summaryrefslogtreecommitdiff
path: root/usr.bin/sudo
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2008-11-14 11:53:06 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2008-11-14 11:53:06 +0000
commitb947682bc3ae9dc4a24d5a2c48e88d01ecd53b63 (patch)
tree084f0d9987add8957f47160e5062ea92eef24212 /usr.bin/sudo
parent19f20a11ef755ae1d9563a8f8b9a21fd67ba44ec (diff)
Upgrade to sudo 1.7. See the WHATSNEW files for details.
Diffstat (limited to 'usr.bin/sudo')
-rw-r--r--usr.bin/sudo/BUGS25
-rw-r--r--usr.bin/sudo/CHANGES2117
-rw-r--r--usr.bin/sudo/ChangeLog19479
-rw-r--r--usr.bin/sudo/HISTORY86
-rw-r--r--usr.bin/sudo/INSTALL39
-rw-r--r--usr.bin/sudo/LICENSE9
-rw-r--r--usr.bin/sudo/Makefile.in339
-rw-r--r--usr.bin/sudo/README13
-rw-r--r--usr.bin/sudo/README.LDAP349
-rw-r--r--usr.bin/sudo/TROUBLESHOOTING9
-rw-r--r--usr.bin/sudo/UPGRADE27
-rw-r--r--usr.bin/sudo/WHATSNEW79
-rw-r--r--usr.bin/sudo/aclocal.m413
13 files changed, 19994 insertions, 2590 deletions
diff --git a/usr.bin/sudo/BUGS b/usr.bin/sudo/BUGS
deleted file mode 100644
index 67b07979448..00000000000
--- a/usr.bin/sudo/BUGS
+++ /dev/null
@@ -1,25 +0,0 @@
-Known bugs in sudo version 1.6.9
-================================
-
-1) Sudo should have an option to log when removing "dangerous"
- environment variables.
-
-2) On DUNIX in sia mode, hitting return at the prompt does not quit.
-
-3) In parse.lex, '@' should not need to be a special character.
- However, because lex does greedy matching, {WORD} will match
- instead of the "^Defaults[:@]?" line.
-
-4) In list mode (sudo -l), characters escaped with a backslash
- are shown verbatim with the backslash.
-
-5) Because the parser only does a single pass it is possible to
- make a sudoers file where the "defaults" options are set after
- a user's entry has been validated, changing the permissions for
- the user. The work-around is to put all 'defaults' entries
- before the "User privilege specification" section but after all
- the "alias specifications". In the future the parser will
- converted to a two-pass parser.
-
-6) For the same reason as #5, changing the value of "ignore_dot" has
- no effect (find_path() is called before sudoers is parsed).
diff --git a/usr.bin/sudo/CHANGES b/usr.bin/sudo/CHANGES
deleted file mode 100644
index c3124ca8f2e..00000000000
--- a/usr.bin/sudo/CHANGES
+++ /dev/null
@@ -1,2117 +0,0 @@
-CHANGES since sudo 1.2
-
-01) sudo now works under hpux, aix, sunos, bsd43, ultrix, linux, osf and irix.
-
-02) Files w/o the executable bit will be ignored if they are in your PATH.
-
-03) If execv() fails, perror is called (which prints out an error based on
- errno) and sudo exits with -1.
-
-04) Included in this shar should also be a version of getpass() derived from
- the bsd net-2 source which works on bsd, ultrix, hpux, aix, and irix
- at least. The latter three unixes have what i consider to be a broken
- getpass() in that if /dev/tty can't be opened it doesn't just use stdin
- like bsd getpass(). This means you cannot do: rsh host "sudo command"
- and have it work if your ticket has expired.
-
-05) The Makefile has changed significantly. It now has defines for all
- supported architectures.
-
-06) Changed MAXCOMMANDLENGTH from 48 bytes to MAXPATHLEN and included
- sys/param.h where appropriate.
-
-07) Rewrote the code that expands links & paths. It now works correctly.
- (rewrote find_path.c)
-
-08) Added a define NEED_STRDUP so we don't conflict with the system's strdup(3)
-
-09) Now does *not* pass LD_* environmental vars on to programs that get
- exec'd. Also removes SHLIB_PATH for hpux and _RLD_* for dec osf.
-
-10) Now searches current dir last if '.' or '' are in PATH. Misses braindeath
- like './' but if that's in your path you deserve all the trojans you get.
-
-11) Added in linux patches from drew + flex support.
-
-12) Added insults back in from original sudo(8) (define USE_INSULTS).
-
-13) visudo now uses EDITOR envar (from John_Rouillard@dl5000.bc.edu)
-
-14) you can now specify a dir containing commands that a sudoer can do.
- (from John_Rouillard@dl5000.bc.edu)
-
-15) Ported to Solaris 2.x (based on a port of sudo 1.1 done by UnixOps).
-
-16) Took out setuid(0); setruid(uid); pairs that bracketed calls to
- update_timestamp() since they are unnecessary and setruid() is
- broken on systems without a setreuid(2) or setresuid(2) system call.
- (Ie: AIX and Solaris 2.x).
-
-17) The bulk of sudo now runs with the caller's real uid. Grep for
- be_root() to find the exceptions.
-
-CHANGES from sudo 1.3
-
-18) Added SECURE_PATH as suggested by russells@ccu1.auckland.ac.nz.
-
-19) Reworked clean_envp() to modify environ (not envp) so we can use
- execvp() safely.
-
-20) Now use execvp() instead of execve() so sudo /bin/kill works under
- broken solaris. This also fixed sudo /etc/fastboot under stock
- 4.3 BSD. Basically, this means that any executable shell script that
- lacks a '#!/bin/sh' magic number will now work with sudo. Personally
- I think that the broken scripts should be fixed rather than changing
- sudo, but vendors will be broken. Sigh.
-
-21) Added USE_EXECV define so you can make sudo use execv() if you
- want. Using execvp() shouldn't be a problem since it is always
- handed a non-relative path that begins with '/' but some people
- may not trust execvp().
-
-22) Log file lines will no longer get truncated. Syslog entries that
- would overrun the syslog(3) line limit are continued on another entry.
-
-23) When logging to a log file, long entries are indented to improve
- readability.
-
-24) Whenever the umask is changed, it is changed back to what it was
- before.
-
-25) Log file is written as mode 600 instead of 644
-
-26) Umask that sudo runs with may now be specified.
-
-27) There is now a "configure" script.
-
-28) Sudo will use ultra fast crypt (ufc) if it finds it for systems w/o
- a real crypt(3) (non-US ConvexOS/Secure for instance).
-
-29) _BSD_COMPAT is now defined for Irix.
-
-30) The global variable uid is now initialized to -2 because I'm paranoid.
-
-31) Native Solaris 2 port from Matthew.Stier@aisg.com
-
-32) Now use sysconf(2) instead of getdtablesize(2) if it is available
- (see change #31). Because of the the getdtablesize() emulation for
- hpux is no longer necessary.
-
-33) Now only do a getcwd(3) or getwd(3) once and do it as the real user.
- Sudo should no longer complain that it can't get the cwd unless
- there is a real problem.
-
-34) Changed some malloc'd globals of fixed length to be allocated from
- the stack instead as there was no win in allocating them from the
- heap.
-
-35) Fixed AIX STATIC_FLAGS as per the AIX faq.
-
-36) Added -V flag to sudo and visudo (for version)
-
-37) Now treat EACCESS like EPERM when doing stat(2) in find_path.c
-
-38) Added prototypes for sudo functions (via __P macro)
-
-39) configure now uses uname(1) if it exists
-
-40) gethostbyname(3) is now only called if you define FQDN. There's really
- no reason to not trust gethostname(2) and this way if name service is
- hosed sudo isn't...
-
-41) added -v (validate) flag to sudo to update a timestamp w/o running
- a command
-
-42) now use tgetpass() (getpass with a timeout)
-
-43) find_path() now uses realpath(3)
-
-44) wrote versions of realpath(3) and getcwd(3) for those without
-
-45) wrote tgetpass()--a getpass() that times out via select(2)
-
-46) sudo now uses posix signals if available
-
-47) Finally added ConvexOS C2 security support from
- "Peter A. Nikitser, Systems Software Support, QUT" <P.NIKITSER@qut.edu.au>
-
-48) You can now #undef MAILER if you don't run sendmail or the equivalent.
-
-49) AFS support from adamh@austin.ibm.com
-
-50) If you define BOTH_LOGS in sudo.h you can log both via syslog(3) *ans*
- to a log file.
-
-51) Added ultrix /etc/auth (enhanced security) support.
-
-52) Sudo now will work with a 4.2BSD syslog (SunOS < 4 && ultrix).
- Personally, I'd say you are better off logging to a file if
- your syslog is this ancient.
-
-53) Changed realpath(3) to sudo_realpath() since we need to do the
- chdir(2) with the invoking uid. sudo_realpath() should be
- faster than vendor-supplied realpath(3)'s anyway...
-
-54) No longer create a static binary on AIX since it reportedly
- causes problem on newer versions on AIX 3.x.
-
-55) If sudo_realpath cannot chdir() back to cwd sudo will print
- and error and exit. Previously it would either fail silently
- or print an incorrect error message.
-
-56) Moved code to send error mail to be after the log message.
- From rouilj@cs.umb.edu.
-
-57) Added SUDO_USER and SUDO_UID envars. Suggested by John P. Rouillard
- (<rouilj@cs.umb.edu).
-
-58) Added -k and -h options and rearranged some of the code to be
- more modular and less braindamaged. This introduces the concept
- of "run modes" to sudo.
-
-59) Fixed visudo and flex. visudo now calls yyrestart() if you are using
- flex instead of lex. From bostley@cs.colorado.edu.
-
-60) Added a "cat page" for systems w/o nroff.
-
-61) Fixed a bug whereby only the last directory specified in a Cmnd_Alias
- was checked. Reported by "James R. Hendrick" <hendrick@ctron.com>.
-
-62) All .{c,lex,yacc} files now include both sys/types.h and unistd.h so
- we are sure to get the typedef of uid_t.
-
-CHANGES from sudo 1.3.1
-
-63) Added preliminary support for DEC OSF/1 protected passwords
- (shadow passwords).
-
-CHANGES from sudo 1.3.1pl1
-
-64) More support for DEC OSF/1 protected passwords (shadow passwords).
-
-CHANGES from sudo 1.3.1pl2
-
-65) Fixed mail logging to include the username as it should have.
-
-66) Added hostname to log message in error mail.
-
-67) Added -l flag to sudo to list the allowed/forbidden commands.
- Suggested by matthew@gateway.bsis.com (Matthew Stier)
-
-68) Fixed bison warnings for parse.yacc and visudo.yacc.
- Pointed out by alfie@dcs.warwick.ac.uk (Nick Holloway).
-
-CHANGES from sudo 1.3.1pl3
-
-69) Sudo will now exit with an error if the command to be run is > MAXPATHLEN.
-
-70) Test in configure for termios support was insufficient. It thought
- Nextstep 3.2 had termios just because it as termios.h (need to link
- with -posix for termios on NeXT's)
-
-CHANGES from sudo 1.3.1pl4
-
-71) First stab at Skey support.
-
-72) Sudo now sets IFS to be SPACE, TAB, NEWLINE.
-
-73) Sudo now sets the real and effective gid to root's group
- (based on passwd file).
-
-74) Sudo now checks that the sudoers file is owned by a certain user
- and not readable or writable by anyone else.
- (based on a suggestion by Joerg Schumacher <schuma@ips.cs.tu-bs.de>)
-
-75) Visudo now sets the owner on the new sudoers file based on #74
-
-76) Sudo and visudo will now compile with byacc (Berkeley yacc).
-
-77) If the rename(2) of stmp -> sudoers fails /bin/mv is executed before
- bailing. Based on code from Case Larsen <clarsen@mh1.lbl.gov>.
-
-78) User-level configuration is now done in options.h.
-
-79) Moved all compatibility #defines to compat.h
-
-80) Incorporated new parsing code from Chris Jepeway <jepeway@cs.utk.edu>.
- This is much better than the previous parser.
-
-81) Rewrote visudo.c and tickled parse.yacc to work with it. Visudo
- now gives you options if a parse error occurs rather than blindly
- dumping you back in the editor.
-
-82) Took out all references to realpath since we are now checking based
- in inode and device (with Chris' new parser). The upshot of this
- is that path matches are done safely and the symlink problem has
- gone away.
-
-83) Fixed bison warnings from new parse.yacc.
-
-84) Added a default case to parse.lex to error on unmatched tokens as Chris
- suggested.
-
-85) Converted configure.in and acsite.m4 to autoconf 2.1.
-
-86) Added lsearch.c and search.h for os's w/o lsearch()/lfind().
-
-87) Sudo now checks to see that the file it is executing is a regular file
- (was just checking the execute bit so dirs slipped through).
- Pointed out by Barb Dijker <barb@labyrinth.com>.
-
-88) Fixed a problem on HP-UX trusted systems with getpwuid() returning "*"
- unless the real uid is 0. Reported by Brian Cunnie (cunnie@nyc.hp.com).
-
-89) configure now checks for size_t and ssize_t in unistd.h as well
- as sys/types.h.
-
-90) configure now checks for egrep before actually using it.
-
-91) configure now checks for a working void implementation (ie: void * as
- a generic pointer) and sets VOID to void or char accordingly.
-
-92) Added support for SunOS 4.x C2 security (shadow passwords) from
- Kendall Libby (fubar@shore.net)
-
-93) Changed all occurrences of bzero() to memset() and bcopy() to
- memmove().
-
-94) Fixed a bug in sudo.c. If a user has no passwd entry sudo would
- dump core (writing to a garbage pointer). Pointed out by
- Stephen Schaefer <sps@gateway.bsis.com>.
-
-95) Worked around a bug in AIX's lex in parse.c. AIX lex doesn't seem
- to handle {x,y} range notation correctly. Bleah.
-
-96) Sudo would not report a failed attempt if the user entered return
- at the 2nd password: prompt so someone trying to guess a password
- could just invoked sudo multiple times and try one passwd at a time.
- Reported by Jonathan Adams <jonathan@smada.com>.
-
-97) Added User_Alias facility.
-
-98) Rewrote most of the ip address / network support. Now works on all
- systems sudo has currently been tested on.
-
-99) Sudo now sets SUDO_COMMAND and SUDO_GID envariables in addition to
- SUDO_USER and SUDO_UID.
-
-100) Added changes to configure.in for UnixWare.
- (from John Warburton <jwarb@SACBH.com.au>)
-
-101) Merged in changes for Interactive Unix and RISCos.
- (from Andy Smith <abs@maunsell.co.uk>)
-
-102) Added testsudoers (from Chris Jepeway <jepeway@cs.utk.edu>).
-
-103) Added fix for parse.yacc to avoid the kludge I was doing.
- (from Chris Jepeway <jepeway@cs.utk.edu>)
-
-104) Now remove the IFS envar if set instead of setting it to a "safe"
- value to avoid problems with make and others.
-
-105) Added FAST_MATCH option to check basenames of sudo command and
- paths listed in sudoers file. If the basename doesn't match
- then it is not a match. If the basename matches, then do
- a stat to make sure it is a valid match.
-
-106) Now only stat(2) cmnd once in path_matches() (in parse.c). Sudo
- was stating cmnd for *every* attempted match. Now the stat struct
- is cached (ie: the var is a static).
-
-107) Signal handlers in visudo are now only installed after the stmp
- file is opened. Previously, it was possible to erase an open
- stmp file by sending visudo a signal within a small window.
-
-108) Added Goon Show insults from Russell Street <r.street@auckland.ac.nz>.
-
-109) Broke out the insults into separate include files (insults.h
- is the master and includes the appropriate one).
-
-110) Now use getwd() instead of getcwd() and provide emulation for
- OS's w/o it. This was done since some OS's with getwd()
- implement getcwd() via a pipe to pwd(1). By emulating getwd()
- by calling getcwd() on OS's w/o getwd() we lose nothing since
- the compiler should optimize away the extra function call.
-
-111) Added crypt() for DEC OSF/1 3.x enhanced security.
- From "Richard L Jackson Jr" <rjackson@osf1.gmu.edu>.
-
-112) Added an option to run the command in the background (-b) as
- suggested by Jonathan Adams <jonathan@smada.com>
-
-113) First stab at kerberos support. I'm not really sure it is
- possible to do this in a sane manor. Sigh.
-
-114) Better kerberos support. Had to use setreuid(2) but falls
- back on a kludge if that does not exist or is broken.
-
-115) Added -p (password prompt) support.
- Suggested by "David W. Cooley" <dwcooley@COLBY.EDU>
-
-116) Added partial implementation of -l (list) flag.
- This is probably as good as it will get until sudo:tng.
-
-117) Added anti-spoofing code to tighten up a race condition
- where a user could run sudo some_link and then change
- where the link pointed after the old link had been
- validated but before the exec().
-
-118) Now update timestamp file via utime() (and emulate via utimes()
- if necessary) to eliminate a small race. Works with
- both POSIX utime() as well as old utime() in BSD <= 4.3.
-
-119) Kerberos ticket file now lives in same dirs as sudo timestamp
- files (to avoid trouncing on normal ticket file) and is removed
- after validation.
-
-120) Now log tty user is on as well as pwd in sudo logs.
-
-CHANGES from sudo 1.3.2 BETA
-
-121) Fixed a bug in the anti-spoofing check.
-
-122) Fixed up ISC support so that it works and looks like non-streams
- stuff in interfaces.c.
-
-123) Now deal correctly with ip implementations that has an sa_len
- field in struct sockaddr.
-
-124) Check ownership and permissions on timestamp dir and ignore if
- not owned by root and mode 0700. Problem pointed out by Larry Auton
- <lda@research.AT&T.com> and Navjot Singh <singh@research.AT&T.com>.
-
-125) Ignore timestamp files with preposterous dates to keep people from
- faking out sudo on OS's that allow you to give away files to root.
- Problem pointed out by Larry Auton <lda@research.AT&T.com> and
- Navjot Singh <singh@research.AT&T.com>.
-
-126) A timeout of 0 will now cause a password to be entered every
- time. Based on a suggestion by Larry Auton <lda@research.AT&T.com>
- and Navjot Singh <singh@research.AT&T.com>.
-
-CHANGES from sudo 1.3.3 BETA
-
-127) Cleaned up interfaces.c so that it is more readable.
-
-128) Added support for syslog()'s that don't guarantee delivery
- of a message. HP-UX is the only known offender.
-
-129) No longer use memmove() since memcpy() does what we need and
- configure doesn't always catch memmove() even when it is
- there (may be a library problem).
-
-130) Updated man page to reflect two more security issues.
-
-131) Cleaned up shadow password support in check.c. It should now
- be readable.
-
-132) Added SCO support.
-
-133) Added check to configure to find the max length of a uid_t
- in characters.
-
-134) Removed uid2str() since we now know how big a uid_t/gid_t
- can be. This elminates a few malloc()'s.
-
-135) Added support for multiple insult types. Based on code and
- a suggestion from Dieter Dworkin Muller <dworkin@village.org>.
-
-136) Replaced clean_env() and rmenv() with a rewritten clean_env()
- that should be a little faster. This also makes it easier to
- add to the list of "dangerous" envariables.
-
-137) Added netgroup support. Netgroups must start with a leading
- "+" to that sudo knows it is a netgroup.
-
-138) Split out sudoers file format into its own man page.
- As suggested by Andy Smith <abs@maunsell.co.uk>.
-
-139) Updated testsudoers.c to grok netgroups.
-
-CHANGES from sudo 1.3.4 BETA
-
-140) Added SecurID support from Giles Todd <giles@gt.demon.co.uk>.
-
-141) Added -s flag to start a root shell and -- to signify end of args.
-
-142) Sped up logging routines by replacing strncpy()'s with strcat()'s.
- This is safe because we dyanically allocate logline to be big enough.
-
-143) Now support command line arguments in the sudoers file.
-
-144) Sped up the loading on command line arguments. This fixes the
- "commands with large argc's take forever to run" bug.
-
-145) Expanded MAXCOMMANDLEN to 8K since we now have to deal with
- command line arguments. Added bounds checking in fill() and
- append() so we don't drop core.
- XXX - 8k makes sudo *SLOW*
-
-146) Added support in the lexer for "termination characters" to be
- escaped. Ie: you can now use [\,:=] in command line args
- as long as you escape with a \.
-
-147) Testsudoers can now deal with commands that have arguments.
-
-148) If a file is not executable or not a regular file sudo will
- now give the appropriate error message instead of just
- "command not found" which is misleading.
-
-149) Fixed a bug where if FQDN is set, load_interfaces() was never
- called.
-
-150) tty is now a global so it can be used in the ticket file
- at a later date.
-
-151) Strings in the parser are now allocated dynamically. This results
- in a large speedup as compared to a 1K array on the stack. I
- have freed the strings in the parser where appropriate but that
- may not catch all instances. Even so, the average sudo now
- takes up less memory than the 1K array version.
-
-152) Fixed a bug in tgetpass() and configure that broke termio/termios
- support for some OS's.
-
-153) Added cheapo implementation of tty-based timestamps. The correct
- way is to have username be a directory with the tty tickets
- inside. However, the current code does not take to that very
- well, and it does not allow the two systems to coexist. Therefore,
- instead of timestampdir/user/tty it is timestampdir/user.tty.
-
-154) Added support for building in other than the source directory.
- Based on changes from "Simon J. Gerraty" <sjg@frodo.dn.itg.telecom.com.au>
-
-155) options.h and pathnames.h are now included via angle brackets
- (<>) so as to use the -I include path. This way, those using
- a shadow build tree may have local copies of these headers
- w/o clobbering the distribution ones.
-
-156) EXEMPTGROUP is now a string (group name) and user_is_exempt()
- is now less of a hack. It uses getgrnam(EXEMPTGROUP) to
- get a list of users in the exempted group.
-
-157) --prefix and --exe_prefix are now honored in the Makefile.
-
-158) Sudo will now behave reasonably in the case where the sudoers
- file location is mounted via NFS and the client does not
- have "root" NFS privs.
-
-159) _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP, and SUDOERS_OWNER are
- now set via the Makefile since that appears to be what
- most people expect...
-
-160) Now include a pre-generated version of parse.lex since so many
- versions of lex are brain damaged. If parse.lex is changed
- a new lex.yy.c will be generated. The distribution copy is
- sudo-lex.yy.c.
-
-161) Upgraded to GNU autoconf version 1.5. There are now even
- *more* options.
-
-CHANGES from sudo 1.3.5 BETA
-
-162) Fixed S/Key support.
-
-163) Cleaned up shadow password support further by moving much of
- it to getspwuid.c.
-
-164) First cut at DCE support. [needs work to be functional]
-
-165) New Digital UNIX C2 support based on code from
- "Randy M. Hayman" <haymanr@icefog.sois.alaska.edu>
-
-166) S/key support now works with the generic bellcore s/key
- as well as the s/key from Wietse Venema's logdaemon.
- (Previously only worked with the logdaemon s/key).
- As an added bonus the s/key challenge is now embedded
- in the password prompt for a cleaner look.
-
-167) lsearch.c will now compile on a strict ANSI C compiler.
- ANSI doesn't allow pointer arithmetic on a "void *"
- but gcc does.
-
-168) Bought back latest HP-UX DCE support from Jeff Earickson
- <jaearick@colby.edu>.
-
-169) configure now comletely groks $SUDO_LIBS and $VISUDO_LIBS.
- Plain old $LIBS is no longer used. LDFLAGS has also been
- split up into $SUDO_LDFLAGS and $VISUDO_LDFLAGS.
- The reason for this is that sudo often needs extra libs
- for alternate authentication schemes but visudo rarely does.
-
-170) The code to copy command arguments flaied for large values of
- argc due to realloc() lossage. We now cheat and treat argv[]
- as a flat string (since that's what it is) and use pointer
- arithmetic to compute the length. Kind of sneaky but it
- works (and is relatively fast).
-
-CHANGES from sudo 1.3.6 BETA
-
-171) Added support for UN*X groups in sudoers based on code from
- Dougal Scott <dwagon@aaii.oz.au>.
-
-172) interfaces.c should work on ISC UN*X again.
-
-173) All source files are <= 14 characters for old SYSV file systems.
-
-CHANGES from sudo 1.3.7 GAMMA
-
-174) Minor configure[.in] fixes.
-
-175) tgetpass.c now compiles on OS's that put the definition of
- fd_set in <sys/bsdtypes.h>
-
-CHANGES from sudo 1.4
-
-176) Command args in sudoers are now stored in an argument vector
- instead of a flat string to make wildcard matching simpler.
-
-177) Added NewArgv and NewArgc that describe the command to be
- executed. The copy of args in cmnd_args is no longer necessary
- and has been removed.
-
-178) Using strcmp(3) for argument matching in command_matches()
- (was path_matches()) is no longer sufficient since we don't
- have a flat string. compare_args() is used instead which
- calls either strcmp(3) or wildmat(3l) depending on whether
- there are shell-style meta chars (wildcards) present.
-
-179) Shell-style wildcard matches are now available in the sudoers
- file. Matches are done via Rich $alz's wildmat(3).
- This required the tweaks described in #176-178 as well as
- other, more minor, changes.
-
-180) Commented out rule to build lex.yy.c from parse.lex since
- we ship with a pre-flex'd parser and can't rely on file
- dates being set correctly.
-
-181) Fixed visudo and testsudoers to deal with new argument
- vector handling.
-
-182) A null string ("") as shell in passwd file (or $SHELL) is
- now treated as the bourne shell.
-
-183) Converted *.man to pod format for easy conversion to man,
- html, latex, and just plain text. Tried to make the
- sudoers manual easier to read in the process.
-
-184) Updated sample.sudoers and sudoers.pod to include info
- on wildcards.
-
-CHANGES from sudo 1.4.1
-
-185) compat.h now defines _PASSWD_LEN based on PASS_MAX if it
- is defined (from limits.h on SYSV).
-
-186) Both short and long hostnames may now be used in the sudoers
- file if FQDN is defined. From patches submitted by
- Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>.
-
-187) Now use skeylookup() instead of skeychallenge(). Hopefully
- this will work around a problem some people have reported
- on Solaris 2.5 with sudo and logdaemon 5.0's skey.
-
-188) Now uses /var/run to hold timestamp files if it exists. This
- is more secure.
-
-189) configure now puts the timestamp dir in /var/run if it exists.
- Sugestion by Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>.
-
-190) Both short and long hostnames now exist even if FQDN is not set.
- This allows machines with fully qualified hostnames set via
- hostname(1) to use them in the sudoers file.
-
-191) sudo was not honoring "." in $PATH due to a bug in find_path().
-
-192) Added IGNORE_DOT_PATH option to ignore "." in $PATH.
-
-193) tgetpass() now uses raw read(2) and write(2) instead of stdio.
- This should make it work on more OS's. Previously, it used
- stdio (buffered) fgets(3) and fputs(3) with select(2) which
- may not be legal. Also got rid of the nasty goto's and
- generally simplified the code.
-
-194) Parser now supports hostnames like UPPERCASE.foo.com. Previously,
- `UPPERCASE' was interpreted as an Alias. This means that
- the `fqdn' stuff has been moved to the lexer (FQHOST is used
- to avoid collision with FQDN option).
-
-195) Reworked --with-FOO in configure.in to support --without-FOO.
- Made shadow passwords the default for appropriate OS's. They
- can be turned off with --without-C2.
-
-196) Added NO_PASSWD option for those who don't want to be bothered
- by a password prompt from sudo. This is really just a hack.
-
-197) Added support for double quotes to mean "treat these words as one
- argument". This is similar to what most shells do.
-
-198) Added mkinstalldirs to make install destination dirs if
- they do not already exist.
-
-CHANGES from sudo 1.4.2
-
-199) Added support for --with-CC (which C compiler to use).
-
-200) Added support for NOPASSWD token and running commands a
- specified users (sudo -u) from Keith Garry Boyce
- <garp@opustel.com>
-
-201) Only link with -lshadow for Linux if libc lacks getspnam(). Problem
- pointed out by Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>.
-
-202) Replaced SUDOERS_OWNER with SUDOERS_UID and SUDOERS_GID. Added
- SUDOERS_MODE and changed the default to 0440 (from 0400).
- It is now possible to NFS-mount sudoers without doing anything fancy.
-
-202) If a runas list is specified, a user may only run commands as
- "root" if "root" is a member of the runas list. The old behavior
- was to always allow commands to be run as root, even if a runas
- list was specified. Now you can give someone "sudo -u operator"
- and not have the equivalent of "sudo -u root" as well.
-
-203) Added "USER=%s" to logging functions.
-
-204) configure will now add -lPW to (VI)?SUDO_LIBS if using bison
- or DCE and alloca(3) is not in libc (or provided by gcc) but
- is in libPW.a.
-
-205) sudo would give an incorrect error message if the sudoers file
- didn't exist due to close() stomping errno if the open() failed.
-
-206) Fixed "shell" mode (sudo -s). When building NewArgv sudo was
- not allocating space for the NULL.
-
-207) Added support for wildcards in the pathname. Ie: /bin/*.
-
-208) 'command ""' in sudoers now means no args allowed.
-
-209) Added command line args to SUDO_COMMAND envariable.
-
-210) HP-UX 10.x with C2 now uses bigcrypt().
- Changes from david_dill@Merck.Com (David Dill).
-
-211) lsearch.c will now compile w/o compiler warnings.
- (Updated from NetBSD lsearch.c)
-
-212) Now uses POSIX fnmatch(3) (which uses ! instead of ^ in ranges)
-
-CHANGES from sudo 1.4.3
-
-213) Now allows network/netmask in sudoers to override per-interface
- netmask.
-
-214) Fixed -u support with multiple user lists on a line.
-
-215) Fixed a core dump problem when built with -DSHELL_IF_NO_ARGS.
-
-216) Fixed 2 typos in parse.yacc and removed some unnecessary if's.
-
-217) Now always use install-sh since SunOS install can't do uid/gid's.
- Other BSD installs are probably similarly afflicted.
-
-218) Fixed NFS-mounted sudoers file under solaris both uid *and* gid
- were being set to -2. Now set uid to 1 to avoid group being
- remapped.
-
-219) Now includes alloca.c (from gcc) for those w/o it. Linking
- against -lPW breaks visudo on HP-UX and probably others.
-
-220) Added --with-libpath, --with-libraries, --with-incpath options
- to configure.
-
-221) configure now uses shicc instead of gcc on BSD/OS >= 2.0 to
- generate binaries linked with shared libs.
-
-222) The parser was setting no_passwd even if there wasn't a
- runas match. I reordered some things in parse.yacc
- to fix this.
-
-223) `sudo -v' (validate) wasn't paying attention to NOPASSWD.
- Now it does.
-
-224) testsudoers now groks "-u user".
-
-225) Updated AFS support based on what tcsh 6.06 does.
-
-226) Fixed a typo/thinko that broke BSD > 4.3reno wrt interfaces.c.
-
-227) HPUX 10.X shadow password stuff now uses SecureWare routines.
-
-228) SecureWare passwd checking now uses bigcrypt() if available.
- Now uses AUTH_MAX_PASSWD_LENGTH if defined.
-
-229) configure now makes sure you don't have a config.cache file
- from another OS.
-
-230) Added better shadow password detection.
- BSD >= 4.3reno -> /etc/master.passwd
- hpux9: getspwnam() -> /.secure/etc/passwd
- hpux10: getspnam() or getprpwnam() -> /tcb/files/auth/*/* (link with -lsec)
- SVR4: getspnam() -> /etc/shadow
- solaris: getspnam() -> /etc/shadow
- irix[56].x: getspnam() -> /etc/shadow
- sunos 4.x: getpwanam() -> /etc/security/passwd.adjunct
- DUNIX: getprpwnam() -> /tcb/files/auth/*/* (link with -lsecurity)
- SecureWare: getprpwnam() -> /tcb/files/auth/*/*
- ultrix 4.x: getauthuid() -> /etc/auth.{pag,dir}
-
-231) '(' in command args no longer are a syntax error.
-
-232) '!command' now works in the presence of a runas or NOPASSWD token.
- Simplified parse rules wrt runas and NOPASSWD (more consistent).
-
-233) Command args and now compared as a flat string again. This makes
- wildcard matches more consistent.
-
-234) DUNIX C2 support now groks AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT.
-
-235) configure now uses config.{sub,guess} to guess OS type.
- Sudo should work out of the box on more OS's now.
-
-236) Got rid of HAVE_C2_SECURITY, now just use SHADOW_TYPE.
-
-237) Fixed race in tgetpass() where echo can be turned off and
- left off if sudo is used in a pipeline and a password is
- required.
-
-CHANGES from sudo 1.4.4
-
-238) `sudo -l' output now includes runas and NOPASSWD info and
- asks for a password unless NOPASSWD for ALL is set.
-
-239) Sudo can now deal with all-caps user and host names.
-
-240) Sudo will now remove the "ENV" and "BASH_ENV" envariables.
- From Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>.
-
-241) `sudo -l' will now expand Cmnd_Alias's (could be prettier).
-
-242) `sudo -s' will now set $HOME to root's homedir (or that of
- the user specified -u) so dot files get sourced.
-
-CHANGES from sudo 1.4.5
-
-243) $HOME was always being set, not just with `-s'.
-
-244) In visudo, the owner and group of the sudoers file were
- being set too early; an editor could change them and change
- the owner/group of the resulting sudoers file.
-
-CHANGES from sudo 1.5
-
-245) Added SHELL_SETS_HOME option.
-
-246) Added NO_MESSAGE option.
-
-247) Added %u and %h escapes in PASSPROMPT to expand to user's name
- and host.
-
-248) Added "SUDO_PROMPT" envariable.
-
-249) Usernames may now begin with a digit. Gross, but people do it.
-
-Sudo 1.5.1 released.
-
-250) Added `opie' support.
-
-251) Added check to make sure fnmatch() really works.
-
-252) Now use the prompt S/Key gives us instead of rolling our own.
-
-253) Added -H flag from Danny Barron <dcbarro@nppd.com>.
-
-254) Add SUDO_PS1 envariable support.
-
-255) Attempt at sequent support.
-
-Sudo 1.5.2 released.
-
-256) visudo acts sanely when there is no sudoers file.
-
-257) Added Runas_Alias support.
-
-258) Sudo will now work with SUDOERS_MODE == 400 and SUDO_UID = 0.
-
-259) Alias's in a runas list are now expanded.
-
-260) Fixed bug with > 32 saved aliases. Reported by BHH@capgroup.com.
-
-261) Code that uses sprintf() is now more paranoid about buffer
- overflows.
-
-262) Whitespace is now allowed after a line continuation character before
- a newline in sudoers.
-
-263) %h in MAILSUBJECT expands to local hostname.
-
-Sudo 1.5.3 released.
-
-264) Don't pass getdtablesize() as first arg to select(2). No need
- to do this since we only select on one fd--use (fd+1) as nfds
- and the old way caused problems on some systems (arguably
- a bug in those OS's). From Marc Slemko marcs@znep.com.
-
-265) Fixed coredump when passwd file is missing or unavailable.
- Reported by Jason Downs <downsj@teeny.org> and
- Klee Dienes <klee@mit.edu> (via a Debian Linux bug report).
-
-266) Fixed bug wrt exclusion lists and relative pathnames.
- Reported by osiris@COURIER.CB.LUCENT.COM.
-
-267) exit(1) if user doesn't enter a passwd.
- Noted by Alex Parchkov <alexp@ind.tansu.com.au>.
-
-Sudo 1.5.4 released.
-
-268) Newer versions of Irix use _RLDN32_* envariables for 32-bit binaries
- so ignore _RLD* instead of _RLD_*. From tarrall@bamboo.Colorado.EDU.
-
-269) Only open sudoers file once as opposed to once for sanity checks and
- once for the parser. Also try to open ten times if we get EAGAIN.
-
-Sudo 1.5.5 released.
-
-270) Initialize group vector if we are becoming a user other than root.
- For root, it is often more useful to hang on to our existing group
- vector.
-
-271) Fix usage of select(2) to deal correctly with a high-numbered fd.
-
-272) Fixed a bug where sudo sometime didn't give the user a chance to
- enter a password at the prompt.
-
-273) Use a dynamically sized buffer when reading ether interfaces.
-
-274) Fixed configure problems with identification of HP-UX > 10.x and
- with cc being identified as a cross compiler on some platforms.
-
-275) Fixed a problem with HP-UX 10.x and alloca. Bison does not
- include alloca.h on HP-UX 10.x even though it uses alloca()
- (and thus needs the #define of alloca(x) to __builtin_alloca(x)).
- To fix this we include alloca.h ourselves if using bison and not gcc.
-
-276) Included support for the AIX 4.x authenticate() function from
- Matt Richards <v2matt@btv.ibm.com>.
-
-277) Fixed an off by one error in the parser. Found by
- Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
-
-278) Change NewArgv size computation to work on UNICOS.
- From Mike Kienenberger <mkienenb@arsc.edu>
-
-279) Added --with-logfile and --with-timedir configure options.
-
-280) Use getcwd(3), not getwd(3) to avoid possible buffer overflow.
- Use BSD getcwd(3) if system lacks one or is SunOS 4.x.
-
-281) Fix 'fprintf' argument mismatches in 'visudo.c'.
- From ariel@oz.engr.sgi.com (Ariel Faigon)
-
-282) Use waitpid or wait3 to reap children in logging.c.
- Pointed out by Theo de Raadt <deraadt@theos.com>
-
-283) Sudo should prompt for a password before telling the user that
- a command could not be found. Noted by rhodie@NAC.NET.
-
-284) Fix OTP_ONLY for opie; "Deven T. Corzine" <deven@fuse.net>.
-
-285) Include pre-yacc'd parse.yacc as sudo.tab.[ch] since more and
- more vendors are charging for yacc (bad vendor, no cookie).
-
-286) Use MAX*, not MAX*+1
-
-287) Add support for Hitachi SR2201, from b-edgington@hpcc.hitachi-eu.co.uk
-
-288) Added RUNAS_DEFAULT option to allow one to compile sudo with a
- default runas user other than root.
-
-289) Add options to log the hostname in the file-based log and to not
- do word wrap in file-based log. From Theo Van Dinter <tvd@chrysalis.com>
-
-290) RedHat Linux pam support, from Gary Calvin <GCalvin@kenwoodusa.com>.
- pam.sudo goes in /etc/pam.d/sudo on RedHat 5.0 and above.
-
-291) With sudo -s, set command the full path of the shell, not the basename.
- Noted by Peter W. Osel <pwo@guug.de>
-
-Sudo 1.5.6 released.
-
-292) Pam auth now runs as root; necessary for shadow passwords.
-
-293) Shadow password support is now compiled in by default. You can disable
- it via --disable-shadow.
-
-294) We now remove a timestamp file with a bogus date when it is detected.
- From Steve Fobes <sfobes@uswest.com>.
-
-295) In tgetpass(), restart select if it is interrupted. This really fixes a
- problem where a user sometimes is not given a change to enter a password.
-
-296) All options have moved from options.h -> configure.
-
-297) visudo is now installed in /usr/local/sbin where it belongs.
-
-298) Lots of configure changes. Instead of checking for the existence
- of -lsocket, -lnsl, or -linet, we instead check them for the
- functions we need only if they are not already in libc.
-
-299) Added DUNIX SIA (Security Integration Architecture) support from
- Spider Boardman <spider@Orb.Nashua.NH.US>.
-
-300) Added test for broken Digital UNIX 4.0 prot.h.
-
-301) Better support for C2 security on Digital UNIX.
-
-302) Hacked autoconf so that you have have single quotes in
- --with-passprompt.
-
-303) For SecureWare-style shadow passwords use getprpwnam() instead
- of getprpwuid() since getprpwuid is broken in HP-UX 10.20 at
- least (it sleeps for 2 minutes if the shadow files don't exist).
-
-304) We can't really trust UID_MAX or MAXUID since they may only exist for
- backwards compatibility; spider-both@Orb.Nashua.NH.US
-
-305) Make %groups work as RunAs specifiers; Ray Bellis <rpb@community.net.uk>.
-
-306) Set USER environment variable to target user.
- Suggested by Ray Bellis <rpb@community.net.uk>.
-
-307) Go back to printing "command not found" unless --disable-path-info
- specified. Also, tell user when we ignore '.' in their path and it
- would have been used but for --with-ignore-dot.
-
-308) When using tty tickets make it user:tty not user.tty as a username
- could have a '.' in it.
-
-309) Define BSD_COMP for svr4 to get BSD ioctl defs. Also, if we have
- sys/sockio.h but SIOCGIFCONF is not defined by including sys/ioctl.h
- include sys/sockio.h directly.
-
-310) Fixed a bug that could cause "sudo -l" to segfault or complain
- about non-existent syntax errors.
-
-Sudo 1.5.7 released.
-
-311) Fixed square bracket quoting in configure and moved check for -lnsl
- to be before -lsocket.
-
-312) In load_interfaces(), close sock after bwe are done with it. Leak
- noticed by Mike Kienenberger <mkienenb@arsc.edu>.
-
-313) Missing pieces from change #308; from Mike Kienenberger.
-
-314) Real Kerberos 5 support from Frank Cusack <fcusack@iconnet.net>.
-
-315) FWTK 'authsrv' support from Kevin Kadow <kadow@MSG.NET>.
-
-316) Fixed handling and documentation of -with-umask.
-
-317) If the check for socket() or inet_addr() fails, retry, this time
- linking with both -lsocket and -lnsl for those systems that
- have interlibrary dependencies.
-
-Sudo 1.5.8 released.
-
-318) Add dirfd() macro for systems without it.
-
-319) Better check for socket() in -lsocket -lnsl in configure.
-
-320) Minor configure fixes.
-
-Sudo 1.5.8p1 released.
-
-321) Fixed a bug wrt quoting characters in command args.
-
-322) Make --without-sendmail work.
-
-Sudo 1.5.8p2 released.
-
-323) Fixed a segv if HOST_IN_LOG defined and gethostbyname() fails.
- Reported by Gero Treuner <gero@faveve.uni-stuttgart.de>.
-
-324) Fixed a parse bug wrt the ! operator and runas specs. Noted by
- David A Beck <BKD@payserv.telekurs.com>.
-
-325) Use new emalloc/erealloc/estrdup functions (catch errors and exit).
-
-326) New PAM code that should work on both Solaris and Linux.
-
-327) Make sudo's usage info better when mutually exclusive args are given
- and don't rely on argument order to detect this. From Nick Andrew.
-
-328) In visudo, shift return value of system() by 8 to get the real exit value.
-
-Sudo 1.5.9 released.
-
-329) The runas user and NOPASSWD tags are now persistent across entries
- in a command list (ie: cmnd1,cmnd2,cmnd3). A PASSWD tag has been
- added to reverse NOPASSWD. The runas user and *PASSWD tags can be
- overridden on a per-command basis at which point they become the
- new default for the rest of the list.
-
-330) It is now possible to use the '!' operator in a runas list as
- well as in a Cmnd_Alias, Host_Alias and User_Alias.
-
-331) In estrdup(), do the malloc ourselves so we don't need to rely on the
- system strdup(3) which may or may not exist. There is now no need to
- provide strdup() for those w/o it.
-
-332) You can now specify a host list instead of just a host or alias
- in a privilege list. Ie: user=host1,host2,ALIAS,!host3 /bin/ls
-
-333) Stash the "safe" path to the command instead of stashing the struct
- stat. Should be safer.
-
-334) Now set $LOGNAME in addition to $USER.
-
-335) No longer use stdio in tgetpass()
-
-336) Don't use _PASSWD_LEN or PASS_MAX as we can't rely on them corresponding
- to anything real. Instead, we just use a max password size of 256
- everywhere.
-
-337) Block keyboard-generated signals during startup and restore signal
- mask before exec'ing the program. We don't want the user to be
- able to simply kill us and avoid logging.
-
-338) Rewrote timestamp handling. For the default case, a directory is used
- instead of a file. For the tty-based case, the timestamp is just a
- file in that directory (eg. /var/run/sudo/username/tty). You now only
- get the lecture once, even in the tty case. The goal here is to allow
- the tty and non-tty schemes to coexist, though it is worth noting that
- when you update a tty file, the mtime of the dir gets updated too.
-
-339) The meaning of -k has changed to mean "invalidate the timestamp".
- There is a new -K option to really remove the timestamp file/dir.
-
-340) New modular authentication API. This fixes the rat's nest of
- #ifdefs that was the old auth code.
-
-341) New logging functions. log_error() now takes a variable number of
- args ala printf() and log_auth() reacts to the return value of validate().
-
-342) If a user is not in the sudoers file they are still asked for a password.
- This keeps someone who finds a user logged in to a terminal from being
- able to tell whether or not the user is allowed to use sudo.
-
-343) New PAM code again, this time it should be correct.
-
-344) tgetpass() now has a flag to specify whether or not to turn
- off echo while reading the password. Used by the new PAM and
- fwtk code.
-
-345) Fixed shadow password dectection on SCO.
-
-346) Sudo is now available under a BSD/Apache style license. This is
- possible because it no longer contains any of the original 1.1 code.
-
-347) Added configuration info when sudo is run with the -V flag by root.
-
-348) Change visudo tmp file from /etc/stmp -> /etc/sudoers.tmp since
- Solaris uses stmp for shadow temp file. Also rename _PATH_SUDO_SUDOERS
- to _PATH_SUDOERS and _PATH_SUDO_STMP to _PATH_SUDOERS_TMP.
-
-349) Added configure option to set syslog priorities.
-
-350) Sudo now locks its log file to prevent mangled entries.
-
-351) Visudo now locks the sudoers temp file instead of bailing when
- the temp file already exists. This fixes the problem of stale
- temp files but it does *require* that you not try to put the
- temp file in a world-writable directory. This shoud not be
- an issue as the temp file should live in the same dir as sudoers.
-
-352) Fixed crypt() check in libufc.
-
-353) It is now possible to put a list of users as the first thing in a
- user specification. I don't suggest this but it makes the grammar
- more uniform.
-
-354) Visudo will now warn about what it thinks are undefined aliases.
- Since it can't be 100% sure these are just warnings, not errors.
-
-355) Add a --without-passwd option to configure that turns off
- passwd/shadow file authentication. Only usable with an alternate
- authentication scheme.
-
-356) Add a --disable-authentication option to configure that causes sudo
- to not require authentication by default. The PASSWD tag can be
- used to require authentication for an entry.
-
-357) Add a --with-devel option to add -Wall and uncomment yacc/lex
- generation in Makefile.
-
-358) Zero out plaintext password after use (should do encrypted as well).
-
-359) Added real dependencies in Makefile.
-
-360) Deprecated --with-otp-only in favor of --without-passwd.
-
-361) Add --with-mail-if-no-host to send mail if a user tries to run sudo on
- a host for which he/she is not authorized.
-
-362) Most of sudo now runs as root instead of the invoking user to
- minimize the possibility of user control via signals or tracing.
-
-363) Now Support CIDR-style netmasks (ie: 128.138.0.0/16).
-
-364) In "sudo -l" mode, the type of the stored (expanded) alias was not
- stored with the contents. This could lead to incorrect output
- if the sudoers file had different alias types with the same name.
- Normal parsing (ie: not in '-l' mode) is unaffected.
-
-365) Now include strcasecmp() for those without it.
-
-366) Most compile-time options are now changable at runtime via
- the 'Defaults' specification in the sudoers file.
-
-367) Added a -L flag to printout all the possible 'Defaults' parameters.
-
-368) It is now possible to escape "special" characters in usernames, hostnames,
- etc with a backslash.
-
-369) Sudo will now accept a hostname/username/netgroupname that contains
- almost any character in it. It seems many people want to use '.'
- and other non-alphanumerics in usernames.
-
-370) Fixed the root_sudo option. Sudo was always complaining that root
- was not allowed to run sudo if the root_sudo flag was turned off.
-
-371) tgetpass() now uses a function to read up until the end of line.
- Fixes problems in a pipeline when a program sets the tty mode
- to be character at a time.
-
-372) sudo now turns off core dumps via setrlimit (probably paranoia).
-
-Sudo 1.6 released.
-
-373) Better diagnostics on PAM failure.
-
-374) Killed shell_noargs option, it cannot work since the command needs to
- be set before sudoers is parsed.
-
-375) Fixed the following Defaults options: set_home, fqdn, syslog, tty_tickets,
- ticket_dir, insults.
-
-376) When using select() in tgetpass(), do a separate select before
- each read to be sure we can timeout correctly.
-
-377) SecurID support compiles and works again.
-
-378) Fixed a bug parsing runas modifiers. If a user spec contained multiple
- runas specs, the latter ones may not be applied.
-
-379) #uid now works in a RunasAlias
-
-380) Don't ask the user for a password if the user is not allowed to run
- the command and the authenticate flag (in sudoers) is false.
-
-381) Added configure check for initgroups(3).
-
-382) Use our own fnmatch() if there is no fnmatch.h, even if there is an
- fnmatch() in libc.
-
-Sudo 1.6.1 released.
-
-383) Better behavior for -l and -v flags in conjunction with NOPASSWD and
- added "verifypw" and "listpw" options.
-
-384) For HP-UX with cc, add the -Aa flag along with -D_HPUX_SOURCE.
-
-385) Fix compilation with K&R compilers.
-
-386) For netgroup host matching, match against the short version of the
- hostname as well as the long one if they are different.
-
-387) Terminate passwd reading on '\r' in addition to '\n'
-
-388) Visudo used to loop endlessly if a user entered ^D at the whatnow
- prompt. EOF is now treaded as 'x' (exit w/o saving changes).
-
-389) The 'shell_noargs' runtime option is back based on a patch from
- bguillory@email.com.
-
-390) Systems that return RLIM_INFINITY for RLIMIT_NOFILE (like AIX)
- would loop for a very loing time during sudo startup. A value of
- RLIM_INFINITY is now ignored (getdtablesize/sysconf is used instead).
-
-391) Locking in visudo was broken. We now lock the sudoers file, not the
- sudoers temp file, which should be safe.
-
-392) PAM fixups: custom prompts now work correctly and errors are
- dealt with more sanely. Patches from Cloyce D. Spradling.
-
-Sudo 1.6.2 released.
-
-393) Users in the 'exempt' group shouldn't get their $PATH overridden
- by 'secure-path'. Patch from jmknoble@pobox.com.
-
-394) Pam now works on HP-UX 11.0, thanks to Jeff A. Earickson.
-
-395) Fixed a bug that caused an infinite loop when the password
- timeout was disabled.
-
-396) It is now possible to set the path to the editor for visudo as well
- as the flag that determines whether or not visudo will look at
- $EDITOR in the sudoers file.
-
-397) configure now pulls in the values of LIBS, LDFLAGS, CPPFLAGS, etc
- as the documentation says it ought to.
-
-398) Added rootpw, runaspw, and targetpw to prompt for the root, runas_default
- and target user's passwords respectively (instead of the invoking user's
- password).
-
-399) Added -S flag to force password read from stdin.
-
-400) Restore coredumpsize resource limit before exec'ing the child
- process (sudo sets it to 0 internally).
-
-401) Truncate unencrypted password to 8 chars if encrypted password is exactly
- 13 characters (indicateing standard a DES password). Many versions
- of crypt() do this for you, but not all (like HP-UX's).
-
-402) Fixed a typo/thinko that broke secureware support for long passwords.
-
-403) Added a new command line switch '-c' to support BSD login classes.
- The '-c' option can be used to sudo a command with specific resource
- limits in the login.conf database. This feature is optionally enabled
- via the --with-logincap configure switch. Based on a patch from
- Michael D. Marchionna.
-
-404) Fixed a bug where sudo would hang around and consume CPU if we spawn
- a long-running process.
-
-405) Deal with HP-UX password aging info tacked on to the end of the
- encrypted password.
-
-406) Added set_logname run-time option. When unset, sudo will not set
- the USER and LOGNAME environment variables.
-
-407) Wildcards are now allowed in the hostnames specified in sudoers.
- The 'fqdn' option is often required for this to be useful.
-
-408) Fixed a bug where host and user qualifiers in a Defaults entry were
- not being used correctly and the entry was being applied globally.
-
-Sudo 1.6.3 released.
-
-409) Fixed targetpw, rootpw, and runaspw options when used with non-passwd
- authentication (pam, etc).
-
-Sudo 1.6.3p1 released.
-
-410) When the targetpw flag is set, use the target username as part
- of the timestamp path.
-
-Sudo 1.6.3p2 released.
-
-411) Fixed a bug that prevented the -H option from being useful.
-
-Sudo 1.6.3p3 released.
-
-412) Fixed a case where a string was used after it had been freed.
-
-Sudo 1.6.3p4 released.
-
-413) Fixed listpw and verifypw sudoers options.
-
-414) Do not write NUL when writing passwd prompt; hag@linnaean.org.
-
-Sudo 1.6.3p5 released.
-
-415) Fix word splitting bug that caused a segv for very long command line args.
-
-Sudo 1.6.3p6 released.
-
-416) Fix negation of path-type Defaults entries in a boolean context.
-
-Sudo 1.6.3p7 released.
-
-417) Visudo now checks for the existence of an editor and gives a sensible
- error if it does not exist.
-
-418) The path to the editor for visudo is now a colon-separated list of
- allowable editors. If the user has $EDITOR set and it matches
- one of the allowed editors that editor will be used. If not,
- the first editor that actually exists is used.
-
-419) Visudo now does its own fork/exec instead of calling system(3).
-
-420) Allow special characters (including '#') to be embedded in pathnames
- if quoted by a '\\'. The quoted chars will be dealt with by fnmatch().
- Unfortunately, 'sudo -l' still prints the '\\'.
-
-421) Added the always_set_home option.
-
-422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent
- reading of protected files by a less privileged user.
-
-423) Added support for BSD authentication and associated -a flag.
-
-424) Added check for _innetgr(3) since NCR systems have this instead
- of innetgr(3).
-
-425) Added stay_setuid option for systems that have libraries that perform
- extra paranoia checks in system libraries for setuid programs.
-
-426) Environment munging is now done by hand. The environment is zeroed
- upon sudo startup and a new environment is built before the command
- is executed. This means we don't rely on getenv(3), putenv(3),
- or setenv(3).
-
-427) Added a class of environment variables that are only cleared if they
- contain '/' or '%' characters.
-
-428) Use stashed user_gid when checking against exempt gid since sudo
- sets its gid to SUDOERS_GID, making getgid() return that, not the
- real gid. Fixes problem with setting exempt group == SUDOERS_GID.
- Fix from Paul Kranenburg.
-
-429) Fixed file locking in visudo on NeXT which has a broken lockf().
- Patch from twetzel@gwdg.de.
-
-430) Regenerated configure script with autoconf-2.52 (required some
- tweaking of configure.in and friends).
-
-431) Added mail_badpass option to send mail when the user does not
- authenticate successfully.
-
-432) Added env_reset Defaults option to reset the environment to
- a clean slate. Also implemented env_keep Defaults option
- to specify variables to be preserved when resetting the
- environment.
-
-433) Added env_check and env_delete Defaults options to allow the admin
- to modify the built-in list of environment variables to remove.
-
-434) If timestamp_timeout < 0 then the timestamp never expires. This
- allows users to manage their own timestamps and create or delete
- them via 'sudo -v' and 'sudo -k' respectively.
-
-435) Authentication routines that use sudo's tgetpass() now accept
- ^C or ^Z at the password prompt and sudo will act appropriately.
-
-436) Added a check-only mode to visudo to check an existing sudoers
- file for sanity.
-
-437) Visudo can now edit an alternate sudoers file.
-
-438) If sudo is configured with S/Key support and the system has
- skeyaccess(3) use that to determine whether or not to allow
- a normal Unix password or just S/Key.
-
-439) Fixed CIDR handling in sudoers.
-
-440) Fixed a segv if the local hostname is not resolvable and
- the 'fqdn' option is set.
-
-441) "listpw=never" was not having an effect for users who did not
- appear in sudoers--now it does.
-
-442) The --without-sendmail option now works on systems with
- a /usr/include/paths.h file that defines _PATH_SENDMAIL.
-
-443) Removed the "secure_path" Defaults option as it does not work and
- cannot work until the parser is overhauled.
-
-444) Added new -P flag and "preserve_groups" sudoers option to cause
- sudo to preserve the group vector instead of setting it to that
- of the target user. Previously, if the target user was root
- the group vector was not changed. Now it is always changed unless
- the -P flag or "preserve_groups" option was given.
-
-445) If find_path() fails as root, try again as the invoking user (useful
- for NFS). Idea from Chip Capelik.
-
-446) Use setpwent()/endpwent() and its shadow equivalents to be sure
- the passwd/shadow file gets closed.
-
-447) Use getifaddrs(3) to get the list of network interfaces if it is
- available.
-
-448) Dump list of local IP addresses and environment variables to clear
- when 'sudo -V' is run as root.
-
-449) Reorganized the lexer a bit and added more states. Sudo now does a
- better job of parsing command arguments in the sudoers file.
-
-450) Wrap each call to syslog() with openlog()/closelog() since some
- things (such as PAM) may call closelog(3) behind sudo's back.
-
-451) The LOGNAME and USER environment variables are now set if the user
- specified a target uid and that uid exists in the password database.
-
-452) configure will no longer add the -g flag to CFLAGS by default.
-
-453) Now call pam_setcreds() to setup creds for the target user when
- PAM is in use. On Linux this often sets resource limits.
-
-454) If "make install" is run by non-root and the destination dir
- is writable, install things normally but don't set owner and mode.
-
-455) The Makefile now supports installing in a shadow hierarchy
- specified via the DESTDIR variable.
-
-456) config.h.in is now generated by autoheader.
-
-Sudo 1.6.4 released.
-
-457) Move the call to rebuild_env() until after MODE_RESET_HOME is set.
- Otherwise, the set_home option has no effect.
-
-458) Fix use of freed memory when the "fqdn" flag is set. This was
- introduced by the fix for the "segv when gethostbynam() fails" bug.
-
-459) Add 'continue' statements to optimize the switch statement.
- From Solar Designer.
-
-Sudo 1.6.4p1 released.
-
-460) Some special characters were not being escaped properly (e.g. '\,')
- in command line arguments and would cause a syntax error instead.
-
-461) "sudo -l" would not work if the always_set_home option was set.
-
-462) Added a configure option to disable use of POSIX saved IDs for
- operating systems where these are broken.
-
-463) The SHELL environment variable was preserved from the user's environment
- instead of being reset based on the passwd database even when the
- "env_reset" option was set.
-
-Sudo 1.6.4p2 released.
-
-464) Added a configure option to cause mail sent by sudo to be run as
- the invoking user instead of root. Some people consider this to
- be safer.
-
-465) If the mailer is being run as root, use a hard-coded environment
- that is not influenced in any way by the invoking user's environment.
-
-466) Fixed the call to skeyaccess(). Patch from Phillip E. Lobbes.
-
-Sudo 1.6.5 released.
-
-467) Visudo could access memory that was already freed.
-
-468) If the skey.access file denied use of plaintext passwords sudo
- would exit instead of allowing the user to enter an S/Key.
-
-Sudo 1.6.5p1 released.
-
-469) Older versions of BSDi have getifaddrs() but no freeifaddrs().
-
-470) BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD.
-
-471) Ignore the return value of pam_setcred(). In Linux-PAM 0.75,
- pam_setcred() will return PAM_PERM_DENIED even if the setcred function
- of the module succeeds when pam_authenticate() has not been called.
-
-472) Avoid giving PAM a NULL password response, use the empty string instead.
- This avoids a log warning when the user hits ^C at the password prompt
- when Linux-PAM is in use. This also prevents older versions of
- Linux-PAM from dereferencing the NULL pointer.
-
-473) The user's password was not zeroed after use when AIX authentication,
- BSD authentication, FWTK or PAM was in use.
-
-Sudo 1.6.5p2 released.
-
-474) Fixed compilation problem on HP-UX 9.x.
-
-475) Moved call to endpwent() and added a call to endgrent().
-
-476) Fixed a warning conflicting declaration of VOID with AFS.
-
-477) Fixed a security hole in prompt rewriting found by Global InterSec.
-
-Sudo 1.6.6 released.
-
-478) Wildcards now work correctly in the env_keep Defaults directive.
-
-479) Added support for non-root timestamp dirs. This allows the timestamp
- dir to be shared via NFS (though this is not recommended).
-
-480) Removed double printing of bad environment variable table in -V mode.
-
-481) configure script has been regenerated with autoconf 2.5.7.
- This required some changes to configure.in.
-
-482) Fixed a compilation problem on SunOS; thanks to Alek O. Komarnitsky.
-
-483) SecurID 5.0 API support from Michael Stroucken.
-
-484) Restore state of signal handlers to what we had upon startup.
- Fixes a problem when using sudo with nohup; thanks to Paul Markham.
-
-485) Revamp set_perms() to use setresuid() or setreuid() when available
- in preference to POSIX stuff since they allow us to properly
- implement "stay_setuid" whereas POSIX does not really.
-
-486) In strict mode sudo did not throw an error for undefined User_Aliases.
-
-487) Fixed a Makefile bug on IRIX.
-
-488) Write the prompt *after* turning off echo to avoid some password
- characters being echoed on heavily-loaded machines with fast typists.
-
-489) Added %U and %H escapes in the prompt and fixed treatment of %%.
-
-490) Visudo will now add a final newline to sudoers if the user's editor
- not add one before EOF.
-
-491) The lexer state is now reset to its initial value on EOF.
- Previously, the state was not reset between parser invocations
- which could cause problems for visudo in rare cases.
-
-492) Added support for Defaults that apply based on the RunasUser.
-
-493) Sudo now includes copies of strlc{at,py} and uses them throughout.
-
-494) Sudo is now careful to avoid interger overflow when allocating
- memory. This is one of those "should not happen" situations.
-
-495) Added a configure option (--with-stow) to make sudo compatible
- with GNU stow.
-
-496) auth/kerb5.c now compiles under Heimdal.
-
-497) The volatile prefix is used in the hopes of preventing compilers
- from optimizing away memory zeroing. Unfortunately, this results
- in some warnings from gcc.
-
-498) Better Kerberos IV/V support in the configure script.
-
-499) Fixed a logic thinko in the SIGCHLD handler that caused problems
- with rlogin on HP-UX.
-
-500) configure now adds -R to LDFLAGS when it adds -L for Solaris and
- SVR4. There is a configure option, --with-rpath, to control this.
-
-501) On AIX, configure will pass extra directory paths to the linker
- via the -blibpath ld option. This is only active when additional
- library paths are used. It may be disabled via the
- --without-blibpath configure option.
-
-502) The --with-skey and --with-opie configure options now take
- an optional directory argument that should have an include and
- lib dir for the skey/opie include file and library respectively.
-
-Sudo 1.6.7 released.
-
-503) Fixed false positives in the overflow detection of expand_prompt().
-
-Sudo 1.6.7p1 released.
-
-504) An unterminated comment broke Kerberos V authentication.
-
-505) The krb5-config script is used to determine Kerberos V CPPFLAGS
- and LDFLAGS/LIBS if it exists.
-
-506) Backed out changes to mkinstalldirs from autoconf 2.57 that
- caused problems on Tru64 Unix.
-
-Sudo 1.6.7p2 released.
-
-507) Kerberos V support should work on latest MIT Kerberos V and Heimdal.
-
-Sudo 1.6.7p3 released.
-
-508) Fixed remaining Kerberos V issues with MIT Kerberos V and old Heimdal.
-
-Sudo 1.6.7p4 released.
-
-509) Fixed a typo that caused a compilation error on Heimdal.
-
-510) Darwin (MacOS X) doesn't have a real setreuid() system call.
-
-511) Fixed a problem with large numbers of environment variables.
-
-Sudo 1.6.7p5 released.
-
-512) Fixed a problem on FreeBSD when the user is only listed in NIS (not
- master.passwd) and netgroups are used in the master.passwd file.
-
-513) BSD-style warn/err functions are now used throughout.
-
-514) Fixed the --with-stow configure option
-
-515) Added a "sudo_lecture" option that points to a file containing a custom
- lecture.
-
-516) The username in a log entry is no longer truncated at 8 characters.
-
-517) A new tag, NOEXEC, will prevent a dynamically-linked program being run
- by sudo from executing another program (think shell escapes).
- Because this uses LD_PRELOAD it has no effect on static binaries.
- Idea from Reznic Valery.
-
-518) TIS fwtk authentication now supports fwtk 2.0 and higher.
-
-519) Sudo will now try to stat the command to be run as the user
- specified by the -u flag if the stat fails as root. Fixes
- an NFS issue.
-
-520) Added Stan Lee / Uncle Ben quote to the lecture (from RedHat).
-
-521) Added a -i option to simulate an initial login similar to "su -".
- Originally based on a patch from David J. MacKenzie.
-
-522) Added a -e option to edit files the with uid of the invoking user.
- This prevents the user from editing other files or running commands
- as the target user. If sudo is run as "sudoedit" the -e flag is implied.
-
-523) If sudo is used to run as root shell, further sudo commands will
- be logged as run by the user specified by the SUDO_USER environment
- variable. In -e mode (sudoedit), SUDO_USER is used to determine
- what user to run the editor when the real uid is 0.
-
-524) Merged in LDAP support from Aaron Spangler.
-
-525) Added the --with-pc-insults configure to replace politically
- incorrect insults with ones from Alek O. Komarnitsky.
-
-526) Added start_tls support from Gudleik Rasch <gudleik@rastamatra.org>.
-
-527) A uid specified in sudoers now matches the user specified by the
- -u flag even if the -u flag specified a name, not a uid.
-
-528) /tmp/.odus is no longer used for timestamps by default. One of
- /var/run/sudo, /var/adm/sudo or /usr/adm/sudo is used depending
- on what directories exist.
-
-529) Quoting globbing characters with a backslash now works as documented.
-
-530) A negated user/uid in a runas list was not treated the same as a
- negated command (it did not override a previously allowed entry).
- Now it does.
-
-531) Added support for Tandem NSK and other systems w/o seteuid().
-
-532) The timeout on password reading is now done via alarm(), not select().
-
-533) Fixed several issues when closing all open descriptors. Sudo now uses
- closefrom() if it exists, using /proc/$$/fd if possible.
-
-534) Use PATH_MAX, not MAXPATHLEN since the former is standardized.
-
-535) Added a check in visudo for runas_default being used before it
- was set.
-
-536) If the target user == invoking user a password is no longer required.
-
-537) PAM support now uses Use pam_acct_mgmt() to check for disabled accounts
- (from Brian Farrell).
-
-538) The sudoers file is now parsed as the runas user in all cases instead
- of root. This fixes some issues with running NFS-mounted commands.
-
-539) Sudo now produces a sensible error message when the targetpw
- Defaults option is set and a non-existent uid is specified via -u.
-
-Sudo 1.6.8 released.
-
-540) Now find the command base and fill in struct stat earlier.
-
-541) sudoedit now re-opens the temp file as the invoking user.
-
-542) struct timespec is used throughout the code base.
-
-543) Added --with-ldap-conf-file option to override /etc/ldap.conf
-
-544) Added SSL tls_* certificate checking options when using LDAP.
-
-545) Sudoedit will now only attempt to edit regular files or links.
-
-546) Sudo now uses futime() or futimes() where possible.
-
-547) Updated sample.pam to a current version.
-
-548) Better detection of unchanged files in sudoedit.
-
-Sudo 1.6.8p1 released.
-
-549) Bash exported functions are now stripped from the environment passed
- to the program to be executed.
-
-Sudo 1.6.8p2 released.
-
-550) The CDPATH variable is now stripped from the environment passed
- to the program to be executed.
-
-551) Fix temp file generation on systems where the _PATH_VARTMP macro
- lacks a trailing slash.
-
-Sudo 1.6.8p3 released.
-
-552) The KRB5CCNAME environment variable is preserved during sudo
- execution for password lookups that use GSSAPI.
-
-Sudo 1.6.8p4 released.
-
-553) Added a configure check for systems with a 2-argument version of
- timespecsub (like BSD/OS).
-
-554) Added stub struct defintions to sudo.h to quiet compiler warnings
- on some systems.
-
-555) In sudoers Defaults lines, tuples like "lecture" may now be used
- without a value, restoring their old boolean-like nature.
-
-556) Invalid values for a tuple are now handled correctly.
-
-Sudo 1.6.8p5 released.
-
-557) Added a set of missing braces needed for MacOS X / Darwin.
-
-558) Define LDAP_OPT_SUCCESS for those without it.
-
-Sudo 1.6.8p6 released.
-
-559) Warn if the user tries to use the -u option when not running a command.
-
-560) Better PAM error handling and messages.
-
-561) Fixed setting of $USER when env_reset is enabled.
-
-Sudo 1.6.8p7 released.
-
-562) Fixed noexec functionality on Linux.
-
-563) Fixed minor format string mismatches in some error cases.
-
-564) Fixed a bug that prevented Heimdal authentication from working.
-
-Sudo 1.6.8p8 released.
-
-565) Updated config.guess and config.sub entries for OpenBSD.
-
-566) A sudoers entry with sudo ALL no longer overwrites the value of
- safe_cmnd.
-
-Sudo 1.6.8p9 released.
-
-567) Added PS4 and SHELLOPTS to the list of variables to remove from
- the environment.
-
-Sudo 1.6.8p10 released.
-
-567) Added JAVA_TOOL_OPTIONS to the list of variables to remove from
- the environment.
-
-Sudo 1.6.8p11 released.
-
-567) Added PERLLIB, PERL5LIB and PERL5OPT to the list of variables to
- remove from the environment.
-
-Sudo 1.6.8p12 released.
-
-568) Fixed a file descriptor leak when the lecture file option is enabled.
-
-569) Added to the list of variables to remove from the environment.
-
-570) Fixed a Kerberos V security issue that could allow a
- user to authenticate using a fake KDC.
-
-571) Pulled in updated configure and libtool from sudo 1.7.
-
-572) PAM is now the default on systems where it is supported.
-
-573) Removed POSIX saved uid use; the stay_setuid option now
- requires the setreuid() or setresuid() functions to work.
-
-574) Regenerated configure with up to date autoconf and libtool.
-
-575) Fixed fd leak when lecture file option is enabled.
-
-576) Removed used of POSIX saved uids. The stay_setuid
- option now requires setreuid() or setresuid().
