kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/security/sudo/PLIST

29 lines
787 B
Text
Raw Normal View History

Darwin doesn't build sudo_noexec.so, patch from Sevan Janiyan.
2014-07-28 22:07:42 +02:00
@comment $NetBSD: PLIST,v 1.7 2014/07/28 20:07:42 jperkin Exp $
Import vanialla FreeBSD sudo.
1997-12-15 00:27:00 +01:00
bin/sudo
Add missing files.
2004-08-24 11:19:16 +02:00
bin/sudoedit
updating to the latest and greatest (and less a bunch of security relevant bugs) version: Major changes between version 1.7.4p3 and 1.7.4p4: * A potential security issue has been fixed with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. * A bug has been fixed where "sudo -l" output was incomplete if multiple sudoers sources were defined in nsswitch.conf and there was an error querying one of the sources. * The log_input, log_output, and use_pty sudoers options now work correctly on AIX. Previously, sudo would hang if they were enabled. * Fixed "make install" when sudo is built in a directory other than the directory that holds the sources. * The runas_default sudoers setting now works properly in a per-command Defaults line. * Suspending and resuming the bash shell when PAM is in use now works properly. The SIGCONT signal was not being propagated to the child process. Major changes between version 1.7.4p2 and 1.7.4p3: * A bug has been fixed where duplicate HOME environment variables could be set when the env_reset setting was disabled and the always_set_home setting was enabled in sudoers. * The value of sysconfdir is now substituted into the path to the sudoers.d directory in the installed sudoers file. * Fixed compilation problems on Irix and other platforms. * If multiple PAM "auth" actions are specified and the user enters ^C at the password prompt, sudo will now abort any subsequent "auth" actions. Previously it was necessary to enter ^C once for each "auth" action. Major changes between version 1.7.4p1 and 1.7.4p2: * Fixed a bug where sudo could spin in a cpu loop waiting for the child process. * Packaging fixes for sudo.pp to better handle patchlevels. Major changes between version 1.7.4 and 1.7.4p1: * Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option was enabled. * Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist. * Changes to the configure script to enable cross-compilation of Sudo. Major changes between version 1.7.3 and 1.7.4: * Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode. * Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this. * Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory. * Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf. * Defaults settings that are tied to a user, host or command may now include the negation operator. For example: Defaults:!millert lecture will match any user but millert. * The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin. * Sudo now uses polypkg for cross-platform packing. * On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1). * Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run). * The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like: Defaults env_keep += HOME to preserve the old value of HOME and Defaults env_keep += MAIL to preserve the old value of MAIL. * The tty_tickets option is now on by default. * Fixed a problem in the restoration of the AIX authdb registry setting. * If PAM is in use, wait until the process has finished before closing the PAM session. * Fixed "sudo -i -u user" where user has no shell listed in the password database. * When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed. * Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file. * Added support for Ubuntu-style admin flag dot files. Major changes between version 1.7.2p8 and 1.7.3: * Support for logging a command's input and output as well as the ability to replay sessions. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for information on replaying I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple sudoers_base and uri entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed.
2010-09-10 19:11:27 +02:00
bin/sudoreplay
Darwin doesn't build sudo_noexec.so, patch from Sevan Janiyan.
2014-07-28 22:07:42 +02:00
${PLIST.noexec}libexec/sudo_noexec.so
pkgsrc basically follows the BSD man page hierarchy. Install the su and visudo manpages in man/man1, and the sudoers manpage in man/man5. Remove the platform-specific PLISTs that only differed in the location of the man pages. Bump the PKGREVISION to 5.
