Summary of changes:
- removal of USE_GTEXINFO
- addition of mk/texinfo.mk
- inclusion of this file in package Makefiles requiring it
- `install-info' substituted by `${INSTALL_INFO}' in PLISTs
- tuning of mk/bsd.pkg.mk:
removal of USE_GTEXINFO
INSTALL_INFO added to PLIST_SUBST
`${INSTALL_INFO}' replace `install-info' in target rules
print-PLIST target now generate `${INSTALL_INFO}' instead of `install-info'
- a couple of new patch files added for a handful of packages
- setting of the TEXINFO_OVERRIDE "switch" in packages Makefiles requiring it
- devel/cssc marked requiring texinfo 4.0
- a couple of packages Makefiles were tuned with respect of INFO_FILES and
makeinfo command usage
See -newly added by this commit- section 10.24 of Packages.txt for
further information.
msu (or mini/mono su) is a simple way to provide passwordless access to
accounts specified in a config file. Useful for shared accounts and suchlike.
Its more a convenient way to _reduce_ security, than increase it, but as its
related to account authorisation it goes into security...
* Build properly on systems that don't have /dev/urandom by testing for
the presence of /dev/urandom, instead of just testing for Solaris.
* Add disabled code to handle PAM (not quite working yet with security/PAM).
* Make the sshd rc.d script more /etc/rc.subr-friendly.
* Minimize amount of diffs from pristine OpenSSH sources.
pwcheck only checks against the /etc/passwd database. Users that need
CRAM-MD5 or SCRAM-MD5 authentication can initialize the sasldb and add
themselves in the process by running saslpasswd.
aware applications look for authentication mechanisms by default.
* Warn package admin if ${PREFIX}/lib/sasl is non-empty after
deinstallation, as it may contain service config files.
* Purge use of PKGDIR.
pam_smbpass is a PAM module to authenticate against a local smbpassd (Samba
password) user database, and can be used on conforming systems to keep the
smbpasswd database in sync with the UNIX password file.
incompatible changes to libpam.so; prior versions were buggy so upgrading
is highly recommended.
Pkgsrc changes from version 0.72 include:
* Honor ${PKG_SYSCONFDIR}: the config files are now found in /etc/pam.conf
and /etc/pam/*.conf, or in the appropriate ${PKG_SYSCONFBASE} directory.
* Convert to use the general INSTALL/DEINSTALL scripts.
Changes from version 0.72 include:
* bug fixes to almost every PAM module
* pam_pwdb replaced with pam_unix
* fixed a small security hole (more of a user confusion issue) with
the unix and pwdb password helper binaries.
* improved handling of the setcred/close_session and update chauthtok
stack. *Warning* This is a backwardly incompatible change, but 'more
sane' than before. (Bug 129775 - agmorgan)
* added support for '/' symbols in pam_time and pam_group config files
(support for modern terminal devices). Fixed infinite loop problem
with '\\[^\n]' in these files.
* added accessconf=<filename> feature to pam_access
o Utilize textproc/expat/buildlink.mk.
o Install data file to ${LOCALBASE}/libdata/rats instead of ${LOCALBASE}/lib.
It seems that Changes isn't available but PHP support was added.
469) Older versions of BSDi have getifaddrs() but no freeifaddrs().
470) BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD.
471) Ignore the return value of pam_setcred(). In Linux-PAM 0.75,
pam_setcred() will return PAM_PERM_DENIED even if the setcred function
of the module succeeds when pam_authenticate() has not been called.
472) Avoid giving PAM a NULL password response, use the empty string instead.
This avoids a log warning when the user hits ^C at the password prompt
when Linux-PAM is in use. This also prevents older versions of
Linux-PAM from dereferencing the NULL pointer.
473) The user's password was not zeroed after use when AIX authentication,
BSD authentication, FWTK or PAM was in use.
Sudo 1.6.5p2 released.