-
-577) PAM fixes. If the user enters ^C at the password prompt,
- abort instead of trying to authenticate with an empty password
- (which causes an annoying delay). Also Call pam_open_session()
- and pam_close_session() to give pam_limits a chance to run.
-
-578) Security fix for Kerberos5. If we cannot get a valid service
- key using the default keytab it is a fatal error. Now uses
- krb5_verify_user() and krb5_init_secure_context() if they
- are available.
-
-579) Fixed securid5 authentication.
-
-580) Added fcntl F_CLOSEM support to closefrom().
-
-581) Added NOEXEC support for AIX 5.3.
-
-582) Sudo now uses the supplemental group vector for matching.
- This fixes problems with split group lines in /etc/group
- as well as multiple group sources in nsswitch.conf.
-
-583) Added more environment variables to remove by default.
-
-584) Mail from sudo now includes an Auto-Submitted: auto-generated
- header ala rfc 3834.
-
-585) Reworked the environment handling code.
-
-586) Remove the --with-execv option, it was not useful.
-
-587) Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since
- some OSes have issues with TCSAFLUSH.
-
-588) Use glob(3) instead of fnmatch(3) for matching pathnames
- and stat() each result that matches the basename of the user's
- command. This makes "cd /usr/bin ; sudo ./blah" work when
- sudoers allows /usr/bin/blah.
-
-589) Reworked the syslog long line splitting code based on changes
- from Eygene Ryabinkin.
-
-590) Sudo can now with deal more than 32 network interfaces on
- Solaris.
-
-591) Visudo will now honor command line arguments in the EDITOR or
- VISUAL environment variables if env_editor is enabled.
-
-592) LDAP now honors rootbinddn, timelimit and bind_timelimit in
- /etc/ldap.conf.
-
-593) For LDAP, do a sub tree search instead of a base search (one
- level in the tree only) for sudo right objects. This allows
- system administrators to categorize the rights in a tree to
- make them easier to manage.
-
-594) The env_reset option is now enabled by default. Commands run
- through sudo now receive a minimal environment with certain
- variables passed through and/or checked. The list of variables
- allowed is configurable via the env_keep and env_check options
- in sudoers.
-
-595) Added support for Solaris 10 resource control limits using
- the "project" interface.
-
-596) Moved LDAP schema data into separate files.
-
-597) Sudo no longer assumes that gr_mem in struct group is non-NULL.
-
-598) Added support for setting environment variables on the command
- line if the command has the SETENV attribute set in sudoers.
-
-599) Added a -E flag to preserve the environment if the SETENV attribute
- has been set.
-
-600) The sudoers2ldif script now parses Runas users.
-
-601) The -- flag now behaves as documented.
-
-602) sudo -k/-K no longer cares if the timestamp is in the future.
-
-603) When searching for the command, sudo now uses the effective gid
- of the runas user.
-
-604) Sudo no longer updates the timestamp if not validated by sudoers.
-
-605) Now rebuild environment regardless of how sudo was invoked.
-
-606) More accurate usage() when called as sudoedit.
-
-607) Command line environment variables are now treated like
- normal environment variables unless the SETENV tag is set.
-
-608) Better explanation of environment handling in the sudo man page.
-
-Sudo 1.6.9 released.
-
-609) Worked around a bug ins some PAM implementations that caused a crash
- when no tty was present.
-
-610) Fixed a crash on some platforms in the error logging function.
-
-611) Documentation improvements.
-
-Sudo 1.6.9p1 released.
-
-612) Fixed updating of the saved environment when the environ pointer
- gets changed out from underneath us.
-
-Sudo 1.6.9p2 released.
-
-613) Fixed a bug related to supplemental group matching introduced
- in 1.6.9.
-
-Sudo 1.6.9p3 released.
-
-614) Added IPv6 support from YOSHIFUJI Hideaki.
-
-615) Fixed sudo_noexec installation path.
-
-616) Fixed a K&R compilation error.
-
-Sudo 1.6.9p4 released.
-
-617) Fixed a bug in the IP address matching introduced by the IPV6 merge.
-
-618) For "visudo -f file" we now use the permissions of the original file
- and not the hard-coded sudoers owner/group/mode. This makes
- it possible to use visudo with a revision control system.
-
-619) Fixed sudoedit when used on a non-existent file.
-
-620) Regenerated configure using autoconf 2.6.1 and libtool 1.5.24.
-
-621) Groups and netgroups are now valid in an LDAP sudoRunas statement.
-
-Sudo 1.6.9p5 released.
-
-622) Worked around bugs in the session support of some PAM implementations.
- The full tty path is now passed to PAM as well.
-
-623) Sudo now only prints the password prompt if the process is in the
- foreground.
-
-624) inttypes.h is now included when appropriate if it is present.
-
-625) Simplified alias allocation in the parser.
-
-Sudo 1.6.9p6 released.
-
-626) Go back to using TCSAFLUSH instead of TCSADRAIN when turning
- off echo in tgetpass().
-
-627) Fixed addition of -lutil for logincap on FreeBSD and NetBSD.
-
-628) Add configure check for struct in6_addr since some systems define
- AF_INET6 but have no real IPv6 support.
-
-Sudo 1.6.9p7 released.
-
-629) Fixed a bug where a sudoers entry with no runas user specified
- was treated differently from a line with the default runas
- user specified.
-
-Sudo 1.6.9p8 released.
-
-630) The ALL command in sudoers now implies SETENV permissions.
-
-631) The command search is now performed using the target user's
- auxiliary group vector too.
-
-632) When determining if the PAM prompt is the default "Password: ",
- compare the localized version if possible.
-
-633) Added passprompt_override flag to sudoers to cause sudo's prompt
- to be used in all cases. Also set when the -p flag is used.
-
-Sudo 1.6.9p9 released.
-
-634) Moved LDAP options into a table for simplified parsing/setting.
-
-635) Fixed a problem with how some LDAP options were being applied.
-
-636) Added support for connecting directly to LDAP servers via SSL
- in addition to the existing start_tls support.
-
-Sudo 1.6.9p10 released.
-
-637) Fixed a compilation problem on SCO related to how they
- store the high resolution timestamps in struct stat.
-
-638) Avoid checking the passwd file group multiple times
- in the LDAP query when the user's passwd group is also
- listed in the supplemental group vector.
-
-639) The URI specifier can now be used in ldap.conf even when
- the LDAP SDK doesn't support ldap_initialize().
-
-640) New %p prompt escape that expands to the user whose password
- is being prompted, as specified by the rootpw, targetpw and
- runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.
-
-Sudo 1.6.9p11 released.
-
-641) Added a configure check for the ber_set_option() function.
-
-642) Fixed a compilation problem with the HP-UX K&R C compiler.
-
-643) Revamped the Kerberos 5 ticket verification code.
-
-644) Added support for the checkpeer ldap.conf variable for
- netscape-based LDAP SDKs.
-
-645) Fixed a problem where an incomplete password could be echoed
- to the screen if there was a read timeout.
-
-Sudo 1.6.9p12 released.
-
-646) Sudo will now set the nproc resource limit to unlimited on Linux
- systems to work around Linux's setuid() resource limit semantics.
- On PAM systems the resource limits will be reset by pam_limits.so
- before the command is executed.
-
-647) SELinux support that can be used to implement role based access
- control (RBAC). A role and (optional) type may be specified
- in sudoers or on the command line. These are then used in the
- security context that the command is run as.
-
-648) Fixed a Kerberos 5 compilation problem with MIT Kerberos.
-
-Sudo 1.6.9p13 released.
-
-649) Fixed an invalid assumption in the PAM conversation function
- introduced in version 1.6.9p9. The conversation function may
- be called for non-password reading purposes as well.
-
-650) Fixed freeing an uninitialized pointer in -l mode, introduced in
- version 1.6.9p13.
-
-651) Check /etc/sudoers after LDAP even if the user was found in LDAP.
- This allows Defaults options in /etc/sudoers to take effect.
-
-652) Add missing checks for enforcing mode in SELinux RBAC mode.
-
-Sudo 1.6.9p14 released.
-
-653) Fixed installation of sudo_noexec.so on AIX.
-
-654) Updated libtool to version 1.5.26.
-
-655) Fixed printing of default SELinux role and type in -V mode.
-
-656) The HOME environment variable is once again preserved by default,
- as per the documentation.
-
-Sudo 1.6.9p15 released.
-
-657) There was a missing space before the ldap libraries in the Makefile
- for some configurations.
-
-658) LDAPS_PORT may not be defined on older Solaris LDAP SDKs.
-
-659) If the LDAP server could not be contacted and the user was not present
- in sudoers, a syntax error in sudoers was incorrectly reported.
-
-Sudo 1.6.9p16 released.
-
-660) The -i flag should imply resetting the environment, as it did in
- sudo version prior to 1.6.9. Also, the -i and -E flags are
- mutually exclusive.
-
-661) Fixed the configure test for dirfd() under Linux.
-
-662) Fixed test for whether -lintl is required to link.
-
-663) Changed how sudo handles the child process when sending mail.
- This fixes a problem on Linux with the mail_always option.
-
-664) Fixed a problem with line continuation characters inside of
- quoted strings.
-
-Sudo 1.6.9p17 released.
-
-665) Fixed a crash when the -i flag was used with a uid not in the password
- database.
-
-666) Regenerated parser to pull in a yacc skeleton fix.
diff --git a/usr.bin/sudo/ChangeLog b/usr.bin/sudo/ChangeLog
new file mode 100644
index 00000000000..582f72602b2
--- /dev/null
+++ b/usr.bin/sudo/ChangeLog
@@ -0,0 +1,19479 @@
+2008-11-10 08:07 millert
+
+ * pathnames.h.in, sudo.c: s/overriden/overridden/; from Tobias
+ Stoeckmann
+
+2008-11-09 15:18 millert
+
+ * visudo.c, WHATSNEW: check sudoers owner and mode in strict mode
+
+2008-11-09 09:15 millert
+
+ * gram.c, toke.c: regen
+
+2008-11-09 09:13 millert
+
+ * alias.c, alloc.c, closefrom.c, compat.h, defaults.c, defaults.h,
+ env.c, fileops.c, gettime.c, gram.y, ins_csops.h, insults.h,
+ interfaces.c, interfaces.h, lbuf.c, license.pod, list.c,
+ logging.c, logging.h, parse.c, parse.h, pwutil.c, redblack.c,
+ redblack.h, snprintf.c, sudo.c, sudo.pod, sudo_edit.c,
+ sudo_nss.h, testsudoers.c, toke.l, tsgetgrpw.c, utimes.c,
+ version.h, visudo.c, zero_bytes.c, LICENSE, sudoers.pod,
+ visudo.pod, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
+ auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
+ auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h,
+ sudo.man.in, sudoers.man.in, visudo.man.in: Update copyright
+ years.
+
+2008-11-09 08:48 millert
+
+ * fnmatch.c, glob.c, emul/charclass.h: add my copyright
+
+2008-11-08 10:40 millert
+
+ * toke.c, toke.l: The loop in fill_cmnd() was going one byte too
+ far past the end, resulting in a NUL being written immediately
+ after the buffer end.
+
+2008-11-08 10:31 millert
+
+ * UPGRADE, WHATSNEW: add sections on tgetpass changes
+
+2008-11-08 10:30 millert
+
+ * tgetpass.c: Treat EOF w/o newline as an error.
+
+2008-11-07 17:42 millert
+
+ * parse.c: Fix "sudo -v" when NOPASSWD is set.
+
+2008-11-07 12:45 millert
+
+ * auth/: bsdauth.c, fwtk.c, pam.c, sudo_auth.c, sudo_auth.h: No
+ longer treat an empty password at the prompt as special. To quit
+ out of sudo you now need to hit ^C at the password prompt.
+
+2008-11-06 21:07 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2008-11-06 21:06 millert
+
+ * def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod: Sudo
+ will now refuse to run if no tty is present unless the new
+ visiblepw sudoers flag is set.
+
+2008-11-05 19:42 millert
+
+ * aix.c: just use RLIM_INFINITY for RLIM_SAVED_MAX if
+ RLIM_SAVED_MAX not defined
+
+2008-11-05 19:40 millert
+
+ * aix.c: fix fallback value for RLIM_SAVED_MAX
+
+2008-11-05 19:14 millert
+
+ * auth/: aix_auth.c, sudo_auth.h: Move clearing of AUTHSTATE into
+ aixauth_cleanup.
+
+2008-11-05 19:08 millert
+
+ * env.c, auth/aix_auth.c: Unset AUTHSTATE after calling
+ authenticate() as it may not be correct for the user we are
+ running the command as.
+
+2008-11-05 19:05 millert
+
+ * isblank.c: Add isblank() function for systems without it. Needed
+ for POSIX character class matching in fnmatch.c and glob.c.
+
+2008-11-05 11:02 millert
+
+ * TROUBLESHOOTING: expound on sudo and cd
+
+2008-11-04 15:52 millert
+
+ * ChangeLog: regen
+
+2008-11-04 15:46 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2008-11-04 15:45 millert
+
+ * sudoers.pod: mention defauts parse order
+
+2008-11-03 13:19 millert
+
+ * Makefile.in, aclocal.m4, compat.h, configure: Add isblank()
+ function for systems without it. Needed for POSIX character
+ class matching in fnmatch.c and glob.c.
+
+2008-11-03 12:54 millert
+
+ * Makefile.in: add emul/charclass.h to HDRS
+
+2008-11-02 14:08 millert
+
+ * TODO: checkpoint
+
+2008-11-02 14:06 millert
+
+ * parse.c, defaults.c, testsudoers.c, visudo.c: Move
+ update_defaults into defaults.c and call it properly from visudo
+ and testsudoers.
+
+2008-11-02 09:51 millert
+
+ * defaults.c, interfaces.c, pwutil.c, sudo.c, sudo_edit.c,
+ tgetpass.c, tsgetgrpw.c: use zero_bytes() instead of memset() for
+ consistency
+
+2008-11-02 09:45 millert
+
+ * logging.c, mon_systrace.c, parse.c, sudo.c, sudo_edit.c,
+ tgetpass.c, visudo.c: Zero out sigaction_t before use in case it
+ has non-standard entries.
+
+2008-11-02 09:35 millert
+
+ * match.c: quiet gcc
+
+2008-11-02 09:28 millert
+
+ * match.c: Short circuit glob() checks if basename(pattern) !=
+ basename(command). Refactor code that checks for a command in a
+ directory and use it in the glob case if the resolved pattern
+ ends in a '/'.
+
+2008-11-01 09:20 millert
+
+ * defaults.h, parse.c, sudo.c, testsudoers.c, visudo.c: Defer
+ setting runas defaults until after runaspw/gr is setup.
+
+2008-10-29 13:26 millert
+
+ * match.c, sudo.c, testsudoers.c: Use MAXHOSTNAMELEN+1 when
+ allocating host/domain name since some systems do not include
+ space for the NUL in the size. Also manually NUL-terminate
+ buffer from gethostname() since POSIX is wishy-washy on this.
+
+2008-10-26 17:13 millert
+
+ * sudo.c, sudoers.pod: When setting the umask, use the union of the
+ user's umask and the default value set in sudoers so that we
+ never lower the user's umask when running a command.
+
+2008-10-26 16:43 millert
+
+ * sudo.c: Don't try to read from a zero-length sudoers file.
+ Remove the bogus Solaris work-around for EAGAIN. Since we now
+ use fgetc() it should not be a problem.
+
+2008-10-25 09:22 millert
+
+ * parse.c: In update_defaults() check the return value of
+ user*_matches against ALLOW so we don't inadvertantly match on
+ UNSPEC.
+
+2008-10-24 09:52 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
+ sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
+ regen man pages; no more hyphenation
+
+2008-10-24 09:49 millert
+
+ * sudo.c: Don't error out on a zero-length sudoers file. With the
+ advent of #include the user could create a situation where sudo
+ is unusable.
+
+2008-10-23 12:06 millert
+
+ * config.h.in, configure, configure.in, auth/kerb5.c: Newer heimdal
+ has 2-argument krb5_get_init_creds_opt_free() like MIT krb5.
+ Really old heimdal has no krb5_get_init_creds_opt_alloc() at all.
+ Add configure tests to handle all the cases.
+
+2008-10-08 17:28 millert
+
+ * sudo.pod: resort ENVIRONMENT
+
+2008-10-08 17:09 millert
+
+ * sudoers.pod: document sudoers_locale
+
+2008-10-08 16:56 millert
+
+ * sudo.pod, sudo_edit.c: add SUDO_EDITOR variable that sudoedit
+ uses in preference to VISUAL or EDITOR
+
+2008-10-08 14:27 millert
+
+ * toke.c, toke.l: In fill_cmnd(), collapse any escaped
+ sudo-specific characters. Allows character classes to be used in
+ pathnames.
+
+2008-10-03 16:02 millert
+
+ * lbuf.c: fix typo in non-C89 function declaration
+
+2008-10-03 15:56 millert
+
+ * sudoers.pod: Mention POSIX characters classes now that out
+ fnmatch() and glob() support them.
+
+2008-10-03 15:55 millert
+
+ * sample.sudoers, sudoers.pod: Replace [A-z] (which won't match in
+ UTF8) with [A-Za-z] which is locale agnostic.
+
+2008-10-03 10:02 millert
+
+ * parse.h: use __signed char if we are going to assign a negative
+ value since on Power, char is unsigned by default
+
+2008-10-03 09:59 millert
+
+ * configure, configure.in, config.h.in: Add tests for __signed char
+ and signed char.
+
+2008-10-03 09:19 millert
+
+ * aix.c: Fix AIX limit setting. getuserattr() returns values in
+ disk blocks rather than bytes. The default hard stack size in
+ newer AIX is RLIM_SAVED_MAX. From Dale King.
+
+2008-09-26 17:13 millert
+
+ * fnmatch.c, glob.c, emul/charclass.h: Add character class support
+ to included glob(3) and fnmatch(3).
+
+2008-09-16 08:28 millert
+
+ * emul/fnmatch.h: Remove UCB advertising clause and some
+ compatibility defines.
+
+2008-09-14 16:07 millert
+
+ * sudo_edit.c: Check EDITOR/VISUAL to make sure sudoedit is not
+ re-invoking itself or sudo. This allows one to set EDITOR to
+ sudoedit without getting into an infinite loop of sudoedit
+ running itself until the path gets too big.
+
+2008-09-13 20:45 millert
+
+ * def_data.c, def_data.h, def_data.in, defaults.c, sudo.c: Add
+ sudoers_locale Defaults option to override the default sudoers
+ locale of "C".
+
+2008-09-13 14:09 millert
+
+ * sudo.c: Set locale to system default except for during sudoers
+ parse.
+
+2008-09-12 09:34 millert
+
+ * match.c: Redo change in 1.34 to use pointer arithmetic.
+
+2008-09-11 07:06 millert
+
+ * match.c: Fix a dereference (read) of a freed pointer. Reported
+ by Patrick Williams.
+
+2008-08-23 19:09 millert
+
+ * sudo.c: Set locale to "C" to avoid interpretation issues with
+ character ranges in sudoers. May want to make the locale a
+ sudoers option in the future.
+
+2008-08-20 07:45 millert
+
+ * config.h.in: we no longer use setproctitle
+
+2008-08-20 07:41 millert
+
+ * sudo.h: remove #if 1
+
+2008-08-20 07:40 millert
+
+ * LICENSE, mkstemp.c: Use my replacement mkstemp() from the mktemp
+ package.
+
+2008-07-12 08:53 millert
+
+ * gram.c: regen with yacc skeleton bug fixed
+
+2008-07-12 08:48 millert
+
+ * sudoers.pod: Remove duplicate "as root". From Martin Toft.
+
+2008-07-02 06:27 millert
+
+ * pwutil.c, sudo.c, testsudoers.c, sudo.h: Flesh out the fake
+ passwd entry used for running commands as a uid not listed in the
+ passwd database. Fixes an issue with some PAM modules.
+
+2008-07-01 07:57 millert
+
+ * sudo.c: Error out in -i mode if the user has no shell. This can
+ happen when running commands as a uid with no password entry.
+
+2008-06-26 07:49 millert
+
+ * toke.c, toke.l: Better fix for line continuation inside double
+ quotes. Now accepts whitespace between the backslash and the
+ newline like the main lexer.
+
+2008-06-25 14:31 millert
+
+ * toke.c, toke.l: Fix line continuation in strings. It was only
+ being honored if preceded by whitespace.
+
+2008-06-22 16:19 millert
+
+ * config.h.in, configure, configure.in, logging.c: Replace the
+ double fork with a fork + daemonize.
+
+2008-06-21 14:59 millert
+
+ * env.c, sudo.c: The -i flag should imply env_reset. This got
+ broken in sudo 1.6.9.
+
+2008-06-20 20:34 millert
+
+ * logging.c, sudo.c, sudo_edit.c, visudo.c: Change how the mailer
+ is waited for. Instead of having a SIGCHLD handler, use the
+ double fork trick to orphan the child that opens the pipe to
+ sendmail. Fixes a problem running su on some Linux distros.
+
+2008-06-20 17:16 millert
+
+ * configure, configure.in: Fix configure test for dirfd() on Linux
+ where DIR is opaque.
+
+2008-06-17 17:42 millert
+
+ * tgetpass.c: Get rid of the QNX TCSAFLUSH -> TCSADRAIN hack. If
+ QNX still has this problem we'll need to revisit this again.
+
+2008-06-10 21:13 millert
+
+ * logging.c: Ignore SIGPIPE instead of blocking it when piping to
+ the mailer. If we only block the signal it may be delivered
+ later when we unblock. Also, there is no need to block SIGCHLD
+ since we no longer do the double fork. The normal SIGCHLD
+ handler is sufficient.
+
+2008-06-08 17:37 millert
+
+ * configure, configure.in: Add description for NO_PAM_SESSION, from
+ a redhat patch.
+
+2008-06-06 09:36 millert
+
+ * sudo.cat, sudo.man.in, sudo.pod: Fix typos in -i usage
+
+2008-05-18 13:54 millert
+
+ * configure, configure.in: Redo the test for dgettext() in a way
+ that hopefully will work around the libintl_dgettext() undefined
+ problem.
+
+2008-05-11 09:21 millert
+
+ * schema.ActiveDirectory: change filename in comment
+
+2008-05-10 09:18 millert
+
+ * Makefile.in, README.LDAP, sudoers.ldap.cat, sudoers.ldap.man.in,
+ sudoers.ldap.pod: Reference schema.ActiveDirectory
+
+2008-05-09 14:49 millert
+
+ * schema.OpenLDAP, schema.iPlanet: Mark sudoRunAs as deprecated.
+
+2008-05-09 14:48 millert
+
+ * schema.ActiveDirectory: add sudoRunAsUser and sudoRunAsGroup
+
+2008-05-09 14:01 millert
+
+ * schema.ActiveDirectory: Active Directory schema by Chantal
+ Paradis and Eric Paquet
+
+2008-05-08 17:54 millert
+
+ * parse.c: remove an XXX that was fixed
+
+2008-05-08 12:53 millert
+
+ * ChangeLog: sync
+
+2008-05-08 12:49 millert
+
+ * parse.c: Initialize tags to UNSPEC instead of def_* in "sudo -l"
+ mode. This fixes a problem where the tag value printed was
+ influenced by defaults set in the first pass through the parser.
+
+2008-05-03 21:29 millert
+
+ * Makefile.in, sudo.psf: No point in packaging the TODO file
+
+2008-05-03 21:24 millert
+
+ * ChangeLog: sync
+
+2008-05-02 20:53 millert
+
+ * WHATSNEW, def_data.c, def_data.h, def_data.in, env.c, sudo.c,
+ sudo.h, sudoers.cat, sudoers.man.in, sudoers.pod: Add env_file
+ Defaults option that is similar to /etc/environment on some
+ systems.
+
+2008-05-02 16:38 millert
+
+ * Makefile.in, README, TODO, WHATSNEW, sudo.cat, sudo.man.in,
+ sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in,
+ sudoers.man.in, version.h, visudo.cat, visudo.man.in: change
+ version to 1.7.0
+
+2008-05-02 16:37 millert
+
+ * UPGRADE: initial valgrind pass done
+
+2008-04-23 08:30 millert
+
+ * ldap.c: Fix typo/think in sudo_ldap_read_secret() when storing
+ the secret.
+
+2008-04-11 10:03 millert
+
+ * ldap.c: define LDAPS_PORT if the system headers do not
+
+2008-04-10 14:54 millert
+
+ * gram.c, gram.y: Fix another memory leak in init_parser().
+
+2008-04-10 12:51 millert
+
+ * configure, configure.in: There was a missing space before the
+ ldap libs in SUDO_LIBS for some configurations.
+
+2008-04-10 11:28 millert
+
+ * alias.c, gram.c, gram.y, toke.c, toke.l: Clean up some memory
+ leaks pointed out by valgrind.
+
+2008-04-07 14:39 millert
+
+ * sudo.c: fix "sudo -s" broken by mode/flags breakout
+
+2008-04-07 14:26 millert
+
+ * configure, configure.in: remove duplicate check for dgettext
+
+2008-04-05 15:54 millert
+
+ * aix.c: Fall back to default stanza if no user-specific limit is
+ found.
+
+2008-04-02 15:56 millert
+
+ * snprintf.c: include stdint.h if present
+
+2008-04-02 15:28 millert
+
+ * snprintf.c: Use LLONG_MAX, not the old QUAD_MAX
+
+2008-04-01 19:18 millert
+
+ * sudoers.ldap.pod: fix cut and pasto
+
+2008-03-31 11:24 millert
+
+ * pwutil.c: Add #ifdef PURITY
+
+2008-03-30 17:36 millert
+
+ * auth/bsdauth.c: remove useless cast
+
+2008-03-27 19:07 millert
+
+ * ChangeLog: sync
+
+2008-03-27 19:04 millert
+
+ * TODO: sync
+
+2008-03-27 19:01 millert
+
+ * sudo.h: Split MODE_* defines into primary and flags.
+
+2008-03-26 13:11 millert
+
+ * aix.c: It turns out the logic for getting AIX limits is more
+ convoluted than I realized and differs depending on whether the
+ soft and/or hard limits are defined.
+
+2008-03-23 10:18 millert
+
+ * Makefile.in, configure, configure.in: Back out AIX-specific
+ change to set the sudo_noexec path to the .a file, we do really
+ want to use the .so file. Since libtool doesn't do that
+ correctly, just install the .so file ourselves in the Makefile.
+
+2008-03-23 10:12 millert
+
+ * install-sh: If the file given to install is a path, only use the
+ basename of the file when building the destination path.
+
+2008-03-18 16:08 millert
+
+ * sudo.c: parse_args() cleanup: Sort command line options in the
+ getopt() switch The -U option requires a parameter Normalize a
+ few ISSET calls Split mode into mode and flags and retire the
+ now-obsolete excl variable
+
+2008-03-18 16:04 millert
+
+ * WHATSNEW, check.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
+ sudo.pod, sudo_usage.h.in: Add -n (non-interactive) flag.
+
+2008-03-18 15:59 millert
+
+ * sudo.c: Move version printing, etc. into a separate function.
+
+2008-03-18 15:57 millert
+
+ * sudo.c: Don't try to cleanup nsswitch if it has not been
+ initialized.
+
+2008-03-17 11:09 millert
+
+ * logging.c: Block SIGPIPE in send_mail() so sudo is not killed by
+ a problem executing the mailer.
+
+2008-03-14 08:11 millert
+
+ * configure.in, configure: AIX shared libs end in .a, not .so.
+
+2008-03-13 07:34 millert
+
+ * env.c: Preserve HOME by default too. Matches documentation and
+ previous behavior.
+
+2008-03-12 19:42 millert
+
+ * sudo.c: Use getopt() to parse the command line. We need to be
+ able to intersperse env variables and options yet still honor
+ "--"" which complicates things slightly.
+
+2008-03-06 14:46 millert
+
+ * ChangeLog: sync
+
+2008-03-06 14:43 millert
+
+ * acsite.m4, configure, ltmain.sh: update to libtool-1.5.26
+
+2008-03-06 14:32 millert
+
+ * config.guess, config.sub: update from libtool-1.5.26 distribution
+
+2008-03-06 13:18 millert
+
+ * aix.c, sudo.h: attempt to fix compilation errors on AIX
+
+2008-03-06 13:08 millert
+
+ * Makefile.in: fix typo in last commit
+
+2008-03-06 13:07 millert
+
+ * Makefile.in: Add WHATSNEW file to the distribution
+
+2008-03-06 12:43 millert
+
+ * visudo.c: use warningx instead of fprintf(stderr, ...)
+
+2008-03-06 12:31 millert
+
+ * list.c: add DEBUG to list2tq
+
+2008-03-06 12:28 millert
+
+ * ChangeLog, TODO: sync
+
+2008-03-06 12:21 millert
+
+ * WHATSNEW: mention mailfrom
+
+2008-03-06 12:19 millert
+
+ * Makefile.in, config.h.in, configure, configure.in, set_perms.c,
+ sudo.h, aix.c: Add aix_setlimits() to set resource limits on AIX
+ using a combination of getuserattr() and setrlimit(). Currently
+ untested.
+
+2008-03-05 16:52 millert
+
+ * def_data.c, def_data.h, def_data.in, logging.c, sudoers.cat,
+ sudoers.pod, sudoers.man.in: Add mailfrom Defaults option that
+ sets the value of the From: field in the warning/error mail. If
+ unset the login name of the invoking user is used.
+
+2008-03-05 16:18 millert
+
+ * defaults.c: store a copy of _PATH_SUDO_ASKPASS in def_askpass
+ that is freeable
+
+2008-03-05 15:19 millert
+
+ * gram.c, gram.y: When adding a default, only call list2tq() once
+ to do the list to tq conversion. It is not legal to call list2tq
+ multiple times on the same list since list2tq consumes and
+ modifies the list argument.
+
+2008-03-05 09:38 millert
+
+ * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod: comment
+ out XXXs for now
+
+2008-03-05 09:36 millert
+
+ * WHATSNEW: mention askpass
+
+2008-03-04 17:20 millert
+
+ * sudo.c: Error out if both -A and -S are specified Error out if -A
+ is specified but no askpass is configured
+
+2008-03-04 17:16 millert
+
+ * configure, configure.in: we are not going to ship a sudo-specific
+ askpass
+
+2008-03-03 14:30 millert
+
+ * sudo.h: fix definition of TGP_ASKPASS
+
+2008-03-03 13:54 millert
+
+ * def_data.c, def_data.in: make askpass boolean-capable
+
+2008-03-03 13:53 millert
+
+ * INSTALL: document --with-askpass
+
+2008-03-02 19:27 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in,
+ sudoers.ldap.cat, visudo.cat: regen
+
+2008-03-02 17:31 millert
+
+ * sudo.pod, sudo_usage.h.in, sudoers.pod: document -A and askpass
+
+2008-03-02 09:31 millert
+
+ * check.c, configure, configure.in, def_data.c, def_data.h,
+ def_data.in, defaults.c, pathnames.h.in, sudo.c, sudo.h,
+ sudo_usage.h.in, tgetpass.c, auth/sudo_auth.c: Add support for
+ running a helper program to read the password when no tty is
+ present (or when specified with the -A flag). TODO: docs.
+
+2008-03-02 08:38 millert
+
+ * def_data.c, def_data.in: add missing printf format to SELinux
+ role and type strings
+
+2008-02-27 09:26 millert
+
+ * INSTALL, configure, configure.in: Disable use of
+ gss_krb5_ccache_name() by default and add
+ --enable-gss-krb5-ccache-name configure option to enable it. It
+ seems that gss_krb5_ccache_name() doesn't work properly with some
+ combinations of Heimdal and OpenLDAP.
+
+2008-02-22 15:33 millert
+
+ * selinux.c: Ignore setexeccon() failing in permissive mode. Also
+ add a call to setkeycreatecon() (though this is probably
+ insufficient). From Dan Walsh.
+
+2008-02-22 15:19 millert
+
+ * auth/pam.c: Only set std_prompt for the PAM_PROMPT_* cases. The
+ conversation function may be called for non-password reading
+ purposes so we must be careful not to use def_prompt in cases
+ where it may not be set.
+
+2008-02-20 12:00 millert
+
+ * selinux.c: Don't free the new tty context, we need to keep it
+ around when we restore the tty context after the command
+ completes
+
+2008-02-19 16:04 millert
+
+ * selinux.c: s/newrole/sudo/
+
+2008-02-19 13:21 millert
+
+ * sudo.man.pl, sudo.pod: Only put login_cap(3) in SEE ALSO section
+ if we have login.conf support
+
+2008-02-18 11:05 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
+ sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
+ regen
+
+2008-02-18 10:53 millert
+
+ * Makefile.in, configure, configure.in, sudo.man.pl, sudo.pod,
+ sudoers.man.pl, sudoers.pod: Substitute in comment characters for
+ lines partaining to login.conf, BSD auth and SELinux and only
+ enable them if pertinent.
+
+2008-02-18 10:42 millert
+
+ * Makefile.in, sudo.pod, sudoers.ldap.pod, sudoers.pod, visudo.pod:
+ Remove the =cut on the first line (above the copyright notice) to
+ quiet pod2man. Also remove the hackery in the FILES section and
+ just deal with the fact that there will a newline between each
+ pathname.
+
+2008-02-17 08:19 millert
+
+ * Makefile.in: run sudo.man.pl when generating sudo.man.in
+
+2008-02-17 08:11 millert
+
+ * configure, configure.in, sudo.man.pl: comment out SELinux manual
+ bits unless --with-selinux was specified
+
+2008-02-17 08:04 millert
+
+ * sudoers.pod: document role and type defaults for SELinux
+
+2008-02-16 20:26 millert
+
+ * sudo.c, sudo.cat, sudo.man.in, sudo.pod, sudo_usage.h.in:
+ Document "sudo -ll" and make "sudo -l -l" be equivalent.
+
+2008-02-15 15:23 millert
+
+ * configure.in, configure: Treat k*bsd*-gnu like Linux, not BSD.
+ Fixes compilation problems on Debian GNU/kFreeBSD.
+
+2008-02-13 17:17 millert
+
+ * auth/kerb5.c: Avoid Heimdal'isms introduced in the rev 1.32
+ rewrite of verify_krb_v5_tgt()
+
+2008-02-13 07:28 millert
+
+ * logging.c, logging.h, sudo.c: Remove dependence on
+ VALIDATE_NOT_OK in logging functions. Split log_auth() into
+ log_allowed() and log_denial() Replace mail_auth() with
+ should_mail() and a call to send_mail()
+
+2008-02-10 18:06 millert
+
+ * ldap.c: Add debugging so we can tell if the krb5 ccache is
+ accessible
+
+2008-02-10 17:34 millert
+
+ * INSTALL: mention --with-selinux
+
+2008-02-09 09:48 millert
+
+ * configure: regen
+
+2008-02-09 09:43 millert
+
+ * selinux.c: add Sudo tag
+
+2008-02-09 09:30 millert
+
+ * Makefile.in, config.h.in, configure.in, def_data.c, def_data.h,
+ def_data.in, gram.c, gram.h, gram.y, ldap.c, parse.c, parse.h,
+ pathnames.h.in, selinux.c, sesh.c, sudo.c, sudo.cat, sudo.h,
+ sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.ldap.cat,
+ sudoers.ldap.man.in, sudoers.ldap.pod, testsudoers.c, toke.c,
+ toke.l: Add support for SELinux RBAC. Sudoers entries may
+ specify a role and type. There are also role and type defaults
+ that may be used. To make sure a transition occurs, when using
+ RBAC commands are executed via the new sesh binary. Based on
+ initial changes from Dan Walsh.
+
+2008-02-08 08:18 millert
+
+ * lbuf.c, ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.c: Add long
+ list (sudo -ll) support for printing verbose LDAP and sudoers
+ file entries. Still need to update manual.
+
+2008-02-03 10:43 millert
+
+ * ldap.c, parse.c, sudo.h, sudo_nss.c, sudo_nss.h: Unify the -l
+ output for file and ldap based sudoers and use lbufs for both.
+ The ldap output does not currently include options that cannot be
+ represented as tags. This will be remedied in a long list output
+ mode to come.
+
+2008-01-27 16:37 millert
+
+ * set_perms.c: Use a specific error message for errno == EAGAIN
+ when setuid() et al fails. On Linux systems setuid() will fail
+ with errno set to EAGAIN if changing to the new uid would result
+ in a resource limit violation.
+
+2008-01-27 16:34 millert
+
+ * sudo.c: Unlimit nproc on Linux systems where calling the setuid()
+ family of syscalls causes the nroc resource limit to be checked.
+ The limits will be reset by pam_limits.so when PAM is used. In
+ the non-PAM case the nproc limit will remain unlimited but there
+ doesn't seem to be a way around that other than having sudo parse
+ /etc/security/limits.conf directly.
+
+2008-01-27 16:31 millert
+
+ * env.c, sudo.c, sudo.pod: Only read /etc/environment on Linux and
+ AIX
+
+2008-01-23 06:33 millert
+
+ * configure, configure.in: Use SUDO_DEFINE_UNQUOTED instead of
+ AC_DEFINE_UNQUOTED to prevent ldap.conf and ldap.secret paths
+ from going into config.h. Avoid single quotes in variable
+ expansion when using SUDO_DEFINE_UNQUOTED since in some versions
+ of bash they will end up literally in the resulting define.
+
+2008-01-21 13:22 millert
+
+ * README.LDAP: mention --with-nsswitch=no
+
+2008-01-21 11:43 millert
+
+ * configure, configure.in: ldap_ssl.h depends on ldap.h being
+ included first
+
+2008-01-21 11:07 millert
+
+ * configure, configure.in, ldap.c, config.h.in: Include ldap_ssl.h
+ if we can find it. Needed for the ldapssl_set_strength defines
+ on HP-UX at least.
+
+2008-01-21 10:02 millert
+
+ * TODO, sudoers.ldap.pod: sync
+
+2008-01-21 10:01 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
+ sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
+ regen
+
+2008-01-21 10:00 millert
+
+ * Makefile.in: Use 78n line length when formatting cat pages.
+
+2008-01-21 09:50 millert
+
+ * README.LDAP: Remove redundant info that is now in
+ sudoers.ldap.pod
+
+2008-01-20 16:18 millert
+
+ * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
+ Reorganize the first section a bit. Substitute the proper path
+ for /etc/sudoers.
+
+2008-01-20 10:17 millert
+
+ * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
+ Substitute values for ldap.conf, ldap.secret and nsswitch.conf
+ Move schema into EXAMPLES
+
+2008-01-20 10:15 millert
+
+ * configure.in, configure: Substitute values for ldap.conf,
+ ldap.secret and nsswitch.conf into sudoers.ldap.man.
+
+2008-01-19 20:35 millert
+
+ * configure, configure.in: substitute for sudoers.ldap.man
+
+2008-01-19 20:34 millert
+
+ * Makefile.in: Fix cut & pasto introduced when adding sudoers.ldap
+ man page.
+
+2008-01-19 20:25 millert
+
+ * sudoers.ldap.pod, sudoers.ldap.cat, sudoers.ldap.man.in: Fill in
+ some of the missing pieces. Still needs some reorganization and
+ editing.
+
+2008-01-19 15:06 millert
+
+ * Makefile.in, sudoers.ldap.cat, sudoers.ldap.man.in,
+ sudoers.ldap.pod: Beginnings of a sudoers.ldap man page.
+ Currently, much of the information is adapted from README.LDAP.
+
+2008-01-18 17:32 millert
+
+ * pwutil.c: When copying gr_mem we must guarantee that the storage
+ space for gr_mem is properly aligned. The simplest way to do
+ this is to simply store gr_mem directly after struct group. This
+ is not a problem for gr_passwd or gr_name as they are simple
+ strings.
+
+2008-01-18 16:47 millert
+
+ * ldap.c: Fix a typo/thinko in one of the calls to
+ sudo_ldap_check_user_netgroup(). From Marco van Wieringen.
+
+2008-01-17 15:44 millert
+
+ * config.h.in, configure, configure.in, ldap.c: include
+ <mps/ldap_ssl.h> in ldap.c if available
+
+2008-01-16 18:20 millert
+
+ * gram.c, gram.y: Make sure we define SIZE_MAX for yacc's
+ skeleton.c
+
+2008-01-16 13:03 millert
+
+ * tgetpass.c: Use TCSAFLUSH when restoring terminal settings (and
+ echo) to guarantee that any pending output is discarded
+
+2008-01-15 17:18 millert
+
+ * sudoers: no longer need to specify SETENV when user has sudo ALL
+
+2008-01-15 09:40 millert
+
+ * testsudoers.c: sync user_args size calculation with sudo.c Add -g
+ group option, renaming old -g to -G Add set_runasgr() and
+ set_runaspw() and use them
+
+2008-01-15 09:23 millert
+
+ * sudo.h, sudo.c: Make set_runaspw static void
+
+2008-01-15 09:17 millert
+
+ * testsudoers.c, visudo.c: g/c set_runaspw stub
+
+2008-01-15 07:28 millert
+
+ * configure, configure.in: Don't add -llber twice.
+
+2008-01-14 06:40 millert
+
+ * ldap.c: fix typo
+
+2008-01-13 15:39 millert
+
+ * gram.c: regen
+
+2008-01-13 14:57 millert
+
+ * configure, configure.in: Fix check that determines whether -llber
+ is required.
+
+2008-01-13 14:22 millert
+
+ * config.h.in, configure, configure.in, README.LDAP, ldap.c: For
+ netscape-based LDAP, use ldapssl_set_strength() to implement the
+ checkpeer ldap.conf option.
+
+2008-01-13 09:49 millert
+
+ * auth/kerb5.c: Delay krb5_cc_initialize() until we actually need
+ to use the cred cache, which is what krb5_verify_user() does.
+ Better cleanup on failure.
+
+2008-01-12 12:40 millert
+
+ * auth/kerb5.c: Rewrite verify_krb_v5_tgt() based on what heimdal's
+ krb5_verify_user() does.
+
+2008-01-09 14:58 millert
+
+ * gram.c: The U suffix on constants is an ANSI feature
+
+2008-01-09 12:08 millert
+
+ * configure.in, configure: Add check for ber_set_option() in -llber
+
+2008-01-06 19:02 millert
+
+ * README.LDAP: default if no nsswitch.conf is files only
+
+2008-01-06 17:28 millert
+
+ * README.LDAP: don't tell people to mail aaron about LDAP stuff
+
+2008-01-06 12:32 millert
+
+ * README.LDAP: timelimit and bind_timelimit
+
+2008-01-06 08:54 millert
+
+ * ChangeLog: sync
+
+2008-01-06 07:56 millert
+
+ * ldap.c: Move ldap.secret reading into a separate function.
+
+2008-01-05 19:09 millert
+
+ * check.c: user_runas -> runas_pw
+
+2008-01-05 18:59 millert
+
+ * TODO: sync
+
+2008-01-05 18:59 millert
+
+ * check.c, sudo.pod, sudoers.pod: Add and document the %p escape in
+ the password prompt. Based on a patch from Patrick Schoenfeld.
+
+2008-01-05 18:25 millert
+
+ * ldap.c: Check strlcpy() return values.
+
+2008-01-05 18:12 millert
+
+ * ldap.c: refactor ldap binding code into sudo_ldap_bind_s()
+
+2008-01-05 16:35 millert
+
+ * README.LDAP: Make it clear that host and uri can take multiple
+ parameters. URI is now supported for more than just openldap
+ nsswitch.conf does't accept "compat"
+
+2008-01-05 16:27 millert
+
+ * sudo.c: comment cleanup and update (c) year
+
+2008-01-05 16:25 millert
+
+ * parse.c, sudo_nss.c: Move display_privs() and display_cmnd() from
+ parse.c to sudo_nss.c. This should make it possible to build an
+ LDAP-only sudo binary.
+
+2008-01-05 13:27 millert
+
+ * ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.h: Improve chaining of
+ multiple sudoers sources by passing in the previous return value
+ to the next in the chain
+
+2008-01-05 13:26 millert
+
+ * gram.y: Free up parser data structures in sudo_file_close().
+
+2008-01-05 08:13 millert
+
+ * gram.c, parse.c: Free up parser data structures in
+ sudo_file_close().
+
+2008-01-05 07:59 millert
+
+ * ldap.c: Parse uri ourself if no ldap_initialize() is present Use
+ ldap_create() instead of deprecated ldap_init() Use
+ ldap_sasl_bind_s() instead of deprecated ldap_simple_bind_s()
+
+2008-01-05 07:56 millert
+
+ * config.h.in, configure, configure.in: Add check for
+ ldap_sasl_bind_s() Remove -DLDAP_DEPRECATED from CFLAGS
+
+2008-01-04 09:56 millert
+
+ * configure.in, configure, config.h.in: add check for ldap_create
+
+2008-01-03 16:11 millert
+
+ * config.h.in, configure, configure.in, ldap.c: Add
+ sudo_ldap_get_first_rdn() to return the first rdn of an entry's
+ dn using the mechanism appropriate for the LDAP SDK in use. Use
+ ldap_unbind_ext_s() instead of deprecated ldap_unbind_s().
+ Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's
+ without them.
+
+2008-01-03 16:02 millert
+
+ * lbuf.c: include unistd.h
+
+2008-01-03 11:05 millert
+
+ * config.h.in, configure.in: fix typo in mtim_getnsec
+
+2008-01-02 15:29 millert
+
+ * config.h.in, configure.in, configure: add check for st__tim in
+ struct stat as used by SCO
+
+2008-01-02 11:05 millert
+
+ * ldap.c: use ldap_search_ext_s instead of deprecated ldap_search_s
+
+2008-01-02 10:09 millert
+
+ * Makefile.in, TODO, sudo.cat, sudo.man.in: add sudo_nss.h to HDRS
+
+2008-01-01 19:04 millert
+
+ * ldap.c: Replace deprecated ldap_explode_dn() with calls to
+ ldap_str2dn() and ldap_rdn2str().
+
+2008-01-01 18:37 millert
+
+ * ldap.c: Use ldap_get_values_len()/ldap_value_free_len() instead
+ of the deprecated ldap_get_values()/ldap_value_free().
+
+2008-01-01 17:07 millert
+
+ * TODO, ChangeLog: sync
+
+2008-01-01 17:06 millert
+
+ * gettime.c, sudo.c: Remove some already fixed XXXs
+
+2008-01-01 17:03 millert
+
+ * ldap.c: Same return value as non-existent sudoers if LDAP was
+ unable to connect.
+
+2008-01-01 16:52 millert
+
+ * sudo.pod: mention /etc/environment
+
+2008-01-01 16:42 millert
+
+ * UPGRADE, WHATSNEW, README.LDAP: Update to reflect recent
+ developments.
+
+2008-01-01 16:42 millert
+
+ * sudo.c: Print nsswitch.conf, ldap.conf and ldap.secret paths in
+ -V output.
+
+2008-01-01 16:25 millert
+
+ * ldap.c: When building up a query don't list groups in the aux
+ group vector that are the same as the passwd file group. On most
+ systems the first gid in the group vector is the same as the
+ passwd entry gid.
+
+2008-01-01 14:01 millert
+
+ * env.c, ldap.c: Define LDAPNOINIT before calling ldap_init(), etc.
+ to disable user ldaprc and system defaults that could affect how
+ LDAP works.
+
+2008-01-01 13:21 millert
+
+ * INSTALL, configure, configure.in, pathnames.h.in, sudo.c,
+ sudo_nss.c, sudo_nss.h: Rename read_nss -> sudo_read_nss Add
+ --with-nsswitch to allow users to specify nsswitch.conf path or
+ disable it. If --with-nsswitch=no but --with-ldap, order is
+ LDAP, then sudoers. Fix --with-ldap-conf-file and
+ --with-ldap-secret-file
+
+2008-01-01 13:12 millert
+
+ * parse.c: Honor def_ignore_local_sudoers
+
+2007-12-31 16:44 millert
+
+ * ldap.c: no longer need to check def_ignore_local_sudoers here
+
+2007-12-31 16:36 millert
+
+ * parse.c: Refactor group vector resetting into a function and also
+ call it from display_cmnd. Stop after the first sucessful match
+ in display_cmnd. Print a newline between each display_privs
+ method.
+
+2007-12-31 16:23 millert
+
+ * parse.c: fix double free introduced in rev 1.218
+
+2007-12-31 16:10 millert
+
+ * ldap.c: belt and suspenders; zero out result after freeing it
+
+2007-12-31 15:04 millert
+
+ * env.c, fileops.c, ldap.c, sudo.h, sudo_nss.c: Refactor line
+ reading into a separate function, sudo_parseln(), which removes
+ comments, leading/trailing whitespace and newlines. May want to
+ rethink the use of sudo_parseln() for /etc/ldap.secret
+
+2007-12-31 14:26 millert
+
+ * parse.c, sudo.c: Make the inability to read the sudoers file a
+ non-fatal error if there are other sudoers sources available.
+ sudoers_file_lookup now returns "not OK" if sudoers was not
+ present
+
+2007-12-31 14:24 millert
+
+ * ldap.c: make it clear that the global options are from LDAP
+
+2007-12-31 14:13 millert
+
+ * logging.c: allocate proper amount of space for error string
+
+2007-12-31 10:24 millert
+
+ * sudo_nss.c, sudo_nss.h: actual sudo nss code
+
+2007-12-31 10:08 millert
+
+ * ldap.c, parse.c, sudo.c, sudo.h: nss-ify display_privs and
+ display_cmnd.
+
+2007-12-31 07:54 millert
+
+ * defaults.c, parse.c, testsudoers.c, visudo.c: move
+ update_defaults() to parse.c
+
+2007-12-31 07:39 millert
+
+ * Makefile.in, ldap.c, list.c, parse.c, parse.h, sudo.c, sudo.h:
+ Use nsswitch to hide some sudoers vs. ldap implementation details
+ and reduce the number of #ifdef LDAP TODO: fix display routines
+ and error handling
+
+2007-12-28 11:20 millert
+
+ * Makefile.in, README.LDAP, ldap.c, pathnames.h.in, sudo.c, sudo.h:
+ First cut at nsswitch.conf support. Further reorganizaton and
+ related changes are forthcoming.
+
+2007-12-21 16:53 millert
+
+ * env.c, pathnames.h.in, sudo.c, sudo.h: Add support for reading
+ and /etc/environment file. Still needs to be documented and
+ should probably only applies to OSes that have it (AIX and Linux,
+ maybe others).
+
+2007-12-21 16:20 millert
+
+ * ldap.c: include limits.h
+
+2007-12-20 10:02 millert
+
+ * WHATSNEW: reword LDAP SASL
+
+2007-12-19 16:40 millert
+
+ * TODO: sync
+
+2007-12-19 16:39 millert
+
+ * README.LDAP: Add an example sudoRole, clarify netscape vs.
+ openldap a bit more
+
+2007-12-19 14:42 millert
+
+ * README.LDAP: Be clear on what is OpenLDAP vs. Netscape-derived
+
+2007-12-19 14:28 millert
+
+ * config.h.in, configure, configure.in, ldap.c: Use ldapssl_init()
+ for ldaps support instead of trying to do it manually with
+ ldap_init() + ldapssl_install_routines(). Use tls_cert and
+ tls_key for cert7.db and key3.db respectively. Don't print
+ debugging info for options that are not set. Add warning if
+ start_tls specified when not supported.
+
+2007-12-19 14:25 millert
+
+ * ldap.c: fix compilation on solaris
+
+2007-12-19 14:23 millert
+
+ * Makefile.in: add missing .h and .c files for missing lib objs
+
+2007-12-18 09:54 millert
+
+ * ldap.c: fix LDAP_OPT_NETWORK_TIMEOUT setting
+
+2007-12-17 20:10 millert
+
+ * ldap.c: fix compilation on Solaris
+
+2007-12-17 10:14 millert
+
+ * configure, configure.in: fix typo
+
+2007-12-17 08:08 millert
+
+ * README.LDAP: try to clear up which variables are for OpenLDAP and
+ which are for netscape-derived SDKs
+
+2007-12-17 07:31 millert
+
+ * config.h.in, configure, configure.in, ldap.c: Add support for
+ "ssl on" in both netscape and openldap flavors. Only the
+ OpenLDAP flavor has been tested.
+
+2007-12-17 07:28 millert
+
+ * logging.c, sudo.c, sudo.h: Call cleanup() before exit in
+ log_error() instead of calling sudo_ldap_close() directly.
+ ldap_conn can now be static to sudo.c
+
+2007-12-16 20:02 millert
+
+ * sudo.c: ld -> ldap_conn
+
+2007-12-16 14:42 millert
+
+ * logging.c, sudo.c, sudo.h: Better ldap cleanup.
+
+2007-12-16 14:08 millert
+
+ * ldap.c: Distinguish between LDAP conf settings that are
+ connection-specific (which take an ld pointer) and those that are
+ default settings (which do not).
+
+2007-12-14 16:46 millert
+
+ * ldap.c: Improved warnings on error.
+
+2007-12-14 15:59 millert
+
+ * ldap.c: Make ldap config table driven and set the config *after*
+ we open the connection.
+
+2007-12-13 16:41 millert
+
+ * ldap.c: fix LDAP_OPT_X_CONNECT_TIMEOUT compat define
+
+2007-12-13 09:13 millert
+
+ * configure, configure.in: some operating systems need to link with
+ -lkrb5support when using krb5
+
+2007-12-10 17:12 millert
+
+ * WHATSNEW: minor update
+
+2007-12-10 10:56 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
+
+2007-12-07 19:17 millert
+
+ * TODO, ChangeLog: sync
+
+2007-12-07 19:09 millert
+
+ * ldap.c, schema.OpenLDAP, schema.iPlanet, sudoers2ldif: add -g
+ support for LDAP
+
+2007-12-03 11:36 millert
+
+ * WHATSNEW, sudo.c, sudo.pod, sudo_usage.h.in: The -i and -s flags
+ can now take an optional command.
+
+2007-12-02 12:13 millert
+
+ * def_data.c, def_data.h, def_data.in, sudo.c, sudo.pod,
+ sudoers.pod, auth/pam.c: Add passprompt_override flag to sudoers
+ that will cause the prompt to be overridden in all cases. This
+ flag is also set when the user specifies the -p flag.
+
+2007-12-01 19:51 millert
+
+ * sudo.c: Move setting of login class until after sudoers has been
+ parsed. Set NewArgv[0] for -i after runas_pw has been set.
+
+2007-12-01 19:34 millert
+
+ * configure, configure.in: Move the dgettext check.
+
+2007-12-01 11:22 millert
+
+ * config.h.in, configure, configure.in, auth/pam.c: Add basic
+ support for looking up the string "Password: " in the PAM
+ localized text db. This allows us to determine whether the PAM
+ prompt is the default "Password: " one even if it has been
+ localized.
+
+ TODO: concatenate non-std PAM prompts and user-specified sudo
+ prompts.
+
+2007-11-27 18:40 millert
+
+ * Makefile.in, config.h.in, configure.in, parse.c, set_perms.c,
+ sudo.c, configure, sudo.h: Use AC_FUNC_GETGROUPS instead of a
+ home-grown attempt that was insufficient.
+
+2007-11-27 12:13 millert
+
+ * configure, acsite.m4, interfaces.c, memrchr.c: Fix typos;
+ Martynas Venckus
+
+2007-11-25 19:26 millert
+
+ * set_perms.c: Don't assume runas_pw is set; it may not be in the
+ -g case.
+
+2007-11-25 08:07 millert
+
+ * logging.c, set_perms.c: Set aux group vector for PERM_RUNAS and
+ restore group vector for PERM_ROOT if we previously changed it.
+ Stash the runas group vector so we don't have to call initgroups
+ more than once. Also add no-op check to check_perms.
+
+2007-11-21 15:11 millert
+
+ * WHATSNEW, check.c, def_data.in, defaults.c, gram.c, gram.h,
+ gram.y, ldap.c, logging.c, match.c, mon_systrace.c, parse.c,
+ parse.h, pwutil.c, set_perms.c, sudo.c, sudo.cat, sudo.h,
+ sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.cat,
+ sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, visudo.c,
+ visudo.cat, visudo.man.in: Add support for runas groups. This
+ allows the user to run a command with a different effective
+ group. If the -g option is specified without -u the command will
+ be run as the current user (only the group will change). the -g
+ and -u options may be used together. TODO: implement runas group
+ for ldap improve runas group documentation add
+ testsudoers support
+
+2007-11-21 15:02 millert
+
+ * configure, configure.in: fix setting of mandir
+
+2007-11-21 14:26 millert
+
+ * sudo.pod, sudoers.pod: document that ALL implies SETENV
+
+2007-11-21 13:50 millert
+
+ * ldap.c: s/setenv_ok/setenv_implied/g
+
+2007-11-21 13:44 millert
+
+ * ldap.c: hostname_matches() returns TRUE on match in sudo 1.7.
+
+2007-11-21 13:26 millert
+
+ * ldap.c: use strcmp, not strcasecmp when comparing ALL
+
+2007-11-21 11:41 millert
+
+ * ldap.c: Make sudo ALL imply setenv. Note that unlike with
+ file-based sudoers this does affect all the commands in the
+ sudoRole.
+
+2007-11-21 11:05 millert
+
+ * gram.c, gram.y, parse.c, parse.h: sudo "ALL" now implies the
+ SETENV tag but, unlike an explicit tag, it is not passed on to
+ other commands in the list.
+
+2007-11-21 11:02 millert
+
+ * visudo.c: Add missing sudo_setpwent() and sudo_setgrent() calls.
+ Also use sudo_getpwuid() instead of getpwuid().
+
+2007-11-15 11:16 millert
+
+ * sudoers: Expand on the dangers of not using visudo to edit
+ sudoers.
+
+2007-11-08 07:24 millert
+
+ * parse.c: Don't quote *?[]! on output since the lexer does not
+ strip off the backslash when reading those in.
+
+2007-11-07 13:16 millert
+
+ * glob.c: expand "u_foo" types to "unsigned foo" to avoid
+ compatibility issues.
+
+2007-11-04 08:33 millert
+
+ * logging.c: Refactor log line generation in to new_logline().
+
+2007-10-25 09:23 millert
+
+ * TROUBLESHOOTING: fix typo
+
+2007-10-24 12:41 millert
+
+ * config.h.in, configure, configure.in, interfaces.c, interfaces.h,
+ match.c: Add configure check for struct in6_addr instead of
+ relying on AF_INET6 since some systems define AF_INET6 but do not
+ include IPv6 support.
+
+2007-10-21 09:29 millert
+
+ * configure, configure.in: Fix block to add -lutil for FreeBSD and
+ NetBSD when logincap is in use.
+
+2007-10-19 22:28 millert
+
+ * configure, configure.in: POSIX states that struct timespec be
+ declared in time.h so check there regardless of the value of
+ TIME_WITH_SYS_TIME.
+
+2007-10-17 11:37 millert
+
+ * tgetpass.c: Instead of defining a macro to call the appropriate
+ method for turning on/off echo, just define tc[gs]etattr() and
+ the related defines that use the correct terminal ioctls if
+ needed. Also go back to using TCSAFLUSH instead of TCSADRAIN on
+ all but QNX.
+
+2007-10-08 20:18 millert
+
+ * Makefile.in: g/c @ALLOCA@
+
+2007-10-08 20:07 millert
+
+ * configure: regen
+
+2007-10-08 20:04 millert
+
+ * INSTALL, config.h.in, configure.in, auth/pam.c: Add
+ --disable-pam-session configure option to disable calling
+ pam_{open,close}_session. May work around bugs in some PAM
+ implementations.
+
+2007-10-08 12:00 millert
+
+ * tgetpass.c: quiet gcc warnings
+
+2007-10-08 08:41 millert
+
+ * tgetpass.c: Avoid printing the prompt if we are already
+ backgrounded. E.g. if the user runs "sudo foo &" from the shell.
+ In this case, the call to tcsetattr() will cause SIGTTOU to be
+ delivered.
+
+2007-09-15 16:07 millert
+
+ * def_data.c, def_data.h, def_data.in: Reorder things such that the
+ definition of env_reset come right before the env variable lists.
+
+2007-09-15 07:50 millert
+
+ * parse.h: Shrink type and seqno in struct alias from int to
+ u_short
+
+2007-09-15 07:24 millert
+
+ * alias.c, match.c, parse.c, parse.h: Add a sequence number in the
+ aliases for loop detection. If we find an alias with the seqno
+ already set to the current (global) value we know we've visited
+ it before so ignore it.
+
+2007-09-13 19:05 millert
+
+ * TODO, sudo.c, sudo.h, auth/pam.c: PAM wants the full tty path so
+ add user_ttypath which holds the full path to the tty or is NULL
+ if no tty was present.
+
+2007-09-13 18:42 millert
+
+ * auth/pam.c: Set PAM_RHOST to work around a bug in Solaris 7 and
+ lower that results in a segv.
+
+2007-09-11 15:43 millert
+
+ * gram.c: regen
+
+2007-09-11 15:42 millert
+
+ * alias.c, defaults.c, gram.y, list.c, list.h, match.c, parse.c,
+ parse.h, testsudoers.c, visudo.c: rename lh_ -> tq_
+
+2007-09-10 17:33 millert
+
+ * alloc.c: remove some useless casts
+
+2007-09-10 17:32 millert
+
+ * alloc.c: pull in inttypes.h for SIZE_MAX; we avoid stdint.h since
+ inttypes.h predates the final C99 spec and the standard specifies
+ that it shall include stdint.h anyway
+
+2007-09-06 12:39 millert
+
+ * Makefile.in, alloca.c, configure.in: Since we ship with a
+ pre-generated parser there is no need to ship a bogus alloca
+ implementation.
+
+2007-09-06 12:22 millert
+
+ * configure: regen
+
+2007-09-06 12:19 millert
+
+ * configure.in: remove initial setting of CHECKSIA, we require that
+ it be unset if not used
+
+2007-09-06 11:55 millert
+
+ * Makefile.in: add list.c to SRCS
+
+2007-09-06 07:18 millert
+
+ * configure: regen
+
+2007-09-06 07:17 millert
+
+ * configure.in: only do SIA checks on Digital Unix
+
+2007-09-05 18:50 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2007-09-05 18:48 millert
+
+ * ChangeLog, TODO: sync
+
+2007-09-05 18:39 millert
+
+ * auth/kerb5.c: Remove call to krb5_cc_register() as it is not
+ needed for modern kerb5.
+
+2007-09-05 18:16 millert
+
+ * configure: regen
+
+2007-09-05 18:16 millert
+
+ * configure.in, aclocal.m4: New method for setting the default
+ authentication type and avoiding conflicts in auth types.
+
+2007-09-05 14:45 millert
+
+ * match.c, parse.c, testsudoers.c: Each entry in a cmndlist now has
+ an associated runaslist so no need to keep track of the most
+ recent non-NULL one.
+
+2007-09-04 18:51 millert
+
+ * ldap.c: back out partial ldaps support mistakenly committed
+
+2007-09-04 10:57 millert
+
+ * ldap.c: Add support for unix groups and netgroups in sudoRunas
+
+2007-09-03 16:28 millert
+
+ * sudo_edit.c: Fix sudoedit of a non-existent file. From Tilo
+ Stritzky.
+
+2007-09-02 17:05 millert
+
+ * configure: regen
+
+2007-09-02 17:05 millert
+
+ * INSTALL: update --passprompt escape info
+
+2007-09-02 17:03 millert
+
+ * configure.in: remove now-bogus comment and update copyright date
+
+2007-09-02 16:35 millert
+
+ * configure.in: Fix up use of with_passwd
+
+2007-09-02 16:25 millert
+
+ * acsite.m4, config.guess, config.sub, configure.in, ltmain.sh:
+ Update to autoconf-2.61 andf libtool-1.5.24
+
+2007-09-02 16:17 millert
+
+ * Makefile.in: "cmp -s" not just cmp Add @datarootdir@ to quiet
+ autoconf-2.61
+
+2007-09-01 17:39 millert
+
+ * gram.c: regen
+
+2007-09-01 17:39 millert
+
+ * gram.y: move tags and runaslist propagation to be earlier
+
+2007-09-01 09:34 millert
+
+ * visudo.c: If -f flag given use the permissions of the original
+ file as a template
+
+2007-09-01 08:45 millert
+
+ * gram.y: prevent a double free() when re-initing the parser
+
+2007-08-31 19:30 millert
+
+ * configure: regen
+
+2007-08-31 19:30 millert
+
+ * aclocal.m4, alias.c, alloc.c, config.h.in, configure.in, env.c,
+ ldap.c, list.c, list.h, memrchr.c, parse.c, parse.h, pwutil.c,
+ redblack.c, redblack.h, snprintf.c, sudo.c, sudo.h,
+ testsudoers.c, visudo.c, zero_bytes.c, auth/API, auth/afs.c,
+ auth/bsdauth.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
+ auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h:
+ Remove support for compilers that don't support void *
+
+2007-08-31 19:14 millert
+
+ * gram.c: regen
+
+2007-08-31 19:13 millert
+
+ * Makefile.in, alias.c, defaults.c, gram.y, list.c, list.h,
+ match.c, parse.c, parse.h, testsudoers.c, visudo.c: Move list
+ manipulation macros to list.h and create C versions of the more
+ complex ones in list.c. The names have been down-cased so they
+ appear more like normal functions.
+
+2007-08-31 17:21 millert
+
+ * Makefile.in: Fix cmp command when regenerating parser. Make
+ gram.o the first dependency for all programs so gram.h will be
+ generated before anything that needs it.
+
+2007-08-31 13:56 millert
+
+ * parse.h, gram.y: Convert NEW_DEFAULT anf NEW_MEMBER into static
+ functions.
+
+2007-08-30 21:21 millert
+
+ * match.c, parse.c, testsudoers.c: Use LH_FOREACH_REV when checking
+ permission and short-circuit on the first non-UNSPEC hit we get
+ for the command. This means that instead of cycling through the
+ all the parsed sudoers entries we start at the end and work
+ backwards and quit after the first positive or negative match.
+
+2007-08-30 21:13 millert
+
+ * gram.c: regen
+
+2007-08-30 21:12 millert
+
+ * defaults.c, gram.y, parse.c, parse.h, testsudoers.c, visudo.c:
+ Change list head macros to take a pointer, not a struct.
+
+2007-08-30 20:46 millert
+
+ * gram.c: regen
+
+2007-08-30 20:46 millert
+
+ * gram.y: Propagate the runasspec from one command to the next in a
+ cmndspec.
+
+2007-08-30 16:15 millert
+
+ * match.c: Replace has_meta() with a macro that calls strpbrk().
+
+2007-08-30 16:04 millert
+
+ * gram.c: regen
+
+2007-08-30 13:26 millert
+
+ * alias.c, defaults.c, gram.y, match.c, parse.c, parse.h,
+ testsudoers.c, visudo.c: Use a list head struct when storing the
+ semi-circular lists and convert to tail queues in the process.
+ This will allow us to reverse foreach loops more easily and it
+ makes it clearer which functions expect a list as opposed to a
+ single member.
+
+ Add macros for manipulating lists. Some of these should become
+ functions.
+
+ When freeing up a list, just pop off the last item in the queue
+ instead of going from head to tail. This is simpler since we
+ don't have to stash a pointer to the next member, we always just
+ use the last one in the queue until the queue is empty.
+
+ Rename match functions that take a list to have list in the name.
+ Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
+
+2007-08-30 13:12 millert
+
+ * parse.c: Fix pasto, append "!" not negated (which is an int) for
+ sudo -l output.
+
+2007-08-30 12:45 millert
+
+ * Makefile.in: Remove the dependency of gram .h on gram.y, the .c
+ dependency is enough. Only move y.tab.h to gram.h if it is
+ different; avoids needless rebuilding.
+
+2007-08-27 15:51 millert
+
+ * sudoers.pod: Defaults lines may be associated with lists of
+ users, hosts, commands and runas users, not just single entries.
+
+2007-08-26 17:42 millert
+
+ * Makefile.in: Revert the "cmp" portion of the last diff, it
+ doesn't make sense.
+
+2007-08-26 17:10 millert
+
+ * Makefile.in: Remove *.lo for clean: When generating the parser,
+ only move the generated files into place if they differ from the
+ existing ones.
+
+2007-08-24 22:47 millert
+
+ * toke.c, toke.l: Replace IPV6 regexp with a much simpler
+ (readable) one and add an extra check when it matches to make
+ sure we have a valid address.
+
+2007-08-24 22:36 millert
+
+ * match.c: Fix thinko introduced when merging IPV6 support.
+
+2007-08-24 14:23 millert
+
+ * HISTORY, LICENSE: regen
+
+2007-08-24 14:23 millert
+
+ * license.pod: add 2007
+
+2007-08-24 14:19 millert
+
+ * UPGRADE: mention #uid vs. comment pitfall
+
+2007-08-24 09:50 millert
+
+ * acsite.m4: Merge in a patch from the libtool cvs that fixes a
+ problem with the latest autoconf. From Stepan Kasal.
+
+2007-08-23 20:28 millert
+
+ * parse.h: Back out he XOR swap trick, it is slower than a temp
+ variable on modern CPUs.
+
+2007-08-23 20:14 millert
+
+ * gram.c: regen
+
+2007-08-23 20:14 millert
+
+ * gram.y, parse.h: Convert the tail queue to a semi-circle queue
+ and use the XOR swap trick to swap the prev pointers during
+ append.
+
+2007-08-23 15:31 millert
+
+ * parse.h: remove useless statement
+
+2007-08-23 07:47 millert
+
+ * toke.c, toke.l: Refactor #include parsing into a separate
+ function and return unparsed chars (such as newline or comment)
+ back to the lexer.
+
+2007-08-22 18:56 millert
+
+ * WHATSNEW: mention better uid support
+
+2007-08-22 18:55 millert
+
+ * sudoers.pod: Users may now consist of a uid.
+
+2007-08-22 18:39 millert
+
+ * gram.c, gram.h, toke.c: regen
+
+2007-08-22 18:32 millert
+
+ * parse.c: Use lbuf_append_quoted() for sudo -l output to quote
+ characters that would require quoting in sudoers.
+
+2007-08-22 18:31 millert
+
+ * lbuf.c, lbuf.h: Add lbuf_append_quoted() which takes a set of
+ characters which should be quoted with a backslash when
+ displayed.
