Merge updates from master

5 files changed, 24 insertions, 282 deletions

diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
index 756ff988d039..187216ac3f6e 100644
--- a/app-admin/sudo/Manifest
+++ b/app-admin/sudo/Manifest
@@ -1,5 +1,4 @@
 DIST sudo-1.8.31.tar.gz 3350674 BLAKE2B de5a968732fdd58933b4c513d13c43a08cb50075a00c3e0d338c9892570a416a2b3a8f19940c0893715f4eeab991e804831a87ef656ffd91e7f1ba047c119261 SHA512 b9e408a322938c7a712458e9012d8a5f648fba5b23a5057cf5d8372c7f931262595f1575c32c32b9cb1a04af670ff4611e7df48d197e5c4cc038d6b65439a28a
 DIST sudo-1.8.31p1.tar.gz 3351312 BLAKE2B 85775ef574a3a1a9cc749809fe81f8350f7a4e3f46a905bc3392790b20bb7bc8e3c99fb504e01776f3a92aa6afa7972d3ff1c071aadd3a08ee1d2281f8b9ba50 SHA512 9344fd1d8a8445e8afb9c5628cdc832fe32ea29199f071f35fb6ec694371801556df560f4382afec199f468b1f3264ad5e3a89e964612e571b8d911f823724cc
-DIST sudo-1.9.0.tar.gz 3743850 BLAKE2B 47d557afb13eee300d379ae31aae34cf7cf1e5ad140c6d7e599f687cca2cc259ec17f9ec0b3ca6f0badef81bb6e9d659e3e2bb77d9994218a9a3d88ec7ff2c19 SHA512 f2a191ea5fc65865718b110d4aca187cb5e2cd55c9c891fab32f21401e56f825f34c373e346c55c64fa49cec4d802efb63ccebf3d4a4e31d9a433077daf013b1
-DIST sudo-1.9.1.tar.gz 3834744 BLAKE2B 835eaae5b61627da65f40f04646b261093c56f77bdfb1b64f746e569a4bfafcfbb31d88ab301bf8544a8714f43d3416a792ee8b0fdcb75d81dbc6fcf29551f0b SHA512 7994c7d8f020188eda51787bb5f6fe7668518cc89b711e7840470db7e5bac1219490ffccc73854fecb14ceb3ffaf0fc605f3438c87b83f27921ea3626365105c
+DIST sudo-1.8.31p2.tar.gz 3353538 BLAKE2B 274c72232e18c8ff5006b61ad4d384582ec0296af6326377f08ff4e59c6a4a4fc5e2245874bf9a7c6b010addae600dd41f042660d5bf9c4bc8eb98983704a5da SHA512 ad1bbbde74d3ab6e947071c6f21e436ebabcf5af11ecc75cde8f0c01ca0b8c6ae1cce2ff42f21612816c636e96722a2a14daa57757644ceab6577091f82242be
 DIST sudo-1.9.2.tar.gz 3890859 BLAKE2B 879917b8045c999a17ef36006732509aa546ee6bb04de77191fb637aa0420d54f9e51ec69b697c22119d638393e9c84efcc1ca5e6e8ee5f0c08bb1ca07f3acea SHA512 20afdf2604b1c93395157382b24f225cd1ff88d3a892362e2d69fecd240c4e7171f05032c08be1778cd1dea6e460025e4241f57272fac0ea3550e220b6d73d21
diff --git a/app-admin/sudo/sudo-1.9.0-r1.ebuild b/app-admin/sudo/sudo-1.8.31_p2.ebuild
index 896554456b5a..f0df8a6c9e22 100644
--- a/app-admin/sudo/sudo-1.9.0-r1.ebuild
+++ b/app-admin/sudo/sudo-1.8.31_p2.ebuild
@@ -3,7 +3,7 @@
 
 EAPI=7
 
-inherit pam multilib libtool systemd tmpfiles
+inherit pam multilib libtool tmpfiles
 
 MY_P="${P/_/}"
 MY_P="${MY_P/beta/b}"
@@ -30,11 +30,10 @@ fi
 # 3-clause BSD license
 LICENSE="ISC BSD"
 SLOT="0"
-IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
+IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey sssd system-digest"
 
