From e2165ef18759559d1e56b9fcf36169f0b4561c7c Mon Sep 17 00:00:00 2001
From: rfm <rfm@72102866-910b-0410-8b05-ffd578937521>
Date: Thu, 10 Jun 2010 09:51:40 +0000
Subject: [PATCH] fixup option to control installation of gdomap

git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@30648 72102866-910b-0410-8b05-ffd578937521
---
 ChangeLog                       |  6 ++++++
 Source/NSSocketPortNameServer.m |  4 ++++
 configure                       | 20 ++++++++------------
 configure.ac                    | 20 ++++++++------------
 4 files changed, 26 insertions(+), 24 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f38119404..b1ac8beea 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2010-06-10  Richard Frith-Macdonald <rfm@gnu.org>
+
+	* Source/NSSocketPortNameServer.m: Improve automated gdomap startup log
+	* configure.ac: Don't install gdomap setuid by default.
+	* configure: regenerate
+
 2010-06-10  Richard Frith-Macdonald <rfm@gnu.org>
 
 	* Source/NSString.m: Raise exception if a null pointer is passed to
diff --git a/Source/NSSocketPortNameServer.m b/Source/NSSocketPortNameServer.m
index 987f5198c..768cf738c 100644
--- a/Source/NSSocketPortNameServer.m
+++ b/Source/NSSocketPortNameServer.m
@@ -197,6 +197,10 @@ typedef enum {
 	  NSLog(@"NSSocketPortNameServer attempting to start gdomap on local host\n"
 @"This will take a few seconds.\n"
 @"Trying to launch gdomap from %@ or a machine/operating-system subdirectory.\n"
+#if	!defined(GDOMAP_PORT_OVERRIDE)
+@"On systems other than mswindows, this will only work if the gdomap program\n"
+@"was installed setuid to root.\n"
+#endif
 @"It is recommended that you start up gdomap at login time or (better) when\n"
 @"your computer is started instead.",
 [launchCmd stringByDeletingLastPathComponent]);
diff --git a/configure b/configure
index 5bc64c738..351ec3baa 100755
--- a/configure
+++ b/configure
@@ -890,18 +890,14 @@ Optional Features:
   --disable-tlstest		Do not try to compile and run a test TLS program
   --disable-zeroconf		Disable NSNetServices support
 
-  --disable-setuid-gdomap       Disable installing gdomap as a setuid
-                                executable.  By default, it is
-                                installed as a setuid program, so that
-                                it can be started up automatically
+  --enable-setuid-gdomap        Enable installing gdomap as a setuid
+                                executable.  By default, it is installed
+                                as a normal program intended to be started
+				by root at system boot time, but it can
+                                also be started up automatically
                                 by any user at any time.  Use this
-                                option if you are happy starting
-                                gdomap manually at startup (typically
-                                by adding 'gdomap -p' to your
-                                /etc/rc.local or equivalent start up
-                                script), in which case you don't need
-                                gdomap to be setuid and can use a more
-                                secure setup where it isn't setuid.
+                                option if you are happy having the program
+                                started automatically on demand.
 
   --disable-openssl		Disable support for openssl in URL classes
 
@@ -22260,7 +22256,7 @@ if test "${enable_setuid_gdomap+set}" = set; then
   enableval="$enable_setuid_gdomap"
   ac_cv_setuid_gdomap=$enableval
 else
-  ac_cv_setuid_gdomap="yes"
+  ac_cv_setuid_gdomap="no"
 fi;
 
 if test "$ac_cv_setuid_gdomap" = "yes"; then
diff --git a/configure.ac b/configure.ac
index 63035b736..cb5d3d5cb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2648,21 +2648,17 @@ AC_SUBST(WARN_FLAGS)
 #--------------------------------------------------------------------
 AC_MSG_CHECKING([if we should install gdomap as setuid])
 AC_ARG_ENABLE(setuid-gdomap,[
-  --disable-setuid-gdomap       Disable installing gdomap as a setuid
-                                executable.  By default, it is
-                                installed as a setuid program, so that
-                                it can be started up automatically
+  --enable-setuid-gdomap        Enable installing gdomap as a setuid
+                                executable.  By default, it is installed
+                                as a normal program intended to be started
+				by root at system boot time, but it can
+                                also be started up automatically
                                 by any user at any time.  Use this
-                                option if you are happy starting
-                                gdomap manually at startup (typically
-                                by adding 'gdomap -p' to your
-                                /etc/rc.local or equivalent start up
-                                script), in which case you don't need
-                                gdomap to be setuid and can use a more
-                                secure setup where it isn't setuid.
+                                option if you are happy having the program
+                                started automatically on demand.
 ],
   ac_cv_setuid_gdomap=$enableval,
-  ac_cv_setuid_gdomap="yes")
+  ac_cv_setuid_gdomap="no")
 
 if test "$ac_cv_setuid_gdomap" = "yes"; then
   AC_MSG_RESULT(yes);