+
+2007-08-22 18:28 millert
+
+ * toke.l: Require that the first character after a comment not be a
+ digit or a dash. This allows us to remove the GOTRUNAS state and
+ treat uid/gids similar to other words. It also means that we can
+ now specify uids in User_Lists and a User_Spec may now contain a
+ uid.
+
+2007-08-22 18:23 millert
+
+ * gram.y, toke.l: Replace RUNAS token with '(' and ')' tokens to
+ make the runas portion of the grammar more natural.
+
+2007-08-22 06:35 millert
+
+ * Makefile.in, README, BUGS: The BUGS file is history
+
+2007-08-21 09:19 millert
+
+ * toke.c, toke.l: Allow comments after a RunasAlias as long as the
+ character after the pound sign isn't a digit or a dash.
+
+2007-08-20 20:43 millert
+
+ * WHATSNEW: Glob support was back-ported to 1.6.9
+
+2007-08-20 19:59 millert
+
+ * Makefile.in: remove sudo_usage.h in distclean
+
+2007-08-20 19:24 millert
+
+ * parse.c: If a Defaults value contains a blank, double-quote the
+ string.
+
+2007-08-20 19:19 millert
+
+ * toke.c, toke.l: Properly deal with Defaults double-quoted strings
+ that span multiple lines using the line continuation char.
+ Previously, the entire thing, including the continuation char,
+ newline, and spaces was stored as-is.
+
+2007-08-20 10:46 millert
+
+ * sudo.c: Be consistent when using single quotes and backticks.
+
+2007-08-19 16:48 millert
+
+ * Makefile.in, configure, configure.in, lbuf.c, lbuf.h, parse.c,
+ sudo.c, sudo_usage.h.in: Add new linebuf code to do appends of
+ dynamically allocated strings and word-wrapped output. Currently
+ used for sudo's usage() and sudo -l output. Sudo usage strings
+ are now in sudo_usage.h which is generated at configure time.
+
+2007-08-18 08:22 millert
+
+ * sudo.h, parse.c, sudo.c: Fix line wrapping in usage() and use the
+ actual tty width instead of assuming 80.
+
+2007-08-17 18:32 millert
+
+ * history.pod: some more info
+
+2007-08-17 17:28 millert
+
+ * history.pod: Mentioned Chris Jepeway's parser and also the new
+ one that is in sudo 1.7.
+
+2007-08-16 09:38 millert
+
+ * sudo.pod, visudo.pod: For the options list, add flag args where
+ appropriate and increase the indent level so there is room for
+ them.
+
+2007-08-15 13:49 millert
+
+ * parse.c: Fix some spacing in "sudo -l" and add a comment about
+ some bogosity in the line wrapping.
+
+2007-08-15 11:21 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in,
+ visudo.man.in, visudo.cat: regen
+
+2007-08-15 11:20 millert
+
+ * INSTALL, Makefile.in, WHATSNEW, config.h.in, configure.in,
+ def_data.c, def_data.h, def_data.in, gram.c, gram.h, gram.y,
+ parse.c, parse.h, pathnames.h.in, sudo.c, sudo.h, sudoers.pod,
+ testsudoers.c, toke.c, toke.l: Remove monitor support until there
+ is a versino of systrace that uses a lookaside buffer (or we have
+ a better mechanism to use).
+
+2007-08-15 09:22 millert
+
+ * configure.in, configure, config.h.in, sudo.c: use getaddrinfo()
+ instead of gethostbyname() if it is available
+
+2007-08-14 15:27 millert
+
+ * parse.c, sudo.c: Deal with OSes where sizeof(gid_t) <
+ sizeof(int).
+
+2007-08-14 11:19 millert
+
+ * interfaces.c: repair non-getifaddrs() code after ipv6 integration
+
+2007-08-14 10:04 millert
+
+ * sudo.c: If we can open sudoers but fail to read the first byte,
+ close the file stream before trying again.
+
+2007-08-13 12:34 millert
+
+ * gram.c, toke.c: regen
+
+2007-08-13 12:29 millert
+
+ * gram.y, interfaces.c, interfaces.h, match.c, sudoers.pod, toke.l:
+ Add IPv6 support; adapted from patches by YOSHIFUJI Hideaki
+
+2007-08-13 12:23 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Add some missing markup Update
+ copyright
+
+2007-08-12 18:55 millert
+
+ * configure, configure.in: fix sudo_noexec extension which got
+ broken in the libtool update
+
+2007-08-10 10:41 millert
+
+ * Makefile.in: explicitly specify -Tascii to nroff
+
+2007-08-08 16:07 millert
+
+ * logging.c: remove an ANSI-ism that crept in
+
+2007-08-06 20:37 millert
+
+ * sudo.pod: Adjust list indents Prevent -- from being turned into
+ an em dash Use a list for the environment instead of a literal
+ paragraph
+
+2007-08-06 20:36 millert
+
+ * visudo.pod: Use a list for the environment instead of an indented
+ literal paragraph.
+
+2007-08-06 20:33 millert
+
+ * sudoers.pod: Adjust list indentation
+
+2007-08-06 20:31 millert
+
+ * license.pod: add =head3
+
+2007-08-06 10:24 millert
+
+ * sudo.pod: mention that when specifying a uid for the -u option
+ the shell may require that the # be escaped
+
+2007-08-01 22:08 millert
+
+ * match.c: Fix off by one in group matching.
+
+2007-07-31 14:04 millert
+
+ * env.c: Fix typo: PYTHONINSPEC should be PYTHONINSPECT. From
+ David Krause.
+
+2007-07-30 10:45 millert
+
+ * configure, configure.in: Add missing define of
+ HAVE_GSS_KRB5_CCACHE_NAME for the -lgssapi_krb5 case.
+
+2007-07-30 09:29 millert
+
+ * aclocal.m4, configure.in, configure: Fix link tests such that new
+ gcc doesn't optimize away the test.
+
+2007-07-29 19:21 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: add missing over/back
+
+2007-07-29 19:09 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Change FILES section to use
+ =item
+
+2007-07-29 18:32 millert
+
+ * env.c: Add back allocation of the env struct in rebuild_env but
+ save a copy of the old pointer and free it before returning.
+
+2007-07-29 16:09 millert
+
+ * env.c: Don't init the private environment in rebuild_env() since
+ it may have already been done implicitly
+ sudo_setenv/sudo_unsetenv.
+
+ Multiply length by sizeof(char *) in memcpy/memmove when copying
+ the environment so we copy the full thing.
+
+ Add missing set of parens so we deref the right pointer in
+ sudo_unsetenv when searching for a matching variable.
+
+2007-07-26 16:35 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Use file markup for paths in
+ the FILES section
+
+2007-07-26 10:04 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Don't capitalize sudo/visudo
+
+2007-07-26 07:28 millert
+
+ * sudoers.pod: Sort sudoers options; based on a diff from Igor
+ Sobrado.
+
+2007-07-25 16:19 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Use 8 and 5 instead of
+ @mansectsu@ and @mansectform@ since the latter confuses pod2man.
+ The Makefile rules for the .man.in file will add @mansectsu@ and
+ @mansectform@ back in after pod2man is done anyway.
+
+2007-07-22 19:09 millert
+
+ * LICENSE, Makefile.in, license.pod: Move license info to pod
+ format
+
+2007-07-22 18:43 millert
+
+ * configure, configure.in, sudoers.pod: Substitute value of
+ path_info into sudoers man page.
+
+2007-07-22 16:40 millert
+
+ * WHATSNEW: remove features that were back-ported to 1.6.9
+
+2007-07-22 15:20 millert
+
+ * sudo.c, sudo.pod, visudo.c, visudo.pod: Sort SYNOPSIS and sync
+ usage. From Igor Sobrado.
+
+2007-07-22 15:19 millert
+
+ * env.c: Only need sudo_setenv/sudo_unsetenv if we are going to use
+ ldap_sasl_interactive_bind_s() but don't have
+ gss_krb5_ccache_name().
+
+2007-07-22 08:23 millert
+
+ * ChangeLog: rebuild without branch info
+
+2007-07-22 08:23 millert
+
+ * Makefile.in: Add ChangeLog target
+
+2007-07-22 08:14 millert
+
+ * auth/pam.c: Run cleanup code if the user hits ^C at the password
+ prompt.
+
+2007-07-22 08:13 millert
+
+ * auth/pam.c: Some versions of pam_lastlog have a bug that will
+ cause a crash if PAM_TTY is not set so if there is no tty, set
+ PAM_TTY to the empty string.
+
+2007-07-20 09:32 millert
+
+ * Makefile.in: ChageLog not Changelog
+
+2007-07-20 09:31 millert
+
+ * ChangeLog: sync
+
+2007-07-20 09:29 millert
+
+ * Makefile.in: CHANGE -> Changelog
+
+2007-07-19 20:23 millert
+
+ * TODO: sync
+
+2007-07-19 19:53 millert
+
+ * config.h.in, configure.in, configure, ldap.c: Add configure hooks
+ for gss_krb5_ccache_name() and the gssapi headers.
+
+2007-07-18 12:57 millert
+
+ * env.c, sudo.c: rebuild_env() and insert_env_vars() no longer
+ return environment pointer, they set environ directly.
+
+ No longer need to pass around an envp pointer since we just
+ operate on environ now.
+
+ Add dosync argument to insert_env() that indicates whether it
+ should reset environ when realloc()ing env.envp.
+
+ Use an initial size of 128 for the environment.
+
+2007-07-18 12:41 millert
+
+ * env.c: Split sudo_setenv() into an external version and a version
+ only for use by rebuild_env().
+
+2007-07-16 19:40 millert
+
+ * ldap.c: Add support for using gss_krb5_ccache_name() instead of
+ setting KRB5CCNAME. Also use sudo_unsetenv() in the
+ non-gss_krb5_ccache_name() case if there was no KRB5CCNAME in the
+ original environment. TODO: configure setup for
+ gss_krb5_ccache_name()
+
+2007-07-16 18:44 millert
+
+ * README.LDAP: add krb5_ccname
+
+2007-07-16 18:44 millert
+
+ * README.LDAP, ldap.c: Add support for sasl_secprops in ldap.conf
+
+2007-07-16 18:39 millert
+
+ * env.c, sudo.h: Add sudo_unsetenv() and refactor private env
+ syncing code into sync_env().
+
+2007-07-16 07:27 millert
+
+ * README.LDAP, ldap.c: The ldap.conf variable is sasl_auth_id not
+ sasl_authid.
+
+2007-07-15 15:44 millert
+
+ * ldap.c, sudo.c, sudo.h: Add support for krb5_ccname in ldap.conf.
+ If specified, it will override the default value of KRB5CCNAME
+ in the environment for the duration of the call to
+ ldap_sasl_interactive_bind_s().
+
+2007-07-15 15:41 millert
+
+ * env.c, sudo.h: Remove format_env() Add sudo_setenv() to replace
+ most format_env() + insert_env() combinations. insert_env() no
+ longer takes a struct environment *
+
+2007-07-15 12:47 millert
+
+ * ldap.c: Fix use_sasl vs. rootuse_sasl logic.
+
+2007-07-15 09:23 millert
+
+ * README.LDAP, config.h.in, configure, configure.in, ldap.c: Add
+ support for SASL auth when connecting to an LDAP server. Adapted
+ from a diff by Tom McLaughlin.
+
+2007-07-14 16:32 millert
+
+ * configure, configure.in: Only enable AIX or BSD auth if no other
+ exclusive auth method has been chosen. Allows people to e.g.,
+ use PAM on AIX without adding --without-aixauth. A better
+ solution is needed to deal with default authentication since if a
+ non-exclusive method is chosen we will still get an error.
+
+2007-07-11 11:23 millert
+
+ * HISTORY, Makefile.in, history.pod: Generate HISTORY from
+ history.pod (which is also used for web pages)
+
+2007-07-09 19:40 millert
+
+ * sudo.man.in, sudoers.man.in: regen
+
+2007-07-09 19:25 millert
+
+ * sudo.pod: Better explanation of environment handling in the sudo
+ man page.
+
+2007-07-09 15:13 millert
+
+ * env.c, sudo.c: Defer setting user-specified env vars until after
+ authentication.
+
+2007-07-09 13:25 millert
+
+ * env.c: honor def_default_path for PATH set on the command line
+
+2007-07-09 13:22 millert
+
+ * sudo.c, env.c, sudo.pod, sudoers.pod: Allow user to set
+ environment variables on the command line as long as they are
+ allowed by env_keep and env_check. Ie: apply the same
+ restrictions as normal environment variables. TODO: deal with
+ secure_path
+
+2007-07-08 14:44 millert
+
+ * sudo.c, sudo_edit.c: Call rebuild_env() in call cases. Pass
+ original envp to sudo_edit(). Don't allow -E or env var setting
+ in sudoedit mode. More accurate usage() when called as sudoedit.
+
+2007-07-08 14:41 millert
+
+ * ldap.c: warn -> warning
+
+2007-07-08 14:11 millert
+
+ * sudo.pod: add -c option to sudoedit synopsis
+
+2007-07-08 10:27 millert
+
+ * TODO: udpate to reality
+
+2007-07-08 09:43 millert
+
+ * parse.c: Use ALLOW/DENY instead of TRUE/FALSE when dealing with
+ the return value from {user,host,runas,cmnd}_matches(). Rename
+ *matches variables -> *match. Purely cosmetic.
+
+2007-07-08 09:30 millert
+
+ * parse.c: Move setting of FLAG_NO_CHECK into the if(pwflag) block.
+ No change in behavior.
+
+2007-07-08 09:17 millert
+
+ * sudoers: add SETENV tag
+
+2007-07-06 15:51 millert
+
+ * parse.c: Make pwcheck local to the pwflag block. Use pwcheck
+ even if user didn't match since Defaults options may still apply.
+
+2007-07-06 14:51 millert
+
+ * check.c, sudo.c: Do not update timestamp if user not validated by
+ sudoers.
+
+2007-07-06 10:14 millert
+
+ * set_perms.c: for PERM_RUNAS, set the egid to the runas user's gid
+ and restore to the user's original in PERM_ROOT
+
+2007-07-06 10:04 millert
+
+ * logging.c, mon_systrace.c, set_perms.c, sudo.h: PERM_FULL_ROOT is
+ now no different than PERM_ROOT so remove PERM_FULL_ROOT
+
+2007-07-06 09:49 millert
+
+ * check.c: don't check timestamp mtime if we are just going to
+ remove it
+
+2007-07-06 09:33 millert
+
+ * sudoers.pod: Move sudoers defaults parameters into their own
+ section.
+
+2007-07-05 20:21 millert
+
+ * testsudoers.c: Reduce a level of indent by a few placed continue
+ statements.
+
+2007-07-05 20:20 millert
+
+ * parse.c: Make matching but negated commands/hosts/runas entries
+ override a previous match as expected. Also reduce some levels
+ of indent by a few placed continue statements.
+
+2007-07-05 16:34 millert
+
+ * parse.c: Print default runas in "sudo -l" if sudoers don't
+ specify one.
+
+2007-07-05 15:46 millert
+
+ * match.c: Less hacky way of testing whether the domain was set.
+
+2007-07-04 15:50 millert
+
+ * INSTALL: Mention pam-devel and openldap-devel for Linux
+
+2007-07-03 19:38 millert
+
+ * README.LDAP: or vs. are
+
+2007-07-01 16:55 millert
+
+ * sudo.c: fix typo in Solaris project support
+
+2007-07-01 09:40 millert
+
+ * HISTORY: update
+
+2007-07-01 09:07 millert
+
+ * sudo.c: Make -- on the command line match the manual page. The
+ implied shell case has been simplified as a result.
+
+2007-06-28 10:44 millert
+
+ * sudoers2ldif: add simplistic support for sudoRunas; note that if
+ a sudoers entry contains multiple Runas users, all will apply to
+ the sudoRole
+
+2007-06-28 10:42 millert
+
+ * sudoers2ldif: honor SETENV and NOSETENV tags
+
+2007-06-24 09:25 millert
+
+ * mon_systrace.c: Redo setting of user_args. We now build up a
+ private copy of argv first and then replace the NULs with spaces.
+
+2007-06-24 09:19 millert
+
+ * mon_systrace.c: getcwd() returns NULL on failure, not 0 on
+ success
+
+2007-06-24 07:39 millert
+
+ * mon_systrace.c: allow chunksiz to reach 1 before erroring out
+
+2007-06-23 20:00 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in: regen
+
+2007-06-23 19:58 millert
+
+ * def_data.c, def_data.h, def_data.in, env.c, gram.c, gram.h,
+ gram.y, logging.c, parse.c, parse.h, sudo.c, sudo.h, sudo.pod,
+ sudoers.pod, toke.c, toke.l: Add support for setting environment
+ variables on the command line. This is only allowed if the
+ setenv sudoers options is enabled or if the command is prefixed
+ with the SETENV tag.
+
+2007-06-23 19:57 millert
+
+ * README.LDAP: replace Aaron's email address with the sudo-workers
+ list
+
+2007-06-23 19:55 millert
+
+ * configure: regen
+
+2007-06-21 20:35 millert
+
+ * Makefile.in, README.LDAP, schema.OpenLDAP, schema.iPlanet: Break
+ schema out into separate files.
+
+2007-06-21 18:28 millert
+
+ * auth/aix_auth.c: free message if set by authenticate()
+
+2007-06-21 13:03 millert
+
+ * match.c: deal with NULL gr_mem
+
+2007-06-20 15:04 millert
+
+ * config.h.in: regen
+
+2007-06-20 15:04 millert
+
+ * configure.in: add template for HAVE_PROJECT_H
+
+2007-06-20 07:06 millert
+
+ * closefrom.c: include fcntl.h
+
+2007-06-19 19:37 millert
+
+ * INSTALL: mention --with-project
+
+2007-06-19 18:24 millert
+
+ * config.h.in, configure.in, sudo.c: Add Solaris 10 "project"
+ support. From Michael Brantley.
+
+2007-06-19 17:27 millert
+
+ * sudoers.pod: fix typo
+
+2007-06-19 17:22 millert
+
+ * configure: regen
+
+2007-06-19 17:21 millert
+
+ * configure.in: Fix preservation of LDFLAGS in the LDAP case.
+
+2007-06-19 17:00 millert
+
+ * memrchr.c: Remove dependecy on NULL
+
+2007-06-19 15:37 millert
+
+ * configure: regen
+
+2007-06-19 15:37 millert
+
+ * aclocal.m4, configure.in: Can't use the regular autoconf
+ fnmatch() check since we need FNM_CASEFOLD so go back to our
+ custom one.
+
+2007-06-19 12:52 millert
+
+ * env.c: Fix preserving of variables in env_keep.
+
+2007-06-19 07:10 millert
+
+ * env.c: add XAUTHORIZATION
+
+2007-06-18 20:41 millert
+
+ * UPGRADE: expand upon env resetting and mention that it began in
+ 1.6.9 not 1.7.
+
+2007-06-18 20:33 millert
+
+ * sudoers.pod: Update descriptions of env_keep and env_check to
+ match current reality.
+
+2007-06-18 17:33 millert
+
+ * env.c: Add LINGUAS to initial_checkenv_table. Add COLORS,
+ HOSTNAME, LS_COLORS, MAIL, PS1, PS2, XAUTHORITY to
+ intial_keepenv_table.
+
+2007-06-18 17:23 millert
+
+ * env.c, logging.c: Treat USERNAME environemnt variable like
+ LOGNAME/USER
+
+2007-06-18 17:21 millert
+
+ * env.c: Don't need to populate keepenv table with the contents of
+ the checkenv table.
+
+2007-06-18 08:57 millert
+
+ * sudo.c: Don't force sudo into the C locale.
+
+2007-06-18 08:56 millert
+
+ * env.c: Make env_check apply when env_reset it true. Environment
+ variables are passed through unless they contain '/' or '%'.
+ There is no need to have a variable in both env_check and
+ env_keep.
+
+2007-06-16 07:31 millert
+
+ * visudo.c: Remove an duplicate lock_file() call and add a comment.
+
+2007-06-15 21:16 millert
+
+ * UPGRADE: Add sudo 1.6.9 upgrade note.
+
+2007-06-14 12:23 millert
+
+ * interfaces.c: Solaris will return EINVAL if the buffer used in
+ SIOCGIFCONF is too small. From Klaus Wagner.
+
+2007-06-14 12:03 millert
+
+ * Makefile.in, config.h.in, configure, configure.in, memrchr.c,
+ logging.c, sudo.h: Redo the long syslog line splitting based on a
+ patch from Eygene Ryabinkin. Include memrchr() for systems
+ without it.
+
+2007-06-14 07:09 millert
+
+ * configure.in: Since we need to be able to convert timespec to
+ timeval for utimes() the last 3 digits in the tv_nsec are not
+ significant. This makes the sudoedit file date comparison work
+ again.
+
+2007-06-13 13:41 millert
+
+ * aclocal.m4, configure, configure.in: Add SUDO_ADD_AUTH macro to
+ deal with adding things to AUTH_OBJS. This deals with exclusive
+ authentication methods in a simple way.
+
+2007-06-12 13:08 millert
+
+ * LICENSE: mkstemp.c is BSD code too.
+
+2007-06-12 09:21 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: No commercial support for now.
+
+2007-06-11 18:27 millert
+
+ * sudo.c: cleanenv() is no more.
+
+2007-06-10 18:37 millert
+
+ * ChangeLog: Display branch info in Changelog
+
+2007-06-10 18:18 millert
+
+ * utimes.c: Include config.h early so we have it for
+ TIME_WITH_SYS_TIME
+
+2007-06-10 18:00 millert
+
+ * ChangeLog: Fix Changelog generation and update.
+
+2007-06-09 07:26 millert
+
+ * closefrom.c: Use /proc/self/fd instead of /proc/$$/fd
+
+ Move old-style fd closing into closefrom_fallback() and call that
+ if /proc/self/fd doesn't exist or the F_CLOSEM fcntl() fails
+
+2007-06-09 07:24 millert
+
+ * config.h.in, configure.in, auth/kerb5.c: o use
+ krb5_verify_user() if available instead of doing it by hand
+ o use krb5_init_secure_context() if we have it
+ o pass an encryption type of 0 to krb5_kt_read_service_key()
+ instead of
+ ENCTYPE_DES_CBC_MD5 to let kerberos choose.
+
+2007-06-09 07:20 millert
+
+ * env.c: Check TERM and COLORTERM for '%' and '/' characters. From
+ Debian.
+
+2007-06-09 07:17 millert
+
+ * configure.in: Fix closefrom() substitution in the Makefile
+
+2007-06-09 07:15 millert
+
+ * TROUBLESHOOTING: Mention alternate sudo pronunciation.
+
+2007-06-07 07:52 millert
+
+ * env.c: Remove KRB5_KTNAME from environment. Allow COLORTERM.
+
+2007-06-07 07:22 millert
+
+ * auth/kerb5.c: If we cannot get a valid service key using the
+ default keytab it is a fatal error. Fixes a bug where sudo could
+ be tricked into allowing access when it should not by a fake KDC.
+ From Thor Lancelot Simon.
+
+2007-05-12 08:56 millert
+
+ * aclocal.m4, configure, configure.in: Update long long checks to
+ use AC_CHECK_TYPES and to cache values.
+
+2007-05-12 08:07 millert
+
+ * aclocal.m4, configure.in: Use AC_FUNC_FNMATCH instead of a
+ homebrew fnmatch checker. We can't use AC_REPLACE_FNMATCH since
+ that assumes replacing with GNU fnmatch.
+
+2007-05-11 17:05 millert
+
+ * configure, configure.in: Add closefrom() to LIB_OBJS not
+ SUDO_OBJS if it is missing since we need it for visudo now too.
+
+2007-04-24 14:44 millert
+
+ * sudoers.pod: Attempt to clarify the bit talking about network
+ numbers w/o netmasks.
+
+2007-04-24 14:25 millert
+
+ * sudo.pod: Clarify timestamp dir ownership sentence.
+
+2007-04-20 12:40 millert
+
+ * auth/pam.c: Linux PAM now defines __LINUX_PAM__, not
+ __LIBPAM_VERSION. From Dmitry V. Levin.
+
+2007-04-16 12:13 millert
+
+ * sudo.c: -i is also one of the mutually exclusive options to list
+ it in the warning message. Noted by Chris Pepper.
+
+2007-04-12 11:18 millert
+
+ * visudo.pod: The sudoers variable is env_editor, not enveditor.
+ From Jean-Francois Saucier.
+
+2007-03-29 13:30 millert
+
+ * redblack.c: I tracked down the original author so credit him and
+ include his license info.
+
+2007-02-06 13:25 millert
+
+ * sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
+ sudoers.pod: Fix typos; from Jason McIntyre.
+
+2007-02-06 13:23 millert
+
+ * logging.c: Restore signal mask before calling reapchild(). Fixes
+ a possible race condition that could prevent sudo from properly
+ waiting for the child.
+
+2007-01-31 10:02 millert
+
+ * pwutil.c: Don't declare pw_free() if we are not going to use it.
+
+2007-01-31 10:00 millert
+
+ * env.c: Add NOEXEC support for AIX 5.3 which supports LDR_PRELOAD
+ and LDR_PRELOAD64. The 64-bit version is not currently
+ supported. Remove zero_env() prototype as it no longer exists.
+
+2006-12-11 13:21 millert
+
+ * logging.c: Add "Auto-Submitted: auto-generated" line to sudo mail
+ for rfc 3834.
+
+2006-09-29 10:53 millert
+
+ * auth/pam.c: If the user enters ^C at the password prompt, abort
+ instead of trying to authenticate with an empty password (which
+ causes an annoying delay).
+
+2006-08-17 11:26 millert
+
+ * closefrom.c, config.h.in, configure, configure.in: Add fcntl
+ F_CLOSEM support to closefrom(); adapted from a diff by Darren
+ Tucker.
+
+2006-08-17 11:25 millert
+
+ * pwutil.c: pw_free() is only used by sudo_freepwcache() so ifdef
+ it out too.
+
+2006-08-04 11:34 millert
+
+ * config.sub, config.guess: Update to latest versions from
+ cvs.savannah.gnu.org
+
+2006-07-31 13:51 millert
+
+ * pwutil.c, sudo_edit.c: Move password/group cache cleaning out of
+ sudo_end{pw,grp}ent() so we can close the passwd/group files
+ early.
+
+2006-07-31 13:50 millert
+
+ * config.h.in, configure, configure.in, set_perms.c: Add seteuid()
+ flavor of set_perms() for systems without setreuid() or
+ setresuid() that have a working seteuid(). Tested on Darwin.
+
+2006-07-30 15:56 millert
+
+ * mon_systrace.c: systrace_read() returns ssize_t
+
+2006-07-30 15:53 millert
+
+ * configure, configure.in: Fix typo, -lldap vs. -ldap; from Tim
+ Knox.
+
+2006-07-28 13:12 millert
+
+ * HISTORY: Fix typo; Matt Ackeret
+
+2006-07-17 08:25 millert
+
+ * sudo.c: Print sudoers path in -V mode for root.
+
+2006-06-15 14:44 millert
+
+ * ldap.c: Do a sub tree search instead of a base search (one level
+ in the tree only) for sudo right objects. This allows system
+ administrators to categorize the rights in a tree to make them
+ easier to manage.
+
+2005-12-28 13:52 millert
+
+ * sudo.pod: fix typo
+
+2005-12-04 12:16 millert
+
+ * ldap.c: Convert GET_OPT and GET_OPTI to use just 2 args. Add
+ timelimit and bind_timelimit support; adapted from gentoo.
+
+2005-11-23 18:57 millert
+
+ * ldap.c: Support comments that start in the middle of a line
+
+2005-11-23 18:56 millert
+
+ * configure.in, configure: Define LDAP_DEPRECATED until we start
+ using ldap_get_values_len()
+
+2005-11-18 09:55 millert
+
+ * closefrom.c: Silence gcc -Wsign-compare; djm@openbsd.org
+
+2005-11-17 20:39 millert
+
+ * error.c, sudo.c, sudo.h, testsudoers.c, visudo.c: cleanup() now
+ takes an int as an arg so it can be used as a signal handler too.
+
+2005-11-17 20:38 millert
+
+ * sudo.c: Make a copy of the shell field in the passwd struct for
+ NewArgv to avoid a use after free situation after sudo_endpwent()
+ is called.
+
+2005-11-16 20:36 millert
+
+ * Makefile.in, mkstemp.c, config.h.in, configure, configure.in: Add
+ mkstemp() for those poor souls without it.
+
+2005-11-15 09:25 millert
+
+ * env.c: Add PERL5DB to list of environment variables to remove.
+
+2005-11-13 15:49 millert
+
+ * mon_systrace.c, mon_systrace.h: Instead of calling the check
+ function twice with a state cookie use separate check/log
+ functions.
+
+ Check more ioctl() calls for failure.
+
+ systrace_{read,write} now return the number of bytes read/written
+ or -1 on error.
+
+2005-11-13 14:51 millert
+
+ * env.c: Add more environment variables to remove; from gentoo
+ linux Add some comments about what bad env variables go to what
+ (more to do)
+
+2005-11-11 17:23 millert
+
+ * sudo.c, sudo_edit.c: Move sudo_end{gr,pw}ent() until just before
+ the exec since they free up our cached copy of the passwd
+ structs, including sudo_user and sudo_runas. Fixes a
+ use-after-free bug.
+
+2005-11-11 17:19 millert
+
+ * visudo.c: Close all fd's before executing editor.
+
+2005-11-11 17:17 millert
+
+ * sudo.c: Enable malloc debugging on OpenBSD when SUDO_DEVEL is
+ set.
+
+2005-11-11 11:22 millert
+
+ * check.c: Fix fd leak when lecture file option is enabled. From
+ Jerry Brown
+
+2005-11-07 11:02 millert
+
+ * env.c: Add PERLLIB, PERL5LIB and PERL5OPT to the default list of
+ environment variables to remove. From Charles Morris
+
+2005-11-01 13:24 millert
+
+ * env.c: add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5
+
+2005-10-27 20:35 millert
+
+ * env.c: add PS4 and SHELLOPTS to initial_badenv_table for bash
+
+2005-08-14 20:32 millert
+
+ * sudoers.pod: Fix typo; Toby Peterson
+
+2005-08-02 09:57 millert
+
+ * tsgetgrpw.c: Make return buffers static so they don't get
+ clobbered
+
+2005-07-27 21:14 millert
+
+ * auth/securid5.c: Fix securid5 authentication, was not checking
+ for ACM_OK. Also add default cases for the two switch()es.
+ Problem noted by ccon at worldbank
+
+2005-06-26 20:10 millert
+
+ * ldap.c: Remove ncat() in favor of just counting bytes and
+ pre-allocating what is needed.
+
+2005-06-26 19:44 millert
+
+ * ldap.c: Fix up some comments Add missing fclose() for the
+ rootbinddn case
+
+2005-06-26 19:38 millert
+
+ * ldap.c: align struct ldap_config
+
+2005-06-26 19:37 millert
+
+ * ldap.c: use LINE_MAX for max conf file line size
+
+2005-06-26 18:36 millert
+
+ * pathnames.h.in: add _PATH_LDAP_SECRET
+
+2005-06-26 18:36 millert
+
+ * README.LDAP: Mention rootbinddn Give example ou=SUDOers container
+
+2005-06-25 18:03 millert
+
+ * configure, INSTALL, configure.in, ldap.c: Support rootbinddn in
+ ldap.conf
+
+2005-06-25 17:46 millert
+
+ * env.c, sudo.pod, sudoers.pod: Preserve DISPLAY environment
+ variable by default.
+
+2005-06-25 16:39 millert
+
+ * acsite.m4, configure: set need_lib_prefix=no for all cases; this
+ is safe for LD_PRELOAD
+
+2005-06-25 16:15 millert
+
+ * acsite.m4, configure: set need_version=no for all cases; this is
+ safe for LD_PRELOAD
+
+2005-06-25 14:45 millert
+
+ * aclocal.m4: typo
+
+2005-06-25 14:33 millert
+
+ * configure, configure.in: Add dragonfly
+
+2005-06-25 14:29 millert
+
+ * auth/pam.c: Fix call to pam_end() when pam_open_session() fails.
+
+2005-06-25 14:21 millert
+
+ * configure: regen
+
+2005-06-25 14:20 millert
+
+ * acsite.m4: rebuild acsite.m4 from libtool 1.9f libtool.m4
+ ltoptions.m4 ltsugar.m4 ltversion.m4
+
+2005-06-25 14:08 millert
+
+ * config.guess, config.sub, ltmain.sh: merge in local changes:
+ config.guess: o better openbsd support config.sub: o hiuxmpp
+ support ltmain.sh o remove requirement that libs must begin with
+ "lib" o don't print a bunch of crap about library installs o
+ don't run ldconfig
+
+2005-06-25 14:05 millert
+
+ * config.guess, config.sub, ltmain.sh: libtool 1.9f
+
+2005-06-25 14:04 millert
+
+ * configure.in: Update with autoupdate and make minor changes for
+ libtool 1.9f
+
+2005-06-22 23:19 millert
+
+ * parse.c: don't call sudo_ldap_display_cmnd if ldap not setup
+
+2005-06-22 23:04 millert
+
+ * check.c, compat.h, fileops.c, gettime.c, sudo_edit.c, visudo.c,
+ emul/timespec.h: Move declatation of struct timespec to its own
+ include files for systems without it since it needs time_t
+ defined.
+
+2005-06-22 22:57 millert
+
+ * ldap.c: Don't set safe_cmnd for the "sudo ALL" case.
+
+2005-05-27 01:59 millert
+
+ * auth/pam.c: Call pam_open_session() and pam_close_session() to
+ give pam_limits a chance to run. Idea from Karel Zak.
+
+2005-04-24 19:24 millert
+
+ * check.c, sudo.c: Add explicit cast from mode_t -> u_int in printf
+ to silence warnings on Solaris
+
+2005-04-24 19:22 millert
+
+ * parse.c: include grp.h to silence a warning on Solaris
+
+2005-04-23 15:10 millert
+
+ * parse.c: Fix printing of += and -= defaults.
+
+2005-04-17 01:21 millert
+
+ * mon_systrace.c: Sanity check number of syscall args with argsize.
+ Not really needed but a little paranoia never hurts.
+
+2005-04-17 01:18 millert
+
+ * mon_systrace.c, mon_systrace.h: Don't do pointer arithmetic on
+ void * Use int, not size_t/ssize_t for systrace lengths (since it
+ uses int)
+
+2005-04-16 03:14 millert
+
+ * mon_systrace.c: Add some memsets for paranoia Fix namespace
+ collsion w/ error Check rval of decode_args() and update_env()
+ Remove improper setting of validated variable
+
+2005-04-11 21:37 millert
+
+ * parse.c, sudo.c, sudo.h: In -l mode, only check local sudoers
+ file if def_ignore_sudoers is not set and call LDAP versions from
+ display_privs() and display_cmnd() instead of directly from
+ main(). Because of this we need to defer closing the ldap
+ connection until after -l processing has ocurred and we must pass
+ in the ldap pointer to display_privs() and display_cmnd().
+
+2005-04-11 21:33 millert
+
+ * ldap.c: Reorganize LDAP code to better match normal sudoers
+ parsing. Instead of storing strings for later printing in -l
+ mode we do another query since the authenticating user and the
+ user being listed may not be the same (the new -U flag). Also
+ add support for "sudo -l command".
+
+ There is still a fair bit if duplicated code that can probably be
+ refactored.
+
+2005-04-11 00:37 millert
+
+ * ldap.c: Replace pass variable with do_netgr for better
+ readability.
+
+2005-04-10 23:49 millert
+
+ * ldap.c: use DPRINTF macro
+
+2005-04-10 23:18 millert
+
+ * ldap.c: estrdup, not strdup
+
+2005-04-10 17:44 millert
+
+ * parse.c: Add macro to test if the tag changed to improve
+ readability.
+
+2005-04-10 17:40 millert
+
+ * parse.c: Avoid printing defaults header if there are no defaults
+ to print...
+
+2005-04-10 15:29 millert
+
+ * glob.c: Fix a warning on systems without strlcpy().
+
+2005-04-10 13:32 millert
+
+ * pwutil.c: Use macros where possible for sudo_grdup() like
+ sudo_pwdup().
+
+2005-04-08 17:04 millert
+
+ * utimes.c: It is possible for tv_usec to hold >= 1000000 usecs so
+ add in tv_usec / 1000000.
+
+2005-03-29 23:38 millert
+
+ * auth/kerb5.c: The component in krb5_principal_get_comp_string()
+ should be 1, not 0 for Heimdal. From Alex Plotnick.
+
+2005-03-29 09:29 millert
+
+ * alias.c, alloc.c, check.c, defaults.c, find_path.c, gram.c,
+ gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c,
+ pwutil.c, redblack.c, sudo.c, sudo.h, toke.c, toke.l, visudo.c:
+ Add efree() for consistency with emalloc() et al. Allows us to
+ rely on C89 behavior (free(NULL) is valid) even on K&R.
+
+2005-03-28 22:33 millert
+
+ * parse.c, sudo.c: Move initgroups() for -U option into
+ display_privs() so group matching in sudoers works correctly.
+
+2005-03-26 21:34 millert
+
+ * ldap.c: Removed duplicate call to ldap_unbind_s introduced along
+ with sudo_ldap_close.
+
+2005-03-26 20:01 millert
+
+ * parse.c: Add missing space in Defaults printing
+
+2005-03-25 12:36 millert
+
+ * pwutil.c: Sync sudo_pwdup with OpenBSD changes: use macros for
+ size computaton and string copies.
+
+2005-03-18 22:08 millert
+
+ * pwutil.c: Zero old pw_passwd before replacing with version from
+ shadow file.
+
+2005-03-18 22:07 millert
+
+ * configure, configure.in: Only attempt shadow password detection
+ if PAM is not being used Add shadow_* variables to make shadow
+ password detection more generic.
+
+2005-03-18 21:46 millert
+
+ * configure.in: Use OSDEFS for os-specific -D_FOO_BAR stuff rather
+ than CPPFLAGS
+
+2005-03-12 19:27 millert
+
+ * sudoers.pod: use a non-breaking space to avoid a double space
+ after e.g.
+
+2005-03-12 19:26 millert
+
+ * sudo.pod: commna, not colon after e.g.
+
+2005-03-12 18:43 millert
+
+ * sudo_noexec.c: Add __ variants of the exec functions. GNU libc
+ at least uses __execve() internally.
+
+2005-03-12 12:29 millert
+
+ * indent.pro: Match reality a bit more.
+
+2005-03-12 12:27 millert
+
+ * pwutil.c: Missed piece from rev. 1.6, fix sudo_getpwnam() too.
+
+2005-03-11 23:42 millert
+
+ * pwutil.c: Store shadow password after making a local copy of
+ struct passwd in case normal and shadow routines use the same
+ internal buffer in libc.
+
+2005-03-10 20:57 millert
+
+ * alloc.c, logging.c: Make varargs usage consistent with the rest
+ of the code.
+
+2005-03-10 10:09 millert
+
+ * sudo_noexec.c: Wrap more of the exec family since on Linux the
+ others do not appear to go through the normal execve() path.
+
+2005-03-10 09:57 millert
+
+ * visudo.c: make print_unused static like proto says
+
+2005-03-10 09:55 millert
+
+ * glob.c: silence a warning on K&R systems
+
+2005-03-10 09:51 millert
+
+ * parse.c, alias.c, error.c: make this build in K&R land
+
+2005-03-07 22:21 millert
+
+ * toke.c: regen
+
+2005-03-05 22:46 millert
+
+ * ldap.c: return(foo) not return foo optimize _atobool() slightly
+
+2005-03-05 22:40 millert
+
+ * ldap.c: Use TRUE/FALSE
+
+2005-03-05 22:31 millert
+
+ * ldap.c: Reformat to match the rest of sudo's code.
+
+2005-03-05 19:33 millert
+
+ * sudo.pod: I am the primary author
+
+2005-02-22 22:28 millert
+
+ * README, RUNSON, Makefile.in: The RUNSON file is toast--it
+ confused too many people and really isn't needed in a
+ configure-oriented world.
+
+2005-02-22 22:28 millert
+
+ * INSTALL: alternate -> alternative
+
+2005-02-22 22:26 millert
+
+ * tgetpass.c: Use TCSADRAIN instead of TCSAFLUSH since some OSes
+ have issues with TCSAFLUSH.
+
+2005-02-22 22:16 millert
+
+ * toke.l: Allow leading blanks before Defaults and Foo_Alias
+ definitions
+
+2005-02-22 22:14 millert
+
+ * Makefile.in: fix rules to build toke.o and gram.o in devel mode
+
+2005-02-20 13:00 millert
+
+ * sudoers.pod: env_keep overrides set_logname
+
+2005-02-20 12:57 millert
+
+ * env.c: Fix disabling set_logname and make env_keep override
+ set_logname.
+
+2005-02-20 12:28 millert
+
+ * compat.h, config.h.in, configure, configure.in: No longer need
+ memmove()
+
+2005-02-20 11:48 millert
+
+ * env.c, sudo.c: Just clean the environment once. This assumes
+ that any further setenv/putenv will be able to handle the fact
+ that we replaced environ with our own malloc'd copy but all the
+ implementations I've checked do.
+
+2005-02-15 23:16 millert
+
+ * env.c, sudo.c: In -i mode, base the value of insert_env()'s
+ dupcheck flag on DID_FOO flags. Move checks for $HOME resetting
+ into rebuild_env()
+
+2005-02-13 00:33 millert
+
+ * env.c, sudo.c: Move setting of user_path, user_shell, user_prompt
+ and prev_user into init_vars() since user_shell at least is
+ needed there.
+
+2005-02-12 18:51 millert
+
+ * Makefile.in: fix devel builds
+
+2005-02-12 18:46 millert
+
+ * check.c, sudo.c: Fix some printf format mismatches on error.
+
+2005-02-12 18:33 millert
+
+ * configure, gram.c, toke.c: regen
+
+2005-02-12 17:56 millert
+
+ * LICENSE, Makefile.binary.in, Makefile.in, aclocal.m4, alias.c,
+ alloc.c, check.c, closefrom.c, compat.h, configure.in,
+ defaults.c, defaults.h, env.c, error.c, fileops.c, find_path.c,
+ getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.y,
+ interfaces.c, interfaces.h, ldap.c, logging.c, logging.h,
+ match.c, mon_systrace.c, parse.c, redblack.c, redblack.h,
+ set_perms.c, sigaction.c, snprintf.c, strcasecmp.c, strerror.c,
+ strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.pod, sudo_edit.c,
+ sudo_noexec.c, sudoers.pod, testsudoers.c, tgetpass.c, toke.l,
+ utimes.c, version.h, visudo.c, visudo.pod, zero_bytes.c,
+ auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, auth/dce.c,
+ auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
+ auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
+ auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h,
+ emul/utime.h: Update copyright years.
+
+2005-02-12 16:46 millert
+
+ * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
+ version 1.7
+
+2005-02-12 16:16 millert
+
+ * WHATSNEW: What's new in sudo 1.7, based on the 1.7 CHANGES
+ entries.
+
+2005-02-11 18:06 millert
+
+ * compat.h, logging.h, sudo.h: Add __printflike and use it with gcc
+ to warn about printf-like format mismatches
+
+2005-02-10 00:16 millert
+
+ * CHANGES, ChangeLog: Replaced CHANGES file with ChangeLog
+ generated from cvs logs
+
+2005-02-10 00:03 millert
+
+ * set_perms.c: Use warning/error instead of perror/fatal.
+
+2005-02-09 23:13 millert
+
+ * config.guess: Update OpenBSD section
+
+2005-02-09 23:10 millert
+
+ * UPGRADE: Add upgrading noted for 1.7
+
+2005-02-09 23:00 millert
+
+ * env.c, sudo.c, sudoers.pod: Instead of zeroing out the
+ environment, just prune out entries based on the env_delete and
+ env_check lists. Base building up the new environment on the
+ current environment and the variables we removed initially.
+
+2005-02-09 22:23 millert
+
+ * configure, configure.in, sudo.c, config.h.in: Set locale to "C"
+ if locales are supported, just to be safe.
+
+2005-02-09 22:19 millert
+
+ * toke.c, toke.l: Cast argument to ctype functions to unsigned
+ char.
+
+2005-02-07 22:56 millert
+
+ * env.c: correct value for DID_USER
+
+2005-02-07 22:55 millert
+
+ * error.c, fnmatch.c, getcwd.c, glob.c, snprintf.c: #include
+ <compat.h> not "compat.h"
+
+2005-02-07 22:51 millert
+
+ * defaults.c: Reset the environment by default.
+
+2005-02-07 22:50 millert
+
+ * sudo.c: Alloc an extra slot in NewArgv. Removes the need to
+ malloc an new vector if execve() fails.
+
+2005-02-06 23:16 millert
+
+ * INSTALL, config.h.in, configure, configure.in, sudo.c: Use
+ execve(2) and wrap the command in sh if we get ENOEXEC.
+
+2005-02-05 23:01 millert
+
+ * sudo_noexec.c: Only include time.h on systems that lack struct
+ timespec which gets defind in compat.h (using time_t).
+
+2005-02-05 22:59 millert
+
+ * sudo_noexec.c: Include time.h for time_t in compat.h for systems
+ w/o struct timespec.
+
+2005-02-05 22:56 millert
+
+ * configure, compat.h, config.h.in, configure.in: use bcopy on
+ systems w/o memmove
+
+2005-02-05 22:31 millert
+
+ * compat.h: __attribute__((__unused__)) doesn't work in gcc 2.7.2.1
+ so limit its use to gcc >= 2.8.
+
+2005-02-05 21:21 millert
+
+ * Makefile.in: Add explicit rule to build sudo_noexec.lo
+
+2005-02-05 17:56 millert
+
+ * INSTALL.configure, Makefile.in: No longer depend on VPATH;
+ pointed out a bunch of missed dependencies.
+
+2005-02-05 13:18 millert
+
+ * TROUBLESHOOTING: Help for PAM when account section is missing
+
+2005-02-05 13:01 millert
+
+ * auth/pam.c: Give user a clue when there is a missing "account"
+ section in the PAM config.
+
+2005-02-05 10:22 millert
+
+ * auth/pam.c: Better error handling.
+
+2005-02-05 09:57 millert
+
+ * configure, config.h.in, configure.in: Move _FOO_SOURCE to
+ CPPFLAGS so it takes effect as early as possible. Silences a
+ warning about isblank() on linux.
+
+2005-02-04 21:49 millert
+
+ * auth/pam.c: Fix typo (missing comma) that caused an incorrect
+ number of args to be passed to log_error().
+
+2005-01-31 23:03 millert
+
+ * pwutil.c: Don't try to destroy a tree we didn't create.
+
+2005-01-27 10:42 millert
+
+ * alias.c, alloc.c, check.c, closefrom.c, compat.h, defaults.c,
+ env.c, error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c,
+ getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.c,
+ gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c,
+ parse.c, pwutil.c, set_perms.c, sigaction.c, snprintf.c,
+ strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
+ sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c,
+ toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c,
+ auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
+ auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
+ auth/rfc1938.c, auth/secureware.c, auth/securid.c,
+ auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Add __unused to
+ rcsids
+
+2005-01-21 10:34 millert
+
+ * configure, configure.in: Fix error message when mixing invalid
+ auth types
+
+2005-01-21 10:32 millert
+
+ * INSTALL: PAM, AIX auth, BSD auth and login_cap are now on by
+ default if the OS supports them.
+
+2005-01-21 10:29 millert
+
+ * config.h.in, auth/sudo_auth.h: s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g
+
+2005-01-21 10:29 millert
+
+ * configure.in: Better checking for conflicting authentication
+ methods Display the authentication methods used at the end of
+ configure Rename --with-authenticate -> --with-aixauth Use
+ --with-aixauth, --with-bsdauth, --with-pam, --with-logincap by
+ default on systems that support them unless disabled. Add
+ OSMAJOR variable that replaces old OSREV; now OSREV has full
+ version number
+
+2005-01-17 19:40 millert
+
+ * def_data.c, def_data.in, sudo.c, sudoers.pod: s/-O/-C/
+
+2005-01-14 13:35 millert
+
+ * configure.in: Replace: test -n "$FOO" || FOO="bar"
+
+ With: : ${FOO='bar'}
+
+2005-01-09 18:58 millert
+
+ * pwutil.c, testsudoers.c, tsgetgrpw.c: Use function pointers to
+ only call private passwd/group routines when using a nonstandard
+ passwd/group file.
+
+2005-01-06 10:34 millert
+
+ * CHANGES: sync
+
+2005-01-05 22:16 millert
+
+ * tsgetgrpw.c: Can't use strtok() since it doesn't handle empty
+ fields so add getpwent()/getgrent() functions and call those.
+
+2005-01-05 17:29 millert
+
+ * Makefile.in: Fix dummied out toke.c and gram.c dependencies.
+
+2005-01-05 17:18 millert
+
+ * Makefile.in: Rename PARSESRCS -> GENERATED since it is only used
+ in the clean target Add devdir variable and use it to specify the
+ path to parser sources
+
+2005-01-05 17:17 millert
+
+ * configure: regen
+
+2005-01-05 17:17 millert
+
+ * configure.in: Add a devdir variables that defaults to $(srcdir)
+ and is set to . if --devel was specified. Allows for proper
+ dependecies building the parser.
+
+2005-01-05 14:50 millert
+
+ * testsudoers.c: Add support for custom passwd/group files.
+
+2005-01-05 14:47 millert
+
+ * Makefile.in: Build private copy of pwutil.o for testsudoers with
+ MYPW defined so it uses our own passwd/group routines.
+
+2005-01-05 14:46 millert
+
+ * visudo.c: Remove sudo_*{pw,gr}* stubs and add
+ sudo_setspent/sudo_endspent stubs instead. We can now just use
+ the caching sudo_*{pw,gr}* functions in pwutil.c Add comment
+ about wanting to call sudo_endpwent/sudo_endgrent in cleanup()
+
+2005-01-05 14:44 millert
+
+ * tsgetgrpw.c: Remove caching; we will just use what is in pwutil.c
+ Use global buffers for passwd/group structs Rename functions from
+ sudo_* to my_*
+
+2005-01-05 14:43 millert
+
+ * logging.c, sudo.c: g/c pwcache_init/pwcache_destroy
+
+2005-01-05 14:42 millert
+
+ * sudo.h: Undo last commit and add sudo_setspent and sudo_endspent
+ instead.
+
+2005-01-05 14:41 millert
+
+ * getspwuid.c, pwutil.c: Move all but the shadow stuff from
+ getspwuid.c to pwutil.c and pwcache_get and pwcache_put as they
+ are no longer needed. Also add preprocessor magic to use private
+ versions of the passwd and group routines if MYPW is defined (for
+ use by testsudoers).
+
+2005-01-04 22:40 millert
+
+ * tsgetgrpw.c: zero out struct passwd/group before filling it in so
+ if there are fields we don't handle they end up as 0.
+
+2005-01-04 20:10 millert
+
+ * logging.c, sudo.c, sudo.h, testsudoers.c, visudo.c: Adapt to
+ pwutil.c
+
+2005-01-04 20:09 millert
+
+ * Makefile.in: Add tsgetgrpw.c and pwutil.c Rename the *OBJ
+ variables for better readability.
+
+2005-01-04 20:08 millert
+
+ * tsgetgrpw.c: Passwd and group lookup routines for testsudoers
+ that support alternate passwd and group files.
+
+2005-01-04 20:07 millert
+
+ * getspwuid.c, pwutil.c: Split off pw/gr cache and dup code into
+ its own file. This allows visudo and testsudoers to use the
+ pw/gr cache too.
+
+2005-01-01 19:31 millert
+
+ * parse.c: Print Defaults info in "sudo -l" output and wrap lines
+ based on the terminal width.
+
+2005-01-01 12:41 millert
+
+ * match.c, visudo.c, testsudoers.c: Only check group vector in
+ usergr_matches() if we are matching the invoking or list user.
+ Always check the group members, even if there was a group vector.
+
+2004-12-17 17:24 millert
+
+ * LICENSE, Makefile.in, fnmatch.3: No longer bundle fnmatch.3
+
+2004-12-17 13:12 millert
+
+ * CHANGES, TODO: checkpoint
+
+2004-12-16 14:20 millert
+
+ * sudo.c: sort usage
+
+2004-12-16 14:20 millert
+
+ * sudo.pod: Sort command line options
+
+2004-12-16 13:33 millert
+
+ * def_data.c, def_data.h, def_data.in, defaults.c, logging.c,
+ sudo.c, sudo.pod, sudoers.pod: Add closefrom sudoers option to
+ start closing at a point other than 3. Add closefrom_override
+ sudoers option and -C sudo flag to allow the user to specify a
+ different closefrom starting point.
+
+2004-12-16 13:25 millert
+
+ * pathnames.h.in: Add _PATH_DEVNULL for those without it.
+
+2004-12-15 22:55 millert
+
+ * LICENSE: no more UCB strcasecmp
+
+2004-12-15 22:54 millert
+
+ * strcasecmp.c: replace BSD licensed one with version derived from
+ pdksh
+
+2004-12-09 21:07 millert
+
+ * sudo.c: Fix last commit.
+
+2004-12-09 19:26 millert
+
+ * sudo.c: Make sure stdin, stdout and stderr are open and dup them
+ to /dev/null if not.
+
+2004-12-03 13:57 millert
+
+ * ldap.c, mon_systrace.c, sudo.c, sudo.h: add sudo_ldap_close
+
+2004-12-03 13:52 millert
+
+ * fileops.c, gettime.c, sudo.c, sudo_edit.c, utimes.c, visudo.c:
+ Use TIME_WITH_SYS_TIME
+
+2004-12-03 13:48 millert
+
+ * configure, configure.in, config.h.in: Add TIME_WITH_SYS_TIME_H
+
+2004-12-02 11:18 millert
+
+ * env.c: Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE
+ being set unconditionally on darwin. From Toby Peterson.
+
+2004-12-02 10:40 millert
+
+ * getspwuid.c: Check rbinsert() return value. In the case of faked
+ up entries there is usually a negative response cached that we
+ need to overwrite.
+
+ In pwfree() don't try to zero out a NULL pw_passwd pointer.
+
+2004-12-02 09:53 millert
+
+ * mon_systrace.c: Use the double fork trick to avoid the monitor
+ process being waited for by the main program run through sudo.
+
+2004-11-29 12:52 millert
+
+ * sudo.c: Call initgroups() in -U mode so group matches work
+ normally.
+
+2004-11-29 12:34 millert
+
+ * def_data.h, mkdefaults: Don't print a trailing comma for the last
+ entry in enum def_tupple
+
+2004-11-28 16:08 millert
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod: Mention values when
+ lecture, listpw and verifypw are used in boolean context.
+
+2004-11-28 16:05 millert
+
+ * def_data.c, def_data.in: verifypw when used in a boolean TRUE
+ context should be "all", not "any".
+
+2004-11-26 14:21 millert
+
+ * def_data.in, defaults.c: Allow tuples that can be used as
+ booleans to be used as boolean TRUE. In this case the 2nd
+ possible value of the tuple is used for TRUE.
+
+2004-11-25 12:23 millert
+
+ * configure, configure.in: Correct the test for 2-parameter
+ timespecsub
+
+2004-11-25 12:20 millert
+
+ * sudo.h: Add strub struct definitions for passwd, timeval and
+ timespec
+
+2004-11-25 12:09 millert
+
+ * configure, configure.in, config.h.in, sudo_edit.c, visudo.c: Add
+ check for 2-argument form of timespecsub (FreeBSD and BSD/OS) and
+ fix a typo in the gettimeofday check.
+
+2004-11-24 16:44 millert
+
+ * match.c, testsudoers.c: Deal with user_stat being NULL as it is
+ for visudo and testsudoers.
+
+2004-11-24 16:31 millert
+
+ * parse.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod: Add -U
+ option to use in conjunction with -l instead of -u. Add support
+ for "sudo -l command" to test a specific command.
+
+2004-11-24 16:28 millert
+
+ * gram.c, gram.y, sudo.c: Set safe_cmnd after sudoers_lookup() if
+ it has not been set. Previously it was set by sudo "ALL" in the
+ parser but at that point the fully-qualified pathname has not yet
+ been found.
+
+2004-11-23 18:18 millert
+
+ * parse.c, testsudoers.c: Correctly handle multiple privileges per
+ userspec and runas inheritence.
+
+2004-11-21 14:09 millert
+
+ * defaults.c: Zero out sd_un for each entry in sudo_defs_table in
+ init_defaults.
+
+2004-11-19 18:04 millert
+
+ * toke.c, toke.l: make per-command defaults work with sudoedit
+
+2004-11-19 18:00 millert
+
+ * ldap.c, parse.c, sudo.c, sudo.h: Remove the FLAG_NOPASS,
+ FLAG_NOEXEC and FLAG_MONITOR flags. Instead, we just set the
+ approriate defaults variable.
+
+2004-11-19 17:09 millert
+
+ * sample.sudoers, sudoers.cat, sudoers.man.in, sudoers.pod:
+ Document per-command Defaults.
+
+2004-11-19 16:35 millert
+
+ * defaults.c, defaults.h, gram.c, gram.h, gram.y, mon_systrace.c,
+ sudo.c, testsudoers.c, toke.c, toke.l, visudo.c: Add support for
+ command-specific Defaults entries. E.g.
+ Defaults!/usr/bin/vi noexec
+
+2004-11-19 15:03 millert
+
+ * defaults.c, match.c, parse.c, parse.h, testsudoers.c: Change an
+ occurence of user_matches() -> runas_matches() missed previously
+ runas_matches(), host_matches() and cmnd_matches() only really
+ need to pass in a list of members. user_matches() still needs to
+ pass in a passwd struct because of "sudo -l"
+
+2004-11-19 14:46 millert
+
+ * parse.c: Check def_authenticate, def_noexec and def_monitor when
+ setting return flags. XXX May be better to just set the defaults
+ directly and get rid of those flags.
+
+2004-11-19 13:39 millert
+
+ * alias.c, alloc.c, check.c, closefrom.c, defaults.c, env.c,
+ error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c,
+ getprogname.c, getspwuid.c, gettime.c, glob.c, goodpath.c,
+ gram.c, gram.y, interfaces.c, ldap.c, logging.c, match.c,
+ mon_systrace.c, parse.c, redblack.c, set_perms.c, snprintf.c,
+ strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
+ sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c,
+ toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c,
+ auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
+ auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
+ auth/rfc1938.c, auth/secureware.c, auth/securid.c,
+ auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Use: #include
+ <config.h> Not: #include "config.h" That way we get the correct
+ config.h when build dir != src dir
+
+2004-11-19 13:30 millert
+
+ * Makefile.in: Back out part of rev 1.263; fix -I order
+
+2004-11-19 13:12 millert
+
+ * toke.c, toke.l: More robust parsing if #include; could be much
+ better still.
+
+2004-11-19 12:55 millert
+
+ * sudo_edit.c, visudo.c: Make arg splitting in visudo and sudoedit
+ consistent.
+
+2004-11-19 12:35 millert
+
+ * Makefile.in, alias.c, gram.c, gram.y, parse.h: Split alias
+ routines out into their own file.
+
+2004-11-19 12:32 millert
+
+ * error.h: __attribute__ is already defined in compat.h
+
+2004-11-19 12:30 millert
+
+ * visudo.c: quit() should not be __noreturn__ as it is non-void on
+ some platforms.
+
+2004-11-19 12:24 millert
+
+ * auth/: fwtk.c, rfc1938.c, securid.c, securid5.c: Add local
+ error/warning functions like err/warn but that call an additional
+ cleanup routine in the error case. This means we no longer need
+ to compile a special version of alloc.o for visudo.
+
+2004-11-19 11:54 millert
+
+ * parse.h: Clarify comments about the data structures
+
+2004-11-18 15:28 millert
+
+ * visudo.c: Add support for VISUAL and EDITOR containing command
+ line args. If env_editor is not set any args in VISUAL and
+ EDITOR are ignored. Arguments are also now supported in
+ def_editor.
+
+2004-11-17 14:25 millert
+
+ * parse.h: alias_matches() is no more
+
+2004-11-17 14:09 millert
+
+ * CHANGES, TODO: sync
+
+2004-11-17 13:19 millert
+
+ * Makefile.in: When regenerating the parser, don't replace gram.h
+ unless it has changed.
+
+2004-11-17 11:56 millert
+
+ * Makefile.in: remove Makefile.binary for distclean
+
+2004-11-17 11:18 millert
+
+ * env.c: Preserve KRB5CCNAME in zero_env() and add a paranoia check
+ to make sure we can't overflow new_env.
+
+2004-11-17 10:33 millert
+
+ * sudo_edit.c: paranoia when stripping trailing slashes from
+ tempdir.
+
+2004-11-16 19:00 millert
+
+ * sudo.c: Set user_ngroups to 0 if getgroups() returns an error.
+
+2004-11-16 18:59 millert
+
+ * configure, configure.in, config.h.in, sudo.c: Add configure check
+ for getgroups()
+
+2004-11-16 18:55 millert
+
+ * ldap.c: Use supplementary group vector in struct sudo_user.
+
+2004-11-16 18:40 millert
+
+ * match.c: Only do string comparisons on the group members if there
+ is no supplemental group list.
+
+2004-11-16 16:10 millert
+
+ * CHANGES, TODO: sync
+
+2004-11-16 15:54 millert
+
+ * sudo_edit.c: On Digital UNIX _PATH_VAR_TMP doesn't end with a
+ trailing slash so chop off any trailing slashes we see and add an
+ explicit one.
+
+2004-11-16 12:02 millert
+
+ * match.c: remove bogus XXX comment
+
+2004-11-16 11:10 millert
+
+ * match.c: Get rid of alias_matches and correctly fall through to
+ the non-alias cases when there is no alias with the specified
+ name.
+
+2004-11-16 10:47 millert
+
+ * getspwuid.c: Cache non-existent passwd/group entries too.
+
+2004-11-16 10:45 millert
+
+ * gram.c: regen
+
+2004-11-15 23:32 millert
+
+ * getspwuid.c: fix typo
+
+2004-11-15 23:24 millert
+
+ * check.c, getspwuid.c, glob.c, ldap.c, logging.c, match.c,
+ mon_systrace.h, sudo.c, sudo.h, testsudoers.c, visudo.c:
+ Implement group caching and use the passwd and group caches
+ throughout.
+
+2004-11-15 14:43 millert
+
+ * match.c: Properly negate the return value of alias_matches() when
+ appropriate.
+
+2004-11-15 14:38 millert
+
+ * match.c: Make hostname_matches() return TRUE for a match, else
+ FALSE like the caller expects.
+
+2004-11-15 13:24 millert
+
+ * Makefile.in: Add missing dependencies on gram.h
+
+2004-11-15 13:06 millert
+
+ * match.c: Use runas_matches in alias_matches() now that we have
+ it.
+
+2004-11-15 13:00 millert
+
+ * parse.c, parse.h: Expand aliases in "sudo -l" mode
+
+2004-11-15 12:33 millert
+
+ * gram.y, match.c: Use ALIAS for the member type when storing an
+ alias instead of HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since
+ match.c relies on the more generic type. Expand runas_matches
+ instead of calling user_matches() inside of it since
+ user_matches() looks up USERALIASes, not RUNASALIASes.
+
+2004-11-15 12:05 millert
+
+ * CHANGES, getspwuid.c: Paranoia; zero out pw_passwd before freeing
+ passwd entry.
+
+2004-11-15 10:53 millert
+
+ * LICENSE, Makefile.in, alloc.c, check.c, config.h.in, configure,
+ configure.in, err.c, error.c, error.h, defaults.c, env.c,
+ find_path.c, interfaces.c, logging.c, mon_systrace.c, sudo.c,
+ sudo.h, sudo_edit.c, testsudoers.c, visudo.c, emul/err.h: Add
+ local error/warning functions like err/warn but that call an
+ additional cleanup routine in the error case. This means we no
+ longer need to compile a special version of alloc.o for visudo.
+
+2004-11-15 09:59 millert
+
+ * match.c: Use userpw_matches() to compare usernames, not strcmp(),
+ since the latter checks for "#uid".
+
+2004-11-15 09:53 millert
+
+ * getspwuid.c, mon_systrace.c, mon_systrace.h, sudo.c: Cache passwd
+ db entries in 2 reb-black trees; one indexed by uid, the other by
+ user name. The data returned from the cache should be considered
+ read-only and is destroyed by sudo_endpwent().
+
+2004-11-15 09:50 millert
+
+ * match.c: add cast to uid_t
+
+2004-11-15 09:49 millert
+
+ * gram.y: missing free in alias_destroy
+
+2004-11-15 09:49 millert
+
+ * redblack.c: Can't use rbapply() for rbdestroy since the
+ destructor is passed a data pointer, not a node pointer.
+
+2004-11-14 23:06 millert
+
+ * getspwuid.c, logging.c, sudo.c, sudo.h: Create and use private
+ versions of setpwent() and endpwent() that set/end the shadow
+ password file too.
+
+2004-11-14 22:55 millert
+
+ * gram.c, gram.h, gram.y, match.c, parse.h, testsudoers.c,
+ visudo.c: Store aliases in a red-black tree.
+
+2004-11-14 22:52 millert
+
+ * Makefile.in, redblack.c, redblack.h: red-black tree
+ implementation
+
+2004-11-14 22:37 millert
+
+ * visudo.c: Edit all sudoers file if there were unused or undefined
+ aliases and we are in strict mode.
+
+2004-11-12 11:19 millert
+
+ * CHANGES, def_data.c, def_data.h, def_data.in, defaults.c, env.c,
+ find_path.c, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.c:
+ Bring back the "secure_path" Defaults option now that Defaults
+ take effect before the path is searched.
+
+2004-11-11 12:22 millert
+
+ * logging.c, parse.c: A user can always list their own entries,
+ even with -u. Better error message when failing to list another
+ user's entries.
+
+2004-11-11 12:12 millert
+
+ * parse.c, sudo.c, sudo.h: The syntax to list another user's
+ entries is now "-u otheruser -l". Only root or users with sudo
+ "ALL" may list other user's entries.
+
+2004-11-11 11:30 millert
+
+ * sudo.cat, sudo.man.in, sudo.pod: Update env variable info in
+ SECURITY NOTES
+
+2004-11-11 11:25 millert
+
+ * env.c: strip CDPATH too
+
+2004-11-11 11:20 millert
+
+ * env.c: strip exported bash functions from the environment.
+
+2004-10-27 12:16 millert
+
+ * sudo.c: Only reset sudo_user.pw based on SUDO_USER environment
+ variables for real commands and sudoedit. This avoids a
+ confusing message when a user tries "sudo -l" or "sudo -v" and is
+ denied.
+
+2004-10-27 12:06 millert
+
+ * gram.c, gram.y, parse.h: Extend LIST_APPEND to deal with
+ appending lists too
+
+2004-10-26 18:39 millert
+
+ * logging.c: Convert some bitwise AND to ISSET
+
+2004-10-26 18:29 millert
+
+ * lex.yy.c, toke.c: toke.c replaces lex.yy.c
+
+2004-10-26 18:29 millert
+
+ * CHANGES, TODO: sync
+
+2004-10-26 18:28 millert
+
+ * BUGS: new parser fixes most of the outstanding bugs
+
+2004-10-26 18:27 millert
+
+ * configure: regen
+
+2004-10-26 18:26 millert
+
+ * visudo.c: Rework for the new parser. Now checks for unused
+ aliases in sudoers.
+
+2004-10-26 18:25 millert
+
+ * testsudoers.c: Rewrite for the new parser. Now supports a -d
+ flag (dump) and adds a -h flag (host). It now defaults to the
+ local hostname unless otherwise specified.
+
+2004-10-26 18:23 millert
+
+ * sudo.h: Add new prototypes. Remove NOMATCH/UNSPEC (now in
+ parse.h)
+
+2004-10-26 18:22 millert
+
+ * sudo.c: Update for new parse. We now call find_path() *after* we
+ have updated the global defaults based on sudoers. Also adds
+ support for listing other user's privs if you are root.
+
+2004-10-26 18:21 millert
+
+ * mon_systrace.c: Working LDAP support; also remove a now-unneeded
+ rewind().
+
+2004-10-26 18:20 millert
+
+ * logging.c, logging.h: Add NO_STDERR flag.
+
+2004-10-26 18:19 millert
+
+ * ldap.c: Split sudo_ldap_check() into three pieces:
+ sudo_ldap_open(), udo_ldap_update_defaults() and
+ sudo_ldap_check(). This allows us to connecto to LDAP, apply the
+ default options, find the command in the user's path, and then
+ check whether the user is allowed to run it. The important thing
+ here is that the default runas user may be specified as a default
+ option and that needs to be set before we search for the command.
+
+2004-10-26 18:17 millert
+
+ * ldap.c: Add casts to unsigned char for isspace() to quiet a gcc
+ warning.
+
+2004-10-26 18:16 millert
+
+ * defaults.h: Add prototype for update_defaults()
+
+2004-10-26 18:16 millert
+
+ * defaults.c: Don't warn about line numbers now that we operate on
+ a set of data structures (or LDAP) and not a file.
+
+2004-10-26 18:15 millert
+
+ * config.h.in: No long use lsearch()
+
+2004-10-26 18:14 millert
+
+ * Makefile.in: Update for new and changed file names.
+
+2004-10-26 18:14 millert
+
+ * LICENSE: no more BSD lsearch.c
+
+2004-10-26 18:14 millert
+
+ * match.c: foo_matches() routines now live in match.c Added
+ user_matches(), runas_matches(), host_matches(), cmnd_matches()
+ and alias_matches() that operate on the parsed sudoers file.
+
+2004-10-26 18:12 millert
+
+ * parse.lex, toke.l: Move parse.lex -> toke.l Rename buffer_frob()
+ -> switch_buffer() WORD no longer needs to exclude '@' kill
+ yywrap()
+
+2004-10-26 18:10 millert
+
+ * gram.c, gram.h, gram.y, parse.c, parse.h, parse.yacc, sudo.tab.h:
+ Rewritten parser that converts sudoers into a set of data
+ structures. This eliminates ordering issues and makes it
+ possible to apply sudoers Defaults entries before searching for
+ the command.