2007-07-04 22:37:50 +02:00
man/man5/sudoers.5
Update security/sudo package to 1.7.0. * pkgsrc change: relax restriction to kerberos package. What's new in Sudo 1.7.0? * Rewritten parser that converts sudoers into a set of data structures. This eliminates a number of ordering issues and makes it possible to apply sudoers Defaults entries before searching for the command. It also adds support for per-command Defaults specifications. * Sudoers now supports a #include facility to allow the inclusion of other sudoers-format files. * Sudo's -l (list) flag has been enhanced: o applicable Defaults options are now listed o a command argument can be specified for testing whether a user may run a specific command. o a new -U flag can be used in conjunction with "sudo -l" to allow root (or a user with "sudo ALL") list another user's privileges. * A new -g flag has been added to allow the user to specify a primary group to run the command as. The sudoers syntax has been extended to include a group section in the Runas specification. * A uid may now be used anywhere a username is valid. * The "secure_path" run-time Defaults option has been restored. * Password and group data is now cached for fast lookups. * The file descriptor at which sudo starts closing all open files is now configurable via sudoers and, optionally, the command line. * Visudo will now warn about aliases that are defined but not used. * The -i and -s command line flags now take an optional command to be run via the shell. Previously, the argument was passed to the shell as a script to run. * Improved LDAP support. SASL authentication may now be used in conjunction when connecting to an LDAP server. The krb5_ccname parameter in ldap.conf may be used to enable Kerberos. * Support for /etc/nsswitch.conf. LDAP users may now use nsswitch.conf to specify the sudoers order. E.g.: sudoers: ldap files to check LDAP, then /etc/sudoers. The default is "files", even when LDAP support is compiled in. This differs from sudo 1.6 where LDAP was always consulted first. * Support for /etc/environment on AIX and Linux. If sudo is run with the -i flag, the contents of /etc/environment are used to populate the new environment that is passed to the command being run. * If no terminal is available or if the new -A flag is specified, sudo will use a helper program to read the password if one is configured. Typically, this is a graphical password prompter such as ssh-askpass. * A new Defaults option, "mailfrom" that sets the value of the "From:" field in the warning/error mail. If unspecified, the login name of the invoking user is used. * A new Defaults option, "env_file" that refers to a file containing environment variables to be set in the command being run. * A new flag, -n, may be used to indicate that sudo should not prompt the user for a password and, instead, exit with an error if authentication is required. * If sudo needs to prompt for a password and it is unable to disable echo (and no askpass program is defined), it will refuse to run unless the "visiblepw" Defaults option has been specified. * Prior to version 1.7.0, hitting enter/return at the Password: prompt would exit sudo. In sudo 1.7.0 and beyond, this is treated as an empty password. To exit sudo, the user must press ^C or ^D at the prompt. * visudo will now check the sudoers file owner and mode in -c (check) mode when the -s (strict) flag is specified.
2009-02-05 14:48:12 +01:00
${PLIST.ldap}man/man5/sudoers.ldap.5
pkgsrc basically follows the BSD man page hierarchy. Install the su and visudo manpages in man/man1, and the sudoers manpage in man/man5. Remove the platform-specific PLISTs that only differed in the location of the man pages. Bump the PKGREVISION to 5.
2007-07-04 22:37:50 +02:00
man/man8/sudo.8
man/man8/sudoedit.8
updating to the latest and greatest (and less a bunch of security relevant bugs) version: Major changes between version 1.7.4p3 and 1.7.4p4: * A potential security issue has been fixed with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. * A bug has been fixed where "sudo -l" output was incomplete if multiple sudoers sources were defined in nsswitch.conf and there was an error querying one of the sources. * The log_input, log_output, and use_pty sudoers options now work correctly on AIX. Previously, sudo would hang if they were enabled. * Fixed "make install" when sudo is built in a directory other than the directory that holds the sources. * The runas_default sudoers setting now works properly in a per-command Defaults line. * Suspending and resuming the bash shell when PAM is in use now works properly. The SIGCONT signal was not being propagated to the child process. Major changes between version 1.7.4p2 and 1.7.4p3: * A bug has been fixed where duplicate HOME environment variables could be set when the env_reset setting was disabled and the always_set_home setting was enabled in sudoers. * The value of sysconfdir is now substituted into the path to the sudoers.d directory in the installed sudoers file. * Fixed compilation problems on Irix and other platforms. * If multiple PAM "auth" actions are specified and the user enters ^C at the password prompt, sudo will now abort any subsequent "auth" actions. Previously it was necessary to enter ^C once for each "auth" action. Major changes between version 1.7.4p1 and 1.7.4p2: * Fixed a bug where sudo could spin in a cpu loop waiting for the child process. * Packaging fixes for sudo.pp to better handle patchlevels. Major changes between version 1.7.4 and 1.7.4p1: * Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option was enabled. * Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist. * Changes to the configure script to enable cross-compilation of Sudo. Major changes between version 1.7.3 and 1.7.4: * Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode. * Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this. * Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory. * Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf. * Defaults settings that are tied to a user, host or command may now include the negation operator. For example: Defaults:!millert lecture will match any user but millert. * The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin. * Sudo now uses polypkg for cross-platform packing. * On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1). * Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run). * The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like: Defaults env_keep += HOME to preserve the old value of HOME and Defaults env_keep += MAIL to preserve the old value of MAIL. * The tty_tickets option is now on by default. * Fixed a problem in the restoration of the AIX authdb registry setting. * If PAM is in use, wait until the process has finished before closing the PAM session. * Fixed "sudo -i -u user" where user has no shell listed in the password database. * When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed. * Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file. * Added support for Ubuntu-style admin flag dot files. Major changes between version 1.7.2p8 and 1.7.3: * Support for logging a command's input and output as well as the ability to replay sessions. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for information on replaying I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple sudoers_base and uri entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed.
