When I upgrade sudo from 1.6.9-r17 to 1.7.0 it require cyrus-sasl package. But my system don't use sasl autentification. Reproducible: Always Steps to Reproduce: 1. simple emerge =app-admin/sudo-1.7.0 Actual Results: require cyrus-sasl Expected Results: I want to choose, if I need sasl autentification and so cyrus-sasl package. I tried to modify ebuild, and remove dependency cyrus-sasl, and making crashes with error: ./ldap.c:66:20: error: sasl.h: No such file or directory ./ldap.c: In function ‘sudo_ldap_sasl_interact’: ...skipped... my openldap package builded without sasl support, so how sudo_ldap_sasl_interact will be working? I think early, that cyrus-sasl is a general package for sasl authentification, and its presents in system is depending of USE=sasl flag. But in this case this is invalid.
dev-libs/cyrus-sasl is required when USE="ldap" is enabled.
(In reply to comment #1) > dev-libs/cyrus-sasl is required when USE="ldap" is enabled. > I knew this. Do you read first message clearly? In this package sasl autentification can be use if openldap is builded with sasl. When openldap builded without sasl, sudo can't use sasl authentification and so don't use it. So I must have unusable package in system cyrus-sasl. In other words, whenever sasl authentification is used in system, sudo require package cyrus-sasl. So for gentoo use system, it's more right, to add use flag sasl, and let users choose if they need sasl.
Since I know zilch about ldap, I'm going to ask a hand to those who do know it. Sudo will try to use sasl if openldap is using sasl, for what I can see, as it checks for the symbol 'ldap_sasl_interactive_bind_s'. Is that defined even without sasl enabled on openldap?
Okay, the 1.7.1b4 release of sudo (which I just committed under package.mask) lists this change: * Fixed an ldap-related compilation problem when the ldap libraries support ldap_sasl_interactive_bind_s() but no sasl headers are present. can you please confirm whether this version fixes the issue? If so I'd just be tempted to unmask 1.7.1b4 and mark this as fixed (or otherwise backport the change in that release). Thanks!
Please reopen if this is still a problem with sudo 1.7.1_rc1 and later.
Braindead SASL requirements are still a problem in app-admin/sudo-1.7.3, please reopen.
Tyler can you provide a build log please?