+
+2004-10-26 18:09 millert
+
+ * configure.in, lsearch.c, emul/search.h: We won't be using
+ lsearch() any longer.
+
+2004-10-26 18:07 millert
+
+ * ldap.c: sudo should not send mail if someone who runs 'sudo -l'
+ has no entry.
+
+2004-10-26 16:09 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in: regen
+
+2004-10-26 16:09 millert
+
+ * visudo.pod: Update warnings to match new visudo
+
+2004-10-26 16:08 millert
+
+ * sudoers.pod: The new parser doesn't have the old ordering
+ constraints.
+
+2004-10-26 16:08 millert
+
+ * sudo.pod: Document that -l now takes an optional username
+ argument
+
+2004-10-25 13:44 millert
+
+ * RUNSON: AIX 5.2.0.0 works
+
+2004-10-25 13:38 millert
+
+ * ldap.c: If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS
+ instead. Fixes a compilation problem with Solaris 9's native
+ LDAP.
+
+ Set FLAG_MONITOR when needed.
+
+2004-10-23 13:32 millert
+
+ * mon_systrace.c: Call sudo_goodpath() *after* changing the cwd to
+ match the traced process. Fixes relative paths.
+
+2004-10-21 12:31 millert
+
+ * testsudoers.c: Kill set_perms() stub--it is no longer needed.
+
+2004-10-13 12:52 millert
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod: stay_setuid now
+ requires set_reuid() or setresuid()
+
+2004-10-13 12:46 millert
+
+ * INSTALL, PORTING, TROUBLESHOOTING, config.h.in, configure,
+ configure.in, set_perms.c, sudo.c, sudo.h: Kill use of POSIX
+ saved uids; they aren't worth bothering with.
+
+2004-10-07 16:23 millert
+
+ * glob.c: remove call to issetugid()
+
+2004-10-07 14:57 millert
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod: Remove warning about
+ wildcards. Now that we use glob() the bug is fixed.
+
+2004-10-07 14:52 millert
+
+ * parse.c: Use glob(3) instead of fnmatch(3) for matching pathnames
+ and stat each result that matches the basename of the user's
+ command. This makes "cd /usr/bin ; sudo ./blah" work when
+ sudoers allows /usr/bin/blah. Fixes bug #143.
+
+2004-10-07 14:27 millert
+
+ * configure, configure.in, config.h.in: Define HAVE_EXTENDED_GLOB
+ for extended glob (GLOB_TILDE and GLOB_BRACE)
+
+2004-10-07 12:59 millert
+
+ * config.h.in, configure, configure.in: Check for a glob() that
+ supports GLOB_BRACE and GLOB_TILDE
+
+2004-10-07 12:51 millert
+
+ * LICENSE: reference glob
+
+2004-10-07 12:50 millert
+
+ * glob.c, emul/glob.h: 4.4BSD glob(3) with fixes from OpenBSD and
+ some unneeded extensions removed.
+
+2004-10-05 17:26 millert
+
+ * mon_systrace.c: Just return if STRIOCINJECT or STRIOCREPLACE
+ fail. It probably means we are out of space in the stack gap...
+
+2004-10-05 17:20 millert
+
+ * CHANGES: sync
+
+2004-10-05 16:53 millert
+
+ * mon_systrace.c: Take a stab at ldap sudoers support here.
+
+2004-10-05 15:13 millert
+
+ * mon_systrace.c, mon_systrace.h: Detach from tracee on SIGHUP,
+ SIGINT and SIGTERM. Now "sudo reboot" doesn't cause reboot to
+ inadvertanly kill itself.
+
+2004-10-05 14:21 millert
+
+ * mon_systrace.c: put "monitor" in the proctitle, not "systrace"
+
+2004-10-05 14:15 millert
+
+ * mon_systrace.c: When modifying the environment, don't replace
+ envp when we can get away with just rewriting pointers in the
+ traced process.
+
+2004-10-05 13:46 millert
+
+ * mon_systrace.c, mon_systrace.h: Add environment updating via
+ STRIOCINJECT (if available).
+
+2004-10-05 10:22 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2004-10-04 16:15 millert
+
+ * lex.yy.c: regen
+
+2004-10-04 16:15 millert
+
+ * parse.lex: Fix bug introduced in unput() removal; want yyless(0)
+ not yyless(1)
+
+2004-10-04 12:09 millert
+
+ * mon_systrace.c: Include file is now mon_systrace.h
+
+2004-10-04 12:07 millert
+
+ * Makefile.in, configure, configure.in, def_data.c, def_data.h,
+ def_data.in, lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc,
+ sudo.c, sudo.h, sudo.tab.h, sudoers.pod: No longer call it
+ tracing, it is now "monitoring" which should be more a obvious
+ name to non-hackers.
+
+2004-10-01 15:06 millert
+
+ * mon_systrace.c, mon_systrace.h: Fix some XXX
+
+2004-10-01 14:30 millert
+
+ * mon_systrace.c, mon_systrace.h: No need to include syscall.h, use
+ 1024 as the max # of entries (the max that systrace(4) allows).
+
+ Only need to use SYSTR_POLICY_ASSIGN once
+
+ Change check_syscall() -> find_handler() and have it return the
+ handler instead of just running it. We need this since handler
+ now have two parts: one part that generates and answer and
+ another that gets called after the answer is accepted (to do
+ logging).
+
+ Add some missing check_exec for emul execv
+
+2004-10-01 10:58 millert
+
+ * sample.pam, sample.sudoers, sample.syslog.conf, sudoers: Add
+ $Sudo: ChangeLog,v 1.16 2008/11/10 20:20:10 millert Exp $ tags.
+
+2004-10-01 10:47 millert
+
+ * config.h.in: Add missing HAVE_LINUX_SYSTRACE_H
+
+2004-09-30 20:46 millert
+
+ * Makefile.in: add trace_systrace.o dependency
+
+2004-09-30 19:00 millert
+
+ * configure, configure.in: Also look for systrace.h in
+ /usr/include/linux
+
+2004-09-30 18:27 millert
+
+ * mon_systrace.c, mon_systrace.h: Move all struct defs and
+ prototypes into trace_systrace.h and mark all but
+ systace_attach() static.
+
+2004-09-30 18:14 millert
+
+ * mon_systrace.c, mon_systrace.h: Add support for tracing
+ emulations. At the moment, all emulations are compiled in. It
+ might make sense to #ifdef them in the future, though this
+ impeeds readability.
+
+2004-09-30 17:07 millert
+
+ * Makefile.in, configure.in, configure: rename systrace.c ->
+ trace_systrace.c
+
+2004-09-30 15:58 millert
+
+ * parse.yacc: Allow this to build with a K&R compiler again
+
+2004-09-30 13:58 millert
+
+ * TODO: sync
+
+2004-09-30 13:55 millert
+
+ * sudo.c, compat.h, visudo.c: Use __attribute__((__noreturn__))
+
+2004-09-30 13:44 millert
+
+ * visudo.c: Exit() takes a negative value to indicate it was not
+ called via signal.
+
+2004-09-30 13:25 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in: regen
+
+2004-09-30 13:22 millert
+
+ * Makefile.in, visudo.c: Define Err() and Errx() that are like
+ err() and errx() but call Exit() instead of exit(). Build
+ private copy of alloc.o for visudo that calls Err() and Errx().
+
+2004-09-29 15:22 millert
+
+ * lex.yy.c: regen
+
+2004-09-29 15:22 millert
+
+ * CHANGES: sync
+
+2004-09-29 14:41 millert
+
+ * visudo.c: Overhaul visudo for editing multiple files: o visudo
+ has been broken out into functions (more work needed here) o
+ each file is now edited before sudoers is re-parsed o if a
+ #include line is added that file will be edited too
+
+ TODO: o cleanup temp files when exiting via err() or errx() o
+ continue breaking things out into separate functions
+
+2004-09-29 14:36 millert
+
+ * parse.lex, sudo.c, sudo.h, testsudoers.c, visudo.c: Add keepopen
+ arg to open_sudoers that open_sudoers can use to indicate to the
+ caller that the fd should not be closed when it is done with it.
+ To be used by visudo to keep locked fds from being closed
+ prematurely (and thus losing the lock).
+
+2004-09-29 14:33 millert
+
+ * parse.yacc, sudo.c: Add errorfile global that contains the name
+ of the file that caused the error.
+
+2004-09-29 14:30 millert
+
+ * parse.lex: return COMMENT to yacc grammar for a #include line
+
+2004-09-29 14:29 millert
+
+ * parse.lex: Remove us of unput() in favor of yyless() which is
+ cheaper.
+
+2004-09-29 14:28 millert
+
+ * parse.yacc: Allow an empty sudoers file.
+
+2004-09-28 16:50 millert
+
+ * mon_systrace.c: Rewind sudoers_fp now that sudoers_lookup()
+ doesn't do it for us.
+
+2004-09-28 14:37 millert
+
+ * lex.yy.c: regen
+
+2004-09-28 14:36 millert
+
+ * visudo.c: Do signal setup before calling edit_sudoers(). Don't
+ shadow the "quiet" global.
+
+2004-09-28 14:33 millert
+
+ * visudo.c: If a sudoers file includes other files, edit those too.
+ Does not yes deal with creating the new includes files itself.
+
+2004-09-28 14:31 millert
+
+ * testsudoers.c: init_parser now takes a path
+
+2004-09-28 14:31 millert
+
+ * parse.c, parse.h, parse.lex, parse.yacc: More scaffolding for
+ dealing with multiple sudoers files: o init_parser() now takes a
+ path used to populate the sudoers global o the sudoers global is
+ used to print the correct file in yyerror() o when switching to
+ a new sudoers file, perserve old file name and line number
+
+2004-09-28 14:29 millert
+
+ * Makefile.in, pathnames.h.in: Kill _PATH_SUDOERS_TMP; it is not
+ meaningful now that we can have multiple sudoers files.
+
+2004-09-28 13:52 millert
+
+ * parse.c, sudo.c: Rewind sudoers_fp in open_sudoers() instead of
+ sudoers_lookup() so we start at the right file position when
+ reading include files.
+
+2004-09-27 21:04 millert
+
+ * sudoers.pod: document #include
+
+2004-09-27 20:47 millert
+
+ * lex.yy.c: regen
+
+2004-09-27 20:47 millert
+
+ * parse.lex: Add max depth of 128 for the include stack to avoid
+ loops.
+
+ Since yyerror() doesn't stop parsing, pass return values back to
+ yylex and call yyterminate() on error.
+
+2004-09-27 14:06 millert
+
+ * sudoers.pod: document tracing
+
+2004-09-27 14:05 millert
+
+ * sudo.pod: Mention PREVENTING SHELL ESCAPES section of sudoers man
+ page
+
+2004-09-27 12:08 millert
+
+ * lex.yy.c: regen
+
+2004-09-27 12:03 millert
+
+ * parse.lex: Add support for #include in sudoers (visudo support
+ TBD)
+
+2004-09-27 12:02 millert
+
+ * parse.yacc: make yyerror()'s argument const
+
+2004-09-27 12:02 millert
+
+ * testsudoers.c, visudo.c: Add open_sudoers() stubs.
+
+2004-09-27 12:01 millert
+
+ * sudo.c, sudo.h: Rename check_sudoers() open_sudoers() and make it
+ return a FILE *
+
+2004-09-26 12:35 millert
+
+ * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in,
+ version.h: Crank version
+
+2004-09-26 12:33 millert
+
+ * Makefile.in, sudo.psf: Better HP-UX depot construction
+
+2004-09-25 17:08 millert
+
+ * mon_systrace.c: o Made children global so check_exec() can lookup
+ a child. o Replaced uid in struct childinfo with struct passwd *
+ (for runas) o new_child() now takes a parent pid so the runas
+ info can be inherited o Added find_child() to lookup a child by
+ its pid o update_child() now fills in a struct passwd o Converted
+ the big if/else mess in set_policy to a switch o Syscalls that
+ change uid are now "ask" so we get SYSTR_MSG_UGID events
+
+2004-09-25 17:01 millert
+
+ * getspwuid.c: Add flag to sudo_pwdup that indicates whether or not
+ to lookup the shadow password. Will be used to a struct passwd
+ that has the shadow password already filled in.
+
+2004-09-25 16:58 millert
+
+ * mon_systrace.c: add missing increment of addr in read_string()
+
+2004-09-25 16:15 millert
+
+ * mon_systrace.c: Remove bogus call to update_child() and some
+ cosmetic fixes
+
+2004-09-25 16:11 millert
+
+ * mon_systrace.c: Don't leak /dev/systrace fd to tracee Make
+ initialized global for simplicity If STRIOCATTACH returns EBUSY
+ we are already being traced Check for user_args == NULL in
+ setproctitle() call Add missing calls to STRIOCANSWER
+
+2004-09-25 13:15 millert
+
+ * sudo.c: g/c sudo_pwdup proto
+
+2004-09-24 20:21 millert
+
+ * Makefile.in, sudo.psf: Add target for building a depot file
+
+2004-09-24 20:07 millert
+
+ * mon_systrace.c: trim includes
+
+2004-09-24 14:11 millert
+
+ * lex.yy.c, sudo.tab.h: regen
+
+2004-09-24 14:10 millert
+
+ * INSTALL: document --with-systrace
+
+2004-09-24 14:10 millert
+
+ * config.h.in, configure, configure.in: Add check for setproctitle
+
+2004-09-24 14:09 millert
+
+ * mon_systrace.c: pass struct str_msg_ask in to syscall checker so
+ it can set the error code
+
+2004-09-24 13:30 millert
+
+ * mon_systrace.c: systrace(4) support for sudo. On systems with
+ the systrace(4) kernel facility (OpenBSD, NetBSD, Linux w/
+ patches) sudo can intercept exec calls and check the exec args
+ against the sudoers file. In other words, sudo can now control
+ subcommands and shell escapes.
+
+2004-09-24 13:17 millert
+
+ * sudo.c, sudo.h: Call systrace_attach() if FLAG_TRACE is set.
+
+2004-09-24 13:15 millert
+
+ * parse.c, parse.h, parse.lex, parse.yacc, sudo.h: Add trace
+ Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE
+
+2004-09-24 13:13 millert
+
+ * parse.c, sudo.c: Don't close sudoers_fp, keep it open and set
+ close on exec flag instead.
+
+2004-09-24 13:11 millert
+
+ * def_data.c, def_data.h, def_data.in: Add trace option
+
+2004-09-23 20:24 millert
+
+ * Makefile.in: Add systrace
+
+2004-09-23 20:23 millert
+
+ * INSTALL: SunOS /bin/sh blows up with configure
+
+2004-09-23 20:23 millert
+
+ * configure, configure.in: Include sys/param.h before systrace.h
+
+2004-09-23 20:15 millert
+
+ * configure: regen
+
+2004-09-23 20:15 millert
+
+ * pathnames.h.in: _PATH_DEV_SYSTRACE
+
+2004-09-23 20:14 millert
+
+ * configure.in: line up options in --help
+
+2004-09-23 20:11 millert
+
+ * config.h.in, configure.in: Add --with-systrace
+
+2004-09-23 13:35 millert
+
+ * configure: regen
+
+2004-09-23 13:35 millert
+
+ * aclocal.m4, configure.in: make this work with autoconf-2.59
+
+2004-09-16 12:58 millert
+
+ * sudo_edit.c: Simplify logic around open & stat of files and do
+ sanity on edited file even if we lack fstat (still racable but
+ worth doing).
+
+2004-09-15 18:47 millert
+
+ * HISTORY: Add support url
+
+2004-09-15 16:11 millert
+
+ * Makefile.in: versino 1.6.8p1
+
+2004-09-15 15:20 millert
+
+ * CHANGES: more changes for 1.6.8p1
+
+2004-09-15 15:18 millert
+
+ * version.h: 1.6.8p1
+
+2004-09-15 12:16 millert
+
+ * CHANGES, sudo_edit.c: Add sanity check so we don't try to edit
+ something other than a regular file.
+
+2004-09-14 20:55 aaron
+
+ * CHANGES: sync
+
+2004-09-14 20:21 aaron
+
+ * INSTALL: document --with-ldap-conf-file
+
+2004-09-14 17:43 millert
+
+ * CHANGES, ins_csops.h: political correctness strikes again
+
+2004-09-14 15:09 millert
+
+ * RUNSON: sync
+
+2004-09-12 19:50 millert
+
+ * Makefile.binary.in, Makefile.in: Install sudoedit man link
+
+2004-09-12 14:25 millert
+
+ * INSTALL: Update PAM note and mention where HP-UX users can
+ download gcc binaries.
+
+2004-09-12 12:08 millert
+
+ * Makefile.in: libtool wants to install stuff from .libs so fake
+ one up for binary installations.
+
+2004-09-12 11:53 millert
+
+ * Makefile.binary.in: rm -f old sudoedit link instead of using ln
+ -f set LIBTOOL correctly
+
+2004-09-12 11:53 millert
+
+ * Makefile.in: Deal with "uname -m" having slashes in it rm -f old
+ sudoedit link instead of using ln -f
+
+2004-09-12 10:22 millert
+
+ * Makefile.binary, Makefile.binary.in: Makefile.binary ->
+ Makefile.binary.in for config.status substitution Add support for
+ installing noexec bits
+
+2004-09-12 10:21 millert
+
+ * Makefile.in: Copy noexec bits into binary dists too No longer use
+ my old arch script for making binary dists
+
+2004-09-12 09:36 millert
+
+ * Makefile.binary: Install sudoedit link.
+
+2004-09-11 12:25 millert
+
+ * emul/utime.h: avoid __P so there is no need for compat.h to be
+ included
+
+2004-09-11 12:24 millert
+
+ * utimes.c: Don't use HAVE_UTIME_H before including config.h.
+
+2004-09-10 12:31 millert
+
+ * compat.h: Fix Solatis futimes macro
+
+2004-09-09 11:02 millert
+
+ * sudo_edit.c: Rename ots -> omtim for improved readability.
+
+2004-09-08 14:38 millert
+
+ * sudo_edit.c: Redo changes in revision 1.7. Don't really need to
+ keep the temp file open; re-opening it with the invoking user's
+ euid is sufficient.
+
+2004-09-08 14:36 millert
+
+ * CHANGES: sync
+
+2004-09-08 14:35 millert
+
+ * sudo.cat, sudo.man.in: regen
+
+2004-09-08 14:34 millert
+
+ * sudo.pod: back out revision 1.70; it is no long applicable
+
+2004-09-08 11:57 millert
+
+ * env.c: Let the loader initialize nep
+
+2004-09-08 11:49 millert
+
+ * configure, configure.in, config.h.in: Removed unneed check for
+ fchown Add check for gettimeofday Move autoheader template stuff
+ into separate AH_TEMPLATE lines
+
+2004-09-08 11:48 millert
+
+ * check.c, compat.h, fileops.c, sudo.h, sudo_edit.c, visudo.c: Use
+ timespec throughout.
+
+2004-09-08 11:47 millert
+
+ * Makefile.in: gettime.[co]
+
+2004-09-08 11:47 millert
+
+ * gettime.c: function to return the current time in a struct
+ timespec
+
+2004-09-08 10:51 millert
+
+ * utimes.c: Not a darpa-sponsored file.
+
+2004-09-07 16:36 millert
+
+ * compat.h, config.h.in, configure, configure.in: Add a check for
+ struct timespec and provide it for those without.
+
+2004-09-07 15:56 millert
+
+ * config.h.in, configure, configure.in, sudo_edit.c: Add checks for
+ st_mtim and st_mtimespec and add macros for pulling the mtime sec
+ and nsec out of struct stat. These are used in sudo_edit() to
+ better tell whether or not the file has changed.
+
+2004-09-07 15:55 millert
+
+ * check.c, fileops.c, sudo.h, sudo_edit.c, visudo.c: Add an extra
+ param to touch() for nsec
+
+2004-09-07 14:06 millert
+
+ * sudo_edit.c: Call mkstemp() as the in invoking user so we don't
+ have to chown the file later. Only touch() the temp file if we
+ can do it via the file descriptor. Don't check for modification
+ of the temp file if we lack fstat(). Catch errors read()ing the
+ temp file.
+
+2004-09-07 14:04 millert
+
+ * fileops.c: If path is NULL and fd == -1 return -1.
+
+2004-09-07 13:31 millert
+
+ * sudo_edit.c: closefrom() is overkill, the only extra fds are the
+ ones we opened so just close those in the child.
+
+2004-09-07 13:14 millert
+
+ * Makefile.in, aclocal.m4, check.c, compat.h, config.h.in,
+ configure, configure.in, fileops.c, sudo.h, sudo_edit.c, utime.c,
+ utimes.c, visudo.c: Use utimes() and futimes() instead of utime()
+ in touch(), emulating as needed. Not all systems are able to
+ support setting the times of an fd so touch() takes both an fd
+ and a file name as arguments.
+
+2004-09-06 21:12 aaron
+
+ * env.c: Rare SEGV
+
+2004-09-06 16:46 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in: regen
+
+2004-09-06 16:45 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Add SUPPORT section and
+ re-order some of the sections to match the order we use in
+ OpenBSD.
+
+2004-09-06 15:05 aaron
+
+ * env.c: Openldap ~/.ldaprc fix
+
+2004-09-06 12:18 millert
+
+ * sudo.pod: Talk about how the editor must write its changes to the
+ original file and not just use rename(2).
+
+2004-09-06 12:12 millert
+
+ * CHANGES: sync
+
+2004-09-06 12:11 millert
+
+ * sudo_edit.c: Keep the temp file open instead of re-opening after
+ the editor has exited.
+
+2004-09-06 12:10 millert
+
+ * sample.pam: Update for current redhat/fedora core.
+
+2004-09-02 21:56 aaron
+
+ * README.LDAP: tls_ examples
+
+2004-09-02 00:03 aaron
+
+ * ldap.c: config tls_* options
+
+2004-08-29 11:39 millert
+
+ * configure, configure.in: No need for -lcrypt when using pam.
+
+2004-08-26 23:57 millert
+
+ * configure: regen
+
+2004-08-26 23:44 aaron
+
+ * configure.in, ldap.c, pathnames.h.in: Allow --with-ldap-conf-file
+ option to override LDAP_CONF
+
+2004-08-26 22:08 aaron
+
+ * ldap.c: cleanup debug message
+
+2004-08-26 19:29 aaron
+
+ * README.LDAP: more config info
+
+2004-08-24 14:01 millert
+
+ * TODO, find_path.c, goodpath.c, parse.c, sudo.c, sudo.h, visudo.c:
+ Add cmnd_base to struct sudo_user and set it in init_vars(). Add
+ cmnd_stat to struct sudo_user and set it in sudo_goodpath(). No
+ longer use gross statics in command_matches(). Also rename some
+ variables for improved clarity.
+
+2004-08-21 14:33 millert
+
+ * INSTALL: document HP's crippled compiler deficiency.
+
+2004-08-21 14:25 millert
+
+ * INSTALL: Fix some thinkos in --with-editor and --with-env-editor
+ descriptions. Noticed by Norihiko Murase.
+
+2004-08-21 14:20 millert
+
+ * configure, configure.in: --with-noexec takes an optional PATH
+ argument.
+
+2004-08-21 14:20 millert
+
+ * INSTALL: document --with-noexec
+
+2004-08-17 16:21 millert
+
+ * RUNSON, TODO: sync
+
+2004-08-17 15:11 millert
+
+ * sudo_edit.c: Better warning message when sudoedit is unable to
+ write to the destination file.
+
+2004-08-17 14:53 millert
+
+ * sudo.cat, sudo.man.in: regen
+
+2004-08-17 14:53 millert
+
+ * sudo.pod: Don't italicize the string "sudoedit"
+
+2004-08-16 18:45 millert
+
+ * HISTORY: Mention GratiSoft.
+
+2004-08-11 14:29 millert
+
+ * parse.yacc: Reset used_runas to FALSE when re-intializing the
+ parser.
+
+2004-08-09 19:04 millert
+
+ * config.guess: Correct OpenBSD mips support
+
+2004-08-09 17:28 millert
+
+ * config.guess: Add OpenBSD/mips
+
+2004-08-06 23:43 aaron
+
+ * README.LDAP: More behavior notes
+
+2004-08-06 23:36 aaron
+
+ * README.LDAP: Updates on current behavior
+
+2004-08-06 19:56 millert
+
+ * sudo.pod, sudoers.pod: =back does not take an indentlevel (makes
+ no difference to formatted files).
+
+2004-08-06 19:48 millert
+
+ * CHANGES: new
+
+2004-08-06 19:42 millert
+
+ * sudo.c: Consistency. Use same error for bad -u #uid when
+ targetpw is set as we do when a bad -u username is specified.
+
+2004-08-06 19:33 millert
+
+ * TODO: Add checksum idea from Steve Mancini
+
+2004-08-06 19:32 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
+
+2004-08-06 19:31 millert
+
+ * sudo.pod, sudoers.pod: Document the restriction on uids specified
+ via -u when targetpw is set.
+
+2004-08-06 19:24 millert
+
+ * sudo.c: Error out when targetpw is enabled and sudo is run with
+ -u #uid but #uid does not exist in the passwd database. We can't
+ do target authentication when the target is not in passwd!
+
+2004-08-05 21:16 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
+
+2004-08-05 21:14 millert
+
+ * TODO: Some more todo for the next release.
+
+2004-08-05 21:13 millert
+
+ * INSTALL: Make it clear that PAM should be used for DCE support
+ when possible.
+
+2004-08-05 21:13 millert
+
+ * sudoers.pod: o Document problems with wildcards and relative
+ paths. o Make the order requirements more prominent. o Change a
+ "set" to "reset" for clarity.
+
+2004-08-05 14:29 millert
+
+ * sudo.pod: Mention --with-secure-path, not SECURE_PATH.
+
+2004-08-02 22:34 aaron
+
+ * ldap.c: reflect changes to parse.c
+
+2004-08-02 14:44 millert
+
+ * parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c: Don't pass
+ user_cmnd and user_args to command_matches(), just use the
+ globals there. Since we keep state with statics anyway it is
+ misleading to pretend that passing in different cmnd and
+ cmnd_args will work.
+
+2004-08-02 14:40 millert
+
+ * parse.c: Fix a bug introduced in rev. 1.149. When checking for
+ pseudo-commands check for a '/' anywhere in cmnd, not just the
+ first character.
+
+2004-07-30 23:07 aaron
+
+ * sudo.man.in, sudo.pod: Clarification thanks to Olivier Blin
+ <oblin@mandrakesoft.com>
+
+2004-07-30 22:41 aaron
+
+ * sudoers.man.in, sudoers.pod: Add ignore_local_sudoers
+
+2004-07-30 22:06 aaron
+
+ * README.LDAP: Sun One schema definition by
+ Andreas.Bussjaeger@t-systems.com and janth@moldung.no
+
+2004-07-29 11:57 millert
+
+ * CHANGES: typo
+
+2004-07-23 16:44 millert
+
+ * CHANGES: sync
+
+2004-07-23 16:43 millert
+
+ * parse.c: Parse sudoers file as PERM_RUNAS not PERM_ROOT and
+ remove a useless PERM_SUDOERS. Restore to PERM_ROOT upon exit of
+ the parse.
+
+2004-07-08 10:20 millert
+
+ * CHANGES: PAM change
+
+2004-07-07 21:04 aaron
+
+ * ldap.c: Better debugging of ALL command
+
+2004-07-07 20:15 millert
+
+ * parse.c: When matching for "sudoedit" in sudoers check both the
+ command the user typed *and* the command that is listed in the
+ sudoers entry.
+
+2004-07-04 19:59 aaron
+
+ * ldap.c: Added !command feature
+
+2004-06-28 10:51 millert
+
+ * auth/pam.c: Use pam_acct_mgmt() to check for disabled accounts;
+ Brian Farrell
+
+2004-06-10 23:11 millert
+
+ * LICENSE: License is ISC-style, not BSD-style
+
+2004-06-10 20:58 millert
+
+ * CHANGES: sync
+
+2004-06-10 16:54 millert
+
+ * sudo.man.in, sudo.cat: regen
+
+2004-06-10 16:53 millert
+
+ * sudo.pod: o Update some out of date bits to reality o Change the
+ shell promt in examples to bourne-shell style o Clarify some
+ details o Add a CAVEAT about "sudo cd /foo"
+
+2004-06-10 16:19 millert
+
+ * check.c: Don't ask for a password if invoking user == target
+ user.
+
+2004-06-10 12:32 millert
+
+ * sudo.c: typo in comment
+
+2004-06-08 19:20 millert
+
+ * sudoers.man.in, sudoers.cat: regen
+
+2004-06-08 19:19 millert
+
+ * sudoers.pod: Expand on NOEXEC a little.
+
+2004-06-08 16:20 millert
+
+ * TODO: sync
+
+2004-06-08 15:58 millert
+
+ * visudo.man.in, visudo.cat: regen
+
+2004-06-08 15:55 millert
+
+ * CHANGES, parse.yacc, visudo.c, visudo.pod: Add a check in visudo
+ for runas_default being set after it has already been used.
+
+2004-06-08 13:53 millert
+
+ * parse.yacc: Add a MATCHED macro for testing whether foo_matches
+ has been set to TRUE or FALSE. This is more readable than
+ checking for >=0 or < 0. Doesn't change the actual code
+ generated.
+
+2004-06-06 20:11 millert
+
+ * sudoers.man.in, sudoers.cat: regen
+
+2004-06-06 20:07 millert
+
+ * sudoers, sudoers.pod: Correct description of where Defaults specs
+ should go.
+
+2004-06-06 20:02 millert
+
+ * find_path.c, ldap.c, logging.h, testsudoers.c, visudo.c,
+ auth/bsdauth.c, auth/kerb5.c, auth/pam.c: update (c) year
+
+2004-06-06 19:58 millert
+
+ * check.c, compat.h, defaults.c, env.c, find_path.c, getcwd.c,
+ ldap.c, logging.h, parse.c, parse.yacc, sudo.c, testsudoers.c,
+ tgetpass.c, visudo.c, auth/bsdauth.c, auth/kerb5.c, auth/pam.c:
+ Remove trailing spaces, no actual code changes.
+
+2004-06-06 16:22 millert
+
+ * parse.yacc: Fix a >=0 that should be <0 that was improperly
+ converted when UNSPEC was added.
+
+2004-06-06 15:54 millert
+
+ * parse.yacc: Add do {} while(0) around pop macro Set cmnd_matches
+ to UNSPEC, not NOMATCH when resetting it.
+
+2004-06-06 15:39 millert
+
+ * parse.yacc: Fix pastos introduced in SETNMATCH addition.
+
+2004-06-05 13:55 millert
+
+ * README.LDAP: Update for configure changes
+
+2004-06-05 13:42 millert
+
+ * parse.yacc, sudo.h: Add NOMATCH and UNSPEC defines (-1 and -2
+ respectively) and use these in parse.yacc. Also in parse.yacc
+ initialize the *_matches vars to UNSPEC and add two macros,
+ SETMATCH and SETNMATCH for use when setting *_matches to a value
+ that may be NOMATCH/UNSPEC/TRUE/FALSE.
+
+2004-06-05 11:17 millert
+
+ * parse.yacc: Initialize runas to -2, not -1 since we need to be
+ able to distinguish between the initialized value and the value
+ of a non-match when passing along the runas value to multiple
+ commands.
+
+ The result of this is that an unmatched runas is now set to -1,
+ not 0. This is required now that parse.c treats a FALSE value
+ for runas as being explicitly denied.
+
+2004-06-03 16:21 millert
+
+ * getprogname.c, sudo.c, visudo.c: Error out if argc < 1.
+
+2004-06-03 12:37 millert
+
+ * configure, configure.in: Add tests for what libs we need to link
+ with for ldap and for whether or not lber.h needs to be
+ explicitly included.
+
+2004-06-02 20:30 aaron
+
+ * ldap.c: Solaris native LDAP build fix
+
+2004-06-01 16:56 millert
+
+ * ldap.c: Set edn to NULL is ldap_get_dn() fails to avoid potential
+ use of an unset variable.
+
+2004-06-01 16:56 millert
+
+ * sudo.h: Add prototype for sudo_ldap_list_matches
+
+2004-06-01 16:53 millert
+
+ * compat.h, config.h.in, configure, configure.in: Better check for
+ dirfd macro--we now set HAVE_DIRFD for the macro version too.
+ Added check for dd_fd in `DIR' if no dirfd is found; this is now
+ used to confitionally define the dirfd macro in compat.h.
+
+2004-06-01 16:51 millert
+
+ * closefrom.c: Only check /proc/$$/fd if we have the dirfd
+ function/macro.
+
+2004-06-01 15:13 millert
+
+ * compat.h, config.h.in, configure, configure.in: Add a check for a
+ dirfd() function (like Linux) and add a dirfd macro in compat.h
+ if there is no dirfd() function or macro.
+
+2004-06-01 14:59 millert
+
+ * closefrom.c, getcwd.c: dirfd() is now defined in compat.h as
+ needed.
+
+2004-06-01 14:30 millert
+
+ * CHANGES: Clarify closefrom() note.
+
+2004-06-01 12:51 millert
+
+ * parse.c: When checking for a command in the directory, only copy
+ the base dir once.
+
+2004-06-01 12:44 millert
+
+ * closefrom.c: If there is a /proc/$$/fd directory, behave like the
+ Solaris closefrom() and only close the descriptors listed
+ therein.
+
+2004-06-01 12:23 millert
+
+ * alloc.c: compat.h guarantees INT_MAX is defined.
+
+2004-06-01 12:23 millert
+
+ * compat.h: Add definitions of OPEN_MAX and INT_MAX for those
+ without it and remove definition of RLIM_INFINITY (now unused).
+
+2004-05-31 21:22 millert
+
+ * CHANGES, alloc.c, check.c, compat.h, find_path.c, getcwd.c,
+ parse.c, sudo.c, sudo.h, visudo.c: Use PATH_MAX, not MAXPATHLEN
+ since the former is standardized.
+
+2004-05-31 19:18 millert
+
+ * CHANGES: sync
+
+2004-05-31 19:10 millert
+
+ * RUNSON: Add some entries that were mailed in a while ago
+
+2004-05-31 14:16 millert
+
+ * closefrom.c: o sysconf returns a long, not an int. o check for
+ negative return value from sysconf/getdtablesize and use
+ OPEN_MAX in this case. o define OPEN_MAX to 256 for those
+ without it (a fair guess...)
+
+2004-05-30 12:25 millert
+
+ * UPGRADE: Mention change in parse order for RunAs entries.
+
+2004-05-30 12:15 millert
+
+ * configure: regen
+
+2004-05-29 18:29 millert
+
+ * config.h.in, configure.in, INSTALL, README.LDAP: o --with-ldap
+ now takes an optional dir as a parameter
+ o added check for ldap_initialize() and start_tls_s()
+
+2004-05-29 14:54 millert
+
+ * README.LDAP: Fix some typos, word choice and formatting issues.
+
+2004-05-28 18:06 millert
+
+ * tgetpass.c: Use SA_INTERRUPT so SunOS works correctly, avoid
+ stdio and just use read/write as it is simpler.
+
+2004-05-28 16:27 millert
+
+ * configure, configure.in: Remove hack overriding cross-compiler
+ check. It should no longer be needed.
+
+2004-05-28 16:26 millert
+
+ * compat.h: Remove select() compat bits since we no longer use
+ select().
+
+2004-05-28 16:24 millert
+
+ * CHANGES, tgetpass.c: Use alarm() instead of select() for the
+ timeout for systems that don't fully/properly implement select().
+
+2004-05-27 19:14 millert
+
+ * CHANGES: synbc
+
+2004-05-27 19:12 millert
+
+ * RUNSON: update
+
+2004-05-27 19:12 millert
+
+ * set_perms.c: Deal with systems that have no way of setting the
+ effective uid such as nsr-tandem-nsk.
+
+2004-05-27 19:01 millert
+
+ * configure, configure.in: Define NO_SAVED_IDS if we don't find
+ seteuid()
+
+2004-05-27 18:21 millert
+
+ * config.h.in, configure, configure.in: Add back check for
+ setreuid() since NSK doesn't have it.
+
+2004-05-27 15:57 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2004-05-27 15:56 millert
+
+ * BUGS, CHANGES: sync
+
+2004-05-27 15:55 millert
+
+ * parse.c: In sudoers_lookup() return VALIDATE_NOT_OK if the runas
+ user was explicitly denied and the command matched. This fixes a
+ long-standing bug and makes: foo machine = (ALL)
+ /usr/bin/blah foo machine = (!bar) /usr/bin/blah
+
+ equivalent to: foo machine = (ALL, !bar) /usr/bin/blah
+
+2004-05-27 15:52 millert
+
+ * sudoers.pod: Clarify mail_noperm
+
+2004-05-19 21:25 aaron
+
+ * Makefile.in: Missing DESTDIR in make install for sudo_noexec.la
+
+2004-05-17 18:32 millert
+
+ * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
+ sudoers.cat, visudo.cat: regen
+
+2004-05-17 18:31 millert
+
+ * TODO: sync
+
+2004-05-17 18:31 millert
+
+ * sample.sudoers, sudoers.pod: Remove fastboot/fasthalt (who still
+ remembers these?) and add a minimal sudoedit example.
+
+2004-05-17 18:21 millert
+
+ * CHANGES, INSTALL, TROUBLESHOOTING, UPGRADE, sudo.c, visudo.c:
+ filesystem -> file system
+
+2004-05-17 18:19 millert
+
+ * sudo.pod, sudoers.pod: Fix some minor typos and formatting goofs
+
+2004-05-17 18:10 millert
+
+ * lex.yy.c: regen
+
+2004-05-17 17:57 millert
+
+ * visudo.pod: remove my email addr
+
+2004-05-17 17:55 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Use @mansectform@ and
+ @mansectsu@ everywhere Make man page references links with L<>
+
+2004-05-17 16:51 millert
+
+ * parse.lex: Accept quoted globbing characters and pass them
+ verbatim for fnmatch()
+
+2004-05-17 16:50 millert
+
+ * UPGRADE: Document that /tmp/.odus is gone.
+
+2004-05-17 16:28 millert
+
+ * CHANGES, aclocal.m4, configure, pathnames.h.in: No longer use
+ /tmp/.odus as a possible timestamp dir unless specifically
+ configured to do so. Instead, if no /var/run exists, use
+ /var/adm/sudo or /usr/adm/sudo.
+
+2004-05-17 16:08 millert
+
+ * check.c, compat.h, logging.c, set_perms.c, sudo.c, tgetpass.c,
+ visudo.c: Preliminary changes to support nsr-tandem-nsk. Based
+ on patches from Tom Bates.
+
+2004-05-16 18:47 millert
+
+ * CHANGES: There was no 1.6.7p6.
+
+2004-05-16 16:38 millert
+
+ * BUGS, CHANGES: sync
+
+2004-05-16 16:36 millert
+
+ * Makefile.in: add missing files to DISTFILES
+
+2004-05-16 16:23 millert
+
+ * sudoers.man.in, sudo.cat, sudoers.cat, visudo.cat: regen
+
+2004-05-16 16:20 millert
+
+ * Makefile.in: Fix some line wrap and update (c) year
+
+2004-04-28 15:05 aaron
+
+ * README.LDAP: Build Note
+
+2004-04-06 22:03 aaron
+
+ * Makefile.in: Fix install-dirs
+
+2004-04-04 20:27 millert
+
+ * visudo.c: In Exit() when used as a signal handler, emsg is a
+ pointer so sizeof() is wrong so make it a #define instead. Also
+ avoid using a negative exit value. Found by Aaron Campbell
+
+2004-03-24 18:23 millert
+
+ * sudoers.pod: Remove bogus sentence about uids in a User_List.
+ Document usernames vs. uid parsing in a Runas_List.
+
+2004-03-24 18:06 millert
+
+ * parse.c, parse.h, parse.yacc, sudo.c, testsudoers.c, visudo.c: If
+ the user specified a uid with the -u flag and the uid exists in
+ the passwd file, set runas_user to the name, not the uid.
+
+ When comparing usernames in sudoers, if a name is really a uid
+ (starts with '#') compare it numerically to pw_uid.
+
+2004-03-22 13:35 millert
+
+ * auth/kerb5.c: krb5_mcc_ops should be const; Johnny C. Lam
+
+2004-02-28 18:54 aaron
+
+ * CHANGES, config.h.in, ldap.c: Added start_tls support
+
+2004-02-14 18:04 millert
+
+ * Makefile.in: Clean up libtool stuff for 'make distclean' and add
+ def_data.c, def_data.h to PARSESRCS.
+
+2004-02-14 10:13 aaron
+
+ * strlcat.c, strlcpy.c: Un-Fix last license munge
+
+2004-02-13 16:37 millert
+
+ * CHANGES, RUNSON, TODO: checkpoint
+
+2004-02-13 16:37 millert
+
+ * lex.yy.c, configure: regen
+
+2004-02-13 16:36 millert
+
+ * LICENSE, Makefile.binary, Makefile.in, alloc.c, check.c,
+ closefrom.c, compat.h, defaults.c, defaults.h, env.c, fileops.c,
+ find_path.c, getprogname.c, getspwuid.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ interfaces.h, ldap.c, logging.c, logging.h, parse.c, parse.h,
+ parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c,
+ strerror.c, strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.man.in,
+ sudo.pod, sudo_edit.c, sudo_noexec.c, sudoers.man.in,
+ sudoers.pod, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c, visudo.man.in, visudo.pod, zero_bytes.c, auth/afs.c,
+ auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
+ auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
+ auth/rfc1938.c, auth/secureware.c, auth/securid.c,
+ auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h,
+ emul/search.h, emul/utime.h: More to a less restrictive,
+ ISC-style license.
+
+2004-02-12 21:08 aaron
+
+ * CHANGES, Makefile.in, README.LDAP, config.h.in, configure.in,
+ def_data.c, def_data.h, def_data.in, ldap.c, sudo.c, sudo.h,
+ sudoers2ldif: Merged in LDAP Support
+
+2004-02-08 15:53 millert
+
+ * sudo.h, sudo_noexec.c: Only do "extern int errno" if errno is not
+ a macro.
+
+2004-02-06 18:08 millert
+
+ * set_perms.c: setreuid(0, 0) fails on QNX if the euid is not
+ already 0 so set the euid first, then just call setuid(0) to set
+ the real uid too.
+
+2004-02-06 14:52 millert
+
+ * set_perms.c: Use setresuid() and setreuid() for PERM_RUNAS when
+ appropriate instead of seteuid() which may not exist.
+
+2004-02-04 14:58 millert
+
+ * LICENSE: 2004
+
+2004-02-03 23:38 millert
+
+ * INSTALL, config.h.in, configure, configure.in, ins_classic.h: Add
+ --with-pc-insults configure option
+
+2004-02-03 23:32 millert
+
+ * visudo.man.in: Prefer VISUAL over EDITOR like old vipw did.
+
+2004-02-01 15:45 millert
+
+ * sudo.man.in, sudoers.man.in: regen
+
+2004-02-01 15:44 millert
+
+ * sudoers.pod: Add a note that noexec is not a cure-all.
+
+2004-02-01 15:20 millert
+
+ * sudoers.pod: Mention that disabling "root_sudo" is pretty
+ pointless.
+
+2004-02-01 15:20 millert
+
+ * configure, configure.in: Substitute for root_sudo in sudoers.pod
+
+2004-02-01 15:03 millert
+
+ * sudo.pod: Add sudoedit to the NAME section
+
+2004-02-01 15:00 millert
+
+ * sudoers.pod: Document that fact that setting ignore_dot in
+ sudoers has no effect due to the fact that find_path() is called
+ *before* sudoers is read.
+
+2004-01-29 19:50 millert
+
+ * sudo_edit.c: Do not require _PATH_USRTMP to be set.
+
+2004-01-29 19:42 millert
+
+ * BUGS, CHANGES, TODO: sync
+
+2004-01-29 19:42 millert
+
+ * sudo.man.in: regen
+
+2004-01-29 19:41 millert
+
+ * sudo.pod: Clarify that when sudo is run by root with the
+ SUDO_USER variable set, the sudoers lookup happens for root and
+ not the SUDO_USER user.
+
+2004-01-29 17:33 millert
+
+ * defaults.c, env.c, fnmatch.c, interfaces.c, logging.c, parse.c,
+ set_perms.c, sigaction.c, sudo.c, tgetpass.c, auth/pam.c,
+ auth/sudo_auth.c: Use the SET, CLR and ISSET macros.
+
+2004-01-29 16:22 millert
+
+ * interfaces.h: MAIN was replaced with _SUDO_MAIN some time ago.
+
+2004-01-29 16:15 millert
+
+ * sudo.c: Don't look at prev_user until after we've parsed sudoers
+ and done the password check. That way, if sudo/sudoedit is run
+ from a root process that was invoked by sudo, we check sudoers
+ for root, not the previous user. This makes sudoedit much more
+ useful and means that for the sudo case, we get correct logging
+ on who actually ran the command.
+
+2004-01-22 19:22 millert
+
+ * sudo_edit.c: Add a comment describing why we need to be notified
+ about our child stopping.
+
+2004-01-22 16:06 millert
+
+ * def_data.c, def_data.in: Update the noexec variable descriptions
+
+2004-01-22 14:18 millert
+
+ * sudoers.man.in, sudoers.pod: noexec now replaces more than just
+ execve()
+
+2004-01-22 12:14 millert
+
+ * sudo_noexec.c: Alas, all the world does not go through execve(2).
+ Many systems still have an execv(2) system call, Linux 2.6
+ provides fexecve(2) and it is not uncommon for libc to have
+ underscore ('_') versions of the functions to be used internally
+ by the library. Instead of stubbing all these out by hand,
+ define a macro and let it do the work. Extra exec functions
+ pointed out by Reznic Valery.
+
+2004-01-21 21:57 millert
+
+ * sudo.c, sudo_edit.c: Fix suspending the editor in -e mode.
+ Because we do a fork() first we need to be notified when the
+ child has been stopped and then send that same signal to ourself
+ so the shell can do its job control thing.
+
+2004-01-21 21:44 millert
+
+ * visudo.c: Use WIFEXITED and WEXITSTATUS macros. If there are
+ systems out there that want to run sudo that still don't support
+ these we can try to deal with that later.
+
+2004-01-21 20:03 millert
+
+ * lex.yy.c: regen
+
+2004-01-21 20:00 millert
+
+ * sudo.man.in, sudo.pod, sudoers.man.in, sudoers.pod: Document sudo
+ -e / sudoedit
+
+2004-01-21 19:08 millert
+
+ * configure, configure.in: fix typo
+
+2004-01-21 19:02 millert
+
+ * config.h.in, configure.in: Add SET/CLR/ISSET
+
+2004-01-21 18:55 millert
+
+ * sudo.c: Allow non-exclusive flags when invoked as sudoedit.
+ Pretty print the long usage() line to not wrap (assumes 80 char
+ display)
+
+2004-01-21 18:01 millert
+
+ * Makefile.in, sudo.c: If sudo is invoked as "sudoedit" the -e flag
+ is implied and no other flags are permitted.
+
+2004-01-21 18:00 millert
+
+ * sudo.h: Add a new flag, -e, that makes it possible to give users
+ the ability to edit files with the editor of their choice as the
+ invoking user, not the runas user. Temporary files are used for
+ the actual edit and the temp file is copied over the original
+ after the editor is done.
+
+2004-01-21 17:25 millert
+
+ * Makefile.in, parse.c, parse.lex, sudo.c, sudo_edit.c: Add a new
+ flag, -e, that makes it possible to give users the ability to
+ edit files with the editor of their choice as the invoking user,
+ not the runas user. Temporary files are used for the actual edit
+ and the temp file is copied over the original after the editor is
+ done.
+
+2004-01-21 17:06 millert
+
+ * sudo.c, env.c: If real uid == 0 and the SUDO_USER environment
+ variables is set, use that to determine the invoking user's true
+ identity. That way the proper info gets logged by someone who
+ has done "sudo su" but still uses sudo to as root. We can't do
+ this for non-root users since that would open up a security hole,
+ though perhaps it would be acceptable to use getlogin(2) on OSes
+ where this a system call (and doesn't just look in the utmp
+ file).
+
+2004-01-21 16:58 millert
+
+ * pathnames.h.in: Add _PATH_TMP, _PATH_VARTMP and _PATH_USRTMP
+
+2004-01-21 16:57 millert
+
+ * configure, config.h.in, configure.in: Add check for fchown(2)
+
+2004-01-20 14:22 millert
+
+ * sudo.c: Back out portions of the -i commit that set NewArgv[0] in
+ set_runaspw. It is far to late to set NewArgv[0] there and will
+ have no effect anyway as cmnd and safe_cmnd have already been
+ set.
+
+2004-01-20 14:18 millert
+
+ * visudo.c, visudo.pod: Prefer VISUAL over EDITOR like old vipw
+ did.
+
+2004-01-18 20:17 millert
+
+ * env.c, sudo.c: In -i mode always set new environment based on the
+ runas user's passwd entry.
+
+2004-01-18 17:56 millert
+
+ * sudo.man.in, sudo.pod: Document the new -i flag and sync SYNOPSIS
+ section with usage() in sudo.c. Also sort the flags in the
+ OPTIONS section.
+
+2004-01-18 17:55 millert
+
+ * sudo.c, sudo.h: o Add -i that acts similar to "su -", based on
+ patches from David J. MacKenzie o Sort the flags in the usage
+ message
+
+2004-01-18 17:22 millert
+
+ * sudoers.man.in, sudoers.pod: Add a missing @runas_default@
+ substitution.
+
+2004-01-17 16:34 millert
+
+ * sudo.c: Change euid to runas user before calling find_path().
+ Unfortunately, though runas_user can be modified in sudoers we
+ haven't parsed sudoers yet.
+
+2004-01-17 16:25 millert
+
+ * sudoers.man.in, sudoers.pod: Add missing defintion of
+ Parameter_List and use single pipes in the Defaults EBNF
+ definition.
+
+2004-01-17 13:49 millert
+
+ * sudo.c: Fix a bug when set_runaspw() is used as a callback. We
+ don't want to reset the contents of runas_pw if the user
+ specified a user via the -u flag.
+
+ Avoid unnecessary passwd lookups in set_authpw(). In most cases
+ we already have the info in runas_pw.
+
+2004-01-16 18:16 millert
+
+ * check.c: Add Stan Lee / Uncle Ben quote to the lecture from
+ RedHat
+
+2004-01-16 18:12 millert
+
+ * sudo.h: Update sudo_getepw() proto and add one for set_runaspw()
+
+2004-01-16 18:10 millert
+
+ * parse.c: If we can't stat the command as root, try as the runas
+ user instead.
+
+2004-01-16 18:09 millert
+
+ * testsudoers.c, visudo.c: Add stub set_runaspw() function
+
+2004-01-16 18:09 millert
+
+ * sudo.c: Add set_runaspw() function to fill in runas_pw. This
+ will be used as a callback to update runas_pw when the runas user
+ changes.
+
+2004-01-16 18:07 millert
+
+ * env.c, sudo.c: PERM_RUNAS -> PERM_FULL_RUNAS
+
+2004-01-16 18:05 millert
+
+ * set_perms.c, sudo.h: Rename PERM_RUNAS -> PERM_FULL_RUNAS and add
+ a PERM_RUNAS that just changes the euid.
+
+2004-01-16 18:04 millert
+
+ * getspwuid.c: Make sudo_pwdup() act like OpenBSD pw_dup() and
+ allocate memory in one chunk for easy free()ing. Also change it
+ from static to extern.
+
+2004-01-16 18:03 millert
+
+ * defaults.c, defaults.h: Add callback support
+
+2004-01-16 18:02 millert
+
+ * def_data.c, def_data.in, mkdefaults: Add a callback field and use
+ it for runas_default
+
+2004-01-15 15:13 millert
+
+ * auth/fwtk.c: Add support for chalnecho and display server
+ responses used by fwtk >= 2.0
+
+2004-01-12 18:39 millert
+
+ * sudoers.man.in, sudoers.pod: ld.so is ld.so.1 on solaris
+
+2004-01-12 14:03 millert
+
+ * Makefile.in, config.h.in, configure, configure.in, sudo.c,
+ sudo.h: Use closefrom() instead of doing the equivalent inline.
+
+2004-01-12 13:55 millert
+
+ * closefrom.c: closefrom(3) for systems w/o it
+
+2004-01-09 16:29 millert
+
+ * sudoers.man.in: Update from .pod file.
+
+2004-01-09 16:26 millert
+
+ * configure, configure.in: Substitute noexec_file for the sudoers
+ man page
+
+2004-01-09 16:24 millert
+
+ * sudo.man.in, sudo.pod: Mention noexec
+
+2004-01-09 16:16 millert
+
+ * sudoers.man.in, sudoers.pod: Document noexec
+
+2004-01-09 14:38 millert
+
+ * config.h.in, configure.in, auth/pam.c: Move PAM_CONST macro
+ definition from config.h to pam.c where it belongs. We can't
+ have this in config.h since that gets included too early.
+
+2004-01-09 14:35 millert
+
+ * config.h.in, configure, configure.in, auth/pam.c: Some PAM
+ implementations put their headers in /usr/include/pam instead of
+ /usr/include/security.
+
+2004-01-09 14:32 millert
+
+ * configure.in: I missed changing the EXEC macro -> EXECV here when
+ I changed this in config.h.in and sudo.c a while ago.
+
+2004-01-09 13:15 millert
+
+ * acsite.m4: OpenBSD vax/m88k/hppa don't do shared libs
+
+2004-01-09 03:29 millert
+
+ * configure, configure.in: o merge the hpux case entries into a
+ single entry w/ its own sub-case statement. o HP-UX >= 11
+ support getspnam(), use it in preference to getprpwuid()
+
+2004-01-09 02:58 millert
+
+ * configure, configure.in: eval $shrext so that it expands nicely
+ on MacOS X
+
+2004-01-09 02:50 millert
+
+ * Makefile.in: Don't lie about making a module, it does the wrong
+ thing on mach
+
+2004-01-09 02:49 millert
+
+ * ltmain.sh: Remove requirement that libs must begin with "lib".
+ They don't when we point directly at the lib using LD_PRELOAD or
+ its equivalent.
+
+2004-01-09 02:01 millert
+
+ * acsite.m4: Disable support for c++, f77 and java. We don't need
+ it, it takes a lot of time, and it hosed our check for shared lib
+ support.
+
+2004-01-09 02:00 millert
+
+ * configure: regen
+
+2004-01-09 02:00 millert
+
+ * configure.in: Call AC_ENABLE_SHARED and check the status of
+ enable_shared to know when shared libs are available.
+
+2004-01-09 01:37 millert
+
+ * acsite.m4: Duh, OpenBSD suports shared libs too
+
+2004-01-09 01:18 millert
+
+ * configure.in, config.h.in: Only OpenPAM and Linux PAM use const
+ qualifiers.
+
+2004-01-09 01:15 millert
+
+ * configure, configure.in: o No need to check for sed, libtool
+ config does that for us o move check for --with-noexec until
+ after libtool magic is run so we can use $can_build_shared and
+ $shrext
+
+2004-01-09 01:14 millert
+
+ * ltmain.sh: Don't print a bunch of crap about library installs
+ since we are not really installing a library.
+
+2004-01-09 00:38 millert
+
+ * env.c: Make format_env() varargs Add noexec support for Darwin,
+ MacOS X, Irix, and Tru64
+
+2004-01-09 00:32 millert
+
+ * acsite.m4, ltconfig, ltmain.sh: Update to libtool 1.5 with local
+ changes: o no ldconfig in the finish step o assume no libprefix
+ or version is needed
+
+2004-01-09 00:15 millert
+
+ * sudo_noexec.c: Fix compilation under K&R
+
+2004-01-06 09:31 millert
+
+ * CHANGES: checkpoint
+
+2004-01-06 09:28 millert
+
+ * sudo_noexec.c: stub execve() that just returns EACCES; used for
+ noexec functionality
+
+2004-01-06 01:42 millert
+
+ * sudo.tab.h: Regen w/ updated byacc from OpenBSD; fixes a gcc 3.2
+ issue with generated code.
+
+2004-01-05 16:10 millert
+
+ * def_data.c, def_data.h, def_data.in: Move the environment
+ defaults to the end and shorten a few of the descriptions.
+
+2004-01-05 15:05 millert
+
+ * configure.in, configure: no shared libs on ultris or convexos
+
+2004-01-05 15:03 millert
+
+ * Makefile.in, configure, configure.in: Build sudo_noexec shared
+ object using libtool; could use some cleanup.
+
+2004-01-05 14:59 millert
+
+ * acsite.m4, ltconfig, ltmain.sh: libtool scaffolding
+
+2004-01-05 14:56 millert
+
+ * parse.yacc: Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so
+ that order is not important.
+
+2004-01-05 12:15 millert
+
+ * defaults.c, env.c, parse.c, parse.h, parse.lex, parse.yacc,
+ pathnames.h.in, sudo.c, sudo.h, lex.yy.c: update copyright year
+
+2004-01-04 22:58 millert
+
+ * configure, configure.in, defaults.c, env.c, pathnames.h.in: Add
+ _PATH_SUDO_NOEXEC and corresponding --with-noexec configure
+ option. The default value of noexec_file is set to this.
+
+2004-01-04 21:48 millert
+
+ * def_data.c, def_data.h, def_data.in, env.c, lex.yy.c, parse.c,
+ parse.h, parse.lex, parse.yacc, sudo.c, sudo.h, sudo.tab.h: Add
+ support for preloading a shared object containing a dummy
+ execve() function that just sets error and returns -1. This adds
+ a "noexec_file" option to load the filename as well as a "noexec"
+ flag to enable it unconditionally. There is also a NOEXEC tag
+ that can be attached to specific commands and an EXEC tag to
+ disable it.
+
+2004-01-04 21:40 millert
+
+ * mkdefaults: add missing newline to usage statement
+
+2004-01-04 20:39 millert
+
+ * config.h.in, sudo.c: Rename EXEC macro -> EXECV
+
+2004-01-04 20:16 millert
+
+ * logging.c: Don't truncate usernames to 8 characters in the log
+ message.
+
+2004-01-04 20:13 millert
+
+ * check.c, sudoers.man.in, sudoers.pod: Update copyright year
+
+2004-01-04 20:12 millert
+
+ * check.c, def_data.c, def_data.h, def_data.in, sudoers.man.in,
+ sudoers.pod: Add a new option, lecture_file, that can be used to
+ point to a custom sudo lecture.
+
+2003-12-31 17:46 millert
+
+ * Makefile.in, sudo.h, zero_bytes.c, auth/aix_auth.c,
+ auth/bsdauth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Add a
+ zero_bytes() function to do the equivalent of bzero in such a way
+ that will heopfully not be optimized away by sneaky compilers.
+
+2003-12-31 13:35 millert
+
+ * err.c: Use #ifdef __STDC__, not #if __STDC__.
+
+2003-12-30 17:41 millert
+
+ * mkdefaults: Always put at least one space between the def_* macro
+ name and its definition.
+
+2003-12-30 17:34 millert
+
+ * configure, configure.in: Adjust code for --without-lecture to
+ match new values.
+
+2003-12-30 17:33 millert
+
+ * visudo.man.in: regen after pasto fix
+
+2003-12-30 17:31 millert
+
+ * sudoers.man.in, sudoers.pod: Document that "lecture" has changed
+ from a flag to a tuple.
+
+2003-12-30 17:31 millert
+
+ * check.c, def_data.c, def_data.h, def_data.in, defaults.c,
+ defaults.h, logging.c, mkdefaults, parse.c, sudo.c, sudo.h: Add
+ support for tuples in def_data.in; these are implemented as an
+ enum type. Currently there is only a single tuple enum but in
+ the future we may have one tuple enum per T_TUPLE entry in
+ def_data.in. Currently listpw, verifypw and lecture are tuples.
+ This avoids the need to have two entries (one ival, one str) for
+ pwflags and syslog values.
+
+ lecture is now a tuple with the following values: never, once,
+ always
+
+ We no longer use both an int and string entry for syslog
+ facilities and priorities. Instead, there are logfac2str() and
+ logpri2str() functions that get used when we need to print the
+ string values.
+
+2003-12-30 17:20 millert
+
+ * check.c, def_data.h, defaults.c, defaults.h, env.c, find_path.c,
+ logging.c, mkdefaults, parse.c, parse.yacc, set_perms.c, sudo.c,
+ visudo.c, auth/aix_auth.c, auth/bsdauth.c, auth/fwtk.c,
+ auth/pam.c, auth/rfc1938.c, auth/securid5.c, auth/sia.c,
+ auth/sudo_auth.c: Create def_* macros for each defaults value so
+ we no longer need the def_{flag,ival,str,list,mode} macros (which
+ have been removed). This is a step toward more flexible data
+ types in def_data.in.
+
+2003-12-30 15:55 millert
+
+ * TODO: checkpoint
+
+2003-12-22 21:18 millert
+
+ * sudo.c: If we are in -k/-K mode, just spew to stderr. It is not
+ unusual for users to place "sudo -k" in a .logout file which can
+ cause sudo to be run during reboot after the YP/NIS/NIS+/LDAP/etc
+ daemon has died. Previously, this would result in useless mail
+ and logging.
+
+2003-12-16 13:51 millert
+
+ * visudo.pod: fix pasto in VISUAL description
+
+2003-12-09 22:09 millert
+
+ * configure: regen
+
+2003-12-09 22:08 millert
+
+ * CHANGES: checkpoint
+
+2003-12-09 22:02 millert
+
+ * TROUBLESHOOTING: Some OSes (like Solaris) allow export w/ nosuid
+ too
+
+2003-08-12 16:45 millert
+
+ * compat.h: We don't use FD_ZERO anymore so just define FD_SET (if
+ not already there).
+
+2003-06-28 21:31 millert
+
+ * auth/pam.c: Fix a core dump on Solaris by preserving the
+ pam_handle_t we used during authentication for pam_prep_user().
+ If we didn't authenticate (ie: ticket still valid), we call
+ pam_init() from pam_prep_user(). This is something of a hack; it
+ may be better to change the auth API and add an auth_final()
+ function that acts like pam_prep_user().
+
+2003-06-21 12:50 millert
+
+ * set_perms.c: Add explicit declaration of printerr variable in
+ function header (was defaulting to int which is OK but oh so K&R
+ :-). From Theo.
+
+2003-06-09 19:00 millert
+
+ * config.h.in, configure.in: s/HAVE_STOW/USE_STOW/
+
+2003-06-09 16:07 millert
+
+ * logging.c: Also exit waitpid() loop when pid == 0. Fixes a
+ problem where the sudo process would spin eating up CPU until
+ sendmail finished when it has to send mail.
+
+2003-05-30 16:22 millert
+
+ * fnmatch.3, fnmatch.c: Remove advertising clause, UCB has
+ disavowed it
+
+2003-05-21 21:53 millert
+
+ * parse.c: Don't assume that getgrnam() calls don't modify contents
+ of struct passwd returned by getpwnam(). On FreeBSD w/ NIS this
+ can happen. Based on a patch from Kirk Webb.
+
+2003-05-06 11:25 millert
+
+ * configure.in: missing ;;
+
+2003-05-06 00:53 millert
+
+ * configure.in: darwin has a broken setreuid() in at least some
+ versions
+
+2003-05-06 00:31 millert
+
+ * env.c: Fix an off by one error when reallocating the environment;
+ Kevin Pye
+
+2003-04-30 14:04 millert
+
+ * sudoers.pod: Fix User_Spec definition; SEKINE Tatsuo
+
+2003-04-28 19:30 millert
+
+ * HISTORY: More info on the early days from Coggs.
+
+2003-04-21 14:47 millert
+
+ * auth/kerb5.c: remove errant semicolon that prevented compilation
+ under heimdal
+
+2003-04-15 20:42 millert
+
+ * Makefile.in, alloc.c, check.c, compat.h, defaults.c, defaults.h,
+ env.c, fileops.c, find_path.c, getprogname.c, getspwuid.c,
+ goodpath.c, interfaces.c, interfaces.h, logging.c, parse.c,
+ parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c,
+ strerror.c, sudo.c, sudo.h, sudo.man.in, sudo.pod,
+ sudoers.man.in, sudoers.pod, testsudoers.c, tgetpass.c, utime.c,
+ version.h, visudo.c, visudo.man.in, visudo.pod, auth/afs.c,
+ auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
+ auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
+ auth/rfc1938.c, auth/secureware.c, auth/securid.c,
+ auth/securid5.c, auth/sia.c, auth/sudo_auth.c: add DARPA credit
+ on affected files
+
+2003-04-15 20:25 millert
+
+ * LICENSE: slightly different wording for the darpa credit
+
+2003-04-15 14:37 millert
+
+ * LICENSE: Add DARPA credit
+
+2003-04-14 16:49 millert
+
+ * auth/kerb5.c: Use krb5_princ_component() instead of
+ krb5_princ_realm() for MIT Kerberos like we did before I messed
+ things up ;-)
+
+ Use krb5_principal_get_comp_string() to do the same thing w/
+ Heimdal. I'm not sure if the component should be 0 or 1 in this
+ case.
+
+ #define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 for Heimdal since
+ older versions lack ENCTYPE_DES_CBC_MD5. This is gross and there
+ should be a configure check for this I guess.
+
+2003-04-13 15:48 millert
+
+ * TROUBLESHOOTING, config.h.in, configure, configure.in,
+ sample.sudoers: builtin -> built-in; Jason McIntyre
+
+2003-04-13 15:45 millert
+
+ * sudoers.pod: built in -> built-in; Jason McIntyre
+
+2003-04-09 16:14 millert
+
+ * CHANGES: checkpoint for 1.6.7p3
+
+2003-04-09 16:14 millert
+
+ * HISTORY: Update info on the early years @ SUNY-Buffalo from Cliff
+ Spencer. Amazingly, sudo source from 1985 is available via
+ groups.google.com
+
+2003-04-09 16:13 millert
+
+ * sudo.c: Don't change rl.rlim_max for RLIMIT_CORE. We need only
+ set rl.rlim_cur to 0 to turn off core dumps. This may be needed
+ for the RLIMIT_CORE restoration on some OSes.
+
+2003-04-04 12:46 millert
+
+ * auth/kerb5.c: Make this compile on Heimdal and MIT Kerberos 5
+
+2003-04-04 12:45 millert
+
+ * config.h.in, configure, configure.in: Check for heimdal even if
+ we found krb5-config and define HAVE_HEIMDAL.
+
+2003-04-03 22:04 millert
+
+ * auth/kerb5.c: Replace ETYPE_DES_CBC_MD5 with ENCTYPE_DES_CBC_MD5.
+ The former is no longer defined by MIT kerb5 (though it used to
+ be and indeed remains so in Heimdal).
+
+2003-04-03 10:16 millert
+
+ * mkinstalldirs: Remove newer stuff that passes multiple (possibly
+ duplicate) directories to "mkdir -p" since that seems to break on
+ Tru64 Unix at least. This basically brings back what shipped
+ with sudo 1.6.6.
+
+2003-04-02 13:57 millert
+
+ * auth/kerb5.c: Correct number of args to
+ krb5_principal_get_realm() and fix an unclosed comment that hid
+ the bug.
+
+2003-04-02 13:45 millert
+
+ * configure: regen
+
+2003-04-02 13:45 millert
+
+ * BUGS, CHANGES, INSTALL, INSTALL.binary, Makefile.in, README,
+ configure.in, version.h: ++version
+
+2003-04-02 13:44 millert
+
+ * configure.in: use krb5-config to determine Kerberos V details if
+ it exists
+
+2003-04-02 13:25 millert
+
+ * alloc.c, check.c, compat.h, defaults.c, env.c, find_path.c,
+ interfaces.c, logging.c, parse.c, sudo.c, sudo.h, testsudoers.c,
+ visudo.c, auth/fwtk.c, auth/rfc1938.c, auth/securid.c,
+ auth/securid5.c, auth/sia.c: Use warn/err and getprogname()
+ throughout. The main exception is openlog(). Since the admin
+ may be filtering logs based on the program name in the log files,
+ hard code this to "sudo".
+
+2003-04-02 13:16 millert
+
+ * Makefile.in: Add getprogname.c and err.c
+
+2003-04-02 13:15 millert
+
+ * configure: regen
+
+2003-04-02 13:15 millert
+
+ * configure.in, config.h.in: Add checks for getprognam(),
+ __progname and err.h
+
+2003-04-02 13:14 millert
+
+ * err.c, emul/err.h: For systems withour err/warn functions.
+
+2003-04-02 13:14 millert
+
+ * getprogname.c: For systems neither getprogname() nor __progname;
+ uses Argv[0].
+
+2003-04-01 10:09 millert
+
+ * CHANGES: checkpoint for 1.6.7p1
+
+2003-04-01 10:02 millert
+
+ * sudo.c, testsudoers.c: fix strlcpy() rval check (innocuous)
+
+2003-04-01 09:58 millert
+
+ * check.c: oflow detection in expand_prompt() was faulty (false
+ positives). The count was based on strlcat() return value which
+ includes the length of the entire string.
+
+2003-03-30 19:02 millert
+
+ * CHANGES, RUNSON, TODO: checkpoint for the sudo 1.6.7 release
+
+2003-03-24 16:09 millert
+
+ * logging.c: g/c unused variable
+
+2003-03-24 11:06 millert
+
+ * configure: regen
+
+2003-03-24 11:05 millert
+
+ * configure.in: use man sections 8 and 5 for csops
+
+2003-03-21 18:11 millert
+
+ * configure: regen
+
+2003-03-21 15:10 millert
+
+ * configure.in: Add -lskey or -lopie directly to SUDO_LIBS instead
+ of having AC_CHECK_LIB() add them to LIBS. Fixes visudo linkage.
+
+2003-03-21 14:02 millert
+
+ * configure: regen
+
+2003-03-21 14:01 millert
+
+ * INSTALL, aclocal.m4, configure.in: Add --with-blibpath for AIX.
+ An alternate libpath may be specified or -blibpath support can be
+ disabled. Also change conifgure such that -blibpath is not
+ specified if no -L libpaths were added to SUDO_LDFLAGS.
