and not defined by
- default on some systems.  This can cause an error for compilers that do not
- support implicit function declarations. From Florian Weimer.
-
---- a/configure
-+++ b/configure
-@@ -31515,7 +31515,7 @@ else case e in #(
- int
- main (void)
- {
--(void)ldap_init(0, 0)
-+return ldap_msgfree(NULL)
-   ;
-   return 0;
- }
---- a/m4/ldap.m4
-+++ b/m4/ldap.m4
-@@ -52,7 +52,7 @@ AC_DEFUN([SUDO_CHECK_LDAP], [
- #include <lber.h>])
- 	AC_CACHE_CHECK([whether lber.h is needed when including ldap.h], [sudo_cv_header_lber_h], [
- 	    AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
--#include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [
-+#include <ldap.h>]], [[return ldap_msgfree(NULL)]])], [
- 		# No need to explicitly include lber.h when including ldap.h.
- 		sudo_cv_header_lber_h=no
- 	    ], [
-
-From 075ee0f9dc234f9a7e680b16304809e5546965d5 Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Wed, 26 Apr 2023 12:44:10 -0600
-Subject: [PATCH] Add missing stdio.h include for the _FORTIFY_SOURCE=2 check.
- Implementations of _FORTIFY_SOURCE require the header file to be included. 
- Also remove the useless test of an empty program with _FORTIFY_SOURCE
- defined.  Pointed out by Florian Weimer.
-
---- a/configure
-+++ b/configure
-@@ -34207,33 +34207,11 @@ else case e in #(
-   e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
- 
--
--int
--main (void)
--{
--char buf[4]; (void)sprintf(buf, "%s", "foo");
--
--  ;
--  return 0;
--}
--_ACEOF
--if ac_fn_c_try_link "$LINENO"
--then :
--  sudo_cv_use_fortify_source=yes
--else case e in #(
--  e) sudo_cv_use_fortify_source=no
--		 ;;
--esac
--fi
--rm -f core conftest.err conftest.$ac_objext conftest.beam \
--    conftest$ac_exeext conftest.$ac_ext
--
--	    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
--/* end confdefs.h.  */
--
-+		    #include <stdio.h>
- int
- main (void)
- {
-+char buf[4]; sprintf(buf, "%s", "foo"); return buf[0];
- 
-   ;
-   return 0;
---- a/m4/hardening.m4
-+++ b/m4/hardening.m4
-@@ -10,18 +10,13 @@ AC_DEFUN([SUDO_CHECK_HARDENING], [
- 	    [sudo_cv_use_fortify_source],
- 	    [AC_LINK_IFELSE([
- 		    AC_LANG_PROGRAM(
--			[[]], [[char buf[4]; (void)sprintf(buf, "%s", "foo");]]
-+			[[#include <stdio.h>]],
-+			[[char buf[4]; sprintf(buf, "%s", "foo"); return buf[0];]]
- 		    )],
- 		    [sudo_cv_use_fortify_source=yes],
- 		    [sudo_cv_use_fortify_source=no]
- 		)
- 	    ]
--	    [AC_LINK_IFELSE(
--		[AC_LANG_PROGRAM([[]], [[]])],
--		    [sudo_cv_use_fortify_source=yes],
--		    [sudo_cv_use_fortify_source=no]
--		)
--	    ]
- 	)
- 	if test "$sudo_cv_use_fortify_source" != yes; then
- 	    CPPFLAGS="$O_CPPFLAGS"
-
diff --git a/app-admin/sudo/sudo-1.9.13_p3-r1.ebuild b/app-admin/sudo/sudo-1.9.13_p3-r1.ebuild
deleted file mode 100644
index bf4360a2426e..000000000000
--- a/app-admin/sudo/sudo-1.9.13_p3-r1.ebuild
+++ /dev/null
@@ -1,290 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit pam libtool tmpfiles toolchain-funcs
-
-MY_P="${P/_/}"
-MY_P="${MY_P/beta/b}"
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="https://www.sudo.ws/"
-
-if [[ ${PV} == 9999 ]] ; then
-	inherit mercurial
-	EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/sudo.ws.asc
-	inherit verify-sig
-
-	uri_prefix=
-	case ${P} in
