Add --with-secure-path-value option

This can be used by package maintainers to set the value of secure_path
that is substituted into the default sudoers file.

Author: millert

INSTALL.md

@@ -1003,6 +1003,13 @@ Defaults are listed in brackets after the description.
         is used.  
         Sudoers option: secure_path
 
+    --with-secure-path-value[=PATH]
+        Sets the value of "secure_path" that is substituted into
+        the default sudoers file.  This option is intended to be
+        used by package maintainers who wish to set "secure_path"
+        to a system-specific value in the default sudoers file.
+        It does not actually enable "secure-path".
+
     --with-sendmail=PATH
         Override configure's guess as to the location of sendmail.  
         Sudoers option: mailerpath

configure

@@ -1002,6 +1002,7 @@ with_nsswitch
 with_ldap
 with_ldap_conf_file
 with_ldap_secret_file
+with_secure_path_value
 with_secure_path
 with_interfaces
 with_askpass
@@ -1883,6 +1884,8 @@ Optional Packages:
   --with-ldap[=DIR]       enable LDAP support
   --with-ldap-conf-file   path to LDAP configuration file
   --with-ldap-secret-file path to LDAP secret password file
+  --with-secure-path-value
+                          value of secure_path in the default sudoers file
   --with-secure-path      override the user's path with a built-in one
   --without-interfaces    don't try to read the ip addr of network interfaces
   --with-askpass=PATH     Fully qualified pathname of askpass helper
@@ -6307,6 +6310,19 @@ EOF
 
 
 
+# Check whether --with-secure-path-value was given.
+if test ${with_secure_path_value+y}
+then :
+  withval=$with_secure_path_value; case $with_secure_path_value in
+    yes|no)	as_fn_error $? "must give --secure-path-value an argument." "$LINENO" 5
+		;;
+    *)		secure_path="$with_secure_path_value"
+		;;
+esac
+fi
+
+
+
 # Check whether --with-secure-path was given.
 if test ${with_secure_path+y}
 then :

configure.ac

@@ -1068,6 +1068,14 @@ AC_ARG_WITH(ldap-secret-file, [AS_HELP_STRING([--with-ldap-secret-file], [path t
 test -n "$with_ldap_secret_file" && ldap_secret="$with_ldap_secret_file"
 SUDO_DEFINE_UNQUOTED(_PATH_LDAP_SECRET, "$ldap_secret", [Path to the ldap.secret file])
 
+AC_ARG_WITH(secure-path-value, [AS_HELP_STRING([--with-secure-path-value], [value of secure_path in the default sudoers file])],
+[case $with_secure_path_value in
+    yes|no)	AC_MSG_ERROR([must give --secure-path-value an argument.])
+		;;
+    *)		secure_path="$with_secure_path_value"
+		;;
+esac])
+
 AC_ARG_WITH(secure-path, [AS_HELP_STRING([--with-secure-path], [override the user's path with a built-in one])],
 [case $with_secure_path in
     yes)	with_secure_path="$secure_path"