+
+2003-03-20 22:05 millert
+
+ * configure.in: add AIX blibpath support
+
+2003-03-20 20:28 millert
+
+ * INSTALL, configure.in: --with-skey and --with-opie now take an
+ option directory argument This obsoletes a --with-csops hack
+ (/tools/cs/skey)
+
+ Also remove the remaining direct uses of "echo"
+
+2003-03-20 17:44 millert
+
+ * configure.in: Detect KTH Kerberos IV and deal with it. Also make
+ -lroken optional for KTH Kerberos IV and V.
+
+2003-03-20 14:42 millert
+
+ * aclocal.m4: Add SUDO_APPEND_LIBPATH function that add
+ -L/path/to/dir (and -R/path/to/dir if $with_rpath) to the
+ specified variable.
+
+2003-03-20 14:40 millert
+
+ * INSTALL, configure.in: Add -R/path/to/libs for Solaris and SVR4.
+ There is a new configure option, --with-rpath to control this
+ behavior.
+
+2003-03-19 23:50 millert
+
+ * configure.in: for kerb4 put libdes after libkrb on the link line
+
+2003-03-19 23:49 millert
+
+ * auth/kerb4.c: typo
+
+2003-03-19 23:33 millert
+
+ * configure.in: fix kerberos lib check when a path is specified
+
+2003-03-19 21:04 millert
+
+ * logging.c: Fix boolean thinko in SIGCHLD reaper and call
+ reapchild after sending mail instead of doing a conditional
+ sudo_waitpid.
+
+2003-03-19 16:20 millert
+
+ * configure: regen
+
+2003-03-19 16:19 millert
+
+ * configure.in: replace =DIR with [=DIR] where sensible
+
+2003-03-19 16:16 millert
+
+ * configure.in: o Use AC_MSG_* instead of "echo" o New Kerberos
+ include/lib detection based on openssh's configure.in
+
+2003-03-19 15:58 millert
+
+ * INSTALL: --with-kerb4 and --with-kerb5 now take an optional
+ argument.
+
+2003-03-15 22:03 millert
+
+ * auth/securid.c: Kill remaining strcpy(), the programmer's guide
+ says username is 32 bytes.
+
+2003-03-15 21:18 millert
+
+ * auth/kerb4.c: trat uid_t as unsigned long for printf and use
+ snprintf, not sprintf
+
+2003-03-15 21:18 millert
+
+ * auth/rfc1938.c: use snprintf
+
+2003-03-15 15:37 millert
+
+ * auth/: afs.c, aix_auth.c, bsdauth.c, dce.c, fwtk.c, kerb4.c,
+ kerb5.c, pam.c, passwd.c, rfc1938.c, sudo_auth.c: update
+ copyright year
+
+2003-03-15 15:31 millert
+
+ * LICENSE, alloc.c, check.c, configure.in, env.c, sudo.c,
+ Makefile.in, aclocal.m4, compat.h, find_path.c, interfaces.c,
+ logging.c, parse.c, parse.lex, parse.yacc, set_perms.c, sudo.h,
+ sudo.pod, sudoers.pod, testsudoers.c, version.h, visudo.c,
+ visudo.pod, sudo.man.in, sudoers.man.in, visudo.man.in: update
+ copyright year
+
+2003-03-15 15:19 millert
+
+ * check.c, env.c, sudo.c: Cast [ug]ids to unsigned long and printf
+ with %lu
+
+2003-03-15 15:17 millert
+
+ * configure: regen
+
+2003-03-15 15:16 millert
+
+ * configure.in: correct error messages for
+ --with-sudoers-{mode,uid,gid}
+
+2003-03-15 15:10 millert
+
+ * alloc.c: make the malloc(0) error specific to each function to
+ aid tracking down bugs.
+
+2003-03-15 14:49 millert
+
+ * alloc.c: deal with platforms where size_t is signed and there is
+ no SIZE_MAX or SIZE_T_MAX
+
+2003-03-15 14:10 millert
+
+ * auth/kerb5.c: Make this compile w/ Heimdal and fix some gcc
+ warnings.
+
+2003-03-15 13:02 millert
+
+ * sudo.c: Use stat_sudoers macro so --with-stow can work
+
+2003-03-15 13:01 millert
+
+ * INSTALL, config.h.in, configure, configure.in: Add support for
+ --with-stow based on patches from Robert Uhl
+
+2003-03-15 12:51 millert
+
+ * env.c: fix indentation
+
+2003-03-15 00:21 millert
+
+ * configure.in: back out rev 1.352
+
+2003-03-14 20:11 millert
+
+ * lex.yy.c: regen
+
+2003-03-14 20:11 millert
+
+ * parse.lex: use strlcpy, not strncpy
+
+2003-03-14 19:48 millert
+
+ * set_perms.c: Fix typo; check pw_uid, not pw_gid after
+ setusercontext() failure.
+
+2003-03-14 19:43 millert
+
+ * logging.c: use pid_t
+
+2003-03-14 10:43 millert
+
+ * strlcat.c, strlcpy.c: Make gcc shutup about unused rcsid
+
+2003-03-14 10:35 millert
+
+ * interfaces.c: Move the n == 0 check for the non-getifaddrs cas
+
+2003-03-13 21:47 millert
+
+ * auth/rfc1938.c: skeychallenge() on NetBSD take a size parameter
+
+2003-03-13 21:38 millert
+
+ * configure: regen
+
+2003-03-13 21:38 millert
+
+ * configure.in: put -ldl after -lpam, not before; fixes static
+ linking on Linux
+
+2003-03-13 21:17 millert
+
+ * interfaces.c: Avoid malloc(0) and fix the loop invariant for the
+ getifaddrs() case.
+
+2003-03-13 20:24 millert
+
+ * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
+ sudoers.cat, visudo.cat: regen
+
+2003-03-13 20:23 millert
+
+ * Makefile.in: Preserve copyright notice from .pod file in .man.in
+ file
+
+2003-03-13 20:01 millert
+
+ * visudo.pod: Add sudoers(5) to SEE ALSO
+
+2003-03-13 15:27 millert
+
+ * lex.yy.c: regen
+
+2003-03-13 15:27 millert
+
+ * parse.lex: Don't assume libc can realloc() a NULL string. If
+ malloc/realloc fails, make sure we just return; yyerror() is not
+ terminal.
+
+2003-03-13 15:17 millert
+
+ * lex.yy.c: regen
+
+2003-03-13 15:17 millert
+
+ * parse.lex: simplify fill_args a little and use strlcpy for
+ paranoia
+
+2003-03-13 15:00 millert
+
+ * check.c, env.c, find_path.c, parse.c, parse.yacc, sudo.c,
+ testsudoers.c: Use strlc{at,py} for paranoia's sake and exit on
+ overflow. In all cases the strings were either pre-allocated to
+ the correct size of length checks were done before the copy but a
+ little paranoia can go a long way.
+
+2003-03-13 12:54 millert
+
+ * sudo.h: Add strlc{at,py} protos
+
+2003-03-13 12:03 millert
+
+ * env.c, interfaces.c: Use erealloc3()
+
+2003-03-13 12:00 millert
+
+ * configure: regen
+
+2003-03-13 12:00 millert
+
+ * alloc.c: Oflow test of nmemb > SIZE_MAX / size is fine (don't
+ need >=). Use memcpy() instead of strcpy() in estrdup() so this
+ is strcpy()-free.
+
+2003-03-13 11:58 millert
+
+ * sudo.c: snprintf() a uid as %lu, not %ld to match the
+ MAX_UID_T_LEN test in configure.
+
+2003-03-13 11:56 millert
+
+ * aclocal.m4: In MAX_UID_T_LEN test cast uid_t to unsigned long,
+ just unsigned.
+
+2003-03-12 18:46 millert
+
+ * sudo.c: Use snprintf() for paranoia
+
+2003-03-12 17:16 millert
+
+ * parse.yacc: Use emalloc2 and erealloc3
+
+2003-03-12 17:08 millert
+
+ * Makefile.in: strlc{at,py} for those w/o it
+
+2003-03-12 17:07 millert
+
+ * strlcat.c, strlcpy.c: stlc{at,py} for those w/o it.
+
+2003-03-12 17:07 millert
+
+ * config.h.in, configure, configure.in: Add stlc{at,py} for those
+ w/o it.
+
+2003-03-12 16:51 millert
+
+ * alloc.c, sudo.h: Add erealloc3(), a realloc() version of
+ emalloc2().
+
+2003-03-12 16:45 millert
+
+ * interfaces.c, sudo.c: Use emalloc2() to allocate N things of a
+ certain size.
+
+2003-03-12 16:41 millert
+
+ * alloc.c, sudo.h: Add emalloc2() -- like calloc() but w/o the
+ bzero and with error/oflow checking.
+
+2003-03-12 16:23 millert
+
+ * alloc.c: Error out on malloc(0); suggested by theo
+
+2003-03-09 19:34 millert
+
+ * configure, configure.in: fix a typo; David Krause
+
+2003-03-07 10:46 millert
+
+ * sudo.pod: fix typo
+
+2003-03-03 21:47 millert
+
+ * env.c: Remove DYLD_ from the environment for MacOS X; from bbraun
+
+2003-03-01 13:20 millert
+
+ * configure.in, config.h.in: not not; Anil Madhavapeddy
+
+2003-01-23 03:03 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: typos; jmc@openbsd.org
+
+2003-01-20 16:13 millert
+
+ * parse.yacc: Add some missing ';' rule terminators that bison
+ warns about.
+
+2003-01-20 16:07 millert
+
+ * config.sub: fix typo I introduced in last merge
+
+2003-01-20 15:59 millert
+
+ * configure: regenerate with autoconf 2.57
+
+2003-01-20 15:58 millert
+
+ * config.h.in: Add missing "$HOME"
+
+2003-01-20 15:57 millert
+
+ * configure.in: Add some more square backets to make autoconf 2.57
+ happy
+
+2003-01-20 14:39 millert
+
+ * config.guess, config.sub, mkinstalldirs: Updates from
+ autoconf-2.57
+
+2003-01-17 18:10 millert
+
+ * lex.yy.c, sudo.tab.h: regen
+
+2003-01-17 18:09 millert
+
+ * parse.lex, parse.yacc, sudoers.pod: Add support for
+ Defaults>RunasUser
+
+2003-01-06 19:10 millert
+
+ * visudo.c: fclose() yyin after each yyparse() is done and use
+ fopen() instead of using freopen().
+
+2003-01-06 19:02 millert
+
+ * parse.lex: Better fix for sudoers files w/o a newline before EOF.
+ It looks like the issue is that yyrestart() does not reset the
+ start condition to INITIAL which is an issue since we parse
+ sudoers multiple times.
+
+2003-01-06 18:47 millert
+
+ * parse.lex: Work around what appears to be a flex bug when dealing
+ with files that lack a final newline before EOF. This adds a
+ rule to match EOF in the non-initial states which resets the
+ state to INITIAL and throws an error.
+
+2003-01-06 15:06 millert
+
+ * visudo.c: o The parser needs sudoers to end with a newline but
+ some editors (emacs) may not add one. Check for a missing
+ newline at EOF and add one if needed. o Set quiet flag during
+ initial sudoers parse (to get options) o Move yyrestart() call
+ and always use freopen() to open yyin after initial sudoers
+ parse.
+
+2002-12-15 11:24 millert
+
+ * set_perms.c: Fix pasto/thinko in setresgid()/setregid() usage.
+ Want to set effective gid, not real gid, when reading sudoers.
+
+2002-12-15 11:08 millert
+
+ * set_perms.c: don't compile set_perms_posix if we have setreuid or
+ setresuid
+
+2002-12-14 14:21 millert
+
+ * sudo.pod, sudoers.pod: document new prompt escapes
+
+2002-12-14 14:15 millert
+
+ * check.c: Add %U and %H escapes and redo prompt rewriting. "%%"
+ now gets collapsed to "%" as was originally intended. This also
+ gets rid of lastchar (does lookahead instead of lookback) which
+ should simplify the logic slightly.
+
+2002-12-13 13:20 millert
+
+ * tgetpass.c: Write the prompt *after* turning off echo to avoid
+ some password characters being echoed on heavily-loaded machines
+ with fast typists.
+
+2002-12-13 13:09 millert
+
+ * config.sub: Add support for mipseb; wiz@danbala.tuwien.ac.at
+
+2002-12-13 12:48 millert
+
+ * configure.in: Fix IRIX fallout from name changes in man dir/sect
+ Makefile variables. Patch from erici AT motown DOT cc DOT utexas
+ DOT edu
+
+2002-12-13 11:33 millert
+
+ * auth/pam.c: Keep a local copy of tgetpass_flags so we don't add
+ in TGP_ECHO to the global copy. Problem noted by Peter Pentchev.
+
+2002-11-28 18:43 millert
+
+ * parse.yacc: Add missing yyerror() calls; YYERROR does not seem to
+ call this for us.
+
+2002-11-26 12:09 millert
+
+ * sudo.c: fix typo in comment; Pedro Bastos
+
+2002-11-22 14:41 millert
+
+ * INSTALL: document --disable-setresuid
+
+2002-11-22 14:41 millert
+
+ * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c:
+ Sprinkle some volatile qualifiers to prevent over-enthusiastic
+ optimizers from removing memset() calls.
+
+2002-11-22 14:11 millert
+
+ * logging.c, parse.yacc: minor sign fixes pointed out by gcc
+ -Wsign-compare
+
+2002-11-22 14:09 millert
+
+ * set_perms.c, sudo.c, sudo.h: Revamp set_perms. We now use a
+ version based on setresuid() or setreuid() when possible since
+ that allows us to support the stay_setuid option and we always
+ know exactly what the semantics will be (various Linux kernels
+ have broken POSIX saved uid support).
+
+2002-11-22 14:08 millert
+
+ * config.h.in, configure: regen from configure.in
+
+2002-11-22 14:07 millert
+
+ * configure.in: Add checks for setresuid() and a way to disable
+ using it
+
+2002-11-22 14:05 millert
+
+ * compat.h: No long need to emulate set*[ug]id() via setres[ug]id()
+ or setre[ug]id(). The new set_perms stuff only uses things it
+ knows are there.
+
+2002-11-22 13:33 millert
+
+ * sudo.c: Before exec, restore state of signal handlers to be the
+ same as when we were initialy invoked instead of just reseting to
+ SIG_DFL. Fixes a problem when using sudo with nohup. Based on a
+ patch from Paul Markham.
+
+2002-11-22 13:23 millert
+
+ * sudo.c: o timestamp_uid should be uid_t, not int o clarify error
+ message when sudo is run by root and no_root_sudo is set
+
+2002-09-19 17:27 millert
+
+ * README: update ftp link for bison
+
+2002-07-20 08:30 millert
+
+ * set_perms.c: Error out if setusercontext() fails and the runas
+ user is not root.
+
+2002-05-20 16:51 millert
+
+ * auth/securid5.c: Fix rcsid
+
+2002-05-20 16:50 millert
+
+ * configure.in: Fix SecurID API test
+
+2002-05-17 13:20 millert
+
+ * env.c: typo in comment
+
+2002-05-17 13:20 millert
+
+ * configure.in: securid5 stuff needs pthreads. Just adding
+ -lpthread is suboptimal but I don't see a better way at the
+ moment.
+
+2002-05-17 13:04 millert
+
+ * Makefile.in, auth/securid5.c: SecurID API version 5 support from
+ Michael Stroucken
+
+2002-05-17 13:02 millert
+
+ * configure.in: Add check for SecurID 5.0 API
+
+2002-05-08 16:46 millert
+
+ * strerror.c: We actually do still need config.h to get the 'const'
+ definition for K&R C.
+
+2002-05-05 16:43 millert
+
+ * configure: regen with autoconf 2.5.3
+
+2002-05-05 16:25 millert
+
+ * configure.in: Don't set sysconfdir to '/etc' if the user has
+ specified a --prefix.
+
+2002-05-05 16:14 millert
+
+ * configure.in: Some fixes for autoconf 2.53 from Robert Uhl o
+ don't AC_SUBST LIBOBJS o force a 4th arg for AC_CHECK_HEADER()
+ to workaround a bug
+
+2002-05-05 15:58 millert
+
+ * env.c, sudo.c, sudo.h: No need for dump_badenv() now that
+ dump_defaults() knows how to dump lists.
+
+2002-05-04 21:31 millert
+
+ * BUGS, INSTALL, Makefile.in, configure.in, version.h,
+ INSTALL.binary, README: ++version
+
+2002-05-04 20:57 millert
+
+ * sudoers.pod: document timestampowner
+
+2002-05-04 20:45 millert
+
+ * check.c: Don't call set_perms() when doing timestamp stuff unless
+ timestamp_uid != 0.
+
+2002-05-04 20:43 millert
+
+ * check.c, logging.c, parse.c, set_perms.c, sudo.c, sudo.h,
+ testsudoers.c, auth/sudo_auth.c: g/c second arg to set_perms--it
+ is no longer used
+
+2002-05-03 18:48 millert
+
+ * check.c, set_perms.c, sudo.c, sudo.h: Add support for non-root
+ timestamp dirs. This allows the timestamp dir to be shared via
+ NFS (though this is not recommended).
+
+2002-05-03 18:47 millert
+
+ * def_data.c, def_data.h, def_data.in: Add timestampowner, "Owner
+ of the authentication timestamp dir"
+
+2002-05-02 15:40 millert
+
+ * env.c: Don't try to pre-compute the size of the new envp, just
+ allocate space up front and realloc as needed. Changes to the
+ new env pointer must all be made through insert_env() which now
+ keeps track of spaced used and allocates as needed.
+
+2002-04-26 15:12 millert
+
+ * configure: regen
+
+2002-04-26 15:12 millert
+
+ * configure.in: Fix two typo/pastos; from jrj@purdue.edu
+
+2002-04-25 11:36 millert
+
+ * INSTALL.binary, README: ++version
+
+2002-04-25 11:35 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in, configure: regen
+
+2002-04-25 11:31 millert
+
+ * CHANGES, RUNSON, TODO: Sync with 1.6.6
+
+2002-04-25 11:30 millert
+
+ * check.c: The the loop used to expand %h and %u, the lastchar
+ variable was not being initialized. This means that if the last
+ char in the prompt is '%' and the first char is 'h' or 'u' a
+ extra copy of the host or user name would be copied, for which
+ space had not been allocated.
+
+2002-04-18 11:41 millert
+
+ * BUGS, INSTALL, Makefile.in, configure.in, version.h: crank
+ version to 1.6.6
+
+2002-04-18 11:39 millert
+
+ * auth/afs.c: #undef VOID to get rid of an AFS warning
+
+2002-04-18 11:38 millert
+
+ * env.c: Use easprintf instead of emalloc + sprintf for some
+ things.
+
+2002-03-15 19:45 millert
+
+ * lex.yy.c: regen
+
+2002-03-15 19:44 millert
+
+ * parse.c, parse.lex, parse.yacc, testsudoers.c: Remove Chris
+ Jepeway's email address so people don't bug him ;-)
+
+2002-03-11 22:19 millert
+
+ * sudo.c: Move endpwent() to be after set_perms(PERM_RUNAS, ...)
+ and also call endgrent() at the same time.
+
+2002-02-21 22:23 millert
+
+ * INSTALL: Make it clear which configure options take arguments.
+
+2002-01-25 13:38 millert
+
+ * compat.h: HP-UX 9.x has RLIMIT_* but no RLIM_INFINITY. If there
+ is no RLIM_INFINITY, just pretend it is -1. This works because
+ we only check for RLIM_INFINITY and do not set anything to that
+ value.
+
+2002-01-22 11:43 millert
+
+ * auth/pam.c: Zero and free allocated memory when there is a
+ conversation error.
+
+2002-01-21 22:37 millert
+
+ * auth/bsdauth.c: Use sigaction() not signal()
+
+2002-01-21 22:26 millert
+
+ * INSTALL: Mention that some linux kernels have broken POSIX saved
+ ID support
+
+2002-01-21 21:03 millert
+
+ * CHANGES: checkpoint for 1.6.5p2
+
+2002-01-21 21:01 millert
+
+ * configure: regen
+
+2002-01-21 21:01 millert
+
+ * configure.in: Add --disable-setreuid flag
+
+2002-01-21 21:00 millert
+
+ * INSTALL: Document new --disable-setreuid option and change
+ description for --disable-saved-ids to match new error message.
+
+2002-01-21 21:00 millert
+
+ * set_perms.c: fatal() now takes an argument that determines
+ whether or not to call perror().
+
+2002-01-21 20:58 millert
+
+ * PORTING, TROUBLESHOOTING: Update for new error messages from
+ set_perms()
+
+2002-01-21 17:46 millert
+
+ * auth/pam.c: Make this compile w/o warnings
+
+2002-01-21 17:36 millert
+
+ * auth/pam.c: Mention that we can't use pam_acct_mgmt()
+
+2002-01-21 17:25 millert
+
+ * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c: The user's password
+ was not zeroed after use when AIX authentication, BSD
+ authentication, FWTK or PAM was in use.
+
+2002-01-20 14:21 millert
+
+ * auth/pam.c: Avoid giving PAM a NULL password response, use the
+ empty string instead. This avoids a log warning when the user
+ hits ^C at the password prompt when PAM is in use.
+
+2002-01-19 19:46 millert
+
+ * auth/pam.c: Don't check the return value of pam_setcred(). In
+ Linux-PAM 0.75 pam_setcred() returns the last saved return code,
+ not the return code for the setcred module. Because we haven't
+ called pam_authenticate(), this is not set and so pam_setcred()
+ returns PAM_PERM_DENIED.
+
+2002-01-19 19:43 millert
+
+ * Makefile.binary, Makefile.in: Don't need a '/' between $(DESTDIR)
+ and a directory.
+
+2002-01-18 14:18 millert
+
+ * configure: regen
+
+2002-01-18 14:18 millert
+
+ * configure.in: o BSDi also has a bogus setreuid() o Old FreeBSD
+ has a bogus setreuid() o new NetBSD has a real setreuid() o add
+ check for freeifaddrs() if getifaddrs() exists.
+
+2002-01-18 14:17 millert
+
+ * config.h.in, interfaces.c: Older BSDi releases lack freeifaddrs()
+ so add a test for that and if it is not present just use free().
+
+2002-01-17 11:30 millert
+
+ * CHANGES, RUNSON: Checkpoint for 1.6.5p1
+
+2002-01-17 10:56 millert
+
+ * auth/passwd.c: Return AUTH_FAILURE in passwd_init() if
+ skeyaccess() denies access to normal passwords, not AUTH_FATAL
+ (which just causes an exit).
+
+2002-01-17 10:35 millert
+
+ * visudo.c: Don't use memory after it has been freed.
+
+2002-01-17 00:24 millert
+
+ * auth/passwd.c: skeyaccess() wants a struct passwd * not a char *;
+ Patch from Phillip E. Lobbes
+
+2002-01-16 20:00 millert
+
+ * BUGS: ++version
+
+2002-01-16 19:53 millert
+
+ * CHANGES, RUNSON, TODO: checkpoint for sudo 1.6.5
+
+2002-01-16 18:37 millert
+
+ * configure: regen
+
+2002-01-16 18:37 millert
+
+ * INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
+ version 1.6.5
+
+2002-01-16 18:37 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in: sudo version 1.6.5
+
+2002-01-16 16:28 millert
+
+ * logging.c: o when invoking the mailer as root use a hard-coded
+ environment that doesn't include any info from the user's
+ environment. Basically paranoia.
+
+ o Add support for the NO_ROOT_MAILER compile-time option and run
+ the mailer as the user and not root if NO_ROOT_MAILER is
+ defined.
+
+2002-01-16 16:27 millert
+
+ * set_perms.c, sudo.h: Bring back PERM_FULL_USER
+
+2002-01-16 16:26 millert
+
+ * configure: regen
+
+2002-01-16 16:26 millert
+
+ * version.h: version 1.6.5
+
+2002-01-16 16:26 millert
+
+ * INSTALL, config.h.in, configure.in: Add --disable-root-mailer
+ option to run the mailer as the user and not root.
+
+2002-01-16 12:44 millert
+
+ * CHANGES: checkpoint for 1.6.4p2
+
+2002-01-15 19:22 millert
+
+ * PORTING: Mention the "seteuid(0): Operation not permitted"
+ problem here too just for good measure.
+
+2002-01-15 18:43 millert
+
+ * env.c, getspwuid.c, sudo.c: The SHELL environment variable was
+ preserved from the user's environment instead of being reset
+ based on the passwd database when the "env_reset" option was
+ used. Now it is reset as it should be.
+
+2002-01-15 17:47 millert
+
+ * configure: regen
+
+2002-01-15 17:47 millert
+
+ * INSTALL, TROUBLESHOOTING, config.h.in, configure.in, set_perms.c,
+ sudo.c: Add a configure option to turn off use of POSIX saved IDs
+
+2002-01-15 15:48 millert
+
+ * configure: regen
+
+2002-01-15 15:48 millert
+
+ * configure.in: add --with-efence option
+
+2002-01-15 15:39 millert
+
+ * sudo.c: Only OR in MODE_RESET_HOME if MODE_RUN is set. Fixes a
+ problem where "sudo -l" would not work if always_set_home was
+ set.
+
+2002-01-15 13:16 millert
+
+ * lex.yy.c: regen
+
+2002-01-15 13:16 millert
+
+ * parse.lex: Quoted commas were not being treated correctly in
+ command line arguments.
+
+2002-01-14 20:53 millert
+
+ * sudo.c: o Move the call to rebuild_env() until after
+ MODE_RESET_HOME is set. Otherwise, the set_home option has no
+ effect.
+
+ o Fix use of freed memory when the "fqdn" flag is set. This was
+ introduced by the fix for the "segv when gethostbynam() fails"
+ bug. Also, we no longer call set_fqdn() if the "fqdn" flag is
+ not set so there is no need to check the "fqdn" flag in
+ set_fqdn() itself.
+
+2002-01-14 20:45 millert
+
+ * env.c: Add 'continue' statements to optimize the switch
+ statement. From Solar.
+
+2002-01-13 13:42 millert
+
+ * sudoers.cat, sudoers.man.in: Regen from new sudoers.pod
+
+2002-01-13 13:36 millert
+
+ * sudoers.pod: Add caveat about stay_setuid flag
+
+2002-01-13 13:29 millert
+
+ * sudo.c: If set_perms == set_perms_posix and the stay_setuid flag
+ is not set, set all uids to 0 and use set_perms_fallback().
+
+2002-01-13 13:28 millert
+
+ * set_perms.c, sudo.h: Remove PERM_FULL_USER (which is no longer
+ used) and add PERM_FULL_ROOT (used when exec'ing the mailer).
+
+2002-01-13 13:27 millert
+
+ * logging.c: Use set_perms(PERM_FULL_ROOT, 0) before exec'ing the
+ mailer since we never want to run the mailer setuid.
+
+2002-01-12 17:55 millert
+
+ * sudo.cat, sudo.man.in, sudo.pod, visudo.cat, visudo.man.in,
+ visudo.pod: Use sudo.ws instead of courtesan.com in URLs
+
+2002-01-12 14:00 millert
+
+ * Makefile.in, Makefile.binary: Fix mansect substitution
+
+2002-01-12 13:15 millert
+
+ * Makefile.in: Substitute man sections in Makefile.binary
+
+2002-01-12 13:15 millert
+
+ * Makefile.binary: Sync install targets with Makefile.in and
+ substitute in man sections.
+
+2002-01-12 13:09 millert
+
+ * INSTALL, INSTALL.binary: version is 1.6.4
+
+2002-01-12 12:59 millert
+
+ * Makefile.in: Repair bindist target
+
+2002-01-12 11:43 millert
+
+ * CHANGES: sync for 1.6.4
+
+2002-01-10 13:00 millert
+
+ * install-sh: Fix case where neither whoami nor id are found
+
+2002-01-09 12:35 millert
+
+ * install-sh: If neither whoami nor id exists, just assume we are
+ root.
+
+2002-01-09 11:56 millert
+
+ * alloc.c: Add explicit cast to (VOID *) on malloc/realloc. Seems
+ to be needed on AIX which for some reason isn't pulling in the
+ malloc prototype.
+
+2002-01-08 10:00 millert
+
+ * Makefile.in, aclocal.m4, compat.h, parse.c, sudo.c: (c) 2002
+
+2002-01-08 09:21 millert
+
+ * CHANGES: checkpoint
+
+2002-01-08 09:20 millert
+
+ * sudo.c: Defer assigning new environment until right before the
+ exec.
+
+2002-01-08 09:08 millert
+
+ * parse.c: kill extra blank line
+
+2002-01-07 13:59 millert
+
+ * configure: regen
+
+2002-01-07 13:59 millert
+
+ * configure.in: Use -O not -O2 for m88k-motorola-sysv* since
+ motorola gcc-derived compiler doesn't recognise -O2.
+
+2002-01-06 23:02 millert
+
+ * HISTORY: Clarify origins of Root Group sudo a bit based on info
+ from billp@rootgroup.com
+
+2002-01-02 22:41 millert
+
+ * LICENSE: 2002
+
+2002-01-02 22:26 millert
+
+ * CHANGES: checkpoint for 1.6.4rc1
+
+2002-01-02 17:40 millert
+
+ * config.h.in: now generated via autoheader
+
+2002-01-02 17:40 millert
+
+ * configure: regen
+
+2002-01-02 17:37 millert
+
+ * compat.h: Move in some stuff that was previously in config.h.
+
+2002-01-02 17:36 millert
+
+ * configure.in, aclocal.m4: Add info for autoheader.
+
+2002-01-01 16:53 millert
+
+ * Makefile.in: o Add DESTDIR support
+ o Use -M, -O, and -G instead of -m, -o, and -g to facilitate
+ non-root installs
+
+2002-01-01 16:48 millert
+
+ * install-sh: Add -M option (like -m but only for root) If we can't
+ find "whoami", use "id" w/ some sed.
+
+2002-01-01 14:01 millert
+
+ * configure: regen
+
+2002-01-01 14:00 millert
+
+ * configure.in: allow user to always override mansectsu and
+ mansectform
+
+2001-12-31 17:05 millert
+
+ * mkinstalldirs: update from autoconf 2.52
+
+2001-12-31 17:03 millert
+
+ * config.guess, config.sub: Update from autoconf 2.52
+
+2001-12-31 16:57 millert
+
+ * configure: regen with autoconf 2.52
+
+2001-12-31 16:57 millert
+
+ * configure.in: o Call AC_PROG_CC_STDC to find out how to run the
+ compiler in ANSI mode
+ o Remove compiler-specific checks for HP-UX now that we use
+ AC_PROG_CC_STDC
+
+2001-12-31 12:19 millert
+
+ * RUNSON: Checkpoint
+
+2001-12-31 12:18 millert
+
+ * auth/pam.c: o Add pam_prep_user function to call pam_setcred()
+ for the target user; on Linux this often sets resource limits.
+ o When calling pam_end(), try to convert the auth->result to a
+ PAM_FOO value. This is a hack--we really need to stash the
+ last PAM_FOO value received and use that instead.
+
+2001-12-31 12:18 millert
+
+ * set_perms.c, sudo.h: o Add pam_prep_user function to call
+ pam_setcred() for the target user; on Linux this often sets
+ resource limits.
+
+2001-12-31 00:53 millert
+
+ * env.c: Fix off by one error in number of bytes allocated via
+ malloc (does not affected any released version of sudo).
+
+2001-12-30 17:12 millert
+
+ * lex.yy.c: regen
+
+2001-12-30 17:12 millert
+
+ * parse.lex: Allow '@', '(', ')', ':' in arguments to a defaults
+ variable w/o requiring that they be quoted.
+
+2001-12-30 14:26 millert
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod: Mention that no double
+ quotes are needed when adding/deleting/assigning a single value
+ to a list.
+
+2001-12-30 13:58 millert
+
+ * Makefile.in: Don't rely on mkdefaults being executable, call perl
+ explicitly.
+
+2001-12-30 13:41 millert
+
+ * parse.yacc: Remove some XXX that are no longer relevant.
+
+2001-12-30 13:40 millert
+
+ * defaults.c: o Roll our own loop instead of using strpbrk() for
+ better grokability o When adding to a list we must malloc() and
+ use memcpy(), not strdup() since we must only copy len bytes
+ from str.
+
+2001-12-21 16:49 millert
+
+ * parse.yacc: typo in comment
+
+2001-12-19 11:50 millert
+
+ * CHANGES: checkpoint
+
+2001-12-19 10:56 millert
+
+ * configure: regen
+
+2001-12-19 10:56 millert
+
+ * configure.in: avoid the -g flag unless --with-devel was specified
+
+2001-12-19 10:04 millert
+
+ * Makefile.in: mkdefaults, def_data.in and sigaction.c were missing
+ from the tarball
+
+2001-12-19 09:46 millert
+
+ * Makefile.in: def_data.c was missing
+
+2001-12-18 12:42 millert
+
+ * env.c: Fix setting of $USER and $LOGNAME in the non-reset_env
+ case. Also allow HOME, SHELL, LOGNAME, and USER to be specified
+ in keep_env
+
+2001-12-17 20:48 millert
+
+ * TODO: Another TODO item
+
+2001-12-17 19:50 millert
+
+ * sudoers: Add comment for Default section so folks know where it
+ should go.
+
+2001-12-17 18:56 millert
+
+ * tgetpass.c: Use TCSETAF, not TCSETA to set terminal in termio
+ case
+
+2001-12-17 18:35 millert
+
+ * sudoers.man.in, sudoers.cat: regen from sudoers.pod
+
+2001-12-17 18:33 millert
+
+ * sudoers.pod: o Typo, Runas_User_List should be Runas_List
+ o a User_List can not contain a uid
+ o mention that the Defaults section should come after Alias
+ definitions but before the user specifications
+
+2001-12-15 11:51 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2001-12-15 11:51 millert
+
+ * sudoers.pod: Fix listpw and verifypw sections, they were not
+ being formatted properly.
+
+2001-12-15 11:39 millert
+
+ * sudoers.cat, sudoers.man.in: regen
+
+2001-12-15 11:38 millert
+
+ * sudoers.pod: fix typos
+
+2001-12-15 10:57 millert
+
+ * configure: regen
+
+2001-12-15 10:57 millert
+
+ * configure.in, config.h.in: use AC_SYS_POSIX_TERMIOS instead of
+ rolling our own
+
+2001-12-15 10:33 millert
+
+ * README: Reference sudo.ws not courtesan.com
+
+2001-12-15 10:29 millert
+
+ * PORTING: Add notes on shadow passwords
+
+2001-12-15 00:48 millert
+
+ * BUGS: In list mode (sudo -l), characters escaped with a backslash
+ are shown verbatim with the backslash.
+
+2001-12-15 00:44 millert
+
+ * sudoers: Add simple examples from OpenBSD (Marc Espie)
+
+2001-12-15 00:40 millert
+
+ * tgetpass.c: Catch SIGTTIN and SIGTTOU too and treat them like
+ SIGTSTP.
+
+2001-12-14 21:53 millert
+
+ * CHANGES: minor prettyification
+
+2001-12-14 21:43 millert
+
+ * CHANGES: Updated change log
+
+2001-12-14 21:27 millert
+
+ * testsudoers.c: Fix CIDR handling here too.
+
+2001-12-14 21:21 millert
+
+ * auth/pam.c: Apparently a NULL response is OK
+
+2001-12-14 21:19 millert
+
+ * TODO: Checkpoint for upcoming beta release
+
+2001-12-14 21:17 millert
+
+ * TROUBLESHOOTING: Many people believe that adding a runas spec
+ should obviate the need for the -u flag. It does not.
+
+2001-12-14 21:11 millert
+
+ * RUNSON: checkpoint update for upcoming 1.6.4 beta
+
+2001-12-14 20:44 millert
+
+ * config.h.in: o Add HAVE_STDLIB_H and HAVE_MEMORY_H o Define
+ HAVE_STRINGS_H even if HAVE_STRING_H is defined -- this is safe
+ now
+
+2001-12-14 20:07 millert
+
+ * PORTING: Add signals section
+
+2001-12-14 20:00 millert
+
+ * configure: regen
+
+2001-12-14 20:00 millert
+
+ * configure.in: Fix check for sigaction_t
+
+2001-12-14 19:45 millert
+
+ * sudo.c: XXX - should call find_path() as runas user, not root.
+ Can't do that until the parser changes though.
+
+2001-12-14 19:38 millert
+
+ * sudo.c: If find_path() fails as root, try again as the invoking
+ user (useful for NFS). Idea from Chip Capelik.
+
+2001-12-14 19:28 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: Regenerate
+ after pod file changes
+
+2001-12-14 19:24 millert
+
+ * def_data.c, def_data.h, def_data.in, set_perms.c, sudo.c, sudo.h,
+ sudo.pod, sudoers.pod: Add new sudoers option "preserve_groups".
+ Previously sudo would not call initgroups() if the target user
+ was root. Now it always calls initgroups() unless the -P command
+ line option or the "preserve_groups" sudoers option is set. Idea
+ from TJ Saunders.
+
+2001-12-14 18:38 millert
+
+ * compat.h, config.h.in: Use new HAVE_SIGACTION_T define
+
+2001-12-14 18:33 millert
+
+ * logging.c: Fix compilation on K&C
+
+2001-12-14 18:14 millert
+
+ * configure: regen
+
+2001-12-14 18:14 millert
+
+ * configure.in: Add check for sigaction_t -- IRIX already defines
+ this so don't redefine it.
+
+2001-12-14 17:15 millert
+
+ * snprintf.c: fix typo
+
+2001-12-14 17:12 millert
+
+ * interfaces.c: need stdlib.h here too
+
+2001-12-14 15:31 millert
+
+ * configure: regen
+
+2001-12-14 15:31 millert
+
+ * configure.in: Remove redundant checks for string.h, strings.h and
+ unistd.h
+
+2001-12-14 15:29 millert
+
+ * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
+ visudo.man.in: Regen from pod files
+
+2001-12-14 15:03 millert
+
+ * BUGS: Update for 1.6.4
+
+2001-12-14 14:59 millert
+
+ * configure, lex.yy.c: regen
+
+2001-12-14 14:56 millert
+
+ * strerror.c: Return EINVAL if errnum > sys_nerr
+
+2001-12-14 14:54 millert
+
+ * LICENSE, Makefile.binary, Makefile.in, aclocal.m4, compat.h,
+ config.h.in, defaults.h, interfaces.h, pathnames.h.in, sudo.h,
+ sudo.pod, auth/sudo_auth.h: o Update copyright year
+
+2001-12-14 14:54 millert
+
+ * configure.in: o Don't define STDC_HEADERS unconditionally for
+ IRIX o Update copyright year
+
+2001-12-14 14:53 millert
+
+ * README: update version
+
+2001-12-14 14:52 millert
+
+ * alloc.c, check.c, defaults.c, env.c, fileops.c, find_path.c,
+ fnmatch.c, getcwd.c, getspwuid.c, goodpath.c, interfaces.c,
+ logging.c, lsearch.c, parse.c, parse.lex, parse.yacc,
+ set_perms.c, snprintf.c, sudo.c, testsudoers.c, tgetpass.c,
+ utime.c, visudo.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
+ auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
+ auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
+ auth/sia.c, auth/sudo_auth.c: o Reorder some headers and use
+ STDC_HEADERS define properly o Update copyright year
+
+2001-12-14 01:53 millert
+
+ * configure: regen
+
+2001-12-14 01:53 millert
+
+ * tgetpass.c: flags set in signal handlers should be volatile
+ sig_atomic_t
+
+2001-12-14 01:52 millert
+
+ * config.h.in, configure.in: Add checks for volatile and
+ sig_atomic_t
+
+2001-12-14 01:42 millert
+
+ * lex.yy.c, configure: regen
+
+2001-12-14 01:40 millert
+
+ * def_data.c, def_data.h, def_data.in, defaults.c, env.c,
+ find_path.c, sudo.c, sudoers.pod: Remove "secure_path" Defaults
+ option since it cannot work with the existing parser.
+
+2001-12-14 01:26 millert
+
+ * find_path.c, sudo.c: Unset "secure_path" if user_is_exempt()
+
+2001-12-14 01:24 millert
+
+ * env.c, pathnames.h.in: o Remove assumption that PATH and TERM are
+ not listed in env_keep o If no PATH is in the environment use a
+ default value o If TERM is not set in the non-reset case also
+ give it a default value.
+
+2001-12-14 01:17 millert
+
+ * aclocal.m4, configure.in, defaults.c, pathnames.h.in:
+ _PATH_SENDMAIL -> _PATH_SUDO_SENDMAIL so --without-sendmail works
+ on systems that define in paths.h
+
+2001-12-14 01:15 millert
+
+ * auth/: passwd.c, sudo_auth.c, sudo_auth.h: Add support for
+ skeyaccess(3) if it is present in libskey.
+
+2001-12-12 21:42 millert
+
+ * sudo.c: Only need to do 'lc = login_getclass(NULL)' if lc == NULL
+
+2001-12-12 21:24 millert
+
+ * parse.lex: '\\' is a perfectly legal character to have in a
+ command line argument.
+
+2001-12-12 20:24 millert
+
+ * sudo.c: o Defer call to set_fqdn() until it is safe to use
+ log_error() o Don't print errno string value if gethostbyname
+ fails, it is not relevant
+
+2001-12-12 20:07 millert
+
+ * parse.c: Fix CIDR -> in_addr_t conversion.
+
+2001-12-12 16:21 millert
+
+ * sudoers.pod: Remove an extra "User_List" in the User_Spec
+ definition From ybertrand AT snoopymail.com
+
+2001-12-12 16:00 millert
+
+ * parse.c: Make 'listpw=never' work for users who are not
+ explicitly mentioned in sudoers.
+
+2001-12-12 15:40 millert
+
+ * sudoers.pod: Remove gratuitous '=' in EBNF grammar; era AT iki.fi
+
+2001-12-12 15:34 millert
+
+ * sudoers.pod: Document new list Defaults type and convert env_keep
+ and env_delete to lists. Document new env_check option.
+
+2001-12-12 15:11 millert
+
+ * lex.yy.c, sudo.tab.h: regen parser
+
+2001-12-12 14:56 millert
+
+ * parse.lex: Don't let '#' appear in a {WORD} and restrict #foo in
+ a Runas spec to #[0-9-]+.
+
+2001-12-12 14:55 millert
+
+ * configure: regen
+
+2001-12-12 14:55 millert
+
+ * aclocal.m4: Simpler SUDO_FUNC_ISBLANK that uses AC_TRY_LINK
+
+2001-12-12 14:43 millert
+
+ * config.h.in, configure.in: Add check for skeyaccess(3)
+
+2001-12-11 19:47 millert
+
+ * visudo.pod: Document new -c, -f, and -q options
+
+2001-12-11 19:41 millert
+
+ * visudo.c: o Add -f option (alternate sudoers file) o Convert to
+ use getopt(3)
+
+2001-12-11 19:31 millert
+
+ * configure: regen
+
+2001-12-11 19:31 millert
+
+ * aclocal.m4, config.h.in, configure.in: Add check for isblank and
+ a replacement macro if it doesn't exist.
+
+2001-12-11 18:22 millert
+
+ * visudo.c: In check-only mode, don't create sudoers if it does not
+ already exist.
+
+2001-12-11 18:06 millert
+
+ * parse.yacc: o Add a new token, DEFVAR, to indicate a Defaults
+ variable name
+ o Add support for "+=" and "-=" list operators
+ o replace some 1 and 0 with TRUE and FALSE for greater
+ legibility.
+
+2001-12-11 18:05 millert
+
+ * parse.lex: o Use exclusive start conditions to remove some
+ ambiguity in the
+ lexer. Also reorder some things for clarity.
+ o Add support for "+=" and "-=" list operators.
+ o Use the new DEFVAR token to denote a Defaults variable name.
+
+2001-12-11 18:03 millert
+
+ * sudo.h: Prototype init_envtables()
+
+2001-12-11 18:02 millert
+
+ * env.c: o Convert environment handling to use lists instead of
+ strings.
+ This greatly simplifies routines that need to do "foreach"
+ type
+ operations.
+ o Add new init_envtables() function to set env_check and
+ env_delete
+ defaults based on initial_badenv_table and
+ initial_checkenv_table
+ (formerly sudo_badenv_table).
+
+2001-12-11 18:00 millert
+
+ * defaults.c, defaults.h: o Add a new LIST type and functions to
+ manipulate it.
+ o This is for use with environment handling variables.
+ o Call new init_envtables() routine inside init_defaults() to
+ initialize the environment lists.
+
+2001-12-11 17:57 millert
+
+ * def_data.c, def_data.h, def_data.in: Convert environment options
+ to use the new LIST type and add a new one, env_check that only
+ deletes if the sanity check fails.
+
+2001-12-11 17:55 millert
+
+ * testsudoers.c: Add dummy version of init_envtables()
+
+2001-12-11 17:53 millert
+
+ * parse.yacc: honor quiet mode
+
+2001-12-11 17:51 millert
+
+ * visudo.c: Add check-only mode
+
+2001-12-10 20:27 millert
+
+ * mkdefaults: Fix generation of entries with NULL descriptions.
+
+2001-12-09 00:27 millert
+
+ * tgetpass.c: Use sigaction_t and quiet a gcc warning.
+
+2001-12-09 00:20 millert
+
+ * sudo.c: Must reset signal handlers before we exec
+
+2001-12-09 00:16 millert
+
+ * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c: Be
+ carefule now that tgetpass() can return NULL (user hit ^C). PAM
+ version needs testing. Set SIGTSTP to SIG_DFL during password
+ entry so user can suspend us.
+
+2001-12-09 00:14 millert
+
+ * tgetpass.c: Add support for interrupting/suspending tgetpass via
+ keyboard input. If you suspend sudo from the password prompt and
+ resume it will re-prompt you.
+
+2001-12-09 00:09 millert
+
+ * sudo.c: Don't block keyboard interrupt signals, just set them to
+ SIG_IGN.
+
+2001-12-08 14:48 millert
+
+ * config.h.in: add back HAVE_SIGACTION
+
+2001-12-08 14:44 millert
+
+ * configure: regen
+
+2001-12-08 14:44 millert
+
+ * config.h.in, configure.in, logging.c, sudo.c, visudo.c: Kill
+ POSIX_SIGNALS define and old signal support now that we emulate
+ POSIX ones Also be sure to correctly initialize struct sigaction.
+
+2001-12-08 14:42 millert
+
+ * strerror.c: Don't need config.h or "#ifndef HAVE_STRERROR"
+ wrapper.
+
+2001-12-08 14:39 millert
+
+ * compat.h: Add scaffolding for POSIX signal emulation
+
+2001-12-08 14:36 millert
+
+ * sigaction.c: o Add missing ';' so this compiles o Can't use NULL
+ since we don't include stdio.h
+
+2001-12-08 14:23 millert
+
+ * sigaction.c: Emulate sigaction() using sigvec()
+
+2001-11-12 19:32 millert
+
+ * sudoers.pod: Document new behavior of negative values of
+ timestamp_timeout Fix a typo
+
+2001-11-12 19:31 millert
+
+ * sudo.pod: Add security note about command not being logged after
+ 'sudo su' and friends.
+
+2001-11-12 19:19 millert
+
+ * sudo.pod: Mention that -V prints default values when run as root,
+ including the list of environment variables to clear.
+
+2001-11-12 19:14 millert
+
+ * Makefile.in: Run pod2man with --quotes=none to avoid stupid
+ quoting of C<> entries.
+
+2001-11-12 13:12 millert
+
+ * def_data.c, def_data.h, def_data.in, sudoers.pod,
+ auth/sudo_auth.c: Add mail_badpass option Also modify mail_always
+ behavior to also send mail when the password is wrong
+
+2001-11-12 13:08 millert
+
+ * env.c, sudo.c, sudo.h: Dump default bad env table when 'sudo -V'
+ is run by root.
+
+2001-11-11 23:52 millert
+
+ * sudoers.pod: document env_delete
+
+2001-11-11 23:51 millert
+
+ * env.c: Add support for '*' in env_keep when not resetting the
+ environment (ie: the normal case).
+
+2001-11-11 23:47 millert
+
+ * env.c: Add env_delete variable that lets the user replace/add to
+ the bad_env_table. Allow '*' wildcard in env_keep entries.
+
+2001-11-06 13:59 millert
+
+ * mkinstalldirs: Force umask to 022 to guarantee sane directory
+ permissions.
+
+2001-11-02 18:09 millert
+
+ * Makefile.in: add sudo.tab.h and sudo.tab.c to sudo.tab.o
+ dependency
+
+2001-11-02 17:25 millert
+
+ * mkdefaults: fix breakage in last commit
+
+2001-11-02 17:18 millert
+
+ * Makefile.in: acsite.m4 -> aclocal.m4
+
+2001-11-02 15:59 millert
+
+ * check.c: fix I_TS_TIMEOUT vs. I_TIMESTAMP_TIMEOUT pasto in
+ previous commit
+
+2001-11-02 15:57 millert
+
+ * def_data.c: regenerated from def_data.in
+
+2001-11-02 15:56 millert
+
+ * check.c, defaults.c, defaults.h: Add new T_UINT type that most
+ things use instead of T_INT If timestamp_timeout is < 0 then
+ treat the ticket as never expiring (to be expired manually by the
+ user).
+
+2001-11-02 15:51 millert
+
+ * def_data.in: change most T_INT -> T_UINT
+
+2001-11-02 15:51 millert
+
+ * mkdefaults: fix warning when no args
+
+2001-11-02 12:52 millert
+
+ * visudo.c: Change 2 Exit() -> exit() Avoid stdio in Exit() and
+ call _exit() if we are a signal handler. We no longer print the
+ signal number but the user can just check the exit value for
+ that.
+
+2001-10-16 01:35 millert
+
+ * logging.c: when setting up pipes in child process check for case
+ where stdin == pipe fd 0
+
+2001-10-11 13:20 millert
+
+ * visudo.c: Ignore editor exit value since XPG4 says vi's exit
+ value is the count of editing errors made (failed searches, etc).
+
+2001-10-05 16:39 millert
+
+ * configure: regen
+
+2001-10-05 16:39 millert
+
+ * configure.in: sco now is identified by config.guess as *-sco-*
+
+2001-10-05 16:24 millert
+
+ * configure.in: Check for getspnam() in -lgen if not in -lc for
+ UnixWare.
+
+2001-09-17 21:48 millert
+
+ * sudoers.pod, visudo.pod: "upper case" -> "uppercase"
+
+2001-09-17 21:32 millert
+
+ * sudoers.pod: fix typos and grammar; pjanzen@foatdi.harvard.edu
+
+2001-08-28 10:26 millert
+
+ * sudoers.pod: Missing word (specify); krapht@secureops.com
+
+2001-08-23 17:43 millert
+
+ * sudo.c: If we fail to lookup a login class, apply the default
+ one.
+
+2001-08-23 17:42 millert
+
+ * logging.c: In log_error() free message, not logline
+ unconditionally, then free logline if it is not the same as
+ message. No function change but this mirrors how they are
+ allocated.
+
+2001-07-16 23:33 millert
+
+ * configure: regenerate
+
+2001-07-16 23:33 millert
+
+ * configure.in: remove some backslash quotes that are unneeded
+
+2001-07-16 23:30 millert
+
+ * configure.in: o Tweaks to make this work with autoconf-2.50 o Use
+ AC_LIBOBJ instead of changing LIBOBJS directly o Use
+ AC_REPLACE_FUNCS where we can o Use AC_CHECK_FUNCS instead of
+ AC_CHECK_FUNC so we don't have to AC_DEFINE things manually.
+
+2001-07-16 23:28 millert
+
+ * config.guess, config.sub: Updated from autoconf-2.50
+
+2001-05-22 19:11 millert
+
+ * README: Update mailing list section. We use mailman now, not
+ majordomo.
+
+2001-05-10 14:55 millert
+
+ * getspwuid.c, logging.c, sudo.c: Use setpwent()/endpwent() + all
+ the shadow variants to make sure we don't inadvertantly leak an
+ fd to the child. Apparently Linux's shadow routines leave the fd
+ open even if you don't call setspent(). Reported by
+ mike@gistnet.com; different patch used.
+
+2001-04-12 21:43 millert
+
+ * sudoers.pod: s/eg./e.g./
+
+2001-04-12 21:42 millert
+
+ * tgetpass.c: select() may return EAGAIN. If so, continue like we
+ do for EINTR.
+
+2001-04-12 21:41 millert
+
+ * logging.c: Fix a non-exploitable buffer overflow in the word
+ splitting code. This should really be rewritten.
+
+2001-04-12 21:41 millert
+
+ * Makefile.in: FAQ link goes away
+
+2001-04-12 21:40 millert
+
+ * INSTALL: Tell people to look in sample.syslog.conf for examples,
+ not FAQ
+
+2001-04-12 21:40 millert
+
+ * TROUBLESHOOTING: Update list of env vars that are cleared
+
+2001-04-12 21:36 millert
+
+ * sudo.c: remove struct env_table decl since that stuff has all
+ moved to env.c
+
+2001-04-04 13:17 millert
+
+ * fileops.c: Fix a pasto in flock-style unlocking and include
+ <sys/file.h> for flock on older systems; twetzel@gwdg.de
+
+2001-04-04 13:14 millert
+
+ * configure: regen to get NeXT lockf/flock fix
+
+2001-04-04 13:14 millert
+
+ * configure.in: force NeXT to use flock since lockf is broken
+
+2001-03-30 08:54 millert
+
+ * check.c: Use stashed user_gid when checking against exempt gid
+ since sudo sets its gid to a a value that makes sudoers readable.
+ Previously if you used gid 0 as the exempt group everyone would
+ be exempt. From Paul Kranenburg <pk@cs.few.eur.nl>
+
+2001-03-29 13:14 millert
+
+ * configure: regen
+
+2001-03-29 13:08 millert
+
+ * aclocal.m4: #include stdio.h in SUDO_CHECK_TYPE since IRIX 6
+ aparently defines some types (such as ssize_t) therein.
+
+2001-03-02 09:09 millert
+
+ * defaults.c: Fix negation of paths in a boolean context. Problem
+ found by apt@UH.EDU
+
+2001-02-23 13:03 millert
+
+ * visudo.c: pasto
+
+2001-02-17 16:11 millert
+
+ * visudo.c: SA_RESETHAND means the opposite of what I was
+ thinking--oops To block all signals in old-style signals use ~0,
+ not 0xffffffff
+
+2001-02-04 11:16 millert
+
+ * defaults.c: coerce difference of pointers to int when used in a
+ string length printf format; deraadt@openbsd.org
+
+2001-01-17 11:34 millert
+
+ * visudo.c: Block all signals in Exit() to avoid a signal race.
+ There is still a tiny window but I'm not going to worry about it.
+
+2001-01-07 13:57 millert
+
+ * env.c: glibc uses the LANGUAGE env var so clear that too; Solar
+ Designer
+
+2001-01-07 13:55 millert
+
+ * lex.yy.c: Regenerate with a fix to flex.skl that preserves errno
+ from clobbering by isatty().
+
+2000-12-30 20:39 millert
+
+ * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sia.c, sudo_auth.c:
+ Some defaults I_ defines got renamed.
+
+2000-12-30 20:38 millert
+
+ * Makefile.in, check.c, def_data.c, def_data.h, def_data.in,
+ defaults.c, defaults.h, env.c, logging.c, mkdefaults, parse.yacc,
+ set_perms.c, sudo.c: Move defaults info into its own files from
+ which we generate .h and .c files. This makes adding or
+ rearranging variables much simpler.
+
+2000-12-30 16:58 millert
+
+ * configure, configure.in: fix typo in last commit
+
+2000-12-30 16:55 millert
+
+ * compat.h, config.h.in, configure, configure.in: Add check +
+ emulation for setegid (like seteuid).
+
+2000-12-30 16:22 millert
+
+ * env.c: Make env_keep override badenv_table as documented Fix
+ traversal of badenv_table (broken in last commit)
+
+2000-12-29 22:59 millert
+
+ * set_perms.c, sudo.c, sudo.h: Don't try and build saved uid
+ version of set_perms on systems w/o them. Rename
+ set_perms_saved_uid() -> set_perms_posix() Make
+ set_perms_setreuid simply be set_perms_fallback() and simply
+ include the appropriate function at compile time (setreuid()
+ vs. setuid()).
+
+2000-12-29 22:45 millert
+
+ * sudoers.pod, sudoers.cat, sudoers.man.in: PATH is also preserved
+ when env_reset is in effect
+
+2000-12-29 22:29 millert
+
+ * CHANGES, env.c, Makefile.in, check.c, compat.h, config.h.in,
+ configure, configure.in, defaults.c, defaults.h, find_path.c,
+ getspwuid.c, set_perms.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
+ sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod,
+ testsudoers.c, visudo.c, visudo.cat, visudo.man.in: New Defaults
+ options: o stay_setuid - sudo will remain setuid if system has
+ saved uids or setreuid(2) o env_reset - reset the environment to
+ a sane default o env_keep - preserve environment variables that
+ would otherwise be cleared
+
+ No longer use getenv/putenv/setenv functions--do environment
+ munging by hand. Potentially dangerous environment variables can
+ be cleared only if they contain '/' pr '%' characters to protect
+ buggy programs. Moved environment routines into env.c (new file)
+
+2000-12-29 22:17 millert
+
+ * INSTALL: Clear up --without-passwd description
+
+2000-12-29 19:39 millert
+
+ * sudo_setenv.c, putenv.c: We now build up a new environment from
+ scratch and assign it to "environ".
+
+2000-12-18 22:35 millert
+
+ * sudo.pod, visudo.pod: Grammatical fixes from Paul Janzen
+
+2000-12-14 23:19 millert
+
+ * visudo.c: If there was a syntax error and the user just wants to
+ quit, unlink sudoers if it is zero length.
+
+2000-12-14 23:10 millert
+
+ * visudo.c: 'Q' means ignore parse error, not 'q'
+
+2000-12-14 22:57 millert
+
+ * visudo.c: Open sudoers for writing with mode SUDOERS_MODE From
+ Dimitry Andric <dim@xs4all.nl>
+
+2000-12-13 12:23 millert
+
+ * set_perms.c: Add missing #ifdef HAVE_LOGIN_CAP_H;
+ ayamura@ayamura.org
+
+2000-12-09 11:46 millert
+
+ * config.guess, config.sub: Darwin / Mac OS X support from Wilfredo
+ Sanchez <wsanchez@apple.com>
+
+2000-11-03 09:36 millert
+
+ * sudo.c, visudo.c: Use exit(127), not exit(-1)
+
+2000-11-03 00:37 millert
+
+ * defaults.h, set_perms.c, sudo.c, Makefile.in, defaults.c: Move
+ set_perms() to its own file and use POSIX saved uid or setreuid()
+ if available.
+
+ Added stay_setuid option for systems that have libraries that
+ perform extra paranoia checks in system libraries for setuid
+ programs (ie: anything with issetugid(2)).
+
+2000-11-02 20:28 millert
+
+ * sudo.c: strip more bits from the environment and add a facility
+ for stripping things only if they contain '/' or '%' to address
+ printf format string vulnerabilities in other programs.
+
+2000-11-02 12:55 millert
+
+ * configure: regen
+
+2000-11-02 12:55 millert
+
+ * configure.in: For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache
+ the existence of strcasecmp().
+
+2000-11-02 12:46 millert
+
+ * configure: regen
+
+2000-11-02 12:46 millert
+
+ * configure.in: Check for strcasecmp(3) in -lc89 for NCR Unix
+
+2000-11-01 10:22 millert
+
+ * config.h.in: Define HAVE_INNETGR #ifdef HAVE__INNETGR
+
+2000-11-01 10:17 millert
+
+ * configure: regen
+
+2000-11-01 10:17 millert
+
+ * compat.h, config.h.in, configure.in: Add check for _innetgr(3)
+ since NCR systems have that instead of innetgr(3).
+
+2000-10-31 14:16 millert
+
+ * auth/securid.c: check return value of creadcfg() call sd_close()
+ after sd_auth() store username in sd->username so we don't rely
+ on the USER env variable
+
+2000-10-29 23:00 millert
+
+ * INSTALL: document --with-bsdauth
+
+2000-10-29 22:57 millert
+
+ * configure: regen
+
+2000-10-29 22:56 millert
+
+ * configure.in: --with-bsdauth assumes --with-logincap
+
+2000-10-29 22:45 millert
+
+ * auth/: bsdauth.c, fwtk.c: When prompting for a response to a
+ challenge, if the user just hits return then reprompt with echo
+ turned on.
+
+2000-10-29 17:31 millert
+
+ * sudo.c: Remove debugging code that should not have been
+ committed, oops.
+
+2000-10-29 17:31 millert
+
+ * auth/bsdauth.c: Use lower-level routines and get the password
+ ourselves. Checks for a challenge and if there is one echo is
+ not turned off.
+
+2000-10-29 17:30 millert
+
+ * auth/: pam.c, sudo_auth.h: minor housekeeping, no real code
+ changes
+
+2000-10-27 18:41 millert
+
+ * sudo.c: Fix a coredump in the logging functions if gethostname(2)
+ fails by deferring the call to log_error() until things are
+ better setup.
+
+ Fix return value of set_loginclass() in non-BSD-auth case.
+
+ Hard-code 'sudo' in the usage message so we can fit more options
+ on a line
+
+2000-10-27 18:35 millert
+
+ * logging.c: Fix errant ';' (typo) that broken MSG_ONLY
+
+2000-10-26 13:03 millert
+
+ * sudo.cat, sudo.man.in: regen
+
+2000-10-26 13:01 millert
+
+ * sudo.pod: Document -a flag
+
+2000-10-26 12:42 millert
+
+ * Makefile.in, config.h.in, configure, configure.in, getspwuid.c,
+ sudo.c, auth/sudo_auth.h, auth/bsdauth.c: Add support for BSD
+ authentication.
+
+2000-10-19 10:09 millert
+
+ * sudoers.pod: Fix typo; from sato@complex.eng.hokudai.ac.jp
+
+2000-10-12 09:49 millert
+
+ * sudoers.pod: Mention negating umask
+
+2000-10-12 01:30 millert
+
+ * defaults.c: Allow user to specify umask of 0777 (same as !umask)
+
+2000-10-08 21:46 millert
+
+ * sudo.pod, visudo.pod: Fix a typo and give a URL for the sudo
+ history.
+
+2000-10-08 12:25 millert
+
+ * defaults.c, sudo.pod: fix typos; pepper@reppep.com
+
+2000-09-14 16:48 millert
+
+ * sudo.c, sudo.h, sudo_setenv.c: sudo_setenv() now exits on memory
+ alloc failure instead of returning -1.
+
+2000-09-07 17:41 millert
+
+ * sudo.c: Strip out NLSPATH and PATH_LOCALE from the environment
+ for FreeBSD and possibly others.
+
+2000-09-07 10:43 millert
+
+ * logging.c: Don't use vsyslog(3) since HP-UX (and others?) lack
+ it. This means that "%m" won't be expanded but we don't use that
+ anyway since the logging routines may splat to stderr as well.
+
+2000-09-06 21:35 millert
+
+ * defaults.c, defaults.h, sudo.c, sudoers.cat, sudoers.man.in,
+ sudoers.pod: Add always_set_home variable
+
+2000-09-06 21:24 millert
+
+ * configure, configure.in: Have to hard code default values in help
+ since the defaults are set _after_ the help stuff.
+
+2000-08-31 13:08 millert
+
+ * lex.yy.c, parse.lex: Allow special characters (including '#') to
+ be embedded in pathnames if quoted by a '\\'. The quoted chars
+ will be dealt with by fnmatch(). Unfortunately, 'sudo -l' still
+ prints the '\\'.
+
+2000-08-13 17:10 millert
+
+ * install-sh: Better path searching for programs we need.
+
+2000-08-13 17:10 millert
+
+ * TROUBLESHOOTING: Add section on "C compiler cannot create
+ executables" errors.
+
+2000-08-13 17:10 millert
+
+ * Makefile.binary, Makefile.in, version.h: Crank version
+
+2000-08-13 17:09 millert
+
+ * aclocal.m4, configure, configure.in, sudo.cat, sudo.man.in,
+ sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.cat,
+ visudo.man.in, visudo.pod: Substitute values from configure into
+ man pages.
+
+2000-08-12 16:48 millert
+
+ * parse.c, sudo.c: The listpw and verifypw sudoers options would
+ not take effect because the value of the default was checked
+ *before* sudoers was parsed. Instead of passing in the value of
+ PWCHECK_* to sudoers_lookup(), pass in the arg for def_ival() so
+ the check can be deferred until after sudoers is parsed.
+
+2000-08-11 15:41 millert
+
+ * tgetpass.c: When writing prompt, no need to write the NUL as
+ well; hag@linnaean.org
+
+2000-06-09 12:25 millert
+
+ * install-sh: When looking for chown, check in /sbin too
+
+2000-06-04 22:57 millert
+
+ * visudo.c: Remove extraneous call to init_defaults() and set
+ runas_user to NULL betweem parses so init_defaults will reset it
+ each time, thus avoiding a reference to free()d data.
+
+2000-06-04 19:57 millert
+
+ * config.h.in, interfaces.c, interfaces.h, sudo.c: Add support for
+ using getifaddrs() to get the list of ip addr / netmask pairs.
+ Currently IPv4-only.
+
+2000-06-04 19:51 millert
+
+ * visudo.c: Add a missing check for UserEditor == NULL Add missing
+ '+' before line number when invoking editor to fix a syntax error
+
+2000-05-12 16:55 millert
+
+ * sudo.c: Call clean_env very early in main() for paranoia's sake.
+ Idea from Marc Esipovich.
+
+2000-05-10 01:11 millert
+
+ * sudo.h: Update proto for evasprintf and easprintf
+
+2000-05-10 01:10 millert
+
+ * alloc.c: Make easprintf() and evasprintf() return an int.
+
+2000-05-10 00:56 millert
+
+ * check.c: If the targetpw flag is set, use target username as part
+ of the timestamp path. If tty tickets are in effect cat the tty
+ and the target username with a ':' as the separator.
+
+2000-05-09 12:05 millert
+
+ * auth/pam.c: Backout part of last change; setting PAM_USER to the
+ invoking user breaks things like targetpw.
+
+2000-05-09 11:52 millert
+
+ * auth/pam.c: set tty and username via pam_set_item
+
+2000-05-09 11:42 millert
+
+ * check.c, getspwuid.c, sudo.c, sudo.h, auth/sudo_auth.c: Fix root,
+ runas, and target authentication for non-passwd file auth
+ methods.
+
+2000-04-22 14:15 millert
+
+ * sudo.pod, sudo.man.in, sudoers.man.in, sudoers.pod, visudo.pod,
+ sudo.cat, sudoers.cat, visudo.man.in, visudo.cat: Use B<-Z> not
+ C<-Z> for command line flags in all places. This is more
+ consistent and works around a bug in Pod::Man.
+
+2000-04-22 13:59 millert
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod: Fix an occurence of
+ 'semicolon' that should be 'colon'
+
+2000-04-19 15:30 millert
+
+ * configure, configure.in: Fix --with-badpri help line
+
+2000-04-17 14:01 millert
+
+ * defaults.c, logging.c, sudo.c: Bracket calls to syslog with an
+ openlog() and closelog() since some authentication methods (like
+ PAM) may do their own logging via syslog. Since we don't use
+ syslog much (usually just once per session) this doesn't really
+ incur a performance penalty. It also Fixes a SEGV with pam_kafs.
+
+2000-04-15 16:32 millert
+
+ * sudo.c: Fix -H flag. runas_homedir is only valid after
+ set_perms(PERM_RUNAS, mode)
+
+2000-04-12 18:56 millert
+
+ * INSTALL: Clarify the fact that insults are not enabled just by
+ including them in the binary.
+
+2000-04-07 10:39 millert
+
+ * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
+ sudoers.cat, visudo.cat: Regenerated with perl 5.6.0 pod2man
+
+2000-04-07 10:38 millert
+
+ * Makefile.in: Give date string to pod2man since its default is
+ ugly and it ain't got no alibi.
+
+2000-04-07 10:27 millert
+
+ * Makefile.in: Do section substitution on the output of pod2man and
+ remove hack needed for old pod2man.
+
+2000-04-07 10:26 millert
+
+ * sudo.pod, sudoers.pod, visudo.pod: Put back real man sections, we
+ will do the substitution later.
+
+2000-04-02 11:44 millert
+
+ * configure, configure.in: Don't bother checking for the path to vi
+ if user specified --with-editor
+
+2000-04-01 17:25 millert
+
+ * CHANGES, visudo.c: Visudo now does its own fork/exec instead of
+ calling system(3).
+
+2000-04-01 16:23 millert
+
+ * CHANGES, INSTALL, Makefile.in, sudoers.cat, sudoers.man.in,
+ sudoers.pod, visudo.c: Visudo now checks for the existence of an
+ editor and gives a sensible error if it does not exist.
+
+ The path to the editor for visudo is now a colon-separated list
+ of allowable editors. If the user has $EDITOR set and it matches
+ one of the allowed editors that editor will be used. If not, the
+ first editor in the list that actually exists is used.
+
+2000-04-01 16:22 millert
+
+ * sudo.pod, sudo.cat, sudo.man.in: Clear up confusion wrt sudo's
+ return value.
+
+2000-03-27 12:08 millert
+
+ * Makefile.in: Strip sudo and visudo for bindist target
+
+2000-03-26 22:26 millert
+
+ * sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
+ sudoers.pod, visudo.cat, visudo.man.in, visudo.pod: Use
+ @mansectsu@ and @mansectform@ in the man page bodies as well.
+
+2000-03-26 22:07 millert
+
+ * visudo.cat, visudo.man.in, visudo.pod: Typo: @sysconf@ ->
+ @sysconfdir@
+
+2000-03-26 21:57 millert
+
+ * Makefile.in: 'make dist' should not cause any files to be
+ modified so remove its dependencies.
+
+2000-03-26 21:43 millert
+
+ * CHANGES: Whoops, forgot to add release marker
+
+2000-03-26 11:57 millert
+
+ * CHANGES: Final change for 1.6.3 (or so I hope)
+
+2000-03-26 11:57 millert
+
+ * sudo.cat, sudoers.cat, visudo.cat: Use SYSV man sections since
+ BSD systems will have nroff...