2010-09-10 19:11:27 +02:00
man/man8/sudoreplay.8
pkgsrc basically follows the BSD man page hierarchy. Install the su and visudo manpages in man/man1, and the sudoers manpage in man/man5. Remove the platform-specific PLISTs that only differed in the location of the man pages. Bump the PKGREVISION to 5.
2007-07-04 22:37:50 +02:00
man/man8/visudo.8
Sort.
2005-12-27 19:29:18 +01:00
sbin/visudo
updating to the latest and greatest (and less a bunch of security relevant bugs) version: Major changes between version 1.7.4p3 and 1.7.4p4: * A potential security issue has been fixed with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. * A bug has been fixed where "sudo -l" output was incomplete if multiple sudoers sources were defined in nsswitch.conf and there was an error querying one of the sources. * The log_input, log_output, and use_pty sudoers options now work correctly on AIX. Previously, sudo would hang if they were enabled. * Fixed "make install" when sudo is built in a directory other than the directory that holds the sources. * The runas_default sudoers setting now works properly in a per-command Defaults line. * Suspending and resuming the bash shell when PAM is in use now works properly. The SIGCONT signal was not being propagated to the child process. Major changes between version 1.7.4p2 and 1.7.4p3: * A bug has been fixed where duplicate HOME environment variables could be set when the env_reset setting was disabled and the always_set_home setting was enabled in sudoers. * The value of sysconfdir is now substituted into the path to the sudoers.d directory in the installed sudoers file. * Fixed compilation problems on Irix and other platforms. * If multiple PAM "auth" actions are specified and the user enters ^C at the password prompt, sudo will now abort any subsequent "auth" actions. Previously it was necessary to enter ^C once for each "auth" action. Major changes between version 1.7.4p1 and 1.7.4p2: * Fixed a bug where sudo could spin in a cpu loop waiting for the child process. * Packaging fixes for sudo.pp to better handle patchlevels. Major changes between version 1.7.4 and 1.7.4p1: * Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option was enabled. * Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist. * Changes to the configure script to enable cross-compilation of Sudo. Major changes between version 1.7.3 and 1.7.4: * Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode. * Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this. * Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory. * Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf. * Defaults settings that are tied to a user, host or command may now include the negation operator. For example: Defaults:!millert lecture will match any user but millert. * The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin. * Sudo now uses polypkg for cross-platform packing. * On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1). * Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run). * The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like: Defaults env_keep += HOME to preserve the old value of HOME and Defaults env_keep += MAIL to preserve the old value of MAIL. * The tty_tickets option is now on by default. * Fixed a problem in the restoration of the AIX authdb registry setting. * If PAM is in use, wait until the process has finished before closing the PAM session. * Fixed "sudo -i -u user" where user has no shell listed in the password database. * When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed. * Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file. * Added support for Ubuntu-style admin flag dot files. Major changes between version 1.7.2p8 and 1.7.3: * Support for logging a command's input and output as well as the ability to replay sessions. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for information on replaying I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple sudoers_base and uri entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed.