-		*_beta*|*_rc*) uri_prefix=beta/ ;;
-	esac
-
-	SRC_URI="
-		https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
-		ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz
-		verify-sig? (
-			https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz.sig
-			ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz.sig
-		)
-	"
-
-	if [[ ${PV} != *_beta* && ${PV} != *_rc* ]] ; then
-		KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
-	fi
-
-	BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-sudo )"
-fi
-
-S="${WORKDIR}/${MY_P}"
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-IUSE="gcrypt ldap nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
-
-DEPEND="
-	sys-libs/zlib:=
-	virtual/libcrypt:=
-	gcrypt? ( dev-libs/libgcrypt:= )
-	ldap? (
-		>=net-nds/openldap-2.1.30-r1:=
-		sasl? (
-			dev-libs/cyrus-sasl
-			net-nds/openldap:=[sasl]
-		)
-	)
-	pam? ( sys-libs/pam )
-	sasl? ( dev-libs/cyrus-sasl )
-	selinux? ( sys-libs/libselinux )
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	ssl? ( dev-libs/openssl:0= )
-	sssd? ( sys-auth/sssd[sudo] )
-"
-RDEPEND="
-	${DEPEND}
-	>=app-misc/editor-wrapper-3
-	virtual/editor
-	ldap? ( dev-lang/perl )
-	pam? ( sys-auth/pambase )
-	selinux? ( sec-policy/selinux-sudo )
-	sendmail? ( virtual/mta )
-"
-BDEPEND+="
-	sys-devel/bison
-	virtual/pkgconfig
-"
-
-REQUIRED_USE="
-	?? ( pam skey )
-	?? ( gcrypt ssl )
-"
-
-MAKEOPTS+=" SAMPLES="
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.9.13_p3-configure-clang16.patch
-)
-
-src_prepare() {
-	default
-
-	elibtoolize
-}
-
-set_secure_path() {
-	# First extract the default ROOTPATH from build env
-	SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
-
-	case "${SECURE_PATH}" in
-		*/usr/sbin*)
-			;;
-		*)
-			SECURE_PATH=$(unset PATH; . "${EPREFIX}"/etc/profile.env; echo "${PATH}")
-			;;
-	esac
-
-	if [[ -z ${SECURE_PATH} ]] ; then
-		ewarn "	Failed to detect SECURE_PATH, please report this"
-	fi
-
-	# Then remove duplicate path entries
-	cleanpath() {
-		local newpath thisp IFS=:
-		for thisp in $1 ; do
-			if [[ :${newpath}: != *:${thisp}:* ]] ; then
-				newpath+=:${thisp}
-			else
-				einfo "   Duplicate entry ${thisp} removed..."
-			fi
-		done
-		SECURE_PATH=${newpath#:}
-	}
-	cleanpath /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
-
-	# Finally, strip gcc paths, bug #136027
-	rmpath() {
-		local e newpath thisp IFS=:
-		for thisp in ${SECURE_PATH} ; do
-			for e ; do
-				[[ ${thisp} == ${e} ]] && continue 2 ;
-			done
-			newpath+=:${thisp}
-		done
-		SECURE_PATH=${newpath#:}
-	}
-	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-}
-
-src_configure() {
-	local SECURE_PATH
-
-	set_secure_path
-
-	# bug #767712
-	tc-export PKG_CONFIG
-
-	# - audit: somebody got to explain me how I can test this before I
-	# enable it.. - Diego
-	# - plugindir: autoconf code is crappy and does not delay evaluation
-	# until `make` time, so we have to use a full path here rather than
-	# basing off other values.
-	local myeconfargs=(
-		# We set all of the relevant options by ourselves (patched
-		# into the toolchain) and setting these in the build system
-		# actually causes a downgrade when using e.g. -D_FORTIFY_SOURCE=3
-		# (it'll downgrade to =2). So, this has no functional effect on
-		# the hardening for users. It's safe.