 DEPEND="
 	sys-libs/zlib:=
-	gcrypt? ( dev-libs/libgcrypt:= )
 	ldap? (
 		>=net-nds/openldap-2.1.30-r1
 		sasl? (
@@ -45,11 +44,14 @@ DEPEND="
 	pam? ( sys-libs/pam )
 	sasl? ( dev-libs/cyrus-sasl )
 	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	ssl? (
-		!libressl? ( dev-libs/openssl:0= )
-		libressl? ( dev-libs/libressl:0= )
-	)
 	sssd? ( sys-auth/sssd[sudo] )
+	system-digest? (
+		gcrypt? ( dev-libs/libgcrypt:= )
+		!gcrypt? (
+			!libressl? ( dev-libs/openssl:0= )
+			libressl? ( dev-libs/libressl:0= )
+		)
+	)
 "
 RDEPEND="
 	${DEPEND}
@@ -135,34 +137,36 @@ src_configure() {
 	# until `make` time, so we have to use a full path here rather than
 	# basing off other values.
 	myeconfargs=(
-		# requires some python eclass
-		--disable-python
-		--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
 		--enable-zlib=system
+		--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
 		--with-editor="${EPREFIX}"/usr/libexec/editor
 		--with-env-editor
 		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
 		--with-rundir="${EPREFIX}"/run/sudo
+		$(use_with secure-path secure-path "${SECURE_PATH}")
 		--with-vardir="${EPREFIX}"/var/db/sudo
 		--without-linux-audit
 		--without-opie
 		$(use_enable gcrypt)
 		$(use_enable nls)
 		$(use_enable sasl)
-		$(use_enable ssl openssl)
-		$(use_with ldap)
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
 		$(use_with offensive insults)
 		$(use_with offensive all-insults)
+		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
+		$(use_with ldap)
 		$(use_with pam)
-		$(use_with pam pam-login)
-		$(use_with secure-path secure-path "${SECURE_PATH}")
-		$(use_with selinux)
-		$(use_with sendmail)
 		$(use_with skey)
 		$(use_with sssd)
+		$(use_with selinux)
+		$(use_with sendmail)
 	)
 
+	if use system-digest && ! use gcrypt; then
+		myeconfargs+=("--enable-openssl")
+	else
+		myeconfargs+=("--disable-openssl")
+	fi
+
 	econf "${myeconfargs[@]}"
 }
 
@@ -198,7 +202,6 @@ src_install() {
 	fi
 
 	pamd_mimic system-auth sudo auth account session
-	pamd_mimic system-auth sudo-i auth account session
 
 	keepdir /var/db/sudo/lectured
 	fperms 0700 /var/db/sudo/lectured
@@ -206,7 +209,7 @@ src_install() {
 
 	# Don't install into /run as that is a tmpfs most of the time
 	# (bug #504854)
-	rm -rf "${ED}"/run || die
+	rm -rf "${ED}"/run
 