+
+2000-03-24 18:58 millert
+
+ * parse.yacc: When checking to see if the host/user matches in a
+ defaults spec, check against TRUE, not just non-zero since it
+ might be -1.
+
+2000-03-24 15:14 millert
+
+ * configure.in, configure: OSF/1 puts file formats in section 4,
+ not 5.
+
+2000-03-24 15:13 millert
+
+ * CHANGES, INSTALL, sudo.c: Make login class support work on BSD/OS
+
+2000-03-23 20:24 millert
+
+ * RUNSON: Update for 1.6.3
+
+2000-03-23 20:23 millert
+
+ * configure, configure.in: If there is no inet_addr but there *is*
+ an __inet_addr that's ok since inet_addr is probably just a macro
+ then. The better thing to do would be to look for the macro, but
+ this is fine for now.
+
+2000-03-23 19:50 millert
+
+ * configure, configure.in: Don't use shlicc for BSD/OS 4.x
+
+2000-03-23 19:40 millert
+
+ * Makefile.in, configure, configure.in: *.man lives in cwd, *.cat
+ lives in $(srcdir), add a @mansrcdir@ configure variable so we
+ can deal with this. Also, only remove *.man for 'distclean' not
+ 'clean'.
+
+2000-03-23 19:16 millert
+
+ * sudo.c: set_loginclass() should be static like the proto says
+
+2000-03-23 14:14 millert
+
+ * fnmatch.c: Add #ifdef __STDC__ around the rangematch function
+ header to avoid promotion of test to int, thus violating the
+ prototype. Gcc handles this gracefully but more std ANSI
+ compilers will complain.
+
+2000-03-23 10:11 millert
+
+ * emul/fnmatch.h: Pull in newer fnmatch(3) that supports
+ FNM_CASEFOLD
+
+2000-03-23 10:11 millert
+
+ * aclocal.m4, configure, fnmatch.3, fnmatch.c: Pull in newer
+ fnmatch(3) that supports FNM_CASEFOLD Check for FNM_CASEFOLD in
+ configure
+
+2000-03-22 23:41 millert
+
+ * CHANGES, TODO: update for 1.6.3
+
+2000-03-22 23:38 millert
+
+ * lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc, sudo.tab.h,
+ testsudoers.c, visudo.c: Fully qualified hosts w/ wildcards were
+ not matching the FQHOST token type. There's really no need for a
+ separate token for fully-qualified vs. unqualified anymore so
+ FQHOST is now history and hostname_matches now decides which
+ hostname (short or long) to check based on whether or not the
+ pattern contains a '.'.
+
+2000-03-22 23:09 millert
+
+ * parse.c, parse.h, parse.yacc, sudoers.pod, testsudoers.c,
+ visudo.c, sudoers.cat, sudoers.man.in: Add support for wildcards
+ in the hostname.
+
+2000-03-22 22:50 millert
+
+ * Makefile.in: Add targets for *.man.in, using config.status to
+ generate *.man from *.man.in
+
+2000-03-22 22:20 millert
+
+ * sudoers.cat, sudoers.man.in, sudoers.pod: Document set_logname
+ option and enbolden refs to sudo and visudo.
+
+2000-03-22 19:35 millert
+
+ * INSTALL, Makefile.in, aclocal.m4, configure, configure.in,
+ sudo.cat, sudo.pod, sudo.man.in, sudoers.cat, sudoers.pod,
+ visudo.cat, visudo.pod, sudoers.man.in, visudo.man.in: Add
+ FreeBSD login.conf support (untested on BSD/OS) based on a patch
+ from Michael D. Marchionna. configure now does substitution on
+ the man pages, allowing us to fix up the paths and set the
+ section correctly. Based on an idea from Michael D. Marchionna.
+
+2000-03-22 19:27 millert
+
+ * auth/passwd.c: Better fix for handling HP-UX aging info.
+
+2000-03-22 19:20 millert
+
+ * sudo.c: Add support for set_logname run-time default
+
+2000-03-22 19:17 millert
+
+ * sudo.man.in, sudoers.man.in, visudo.man.in: configure does
+ substitution on these to produce *.man
+
+2000-03-22 19:16 millert
+
+ * sudo.man, sudoers.man, visudo.man: These files now get generated
+ from *.man.in at configure time.
+
+2000-03-22 18:40 millert
+
+ * defaults.c, defaults.h: Add set_logname option so users can turn
+ off setting of LOGNAME/USER environment variables.
+
+2000-03-22 10:53 millert
+
+ * testsudoers.c, lsearch.c, parse.c: kill register
+
+2000-03-13 15:52 millert
+
+ * auth/passwd.c: HP-UX adds extra info at the end for password
+ aging so when comparing the result of crypt to pw_passwd we only
+ compare the first len(epass) bytes *unless* the user entered an
+ empty string for a password.
+
+2000-03-13 11:05 millert
+
+ * logging.c: Get rid of grandchild hack, it was causing problems
+ and there is really no need for it. This fixes a bug where we
+ spin eating up CPU when the user runs a long-running process like
+ a shell.
+
+2000-03-07 14:26 millert
+
+ * sudo.c: User can always specify a login class if he/she is
+ already root.
+
+2000-03-06 23:29 millert
+
+ * config.h.in, configure, configure.in, defaults.c, defaults.h,
+ sudo.c, sudo.h: FreeBSD login class (login.conf) support.
+
+2000-03-06 14:42 millert
+
+ * auth/sudo_auth.c: HAVE_SECUREWARE -> HAVE_GETPRPWNAM; fixes
+ secureware support
+
+2000-03-03 18:04 millert
+
+ * auth/passwd.c: Truncate unencrypted password to 8 chars if
+ encrypted password is exactly 13 characters (indicateing standard
+ a DES password). Many versions of crypt() do this for you, but
+ not all (like HP-UX's).
+
+2000-03-01 21:01 millert
+
+ * INSTALL, RUNSON: Mention that gcc on dynix may have problems
+
+2000-02-29 17:46 millert
+
+ * Makefile.in: Link visudo with NET_LIBS since we now call syslog
+ via defaults.c
+
+2000-02-29 17:41 millert
+
+ * defaults.c: Use Argv[0] as the first arg to openlog() since
+ visudo uses this too.
+
+2000-02-28 18:58 millert
+
+ * sudo.c: Stash coredumpsize resource limit and retsore it before
+ the exec() Otherwise the child ends up with a coredumpsize of 0.
+
+2000-02-26 22:56 millert
+
+ * sudo.cat, sudo.man, sudo.pod: document -S flag
+
+2000-02-26 22:54 millert
+
+ * sudo.c: fix usage string
+
+2000-02-26 22:48 millert
+
+ * CHANGES, RUNSON, TODO, sudo.c, sudo.h, tgetpass.c,
+ auth/aix_auth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Added
+ -S flag (read passwd from stdin) and tgetpass_flags global that
+ holds flags to be passed in to tgetpass(). Change echo_off param
+ to tgetpass() into a flags field. There are currently 2 possible
+ flags for tgetpass(): TGP_ECHO and TGP_STDIN. In tgetpass(),
+ abstract the echo set/clear via macros and if (flags & TGP_ECHO)
+ but echo is not set on the terminal, but sure to set it.
+
+2000-02-26 22:11 millert
+
+ * tgetpass.c: Fixed a bug that caused an infinite loop when the
+ password timeout was disabled.
+
+2000-02-18 12:56 millert
+
+ * CHANGES, defaults.c, defaults.h, getspwuid.c, sudo.c, sudo.h,
+ sudoers.cat, sudoers.man, sudoers.pod, visudo.c: Add rootpw,
+ runaspw, and targetpw options.
+
+2000-02-18 12:11 millert
+
+ * CHANGES, defaults.c, sudoers.cat, sudoers.man, sudoers.pod,
+ visudo.c: enveditor -> env_editor
+
+2000-02-15 19:07 millert
+
+ * BUGS, INSTALL, Makefile.in, README, configure, configure.in,
+ sudo.cat, sudo.man, sudoers.cat, sudoers.man, version.h,
+ visudo.cat, visudo.man: crank versino to 1.6.3
+
+2000-02-15 19:03 millert
+
+ * INSTALL, TODO, defaults.c, defaults.h, sudoers.cat, sudoers.man,
+ sudoers.pod, visudo.c: Add 'editor' and 'enveditor' sudoers
+ defaults and make visudo honor them. This means that visudo will
+ now parse the sudoers file *before* it is edited so a bogus
+ sudoers file will cause a warning to go to stderr. Also, visudo
+ checks the variables once--it does not check them after each
+ editor run since that could be confusing.
+
+2000-02-15 18:49 millert
+
+ * RUNSON: 1.6.2 -> 1.6.2p1
+
+2000-02-15 18:36 millert
+
+ * check.c, sudo.c, sudo.h: Move user_is_exempt prototype into
+ sudo.h
+
+2000-02-13 13:38 millert
+
+ * configure, configure.in: Fix thinko, some && should have been ||
+ in the last commit
+
+2000-02-13 13:28 millert
+
+ * configure, configure.in: Don't initialized Makefile variables to
+ be NULL since the user may want to import variables from their
+ environment.
+
+2000-02-03 21:09 millert
+
+ * configure, configure.in: typo
+
+2000-01-27 15:01 millert
+
+ * INSTALL, RUNSON, configure, configure.in: Make pam work on HP-UX
+ 11.0;jaearick@colby.edu
+
+2000-01-27 15:01 millert
+
+ * CHANGES: recent changes; prepare for 1.6.2p1
+
+2000-01-26 23:31 millert
+
+ * find_path.c: Don't apply SECURE_PATH if user is example;
+ jmknoble@pobox.com
+
+2000-01-26 16:21 millert
+
+ * sudoers.cat, sudoers.man, sudoers.pod: Expanded docs on sudoers
+ 'defaults' options based on INSTALL file info.
+
+2000-01-26 16:21 millert
+
+ * INSTALL: Fix some while lies
+
+2000-01-24 10:48 millert
+
+ * Makefile.in: When making a bindist, link FAQ to TROUBLESHOOTING
+ instead of copying.
+
+2000-01-23 22:57 millert
+
+ * sudoers.cat, sudoers.man, sudoers.pod: Add netgroup caveat
+
+2000-01-23 22:42 millert
+
+ * RUNSON: Last minute updates
+
+2000-01-23 22:26 millert
+
+ * TROUBLESHOOTING: PAM entry
+
+2000-01-23 22:23 millert
+
+ * auth/pam.c: correct a comment
+
+2000-01-23 22:03 millert
+
+ * CHANGES, RUNSON: update for 1.6.2
+
+2000-01-23 21:59 millert
+
+ * auth/pam.c: Better detection of PAM errors and fix custom prompts
+ with PAM. Based on patches from "Cloyce D. Spradling"
+ <cloyce@headgear.org>
+
+2000-01-20 11:15 millert
+
+ * snprintf.c: Cast ULONG_MAX to unsigned long long when comparing
+ to an unsigned long long value.
+
+2000-01-19 14:07 millert
+
+ * CHANGES, config.h.in, configure, configure.in, visudo.c: Fix
+ sudoers locking in visudo. We now lock the sudoers file itself,
+ not the temp file (since locking the temp file can foul up
+ editors). The previous locking scheme didn't work because the fd
+ was closed too early.
+
+2000-01-19 13:37 millert
+
+ * configure, config.h.in, configure.in: Don't need test for
+ ftruncate() any more.
+
+2000-01-18 21:23 millert
+
+ * configure, configure.in: Add a test for the -Aa flag w/ HP-UX's
+ cc. Fixes compilation with the unbundled HP-UX cc.
+
+2000-01-18 17:00 millert
+
+ * sudoers.cat, sudoers.man, sudoers.pod: "a a" -> "a"; Aaron
+ Campbell <aaron@cs.dal.ca>
+
+2000-01-17 18:46 millert
+
+ * LICENSE, Makefile.in, defaults.c, defaults.h, parse.c, parse.h,
+ parse.yacc, sudo.c, sudo.h, sudoers.pod, testsudoers.c,
+ tgetpass.c, version.h, visudo.c: update copyright year on changed
+ files
+
+2000-01-17 18:45 millert
+
+ * RUNSON: updates
+
+2000-01-17 18:45 millert
+
+ * CHANGES: aix fix
+
+2000-01-17 18:42 millert
+
+ * INSTALL: Crank version to 1.6.2
+
+2000-01-17 18:11 millert
+
+ * configure: Crank version to 1.6.2
+
+2000-01-17 17:46 millert
+
+ * sudo.c: When using rlimit check for RLIM_INFINITY When computing
+ the value of maxfd, use min(getdtablesize(), RLIMIT_NOFILE)
+
+2000-01-17 12:32 millert
+
+ * CHANGES: recent changes
+
+2000-01-17 12:28 millert
+
+ * BUGS, Makefile.in, README, configure.in, sudo.cat, sudo.man,
+ sudoers.cat, sudoers.man, version.h, visudo.cat, visudo.man:
+ Crank version to 1.6.2
+
+2000-01-17 12:25 millert
+
+ * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.pod: Add
+ 'shell_noargs' runtime option back in. We have to defer checking
+ until after the sudoers file has been parsed but since there are
+ now other options that operate that way this one can too. Based
+ on a patch from bguillory@email.com.
+
+2000-01-16 23:05 millert
+
+ * defaults.c, defaults.h, parse.c, sudo.c, sudo.h: Add "listpw" and
+ "verifypw" options.
+
+2000-01-16 22:57 millert
+
+ * sudoers.cat, sudoers.man, sudoers.pod: o Fix some typos/omissions
+ o Add section on verifypw and listpw o Define how NOPASSWD
+ interacts with the -v and -l flags
+
+2000-01-14 12:39 millert
+
+ * configure, configure.in: For HP-UX cc, add -Aa to CPPFLAGS. For
+ HP-UX always add -D_HPUX_SOURCE to CPPFLAGS.
+
+2000-01-14 12:29 millert
+
+ * defaults.c, defaults.h: In struct sudo_defs_types, move the union
+ to the end and don't initialize the union member since that only
+ works with an ANSI compiler. We set the value of the union by
+ hand in init_defaults() anyway. This allows sudo to compile on a
+ K&R compiler again.
+
+2000-01-11 13:20 millert
+
+ * parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c:
+ netgr_matches needs to check shost as well as host since they may
+ be different.
+
+2000-01-11 13:17 millert
+
+ * tgetpass.c: End on \r as well as \n
+
+2000-01-02 23:53 millert
+
+ * sudo.c: Update statbuf.st_mode based on SUDOERS_MODE when we are
+ chaning from 0400 to whatever SUDOERS_MODE is (converting from
+ the old sudoers mode). Assumes that SUDOERS_MODE is less
+ restrictive than 0400 which should always be the case.
+
+2000-01-02 23:43 millert
+
+ * parse.c, parse.yacc, sudo.c, sudo.h: Make treatment of -l and -v
+ sane wrt NOPASSWD flags. Now allow -l w/o a passwd if there is
+ *any* entry for the user on the host with a NOPASSWD flag. For
+ -v, only allow w/o a passwd if *all* entries for the user on the
+ host w/ the specified runas user have the NOPASSWD flag set.
+
+2000-01-02 23:26 millert
+
+ * Makefile.in: add check target
+
+1999-12-16 13:02 millert
+
+ * visudo.c: Treat EOF at whatnow prompt like 'x' instead of
+ looping.
+
+1999-12-10 00:09 millert
+
+ * CHANGES: recent changes
+
+1999-12-08 23:04 millert
+
+ * config.h.in, configure, configure.in, sudo.c: Add check for
+ initgroups() since old SYSV lacks this.
+
+1999-12-08 22:54 millert
+
+ * CHANGES, RUNSON, aclocal.m4, config.h.in, configure,
+ configure.in, parse.c, testsudoers.c: o Kill HAVE_FNMATCH_H o
+ Only define HAVE_FNMATCH if <fnmatch.h> exists.
+
+1999-12-06 01:47 millert
+
+ * CHANGES, RUNSON, insults.h, auth/sudo_auth.c: Don't allow insults
+ to be enabled if the insults[] array is empty. Otherwise there
+ would be division by zero.
+
+1999-12-06 01:25 millert
+
+ * insults.h: Don't care about USE_INSULTS #define since the insult
+ stuff may be overridden at runtime.
+
+1999-12-06 01:23 millert
+
+ * auth/sudo_auth.c: Honor insults flag.
+
+1999-12-05 19:14 millert
+
+ * CHANGES, parse.c: Don't ask the user for a password if the user
+ is not allowed to run the command and the authenticate flag (in
+ sudoers) is false.
+
+1999-12-05 19:05 millert
+
+ * CHANGES, RUNSON, lex.yy.c, parse.lex: o Whenever we get a bare
+ newline we change to the INITIAL state. o Enter GOTRUNAS when we
+ see Runas_Alias
+
+ This allows #uid to work in a RunasAlias.
+
+1999-12-05 14:06 millert
+
+ * CHANGES, parse.yacc: fix parsing of runas lists: o oprunasuser
+ and runaslist now return a value o in a runasspec, if a runaslist
+ does not return TRUE, set runas_matches to FALSE. Normally, a
+ runaslist only returns FALSE for explicitly denied users. o
+ since runaslist does not modify the stack there is no need for a
+ push/pop in runasalias.
+
+1999-12-04 21:54 millert
+
+ * check.c, sudo.c: Don't kill the user's tickets until after
+ sudoers has been parsed since tty_tickets and ticket_dir could be
+ set in sudoers.
+
+1999-12-04 21:18 millert
+
+ * BUGS, CHANGES, Makefile.binary, Makefile.in, README, RUNSON,
+ configure, configure.in, sudo.cat, sudo.man, sudoers.cat,
+ sudoers.man, tgetpass.c, version.h, visudo.cat, visudo.man: crank
+ version to 1.6
+
+1999-12-04 21:18 millert
+
+ * testsudoers.c: add set_fqdn() stub
+
+1999-12-02 15:31 millert
+
+ * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.cat,
+ sudoers.man, sudoers.pod, visudo.c: o Kill shell_noargs option,
+ it cannot work since the command needs to be set before sudoers
+ is parsed. o Fix the "set_home" sudoers option (only worked at
+ compile time). o Fix "fqdn" sudoers option. We now set
+ host/shost via set_fqdn which gets called when the "fqdn"
+ option is set in sudoers. o Move the openlog() to
+ store_syslogfac() so this gets overridden correctly from the
+ sudoers file.
+
+1999-12-02 15:21 millert
+
+ * auth/securid.c: SecurID support should compile now.
+
+1999-11-28 20:56 millert
+
+ * sudo.pod, visudo.pod, sudo.cat, sudo.man, sudoers.man,
+ visudo.man, sudoers.cat, visudo.cat: fix some syntactic goofs
+
+1999-11-28 18:51 millert
+
+ * sudo.html, sudoers.html, Makefile.in, visudo.html: No longer need
+ the .html files as they are generated automatically on the web
+ site.
+
+1999-11-28 18:49 millert
+
+ * CHANGES, LICENSE: kill characters that made wml unhappy
+
+1999-11-28 18:34 millert
+
+ * HISTORY: typo
+
+1999-11-25 12:05 millert
+
+ * README: majordomo@cs.colorado.edu -> majordomo@courtesan.com
+
+1999-11-24 19:43 millert
+
+ * Makefile.in, configure: Wrap script execution w/ /bin/sh for the
+ benefit of ctm
+
+1999-11-23 22:52 millert
+
+ * sudo.c: Make the -s flag be exclusive too. Also reorder the
+ flags in the exclusive usage message so they are alphabetical.
+
+1999-11-23 13:27 millert
+
+ * auth/pam.c: make pam errors other than PAM_PERM_DENIED fatal
+
+1999-11-23 13:07 millert
+
+ * auth/API: fix typo
+
+1999-11-23 13:07 millert
+
+ * INSTALL: make it clear that /etc/pam.d/sudo is required on linux
+
+1999-11-23 13:06 millert
+
+ * auth/pam.c: fix a warning on redhat and spew an error if
+ pam_authenticate() returns an error other than AUTH_SUCCESS or
+ PAM_PERM_DENIED
+
+1999-11-23 00:43 millert
+
+ * sudo.cat, sudo.html, sudo.man, sudo.pod: Be very clear that the
+ password required is the user's not root's
+
+1999-11-19 21:04 millert
+
+ * Makefile.in: add sample.syslog.conf to DISTFILES and BINFILES
+
+1999-11-18 19:13 millert
+
+ * RUNSON: updates from Brian Jackson + some formatting
+
+1999-11-17 21:39 millert
+
+ * INSTALL.binary, Makefile.binary, README, RUNSON: o One RUNSon
+ update o Changes for automating real binary releases
+
+1999-11-17 21:38 millert
+
+ * Makefile.in: Add bindist target
+
+1999-11-16 16:26 millert
+
+ * TROUBLESHOOTING: talk about run-time options in addition to
+ compile-time options
+
+1999-11-16 01:16 millert
+
+ * CHANGES: fix typos
+
+1999-11-16 01:09 millert
+
+ * sudo.c: need sys/time.h if HAVE_SETRLIMIT
+
+1999-11-16 00:42 millert
+
+ * PORTING, README, RUNSON, sudo.c, sudo.cat, sudo.html, sudo.man,
+ sudo.pod, visudo.cat, visudo.html, visudo.man, visudo.pod: get
+ rid of references to sudo-bugs. Now mention the web site or the
+ sudo@ alias
+
+1999-11-16 00:35 millert
+
+ * sudoers.html: repair pod2html damage
+
+1999-11-16 00:28 millert
+
+ * RUNSON, TODO: Update for 1.6 release
+
+1999-11-16 00:23 millert
+
+ * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Add warning
+ about using ALL in a command context.
+
+1999-11-09 15:12 millert
+
+ * visudo.c: Call yyrestart() on a parse error to reset the lexer
+ state.
+
+1999-11-09 15:06 millert
+
+ * parse.lex, lex.yy.c: Don't need YY_FLUSH_BUFFER after all Move
+ yyrestart() into visudo.c since it might not get called in yywrap
+ if we get a parse error (and we only reread the file on error
+ anyway).
+
+1999-11-09 14:32 millert
+
+ * parse.lex, lex.yy.c: Call YY_FLUSH_BUFFER macro in yywrap() to
+ clean up any buffers that might still exist. Call yyrestart()
+ instead of using the deprecated YY_NEW_FILE macro.
+
+1999-11-09 12:13 millert
+
+ * lex.yy.c, parse.lex: flex doesn't need %N table size declarations
+
+1999-11-08 19:00 millert
+
+ * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Mention what
+ characters need to be escaped in names.
+
+1999-11-08 18:59 millert
+
+ * configure: regen
+
+1999-11-08 18:59 millert
+
+ * INSTALL: clarify Mac OS X entry
+
+1999-11-08 18:59 millert
+
+ * RUNSON: update
+
+1999-11-08 17:45 millert
+
+ * configure.in: o Use AC_MSG_ERROR throughout o Check syslog
+ configure options for danity
+
+1999-11-05 17:11 millert
+
+ * defaults.c: Fix printing of type T_MODE in dump_defaults()
+
+1999-11-05 12:00 millert
+
+ * strcasecmp.c: missing sys/types.h
+
+1999-11-05 00:42 millert
+
+ * INSTALL: Break out options that may be overridden at run time
+ into their own section. Add a not about Max OS X and correct
+ some lies.
+
+1999-11-04 14:01 millert
+
+ * CHANGES, config.h.in, configure, configure.in, sudo.c: o Now use
+ getrlimit to find the highest fd when closing all non-std fd's o
+ Turn off core dumps via setrlimit for the sake of paranoia
+
+1999-11-04 13:57 millert
+
+ * RUNSON: updates
+
+1999-11-01 10:59 millert
+
+ * CHANGES: updates
+
+1999-11-01 10:58 millert
+
+ * tgetpass.c: When read()'ing, do a single character at a time to
+ be sure we don't go oast the newline.
+
+1999-11-01 10:43 millert
+
+ * sudo.c: For the sudo_root option, check against user_uid, not
+ getuid() since at this point, ruid == euid == 0.
+
+1999-10-31 23:14 millert
+
+ * RUNSON: some updates
+
+1999-10-31 23:14 millert
+
+ * logging.h: Fix compilation problem when --with-logging=file was
+ specified. This means that syslog is now required to build sudo
+ but that should not be a problem. If it is it can be fixed
+ trivially with a configure check for syslog() or syslog.h.
+
+1999-10-31 23:00 millert
+
+ * tgetpass.c: Make this work again for things like "sudo echo hi |
+ more" where the tty gets put into character at a time mode. We
+ read until we read end of line or we run out of space (similar to
+ fgets(3)).
+
+1999-10-20 11:23 millert
+
+ * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: change ital
+ to bold
+
+1999-10-20 11:23 millert
+
+ * RUNSON: update
+
+1999-10-16 13:56 millert
+
+ * defaults.c: Error out if syslog parameters are given without a
+ value. For Ultrix or 4.2BSD "syslog" is allowed without a value
+ since there are no facilities in the 4.2BSD syslog.
+
+1999-10-15 16:37 millert
+
+ * defaults.c: Ignore the syslog facility for systems w/ old syslog
+ like Ultrix.
+
+1999-10-15 12:51 millert
+
+ * TROUBLESHOOTING: people with "." early in their path can have
+ problems running sudo from the build dir ;-)
+
+1999-10-13 00:18 millert
+
+ * sudo.man, sudo.pod, sudo.cat, sudo.html: Remove -r realm option
+
+1999-10-12 22:34 millert
+
+ * configure, configure.in, sudo.c, auth/kerb5.c, auth/sudo_auth.c,
+ auth/sudo_auth.h: New krb5 code from Frank Cusack
+ <fcusack@iconnet.net>.
+
+1999-10-12 22:33 millert
+
+ * CHANGES: update to reality
+
+1999-10-11 20:53 millert
+
+ * auth/fwtk.c: include <auth.h> to get function prototypes.
+
+1999-10-11 20:05 millert
+
+ * sudo.cat, sudo.html, sudo.man, sudo.pod: document -L flag
+
+1999-10-11 19:42 millert
+
+ * sudo.c: in set_perms(), always call setuid(0) before changing the
+ ruid/euid so we always know it will succeed.
+
+1999-10-11 12:24 millert
+
+ * defaults.h: #undef T_FOO to avoid conflicts with system defines
+ (like on ULTRIX).
+
+1999-10-11 11:55 millert
+
+ * TODO, sample.sudoers, sudoers.cat, sudoers.html, sudoers.man,
+ sudoers.pod: Docuement "Defaults" lines in /etc/sudoers. Still
+ needs some fleshing out but this is a start.
+
+1999-10-10 17:21 millert
+
+ * defaults.c: use strtol, not strtoul since not everyone has not
+ strtoul
+
+1999-10-10 15:01 millert
+
+ * lex.yy.c, parse.lex: last {WORD} rule should only apply in the
+ INITIAL state
+
+1999-10-10 14:38 millert
+
+ * lex.yy.c, parse.lex: o Add support for escaped characters in the
+ WORD macro o Modify fill() to squash escape chars
+
+1999-10-10 13:56 millert
+
+ * defaults.c, defaults.h: o Add T_PATH flag to allow simple sanity
+ checks for default values that are supposed to be pathnames. o
+ Fix a duplicate free when visudo finds an error.
+
+1999-10-09 01:01 millert
+
+ * defaults.c, defaults.h, logging.c: mail_if_foo -> mail_foo
+
+1999-10-07 21:12 millert
+
+ * compat.h, defaults.c, defaults.h, sudo.c, tgetpass.c: o Add
+ requiretty option o Move O_NOCTTY to compat.h
+
+1999-10-07 21:12 millert
+
+ * logging.c: The exit() in log_error() was mistakenly removed in a
+ previous version. Put it back...
+
+1999-10-07 17:20 millert
+
+ * INSTALL, TODO, check.c, config.h.in, configure, configure.in,
+ defaults.c, defaults.h, find_path.c, getspwuid.c, lex.yy.c,
+ logging.c, parse.yacc, sudo.c, auth/aix_auth.c, auth/fwtk.c,
+ auth/pam.c, auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: o
+ Change defaults stuff to put the value right in the struct. o
+ Implement mailer_flags o Store syslog stuff both in int and
+ string form. Setting the string form magically updates the int
+ version. o Add boolean attribute to strings where it makes sense
+ to say !foo
+
+1999-10-07 17:13 millert
+
+ * tgetpass.c: add O_NOCTTY when opening /dev/tty just in case
+
+1999-10-06 00:48 millert
+
+ * auth/API: cleanup function no longer takes a status arg
+
+1999-10-06 00:48 millert
+
+ * INSTALL: the the
+
+1999-09-15 05:15 millert
+
+ * TODO, config.h.in, configure, configure.in, logging.c: Use
+ strftime() instead of ctime() if it is available.
+
+1999-09-14 12:58 millert
+
+ * defaults.c: fix copyright date
+
+1999-09-14 12:57 millert
+
+ * RUNSON: update ReliantUNIX entry
+
+1999-09-14 12:56 millert
+
+ * defaults.c, defaults.h, logging.c: add log_year option
+
+1999-09-14 04:01 millert
+
+ * configure, configure.in: add --without-sendmail to help output
+
+1999-09-14 03:42 millert
+
+ * configure, configure.in: enforce an otctal arg for
+ --with-suoders-mode
+
+1999-09-08 04:06 millert
+
+ * BUGS, INSTALL, Makefile.in, TODO, aclocal.m4, check.c,
+ config.h.in, configure, configure.in, defaults.c, defaults.h,
+ find_path.c, lex.yy.c, logging.c, parse.h, parse.lex, parse.yacc,
+ sudo.c, sudo.h, sudo.tab.h, testsudoers.c, version.c, visudo.c,
+ auth/aix_auth.c, auth/fwtk.c, auth/kerb5.c, auth/pam.c,
+ auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: Add support for
+ "Defaults" line in sudoers to make configuration variables
+ changable at runtime (and on a global, per-host and per-user
+ basis). Both the names and the internal representation are still
+ subject to change. It was necessary to make sudo_user.runas but
+ a char ** instead of a char * since this value can be changed by
+ a Defaults line. There is a similar (but more complicated) issue
+ with sudo_user.prompt but it is handled differently at the
+ moment.
+
+ Add a "-L" flag to list the name of options with their
+ descriptions. This may only be temporary.
+
+ Move some prototypes to parse.h
+
+ Be much less restrictive on what is allowed for a username.
+
+1999-09-08 04:01 millert
+
+ * sample.syslog.conf: Add more info
+
+1999-09-04 03:09 millert
+
+ * fnmatch.3, fnmatch.c, getcwd.c, lsearch.c, snprintf.c,
+ strcasecmp.c, LICENSE: UCB has dropped the advertising clause
+ from their license.
+
+1999-08-31 05:39 millert
+
+ * auth/sudo_auth.h: move dce_verofy proto to correct section
+
+1999-08-31 05:39 millert
+
+ * auth/dce.c: remove XXX
+
+1999-08-28 06:00 millert
+
+ * emul/fnmatch.h: Add fnmatch() prototype
+
+1999-08-28 06:00 millert
+
+ * fnmatch.c, parse.c, testsudoers.c: Move inclusion of
+ emul/fnmatch.h to be after sudo.h for __P
+
+1999-08-28 05:59 millert
+
+ * sudo.h: add strcasecmp proto
+
+1999-08-28 05:50 millert
+
+ * auth/sudo_auth.c: add check for case where there are no auth
+ methods
+
+1999-08-28 05:36 millert
+
+ * configure, configure.in: Define _XOPEN_EXTENDED_SOURCE on AIX and
+ __USE_FIXED_PROTOTYPES__ on SunOS4 w/ gcc
+
+1999-08-28 05:24 millert
+
+ * getspwuid.c, lex.yy.c, parse.lex, parse.yacc: include strings.h
+ everywhere we include string.h
+
+1999-08-28 05:22 millert
+
+ * version.c: nicer output when showing auth methods
+
+1999-08-28 05:00 millert
+
+ * version.c: Add support for SEND_MAIL_WHEN_NO_HOST
+
+1999-08-28 04:49 millert
+
+ * config.h.in, configure.in, configure: Add _GNU_SOURCE for Linux
+
+1999-08-28 04:22 millert
+
+ * parse.lex, lex.yy.c: fix definition of OCTECT
+
+1999-08-28 04:10 millert
+
+ * configure, configure.in: aix_auth.o not authenticate.o
+
+1999-08-27 17:02 millert
+
+ * sudo.c: Only block SIGINT, SIGQUIT, SIGTSTP (which can be
+ generated from the keyboard). Since we run with ruid/euid == 0
+ the user can't really signal us in nasty ways.
+
+1999-08-27 17:01 millert
+
+ * visudo.c: Don't need to worry about catching too many signals
+ since we do locking on the tmp file. If a lockfile is really
+ stale, it will be detected and overwritten.
+
+1999-08-27 16:09 millert
+
+ * INSTALL, Makefile.in: include auth/API in tarball
+
+1999-08-27 16:09 millert
+
+ * auth/sudo_auth.c: move memset() of plaintext pw outside of verify
+ loop and only do the memset if we are *not* in standalone mode.
+
+1999-08-27 13:46 millert
+
+ * auth/: sudo_auth.c, sudo_auth.h: DCE is not a standalone method
+
+1999-08-27 11:53 millert
+
+ * sudo.c: fix --enable-noargs-shell
+
+1999-08-27 11:06 millert
+
+ * snprintf.c: "#ifdef __STDC__" not "#if __STDC__" (I missed one)
+
+1999-08-27 10:54 millert
+
+ * auth/: fwtk.c, sia.c: _cleanup() function returns an int.
+
+1999-08-27 10:50 millert
+
+ * auth/dce.c: there were still some return(0)'s hanging around,
+ make them AUTH_FAILURE
+
+1999-08-27 10:39 millert
+
+ * parse.c: typo in comment
+
+1999-08-27 10:03 millert
+
+ * version.c: add missing semicolon
+
+1999-08-27 08:31 millert
+
+ * auth/sudo_auth.h: missing backslash
+
+1999-08-26 17:24 millert
+
+ * CHANGES, config.h.in, configure, configure.in: Kill
+ _XOPEN_EXTENDED_SOURCE -- causes problems on some OSes
+
+1999-08-26 09:21 millert
+
+ * Makefile.in: add parse.h to HDRS
+
+1999-08-26 09:16 millert
+
+ * Makefile.in, configure, configure.in: Kill VISUDO_LIBS and
+ VISUDO_LDFLAGS. Add LIBS, NET_LIBS, and LDFLAGS. Common libs go
+ in LIBS, commong ld flags go in LDFLAGS and network libs like
+ -lsocket, -lnsl go in NET_LIBS. This allows testsudoers to build
+ on Solaris and is a bit cleaner in general.
+
+1999-08-26 06:56 millert
+
+ * UPGRADE: mention ptmp -> sudoers.tmp
+
+1999-08-26 06:12 millert
+
+ * configure.in, configure, config.h.in: Define
+ _XOPEN_SOURCE_EXTENDED not _XOPEN_SOURCE
+
+1999-08-26 05:37 millert
+
+ * RUNSON: add 2 reports
+
+1999-08-26 05:20 millert
+
+ * auth/kerb5.c: Minor changes, mostly cosmetic.
+ verify_krb_v5_tgt() changed to return a value more like a system
+ function
+
+1999-08-26 05:19 millert
+
+ * auth/dce.c: Add an XXX
+
+1999-08-26 05:19 millert
+
+ * TODO: more things todo!
+
+1999-08-26 05:18 millert
+
+ * sample.sudoers: update based on what is in the man page
+
+1999-08-26 05:10 millert
+
+ * parse.yacc: minor change to first line printed in -l mode
+
+1999-08-26 05:10 millert
+
+ * sudo.cat, sudo.html, sudo.man, sudo.pod: rename "ENVIRONMENT
+ VARIABLES" section to "ENVIRONMENT" to be more standard and add
+ "EXAMPLES" section
+
+1999-08-26 05:08 millert
+
+ * visudo.cat, visudo.html, visudo.man, visudo.pod: rename
+ "ENVIRONMENT VARIABLES" section to "ENVIRONMENT" to be more
+ standard
+
+1999-08-26 05:06 millert
+
+ * logging.c, parse.c, sudo.h: add FLAG_NO_CHECK
+
+1999-08-26 05:05 millert
+
+ * parse.lex, lex.yy.c: make an OCTET really be limited to 0-255
+
+1999-08-26 05:04 millert
+
+ * UPGRADE: mention timestamp changes
+
+1999-08-26 05:04 millert
+
+ * PORTING: cosmetic cleanup
+
+1999-08-26 05:00 millert
+
+ * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: new
+ sudoers(8) man page
+
+1999-08-24 13:45 millert
+
+ * version.c: Update comments about syslog name tables
+
+1999-08-24 13:37 millert
+
+ * CHANGES, LICENSE, Makefile.in, configure, strcasecmp.c,
+ configure.in, parse.yacc: include strcasecmp() for those without
+ it
+
+1999-08-24 12:43 millert
+
+ * sample.sudoers: Use the : operator some more and fix a typo
+
+1999-08-24 12:43 millert
+
+ * HISTORY: update the history of sudo
+
+1999-08-24 12:42 millert
+
+ * parse.c, parse.lex, testsudoers.c: CIDR-style netmask support
+
+1999-08-24 12:41 millert
+
+ * CHANGES: recent changes
+
+1999-08-24 12:40 millert
+
+ * sudo.tab.h: these should be generated with byacc, not bison
+
+1999-08-24 12:40 millert
+
+ * lex.yy.c: regen
+
+1999-08-24 11:58 millert
+
+ * parse.h, parse.yacc, sudo.tab.h: In "sudo -l" mode, the type of
+ the stored (expanded) alias was not stored with the contents.
+ This could lead to incorrect output if the sudoers file had
+ different alias types with the same name. Normal parsing (ie:
+ not in '-l' mode) is unaffected.
+
+1999-08-23 12:47 millert
+
+ * configure, configure.in: define _XOPEN_SOURCE to get at crypt()
+ proto on some systems
+
+1999-08-22 13:10 millert
+
+ * snprintf.c: fix comment
+
+1999-08-22 13:09 millert
+
+ * tgetpass.c: don't need limits.h
+
+1999-08-22 07:36 millert
+
+ * snprintf.c: kill bogus reference to vfprintf
+
+1999-08-22 07:26 millert
+
+ * sample.sudoers, sudoers: better examples
+
+1999-08-22 07:23 millert
+
+ * snprintf.c: Add some const in the K&R defs. This is safe since
+ we define const away if the compiler doesn't grok it.
+
+1999-08-22 07:22 millert
+
+ * aclocal.m4, configure: Better test for working long long support.
+ Ultrix compiler supports basic long long but not all operations
+ on them.
+
+1999-08-22 05:59 millert
+
+ * aclocal.m4, config.h.in, configure, getspwuid.c, snprintf.c,
+ sudo.c, auth/secureware.c: Add check for LONG_IS_QUAD #undef
+ MAXINT before including hpsecurity.h to silence an HP-UX warning
+ Check for U?LONG_LONG_MAX in snprintf.c and use LONG_IS_QUAD
+
+1999-08-21 15:00 millert
+
+ * LICENSE, aclocal.m4, config.h.in, configure, configure.in,
+ snprintf.c: UCB-derived snprintf + asprintf support. Supports
+ quads if the compiler does. No floating point yet, perhaps
+ later...
+
+1999-08-20 16:37 millert
+
+ * check.c, find_path.c, goodpath.c, logging.c, parse.c, sudo.c,
+ auth/API, auth/sudo_auth.c, auth/sudo_auth.h: Run most of the
+ code as root, not the invoking user. It doesn't really gain us
+ anything to run as the user since an attacker can just have an
+ setuid(0) in their egg. Running as root solves potential
+ problems wrt signalling.
+
+1999-08-19 13:45 millert
+
+ * logging.c, sudo.c: Don't wait for child to finish in log_error(),
+ let the signal handler get it if we are still running, else let
+ init reap it for us. The extra time it takes to wait lets the
+ user know that mail is being sent.
+
+ Install SIGCHLD handler in main() and for POSIX signals, block
+ everything *except* SIGCHLD.
+
+1999-08-19 12:30 millert
+
+ * logging.c, parse.c, parse.yacc, sudo.c, configure, sudo.h,
+ INSTALL, config.h.in, configure.in: sudoers_lookup() now returns
+ a bitmap instead of an int. This makes it possible to express
+ things like "failed to validate because user not listed for this
+ host". Some thigns that were previously VALIDATE_FOO are now
+ FLAG_FOO. This may change later on.
+
+ Reorganized code in log_auth() and sudo.c to deal with above
+ changes.
+
+ Safer versions of push/pushcp with in the do { ... } while (0)
+ style
+
+ parse.yacc now saves info on the stack to allow parse.c to
+ determine if a user was listed, but not for the host he/she tried
+ to run on.
+
+ Added --with-mail-if-no-host option
+
+1999-08-17 11:29 millert
+
+ * parse.yacc, sudo.h, visudo.c, visudo.cat, visudo.html,
+ visudo.man, visudo.pod: o NewArgv and NewArgc don't need to be
+ externally visible. o If pedantic > 1, it is a parse error. o
+ Add -s (strict) option to visudo which sets pedantic to 2.
+
+1999-08-17 11:26 millert
+
+ * HISTORY, INSTALL: Just have sudo-bugs contact info in one place
+
+1999-08-17 11:20 millert
+
+ * sudo.cat, sudo.html, sudo.man, sudo.pod: Add BUGS section
+
+1999-08-17 10:29 millert
+
+ * configure, configure.in, Makefile.in: Add testsudoers to default
+ build target if --with-devel Don't clean generated parser files
+ unless "distclean".
+
+1999-08-17 08:47 millert
+
+ * parse.yacc: In pedantic mode we need to save *all* the aliases,
+ not just those that match, or we get spurious warnings.
+
+1999-08-17 05:32 millert
+
+ * TROUBLESHOOTING: reference samples.sylog.conf
+
+1999-08-14 11:50 millert
+
+ * sample.syslog.conf: Sample entries for syslog.conf
+
+1999-08-14 11:40 millert
+
+ * CHANGES: recent changes
+
+1999-08-14 11:36 millert
+
+ * auth/: API, afs.c, aix_auth.c, dce.c, fwtk.c, kerb4.c, kerb5.c,
+ pam.c, passwd.c, rfc1938.c, secureware.c, securid.c, sia.c,
+ sudo_auth.c, sudo_auth.h: In struct sudo_auth, turn need_root and
+ configured into flags and add a flag to specify an auth method is
+ running alone (the only one). Pass auth methods their sudo_auth
+ pointer, not the data pointer. This allows us to get at the
+ flags and tell if we are the only auth method. That, in turn,
+ allows the method to be able to decide what should/should not be
+ a fatal error. Currently only rfc1938 uses it this way, which
+ allows us to kill the OTP_ONLY define and te hackery that went
+ with it. With access to the sudo_auth struct, methods can also
+ get at a string holding their cannonical name (useful in error
+ messages).
+
+1999-08-14 11:34 millert
+
+ * Makefile.in, INSTALL, README, config.h.in, configure,
+ configure.in, getspwuid.c, lex.yy.c, parse.lex, parse.yacc,
+ sudo.tab.h: o --with-otp deprecated, use --without-passwd instead
+ o real dependencies in the Makefile o --with-devel option to
+ enable yacc, lex, and -Wall o style -- "foo -> bar" becomes
+ "foo->bar" o ALL goes back to being a token, not a string but
+ don't leak memory o rename hsotspec -> host in parse.yacc
+
+1999-08-12 12:26 millert
+
+ * BUGS, CHANGES: recent changes
+
+1999-08-12 12:24 millert
+
+ * configure, configure.in, interfaces.c, snprintf.c, sudo.c,
+ sudo.h, auth/sudo_auth.c: o Digital UNIX needs to check for
+ *snprintf() before -ldb is added to LIBS since -ldb includes a
+ bogus snprintf(). o Add forward refs for struct mbuf and struct
+ rtentry for Digital UNIX. o Reorder some functions in snprintf.c
+ to fix -Wall o Add missing includes to fix more -Wall
+
+1999-08-12 10:37 millert
+
+ * INSTALL, check.c, config.h.in, configure, configure.in,
+ parse.yacc, testsudoers.c, version.c, visudo.c, auth/sudo_auth.c:
+ o Add a "pedentic" flag to the parser. This makes sudo warn in
+ cases where an alias may be used before it is defined. Only
+ turned on for visudo and testsudoers. o Add
+ --disable-authentication option that makes sudo not require
+ authentication by default. The PASSWD tag can be used to require
+ authentication for an entry. We no longer overload
+ --without-passwd.
+
+1999-08-12 10:29 millert
+
+ * lex.yy.c, parse.lex: Break 'WORD' regexp def into HOSTNAME and
+ USERNAME. These days a username can contain just about anything
+ so be very permissive. Also drop the unused \. punctuation.
+
+1999-08-09 18:25 millert
+
+ * parse.yacc: o add a 'val' element to aliasinfo struct and move ->
+ parse.h o find_alias() now returns an aliasinfo * instead of
+ boolean o add_alias() now takes a value parameter to store in the
+ aliasinfo.val o The cmnd, hostspec, runasuser, and user rules now
+ return: 1) positive match 0) negative match (due to '!') -1) no
+ match This means setting $$ explicitly in all cases, which I
+ should have done in the first place. It also means that we
+ always store a value that is != -1 and when we see a '!' we can
+ set *_matches to !rv if rv != -1. The upshot of all of this is
+ that '!' now works the way it should in lists and some of the
+ rules are more uniform and sensible.
+
+1999-08-09 18:17 millert
+
+ * Makefile.in: add parse.h dependency
+
+1999-08-09 18:17 millert
+
+ * parse.h: kill unused *_matched macros
+
+1999-08-09 10:35 millert
+
+ * parse.yacc: Allow a list of users as the first thing in a user
+ spec, not just a single entry. This makes things more uniform,
+ though it does allow you to write user specs that are hard to
+ read.
+
+1999-08-09 10:08 millert
+
+ * configure: regen
+
+1999-08-09 10:08 millert
+
+ * configure.in: fix check for crypt() in libufc
+
+1999-08-07 14:03 millert
+
+ * README: sudo-users list now exists
+
+1999-08-07 07:46 millert
+
+ * INSTALL, PORTING, README, TODO, TROUBLESHOOTING: Update to
+ reality.
+
+1999-08-07 05:59 millert
+
+ * CHANGES, Makefile.in, TODO, TROUBLESHOOTING, check.c, compat.h,
+ config.h.in, configure.in, logging.c, sudo.h, version.c,
+ visudo.c, configure, fileops.c: o Move lock_file() and touch()
+ into fileops.c so visudo can use them o Visudo now locks the
+ sudoers temp file instead of bailing when the temp file already
+ exists. This fixes the problem of stale temp files but it does
+ *require* that you not try to put the temp file in a
+ world-writable directory. This shoud not be an issue as the temp
+ file should live in the same dir as sudoers. o Visudo now only
+ installs the temp file as sudoers if it changed.
+
+1999-08-06 09:49 millert
+
+ * logging.c: add fcntl locking
+
+1999-08-06 09:33 millert
+
+ * configure, config.h.in, configure.in, logging.c: Lock the log
+ file.
+
+1999-08-06 05:36 millert
+
+ * Makefile.in, TROUBLESHOOTING, parse.c, pathnames.h.in, sudo.c,
+ visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod: o
+ /etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow
+ temp file o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and
+ _PATH_SUDO_STMP -> _PATH_SUDOERS_TMP
+
+1999-08-05 17:38 millert
+
+ * INSTALL, check.c, config.h.in, configure, configure.in,
+ version.c: o Kill *_MESSAGE and replace with NO_LECTURE o Add
+ more things to root sudo -V config reporting
+
+1999-08-05 10:56 millert
+
+ * configure, configure.in: aix_auth.o not authenticate.o
+
+1999-08-05 10:48 millert
+
+ * config.h.in: Add --with-goodpri and --with-badpri configure
+ options to specify the syslog priority to use.
+
+1999-08-05 10:30 millert
+
+ * INSTALL, configure.in, logging.h, configure: Add --with-goodpri
+ and --with-badpri configure options to specify the syslog
+ priority to use.
+
+1999-08-05 10:25 millert
+
+ * compat.h: kill crufty AIX stuff
+
+1999-08-05 06:55 millert
+
+ * Makefile.in: Sigh, some versions of make (like Solaris's) don't
+ deal with $< like I would expect. Both GNU and BSD makes get
+ this right but... So, we just expand $< inline at the cost of
+ some ugliness.
+
+1999-08-05 06:52 millert
+
+ * version.c: If the invoking user is root, sudo will now print
+ configure info in -V mode. Currently just prints logging info,
+ to be expanded later.
+
+1999-08-05 06:51 millert
+
+ * logging.c, logging.h, sudo.c, sudo.h: o new defines for syslog
+ facility and priority o use new print_version() functino for -V
+ mode
+
+1999-08-05 06:49 millert
+
+ * check.c: Don't need version.c
+
+1999-08-05 06:21 millert
+
+ * configure, configure.in, aclocal.m4, config.h.in: Add check for
+ syslog facilities and priorities tables in syslog.h
+
+1999-08-05 05:23 millert
+
+ * Makefile.in: o authenticate -> aix_auth o add version.c
+
+1999-08-05 05:21 millert
+
+ * auth/sudo_auth.c: Missed a prompt -> user_prompt conversion
+
+1999-08-04 13:32 millert
+
+ * TODO: sudo should lock its logfile
+
+1999-08-04 13:28 millert
+
+ * parse.yacc: o Add '!' correctly when expanding Aliases. o Add
+ shortcut macros for append() to make things more readable. o The
+ separator in append() is now a string instead of a char. o In
+ append(), only prepend the separator if the last char is not a
+ '!'. This is a hack but it greatly simplifies '!' handling. o
+ In -l mode, Runas lists and NOPASSWD/PASSWD tags are now
+ inherited across entries in a list (matches current behavior).
+ o Fix formatting in -l mode such that items in a list are
+ separated by a space. Greatlt improves readability. o Space
+ for name field in struct aliasinfo is now allocated dyanically
+ instead of using a (big) buffer. o In add_alias(), only search
+ the list once (lsearch instead of lfind + lsearch)
+
+1999-08-04 11:31 millert
+
+ * lex.yy.c, sudo.tab.h: regen
+
+1999-08-04 10:54 millert
+
+ * configure, configure.in: Solais pam doesn't require anye xtra
+ setup
+
+1999-08-04 05:35 millert
+
+ * parse.yacc: o Simpler '!' support now that the lexer deals with
+ multiple !'s for us. o In the case of opFOO, have FOO give a
+ boolean return value and set foo_matches in opFOO, not FOO. o
+ Treat 'ALL' as a string since it gets fill()'d in
+ parse.lex--fixes a small memory leak. In the long run it may
+ be better to just fix parse.lex and make ALL back into a token.
+ However, having it be a string is useful since it can be
+ easily passed back to the parent rule if we so desire.
+
+1999-08-04 03:54 millert
+
+ * parse.lex: o Remove some unnecessary backslashes o collapse
+ multiple !'s by using !+ and checking if yyleng is even or odd.
+ this allows us to simplify ! handling in parse.yacc
+
+1999-08-04 03:53 millert
+
+ * sudo.c: -u flag was being ignored
+
+1999-08-01 13:04 millert
+
+ * Makefile.in: correct fix
+
+1999-08-01 12:37 millert
+
+ * Makefile.in: work around pod2man stupididy
+
+1999-08-01 12:35 millert
+
+ * Makefile.in: correct dependencies for .cat
+
+1999-08-01 12:26 millert
+
+ * sudo.cat, sudo.man, visudo.cat, visudo.man: regen
+
+1999-08-01 12:25 millert
+
+ * sudo.pod, visudo.pod: Add copyright Update to reality
+
+1999-08-01 11:42 millert
+
+ * parse.c, sudo.c, sudo.h: rename validate() to the more
+ descriptive sudoers_lookup()
+
+1999-08-01 06:49 millert
+
+ * auth/aix_auth.c: use tgetpass
+
+1999-07-31 12:32 millert
+
+ * CHANGES: updates
+
+1999-07-31 12:31 millert
+
+ * HISTORY, INSTALL, Makefile.in, README, RUNSON, TROUBLESHOOTING,
+ configure, configure.in, sudo.c: Sudo, not CU Sudo
+
+1999-07-31 12:19 millert
+
+ * Makefile.in, alloc.c, check.c, compat.h, config.h.in,
+ find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h,
+ ins_csops.h, ins_goons.h, insults.h, interfaces.c, interfaces.h,
+ lex.yy.c, logging.c, logging.h, parse.c, parse.h, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strerror.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c, auth/afs.c, auth/aix_auth.c, auth/dce.c, auth/fwtk.c,
+ auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
+ auth/rfc1938.c, auth/secureware.c, auth/securid.c, auth/sia.c,
+ auth/sudo_auth.c, auth/sudo_auth.h, emul/search.h, emul/utime.h,
+ LICENSE: add 4th term to license similar to term 5 in the apache
+ license
+
+1999-07-31 12:02 millert
+
+ * LICENSE, aclocal.m4, check.c, configure.in, insults.h, logging.c,
+ sudo.c, sudo.h, auth/rfc1938.c: there was a 1995 release too
+
+1999-07-28 05:24 millert
+
+ * CHANGES: updates
+
+1999-07-28 05:21 millert
+
+ * check.c: Use dirs instead of files for timestamp. This allows
+ tty and non-tty schemes to coexist reasonably. Note, however,
+ that when you update a tty ticket, the mtime on the user dir gets
+ updated as well.
+
+1999-07-28 05:17 millert
+
+ * configure.in, configure: Fix getprpwnam() checking on SCO. Need
+ to link with "-lprot -lx" when linking test program, not just
+ -lprot. Also add check for getspnam(). The SCO docs indicate
+ that /etc/shadow can be used but this may be a lie.
+
+1999-07-24 03:35 millert
+
+ * auth/API: first cut at auth API description
+
+1999-07-22 15:48 millert
+
+ * auth/: fwtk.c, kerb4.c, kerb5.c, pam.c, rfc1938.c, secureware.c,
+ securid.c, sudo_auth.c, sudo_auth.h: auth API change. There is
+ now an init method that gets run before the main loop. This
+ allows auth routines to differentiate between initialization that
+ happens once vs. setup that needs to run each time through the
+ loop.
+
+1999-07-22 12:23 millert
+
+ * logging.c, auth/kerb5.c: use easprintf() and evasprintf()
+
+1999-07-22 12:22 millert
+
+ * alloc.c, sudo.h: add easprintf() and evasprintf(), error checking
+ versions of asprintf() and vasprintf()
+
+1999-07-22 09:14 millert
+
+ * TODO: remove 2 items. One done, one won't do.
+
+1999-07-22 09:10 millert
+
+ * sudo.man, visudo.man, sudo.cat, sudo.html, sudoers.html,
+ visudo.cat, visudo.html, configure, lex.yy.c: regen
+
+1999-07-22 09:06 millert
+
+ * CHANGES: new changes
+
+1999-07-22 09:01 millert
+
+ * sudo.pod: o Document -K flag and update meaning of -k flag. o
+ BSD-style copyright o Document clearing of BIND resolver
+ environment variables o Clarify bit about shared libs o suggest
+ rc files create /tmp/.odus if your OS gives away files
+
+1999-07-22 08:59 millert
+
+ * visudo.pod: BSD license
+
+1999-07-22 08:58 millert
+
+ * tgetpass.c: o BSD copyright o no need to block signals, we now do
+ that in main() o cosmetic changes
+
+1999-07-22 08:57 millert
+
+ * testsudoers.c, visudo.c: o BSD-style copyright o Use "struct
+ sudo_user" instead of old globals. o some cometic cleanup
+
+1999-07-22 08:56 millert
+
+ * sudo_setenv.c, version.h: BSD-style copyright
+
+1999-07-22 08:56 millert
+
+ * sudo.h: o BSD copyright o logging and parser bits moved to their
+ own .h files o new "struct sudo_user" to encapsulate many of the
+ old globals.
+
+1999-07-22 08:55 millert
+
+ * sudo.c: o no longer contains sudo 1.1/1.2 code o BSD copyright o
+ use new logging routines o simplified flow of control o BIND
+ resolver additions to badenv_table
+
+1999-07-22 08:53 millert
+
+ * strerror.c: BSD-style copyright
+
+1999-07-22 08:53 millert
+
+ * snprintf.c: Now compiles on more K&R compilers
+
+1999-07-22 08:52 millert
+
+ * putenv.c: BSD-style copyright, cosmetic changes
+
+1999-07-22 08:51 millert
+
+ * parse.c, parse.yacc, parse.h, parse.lex: BSD-style copyright.
+ Move parser-specific defines and structs into parse.h + other
+ cosmetic changes
+
+1999-07-22 08:51 millert
+
+ * logging.h: defines for logging routines
+
+1999-07-22 08:49 millert
+
+ * ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.h, pathnames.h.in: BSD-style copyright
+
+1999-07-22 08:48 millert
+
+ * find_path.c, getspwuid.c, goodpath.c, interfaces.c: BSD-style
+ copyright, cosmetic changes
+
+1999-07-22 08:46 millert
+
+ * configure.in: o tgetpass.c is no longer optional o kill DCE_OBJS,
+ add AUTH_OBJS o kill --disable-tgetpass o add --without-passwd o
+ changes to fill in AUTH_OBJS for new auth api o check for
+ strerror(), v?snprintf() and v?asprintf() o replace
+ --with-AuthSRV with --with-fwtk
+
+1999-07-22 08:43 millert
+
+ * config.h.in: BSD-style copyright. Remove USE_GETPASS and
+ HAVE_UTIME_NULL. Add HAVE_FWTK, HAVE_STRERROR, HAVE_SNPRINTF,
+ HAVE_VSNPRINTF, HAVE_ASPRINTF, HAVE_VASPRINTF, WITHOUT_PASSWD and
+ NO_PASSWD
+
+1999-07-22 08:42 millert
+
+ * compat.h: BSD-style copyright; Add S_IFLNK and MIN/MAX id they
+ are missing.
+
+1999-07-22 08:39 millert
+
+ * alloc.c: BSD-style copyright
+
+1999-07-22 08:38 millert
+
+ * TROUBLESHOOTING: no more --with-getpass
+
+1999-07-22 08:34 millert
+
+ * TODO: Take out things I've done...
+
+1999-07-22 08:34 millert
+
+ * README: Refer to LICENSE
+
+1999-07-22 08:34 millert
+
+ * PORTING: --with-getpass no longer exists
+
+1999-07-22 08:33 millert
+
+ * Makefile.in: BSD-style copyright. Update to reflect reality wrt
+ new files and new auth modules.
+
+1999-07-22 08:32 millert
+
+ * INSTALL: Remove --with-AuthSRV and --disable-tgetpass. Add
+ --with-fwtk and --without-passwd.
+
+1999-07-22 08:31 millert
+
+ * HISTORY: Update history a bit
+
+1999-07-22 08:29 millert
+
+ * COPYING, LICENSE: Now distributed under a BSD-style license
+
+1999-07-22 08:28 millert
+
+ * auth/sudo_auth.c: o BSD-style copyright o Add support for
+ NO_PASSWD/WITHOUT_PASSWD options. o skey/opie replaced by
+ rfc1938 code o new struct sudo_user global
+
+1999-07-22 08:25 millert
+
+ * auth/: pam.c, sia.c: BSD-style copyright and use new log
+ functions
+
+1999-07-22 08:24 millert
+
+ * auth/kerb5.c: o BSD-style copyright o Use new log functiongs o
+ Use asprintf() and snprintf() where sensible.
+
+1999-07-22 08:19 millert
+
+ * check.c: Rewrote all the old sudo 1.1/1.2 code. Timestamp
+ handling is now done more reasonably--better sanity checks and
+ tty-based stamps are now done as files in a directory with the
+ same name as the invoking user, eg. /var/run/sudo/millert/ttyp1.
+ It is not currently possible to mix tty and non-tty based ticket
+ schemes but this may change in the future (it requires sudo to
+ use a directory instead of a file in the non-tty case). Also,
+ ``sudo -k'' now sets the ticket back to the epoch and ``sudo -K''
+ really deletes the file. That way you don't get the lecture
+ again just because you killed your ticket in .logout. BSD-style
+ copyright now.
+
+1999-07-22 08:13 millert
+
+ * logging.c: o rewritten logging routines. log_error() now takes
+ printf-style varargs and log_auth() for the return value of
+ validate(). o BSD-style copyright
+
+1999-07-22 07:04 millert
+
+ * auth.c, check_sia.c, dce_pwent.c, secureware.c: superceded by new
+ auth API
+
+1999-07-22 07:02 millert
+
+ * auth/fwtk.c: Use snprintf() where it makes sense and add a
+ BSD-style copyright
+
+1999-07-22 07:00 millert
+
+ * auth/: afs.c, aix_auth.c, dce.c, passwd.c, rfc1938.c,
+ secureware.c, securid.c, sudo_auth.h, kerb4.c: BSD-style
+ copyright
+
+1999-07-22 06:57 millert
+
+ * emul/utime.h, utime.c: BSD-style copyright
+
+1999-07-22 06:57 millert
+
+ * emul/search.h: this has been rewritten so use my BSD-style
+ copyright
+
+1999-07-15 11:21 millert
+
+ * snprintf.c: include malloc.h if no stdlib.h
+
+1999-07-15 10:21 millert
+
+ * snprintf.c: KTH snprintf()/asprintf() for systems w/o them
+
+1999-07-15 10:20 millert
+
+ * strerror.c: strerror() for systems w/o it
+
+1999-07-12 06:53 millert
+
+ * visudo.c: stylistic changes
+
+1999-07-12 06:25 millert
+
+ * parse.c, parse.lex, parse.yacc: Add contribution info in the main
+ comment
+
+1999-07-11 16:10 millert
+
+ * auth/pam.c: remove missed ref to PAM_nullpw
+
+1999-07-11 16:10 millert
+
+ * auth/sudo_auth.h: pasto
+
+1999-07-11 15:19 millert
+
+ * auth/kerb5.c: more or less complete now--still untested
+
+1999-07-11 15:09 millert
+
+ * auth/: afs.c, pam.c: don't use user_name macro, it will go away
+
+1999-07-11 14:42 millert
+
+ * auth/: opie.c, rfc1938.c, sudo_auth.h, skey.c: combine skey/opie
+ code into rfc1938.c
+
+1999-07-11 07:22 millert
+
+ * auth/: dce.c, sudo_auth.h: DCE authentication method; basically
+ unchanged from dce_pwent.c
+
+1999-07-11 06:44 millert
+
+ * auth/: aix_auth.c, sudo_auth.h: AIX authenticate() support.
+ Could probably be much better
+
+1999-07-11 06:43 millert
+
+ * auth/sia.c: Fix an uninitialized variable and some cleanup. Now
+ works (tested)
+
+1999-07-11 05:37 millert
+
+ * auth/: sia.c, sudo_auth.h: SIA support for digital unix
+
+1999-07-11 05:33 millert
+
+ * auth/pam.c: don't use prompt global, it will go away
+
+1999-07-11 05:32 millert
+
+ * auth/secureware.c: correct copyright years
+
+1999-07-10 20:32 millert
+
+ * auth/: afs.c, fwtk.c, kerb4.c, sudo_auth.h, kerb5.c, opie.c,
+ pam.c, passwd.c, secureware.c, securid.c, skey.c, sudo_auth.c:
+ New authentication API and methods
+
+1999-07-08 06:46 millert
+
+ * parse.yacc: only save an entry if user_matches && host_matches,
+ even if the stack is empty (fix for previous commit)
+
+1999-07-08 06:35 millert
+
+ * parse.yacc: 1) Always save an entry on the stack if it is empty.
+ This fixes the -l and -v flags that were broken by earlier parser
+ changes.
+
+ 2) In a Runas list, don't negate FALSE -> TRUE since that would
+ make !foo match any time the user specified a runas user (via -u)
+ other than foo.
+
+1999-07-08 05:45 millert
+
+ * testsudoers.c: interfaces and num_interfaces are now auto, not
+ extern
+
+1999-07-07 14:09 millert
+
+ * auth.c: use a static global to keep stae about empty passwords
+
+1999-07-07 14:08 millert
+
+ * check_sia.c: make PASSWORD_NOT_CORRECT logging consistent with
+ other modules
+
+1999-07-05 16:53 millert
+
+ * auth.c: PAM prompt code was wrong, looks like we have to kludge
+ it after all.
+
+1999-07-05 16:35 millert
+
+ * auth.c: In the PAM code, when a user hits return at the first
+ password prompt, exit without a warning just like the normal auth
+ code
+
+1999-07-05 16:15 millert
+
+ * configure, configure.in: kludge around cross-compiler false
+ positives
+
+1999-07-05 16:14 millert
+
+ * auth.c, check.c, check_sia.c, logging.c, sudo.h, tgetpass.c: New
+ (correct) PAM code Tgetpass now takes an echo flag for use with
+ PAM_PROMPT_ECHO_ON Block SIGINT and SIGTSTP during auth remove a
+ useless umask setting Change error from BAD_ALLOCATION ->
+ BAD_AUTH_INIT (for use with sia/PAM) Some cosmetic changes to
+ auth.c for consistency
+
+1999-07-05 16:11 millert
+
+ * sudo.c: Some -Wall and kill some trailing spaces
+
+1999-07-05 16:10 millert
+
+ * configure.in: define -D__EXTENSIONS__ for solaris so we get
+ crypt() proto
+
+1999-06-22 09:42 millert
+
+ * RUNSON: add Dynix 4.4.4
+
+1999-06-22 09:30 millert
+
+ * INSTALL, config.h.in, configure.in, configure: for kerberos V <
+ version, fall back on old kerb4 auth code
+
+1999-06-22 06:41 millert
+
+ * INSTALL: clarify some things
+
+1999-06-22 06:38 millert
+
+ * UPGRADE, sudoers.cat, sudoers.man, sudoers.pod: typos
+
+1999-06-14 19:47 millert
+
+ * sudo.c: mention why DONT_LEAK_PATH_INFO is not the default
+
+1999-06-03 12:34 millert
+
+ * tgetpass.c: Fix open(2) return value checking, was NULL for
+ fopen, should be -1 for open
+
+1999-06-03 12:06 millert
+
+ * configure: regen
+
+1999-06-03 12:06 millert
+
+ * configure.in: better wording for solaris pam notice
+
+1999-06-03 11:52 millert
+
+ * CHANGES: document recent changes
+
+1999-06-03 11:52 millert
+
+ * TROUBLESHOOTING: Update shadow password section
+
+1999-06-03 11:51 millert
+
+ * auth.c: move authentication code from check.c to auth.c
+
+1999-06-03 11:51 millert
+
+ * Makefile.in, check.c, sudo.h: move authentication code to auth.c
+
+1999-05-16 21:36 millert
+
+ * Makefile.in, check.c, check_sia.c, compat.h, find_path.c,
+ getspwuid.c, goodpath.c, interfaces.c, interfaces.h, lex.yy.c,
+ logging.c, parse.c, parse.lex, parse.yacc, secureware.c, sudo.c,
+ sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, visudo.c: Move
+ interface-related defines to interfaces.h so we don't have to
+ include <netinet/in.h> everywhere.
+
+1999-05-14 12:30 millert
+
+ * CHANGES, INSTALL, TODO, check.c, compat.h, getspwuid.c,
+ logging.c, parse.yacc, sudo.c, tgetpass.c: o Replace _PASSWD_LEN
+ braindeath with our own SUDO_MAX_PASS.
+ It turns out the old DES crypt does the right thing with
+ passwords
+ longert than 8 characters.
+ o Fix common typo (necesary -> necessary)
+ o Update TODO list
+
+1999-05-03 12:00 millert
+
+ * sudo.c: set $LOGNAME when we set $USER
+
+1999-04-27 00:00 millert
+
+ * INSTALL: add comment about digital unix and interfaces.c warning
+ with gcc
+
+1999-04-15 01:12 millert
+
+ * sample.sudoers: use modern paths and give examples for some of
+ the new parser features
+
+1999-04-10 13:03 millert
+
+ * parse.c: fix comment
+
+1999-04-10 00:49 millert
+
+ * alloc.c, check.c, check_sia.c, dce_pwent.c, find_path.c,
+ getspwuid.c, goodpath.c, interfaces.c, lex.yy.c, logging.c,
+ parse.c, parse.lex, parse.yacc, putenv.c, secureware.c, sudo.c,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
+ Function names should be flush with the start of the line so they
+ can be found trivially in an editor and with grep
+
+1999-04-10 00:40 millert
+
+ * find_path.c, interfaces.c, lex.yy.c, parse.c, parse.lex,
+ parse.yacc, sudo.c, testsudoers.c, tgetpass.c, visudo.c: free(3)
+ is already void, no need to cast it
+
+1999-04-10 00:37 millert
+
+ * logging.c, sudo.c, sudo.h: catch case where cmnd_safe is not set
+ (this should not be possible)
+
+1999-04-10 00:10 millert
+
+ * CHANGES, logging.c, parse.c, parse.yacc, sudo.c, sudo.h,
+ testsudoers.c, visudo.c: Stash the "safe" path (ie: the one
+ listed in sudoers) to the command instead of stashing the struct
+ stat. Should be safer.
+
+1999-04-08 19:56 millert
+
+ * INSTALL, Makefile.in, UPGRADE: notes on updating from an earlier
+ release
+
+1999-04-07 20:20 millert
+
+ * CHANGES: updated
+
+1999-04-07 19:18 millert
+
+ * parse.yacc, sudo.tab.h, sudoers.cat, sudoers.html, sudoers.man,
+ sudoers.pod: You can now specifiy a host list instead of just a
+ host or alias. Ie: user = host1,host2,ALIAS,!host3 my_command
+ now works.