-		--disable-hardening
-
-		# requires some python eclass
-		--disable-python
-		--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
-		--enable-zlib=system
-		--with-editor="${EPREFIX}"/usr/libexec/editor
-		--with-env-editor
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
-		--with-rundir="${EPREFIX}"/run/sudo
-		--with-vardir="${EPREFIX}"/var/db/sudo
-		--without-linux-audit
-		--without-opie
-		$(use_enable gcrypt)
-		$(use_enable nls)
-		$(use_enable sasl)
-		$(use_enable ssl openssl)
-		$(use_with ldap)
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
-		$(use_with offensive insults)
-		$(use_with offensive all-insults)
-		$(use_with pam)
-		$(use_with pam pam-login)
-		$(use_with secure-path secure-path "${SECURE_PATH}")
-		$(use_with selinux)
-		$(use_with sendmail)
-		$(use_with skey)
-		$(use_with sssd)
-	)
-
-	econf "${myeconfargs[@]}"
-}
-
-src_install() {
-	default
-
-	if use ldap ; then
-		dodoc README.LDAP.md
-
-		cat <<-EOF > "${T}"/ldap.conf.sudo
-		# See ldap.conf(5) and README.LDAP.md for details
-		# This file should only be readable by root
-
-		# supported directives: host, port, ssl, ldap_version
-		# uri, binddn, bindpw, sudoers_base, sudoers_debug
-		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
-		EOF
-
-		if use sasl ; then
-			cat <<-EOF >> "${T}"/ldap.conf.sudo
-
-			# SASL directives: use_sasl, sasl_mech, sasl_auth_id
-			# sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
-			EOF
-		fi
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-
-		insinto /etc/openldap/schema
-		newins docs/schema.OpenLDAP sudo.schema
-	fi
-
-	if use pam ; then
-		pamd_mimic system-auth sudo auth account session
-		pamd_mimic system-auth sudo-i auth account session
-	fi
-
-	keepdir /var/db/sudo/lectured
-	fperms 0700 /var/db/sudo/lectured
-	# bug #652958
-	fperms 0711 /var/db/sudo
-
-	# Don't install into /run as that is a tmpfs most of the time
-	# (bug #504854)
-	rm -rf "${ED}"/run || die
-
-	# bug #697812
-	find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
-	tmpfiles_process sudo.conf
-
-	# bug #652958
-	local sudo_db="${EROOT}/var/db/sudo"
-	if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
-		chmod 711 "${sudo_db}" || die
-	fi
-
-	if use ldap ; then
-		ewarn
-		ewarn "sudo uses the ${ROOT}/etc/ldap.conf.sudo file for ldap configuration."
-		ewarn
-		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
-			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
-			ewarn "configured in ${ROOT}/etc/nsswitch.conf."
-			ewarn
-			ewarn "To make use of LDAP, add this line to your ${ROOT}/etc/nsswitch.conf:"
-			ewarn "  sudoers: ldap files"
-			ewarn
-		fi
-	fi
-	if use prefix ; then
-		ewarn
-		ewarn "To use sudo on Prefix, you need to change file ownership and permissions"
-		ewarn "with root privileges, as follows:"
-		ewarn
-		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
-		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
-		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
-		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
-		ewarn
-	fi
-
-	elog "To use the -A (askpass) option, you need to install a compatible"
-	elog "password program from the following list. Starred packages will"
-	elog "automatically register for the use with sudo (but will not force"
-	elog "the -A option):"
-	elog ""
-	elog " [*] net-misc/ssh-askpass-fullscreen"
-	elog "     net-misc/x11-ssh-askpass"
-	elog ""
-	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
-	elog "variable to the program you want to use."