 	find "${ED}" -type f -name "*.la" -delete || die #697812
 }
diff --git a/app-admin/sudo/sudo-1.9.1.ebuild b/app-admin/sudo/sudo-1.9.1.ebuild
deleted file mode 100644
index 896554456b5a..000000000000
--- a/app-admin/sudo/sudo-1.9.1.ebuild
+++ /dev/null
@@ -1,260 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit pam multilib libtool systemd tmpfiles
-
-MY_P="${P/_/}"
-MY_P="${MY_P/beta/b}"
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="https://www.sudo.ws/"
-if [[ ${PV} == "9999" ]] ; then
-	inherit mercurial
-	EHG_REPO_URI="https://www.sudo.ws/repos/sudo"
-else
-	uri_prefix=
-	case ${P} in
-		*_beta*|*_rc*) uri_prefix=beta/ ;;
-	esac
-
-	SRC_URI="https://www.sudo.ws/sudo/dist/${uri_prefix}${MY_P}.tar.gz
-		ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
-	if [[ ${PV} != *_beta* ]] && [[ ${PV} != *_rc* ]] ; then
-		KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~sparc-solaris"
-	fi
-fi
-
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="ISC BSD"
-SLOT="0"
-IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey ssl sssd"
-
-DEPEND="
-	sys-libs/zlib:=
-	gcrypt? ( dev-libs/libgcrypt:= )
-	ldap? (
-		>=net-nds/openldap-2.1.30-r1
-		sasl? (
-			dev-libs/cyrus-sasl
-			net-nds/openldap[sasl]
-		)
-	)
-	pam? ( sys-libs/pam )
-	sasl? ( dev-libs/cyrus-sasl )
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	ssl? (
-		!libressl? ( dev-libs/openssl:0= )
-		libressl? ( dev-libs/libressl:0= )
-	)
-	sssd? ( sys-auth/sssd[sudo] )
-"
-RDEPEND="
-	${DEPEND}
-	>=app-misc/editor-wrapper-3
-	virtual/editor
-	ldap? ( dev-lang/perl )
-	pam? ( sys-auth/pambase )
-	selinux? ( sec-policy/selinux-sudo )
-	sendmail? ( virtual/mta )
-"
-BDEPEND="
-	sys-devel/bison
-"
-
-S="${WORKDIR}/${MY_P}"
-
-REQUIRED_USE="
-	pam? ( !skey )
-	skey? ( !pam )
-"
-
-MAKEOPTS+=" SAMPLES="
-
-src_prepare() {
-	default
-	elibtoolize
-}
-
-set_secure_path() {
-	# FIXME: secure_path is a compile time setting. using PATH or
-	# ROOTPATH is not perfect, env-update may invalidate this, but until it
-	# is available as a sudoers setting this will have to do.
-	einfo "Setting secure_path ..."
-
-	# first extract the default ROOTPATH from build env
-	SECURE_PATH=$(unset ROOTPATH; . "${EPREFIX}"/etc/profile.env;
-		echo "${ROOTPATH}")
-		case "${SECURE_PATH}" in
-			*/usr/sbin*) ;;
-			*) SECURE_PATH=$(unset PATH;
-				. "${EPREFIX}"/etc/profile.env; echo "${PATH}")
-				;;
-		esac
-	if [[ -z ${SECURE_PATH} ]] ; then
-		ewarn "	Failed to detect SECURE_PATH, please report this"
-	fi
-
-	# then remove duplicate path entries
-	cleanpath() {
-		local newpath thisp IFS=:
-		for thisp in $1 ; do
-			if [[ :${newpath}: != *:${thisp}:* ]] ; then
-				newpath+=:${thisp}
-			else
-				einfo "   Duplicate entry ${thisp} removed..."
-			fi
-		done
-		SECURE_PATH=${newpath#:}
-	}
-	cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${SECURE_PATH:+:${SECURE_PATH}}
-
-	# finally, strip gcc paths #136027
-	rmpath() {
-		local e newpath thisp IFS=:
-		for thisp in ${SECURE_PATH} ; do
-			for e ; do [[ ${thisp} == ${e} ]] && continue 2 ; done
-			newpath+=:${thisp}
-		done
-		SECURE_PATH=${newpath#:}
-	}
-	rmpath '*/gcc-bin/*' '*/gnat-gcc-bin/*' '*/gnat-gcc/*'
-
-	einfo "... done"
-}
-
-src_configure() {
-	local SECURE_PATH
-	set_secure_path
-
-	# audit: somebody got to explain me how I can test this before I
-	# enable it.. - Diego
-	# plugindir: autoconf code is crappy and does not delay evaluation
-	# until `make` time, so we have to use a full path here rather than
-	# basing off other values.
-	myeconfargs=(
-		# requires some python eclass
-		--disable-python
-		--enable-tmpfiles.d="${EPREFIX}"/usr/lib/tmpfiles.d
-		--enable-zlib=system
-		--with-editor="${EPREFIX}"/usr/libexec/editor
-		--with-env-editor
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sudo
-		--with-rundir="${EPREFIX}"/run/sudo
-		--with-vardir="${EPREFIX}"/var/db/sudo
-		--without-linux-audit
-		--without-opie
-		$(use_enable gcrypt)
-		$(use_enable nls)
-		$(use_enable sasl)
-		$(use_enable ssl openssl)
-		$(use_with ldap)
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo)
-		$(use_with offensive insults)
-		$(use_with offensive all-insults)
-		$(use_with pam)