+
+1999-04-07 02:59 millert
+
+ * testsudoers.c: Quiet -Wall
+
+1999-04-07 02:50 millert
+
+ * parse.yacc: Move the push from the beginning of cmndspec to the
+ end. This means we no longer have to do a push at the end of
+ privilege, just reset some values.
+
+1999-04-06 20:24 millert
+
+ * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: runas-lists
+ and NOPASSWD/PASSWD modifiers are now sticky and you can use "!"
+ most everywhere
+
+1999-04-06 14:12 millert
+
+ * sudoers.pod: modernize paths and update su example based on
+ sample.sudoers one
+
+1999-04-06 14:06 millert
+
+ * sample.sudoers: New runas semantics
+
+1999-04-06 13:54 millert
+
+ * CHANGES, Makefile.in, alloc.c, config.h.in, configure,
+ configure.in, strdup.c, sudo.h: In estrdup(), do the malloc
+ ourselves so we don't need to rely on the system strdup(3) which
+ may or may not exist. There is now no need to provide strdup()
+ for those w/o it. Also, the prototype for estrdup() was wrong,
+ it returns char * and its param is const.
+
+1999-04-06 13:40 millert
+
+ * getcwd.c: $Sudo tag
+
+1999-04-06 13:20 millert
+
+ * check.c: buf should be prompt; Michael Robokoff
+ <mrobo@networkcs.com>
+
+1999-04-06 01:40 millert
+
+ * CHANGES, TODO, parse.yacc: It is now possible to use the '!'
+ operator in a runas list as well as in a Cmnd_Alias, Host_Alias
+ and User_Alias.
+
+1999-04-06 01:38 millert
+
+ * logging.c, sudo.h: Kill GLOBAL_NO_SPW_ENT (not used) and crank
+ GLOBAL_PROBLEM
+
+1999-04-06 01:08 millert
+
+ * sudo.h: Definitions of *_matched were wrong--user top, not top-2
+ as subscript.
+
+1999-04-06 01:00 millert
+
+ * logging.c, parse.c, parse.yacc, sudo.c, sudo.h: Add
+ VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a
+ command but the NOPASSWD flag was set. Make runasspec,
+ runaslist, runasuser, and nopasswd typeless in parse.yacc Add
+ support for '!' in the runas list Fix double printing of '%' and
+ '+' for groups and netgroups respectively Add *_matched macros
+ (no need for local stack variable). Should only be used directly
+ after a pop (since top must be >= 2).
+
+1999-04-05 23:25 millert
+
+ * aclocal.m4, configure.in: Add copyright, somewhat silly
+
+1999-04-05 16:57 millert
+
+ * BUGS, INSTALL, Makefile.in, README, alloc.c, check.c,
+ check_sia.c, compat.h, config.h.in, configure, configure.in,
+ dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc,
+ pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c,
+ sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat,
+ sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c, visudo.cat, visudo.man, emul/utime.h: Crank version to
+ 1.6 and combine copyright statements
+
+1999-04-05 16:30 millert
+
+ * sample.sudoers: Use ! not ^ to do negation
+
+1999-04-05 16:29 millert
+
+ * lex.yy.c: regen
+
+1999-04-05 16:28 millert
+
+ * parse.yacc, parse.lex: Make runas and NOPASSWD tags persistent
+ across entris in a command list. Add a PASSWD tag to reverse
+ NOPASSWD. When you override a runas or *PASSWD tag the value
+ given becomes the new default for the rest of the command list.
+
+1999-04-02 16:03 millert
+
+ * CHANGES, RUNSON: update for 1.5.9
+
+1999-04-02 16:02 millert
+
+ * visudo.c: Shift return value of system(3) by 8 to get real exit
+ value and if it is not 1 or 0 print the retval along with the
+ error message.
+
+1999-03-30 16:45 millert
+
+ * Makefile.in: testsudoers needs LIBOBJS too
+
+1999-03-30 12:17 millert
+
+ * parse.c, parse.yacc: Fix another parser bug. For a sudoers entry
+ like this: millert ALL=/bin/ls,(daemon) !/bin/ls sudo
+ would not allow millert to run ls as root.
+
+1999-03-30 01:08 millert
+
+ * CHANGES: new change
+
+1999-03-30 01:03 millert
+
+ * parse.yacc: Save entries that match a ! command on the matching
+ stack too
+
+1999-03-30 01:01 millert
+
+ * sudo.c: Make sudo's usage info better when mutually exclusive
+ args are given and don't rely on argument order to detect this;
+ nick@zeta.org.au
+
+1999-03-29 15:03 millert
+
+ * CHANGES, Makefile.in, RUNSON: updates from CU
+
+1999-03-28 23:38 millert
+
+ * Makefile.in: use gzip
+
+1999-03-28 23:31 millert
+
+ * parse.yacc: Fix off by one error introduced in *alloc changes
+
+1999-03-28 23:05 millert
+
+ * BUGS, CHANGES, INSTALL, Makefile.in, README, alloc.c, check.c,
+ check_sia.c, compat.h, config.h.in, configure, configure.in,
+ dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc,
+ pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c,
+ sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat,
+ sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod,
+ emul/utime.h: ++version
+
+1999-03-28 21:59 millert
+
+ * Makefile.in, check.c, find_path.c, getspwuid.c, goodpath.c,
+ interfaces.c, lex.yy.c, logging.c, parse.c, parse.lex,
+ parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, utime.c, visudo.c: Use
+ emalloc/erealloc/estrdup
+
+1999-03-28 20:29 millert
+
+ * alloc.c: error checking memory allocation routines
+
+1999-03-28 19:23 millert
+
+ * parse.yacc: Still not right, this fixes it for real
+
+1999-03-28 19:08 millert
+
+ * parse.yacc: Fix for previous commit
+
+1999-03-28 19:05 millert
+
+ * CHANGES, INSTALL, parse.yacc: Fix a parser bug that was exposed
+ when mixing different runas specs and ! commands. For example:
+ millert ALL=(daemon) /usr/bin/whoami,!/bin/ls would
+ allow millert to run whoami as root as well as daemon when it
+ should just allow daemon. The problem was that comma-separated
+ commands in a list shared the same entry on the matching stack.
+ Now they get their own entry iff there is a full match. It may
+ be better to just make the runas spec persistent across all
+ commands in a list like the user and host entries of the matching
+ stack. However, since that is a fairly major change it should
+ gets its own minor rev increase.
+
+1999-03-28 13:50 millert
+
+ * check.c, config.h.in: Simplify PAM code and fix a PAM-related
+ warning on Linux
+
+1999-03-26 13:17 millert
+
+ * CHANGES: updates
+
+1999-03-26 13:12 millert
+
+ * sample.sudoers: better su entry
+
+1999-03-26 13:10 millert
+
+ * configure: regen
+
+1999-03-26 13:09 millert
+
+ * check.c, configure.in: new pam code that works on solaris, should
+ work on linux too; aelberg@home.com
+
+1999-03-19 14:44 millert
+
+ * RUNSON: more entries
+
+1999-03-19 14:43 millert
+
+ * config.h.in: only include strings.h if there is no string.h
+
+1999-03-17 15:25 millert
+
+ * config.guess: Sinix is now being called ReliantUNIX;
+ bjjackso@us.oracle.com
+
+1999-03-13 13:37 millert
+
+ * sudo.c: shost must be set before log functions are called #ifdef
+ HOST_IN_LOG
+
+1999-03-07 18:34 millert
+
+ * CHANGES, lex.yy.c, parse.lex: Fix a bug wrt quoting characters in
+ command args. Stop processing an arg when you hit a backslash so
+ the quoted-character detection can catch it.
+
+1999-02-26 01:19 millert
+
+ * interfaces.c: include sys/time.h; aparently AIX needs it.
+ ppz@cdu.elektra.ru
+
+1999-02-23 19:43 millert
+
+ * configure, configure.in: add missing case statement so
+ --without-sendmail works
+
+1999-02-22 21:51 millert
+
+ * CHANGES: more
+
+1999-02-22 15:10 millert
+
+ * configure, configure.in: only search for -lsun in irix <= 4.x
+
+1999-02-22 15:01 millert
+
+ * configure, configure.in: back out last configure.in change now
+ that I've hacked autoconf to fix the real problem and add a
+ missing newline
+
+1999-02-22 14:32 millert
+
+ * CHANGES: updated
+
+1999-02-22 14:05 millert
+
+ * getcwd.c: add def of dirfd() for those without it
+
+1999-02-22 10:58 millert
+
+ * configure.in, configure: When falling back to checking for
+ socket() when linking with "-lsocket -lnsl" check for main()
+ instead since autoconf has already cached the results of checking
+ for socket() in -lsocket. This is really an autoconf bug as it
+ should use the extra libs as part of the cache variable name.
+
+1999-02-22 10:47 millert
+
+ * configure.in: typo
+
+1999-02-21 15:18 millert
+
+ * configure.in: fix occurrence of $with_timeout that should be
+ $with_password_timeout;
+ Michael.Neef@neuroinformatik.ruhr-uni-bochum.de
+
+1999-02-17 11:40 millert
+
+ * sudo.cat, sudo.html, sudo.man, sudo.pod: fix grammar;
+ espie@openbsd.org
+
+1999-02-11 01:41 millert
+
+ * parse.yacc, sudo.c, testsudoers.c: add cast for strdup in places
+ it does not have it
+
+1999-02-09 13:11 millert
+
+ * configure, configure.in: define for_BSD_TYPES irix
+
+1999-02-06 19:47 millert
+
+ * Makefile.in, sudo.cat, sudo.html, sudo.man, sudo.pod: Make it
+ clear that it is the user's password, not root's, that we want.
+
+1999-02-06 19:43 millert
+
+ * check.c, sudo.h: If the user enters an empty password and really
+ has no password, accept the empty password they entered.
+ Perviously, they could enter anything *but* an empty password.
+ Also, add GETPASS macro that calls either tgetpass() or getpass()
+ depending on how sudo was configured. Problem noted by
+ jdg@maths.qmw.ac.uk
+
+1999-02-02 23:32 millert
+
+ * Makefile.in, check.c, check_sia.c, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in,
+ putenv.c, secureware.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c,
+ testsudoers.c, tgetpass.c, utime.c, version.h, visudo.c,
+ emul/utime.h: add explicate copyright
+
+1999-02-02 23:16 millert
+
+ * CHANGES: mention -lsocket, -lnsl configure changes
+
+1999-02-02 17:54 millert
+
+ * sudo.c: Don't clobber errno after calling check_sudoers().
+
+1999-01-31 19:46 millert
+
+ * configure.in, configure: When linking with both -lsocket and
+ -lnsl be sure to do so in that order. Also, when we can't find
+ socket() or inet_addr() and have to try linking with both libs,
+ issue a warning.
+
+1999-01-31 19:45 millert
+
+ * sudo.cat, sudo.man, sudo.pod: clarify bad timestamp and fmt
+
+1999-01-23 12:18 millert
+
+ * INSTALL, RUNSON: be clear that pam is linux-only and add a RUNSON
+ entry
+
+1999-01-22 13:13 millert
+
+ * configure, CHANGES, INSTALL, configure.in: fix and correctly
+ document --with-umask; problem noted by adap@adap.org
+
+1999-01-19 20:38 millert
+
+ * configure.in, configure: only use /usr/{man,catman}/local to
+ store man pages if suer didn't override prefix or mandir
+
+1999-01-19 20:24 millert
+
+ * configure, INSTALL, configure.in: fix typo, make --with-SecurID
+ take an arg
+
+1999-01-18 21:53 millert
+
+ * RUNSON: updates from users
+
+1999-01-18 21:04 millert
+
+ * CHANGES, INSTALL, check.c, configure, configure.in: FWTK
+ 'authsrv' support from Kevin Kadow <kadow@MSG.NET>
+
+1999-01-18 20:00 millert
+
+ * configure, configure.in: better fix for the problem of unresolved
+ symbols in -lnsl or -lsocket
+
+1999-01-18 19:39 millert
+
+ * configure, configure.in: when checking for functions in -lnsl and
+ -lsocket link with both of them to avoid unresolved symbols on
+ some weirdo systems
+
+1999-01-17 20:49 millert
+
+ * BUGS, CHANGES, RUNSON, TODO: old changes that didn't make it into
+ RCS before the RCS->CVS switch
+
+1999-01-17 18:16 millert
+
+ * Makefile.in, check.c, check_sia.c, compat.h, config.h.in,
+ configure.in, dce_pwent.c, find_path.c, getspwuid.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, lex.yy.c, logging.c, lsearch.c, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, secureware.c, strdup.c,
+ sudo.c, sudo.pod, sudo_setenv.c, sudoers.pod, testsudoers.c,
+ tgetpass.c, utime.c, visudo.c, visudo.pod, emul/search.h,
+ emul/utime.h: add sudo tags
+
+1999-01-17 17:53 millert
+
+ * version.h, sudo.h: testing Sudo tag
+
+1999-01-17 17:40 millert
+
+ * BUGS, INSTALL, Makefile.in, README, check.c, check_sia.c,
+ compat.h, config.h.in, configure, configure.in, dce_pwent.c,
+ find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h,
+ ins_csops.h, ins_goons.h, insults.h, interfaces.c, lex.yy.c,
+ logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in,
+ putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, sudo.h,
+ sudo.man, sudo_setenv.c, sudoers.cat, sudoers.man, testsudoers.c,
+ tgetpass.c, utime.c, version.h, visudo.c, visudo.cat, visudo.man,
+ emul/utime.h: crank version and regen files
+
+1999-01-17 17:27 millert
+
+ * Makefile.in: kill rcs goop in update_version and fix now that
+ version is a const
+
+1999-01-17 17:08 millert
+
+ * INSTALL, check.c, config.h.in, configure, configure.in,
+ logging.c, sudo.c, sudo.h, sudo.pod: kerb5 support from
+ fcusack@iconnet.net
+
+1999-01-17 16:45 millert
+
+ * realpath.c, sudo_realpath.c: we no longer use realpath
+
+1999-01-17 16:44 millert
+
+ * qualify.c: replaced by find_path.c
+
+1999-01-17 16:43 millert
+
+ * options.h: all options are now configure flags
+
+1999-01-17 16:42 millert
+
+ * lex.yy.c: regen
+
+1999-01-17 16:41 millert
+
+ * getwd.c: superceded by getcwd.c
+
+1999-01-17 16:36 millert
+
+ * getpass.c: superceded by tgetpass.c
+
+1999-01-17 16:36 millert
+
+ * SUPPORTED: superceded by RUNSON
+
+1999-01-17 16:33 millert
+
+ * OPTIONS: No longer used now that we have configure options for
+ everything.
+
+1999-01-17 16:32 millert
+
+ * configure: regen based on configure.in
+
+1999-01-17 16:31 millert
+
+ * sudo.man, sudoers.man, visudo.man, sudo.cat, sudo.html,
+ sudoers.cat, visudo.cat, sudoers.html, visudo.html: regen based
+ on sudo.pod, sudoers.pod, and visudo.pod
+
+1998-12-11 12:16 millert
+
+ * check.c: fix tty tickets in remove_timestamp (didn't use ':')
+
+1998-12-07 16:16 millert
+
+ * interfaces.c: close sock when we are done with it
+
+1998-11-27 19:37 millert
+
+ * parse.yacc: never say "error on line -1"
+
+1998-11-23 23:38 millert
+
+ * configure.in: check for -lnsl before -lsocket
+
+1998-11-23 23:29 millert
+
+ * configure.in: quote '[', ']' used in ranges correctly
+
+1998-11-21 17:54 millert
+
+ * config.h.in: add missing NO_ROOT_SUDO noted by drno@tsd.edu
+
+1998-11-20 18:33 millert
+
+ * version.h: 1.5.7
+
+1998-11-20 18:33 millert
+
+ * INSTALL: more info for 1.5.7
+
+1998-11-20 18:30 millert
+
+ * README: update for 1.5.7
+
+1998-11-20 14:26 millert
+
+ * parse.yacc: make increases of cm_list_size and ga_list_size be
+ similar to increases of stacksize (ie: >= not > in initial
+ compare).
+
+1998-11-20 14:22 millert
+
+ * parse.yacc: when we get a syntax error, report it for the
+ previous line since that's generally where the error occurred.
+
+1998-11-18 15:31 millert
+
+ * config.h.in, configure.in, interfaces.c: add back check for
+ sys/sockio.h but only use it if SIOCGIFCONF is not defined
+
+1998-11-18 15:25 millert
+
+ * config.h.in: define BSD_COMP for svr4
+
+1998-11-17 23:16 millert
+
+ * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c,
+ goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c,
+ parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: more
+ -Wall
+
+1998-11-17 23:10 millert
+
+ * configure.in: kill check for sockio,h
+
+1998-11-17 23:10 millert
+
+ * config.h.in: no more HAVE_SYS_SOCKIO_H
+
+1998-11-17 22:51 millert
+
+ * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c,
+ goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c,
+ parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
+ -Wall
+
+1998-11-16 17:38 millert
+
+ * sudo.c: add missing inform_user()
+
+1998-11-13 19:21 millert
+
+ * find_path.c: return NOT_FOUND if given fully qualified path and
+ it does not exist previously it would perror(ENOENT) which
+ bypasses the option to not leak path info
+
+1998-11-13 19:20 millert
+
+ * configure.in: for kerb5, check for -lkerb4, fall back on -lkrb
+ for kerb, check for -ldes
+
+1998-11-13 14:19 millert
+
+ * INSTALL: tty tickets are user:tty now
+
+1998-11-13 14:10 millert
+
+ * check.c: when using tty tickets make it user:tty not user.tty as
+ a username could have a '.' in it
+
+1998-11-09 19:15 millert
+
+ * sudo.c: add "ignoring foo found in ." for auth successful case
+
+1998-11-09 17:57 millert
+
+ * sudo.c: add missing printf param
+
+1998-11-08 15:56 millert
+
+ * INSTALL, config.h.in, configure.in, find_path.c, sudo.c, sudo.h:
+ go back to printing "command not found" unless
+ --disable-path-info specified. Also, tell user when we ignore
+ '.' in their path and it would have been used but for
+ --with-ignore-dot.
+
+1998-11-08 13:51 millert
+
+ * check.c, sudo.c: Only one space after a colon, not two, in
+ printf's
+
+1998-11-05 12:59 millert
+
+ * sudo.pod: document setting $USER
+
+1998-11-04 22:24 millert
+
+ * check.c: fix bugs with prompt expansion
+
+1998-11-04 21:21 millert
+
+ * sudo.c: set $USER for root too
+
+1998-11-04 17:13 millert
+
+ * getspwuid.c: typo
+
+1998-11-04 17:07 millert
+
+ * configure.in: HP-UX's iscomsec is in -lsec, not libc
+
+1998-11-03 22:24 millert
+
+ * configure.in: remove some entries in the OS case statement that
+ did nothing
+
+1998-11-03 22:19 millert
+
+ * TROUBLESHOOTING: add "cd" section and flush out syslog section
+
+1998-11-03 20:51 millert
+
+ * Makefile.in: no more sudo-lex.yy.c
+
+1998-11-03 20:50 millert
+
+ * check_sia.c: add custom prompt support
+
+1998-11-03 20:40 millert
+
+ * sudo.c: kill perror("malloc") since we already have a good error
+ messages pw_ent -> pw for brevity set $USER if -u specified
+
+1998-11-03 20:39 millert
+
+ * parse.c: kill perror("malloc") since we already have a good error
+ messages pw_ent -> pw for brevity when checking if %group
+ matches, look up user in password file so that %groups works in a
+ RunAs spec.
+
+1998-11-03 20:39 millert
+
+ * logging.c, parse.yacc: kill perror("malloc") since we already
+ have a good error messages
+
+1998-11-03 20:38 millert
+
+ * check.c, getspwuid.c, interfaces.c, testsudoers.c: kill
+ perror("malloc") since we already have a good error messages
+ pw_ent -> pw for brevity
+
+1998-11-03 15:03 millert
+
+ * tgetpass.c: the prompt is expanded before tgetpass is called
+
+1998-11-03 15:03 millert
+
+ * sudo.h: tgetpass now has the same args as getpass again
+
+1998-11-03 15:02 millert
+
+ * getspwuid.c: add iscomsec, issecure support
+
+1998-11-03 15:02 millert
+
+ * check.c: we now expand any %h or %u in the prompt before passing
+ to tgetpass
+
+1998-11-03 14:58 millert
+
+ * configure.in: add check for syslog(3) in -lsocket, -lnsl, -linet
+
+1998-11-03 14:56 millert
+
+ * config.h.in: add HAVE_ISCOMSEC and HAVE_ISSECURE
+
+1998-11-03 14:55 millert
+
+ * configure.in: add check for iscomsec in HP-UX
+
+1998-11-03 14:51 millert
+
+ * configure.in: check for issecure if we have getpwanam on SunOS
+ some options are incompatible with DUNIX SIA check for dispcrypt
+ on DUNIX
+
+1998-10-25 15:21 millert
+
+ * config.h.in: add HAVE_DISPCRYPT
+
+1998-10-25 15:21 millert
+
+ * secureware.c: add back support for non-dispcrypt based checking
+ for older DUNIX
+
+1998-10-25 00:51 millert
+
+ * INSTALL: sia changes
+
+1998-10-25 00:48 millert
+
+ * configure.in: SIA becomes the default on Digital UNIX now havbe
+ --disable-sia to turn it off...
+
+1998-10-24 23:52 millert
+
+ * check.c: move local includes after system ones
+
+1998-10-24 19:28 millert
+
+ * check.c, check_sia.c, sudo.h: add pass_warn() which prints out
+ INCORRECT_PASSWORD or an insult to stderr
+
+1998-10-24 19:07 millert
+
+ * check_sia.c: fix while loop in sia_attempt_auth() that checks the
+ password. Only the first iteration was working.
+
+1998-10-21 21:00 millert
+
+ * aclocal.m4: don't trust UID_MAX or MAXUID
+
+1998-10-21 20:35 millert
+
+ * configure.in: fix two pastos
+
+1998-10-21 20:30 millert
+
+ * configure.in: fix typo
+
+1998-10-21 20:19 millert
+
+ * getspwuid.c, secureware.c: init crypt_type to INT_MAX since it is
+ legal to be negative in DUNX 5.0
+
+1998-10-21 20:15 millert
+
+ * configure.in: for secureware on dunix, use -lsecurity -ldb -laud
+ -lm but check for -ldb since DUNX < 4.0 lacks it
+
+1998-10-21 19:50 millert
+
+ * check.c, compat.h, config.h.in, configure.in, getspwuid.c,
+ secureware.c, sudo.c, tgetpass.c: getprpwuid is broken in HP-UX
+ 10.20 at least (it sleeps for 2 minutes if the shadow files don't
+ exist).
+
+1998-10-20 17:22 millert
+
+ * INSTALL: updated --with-editor blurb
+
+1998-10-20 17:21 millert
+
+ * TROUBLESHOOTING: tell how to put sudoers in a different dir
+
+1998-10-20 16:22 millert
+
+ * configure.in: add missing quotes around $with_editor
+
+1998-10-20 14:00 millert
+
+ * configure.in: typo in --with-editor bits
+
+1998-10-20 01:24 millert
+
+ * INSTALL: I don't expect it to work on Solaris
+
+1998-10-20 01:24 millert
+
+ * check.c: add back security/pam_misc.h
+
+1998-10-19 17:13 millert
+
+ * INSTALL: remove dunix note since configure checks for this now
+
+1998-10-19 16:30 millert
+
+ * configure.in: add check for broken dunix prot.h (4.0 < 4.0D is
+ bad)
+
+1998-10-19 14:32 millert
+
+ * getspwuid.c, secureware.c, tgetpass.c: new dunix shadow code, use
+ dispcrypt(3)
+
+1998-10-19 14:32 millert
+
+ * config.h.in: add HAVE_INITPRIVS
+
+1998-10-19 14:31 millert
+
+ * sudo.c: call initprivs() if we have it for getprpwuid later on
+
+1998-10-19 14:30 millert
+
+ * Makefile.in: clean pathnames.h too
+
+1998-10-19 14:28 millert
+
+ * configure.in: quote "Sorry, try again." with [] since it has a
+ comma in it set LIBS when we add stuff to SUDO_LIBS set
+ SECUREWARE when we find getprpwuid() so we can check for
+ bigcrypt, set_auth_parameters, and initprivs later.
+
+1998-10-19 13:48 millert
+
+ * INSTALL: update Digital UNIX note about acl.h
+
+1998-10-18 20:26 millert
+
+ * INSTALL: add --with-sia --without-root-sudo ->
+ --disable-root-sudo some reordering
+
+1998-10-18 20:22 millert
+
+ * secureware.c: add whitespace
+
+1998-10-18 20:22 millert
+
+ * Makefile.in, check.c, config.h.in, configure.in, logging.c,
+ sudo.h: add SIA support
+
+1998-10-18 20:21 millert
+
+ * check_sia.c: Initial revision
+
+1998-10-18 19:42 millert
+
+ * configure.in: when checking for -lsocket, -lnsl, and -linet,
+ check for the specific functions we need from them.
+
+1998-10-18 19:10 millert
+
+ * config.h.in, sudo.h: move Syslog_* defs into sudo.h
+
+1998-10-18 18:15 millert
+
+ * sudo.h, Makefile.in: added check_secureware
+
+1998-10-18 18:12 millert
+
+ * configure.in: finished adding AC_MSG_CHECKING and AC_MSG_RESULT
+ bits
+
+1998-10-18 18:00 millert
+
+ * insults.h: don't define CLASSIC_INSULTS and CSOPS_INSULTS if no
+ other sets defined. configure now does that for us
+
+1998-10-18 17:45 millert
+
+ * configure.in: move some --with options around change a bunch of
+ echo's to AC_MSG_CHECKING, AC_MSG_RESULT pairs
+
+1998-10-18 01:09 millert
+
+ * configure.in: change $with_foo-bar -> $with_foo_bar kill extra "
+ that caused a syntax error add some echo verbage
+
+1998-10-17 18:08 millert
+
+ * check.c: moved SecureWare stuff into secureware.c
+
+1998-10-17 18:07 millert
+
+ * secureware.c: Initial revision
+
+1998-10-17 17:02 millert
+
+ * INSTALL: update url to solaris gcc bins
+
+1998-10-17 16:39 millert
+
+ * INSTALL: change option formatter and flesh out someentries
+
+1998-10-17 16:18 millert
+
+ * sudo.pod, visudo.pod, TROUBLESHOOTING: environmental variable ->
+ environment variable
+
+1998-10-17 16:01 millert
+
+ * BUGS: everything is now done via configure
+
+1998-10-17 16:00 millert
+
+ * README: prev rev was 1.5.6
+
+1998-10-17 00:33 millert
+
+ * Makefile.in: passing SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID
+ correctly
+
+1998-10-17 00:32 millert
+
+ * config.h.in: SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID now come from
+ the Makefile
+
+1998-10-17 00:31 millert
+
+ * Makefile.in: merge OSDEFS and OPTIONS into DEFS get sudoers_uid,
+ sudoers_gid, sudoers_mode from configure
+
+1998-10-17 00:30 millert
+
+ * configure.in: SUDOERS_MODE, SUDOERS_UID, and SUDOERS_GID now get
+ substituted into the Makefile, not config.h
+
+1998-10-17 00:30 millert
+
+ * INSTALL: document all --with/--enable options
+
+1998-10-15 02:25 millert
+
+ * insults.h: options.h is no more
+
+1998-10-15 02:25 millert
+
+ * config.h.in: assimilated options.h
+
+1998-10-15 02:24 millert
+
+ * configure.in: moved options from options.h to configure
+
+1998-10-15 01:41 millert
+
+ * check.c, find_path.c, getspwuid.c, goodpath.c, interfaces.c,
+ logging.c, parse.c, parse.lex, parse.yacc, sudo.c, sudo.pod,
+ sudo_setenv.c, visudo.c: no more options.h
+
+1998-10-15 01:39 millert
+
+ * INSTALL, Makefile.in, PORTING, TROUBLESHOOTING: remove references
+ to options.h
+
+1998-10-15 01:32 millert
+
+ * interfaces.c, dce_pwent.c, sudo.c: kill sys/time.h
+
+1998-10-15 00:10 millert
+
+ * tgetpass.c: if select return < -1 still prompt for pw
+
+1998-10-15 00:03 millert
+
+ * options.h: convert LOGGING, LOGFAC, MAXLOGFILELEN,
+ IGNORE_DOT_PATH into configure options
+
+1998-10-14 23:57 millert
+
+ * parse.c: FAST_MATCH is no longer an optino
+
+1998-10-14 23:52 millert
+
+ * check.c: remove_timestamp() if timestamp is preposterous
+
+1998-10-14 23:36 millert
+
+ * options.h: convert more options to --with/--enable
+
+1998-10-14 23:36 millert
+
+ * INSTALL, aclocal.m4: logfile -> logpath
+
+1998-10-14 23:31 millert
+
+ * configure.in: convert more options into --with and --enable
+
+1998-10-14 23:28 millert
+
+ * tgetpass.c: catch EINTR in select and restart
+
+1998-10-14 23:15 millert
+
+ * logging.c: sys/errno -> errno
+
+1998-09-24 11:40 millert
+
+ * sudo.c: UMASK -> SUDO_UMASK.
+
+1998-09-24 11:36 millert
+
+ * check.c, logging.c: time.h, not sys/time.h
+
+1998-09-21 19:52 millert
+
+ * logging.c: MAILER -> _PATH_SENDMAIL
+
+1998-09-21 00:06 millert
+
+ * INSTALL, configure.in: no more --with-C2, now it is
+ --disable-shadow
+
+1998-09-21 00:00 millert
+
+ * aclocal.m4, check.c, compat.h, config.h.in, configure.in,
+ getspwuid.c, sudo.c, tgetpass.c: new shadow password scheme.
+ Always include shadow support if the platform supports it and the
+ user did not disable it via configure
+
+1998-09-20 19:48 millert
+
+ * configure.in: --with-getpass -> --{enable,disable}-tgetpass
+
+1998-09-20 19:16 millert
+
+ * Makefile.in: pathnames.h -> pathnames.h.in
+
+1998-09-20 19:14 millert
+
+ * check.c: fix version string
+
+1998-09-20 19:12 millert
+
+ * check.c: move pam_conv to be static to auth function remove
+ pam_misc.h (solaris doesn't have one)
+
+1998-09-20 19:10 millert
+
+ * aclocal.m4: _CONFIG_PATH_* -> _PATH_* or _PATH_SUDO_* kill
+ SUDO_PROG_PWD
+
+1998-09-20 19:10 millert
+
+ * configure.in: munge pathnames.h.in -> pathnames.h kill
+ SUDO_PROG_PWD
+
+1998-09-20 19:10 millert
+
+ * pathnames.h.in: convert to pathnames.h.in
+
+1998-09-18 20:20 millert
+
+ * configure.in: fix typo in sysv4 matching case /.
+
+1998-09-18 01:29 millert
+
+ * check.c: pam stuff needs to run as root, not user, for shadow
+ passwords
+
+1998-09-17 12:26 millert
+
+ * Makefile.in, emul/utime.h, check.c, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ logging.c, options.h, parse.c, parse.lex, parse.yacc,
+ pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c,
+ BUGS, INSTALL, README, configure.in: updated version
+
+1998-09-17 12:13 millert
+
+ * check.c: user version.h for long message
+
+1998-09-17 11:53 millert
+
+ * check.c: this is version 1.5.6
+
+1998-09-16 13:42 millert
+
+ * Makefile.in: remove errant backslash
+
+1998-09-14 22:25 millert
+
+ * options.h, parse.yacc, pathnames.h.in: fix version string
+
+1998-09-14 22:02 millert
+
+ * BUGS, CHANGES, TODO: updtaed for 1.5.6
+
+1998-09-14 22:02 millert
+
+ * RUNSON: updated for 1.5.6
+
+1998-09-14 11:48 millert
+
+ * interfaces.c: kill unused localhost_mask var copy if name to
+ ifr_tmp after we zero it
+
+1998-09-13 15:50 millert
+
+ * INSTALL: Better description of new vs. old sudoers modes fix some
+ typos better description of /usr/ucb/cc gotchas on slowaris
+
+1998-09-13 15:49 millert
+
+ * Makefile.in: add sample.pam
+
+1998-09-13 15:32 millert
+
+ * sudo.c: set NewArgv[0] to user_shell, not basename(user_shell)
+
+1998-09-12 11:10 millert
+
+ * README: mention TROUBLESHOOTING more fix some typos
+
+1998-09-11 20:30 millert
+
+ * configure.in: move --enable/--disable to be after --with
+
+1998-09-11 20:30 millert
+
+ * INSTALL: document --enable/--disable
+
+1998-09-11 20:26 millert
+
+ * INSTALL: document --with-pam
+
+1998-09-11 19:47 millert
+
+ * configure.in: Add message for pam users
+
+1998-09-11 19:27 millert
+
+ * sample.pam: Initial revision
+
+1998-09-11 19:23 millert
+
+ * config.h.in: fix HAVE_PAM
+
+1998-09-11 19:19 millert
+
+ * check.c, config.h.in, configure.in: pam support, from Gary Calvin
+ <GCalvin@kenwoodusa.com>
+
+1998-09-10 18:51 millert
+
+ * config.h.in: add HOST_IN_LOG and WRAP_LOG
+
+1998-09-10 18:51 millert
+
+ * logging.c: add WRAP_LOG and HOST_IN_LOG
+
+1998-09-10 18:37 millert
+
+ * configure.in: add --enable-log-host and --enable-log-wrap
+
+1998-09-10 18:32 millert
+
+ * aclocal.m4: use AC_DEFINE_UNQUOTED for --with-logfile and
+ --with-timedir
+
+1998-09-08 20:45 millert
+
+ * compat.h: add howmany macro
+
+1998-09-08 20:43 millert
+
+ * tgetpass.c: include sys/param.h to get howmany macro
+
+1998-09-07 20:42 millert
+
+ * OPTIONS, options.h, parse.yacc, sudo.c, testsudoers.c, visudo.c:
+ add RUNAS_DEFAULT
+
+1998-09-07 12:51 millert
+
+ * fnmatch.c: bring in stdio.h for NULL
+
+1998-09-07 12:50 millert
+
+ * aclocal.m4: allow /bin/{ksh,bach} and /usr/bin/{ksh,bash} as sh
+
+1998-09-07 12:43 millert
+
+ * sudo.c: use HAVE_SET_AUTH_PARAMETERS
+
+1998-09-07 12:42 millert
+
+ * config.h.in: add HAVE_SET_AUTH_PARAMETERS
+
+1998-09-07 12:41 millert
+
+ * configure.in: add *-*-hiuxmpp* add test for set_auth_parameters()
+ if secureware
+
+1998-09-07 12:39 millert
+
+ * config.sub: add support for HI-UX/MPP SR220001 02-03 0 SR2201
+
+1998-09-07 12:06 millert
+
+ * interfaces.c: initialize previfname
+
+1998-09-07 11:51 millert
+
+ * interfaces.c: Don't use SIOCGIFADDR, we don't need it Use
+ SIOCGIFFLAGS if we have it check ifr_flags against IFF_UP and
+ IFF_LOOPBACK instead of kludging it
+
+1998-09-07 11:49 millert
+
+ * configure.in: typo
+
+1998-09-07 00:01 millert
+
+ * Makefile.in: don't need special build line for sudo.tab.o
+
+1998-09-06 23:58 millert
+
+ * Makefile.in: don't clean sudo.tab.[ch]
+
+1998-09-06 23:48 millert
+
+ * sudo.c: Sudo should prompt for a password before telling the user
+ that a command could not be found.
+
+1998-09-06 23:47 millert
+
+ * BUGS: for 1.5.6
+
+1998-09-06 23:25 millert
+
+ * INSTALL, README: no longer require yacc
+
+1998-09-06 23:19 millert
+
+ * Makefile.in: typo
+
+1998-09-06 23:18 millert
+
+ * Makefile.in: y.tab -> sudo.tab include pre-yacc'd parse.yacc
+
+1998-09-06 23:09 millert
+
+ * parse.lex: include sudo.tab.h, not y.tab.h don't break out of
+ command args if you get a '='
+
+1998-09-06 22:59 millert
+
+ * insults.h: fix version ,
+
+1998-09-06 22:57 millert
+
+ * compat.h, ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h:
+ fix version
+
+1998-09-06 22:55 millert
+
+ * getcwd.c: getcwd(3) from OpenBSD for those without it.
+
+1998-09-06 22:51 millert
+
+ * sudo.h: HAVE_GETWD -> HAVE_GETCWD
+
+1998-09-06 22:49 millert
+
+ * configure.in: pretend sunos doesn't have getcwd(3) since it opens
+ a pipe to getpwd!
+
+1998-09-06 22:41 millert
+
+ * parse.c: use NAMLEN() macro
+
+1998-09-06 22:34 millert
+
+ * fnmatch.c: remove duplicate include of string.h
+
+1998-09-06 22:28 millert
+
+ * configure.in: call SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T
+
+1998-09-06 22:28 millert
+
+ * aclocal.m4: add SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T
+
+1998-09-06 22:28 millert
+
+ * config.h.in: add dev_t and ino_t
+
+1998-07-28 12:44 millert
+
+ * check.c: fix OTP_ONLY for opie
+
+1998-06-24 12:22 millert
+
+ * testsudoers.c, tgetpass.c: include stdlib.h for malloc proto
+
+1998-05-19 00:10 millert
+
+ * Makefile.in: make update_version saner
+
+1998-05-18 23:32 millert
+
+ * config.h.in: add HAVE_WAITPID, HAVE_WAIT3, and sudo_waitpid()
+
+1998-05-18 23:32 millert
+
+ * configure.in: check for waitpid and wait3 or no waitpid
+
+1998-05-18 23:31 millert
+
+ * logging.c: used waitpid or wait3 if we have 'em
+
+1998-05-02 14:16 millert
+
+ * visudo.c: fix some fprintf args, ariel@oz.engr.sgi.com (Ariel
+ Faigon)
+
+1998-04-27 20:09 millert
+
+ * configure.in: don't need to explicately mention -lsocket -lnsl
+ for sequent
+
+1998-04-25 01:56 millert
+
+ * configure.in: dynix should not link with -linet
+
+1998-04-10 15:32 millert
+
+ * INSTALL: mention that HP-UX doesn't ship with yacc
+
+1998-04-06 22:35 millert
+
+ * check.c: ignore kerberos if we can't get the local realm
+
+1998-04-05 23:37 millert
+
+ * configure.in, BUGS, INSTALL, README: ++version
+
+1998-04-05 23:36 millert
+
+ * version.h: ++
+
+1998-04-05 23:35 millert
+
+ * Makefile.in, emul/utime.h, check.c, config.h.in, dce_pwent.c,
+ find_path.c, getspwuid.c, getcwd.c, goodpath.c, interfaces.c,
+ logging.c, parse.c, parse.lex, putenv.c, strdup.c, sudo.c,
+ sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c,
+ visudo.c: updated version
+
+1998-04-05 23:34 millert
+
+ * check.c, sudo.h: fix version
+
+1998-04-05 23:33 millert
+
+ * getcwd.c: don't use popen/pclose. Do it inline.
+
+1998-04-05 23:25 millert
+
+ * lsearch.c: add rcsid
+
+1998-04-05 23:21 millert
+
+ * sudo.c: typo
+
+1998-04-05 23:17 millert
+
+ * sudo.h, pathnames.h.in, compat.h, options.h, ins_2001.h,
+ insults.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc,
+ check.c: updated version
+
+1998-04-05 23:15 millert
+
+ * check.c, find_path.c, parse.c, sudo.c, testsudoers.c: MAX* + 1 ->
+ MAX*
+
+1998-04-05 23:14 millert
+
+ * Makefile.in: getwd.c -> getcwd.c
+
+1998-04-05 22:49 millert
+
+ * config.h.in: kill HAVE_GETWD
+
+1998-04-05 22:49 millert
+
+ * configure.in: getcwd, not getwd
+
+1998-04-05 22:48 millert
+
+ * getcwd.c: use MAX* not MAX* + 1 always run pwd as using getwd()
+ defeats the purpose
+
+1998-03-31 00:15 millert
+
+ * OPTIONS, options.h: add STUB_LOAD_INTERFACES
+
+1998-03-31 00:05 millert
+
+ * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, logging.c, options.h, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
+ updated version
+
+1998-03-30 23:54 millert
+
+ * configure.in: support *-ccur-sysv4 and fix two typos
+
+1998-03-27 19:52 millert
+
+ * configure.in: don't echo about with_logfile and with_timedir
+
+1998-03-27 19:49 millert
+
+ * INSTALL: document --with-logfile and --with-timedir
+
+1998-03-27 19:46 millert
+
+ * aclocal.m4: support --with-logfile and --with-timedir
+
+1998-03-27 19:46 millert
+
+ * configure.in: Add --with-logfile and --with-timedir
+
+1998-03-27 19:27 millert
+
+ * sudo.c: change size computation of NewArgv for UNICOS
+
+1998-02-18 20:10 millert
+
+ * configure.in: treate -*-sysv4* like *-*-svr4
+
+1998-02-18 18:19 millert
+
+ * configure.in: fix spacing for --with-authenticate help
+
+1998-02-18 16:39 millert
+
+ * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, logging.c, options.h, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
+ updated version
+
+1998-02-18 16:23 millert
+
+ * parse.yacc: fix off by one error in push macro
+
+1998-02-17 01:15 millert
+
+ * configure.in: removed bogus alloca hack
+
+1998-02-17 01:15 millert
+
+ * check.c: added AIX 4.x authenticate() support
+
+1998-02-17 01:11 millert
+
+ * parse.yacc: include alloca.h if using bison and not gcc and it
+ exists. fixes an alloca problem on hpux 10.x
+
+1998-02-17 00:39 millert
+
+ * INSTALL: mention --with-authenticate
+
+1998-02-17 00:37 millert
+
+ * configure.in: added AIX authenticate() support
+
+1998-02-17 00:22 millert
+
+ * config.h.in: add HAVE_AUTHENTICATE
+
+1998-02-16 23:58 millert
+
+ * interfaces.c: dynamically size ifconf buffer
+
+1998-02-16 23:56 millert
+
+ * configure.in: quote '[' and ']'
+
+1998-02-16 21:42 millert
+
+ * Makefile.in, emul/utime.h, check.c, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ logging.c, options.h, parse.c, parse.lex, parse.yacc,
+ pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
+ updated version
+
+1998-02-16 19:06 millert
+
+ * visudo.pod: add ERRORS section
+
+1998-02-16 18:57 millert
+
+ * TROUBLESHOOTING: add busy stmp file explanation
+
+1998-02-15 18:49 millert
+
+ * configure.in: the name of the cached var that signals whether or
+ not you are cross compiling changed. It is now
+ ac_cv_prog_cc_cross
+
+1998-02-11 16:26 millert
+
+ * INSTALL: mention glibc 2.07 is fixed wrt lsearch()\.
+
+1998-02-06 21:55 millert
+
+ * sample.sudoers, sudoers.pod: better example of su but not root su
+
+1998-02-06 15:49 millert
+
+ * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, logging.c, options.h, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
+ updated version
+
+1998-02-06 15:48 millert
+
+ * Makefile.in: correct regexp for updating version
+
+1998-02-06 14:05 millert
+
+ * tgetpass.c: remove bogus flush of stderr spew prompt before
+ turning off echo. Seems to fix a weird problem where if sudo
+ complained about a bogus stamp file the user would sometimes not
+ have a chance to enter a password
+
+1998-02-06 14:05 millert
+
+ * check.c: fix bogus flush of stderr
+
+1998-02-05 19:19 millert
+
+ * sudo.c: close fd's <=2 not <=3 and move that chunk of code up
+
+1998-02-05 19:18 millert
+
+ * configure.in: support hpux1[0-9] not just hpux10
+
+1998-01-30 14:59 millert
+
+ * parse.c: set sudoers_fp to nil after closing
+
+1998-01-24 01:05 millert
+
+ * config.guess, config.sub: updated from autoconf 2.12
+
+1998-01-24 00:50 millert
+
+ * configure.in: add *-*-svr4 rule
+
+1998-01-22 22:53 millert
+
+ * tgetpass.c: fix select usage for high fd's (dynamically allocate
+ readfds)
+
+1998-01-22 22:49 millert
+
+ * check.c: kill extra whitespace
+
+1998-01-22 19:28 millert
+
+ * sudo.c: do an initgroups() before running a command, unless the
+ target user is root.
+
+1998-01-22 12:22 millert
+
+ * TROUBLESHOOTING: tell people to use tabs, not spaces, in
+ syslog.conf
+
+1998-01-21 01:56 millert
+
+ * parse.lex, Makefile.in, config.h.in, getwd.c, strdup.c, putenv.c,
+ emul/utime.h, testsudoers.c, utime.c, dce_pwent.c: updated
+ version
+
+1998-01-21 01:32 millert
+
+ * goodpath.c, sudo_setenv.c, interfaces.c, tgetpass.c, visudo.c:
+ updated version
+
+1998-01-21 01:29 millert
+
+ * sudo.h, pathnames.h.in, options.h, compat.h, insults.h,
+ ins_2001.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc,
+ check.c, getspwuid.c, find_path.c, logging.c, parse.c, sudo.c:
+ updated version
+
+1998-01-21 01:20 millert
+
+ * Makefile.in: more tweaks to update_version
+
+1998-01-21 01:19 millert
+
+ * Makefile.in: fixed up update_version rule
+
+1998-01-21 00:55 millert
+
+ * configure.in: ++version
+
+1998-01-21 00:53 millert
+
+ * Makefile.in: removed supe of check.c
+
+1998-01-21 00:51 millert
+
+ * INSTALL: ++version I missed
+
+1998-01-21 00:51 millert
+
+ * RUNSON: updated
+
+1998-01-21 00:48 millert
+
+ * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c,
+ find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ logging.c, options.h, parse.c, parse.lex, parse.yacc,
+ pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c, emul/utime.h, BUGS, INSTALL, README: updated version
+
+1998-01-21 00:47 millert
+
+ * CHANGES: updated for 1.5.5
+
+1998-01-21 00:35 millert
+
+ * Makefile.in: add rules to update version stuff in files so I
+ don't need to do it by hand
+
+1998-01-21 00:04 millert
+
+ * sudo.h: sudoers_fp is now extern
+
+1998-01-21 00:03 millert
+
+ * sudo.c: in check_sudoers, cache the sudoers file handle in
+ sudoers_fp so we don't have to open it again in the parse. This
+ may help with weird solaris problems where EAGAIN sometime
+ occurrs.
+
+1998-01-21 00:02 millert
+
+ * parse.c: sudoers file open is now done only in check_sudoers() so
+ we just do a rewind() instead of an open. May help people on
+ solaris who were getting EAGAIN.
+
+1998-01-16 11:43 millert
+
+ * INSTALL: mention that newer glibc is fixed
+
+1998-01-13 12:58 millert
+
+ * sudo.c: newer irix uses _RLDN32_* envariables for 32-bit binaries
+ so ignore _RLD* instead of _RLD_*
+
+1998-01-13 10:32 millert
+
+ * parse.c: typo
+
+1998-01-13 10:19 millert
+
+ * parse.c: fix that bug for real
+
+1998-01-13 02:39 millert
+
+ * INSTALL: document Linux's libc6 brokenness.
+
+1998-01-13 02:00 millert
+
+ * parse.yacc: -Wall
+
+1998-01-13 01:22 millert
+
+ * RUNSON: updated
+
+1998-01-13 00:50 millert
+
+ * TROUBLESHOOTING: remind people to HUP syslogd
+
+1998-01-13 00:05 millert
+
+ * Makefile.in: add -O flag to tar
+
+1998-01-13 00:00 millert
+
+ * TODO, RUNSON: updated
+
+1998-01-12 23:59 millert
+
+ * sudo.pod: remove author's email addr. people should mail
+ sudo-bugs
+
+1998-01-12 23:49 millert
+
+ * INSTALL: fix version
+
+1998-01-12 23:48 millert
+
+ * README, check.c, compat.h, config.h.in, configure.in,
+ dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, logging.c, options.h, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c: ++version
+
+1998-01-12 23:44 millert
+
+ * RUNSON: updated
+
+1998-01-12 23:42 millert
+
+ * INSTALL, Makefile.in: ++version
+
+1998-01-12 23:41 millert
+
+ * CHANGES: updated fort 1.5.4
+
+1998-01-12 23:41 millert
+
+ * check.c: exit(1) if user enters no passwd
+
+1998-01-12 23:37 millert
+
+ * BUGS: ++version
+
+1998-01-12 23:10 millert
+
+ * parse.c: commands can start with ./* not just /* -- fixes a
+ serious security hole.
+
+1997-12-21 18:17 millert
+
+ * sudo.c: Don't set the tty variable to NULL when we lack a tty,
+ leave it as "unknown".
+
+1997-11-23 13:29 millert
+
+ * sample.sudoers: fix usage of (username) in conjunction with , and
+ !
+
+1997-11-23 13:28 millert
+
+ * visudo.c: catch the case where the user is not in the passwd file
+
+1997-11-23 13:24 millert
+
+ * tgetpass.c: use fileno(input) + 1 instead of getdtablesize() as
+ the nfds arg to select(2)
+
+1997-11-23 01:53 millert
+
+ * sudo.c: define tty global to an initial value to avoid dumping
+ core in logging functions when passwd file is unavailable.
+
+1997-11-23 01:51 millert
+
+ * sudo.c: do the set_perms(PERM_USER, sudo_mode) after we have
+ gotten the passwd entry
+
+1997-11-23 00:21 millert
+
+ * sudo.pod: talk about problem of ALL
+
+1997-10-10 00:54 millert
+
+ * README: new web location
+
+1997-10-10 00:54 millert
+
+ * INSTALL: fdesc bug is fixed in Open/Net BSD
+
+1997-10-10 00:52 millert
+
+ * HISTORY: updates from Nieusma
+
+1997-10-09 18:37 millert
+
+ * dce_pwent.c: move compat.h after the system includes
+
+1997-08-06 14:58 millert
+
+ * logging.c: save errno from being clobbered by wait(). From Theo
+
+1997-05-21 11:57 millert
+
+ * compat.h: fix an occurence of setresuid -> setreuid (typo)
+
+1997-03-19 17:45 millert
+
+ * install-sh: check for path to strip
+
+1997-01-15 19:05 millert
+
+ * logging.c: deal with maxfilelen < 0 case
+
+1997-01-15 19:05 millert
+
+ * OPTIONS: fixed descriptin
+
+1996-12-11 23:10 millert
+
+ * sudo.c: correct error message if mode/owner wrong and not
+ statable by owner but is statable by root.
+
+1996-11-23 02:18 millert
+
+ * config.guess, config.sub: autoconf 2.11
+
+1996-11-16 14:42 millert
+
+ * CHANGES, RUNSON, TODO: sudo 1.5.3.
+
+1996-11-14 15:08 millert
+
+ * sudo.h, parse.yacc: command_alias -> generic_alias
+
+1996-11-13 22:50 millert
+
+ * sample.sudoers: added Runas_Alias example and fixed syntax errors
+
+1996-11-13 22:50 millert
+
+ * OPTIONS, options.h: updated MAILSUBJECT
+
+1996-11-13 22:49 millert
+
+ * logging.c: added %h expansion
+
+1996-11-13 21:37 millert
+
+ * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c,
+ find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h,
+ ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
+ logging.c, options.h, parse.c, parse.lex, parse.yacc,
+ pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c, INSTALL, README, configure.in: ++version
+
+1996-11-13 20:01 millert
+
+ * emul/utime.h, BUGS: ++version
+
+1996-11-13 19:45 millert
+
+ * sudoers.pod: document Runas_Alias
+
+1996-11-13 19:22 millert
+
+ * visudo.pod: q (uid) -> Q
+
+1996-11-13 19:21 millert
+
+ * visudo.c: buffer oflow checking q (uit) -> Q if yyparse() fails
+ drop into whatnow
+
+1996-11-13 19:05 millert
+
+ * parse.yacc: add size params to sprintf
+
+1996-11-13 19:04 millert
+
+ * parse.lex: allow trailing space after '\\' but before '\n'
+
+1996-11-13 19:04 millert
+
+ * find_path.c: off by one error in path size check
+
+1996-11-13 19:03 millert
+
+ * check.c: sprintf paranoia
+
+1996-11-12 11:59 millert
+
+ * parse.yacc: fixed more_aliases
+
+1996-11-12 11:58 millert
+
+ * visudo.c: now warns if killed by signal ./
+
+1996-11-11 10:49 millert
+
+ * parse.yacc: fix Runas_Alias stuff Alias's in runas list now get
+ expanded (but it is gross)
+
+1996-11-10 20:32 millert
+
+ * sudo.c: Can now deal with SUDOERS_UID == 0 and SUDOERS_MODE ==
+ 0400
+
+1996-11-10 20:08 millert
+
+ * parse.yacc: add Runas_Alias support change FOO to FOO_ALIAS (ie:
+ USER_ALIAS)
+
+1996-11-10 20:02 millert
+
+ * parse.lex: Add Runas_Alias and simplify a rule.
+
+1996-11-10 19:15 millert
+
+ * parse.yacc: always store User_Alias's since they can be used
+ inside of a runas list. Sigh. Really need a Runas_Alias
+ instead.
+
+1996-10-30 18:04 millert
+
+ * visudo.c: deal with case where there is no sudoers file
+
+1996-10-11 23:01 millert
+
+ * TROUBLESHOOTING: added one
+
+1996-10-10 22:11 millert
+
+ * HISTORY, testsudoers.c: developement -> development
+
+1996-10-10 22:08 millert
+
+ * INSTALL: added a note
+
+1996-10-10 20:36 millert
+
+ * RUNSON: for 1.5.2
+
+1996-10-10 20:36 millert
+
+ * CHANGES: updated
+
+1996-10-10 00:56 millert
+
+ * PORTING: removed seteuid() notes
+
+1996-10-09 13:37 millert
+
+ * compat.h: better seteuid() emulatino
+
+1996-10-09 13:36 millert
+
+ * configure.in: added check for seteuid
+
+1996-10-09 13:36 millert
+
+ * config.h.in: added HAVE_SETEUID
+
+1996-10-08 19:22 millert
+
+ * configure.in: first stab at sequent support
+
+1996-10-08 19:21 millert
+
+ * config.h.in: added HAVE_SYS_SELECT_H
+
+1996-10-08 19:21 millert
+
+ * compat.h: sequent -> _SEQUENT_
+
+1996-10-08 19:11 millert
+
+ * compat.h: added seteuid() macro for DYNIX
+
+1996-10-08 18:54 millert
+
+ * tgetpass.c: _AIX -> HAVE_SYS_SELECT_H
+
+1996-10-07 01:05 millert
+
+ * emul/utime.h, check.c, compat.h, dce_pwent.c, find_path.c,
+ getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
+ ins_csops.h, ins_goons.h, insults.h, interfaces.c, options.h,
+ pathnames.h.in, version.h, BUGS, INSTALL, Makefile.in, OPTIONS,
+ README, config.h.in, logging.c, parse.c, parse.lex, parse.yacc,
+ putenv.c, strdup.c, sudo_setenv.c, testsudoers.c, utime.c,
+ visudo.c, tgetpass.c: ++version
+
+1996-10-07 00:59 millert
+
+ * sudo.pod: added -H and SUDO_PS1
+
+1996-10-07 00:55 millert
+
+ * configure.in: use SUDO_FUNC_FNMATCH
+
+1996-10-07 00:54 millert
+
+ * aclocal.m4: added SUDO_FUNC_FNMATCH
+
+1996-10-07 00:53 millert
+
+ * sudo.c: added -H flag
+
+1996-10-07 00:53 millert
+
+ * sudo.h: added MODE_RESET_HOME /
+
+1996-10-05 00:00 millert
+
+ * INSTALL: mention OPIE
+
+1996-10-04 23:59 millert
+
+ * configure.in: added opie support
+
+1996-10-04 23:59 millert
+
+ * check.c: added HAVE_OPIE and changed to *_OTP_*
+
+1996-10-04 23:58 millert
+
+ * compat.h, config.h.in: added HAVE_OPIE
+
+1996-10-04 23:58 millert
+
+ * OPTIONS, options.h: SKEY -> OTP
+
+1996-10-03 23:27 millert
+
+ * check.c: moved fclose() in skey stuff.
+
+1996-10-03 19:53 millert
+
+ * putenv.c: index -> strchr remove unnecesary stuff
+
+1996-10-03 19:43 millert
+
+ * check.c: now call skeychallenge() to get challenge instead of
+ making one up ourselves. this way, we get extra goodies in the
+ prompt.
+
+1996-09-10 00:32 millert
+
+ * CHANGES: added one
+
+1996-09-10 00:18 millert
+
+ * parse.lex: allow logins to start with a number (YUCK!)
+
+1996-09-08 15:18 millert
+
+ * TROUBLESHOOTING: added soalris 2.5 vs 2.4 note
+
+1996-09-08 15:15 millert
+
+ * configure.in: DUNIX doesn't need -lnsl
+
+1996-09-07 20:22 millert
+
+ * CHANGES: [no log message]
+
+1996-09-07 20:21 millert
+
+ * check.c, compat.h, config.h.in, dce_pwent.c, find_path.c,
+ getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
+ ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c,
+ options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in,
+ putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
+ tgetpass.c, utime.c, version.h, visudo.c: courtesan
+
+1996-09-07 20:13 millert
+
+ * TROUBLESHOOTING, INSTALL, Makefile.in, PORTING, RUNSON, README:
+ courtesan
+
+1996-09-07 20:12 millert
+
+ * visudo.pod: [no log message]
+
+1996-09-07 20:00 millert
+
+ * sudo.pod, visudo.pod: courtesan
+
+1996-09-07 19:45 millert
+
+ * HISTORY: added courtesan ./
+
+1996-09-06 00:12 millert
+
+ * sudo.c: added $SUDO_PROMPT support
+
+1996-09-04 17:19 millert
+
+ * check.c: print long skey challemged to stderr, not stdout
+
+1996-08-31 23:10 millert
+
+ * CHANGES: updated for 1.5.1
+
+1996-08-31 23:07 millert
+
+ * emul/utime.h: ++version
+
+1996-08-31 12:34 millert
+
+ * RUNSON: updated for 1.5.1
+
+1996-08-30 10:49 millert
+
+ * check.c: use shost, not host for tgetpass
+
+1996-08-30 00:21 millert
+
+ * OPTIONS, sudo.pod: documented %u and %h
+
+1996-08-29 20:40 millert
+
+ * configure.in: fixed typo
+
+1996-08-29 20:37 millert
+
+ * INSTALL, Makefile.in, README, check.c, compat.h, config.h.in,
+ dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, logging.c, options.h, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c: ++version
+
+1996-08-29 20:30 millert
+
+ * BUGS: ++version
+
+1996-08-29 18:32 millert
+
+ * configure.in, Makefile.in, version.h: ++version
+
+1996-08-29 17:58 millert
+
+ * sudo.h: new tgetpass() params
+
+1996-08-29 17:58 millert
+
+ * check.c: pass use and host to tgetpass
+
+1996-08-29 17:57 millert
+
+ * tgetpass.c: added %u and %h escapes
+
+1996-08-29 16:56 millert
+
+ * OPTIONS, options.h, check.c: added NO_MESSAGE
+
+1996-08-29 16:23 millert
+
+ * configure.in: added cray (unicos) support
+
+1996-08-27 11:36 millert
+
+ * OPTIONS, options.h, sudo.c: added SHELL_SETS_HOME
+
+1996-08-25 17:56 millert
+
+ * INSTALL: added note about "make install"
+
+1996-08-25 17:50 millert
+
+ * parse.yacc: changed length/size params from int to size_t
+
+1996-08-25 13:35 millert
+
+ * OPTIONS: now get CSOPS insults as well by default
+
+1996-08-25 13:33 millert
+
+ * insults.h: use csops insults too by default
+
+1996-08-25 13:31 millert
+
+ * INSTALL, Makefile.in, README, config.h.in, configure.in,
+ version.h: version = 1.5
+
+1996-08-25 13:27 millert
+
+ * sudo.c: added runas_homedir
+
+1996-08-25 13:27 millert
+
+ * TODO: updated for 1.5
+
+1996-08-25 13:23 millert
+
+ * RUNSON: updated for 1.5
+
+1996-08-25 13:19 millert
+
+ * CHANGES: 1.5 release
+
+1996-08-25 13:17 millert
+
+ * INSTALL: added "upgrading" notes
+
+1996-08-22 14:00 millert
+
+ * visudo.c: now do chmod and chown after edit of temp file and
+ before rename
+
+1996-08-18 12:52 millert
+
+ * Makefile.in: ++version added INSTALL.configure
+
+1996-08-18 12:52 millert
+
+ * version.h, configure.in: ++version
+
+1996-08-18 12:51 millert
+
+ * TROUBLESHOOTING: [no log message]
+
+1996-08-18 12:50 millert
+
+ * parse.yacc: added missing cast
+
+1996-08-17 20:37 millert
+
+ * sudo.c: sets $HOME to pw_dir of runas user
+
+1996-08-17 20:02 millert
+
+ * sudo.pod: document $HOME change
+
+1996-08-17 19:43 millert
+
+ * sudo.pod: fixed up some wording
+
+1996-08-17 19:25 millert
+
+ * check.c, dce_pwent.c, find_path.c, getspwuid.c, getwd.c,
+ goodpath.c, interfaces.c, logging.c, parse.c, parse.lex,
+ parse.yacc, putenv.c, strdup.c, sudo.c, sudo_setenv.c,
+ testsudoers.c, tgetpass.c, utime.c, visudo.c: ++version
+
+1996-08-17 19:19 millert
+
+ * emul/utime.h, compat.h, ins_2001.h, ins_classic.h, ins_csops.h,
+ ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h:
+ ++version
+
+1996-08-17 19:18 millert
+
+ * sudo.h: name nad type changes
+
+1996-08-17 19:17 millert
+
+ * testsudoers.c: now works with new sudo
+
+1996-08-17 19:07 millert
+
+ * parse.yacc: fixed some XXX
+
+1996-08-17 18:52 millert
+
+ * parse.yacc: some variable name changes + comment headers for
+ functions.
+
+1996-08-17 18:41 millert
+
+ * tgetpass.c: added extra paren's to make compilers happy
+
+1996-08-17 18:34 millert
+
+ * sudo.c: [no log message]
+
+1996-08-17 18:30 millert
+
+ * parse.c: now uses init_parser() if not in sudoers and tries
+ "list" or "validate" scold but don't be nasty.
+
+1996-08-17 18:29 millert
+
+ * TROUBLESHOOTING: now can use upper case login names
+
+1996-08-17 18:29 millert
+
+ * visudo.c: now uses init_parser()
+
+1996-08-17 18:28 millert
+
+ * PORTING: added info about PASSWORD_TIMEOUT
+
+1996-08-17 18:28 millert
+
+ * INSTALL, README: updated
+
+1996-08-17 18:28 millert
+
+ * INSTALL.configure: Initial revision
+
+1996-08-17 18:27 millert
+
+ * BUGS: fixed a bug ,
+
+1996-08-17 18:27 millert
+
+ * parse.yacc: now dynamically allocates memory for the stacks -- no
+ more overflows!
+
+1996-08-17 18:26 millert
+
+ * sudo.pod: -l now explands command aliases
+
+1996-08-17 13:22 millert
+
+ * parse.yacc: hacks to expand command aliases for `sudo -l'
+
+1996-08-17 13:22 millert
+
+ * sudo.c: remove $ENV and $BASH_ENV (dangerous in ksh, posix sh,
+ and bash)
+
+1996-08-17 13:22 millert
+
+ * sudo.h: added struct command_alias
+
+1996-08-17 13:20 millert
+
+ * sudo.pod: fixed a bug
+
+1996-08-17 13:15 millert
+
+ * lsearch.c: in compar() key should be first arg
+
+1996-08-15 15:48 millert
+
+ * BUGS: fixed some bugs
+
+1996-08-15 15:47 millert
+
+ * parse.yacc: can now deal with upcase HOST and USER names
+
+1996-08-15 15:47 millert
+
+ * sudo.c: don't yell too loudly at non-sudoers if they do "sudo -l"
+
+1996-08-15 15:46 millert
+
+ * sudo.pod: fixed thinko
+
+1996-08-15 15:46 millert
+
+ * parse.c: fix comment
+
+1996-08-09 18:07 millert
+
+ * parse.c, parse.yacc: added support for new `sudo -l' stuff
+
+1996-08-09 18:06 millert
+
+ * sudo.c: now uses list_matches()
+
+1996-08-09 18:06 millert
+
+ * sudo.h: added struct sudo_match
+
+1996-08-09 17:37 millert
+
+ * configure.in: now more -lgnumalloc
+
+1996-08-01 13:12 millert
+
+ * install-sh: added more paths for chown and whoami
+
+1996-07-31 10:41 millert
+
+ * check.c: typo
+
+1996-07-30 13:45 millert
+
+ * aclocal.m4: fixed DUNIX check for shadow pw
+
+1996-07-30 13:41 millert
+
+ * tgetpass.c: now only turn off echo if it is already on. this
+ fixes a race when you use sudo in a pipelin
+
+1996-07-30 12:53 millert
+
+ * INSTALL: updated
+
+1996-07-29 22:29 millert
+
+ * configure.in: changed "test -z $foo && do_this" to if; then
+ construct
+
+1996-07-28 22:47 millert
+
+ * configure.in: added missing defines of SHADOW_TYPE
+
+1996-07-26 14:10 millert
+
+ * check.c: protect AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT since
+ they are only in dunix 4.x
+
+1996-07-26 14:09 millert
+
+ * getspwuid.c: added AUTH_CRYPT_C1CRYPT support
+
+1996-07-26 13:23 millert
+
+ * parse.c: no longer return VALIDATE_NOT_OK if there was a runas
+ that didn't match. Now we can have runas stuff on more than one
+ line.
+
+1996-07-25 23:45 millert
+
+ * configure.in: got rid of HAVE_C2_SECURITY SHADOW_TYPE is always
+ defined to something
+
+1996-07-25 23:45 millert
+
+ * config.h.in: removed HAVE_C2_SECURITY added SPW_BSD
+
+1996-07-25 23:44 millert
+
+ * compat.h, getspwuid.c, sudo.c, tgetpass.c: use SHADOW_TYPE
+ instead of HAVE_C2_SECURITY
+
+1996-07-25 23:44 millert
+
+ * check.c: SHADOW_TYPE is always defined so just against its value
+
+1996-07-25 23:44 millert
+
+ * aclocal.m4: added SUDO_CHECK_SHADOW_DUNIX
+
+1996-07-25 18:47 millert
+
+ * sudoers.pod: * -> ?* in one example added another instance of
+ (runas) and one of NOPASSWD:
+
+1996-07-24 13:02 millert
+
+ * configure.in: added back check for config.cache from other host
+ type
+
+1996-07-24 12:49 millert
+
+ * parse.lex: removed an instance of \"
+
+1996-07-24 12:49 millert
+
+ * sample.sudoers: added an example
+
+1996-07-24 12:44 millert
+
+ * sudoers.pod: updated wrt new wildcard matching
+
+1996-07-24 10:28 millert
+
+ * configure.in: new check for shadow passwords if we don't know
+ anything
+
+1996-07-24 10:28 millert
+
+ * aclocal.m4: new SUDO_CHECK_SHADOW_GENERIC
+
+1996-07-24 02:19 millert
+
+ * configure.in: added back check for -lsocket (oops)
+
+1996-07-24 02:16 millert
+
+ * configure.in: better (working) check for shadow passwd type if we
+ know to use C2.
+
+1996-07-24 01:59 millert
+
+ * configure.in: now uses AC_CANONICAL_HOST to figure out os type
+
+1996-07-24 01:59 millert
+
+ * Makefile.in: added config.{guess,sub}
+
+1996-07-24 01:58 millert
+
+ * aclocal.m4: removed unused stuff to figure out os type
+
+1996-07-23 22:58 millert
+
+ * config.sub: added openbsd
+
+1996-07-23 22:54 millert
+
+ * config.sub: Initial revision
+
+1996-07-23 22:40 millert
+
+ * config.guess: Initial revision
+
+1996-07-23 21:18 millert
+
+ * testsudoers.c: don't call fnmatch() with FNM_PATHNAME flag unless
+ it can only be a pathname. need to check against sudoers_args
+ even if user_args is nil
+
+1996-07-23 21:18 millert
+
+ * parse.c: don't call fnmatch() with FNM_PATHNAME flag unless it
+ can only be a pathname need to check against sudoers_args even if
+ user_args is nil
+
+1996-07-23 18:52 millert
+
+ * check.c: added support for AUTH_CRYPT_OLDCRYPT w/ DUNIX C2
+
+1996-07-23 01:18 millert
+
+ * testsudoers.c: now takes command line args and uses cmnd_args
+
+1996-07-23 01:10 millert
+
+ * parse.lex: fill_args was adding an extra leading space
+
+1996-07-22 15:50 millert
+
+ * visudo.c: fixed dummy command_matches()
+
+1996-07-22 15:50 millert
+
+ * parse.yacc: fixed prototype
+
+1996-07-22 15:31 millert
+
+ * sudo.h: added cmnd_args
+
+1996-07-22 15:31 millert
+
+ * parse.yacc: now uses flat args string
+
+1996-07-22 15:30 millert
+
+ * parse.c, parse.lex: now uses flat arg string
+
+1996-07-22 15:29 millert
+
+ * visudo.c: added cmnd_args def
+
+1996-07-22 14:30 millert
+
+ * sudo.c: now sets cmnd_args global
+
+1996-07-22 14:30 millert
+
+ * logging.c: cmnd_args is now exported from sudo.[ch]
+
+1996-07-21 18:41 millert
+
+ * parse.yacc: can't rely on cmnd_matches as much as I thought --
+ added some $$ stuff back in to prevent namespace pollution
+ problems.
+
+1996-07-21 18:01 millert
+
+ * parse.yacc: Simplified parse rules wrt runas and NOPASSWD (more
+ consistent).