-}
diff --git a/app-admin/sudo/sudo-1.9.14_p2.ebuild b/app-admin/sudo/sudo-1.9.14_p2.ebuild
deleted file mode 100644
index 5b761d116733..000000000000
--- a/app-admin/sudo/sudo-1.9.14_p2.ebuild
+++ /dev/null
@@ -1,286 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit pam libtool tmpfiles toolchain-funcs
-
-MY_P="${P/_/}"
-MY_P="${MY_P/beta/b}"
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="https://www.sudo.ws/"
-
-if [[ ${PV} == 9999 ]] ; then
-	inherit mercurial
-	EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/sudo.ws.asc
-	inherit verify-sig
-
-	uri_prefix=
-	case ${P} in
-		*_beta*|*_rc*) uri_prefix=beta/ ;;
-	esac
-
-	SRC_URI="
-		https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
-		ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz
-		verify-sig? (
-			https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz.sig
-			ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz.sig
-		)
-	"
-
-	if [[ ${PV} != *_beta* && ${PV} != *_rc* ]] ; then
-		KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
-	fi
-
-	BDEPEND="verify-sig? ( sec-keys/openpgp-keys-sudo )"
-fi
-
-S="${WORKDIR}/${MY_P}"
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-IUSE="gcrypt ldap nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
-
-DEPEND="
-	sys-libs/zlib:=
-	virtual/libcrypt:=
-	gcrypt? ( dev-libs/libgcrypt:= )
-	ldap? (
-		>=net-nds/openldap-2.1.30-r1:=
-		sasl? (
-			dev-libs/cyrus-sasl
-			net-nds/openldap:=[sasl]
-		)
-	)
-	pam? ( sys-libs/pam )
-	sasl? ( dev-libs/cyrus-sasl )
-	selinux? ( sys-libs/libselinux )
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	ssl? ( dev-libs/openssl:= )
-	sssd? ( sys-auth/sssd[sudo] )
-"
-RDEPEND="
-	${DEPEND}
-	>=app-misc/editor-wrapper-3
-	virtual/editor
-	ldap? ( dev-lang/perl )
-	pam? ( sys-auth/pambase )
-	selinux? ( sec-policy/selinux-sudo )
-	sendmail? ( virtual/mta )
-"
-BDEPEND+="
-	sys-devel/bison
-	virtual/pkgconfig
-"
-
-REQUIRED_USE="
-	?? ( pam skey )
-	?? ( gcrypt ssl )
-"
-
-MAKEOPTS+=" SAMPLES="
-
-src_prepare() {
-	default
-
-	elibtoolize
-}
-
-set_secure_path() {
-	# First extract the default ROOTPATH from build env
-	SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env; echo "${ROOTPATH}")
-
-	case "${SECURE_PATH}" in
-		*/usr/sbin*)
-			;;
-		*)
-			SECURE_PATH=$(unset PATH; . "${EPREFIX}"/etc/profile.env; echo "${PATH}")
-			;;
-	esac
-
-	if [[ -z ${SECURE_PATH} ]] ; then
-		ewarn "	Failed to detect SECURE_PATH, please report this"
-	fi
-
-	# Then remove duplicate path entries
-	cleanpath() {
-		local newpath thisp IFS=:
-		for thisp in $1 ; do
-			if [[ :${newpath}: != *:${thisp}:* ]] ; then
-				newpath+=:${thisp}
-			else
-				einfo "   Duplicate entry ${thisp} removed..."
-			fi
-		done
-		SECURE_PATH=${newpath#:}
-	}
-	cleanpath /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
-
-	# Finally, strip gcc paths, bug #136027
-	rmpath() {
-		local e newpath thisp IFS=:
-		for thisp in ${SECURE_PATH} ; do
-			for e ; do
-				[[ ${thisp} == ${e} ]] && continue 2 ;
-			done
-			newpath+=:${thisp}
-		done
-		SECURE_PATH=${newpath#:}
-	}
-	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-}
-
-src_configure() {
-	local SECURE_PATH
-
-	set_secure_path
-
-	# bug #767712
-	tc-export PKG_CONFIG
-
-	# - audit: somebody got to explain me how I can test this before I
-	# enable it.. - Diego
-	# - plugindir: autoconf code is crappy and does not delay evaluation
-	# until `make` time, so we have to use a full path here rather than
-	# basing off other values.