+ Set local $SIG{PIPE} = \&die before $ssl->connect()
to capture the "broken pipe" error associated with connecting
to a computer that is not running a SSL web server
+ Documented differences / conflicts between LWP proxy support
and Crypt::SSLeay which seems to be a source of confusion for users.
+ Added Net::SSL::get_peer_verify call so the warning header
from LWP that says:
Client-SSL-Warning: Peer certificate not verified
can be suppressed when HTTPS_CA_FILE & HTTPS_CA_DIR environment
variables are set to invoke peer certificate verification.
+ $ENV{HTTPS_DEBUG} activates Crypt::SSLeay specific debugging,
so one can debug from LWP:: calls without using ./net_ssl_test script
- removed exit from Makefile.PL
+ Streamlined *CA* patches so only in $CTX->set_verify()
which gets called every time now.
+ Throw error instead of return undef in Net::SSL->connect()
because we loose the errors otherwise.
- Turn SSL_MODE_AUTO_RETRY on so clients can survive
changes in SSLVerifyClient changes in the modssl connection
+ Integrated patches from Gamid Isayev for CA peer verification.
- Client certs weren't working correctly, setup certs earlier in connection
now, also create new CTX per request, so cert settings don't remain
sticky from one request to the next.
+ update ./net_ssl_test to do smart parsing of host, where
host can now be of the form http://www.nodeworks.com:443/
- local $@ in Net::SSL::DESTROY so we don't kill real errors
- return undef in Net::SSL::connect() instead of die() for better LWP
support & error handling.
+ alarm() on Unix platforms around ssl ctx connect, which can hang for
process for way too long when trying to connect to dead https SSL servers.
Fixes PR/15053 by Shell Hung.
467) Visudo could access memory that was already freed.
468) If the skey.access file denied use of plaintext passwords sudo
would exit instead of allowing the user to enter an S/Key.
Sudo 1.6.5p1 released.
Added --disable-root-mailer to CONFIGURE_ARGS better security.
Changes from 1.6.3p7 to 1.6.5 is attached bellow.
417) Visudo now checks for the existence of an editor and gives a sensible
error if it does not exist.
418) The path to the editor for visudo is now a colon-separated list of
allowable editors. If the user has $EDITOR set and it matches
one of the allowed editors that editor will be used. If not,
the first editor that actually exists is used.
419) Visudo now does its own fork/exec instead of calling system(3).
420) Allow special characters (including '#') to be embedded in pathnames
if quoted by a '\\'. The quoted chars will be dealt with by fnmatch().
Unfortunately, 'sudo -l' still prints the '\\'.
421) Added the always_set_home option.
422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent
reading of protected files by a less privileged user.
423) Added support for BSD authentication and associated -a flag.
424) Added check for _innetgr(3) since NCR systems have this instead
of innetgr(3).
425) Added stay_setuid option for systems that have libraries that perform
extra paranoia checks in system libraries for setuid programs.
426) Environment munging is now done by hand. The environment is zeroed
upon sudo startup and a new environment is built before the command
is executed. This means we don't rely on getenv(3), putenv(3),
or setenv(3).
427) Added a class of environment variables that are only cleared if they
contain '/' or '%' characters.
428) Use stashed user_gid when checking against exempt gid since sudo
sets its gid to SUDOERS_GID, making getgid() return that, not the
real gid. Fixes problem with setting exempt group == SUDOERS_GID.
Fix from Paul Kranenburg.
429) Fixed file locking in visudo on NeXT which has a broken lockf().
Patch from twetzel@gwdg.de.
430) Regenerated configure script with autoconf-2.52 (required some
tweaking of configure.in and friends).
431) Added mail_badpass option to send mail when the user does not
authenticate successfully.
432) Added env_reset Defaults option to reset the environment to
a clean slate. Also implemented env_keep Defaults option
to specify variables to be preserved when resetting the
environment.
