3 files changed, 148 insertions, 0 deletions

diff --git a/security/super/files/patch-06 b/security/super/files/patch-06
new file mode 100644
index 000000000000..861c8eeaf2c8
--- /dev/null
+++ b/security/super/files/patch-06
@@ -0,0 +1,37 @@
+--- localsys.h.orig	Tue Apr  7 01:55:28 1998
++++ localsys.h	Thu Nov 19 00:17:50 1998
+@@ -13,14 +13,14 @@
+  *	func_type  funcname __P((arglist));
+  */
+ 
+-#include "config.h"
+-
+ #include <stdio.h>
+ #include <ctype.h>
+ #include <fcntl.h>
+ #include <pwd.h>
+ #include <grp.h>
+ 
++#include "config.h"
++
+ #ifdef HAVE_UNISTD_H
+ #include <unistd.h>
+ #endif
+@@ -192,7 +192,7 @@
+ #endif
+ 
+ #ifndef _SVR4_SOURCE
+-#ifndef Digital_UNIX
++#if !(defined(Digital_UNIX) || (defined(BSD) && (BSD >= 199103)))
+ extern int gethostname __P((char *, size_t size));
+ #endif
+ #endif
+@@ -254,7 +254,7 @@
+ #endif
+ 
+ /* type returned by setgrent() */
+-#ifdef Digital_UNIX
++#if defined(Digital_UNIX) || (defined(BSD) && (BSD >= 199103))
+ typedef int SETGRENT_T;
+ #else
+ typedef void SETGRENT_T;
diff --git a/security/super/files/sample.cdmount b/security/super/files/sample.cdmount
new file mode 100644
index 000000000000..09ccb4f5842d
--- /dev/null
+++ b/security/super/files/sample.cdmount
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+prog=`basename $0`
+# If script invoked w/o super, then exec super to run this script.
+test "X$SUPERCMD" = "X$prog" || exec /usr/local/bin/super $prog ${1+"$@"}
+
+usage() {
+cat <<-END
+	Use:
+	    $prog hsfs | 4.2
+
+	Purpose:
+	    Mounts a cdrom on /cdrom.
+
+	Argument: the cdrom type; specify one of
+	    hsfs	- cdrom is High Sierra File System
+	    4.2		- usual Unix disk format
+
+END
+}
+
+case $# in
+    1 ) ;;
+    * ) usage ; exit 1 ;;
+esac
+
+type="$1"
+case "$type" in
+    4.2 | hsfs ) ;;
+    -h ) usage ; exit 0 ;;
+    * ) echo "$prog: unknown cd type $1" ; usage ; exit 1 ;;
+esac
+
+PATH=$PATH:/usr/etc		# SunOS 4.x needs this to understand type hsfs
+export PATH
+
+echo /etc/mount -v -r -t $type -o nosuid /dev/sr0 /cdrom
+     /etc/mount -v -r -t $type -o nosuid /dev/sr0 /cdrom
diff --git a/security/super/files/sample.tab b/security/super/files/sample.tab
new file mode 100644
index 000000000000..55c9ee1a7e12
--- /dev/null
+++ b/security/super/files/sample.tab
@@ -0,0 +1,73 @@
+# This file lists commands that super(1) will execute for you as root.
+
+# See the super.5 man page for information.
+
+# Global options =========================================================
+#
+# Shell patterns are usually much more convenient to deal with in
+# a super.tab file.
+:global patterns=shell
+
+# Log super actions to a file, under uid=root.  (Note that loguid has to
+# be part of same :global_options entry as logfile.)
+:global logfile=/var/log/super.log loguid=root
+
+# Also mail msgs on super errors...
+:global	mail="/usr/bin/Mail -s '*** super ***' joeblow" 
+
+# Also log via syslog (just for demonstration :-).
+:global	syslog=y
+
+# This says the user doesn't need to re-enter password if super cmds are
+# issued frequently (so that we "know" they are coming from one person).
+:global	renewtime=y
+
+# =======================================================================
+# Give access to line printer commands to some users outside office hours.
+# (During office hours, the regular system manager keeps these functions.)
+#
+:define OfficeHours {8:00-12:00,13:00-17:00}/{mon,tue,wed,thu,fri}
+
+# Some line printer commands that we want to give away to certain users.
+# (The asterisk in the FullPath is replaced by the command; thus
+# typing   super enable   executes /usr/bin/enable.)
+:define LPR_commands	{lprm,lpc}::/usr/bin/* \
+			{lprm,lpc}::/usr/lib/*
+
+# The users who can use the line printer commands, and the hosts
+# from which they can use the commands:
+#
+:define LPR_users	jack@bucket jill@hill
+
+# During non-office hours, the following people can use the
+# line printer commands.
+$LPR_commands	$LPR_users	!time~$OfficeHours
+
+
+
+# =======================================================================
+# The people who can use timeout/restart are:
+#
+:define TimeoutUsers  :operator :wheel gv phillips srk
+
+# timeout and restart
+
+timeout		/usr/local/bin/timeout	$TimeoutUsers \
+		info="Temporarily stop any processes of any user." \
+		password=y
+
+restart		/usr/local/bin/restart	$TimeoutUsers \
+		info="Restart a timeout'd process before the scheduled time."
+
+
+# =======================================================================
+# Restrictions on CD-ROM mounting:
+#	tas is the only user who may mount cd's on elgar; anybody in
+#	group xyz may mount cd's on alpha or delta; and anybody on a
+#	host in the netgroup "india" may mount a CD on the "india" machines.
+
+cdmount		/usr/local/bin/cdmount			\
+		info="Mounts a CD-ROM on /cdrom"	\
+				tas@elgar		\
+				:xyz@{alpha,delta}	\
+				@+india