-	local myeconfargs=(
-		# We set all of the relevant options by ourselves (patched
-		# into the toolchain) and setting these in the build system
-		# actually causes a downgrade when using e.g. -D_FORTIFY_SOURCE=3
-		# (it'll downgrade to =2). So, this has no functional effect on
-		# the hardening for users. It's safe.
-		--disable-hardening
-
-		# requires some python eclass
-		--disable-python
-		--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
-		--enable-zlib=system
-		--with-editor="${EPREFIX}"/usr/libexec/editor
-		--with-env-editor
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
-		--with-rundir="${EPREFIX}"/run/sudo
-		--with-vardir="${EPREFIX}"/var/db/sudo
-		--without-linux-audit
-		--without-opie
-		$(use_enable gcrypt)
-		$(use_enable nls)
-		$(use_enable sasl)
-		$(use_enable ssl openssl)
-		$(use_with ldap)
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
-		$(use_with offensive insults)
-		$(use_with offensive all-insults)
-		$(use_with pam)
-		$(use_with pam pam-login)
-		$(use_with secure-path secure-path "${SECURE_PATH}")
-		$(use_with selinux)
-		$(use_with sendmail)
-		$(use_with skey)
-		$(use_with sssd)
-	)
-
-	econf "${myeconfargs[@]}"
-}
-
-src_install() {
-	default
-
-	if use ldap ; then
-		dodoc README.LDAP.md
-
-		cat <<-EOF > "${T}"/ldap.conf.sudo
-		# See ldap.conf(5) and README.LDAP.md for details
-		# This file should only be readable by root
-
-		# supported directives: host, port, ssl, ldap_version
-		# uri, binddn, bindpw, sudoers_base, sudoers_debug
-		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
-		EOF
-
-		if use sasl ; then
-			cat <<-EOF >> "${T}"/ldap.conf.sudo
-
-			# SASL directives: use_sasl, sasl_mech, sasl_auth_id
-			# sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
-			EOF
-		fi
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-
-		insinto /etc/openldap/schema
-		newins docs/schema.OpenLDAP sudo.schema
-	fi
-
-	if use pam ; then
-		pamd_mimic system-auth sudo auth account session
-		pamd_mimic system-auth sudo-i auth account session
-	fi
-
-	keepdir /var/db/sudo/lectured
-	fperms 0700 /var/db/sudo/lectured
-	# bug #652958
-	fperms 0711 /var/db/sudo
-
-	# Don't install into /run as that is a tmpfs most of the time
-	# (bug #504854)
-	rm -rf "${ED}"/run || die
-
-	# bug #697812
-	find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
-	tmpfiles_process sudo.conf
-
-	# bug #652958
-	local sudo_db="${EROOT}/var/db/sudo"
-	if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
-		chmod 711 "${sudo_db}" || die
-	fi
-
-	if use ldap ; then
-		ewarn
-		ewarn "sudo uses the ${ROOT}/etc/ldap.conf.sudo file for ldap configuration."
-		ewarn
-		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
-			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
-			ewarn "configured in ${ROOT}/etc/nsswitch.conf."
-			ewarn
-			ewarn "To make use of LDAP, add this line to your ${ROOT}/etc/nsswitch.conf:"
-			ewarn "  sudoers: ldap files"
-			ewarn
-		fi
-	fi
-	if use prefix ; then
-		ewarn
-		ewarn "To use sudo on Prefix, you need to change file ownership and permissions"
-		ewarn "with root privileges, as follows:"
-		ewarn
-		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
-		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
-		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
-		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
-		ewarn
-	fi
-
-	elog "To use the -A (askpass) option, you need to install a compatible"
-	elog "password program from the following list. Starred packages will"
-	elog "automatically register for the use with sudo (but will not force"
-	elog "the -A option):"
-	elog ""
-	elog " [*] net-misc/ssh-askpass-fullscreen"
-	elog "     net-misc/x11-ssh-askpass"
-	elog ""
-	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
-	elog "variable to the program you want to use."
-}