2010-09-10 19:11:27 +02:00
share/doc/sudo/ChangeLog
share/doc/sudo/HISTORY
share/doc/sudo/LICENSE
share/doc/sudo/NEWS
Update security/sudo to 1.6.8 and convert to use bsd.options.mk, which adds two new options, ldap and pam. Changes: * Sudo now supports storing sudoers info in LDAP (optionally using TLS). * There is a new -e option to edit files the with uid of the invoking user. This makes it possible to give users to ability to safely edit files without the possibility of editing other files or running commands as the target user. If sudo is run as "sudoedit" the -e flag is implied. * A new tag, NOEXEC, will prevent a dynamically-linked program being run by sudo from executing another program (think shell escapes). Because this uses LD_PRELOAD it has no effect on static binaries. * A uid specified in sudoers now matches the user specified by the -u flag even if the -u flag specified a name, not a uid. * Added a -i option to simulate an initial login similar to "su -". * If sudo is used to run as root shell, further sudo commands will be logged as run by the user specified by the SUDO_USER environment variable. In -e mode (sudoedit), SUDO_USER is used to determine what user to run the editor when the real uid is 0. * The sudoers file is now parsed as the runas user in all cases instead of root. This fixes some issues with running NFS-mounted commands. * If the target user == invoking user a password is no longer required. * Sudo now produces a sensible error message when the targetpw Defaults option is set and a non-existent uid is specified via the -u option. * A negated user/uid in a runas list is now treated the same as a negated command and overrides a previously allowed entry. * PAM support now uses Use pam_acct_mgmt() to check for disabled accounts. * Added a check in visudo for runas_default being used before it was set. * Fixed several issues when closing all open descriptors. Sudo now uses closefrom() if it exists, otherwise it uses /proc/$$/fd if that exists with a fallback of closing all possible descriptors. * Quoting globbing characters with a backslash now works as documented. * Fixed a problem on FreeBSD (and perhaps others) when the user is only listed in NIS (not master.passwd) and netgroups are used in the master.passwd file. * The username in a log entry is no longer truncated at 8 characters. * Added a "sudo_lecture" option that can point to a file containing a custom lecture. * The timeout for password reading is now done via alarm(), not select(). * /tmp/.odus is no longer used for timestamps by default. * Sudo now works on the nsr-tandem-nsk platform. * Fixed the --with-stow configure option. * TIS fwtk authentication now supports fwtk 2.0 and higher. * Added Stan Lee / Uncle Ben quote to the lecture from RedHat. * Added the --with-pc-insults configure to replace politically incorrect insults with other ones.
2004-08-23 23:15:17 +02:00
share/doc/sudo/README
* Fix PLIST when "ldap" is enabled in PKG_OPTIONS. * Install README.LDAP when "ldap" is enabled in PKG_OPTIONS. * Fix build problem when "kerberos" is enabled in PKG_OPTIONS. Bump PKGREVISION since default PLIST has changed.
2010-09-21 05:05:27 +02:00
${PLIST.ldap}share/doc/sudo/README.LDAP
updating to the latest and greatest (and less a bunch of security relevant bugs) version: Major changes between version 1.7.4p3 and 1.7.4p4: * A potential security issue has been fixed with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. * A bug has been fixed where "sudo -l" output was incomplete if multiple sudoers sources were defined in nsswitch.conf and there was an error querying one of the sources. * The log_input, log_output, and use_pty sudoers options now work correctly on AIX. Previously, sudo would hang if they were enabled. * Fixed "make install" when sudo is built in a directory other than the directory that holds the sources. * The runas_default sudoers setting now works properly in a per-command Defaults line. * Suspending and resuming the bash shell when PAM is in use now works properly. The SIGCONT signal was not being propagated to the child process. Major changes between version 1.7.4p2 and 1.7.4p3: * A bug has been fixed where duplicate HOME environment variables could be set when the env_reset setting was disabled and the always_set_home setting was enabled in sudoers. * The value of sysconfdir is now substituted into the path to the sudoers.d directory in the installed sudoers file. * Fixed compilation problems on Irix and other platforms. * If multiple PAM "auth" actions are specified and the user enters ^C at the password prompt, sudo will now abort any subsequent "auth" actions. Previously it was necessary to enter ^C once for each "auth" action. Major changes between version 1.7.4p1 and 1.7.4p2: * Fixed a bug where sudo could spin in a cpu loop waiting for the child process. * Packaging fixes for sudo.pp to better handle patchlevels. Major changes between version 1.7.4 and 1.7.4p1: * Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option was enabled. * Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist. * Changes to the configure script to enable cross-compilation of Sudo. Major changes between version 1.7.3 and 1.7.4: * Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode. * Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this. * Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory. * Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf. * Defaults settings that are tied to a user, host or command may now include the negation operator. For example: Defaults:!millert lecture will match any user but millert. * The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin. * Sudo now uses polypkg for cross-platform packing. * On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1). * Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run). * The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like: Defaults env_keep += HOME to preserve the old value of HOME and Defaults env_keep += MAIL to preserve the old value of MAIL. * The tty_tickets option is now on by default. * Fixed a problem in the restoration of the AIX authdb registry setting. * If PAM is in use, wait until the process has finished before closing the PAM session. * Fixed "sudo -i -u user" where user has no shell listed in the password database. * When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed. * Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file. * Added support for Ubuntu-style admin flag dot files. Major changes between version 1.7.2p8 and 1.7.3: * Support for logging a command's input and output as well as the ability to replay sessions. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for information on replaying I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple sudoers_base and uri entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed.