-		$(use_with pam pam-login)
-		$(use_with secure-path secure-path "${SECURE_PATH}")
-		$(use_with selinux)
-		$(use_with sendmail)
-		$(use_with skey)
-		$(use_with sssd)
-	)
-
-	econf "${myeconfargs[@]}"
-}
-
-src_install() {
-	default
-
-	if use ldap ; then
-		dodoc README.LDAP
-
-		cat <<-EOF > "${T}"/ldap.conf.sudo
-		# See ldap.conf(5) and README.LDAP for details
-		# This file should only be readable by root
-
-		# supported directives: host, port, ssl, ldap_version
-		# uri, binddn, bindpw, sudoers_base, sudoers_debug
-		# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key}
-		EOF
-
-		if use sasl ; then
-			cat <<-EOF >> "${T}"/ldap.conf.sudo
-
-			# SASL directives: use_sasl, sasl_mech, sasl_auth_id
-			# sasl_secprops, rootuse_sasl, rootsasl_auth_id, krb5_ccname
-			EOF
-		fi
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-
-		insinto /etc/openldap/schema
-		newins doc/schema.OpenLDAP sudo.schema
-	fi
-
-	pamd_mimic system-auth sudo auth account session
-	pamd_mimic system-auth sudo-i auth account session
-
-	keepdir /var/db/sudo/lectured
-	fperms 0700 /var/db/sudo/lectured
-	fperms 0711 /var/db/sudo #652958
-
-	# Don't install into /run as that is a tmpfs most of the time
-	# (bug #504854)
-	rm -rf "${ED}"/run || die
-
-	find "${ED}" -type f -name "*.la" -delete || die #697812
-}
-
-pkg_postinst() {
-	tmpfiles_process sudo.conf
-
-	#652958
-	local sudo_db="${EROOT}/var/db/sudo"
-	if [[ "$(stat -c %a "${sudo_db}")" -ne 711 ]] ; then
-		chmod 711 "${sudo_db}" || die
-	fi
-
-	if use ldap ; then
-		ewarn
-		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
-		ewarn
-		if grep -qs '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf ; then
-			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
-			ewarn "configured in /etc/nsswitch.conf."
-			ewarn
-			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
-			ewarn "  sudoers: ldap files"
-			ewarn
-		fi
-	fi
-	if use prefix ; then
-		ewarn
-		ewarn "To use sudo, you need to change file ownership and permissions"
-		ewarn "with root privileges, as follows:"
-		ewarn
-		ewarn "  # chown root:root ${EPREFIX}/usr/bin/sudo"
-		ewarn "  # chown root:root ${EPREFIX}/usr/lib/sudo/sudoers.so"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers"
-		ewarn "  # chown root:root ${EPREFIX}/etc/sudoers.d"
-		ewarn "  # chown root:root ${EPREFIX}/var/db/sudo"
-		ewarn "  # chmod 4111 ${EPREFIX}/usr/bin/sudo"
-		ewarn
-	fi
-
-	elog "To use the -A (askpass) option, you need to install a compatible"
-	elog "password program from the following list. Starred packages will"
-	elog "automatically register for the use with sudo (but will not force"
-	elog "the -A option):"
-	elog ""
-	elog " [*] net-misc/ssh-askpass-fullscreen"
-	elog "     net-misc/x11-ssh-askpass"
-	elog ""
-	elog "You can override the choice by setting the SUDO_ASKPASS environmnent"
-	elog "variable to the program you want to use."
-}
diff --git a/sys-fs/lvm2/Manifest b/sys-fs/lvm2/Manifest
index b6e98da43b4c..8dd209d0b7ca 100644
--- a/sys-fs/lvm2/Manifest
+++ b/sys-fs/lvm2/Manifest
@@ -1,2 +1,2 @@
 DIST LVM2.2.02.187.tgz 2405544 BLAKE2B be804be3c64927a8848e8ea8de228fb563b6f8c22628b785aabb33fc993629e5370788216bd814246aeb3a5546fd5446383ce24342e716579887556edf2bbed2 SHA512 3ce56f0c0d2e7dbcdae5be263199f73ee5c4c052599d53cde9b16500a326d0340893344f4671839be06b5b4225d592175d01c9974db14f2dc220d6e9a1d47e91
-DIST LVM2.2.03.09.tgz 2476346 BLAKE2B 0987b19bc39ef218fe5a79d6035d6e3d5b59fc75ee94e401148f91437faedfa73295fcaefd97a7606ae9d158b000fa5de4e2a72e89da1e1ad27759f7b821489b SHA512 8540e46a6025ab14b592ccd9493b3224ffc0f962739a0a8de6d7b25c65c6ad96fc83ddb0e3d877b123a5e1b104476d0c20ccee2ead6d322257ec82ad1e3362d4
+DIST LVM2.2.03.10.tgz 2510568 BLAKE2B 1b4e9d09ef948b79a2e6e70fa8f8c9cd38ec8d8d1462eefb059f93020f65664538cee9bab41b81aaaf719ca428a9e824a2b181f40ebe261c5dd0fc6551ebcbb3 SHA512 8678ae2f99739ccad0250f6f4b4b8e84520f2053835985a1ea9c80196a64df31a48858aebf983170c3dfcafecea83f2c6aa630ef73fd31dd84cf1627a1b421e4
diff --git a/sys-fs/lvm2/lvm2-2.03.09.ebuild b/sys-fs/lvm2/lvm2-2.03.10.ebuild
index 40418f6bae35..40418f6bae35 100644
--- a/sys-fs/lvm2/lvm2-2.03.09.ebuild
+++ b/sys-fs/lvm2/lvm2-2.03.10.ebuild