433) Added env_check and env_delete Defaults options to allow the admin
to modify the builtin list of environment variables to remove.
434) If timestamp_timeout < 0 then the timestamp never expires. This
allows users to manage their own timestamps and create or delete
them via 'sudo -v' and 'sudo -k' respectively.
435) Authentication routines that use sudo's tgetpass() now accept
^C or ^Z at the password prompt and sudo will act appropriately.
436) Added a check-only mode to visudo to check an existing sudoers
file for sanity.
437) Visudo can now edit an alternate sudoers file.
438) If sudo is configured with S/Key support and the system has
skeyaccess(3) use that to determine whether or not to allow
a normal Unix password or just S/Key.
439) Fixed CIDR handling in sudoers.
440) Fixed a segv if the local hostname is not resolvable and
the 'fqdn' option is set.
441) "listpw=never" was not having an effect for users who did not
appear in sudoers--now it does.
442) The --without-sendmail option now works on systems with
a /usr/include/paths.h file that defines _PATH_SENDMAIL.
443) Removed the "secure_path" Defaults option as it does not work and
cannot work until the parser is overhauled.
444) Added new -P flag and "preserve_groups" sudoers option to cause
sudo to preserve the group vector instead of setting it to that
of the target user. Previously, if the target user was root
the group vector was not changed. Now it is always changed unless
the -P flag or "preserve_groups" option was given.
445) If find_path() fails as root, try again as the invoking user (useful
for NFS). Idea from Chip Capelik.
446) Use setpwent()/endpwent() and its shadow equivalents to be sure
the passwd/shadow file gets closed.
447) Use getifaddrs(3) to get the list of network interfaces if it is
available.
448) Dump list of local IP addresses and environment variables to clear
when 'sudo -V' is run as root.
449) Reorganized the lexer a bit and added more states. Sudo now does a
better job of parsing command arguments in the sudoers file.
450) Wrap each call to syslog() with openlog()/closelog() since some
things (such as PAM) may call closelog(3) behind sudo's back.
451) The LOGNAME and USER environment variables are now set if the user
specified a target uid and that uid exists in the password database.
452) configure will no longer add the -g flag to CFLAGS by default.
453) Now call pam_setcreds() to setup creds for the target user when
PAM is in use. On Linux this often sets resource limits.
454) If "make install" is run by non-root and the destination dir
is writable, install things normally but don't set owner and mode.
455) The Makefile now supports installing in a shadow hierarchy
specified via the DESTDIR variable.
456) config.h.in is now generated by autoheader.
Sudo 1.6.4 released.
457) Move the call to rebuild_env() until after MODE_RESET_HOME is set.
Otherwise, the set_home option has no effect.
458) Fix use of freed memory when the "fqdn" flag is set. This was
introduced by the fix for the "segv when gethostbynam() fails" bug.
459) Add 'continue' statements to optimize the switch statement.
From Solar Designer.
Sudo 1.6.4p1 released.
460) Some special characters were not being escaped properly (e..g '\,')
in command line arguments and would cause a syntax error instead.
461) "sudo -l" would not work if the always_set_home option was set.
462) Added a configure option to disable use of POSIX saved IDs for
operating systems where these are broken.
463) The SHELL environment variable was preserved from the user's environment
instead of being reset based on the passwd database even when the
"env_reset" option was set.
Sudo 1.6.4p2 released.
464) Added a configure option to cause mail sent by sudo to be run as
the invoking user instead of root. Some people consider this to
be safer.
465) If the mailer is being run as root, use a hard-coded environment
that is not influenced in any way by the invoking user's environment.
466) Fixed the call to skeyaccess(). Patch from Phillip E. Lobbes.
Sudo 1.6.5 released.
* The list of keyservers is now read form the file "keyservers" in the
GPA configuration directory which by default is ~/.gnupg. The new
option keyserver may be used in the gpa.conf file to select the
default keyserver - it implictly adds this server to the list of
keyservers.