2010-09-10 19:11:27 +02:00
share/doc/sudo/TROUBLESHOOTING
* Cosmetic changes to Makefile. * Use DEINSTALL/INSTALL scripts to handle config files. * Install the UPGRADE file and add a MESSAGE file to refer to it, instead of spewing a big file every time sudo is installed.
2000-12-06 07:33:39 +01:00
share/doc/sudo/UPGRADE
updating to the latest and greatest (and less a bunch of security relevant bugs) version: Major changes between version 1.7.4p3 and 1.7.4p4: * A potential security issue has been fixed with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. * A bug has been fixed where "sudo -l" output was incomplete if multiple sudoers sources were defined in nsswitch.conf and there was an error querying one of the sources. * The log_input, log_output, and use_pty sudoers options now work correctly on AIX. Previously, sudo would hang if they were enabled. * Fixed "make install" when sudo is built in a directory other than the directory that holds the sources. * The runas_default sudoers setting now works properly in a per-command Defaults line. * Suspending and resuming the bash shell when PAM is in use now works properly. The SIGCONT signal was not being propagated to the child process. Major changes between version 1.7.4p2 and 1.7.4p3: * A bug has been fixed where duplicate HOME environment variables could be set when the env_reset setting was disabled and the always_set_home setting was enabled in sudoers. * The value of sysconfdir is now substituted into the path to the sudoers.d directory in the installed sudoers file. * Fixed compilation problems on Irix and other platforms. * If multiple PAM "auth" actions are specified and the user enters ^C at the password prompt, sudo will now abort any subsequent "auth" actions. Previously it was necessary to enter ^C once for each "auth" action. Major changes between version 1.7.4p1 and 1.7.4p2: * Fixed a bug where sudo could spin in a cpu loop waiting for the child process. * Packaging fixes for sudo.pp to better handle patchlevels. Major changes between version 1.7.4 and 1.7.4p1: * Fix a bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option was enabled. * Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist. * Changes to the configure script to enable cross-compilation of Sudo. Major changes between version 1.7.3 and 1.7.4: * Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode. * Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this. * Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory. * Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf. * Defaults settings that are tied to a user, host or command may now include the negation operator. For example: Defaults:!millert lecture will match any user but millert. * The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin. * Sudo now uses polypkg for cross-platform packing. * On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1). * Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run). * The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like: Defaults env_keep += HOME to preserve the old value of HOME and Defaults env_keep += MAIL to preserve the old value of MAIL. * The tty_tickets option is now on by default. * Fixed a problem in the restoration of the AIX authdb registry setting. * If PAM is in use, wait until the process has finished before closing the PAM session. * Fixed "sudo -i -u user" where user has no shell listed in the password database. * When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed. * Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file. * Added support for Ubuntu-style admin flag dot files. Major changes between version 1.7.2p8 and 1.7.3: * Support for logging a command's input and output as well as the ability to replay sessions. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for information on replaying I/O log sessions. * The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled. * On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only). * On AIX systems, the registry setting in /etc/security/user is now taken into account when looking up users and groups. Sudo now applies the correct the user and group ids when running a command as a user whose account details come from a different source (e.g. LDAP or DCE vs. local files). * Support for multiple sudoers_base and uri entries in ldap.conf. When multiple entries are listed, sudo will try each one in the order in which they are specified. * Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal. * Sudo will now use the Linux audit system with configure with the --with-linux-audit flag. * Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this. * When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password. * The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values. * Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed.
2010-09-10 19:11:27 +02:00
share/doc/sudo/sample.pam
share/doc/sudo/sample.sudoers
share/doc/sudo/sample.syslog.conf
* Fix PLIST when "ldap" is enabled in PKG_OPTIONS. * Install README.LDAP when "ldap" is enabled in PKG_OPTIONS. * Fix build problem when "kerberos" is enabled in PKG_OPTIONS. Bump PKGREVISION since default PLIST has changed.
2010-09-21 05:05:27 +02:00
${PLIST.ldap}share/doc/sudo/schema.ActiveDirectory
${PLIST.ldap}share/doc/sudo/schema.OpenLDAP
${PLIST.ldap}share/doc/sudo/schema.iPlanet
${PLIST.ldap}share/doc/sudo/sudoers2ldif
Update sudo to 1.5.9p4. It's the latest stable security release.
1999-08-31 21:26:40 +02:00
share/examples/sudo/sudoers
Reference in a new issue Copy permalink