+
+1996-07-20 00:45 millert
+
+ * parse.lex: NOPASSWD may now have blanks before the ':' '(' only
+ starts a 'runas' if in the initial state to avoid collision with
+ command args
+
+1996-07-20 00:23 millert
+
+ * configure.in: added checks for specific shadow passwd schemes
+
+1996-07-20 00:18 millert
+
+ * aclocal.m4: added routines to check for specific shadow passwd
+ types
+
+1996-07-18 18:27 millert
+
+ * configure.in: added support for ncr boxen
+
+1996-07-18 18:26 millert
+
+ * aclocal.m4: added support for detecting ncr boxen
+
+1996-07-16 14:57 millert
+
+ * configure.in: added sinix support
+
+1996-07-13 22:29 millert
+
+ * TROUBLESHOOTING: added info about "config.cache from other other"
+ error.
+
+1996-07-13 22:22 millert
+
+ * aclocal.m4: now makes sure you don't have a config.cache file
+ from another OS
+
+1996-07-13 21:36 millert
+
+ * configure.in: now sets $LIBS when needed to configure links with
+ libs when doing tests hpux10 now uses SPW_SECUREWARE for C2 added
+ check for bigcrypt(3) if SPW_SECUREWARE
+
+1996-07-13 21:30 millert
+
+ * getspwuid.c: fixed typo
+
+1996-07-13 21:05 millert
+
+ * tgetpass.c: now include stuff for SPW_SECUREWARE to get
+ AUTH_MAX_PASSWD_LENGTH
+
+1996-07-13 21:05 millert
+
+ * getspwuid.c: no more SPW_HPUX10
+
+1996-07-13 21:04 millert
+
+ * config.h.in: no more SPW_HPUX10 added HAVE_BIGCRYPT
+
+1996-07-13 21:04 millert
+
+ * compat.h: now uses AUTH_MAX_PASSWD_LENGTH if SPW_SECUREWARE
+
+1996-07-13 21:04 millert
+
+ * check.c: SPW_SECUREWARE now uses bigcrypt
+
+1996-07-13 18:24 millert
+
+ * sample.sudoers: fixed 2 syntax errors
+
+1996-07-13 18:24 millert
+
+ * sudoers: root may now run ALL as ALL
+
+1996-07-11 20:59 millert
+
+ * interfaces.c: fixed a typo/thinko that broke BSD's with sa_len
+
+1996-07-08 16:08 millert
+
+ * check.c, configure.in: updated AFS support
+
+1996-07-08 16:07 millert
+
+ * TROUBLESHOOTING: added entry about /usr/ucb/cc
+
+1996-07-08 16:06 millert
+
+ * INSTALL: prep no longer holds gcc binaries
+
+1996-07-08 15:48 millert
+
+ * INSTALL: updated AFS note
+
+1996-07-08 15:43 millert
+
+ * Makefile.in: added @AFS_LIBS@
+
+1996-07-08 15:33 millert
+
+ * compat.h: AFS allows long passwords
+
+1996-07-08 14:16 millert
+
+ * testsudoers.c: fixed -u user support
+
+1996-07-08 14:16 millert
+
+ * parse.c: sudo -v now groks VALIDATE_OK_NOPASS
+
+1996-07-08 13:30 millert
+
+ * parse.yacc: fixed no_passwd vs. runas_matched
+
+1996-07-08 10:30 millert
+
+ * TROUBLESHOOTING: took out stuff about NFS-mounting since it is no
+ longer an issue
+
+1996-07-08 10:30 millert
+
+ * INSTALL: added --with-libraries > --with-libpath --with-incpath
+
+1996-07-08 10:21 millert
+
+ * parse.yacc: was setting runas_matches to -1 in wrong place
+
+1996-07-08 09:58 millert
+
+ * check.c: removed usersec.h which is not present in new AFS
+ versions
+
+1996-07-08 09:55 millert
+
+ * tgetpass.c: now deals with timeout <= 0
+
+1996-07-08 09:51 millert
+
+ * OPTIONS: updated
+
+1996-07-08 00:04 millert
+
+ * configure.in: BSD/OS >= 2.0 now uses shlicc instead of just gcc
+
+1996-07-07 22:30 millert
+
+ * sudo.c: fixed backwards compatibility with sudo 1.4 sudoers mode
+ for root readable/writable filesystems
+
+1996-07-07 20:49 millert
+
+ * Makefile.in: now gives INSTALL -c flag
+
+1996-07-07 20:34 millert
+
+ * parse.yacc: slightly simpler initialization of no_passwd and
+ runas_matches
+
+1996-07-07 20:33 millert
+
+ * testsudoers.c: added -u username support
+
+1996-07-07 20:32 millert
+
+ * configure.in: improved --with-libraries support
+
+1996-07-07 16:27 millert
+
+ * configure.in: added --with-incpath, --with-libpath,
+ --with-libraries
+
+1996-07-07 16:01 millert
+
+ * parse.yacc: now initializes some fields that weren't getting set
+ to -1 pretty gross -- need a rewrite.
+
+1996-06-25 23:19 millert
+
+ * alloca.c: removed emacs'isms
+
+1996-06-25 22:29 millert
+
+ * configure.in: no longer add -lPW to *_LIBS since we include
+ alloca.c
+
+1996-06-25 22:29 millert
+
+ * config.h.in: added HAVE_ALLOCA_H
+
+1996-06-25 22:28 millert
+
+ * Makefile.in: added alloca.c
+
+1996-06-25 22:18 millert
+
+ * alloca.c: Initial revision
+
+1996-06-25 21:58 millert
+
+ * configure.in: ++version
+
+1996-06-25 19:32 millert
+
+ * sudo.c: now set uid to 1 instead of nobody for PERM_SUDOERS since
+ nobody is not always set to a valid uid.
+
+1996-06-25 19:31 millert
+
+ * OPTIONS: fixed entry for SUDO_MODE
+
+1996-06-25 18:02 millert
+
+ * sudo.c: Fixed NFS-mounted sudoers file under solaris both uid
+ *and* gid were being set to -2. Now beat NFS to the punch and
+ set uid to "nobody" ourselves, preserving group 0 to read
+ sudoers.
+
+1996-06-25 18:02 millert
+
+ * parse.c: moved set_perms(PERM_ROOT) to be before yyparse()
+
+1996-06-25 18:00 millert
+
+ * logging.c: fixed a typo
+
+1996-06-25 18:00 millert
+
+ * configure.in: no longer need AC_PROG_INSTALL
+
+1996-06-25 17:59 millert
+
+ * Makefile.in: always use install-sh to avoid install(1)'s that use
+ get{pw,gr}nam
+
+1996-06-25 16:07 millert
+
+ * INSTALL: make clean -> make distclean
+
+1996-06-20 01:17 millert
+
+ * parse.yacc: removed some unnecsary if's
+
+1996-06-20 01:16 millert
+
+ * Makefile.in, version.h: ++version
+
+1996-06-20 01:16 millert
+
+ * parse.c, testsudoers.c: now includes netgroup.h
+
+1996-06-20 00:45 millert
+
+ * interfaces.c: removed cats of ioctl to int since they didn't shut
+ up -Wall
+
+1996-06-20 00:43 millert
+
+ * interfaces.c: explicately cast ioctl() to int since it it not
+ always declared
+
+1996-06-20 00:41 millert
+
+ * sudo.h: added declarations for yyparse() and yylex()
+
+1996-06-20 00:27 millert
+
+ * parse.yacc: fixed an occurence of '==' -> '='
+
+1996-06-20 00:22 millert
+
+ * config.h.in, configure.in: added check for netgroup.h
+
+1996-06-20 00:20 millert
+
+ * sudo.c: fixed 2 compiler warnings
+
+1996-06-20 00:08 millert
+
+ * sudo.c: SHELL_IF_NO_ARGS caused core dump since NewArg[cv]
+ weren't being initialized
+
+1996-06-19 13:53 millert
+
+ * sudo.pod: fixed a typo
+
+1996-06-17 12:19 millert
+
+ * parse.yacc: fixed a formatting thingie
+
+1996-06-17 12:16 millert
+
+ * parse.c, parse.yacc: fixed -u support with multiple user lists on
+ a line
+
+1996-06-17 10:23 millert
+
+ * configure.in: unixware needs -lgen
+
+1996-06-17 10:23 millert
+
+ * README: updated ftp location
+
+1996-06-17 00:08 millert
+
+ * sudoers.pod: add net_addr/netmask support
+
+1996-06-17 00:07 millert
+
+ * sample.sudoers: added net_addr/mask example
+
+1996-06-17 00:02 millert
+
+ * parse.lex, parse.c: added support for net_addr/netmask
+
+1996-06-15 20:13 millert
+
+ * sudoers.pod: ^ -> !
+
+1996-06-15 18:12 millert
+
+ * RUNSON: updated for 1.4.3
+
+1996-06-15 18:12 millert
+
+ * CHANGES: udpated for 1.4.3
+
+1996-06-15 18:11 millert
+
+ * TROUBLESHOOTING, TODO, BUGS: updated
+
+1996-06-15 18:11 millert
+
+ * sample.sudoers: updated with examples of new stuff
+
+1996-06-15 18:10 millert
+
+ * INSTALL, README: ++version
+
+1996-06-15 18:01 millert
+
+ * sudoers.pod: updated wrt -u and NOPASSWD
+
+1996-06-15 17:58 millert
+
+ * sudo.pod: updated wrt -u and CAVEATS
+
+1996-06-08 23:15 millert
+
+ * sudo.c: fixed usage()
+
+1996-06-08 22:57 millert
+
+ * parse.lex: now use :foo: character classes (makes no diff for
+ generated lexer)
+
+1996-06-07 14:33 millert
+
+ * check.c: fixed LONG_SKEY_PROMPT stuff
+
+1996-06-06 15:35 millert
+
+ * visudo.c: fixed a comment
+
+1996-06-06 15:03 millert
+
+ * lsearch.c: make more like NetBSD one -- now compiles w/o warnings
+
+1996-06-06 15:02 millert
+
+ * emul/search.h: fixed decls of lsearch()
+
+1996-06-05 22:20 millert
+
+ * config.h.in, configure.in, getspwuid.c: added SPW_HPUX10
+
+1996-06-05 22:20 millert
+
+ * check.c: hpux 10 uses bigcrypt() if C2
+
+1996-06-04 19:57 millert
+
+ * parse.c: now always uses fnmatch to match args
+
+1996-06-04 19:40 millert
+
+ * tgetpass.c: back to using stdio instead of raw i/o since that
+ caused some problems
+
+1996-05-28 22:14 millert
+
+ * sudo.c: now give usage warning if use -l,-v,-k with args
+
+1996-05-28 18:22 millert
+
+ * sudo.c: NewArgc is now set to 1 for -l, -v, -k
+
+1996-05-28 12:50 millert
+
+ * sudo.c: now sets sudoers to correct group if mode is 0400
+
+1996-05-28 12:02 millert
+
+ * install-sh: updated to version used by inn and bind
+
+1996-05-28 00:08 millert
+
+ * configure.in: now uses -lgnumalloc if it exists
+
+1996-05-28 00:02 millert
+
+ * Makefile.in: "make install" now sets uid/gid and mode on sudoers
+ if it exists
+
+1996-05-28 00:01 millert
+
+ * sudo.c: rmeoved debugging statements
+
+1996-05-28 00:00 millert
+
+ * parse.yacc: added a missing free()
+
+1996-05-27 23:58 millert
+
+ * sudo.c: now uses user_gid instead of getegid (which was wrong
+ anyway) to set SUDO_GID Now sets command line args in
+ SUDO_COMMAND envariabled (logging.c depends on args being in the
+ environment)
+
+1996-05-27 23:57 millert
+
+ * logging.c: now uses SUDO_COMMAND envariable to get command args
+ rather than building it up again.
+
+1996-05-27 22:42 millert
+
+ * parse.c: now uses user_gid
+
+1996-05-27 20:02 millert
+
+ * sudo.c: fixed off by one error in allocation NewArgv
+
+1996-05-27 20:01 millert
+
+ * parse.c: in sudoers, 'command ""' now means command with no args
+
+1996-05-27 20:01 millert
+
+ * configure.in: added check for fnmatch(3) and fnmatch.h
+
+1996-05-27 20:01 millert
+
+ * config.h.in: added HAVE_FNMATCH
+
+1996-05-27 20:00 millert
+
+ * Makefile.in: replaced wildcat.* with fnmatch.*
+
+1996-05-27 20:00 millert
+
+ * testsudoers.c: now uses fnmatch()
+
+1996-05-27 19:38 millert
+
+ * parse.c: now uses fnmatch() instead of wildmat a trailing star
+ (*) by itself now matches multiple args added support for
+ wildcards in the pathname in sudoers
+
+1996-05-25 19:23 millert
+
+ * fnmatch.c: now includes compat.h and config.h
+
+1996-05-25 18:09 millert
+
+ * config.h.in: added HAVE_FNMATCH_H
+
+1996-05-25 18:07 millert
+
+ * configure.in: now checks for alloca() (if needed by bison or dce)
+ and links with -lPW if it contains alloca() and libv and compiler
+ do not.
+
+1996-05-25 18:03 millert
+
+ * fnmatch.3, fnmatch.c, emul/fnmatch.h: Initial revision
+
+1996-04-28 22:38 millert
+
+ * sudo.c: now fixes mode on sudoers if set to 0400 to aid in
+ upgrade
+
+1996-04-28 17:44 millert
+
+ * Makefile.in: fixed pod2man usage
+
+1996-04-28 17:40 millert
+
+ * configure.in, Makefile.in, version.h: ++version
+
+1996-04-28 17:20 millert
+
+ * testsudoers.c, visudo.c: runas_user is now initialized to "root"
+
+1996-04-28 17:20 millert
+
+ * sudo.h: removed PERM_FULL_ROOT
+
+1996-04-28 17:18 millert
+
+ * sudo.c: runas_user defaults to "root" so no more need to
+ PERM_RUNAS
+
+1996-04-28 17:16 millert
+
+ * parse.c: will now only running commands as root if there was no
+ runas list (or if root is in the runas list)
+
+1996-04-28 17:15 millert
+
+ * logging.c: now logs "USER=%s"
+
+1996-04-28 17:12 millert
+
+ * parse.yacc: runas_matches is now set to false if we get a
+ negative match
+
+1996-04-28 15:01 millert
+
+ * parse.lex: make #uid work + some minor cleanup
+
+1996-04-27 21:04 millert
+
+ * sample.sudoers: added support for NOPASSWD and "runas" from
+ garp@opustel.com /
+
+1996-04-27 21:03 millert
+
+ * visudo.c: added support for "runas" from garp@opustel.com
+ replaced SUDOERS_OWNER with SUDOERS_UID, SUDOERS_GID added
+ support for SUDOERS_MODE
+
+1996-04-27 21:03 millert
+
+ * testsudoers.c: added support for "runas" from garp@opustel.com
+
+1996-04-27 21:02 millert
+
+ * sudo.h: added support for NO_PASSWD and runas from
+ garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and
+ SUDOERS_GID and added support fro SUDOERS_MODE
+
+1996-04-27 21:00 millert
+
+ * sudo.c: added support for NO_PASSWD and runas from
+ garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and
+ SUDOERS_GID and added support fro SUDOERS_MODE
+
+1996-04-27 21:00 millert
+
+ * parse.yacc: added support for NO_PASSWD and runas from
+ garp@opustel.com
+
+1996-04-27 20:58 millert
+
+ * parse.c, parse.lex: added support for NO_PASSWD and runas from
+ garp@opustel.com
+
+1996-04-27 20:56 millert
+
+ * logging.c: added support for SUDOERS_WRONG_MODE and "runas"
+
+1996-04-27 20:40 millert
+
+ * configure.in: added --with-CC only link with -lshadow on linux
+ (with shadow pw) if libc lacks getspnam()
+
+1996-04-27 20:39 millert
+
+ * OPTIONS, options.h: removed NO_PASSWD since it is not possible to
+ do this in the sudoers file itself. Replaced SUDOERS_OWNER with
+ SUDOERS_UID and SUDOERS_GID. Added SUDOERS_MODE.
+
+1996-04-27 20:26 millert
+
+ * Makefile.in: now uses SUDOERS_UID and SUDOERS_GID
+
+1996-04-27 11:20 millert
+
+ * INSTALL: added --with-CC
+
+1996-04-06 16:31 millert
+
+ * parse.lex: added double quote support
+
+1996-04-06 16:29 millert
+
+ * sudoers.pod: documented double quoting
+
+1996-04-05 16:53 millert
+
+ * mkinstalldirs: Initial revision
+
+1996-04-05 16:53 millert
+
+ * check.c: fixed some indentation
+
+1996-04-05 16:48 millert
+
+ * Makefile.in: fixed a typo
+
+1996-04-04 19:39 millert
+
+ * Makefile.in: added install-dirs .
+
+1996-04-04 14:16 millert
+
+ * dce_pwent.c: new version from "Jeff A. Earickson"
+ <jaearick@colby.edu>
+
+1996-04-03 13:40 millert
+
+ * configure.in: $CSOPS -> $with_csops (whoops, missed one)
+
+1996-04-03 13:40 millert
+
+ * BUGS: updated
+
+1996-04-03 13:36 millert
+
+ * parse.lex: FQHOST now has same constraints as non-FQHOST
+
+1996-04-02 19:00 millert
+
+ * INSTALL: added note about OS's w/ shadow passwords turned on by
+ default
+
+1996-04-02 18:58 millert
+
+ * configure.in: fixed a typo
+
+1996-04-02 18:48 millert
+
+ * configure.in: added support for --without-THING sanitized shadow
+ pw situtation by adding support for --without-C2
+
+1996-04-02 16:42 millert
+
+ * tgetpass.c: fixed a typo wrt placement of an end paren
+
+1996-04-02 14:57 millert
+
+ * check.c: was closing an fd that may not have been opened
+
+1996-03-21 19:55 millert
+
+ * sudo.c, OPTIONS, options.h: added NO_PASSWD
+
+1996-03-19 19:40 millert
+
+ * configure.in: now always use shadow pw on some arches
+
+1996-03-19 17:07 millert
+
+ * configure.in: added pyramid support
+
+1996-03-19 17:04 millert
+
+ * configure.in: no longer check for C2 if alternate passwd method
+ is used no longer check for some libs twice
+
+1996-03-19 17:00 millert
+
+ * parse.yacc: moved fqdn stuff into parse.lex (FQHOST)
+
+1996-03-19 17:00 millert
+
+ * parse.lex: added FQHOST rules
+
+1996-03-18 20:57 millert
+
+ * tgetpass.c: now define TCSASOFT in necesary
+
+1996-03-18 20:31 millert
+
+ * tgetpass.c: now uses read/write instead of stdio string goop to
+ avoid problems with select(2)
+
+1996-03-18 19:37 millert
+
+ * OPTIONS, find_path.c, options.h: -DNO_DOT_PATH ->
+ -DIGNORE_DOT_PATH
+
+1996-03-17 16:18 millert
+
+ * INSTALL: added note about no shadow auto-detect if using
+ alternate auth schemes
+
+1996-03-17 15:33 millert
+
+ * configure.in: don't check for C2 if AFS or DCE (unless they said
+ --with-C2)
+
+1996-03-17 15:08 millert
+
+ * testsudoers.c: now groks shost
+
+1996-03-17 15:01 millert
+
+ * options.h, OPTIONS, find_path.c: added NO_DOT_PATH
+
+1996-03-16 14:43 millert
+
+ * find_path.c: checkdot now works correctly
+
+1996-03-12 18:01 millert
+
+ * configure.in: can't have DCE and C2 passwords both...
+
+1996-03-11 14:05 millert
+
+ * parse.yacc, sudo.c, sudo.h, visudo.c: now uses shost even if not
+ FQDN
+
+1996-03-11 14:04 millert
+
+ * configure.in: now looks for skey in /usr/lib and doesn't require
+ libskey to be in /usr/local/lib just because skey.h is (for my
+ netbsd box :-)
+
+1996-03-11 02:00 millert
+
+ * aclocal.m4, config.h.in, pathnames.h.in: _SUDO_PATH_ ->
+ _CONFIG_PATH_
+
+1996-03-10 21:01 millert
+
+ * aclocal.m4, sudo.pod: /var/run/.odus -> /var/run/sudo
+
+1996-03-10 20:59 millert
+
+ * pathnames.h.in: now uses _SUDO_PATH_TIMEDIR
+
+1996-03-10 20:59 millert
+
+ * OPTIONS: udpated FQDN
+
+1996-03-10 20:58 millert
+
+ * config.h.in: added _SUDO_PATH_TIMEDIR
+
+1996-03-10 20:58 millert
+
+ * aclocal.m4, configure.in: added SUDO_TIMEDIR
+
+1996-03-10 20:58 millert
+
+ * sudo.pod: updated wrt /var/run/sudo
+
+1996-03-10 20:16 millert
+
+ * sudo.c, sudo.h: added support for shost if FQDN
+
+1996-03-10 20:14 millert
+
+ * parse.yacc, visudo.c: now uses shost if FQDN
+
+1996-03-10 20:12 millert
+
+ * check.c: Now use skeylookup() instead off skeychallenge()
+
+1996-02-27 20:41 millert
+
+ * logging.c: mail_argv should not contain ALERTMAIL as it includes
+ "-t"
+
+1996-02-22 17:06 millert
+
+ * INSTALL, Makefile.in, README, version.h, configure.in: ++version
+
+1996-02-22 16:27 millert
+
+ * compat.h: added more _PASSWD_LEN stuff -- now uses PASS_MAX too
+
+1996-02-22 16:27 millert
+
+ * tgetpass.c: now includes limits.h moved _PASSWD_LEN -> compat.h
+
+1996-02-05 19:20 millert
+
+ * README, INSTALL: ++version
+
+1996-02-05 19:20 millert
+
+ * Makefile.in: ++versoin
+
+1996-02-05 19:16 millert
+
+ * Makefile.in: fixed a typo
+
+1996-02-05 19:16 millert
+
+ * configure.in: ++version
+
+1996-02-05 18:53 millert
+
+ * RUNSON: updated
+
+1996-02-05 18:47 millert
+
+ * CHANGES: done for 1.4.1 (I hope)
+
+1996-02-05 18:45 millert
+
+ * sudoers.pod: added info on wildcards
+
+1996-02-05 18:39 millert
+
+ * sample.sudoers: added wildcard example
+
+1996-02-05 17:03 millert
+
+ * Makefile.in: now uses *.pod to build *.man and *.cat & *.html
+
+1996-02-05 17:03 millert
+
+ * configure.in: addedSUDO_PROG_BSHELL !ll
+
+1996-02-05 16:10 millert
+
+ * visudo.pod: fixed up some formatting
+
+1996-02-05 16:10 millert
+
+ * sudoers.pod: redid section describing sample sudoers stuff
+
+1996-02-05 16:10 millert
+
+ * sudo.pod: fixed some formatting
+
+1996-02-04 22:50 millert
+
+ * getspwuid.c: now treats "" as bourne shell
+
+1996-02-04 22:49 millert
+
+ * Makefile.in: TESTOBJS nwo includes wildmat.o
+
+1996-02-04 22:48 millert
+
+ * testsudoers.c: now works with NewArg[cv]
+
+1996-02-04 21:59 millert
+
+ * sudo.c: removed an XXX (fixed it in getspwuid.c)
+
+1996-02-04 21:58 millert
+
+ * aclocal.m4: added check for bourne shell
+
+1996-02-04 21:58 millert
+
+ * pathnames.h.in: added _PATH_BSHELL
+
+1996-02-04 21:58 millert
+
+ * config.h.in: added _SUDO_PATH_BSHELL
+
+1996-02-04 16:36 millert
+
+ * visudo.c: unixware vi returns 256 instead of 0
+
+1996-02-04 16:24 millert
+
+ * INSTALL: added Linux note
+
+1996-02-04 16:13 millert
+
+ * logging.c: fixed up some XXX's. file log format now looks a
+ little more like real syslog(3) format.
+
+1996-02-04 16:13 millert
+
+ * README, TROUBLESHOOTING: updated wrt lex/flex
+
+1996-02-04 16:11 millert
+
+ * Makefile.in: commented out rule to build lex.yy.c from parse.lex
+ since we ship with a pre-flex'd parser
+
+1996-02-04 16:09 millert
+
+ * parse.c, parse.yacc, visudo.c: path_matches -> command_matches
+
+1996-02-04 02:28 millert
+
+ * logging.c: eliminated some strcat()'s
+
+1996-02-04 02:10 millert
+
+ * configure.in: no longer checks for lex/flex (now assumes flex)
+
+1996-02-04 02:08 millert
+
+ * configure.in: now checks for $kerb_dir_candidate/krb.h instead of
+ just kerb_dir_candidate
+
+1996-02-02 20:48 millert
+
+ * parse.yacc: now use a 'hook' expression instead of an iffy one
+ :-)
+
+1996-02-02 01:14 millert
+
+ * visudo.c: now works with new sudo arg stuff
+
+1996-02-02 01:14 millert
+
+ * parse.yacc: fixed dereferencing deadbeef
+
+1996-02-01 23:53 millert
+
+ * sudo.c: changed an occurrence of Argv to NewArgv
+
+1996-02-01 23:53 millert
+
+ * parse.lex: took out support for quoted commands since there is no
+ need...
+
+1996-02-01 23:52 millert
+
+ * parse.c: fixed a typo in a for() loop
+
+1996-02-01 23:52 millert
+
+ * logging.c: protected against dereferencing rogue pointers
+
+1996-02-01 22:34 millert
+
+ * sudo.c: now uses NewArgv amd NewArgc so cmnd_aegs is no longer
+ needed this also allows us to eliminate some kludges in
+ parse_args() and eliminate superfluous code.
+
+1996-02-01 22:34 millert
+
+ * logging.c: no longer uses cmnd_args, now uses NewArgv instead.
+
+1996-02-01 22:32 millert
+
+ * sudo.h: added struct sudo_command, NewArgc, and NewArgv removed
+ cmnd_args (no longer used)
+
+1996-02-01 22:31 millert
+
+ * Makefile.in: added wildmat.c to SRCS & SUDOBJS
+
+1996-02-01 22:30 millert
+
+ * parse.yacc: COMMAND is now a struct containing the path and args
+
+1996-02-01 22:30 millert
+
+ * parse.lex: replaced append() with fill_cmnd() and fill_args.
+ command args from a sudoers entry are now stored in an arrary for
+ easy matching.
+
+1996-02-01 22:28 millert
+
+ * parse.c: command line args from sudoers file are now in an array
+ like ones passed in from the command line
+
+1996-01-31 20:59 millert
+
+ * parse.c: wildwat stuff now works
+
+1996-01-29 00:44 millert
+
+ * version.h: ++version
+
+1996-01-29 00:44 millert
+
+ * Makefile.in: ++version added wildmat.*
+
+1996-01-28 17:55 millert
+
+ * parse.lex: added support for quoted commands (w/ or w/o args)
+
+1996-01-22 01:55 millert
+
+ * sudo.pod, visudo.pod: cleaned up formatting
+
+1996-01-21 20:53 millert
+
+ * sudo.pod, visudo.pod: Initial revision
+
+1996-01-21 02:07 millert
+
+ * sudoers.pod: looks reasonable, could be mroe readable
+
+1996-01-20 23:47 millert
+
+ * sudoers.pod: Initial revision
+
+1996-01-16 14:38 millert
+
+ * RUNSON: updated
+
+1996-01-16 14:37 millert
+
+ * OPTIONS: updated NO_ROOT_SUDO entry
+
+1996-01-15 11:37 millert
+
+ * RUNSON: [no log message]
+
+1996-01-15 11:34 millert
+
+ * sudo.c: fixed SECURE_PATH
+
+1996-01-14 20:55 millert
+
+ * RUNSON: udpa`ted for 1.4
+
+1996-01-14 20:52 millert
+
+ * configure.in: AIX aixcrypt.exp now uses $(srcdir)
+
+1996-01-14 20:32 millert
+
+ * TROUBLESHOOTING: added entry for anal ansi compilers
+
+1996-01-14 16:13 millert
+
+ * INSTALL: added info on libcrypt_i for SCO
+
+1996-01-14 16:05 millert
+
+ * TODO: [no log message]
+
+1996-01-14 15:39 millert
+
+ * sample.sudoers: added comments
+
+1996-01-14 15:25 millert
+
+ * TODO: 1.4 release
+
+1996-01-14 15:22 millert
+
+ * README, config.h.in, configure.in, CHANGES: ++version
+
+1996-01-14 15:21 millert
+
+ * BUGS: ++version and fixed ISC
+
+1996-01-14 15:19 millert
+
+ * check.c, compat.h, dce_pwent.c, find_path.c, getspwuid.c,
+ getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h,
+ ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h,
+ logging.c, putenv.c, strdup.c, sudo.c, sudo_setenv.c,
+ testsudoers.c, tgetpass.c, utime.c, visudo.c, INSTALL, OPTIONS:
+ ++version
+
+1996-01-14 15:16 millert
+
+ * interfaces.c: added STUB_LOAD_INTERFACES ++version
+
+1996-01-14 15:14 millert
+
+ * Makefile.in, version.h, parse.c, parse.lex, parse.yacc,
+ emul/utime.h: ++version
+
+1996-01-14 15:13 millert
+
+ * PORTING: added info about fd_set in tgetpass added info on
+ interfaces.c
+
+1996-01-11 13:22 millert
+
+ * dce_pwent.c: added sudo header
+
+1996-01-11 13:04 millert
+
+ * tgetpass.c: fixed a typo
+
+1996-01-11 13:01 millert
+
+ * Makefile.in: tgetpass.o is now only linked in with sudo (not
+ visudo)
+
+1996-01-09 12:56 millert
+
+ * BUGS, INSTALL, OPTIONS, README, Makefile.in, config.h.in,
+ configure.in: ++version
+
+1996-01-09 12:54 millert
+
+ * emul/utime.h: added copyright notice
+
+1996-01-09 12:52 millert
+
+ * check.c, compat.h, find_path.c, getspwuid.c, getwd.c, goodpath.c,
+ ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
+ interfaces.c, logging.c, options.h, parse.c, parse.lex,
+ parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
+ sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
+ visudo.c: ++version
+
+1996-01-09 12:46 millert
+
+ * tgetpass.c: minor cleanup and now includes sys/bsdtypes for
+ svr4'ish boxen
+
+1996-01-09 12:42 millert
+
+ * configure.in: ISC now gets -lcrypt now check for sys/bsdtypes.h
+
+1996-01-09 12:41 millert
+
+ * config.h.in: added check for sys/bsdtypes.h
+
+1996-01-07 16:00 millert
+
+ * parse.yacc: removed debugging stuff (setting freed ptr to NULL)
+
+1996-01-07 15:55 millert
+
+ * TROUBLESHOOTING: added 2 entries
+
+1996-01-07 15:55 millert
+
+ * Makefile.in: added FAQ
+
+1996-01-07 14:26 millert
+
+ * TROUBLESHOOTING: added section on syslog
+
+1996-01-07 14:25 millert
+
+ * configure.in: added AC_ISC_POSIX for better ISC support
+
+1996-01-07 14:25 millert
+
+ * config.h.in: fixed typo
+
+1996-01-07 14:25 millert
+
+ * config.h.in: added define for _POSIX_SOURCE
+
+1996-01-04 00:41 millert
+
+ * configure.in: fixed check for lsearch()
+
+1995-12-21 21:53 millert
+
+ * interfaces.c: fixed for AIX now deal if num_interfaces == 0
+ (should not happen)
+
+1995-12-20 17:02 millert
+
+ * configure.in: now only define HAVE_LSEARCH if there is a
+ corresponding search.h
+
+1995-12-20 15:52 millert
+
+ * interfaces.c: works on ISC again
+
+1995-12-18 17:36 millert
+
+ * configure.in: now define HAVE_LSEARCH if we find lsearch() in
+ libcompat
+
+1995-12-18 17:32 millert
+
+ * lsearch.c: char * -> const char *
+
+1995-12-18 17:29 millert
+
+ * configure.in: now looks in -lcompat for lsearch()
+
+1995-12-18 17:23 millert
+
+ * Makefile.in: remove sudo.core visudo.core for clan target
+
+1995-12-17 22:53 millert
+
+ * aclocal.m4: added UID_MAX support in check for MAX_UID_T_LEN
+
+1995-12-17 22:36 millert
+
+ * Makefile.in: fixed another occurence of sudo_getpwuid.*
+
+1995-12-17 22:30 millert
+
+ * getspwuid.c, Makefile.in: sudo_getpwuid.c -> getspwuid.c
+
+1995-12-17 22:22 millert
+
+ * configure.in: moved the "echo"
+
+1995-12-17 22:09 millert
+
+ * CHANGES, BUGS, INSTALL, Makefile.in, OPTIONS, README, check.c,
+ compat.h, config.h.in, configure.in, find_path.c, getspwuid.c,
+ getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h,
+ ins_goons.h, insults.h, interfaces.c, logging.c, options.h,
+ parse.c, parse.lex, parse.yacc, pathnames.h.in, putenv.c,
+ strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
+ tgetpass.c, utime.c, version.h, visudo.c: ++version
+
+1995-12-17 22:04 millert
+
+ * testsudoers.c: added group support
+
+1995-12-17 22:00 millert
+
+ * sample.sudoers: added group entry
+
+1995-12-17 21:59 millert
+
+ * sudoers.man: documented group support
+
+1995-12-17 21:50 millert
+
+ * parse.c, parse.lex, visudo.c, parse.yacc: added group support
+
+1995-12-15 17:45 millert
+
+ * check.c: tkfile was too short and overflowed the kerberos realm
+
+1995-12-11 17:09 millert
+
+ * sudo.c: now copy command args directly from Argv
+
+1995-12-11 15:55 millert
+
+ * sudo.c: replaced code to copy cmnd_args so that is does not use
+ realloc since most realloc()'s really stink
+
+1995-12-08 14:11 millert
+
+ * configure.in: syslog() fixed in hpux 10.01
+
+1995-12-06 17:45 millert
+
+ * configure.in: AC_CHECK_LIB() now sets SUDO_LIBS (and VISUDO_LIBS
+ if appropriate)
+
+1995-12-06 17:30 millert
+
+ * configure.in: better error if cannot find skey incs or libs
+
+1995-12-06 17:26 millert
+
+ * aclocal.m4: now use a temp file for determining max len of uid_t
+ in string form. the old hacky way broke on netbsd
+
+1995-12-05 19:02 millert
+
+ * sudo.c: added set of parens and a space
+
+1995-12-05 18:58 millert
+
+ * dce_pwent.c: fixes from Jeff Earickson <jaearick@colby.edu> ,
+
+1995-12-05 18:58 millert
+
+ * check.c: modified a comment
+
+1995-12-05 18:57 millert
+
+ * Makefile.in: fixed up testsudoers target
+
+1995-12-05 18:56 millert
+
+ * configure.in: DCE changes from Jeff Earickson
+ <jaearick@colby.edu> LIBS -> SUDO_LIBS and VISUDO_LIBS LDFLAGS ->
+ SUDO_FDFLAGS and VISUDO_LDFLAGS
+
+1995-12-05 18:17 millert
+
+ * Makefile.in: LIBS -> SUDO_LIBS , VISUDO_LIBS LDFLAGS ->
+ SUDO_LDFLAGS, VISUDO_LDFLAGS
+
+1995-11-27 23:32 millert
+
+ * configure.in: fix for C2 on hpux 10 now uses -linet if it exists
+
+1995-11-27 23:17 millert
+
+ * check.c: LONG_SKEY_PROMPT is less of a klusge /
+
+1995-11-27 23:17 millert
+
+ * configure.in: fixed typos w/ dce stuff
+
+1995-11-27 23:14 millert
+
+ * Makefile.in: added dce_pwent.c
+
+1995-11-26 13:48 millert
+
+ * INSTALL: amended section on combining authentication mechanisms
+
+1995-11-26 13:48 millert
+
+ * PORTING: minor updates for 1.3.6
+
+1995-11-26 13:47 millert
+
+ * TROUBLESHOOTING: added 2 more entries
+
+1995-11-26 13:39 millert
+
+ * BUGS: updated for 1.3.6
+
+1995-11-26 13:39 millert
+
+ * README: overhauled
+
+1995-11-25 21:23 millert
+
+ * INSTALL: rewrote for sudo 1.3.6
+
+1995-11-25 21:23 millert
+
+ * TROUBLESHOOTING: added 3 entries
+
+1995-11-25 13:53 millert
+
+ * find_path.c, getspwuid.c, sudo.c: added explict casts for strdup
+ since many includes don't prototype it. gag me.
+
+1995-11-25 13:23 millert
+
+ * sudo.h: removed prototype for sudo_getpwuid() since convex C
+ compiler choked on it.
+
+1995-11-25 13:23 millert
+
+ * sudo.c: added prototype for sudo_getpwuid()
+
+1995-11-25 13:23 millert
+
+ * lsearch.c: now compiles on strict ANSI compilers
+
+1995-11-24 23:56 millert
+
+ * check.c: added LONG_SKEY_PROMPT support
+
+1995-11-24 23:55 millert
+
+ * Makefile.in: added extra $'s for make to eat up, yum.
+
+1995-11-24 23:38 millert
+
+ * OPTIONS, options.h: added LONG_SKEY_PROMPT
+
+1995-11-24 18:48 millert
+
+ * check.c: s/key support now works with normal s/key as well as
+ logdaemon
+
+1995-11-24 18:46 millert
+
+ * options.h, OPTIONS: added SKEY_ONLY
+
+1995-11-24 18:46 millert
+
+ * compat.h: set _PASSWD_LEN to 256 for any of KERB4, DCE, SKEY
+
+1995-11-24 00:42 millert
+
+ * INSTALL: added DCE note added more AIX notes
+
+1995-11-24 00:39 millert
+
+ * sudo.c: now include pthread.h for DCE support
+
+1995-11-23 22:22 millert
+
+ * check.c: dce_pwent() is ok after all .,
+
+1995-11-23 22:21 millert
+
+ * logging.c: now uses SYSLOG() macro that equates to either
+ syslog() or syslog_wrapper
+
+1995-11-23 21:44 millert
+
+ * dce_pwent.c: minor formatting changes. renamed check() to
+ somthing less generic
+
+1995-11-23 21:27 millert
+
+ * check.c, logging.c, parse.yacc, sudo.c, sudo.h, testsudoers.c,
+ visudo.c: now uses user_pw_ent and simple macros to get at the
+ contents
+
+1995-11-22 20:35 millert
+
+ * check.c: simpler dec unix C2 support
+
+1995-11-22 20:35 millert
+
+ * getspwuid.c: now sets crypt_type for DEC unix C2
+
+1995-11-21 18:00 millert
+
+ * configure.in: added csops paths for skey
+
+1995-11-21 16:27 millert
+
+ * getspwuid.c: now includes string.h for strdup() prototype
+
+1995-11-21 01:47 millert
+
+ * getspwuid.c: fixed a few typos
+
+1995-11-20 22:59 millert
+
+ * check.c: now includes skey.h
+
+1995-11-20 22:10 millert
+
+ * getspwuid.c: fixed up comments
+
+1995-11-20 22:04 millert
+
+ * check.c: moved a lot of the shadow passwd crap to sudo_getpwuid()
+
+1995-11-20 22:01 millert
+
+ * sudo.c: now uses sudo_pw_ent
+
+1995-11-20 21:50 millert
+
+ * testsudoers.c: now uses sudo_pw_ent
+
+1995-11-20 21:40 millert
+
+ * visudo.c: now sets sudo_pw_ent
+
+1995-11-20 21:28 millert
+
+ * getspwuid.c: Initial revision
+
+1995-11-20 21:28 millert
+
+ * tgetpass.c: moved dce stuff into compat.h
+
+1995-11-20 21:27 millert
+
+ * sudo.h, logging.c: now uses sudo_pw_ent
+
+1995-11-20 21:27 millert
+
+ * Makefile.in: added sudo_getpwuid.c
+
+1995-11-20 21:25 millert
+
+ * compat.h: added dce support
+
+1995-11-20 21:13 millert
+
+ * parse.yacc: now uses sudo_pw_ent
+
+1995-11-20 14:40 millert
+
+ * check.c: fixed exempt_group stuff for OS's that don't put base
+ gid in group vector
+
+1995-11-20 01:39 millert
+
+ * check.c: S/Key support now works with sunos4 shadow passwords
+
+1995-11-19 22:31 millert
+
+ * Makefile.in: fixed clean rule
+
+1995-11-19 22:31 millert
+
+ * config.h.in, configure.in: added DCE support
+
+1995-11-19 22:30 millert
+
+ * tgetpass.c: DCE & KERB support
+
+1995-11-19 22:30 millert
+
+ * check.c: first stab at dce support
+
+1995-11-19 22:24 millert
+
+ * dce_pwent.c: now smells like sudo
+
+1995-11-19 22:11 millert
+
+ * dce_pwent.c: Initial revision
+
+1995-11-19 21:36 millert
+
+ * check.c: skey'd sudo now works w/ normal password as well
+
+1995-11-19 18:37 millert
+
+ * Makefile.in, OPTIONS, check.c, compat.h, config.h.in,
+ find_path.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
+ ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c,
+ options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in,
+ putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
+ tgetpass.c, utime.c, version.h, visudo.c: updated version number
+
+1995-11-19 18:32 millert
+
+ * README: updated to reflect version change
+
+1995-11-19 18:27 millert
+
+ * configure.in: --with options now line up ++version
+
+1995-11-19 18:26 millert
+
+ * sudo.h: removed unecesary S/Key stuff
+
+1995-11-19 18:25 millert
+
+ * configure.in: fixed S/Key support
+
+1995-11-19 18:24 millert
+
+ * Makefile.in: -I stuff now goes in CPPFLAGS
+
+1995-11-19 18:23 millert
+
+ * check.c: fixed SKey support
+
+1995-11-19 15:23 millert
+
+ * README: updated version
+
+1995-11-19 13:59 millert
+
+ * OPTIONS: fixed description of EXEMPTGROUP
+
+1995-11-19 10:47 millert
+
+ * sudo.c: more people use _RLD_ than just alphas...
+
+1995-11-18 21:35 millert
+
+ * Makefile.in: replaced $man_prefix with $mandir
+
+1995-11-18 21:30 millert
+
+ * configure.in: fixed a typo
+
+1995-11-18 21:28 millert
+
+ * Makefile.in: now use more GNU'ish dir names
+
+1995-11-18 21:27 millert
+
+ * configure.in: now set *dir correctly (can override from command
+ line)
+
+1995-11-18 19:17 millert
+
+ * sudo.c: now deal with situations where we getwd() fails
+
+1995-11-17 00:37 millert
+
+ * Makefile.in: added etc_dir, bin_dir, sbin_dir
+
+1995-11-17 00:37 millert
+
+ * configure.in: added sbin_dir
+
+1995-11-16 21:28 millert
+
+ * Makefile.in: now ship a flex-generated lex.yy.c
+
+1995-11-16 21:09 millert
+
+ * Makefile.in: now sets _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP,
+ SUDOERS_OWNER
+
+1995-11-16 21:06 millert
+
+ * pathnames.h.in: _PATH_SUDO_SUDOERS & _PATH_SUDO_STMP are now
+ overridden via Makefile
+
+1995-11-16 21:05 millert
+
+ * options.h: no more error for redefining SUDOERS_OWNER
+
+1995-11-16 21:05 millert
+
+ * OPTIONS: expanded SUDOERS_OWNER section
+
+1995-11-16 03:05 millert
+
+ * visudo.c: now warn if chown(2) failed
+
+1995-11-16 02:55 millert
+
+ * logging.c: better default warning for NO_SUDOERS_FILE
+
+1995-11-16 02:54 millert
+
+ * sudo.c: added missing set_perms() no more cryptic message if the
+ sudoers file is zero length, now just give a parse error
+
+1995-11-16 02:42 millert
+
+ * logging.c: better diagnostics if NO_SUDOERS_FILE
+
+1995-11-16 02:41 millert
+
+ * sudo.c: check_sudoers() now catches sudoers files that are not
+ readable (but are stat'able).
+
+1995-11-13 01:12 millert
+
+ * configure.in: now add -D__STDC__ for convex cc (not gcc)
+
+1995-11-13 00:52 millert
+
+ * configure.in: MAN_PREFIX -> man_prefix now sets prefix and
+ exec_prefix
+
+1995-11-13 00:52 millert
+
+ * Makefile.in: now uses exec_prefix & prefix from configure
+
+1995-11-13 00:16 millert
+
+ * find_path.c, getwd.c, goodpath.c, interfaces.c, logging.c,
+ parse.c, parse.lex, parse.yacc, sudo.c, sudo.h, sudo_setenv.c,
+ tgetpass.c, utime.c, visudo.c: options.h is now <> instead of ""
+ so shadow build trees can have a custom copy of options.h
+
+1995-11-13 00:15 millert
+
+ * check.c: user_is_exempt() is no longer a hack, it now uses
+ getgrnam()
+
+1995-11-12 23:56 millert
+
+ * options.h: EXEMPTGROUP is now "sudo"
+
+1995-11-12 22:25 millert
+
+ * configure.in: MAN_POSTINSTALL now contains a leading space
+
+1995-11-12 22:25 millert
+
+ * Makefile.in: removed leading tab if @MAN_POSTINSTALL@ not defined
+ now removes testsudoers in clean:
+
+1995-11-12 22:24 millert
+
+ * tgetpass.c: includes pwd.h to get _PASSWD_LEN definition
+
+1995-10-30 15:51 millert
+
+ * sudo.c: unset the KRB_CONF envariable if using kerberos so we
+ don't get spoofed into using a bogus server
+
+1995-09-29 17:50 millert
+
+ * parse.yacc: now explicately initialize match[] tp be FALSE
+
+1995-09-23 16:48 millert
+
+ * sudo.c: removed unused variable now passes -Wall
+
+1995-09-23 16:48 millert
+
+ * parse.yacc: yyerror and dumpaliases are now void's now passes
+ -Wall
+
+1995-09-23 16:48 millert
+
+ * parse.lex: added prototype for yyerror
+
+1995-09-23 16:47 millert
+
+ * interfaces.c: rmeoved unused cruft now passes -Wall
+
+1995-09-23 16:47 millert
+
+ * check.c, logging.c, parse.c: now passes -Wall
+
+1995-09-23 16:46 millert
+
+ * Makefile.in: fixed headers that moved to emul dir
+
+1995-09-23 12:05 millert
+
+ * logging.c: fixed deref of nil pointer if no args
+
+1995-09-15 19:18 millert
+
+ * OPTIONS: added a caveat to FQDN section
+
+1995-09-13 19:48 millert
+
+ * Makefile.in: more $srcdir support for install targets
+
+1995-09-13 17:17 millert
+
+ * find_path.c, interfaces.c, parse.c, parse.lex, parse.yacc,
+ putenv.c, strdup.c, sudo.c, sudo_setenv.c, testsudoers.c,
+ visudo.c: don't include malloc.h if we include stdlib.h
+
+1995-09-12 21:44 millert
+
+ * parse.yacc: local search.h now lives in emul
+
+1995-09-12 21:41 millert
+
+ * lsearch.c: local search.h now lives in emul
+
+1995-09-12 21:41 millert
+
+ * check.c, utime.c: local utime.h now lives in emul dir
+
+1995-09-12 21:38 millert
+
+ * Makefile.in: added support for building in other than the
+ sourcedir
+
+1995-09-10 14:01 millert
+
+ * OPTIONS: annotated CSOPS_INSULTS option
+
+1995-09-10 13:56 millert
+
+ * TROUBLESHOOTING: updated shadow passwords blurb
+
+1995-09-09 21:00 millert
+
+ * sudo.c: if SHELL_IF_NO_ARGS is set, "sudo -- foo" now runs a
+ shell and passes along foo as the arguments
+
+1995-09-09 18:52 millert
+
+ * parse.lex: collapsed pathname and dir sections into one -- its
+ now less expensive
+
+1995-09-09 18:34 millert
+
+ * parse.lex: fixed spacing quoting [,:\\=] now works correctly
+ append() and fill() now take args to make the above work
+
+1995-09-08 20:51 millert
+
+ * sudo.c: fixed a typo that caused commands with no tty on fd 0 but
+ a tty on fd 1 to erroneously have "none" as their tty
+
+1995-09-04 15:35 millert
+
+ * check.c: timestampfile is now a global static removed decl of
+ timestampfile in remove_timestamp since we can just use the
+ global one
+
+1995-09-04 15:28 millert
+
+ * check.c: created touch() to update timestamps added
+ USE_TTY_TICKETS support (bit of a kludge)
+
+1995-09-04 15:28 millert
+
+ * compat.h: added _S_IFDIR and S_ISDIR
+
+1995-09-04 15:22 millert
+
+ * OPTIONS, options.h: added USE_TTY_TICKETS
+
+1995-09-04 00:38 millert
+
+ * parse.yacc: removed const from casts for lsearch() & lfind() to
+ placate irix 4.x C compiler
+
+1995-09-03 14:12 millert
+
+ * sudo.c: now only strip '/dev/' off of a tty if it starts with
+ '/dev/'
+
+1995-09-03 14:12 millert
+
+ * pathnames.h.in: added _PATH_DEV
+
+1995-09-03 14:11 millert
+
+ * configure.in: AC_HAVE_HEADERS -> AC_CHECK_HEADERS now check for
+ tcgetattr only if have termios.h
+
+1995-09-03 14:09 millert
+
+ * tgetpass.c: fixed incorrect #ifdef termio uses "unsigned short"
+ not int for c_?flag
+
+1995-09-03 13:19 millert
+
+ * parse.lex, parse.yacc: fixed a spelling error
+
+1995-09-03 13:17 millert
+
+ * Makefile.in: fixed typo
+
+1995-09-02 12:55 millert
+
+ * Makefile.in: fixed a comment
+
+1995-09-02 12:54 millert
+
+ * parse.yacc: added dotcat() to cat 2 strings w/ a dot effeciently
+ now that we dynamically allocate strings they need to be free()'d
+
+1995-09-02 12:46 millert
+
+ * parse.lex: dynamically allocates space for strings
+
+1995-09-02 12:34 millert
+
+ * sudo.h: no more MAXCOMMANDLENGTH
+
+1995-09-01 22:25 millert
+
+ * sudo.h: added decl of tty
+
+1995-09-01 22:25 millert
+
+ * logging.c, sudo.c: moved tty stuff into sudo.c
+
+1995-09-01 14:18 millert
+
+ * parse.c: fixed a logic bug. Was denying a command if user gave
+ command line args but there were none in the sudoers file which
+ is wrong.
+
+1995-09-01 01:18 millert
+
+ * sudo.h: MAXCOMMMANDLEN dropped down to 1K
+
+1995-09-01 01:13 millert
+
+ * parse.lex: return foo; -> return(foo);
+
+1995-09-01 01:03 millert
+
+ * parse.yacc: fixed netgr_matches() prototype
+
+1995-09-01 01:02 millert
+
+ * parse.lex: added support for escaping "termination" characters
+
+1995-09-01 00:55 millert
+
+ * parse.c: buf is now of size MAXPATHLEN+1 since it never holds
+ command args
+
+1995-09-01 00:50 millert
+
+ * sudo.c: fixed comments
+
+1995-09-01 00:49 millert
+
+ * goodpath.c: fixed negation problem (doh!)
+
+1995-09-01 00:25 millert
+
+ * parse.yacc: fixed 2nd parameter to lfind()
+
+1995-09-01 00:24 millert
+
+ * parse.lex: now do bounds checking in fill() and append()
+
+1995-09-01 00:23 millert
+
+ * sudo.c: include netdb.h as we should added a missing void cast
+ added SHELL_IF_NO_ARGS support now use realloc() properly. would
+ fail if realloc actually moved the string instead of shrinking it
+
+1995-09-01 00:17 millert
+
+ * sample.sudoers: updated with examples of new features
+
+1995-09-01 00:05 millert
+
+ * goodpath.c: now set errno to EACCES if not a regular file or not
+ executable
+
+1995-09-01 00:04 millert
+
+ * find_path.c: if given a fully-qualified or relative path we now
+ check it with sudo_goodpath() and error out with the appropriate
+ error message if the file does not exist or is not executable
+
+1995-09-01 00:03 millert
+
+ * lsearch.c, emul/search.h: now use correct args for lfind
+
+1995-09-01 00:03 millert
+
+ * logging.c: added a comment
+
+1995-08-31 23:52 millert
+
+ * insults.h: added in CSOps insults
+
+1995-08-31 23:51 millert
+
+ * ins_csops.h: Initial revision
+
+1995-08-31 23:35 millert
+
+ * tgetpass.c: added RCS id
+
+1995-08-31 22:56 millert
+
+ * sudo.h: increased MAXCOMMANDLENGTH to 8k HAVE_GETCWD ->
+ HAVE_GETWD
+
+1995-08-31 22:55 millert
+
+ * OPTIONS: added CLASSIC_INSULTS, CSOPS_INSULTS, SHELL_IF_NO_ARGS
+
+1995-08-31 22:54 millert
+
+ * sudo.c: fixed -k load_interfaces() now gets called if FQDN is set
+ -p now works with -s
+
+1995-08-31 22:54 millert
+
+ * parse.c: don't try to stat() "pseudo commands" like "validate"
+
+1995-08-31 22:53 millert
+
+ * options.h: added CLASSIC_INSULTS added CSOPS_INSULTS added
+ SHELL_IF_NO_ARGS
+
+1995-08-31 22:53 millert
+
+ * configure.in: added SecurID support added other insults to
+ --with-csops
+
+1995-08-31 22:52 millert
+
+ * config.h.in: added HAVE_SECURID
+
+1995-08-31 22:52 millert
+
+ * Makefile.in: added clobber target added ins_csops.h now gets
+ CFLAGS from configure
+
+1995-08-31 22:46 millert
+
+ * aclocal.m4: relaxed SUDO_FULL_VOID
+
+1995-08-31 22:44 millert
+
+ * visudo.c: function comment blocks are now in same style as rest
+ of code
+
+1995-08-31 22:44 millert
+
+ * testsudoers.c: added support for command line args in
+ /etc/sudoers
+
+1995-08-31 22:43 millert
+
+ * sudoers.man: updated to have command args in the sudoers file
+
+1995-08-31 22:42 millert
+
+ * sudo.man: added -s and -- flags added SHELL to ENVIRONMENT
+ VARIABLES section
+
+1995-08-19 19:32 millert
+
+ * parse.yacc: PATH renamed to COMMAND
+
+1995-08-19 19:31 millert
+
+ * parse.lex: it is now a parse error for directories to have args
+ attached to them
+
+1995-08-19 19:30 millert
+
+ * logging.c: now say command args if telling user to buzz off
+
+1995-08-19 19:30 millert
+
+ * sudo.c: -s no longer indicates end of args sped up loading on
+ cmnd_args in load_cmnd()
+
+1995-08-19 19:29 millert
+
+ * parse.c: removed an unreachable statement
+
+1995-08-19 17:53 millert
+
+ * parse.lex: made more efficient by pulling out the terminators
+ when in GOTCMND state and making them their own rule
+
+1995-08-14 00:07 millert
+
+ * sudo.h: removed MAXLOGLEN since it is no longer used
+
+1995-08-14 00:07 millert
+
+ * parse.lex: now allows command args
+
+1995-08-14 00:06 millert
+
+ * parse.c: now groks command arguments
+
+1995-08-13 23:39 millert
+
+ * logging.c: now sets tty correctly when piped input
+
+1995-08-13 23:35 millert
+
+ * sudo.c: fixed loading of cmnd_args (was including command name
+ too)
+
+1995-08-13 23:34 millert
+
+ * logging.c: fixed a core dump due to incorrect if construct
+
+1995-08-13 00:33 millert
+
+ * configure.in: only add -lsun is irix < 5 don't look for -lnsl or
+ -lsocket if irix
+
+1995-08-13 00:33 millert
+
+ * aclocal.m4: fixed check for ISC
+
+1995-08-13 00:32 millert
+
+ * sudo.c: now sets cmnd_args used by log_error() and that will be
+ used by the parse to check against command args
+
+1995-08-13 00:32 millert
+
+ * sudo.h: added cmnd_args
+
+1995-08-13 00:31 millert
+
+ * logging.c: now dynamically allocate logline since we can guess at
+ its size
+
+1995-08-05 13:52 millert
+
+ * logging.c: cleaned up a bunch of unnecesary #ifdef's eliminated a
+ buffer remove "register" since the compiler knows more than I do
+ now do a "basename" of the tty
+
+1995-07-31 18:20 millert
+
+ * configure.in: ++version
+
+1995-07-30 22:37 millert
+
+ * sudo.h: added shell extern changed MODE_* to be bit masks to
+ allow for several options together
+
+1995-07-30 22:36 millert
+
+ * sudo.c: added -s (shell) option made MODE_* masks so we can do
+ bitwise & and | to see if multiple flags are set.
+
+1995-07-30 22:01 millert
+
+ * check.c: added securid support
+
+1995-07-30 14:38 millert
+
+ * logging.c: removed a bunch of unnecesary strncpy()'s and replaced
+ with strcat()
+
+1995-07-29 17:17 millert
+
+ * Makefile.in, version.h: ++version
+
+1995-07-27 06:52 millert
+
+ * parse.yacc: fixed free() of an uninitialized pointer (yuck)
+
+1995-07-26 22:00 millert
+
+ * testsudoers.c: added netgr_matches
+
+1995-07-26 21:29 millert
+
+ * parse.c: cleaned up netgr_matches
+
+1995-07-26 00:26 millert
+
+ * RUNSON: updated for 1.3.4
+
+1995-07-24 21:51 millert
+
+ * Makefile.in: now installs sudoers.man -- really should clean this
+ up though.
+
+1995-07-24 21:18 millert
+
+ * Makefile.in: added sudoers.cat and sudoers.man
+
+1995-07-24 21:15 millert
+
+ * sudo.man: pulled out stuff on the sudoers file format into a
+ separate man page
+
+1995-07-24 21:14 millert
+
+ * sudoers.man: Initial revision
+
+1995-07-24 21:04 millert
+
+ * HISTORY: fixed up my email address
+
+1995-07-24 20:03 millert
+
+ * configure.in: added checks for innetgr and getdomainname
+
+1995-07-24 20:02 millert
+
+ * visudo.c: added dummy netgr_matches function
+
+1995-07-24 20:01 millert
+
+ * parse.c: added netgr_matches
+
+1995-07-24 20:01 millert
+
+ * parse.lex, parse.yacc: added NETGROUP support
+
+1995-07-24 20:01 millert
+
+ * config.h.in: added HAVE_INNETGR & HAVE_GETDOMAINNAME
+
+1995-07-24 18:07 millert
+
+ * sudo.c: rewrote clean_env() that has rm_env() builtin
+
+1995-07-23 19:58 millert
+
+ * check.c: now cast uid to long in sprintf
+
+1995-07-23 19:58 millert
+
+ * OPTIONS: added _INSULTS suffix to HAL & GOONS end
+
+1995-07-23 19:57 millert
+
+ * options.h: added _INSULTS suffix to HAL & GOONS
+
+1995-07-23 19:35 millert
+
+ * ins_2001.h, ins_classic.h, ins_goons.h, insults.h: converted to
+ new scheme of insult "unions" end
+
+1995-07-23 17:48 millert
+
+ * sudo.c: now uses MAX_UID_T_LEN
+
+1995-07-23 17:48 millert
+
+ * configure.in: added SUDO_UID_T_LEN !l
+
+1995-07-23 17:48 millert
+
+ * config.h.in: added MAX_UID_T_LEN
+
+1995-07-23 17:47 millert
+
+ * check.c: now use MAX_UID_T_LEN
+
+1995-07-23 17:47 millert
+
+ * aclocal.m4: added check for max len of uid_t fixed sco vs. isc
+ check
+
+1995-07-19 19:05 millert
+
+ * configure.in: corrected version
+
+1995-07-19 17:29 millert
+
+ * configure.in: added sco support
+
+1995-07-19 17:29 millert
+
+ * aclocal.m4: hack to check for sco
+
+1995-07-18 21:27 millert
+
+ * interfaces.c: removed #include <net/route.h> since it was hosing
+ some OS's
+
+1995-07-18 13:35 millert
+
+ * find_path.c: fixed prreadlink() prototype
+
+1995-07-17 23:54 millert
+
+ * check.c: added parens in #if's
+
+1995-07-17 23:53 millert
+
+ * configure.in: added SPW_ prefix
+
+1995-07-17 23:20 millert
+
+ * sudo.h: moved SPW_* to config.h.in
+
+1995-07-17 23:19 millert
+
+ * sudo.c: added a set of parens
+
+1995-07-17 23:19 millert
+
+ * config.h.in: added SPW_*
+
+1995-07-17 22:50 millert
+
+ * sudo.h: added SPW_* reordered error codes
+
+1995-07-17 22:49 millert
+
+ * check.c: moved SPW_* to sudo.h
+
+1995-07-17 14:29 millert
+
+ * logging.c: GLOBAL_NO_AUTH_ENT -> GLOBAL_NO_SPW_ENT
+
+1995-07-17 14:29 millert
+
+ * configure.in: AUTH -> SECUREWARE
+
+1995-07-17 14:29 millert
+
+ * check.c, sudo.c: SPW_AUTH -> SPW_SECUREWARE
+
+1995-07-17 00:22 millert
+
+ * check.c: now uses SHADOW_TYPE to make shadow pw support more
+ readable and modular. It's a start...
+
+1995-07-17 00:21 millert
+
+ * configure.in: added autodetection of shadow passwords
+
+1995-07-17 00:20 millert
+
+ * sudo.c: now uses SHADOW_TYPE define
+
+1995-07-17 00:19 millert
+
+ * config.h.in: added SHADOW_TYPE which replaces SUNOS4 & __svr4__
+ defines
+
+1995-07-17 00:19 millert
+
+ * aclocal.m4: added SUDO_CHECK_SHADOW
+
+1995-07-12 17:09 millert
+
+ * configure.in: define SVR4 for ISC define BROKEN_SYSLOG for hpux
+ took out test for memmove() since we dno longer use it...
+
+1995-07-12 17:08 millert
+
+ * CHANGES: updated
+
+1995-07-12 17:05 millert
+
+ * logging.c: added BROKEN_SYSLOG support
+
+1995-07-12 17:05 millert
+
+ * config.h.in: added BROKEN_SYSLOG
+
+1995-07-12 17:04 millert
+
+ * check.c: now only bitch it timestamp > time_now + 2 * timeout to
+ allow for a machine udpating its time from a server
+
+1995-07-12 17:04 millert
+
+ * sudo.man: added 2 security notes updated Nieusma's email addr
+
+1995-07-12 14:18 millert
+
+ * lsearch.c: changed a memmove() to memcpy() since we don't have to
+ worry about overlapping segments.
+
+1995-07-11 15:41 millert
+
+ * interfaces.c: cleanup up the loop when interfaces are groped in
+ so that it is readable
+
+1995-07-11 14:52 millert
+
+ * Makefile.in, version.h: ++version
+
+1995-07-09 18:17 millert
+
+ * CHANGES: annotated 124-126
+
+1995-07-07 16:06 millert
+
+ * check.c: fixed permissions check on /tmp/.odus
+
+1995-07-06 19:35 millert
+
+ * check.c: fixed some comments
+
+1995-07-06 14:49 millert
+
+ * check.c: now checks owner & mode of timedir also checks for bogus
+ dates on timestamp file
+
+1995-07-06 14:49 millert
+
+ * OPTIONS: updated TIMEOUT info
+
+1995-07-06 14:48 millert
+
+ * logging.c, sudo.h: added BAD_STAMPDIR and BAD_STAMPFILE
+
+1995-07-06 14:47 millert
+
+ * compat.h: added definition of S_IRWXU
+
+1995-07-06 14:47 millert
+
+ * CHANGES: updated
+
+1995-07-03 14:16 millert
+
+ * interfaces.c: added #ifdef to make it compile on strange arches
+
+1995-07-02 18:13 millert
+
+ * aclocal.m4: fixed check for fulkl void impl.
+
+1995-07-02 09:56 millert
+
+ * check.c: added mssing "static"
+
+1995-07-01 20:41 millert
+
+ * insults.h: replaced #elif with #else #if constructs for ancient C
+ compilers
+
+1995-07-01 20:18 millert
+
+ * INSTALL: updated irix c2 & kerb5 info
+
+1995-07-01 20:15 millert
+
+ * configure.in: added shadow pw support for irix
+
+1995-07-01 16:07 millert
+
+ * CHANGES: last changes for sudo 1.3.3
+
+1995-07-01 16:07 millert
+
+ * TODO, BUGS: updated
+
+1995-07-01 16:04 millert
+
+ * configure.in: now calls SUDO_SOCK_SA_LEN
+
+1995-07-01 16:04 millert
+
+ * config.h.in: added HAVE_SA_LEN
+
+1995-07-01 16:04 millert
+
+ * aclocal.m4: added SUDO_SOCK_SA_LEN
+
+1995-07-01 15:49 millert
+
+ * interfaces.c: now works with ip implementations that use sa_len
+ in sockaddr
+
+1995-07-01 14:26 millert
+
+ * INSTALL: added note about buggy AIX compiler
+
+1995-07-01 14:24 millert
+
+ * interfaces.c: now include sys/time.h for AIX
+
+1995-06-27 22:35 millert
+
+ * Makefile.in: getcwd -> getwd
+
+1995-06-27 21:28 millert
+
+ * interfaces.c: now works for ISC and others. yay.
+
+1995-06-26 14:24 millert
+
+ * Makefile.in, version.h: version++
+
+1995-06-22 20:26 millert
+
+ * aclocal.m4: fixed test for full void impl
+
+1995-06-22 20:25 millert
+
+ * sudo.c: now check to see that st_dev is non-zero before assuming
+ that we are being spoofed
+
+1995-06-20 16:56 millert
+
+ * aclocal.m4, configure.in: SUDO_FUNC_UTIME_NULL ->
+ AC_FUNC_UTIME_NULL
+
+1995-06-19 16:32 millert
+
+ * aclocal.m4: fixed include file order for SUDO_FUNC_UTIME_POSIX
+
+1995-06-19 16:10 millert
+
+ * logging.c: added cast for ttyname()
+
+1995-06-19 15:23 millert
+
+ * configure.in: fixed typo
+
+1995-06-19 15:19 millert
+
+ * check.c: now deal correctly with all known variation of utime()
+ -- yippe
+
+1995-06-19 15:19 millert
+
+ * configure.in: added SUDO_FUNC_UTIME_POSIX
+
+1995-06-19 15:19 millert
+
+ * aclocal.m4: added SUDO_FUNC_UTIME_NULL and SUDO_FUNC_UTIME_POSIX
+
+1995-06-19 15:14 millert
+
+ * config.h.in: added HAVE_UTIME_POSIX
+
+1995-06-19 13:38 millert
+
+ * check.c: fixed a typo
+
+1995-06-19 13:29 millert
+
+ * check.c: no longer assume !HAVE_UTIME_NULL means old BSD utime()
+
+1995-06-19 13:20 millert
+
+ * check.c: fixed fascist C compiler warning
+
+1995-06-18 23:14 millert
+
+ * interfaces.c: now set strioctl.ic_timout in STRSET() now
+ initialize num_interfaces to 0 (just to be anal)
+
+1995-06-18 18:06 millert
+
+ * sudo.h: increaed MAXLOGLEN by MAXPATHLEN to account for ttyname
+
+1995-06-18 18:05 millert
+
+ * logging.c: added tty logging
+
+1995-06-18 16:04 millert
+
+ * interfaces.c: reworked the ISC code
+
+1995-06-18 15:27 millert
+
+ * Makefile.in, version.h: updated version
+
+1995-06-18 15:24 millert
+
+ * check.c: now expect old-style utime(3) if utime() can't take NULL
+ as an arg
+
+1995-06-18 15:08 millert
+
+ * configure.in: added check for utime.h
+
+1995-06-18 15:08 millert
+
+ * config.h.in: added HAVE_UTIME_H
+
+1995-06-18 14:48 millert
+
+ * Makefile.in: added CPPFLAGS STATIC_FLAGS -> LDFLAGS
+
+1995-06-18 13:58 millert
+
+ * configure.in: now search for kerb libs and includes
+
+1995-06-18 13:03 millert
+
+ * check.c: added support for utime(2)'s that can't take a NULL
+ parameter
+
+1995-06-18 13:03 millert
+
+ * utime.c: moved HAVE_UTIME_NULL stuff to update_timestamp() where
+ t belongs
+
+1995-06-17 20:46 millert
+
+ * configure.in: added utime(s) stuff
+
+1995-06-17 20:46 millert
+
+ * check.c: now use utime()
+
+1995-06-17 20:46 millert
+
+ * config.h.in: added HAVE_UTIME and HAVE_UTIME_NULL
+
+1995-06-17 19:12 millert
+
+ * utime.c: now use HAVE_UTIME_NULL
+
+1995-06-17 19:02 millert
+
+ * utime.c, emul/utime.h: Initial revision
+
+1995-06-17 18:24 millert
+
+ * check.c: need to setuid(0) to make kerb4 stuff work.
+
+1995-06-17 18:14 millert
+
+ * tgetpass.c: no more special case for kerberos
+
+1995-06-17 18:13 millert
+
+ * config.h.in: took out setreuid and setresuid stuff added kerb5
+ stuff (use kerb4 emulation)
+
+1995-06-17 18:13 millert
+
+ * compat.h: no longer need setreuid() emulation now set _PASSWD_LEN
+ to 128 if kerberos
+
+1995-06-17 18:12 millert
+
+ * check.c: now use private ticket file for kerberos support to
+ avoid trouncing on system one
+
+1995-06-15 00:48 millert
+
+ * sudo.h: added SPOOF_ATTEMPT & cmnd_st
+
+1995-06-15 00:47 millert
+
+ * sudo.c: added anti-spoofing support
+
+1995-06-15 00:47 millert
+
+ * parse.c: now use global cmnd_st
+
+1995-06-15 00:47 millert
+
+ * logging.c: added SPOOF_ATTEMPT suypport
+
+1995-06-14 23:41 millert
+
+ * testsudoers.c, visudo.c: added void casts where appropriate
+
+1995-06-14 23:40 millert
+
+ * parse.yacc: fixed up spacing and added void casts where
+ appropriate
+
+1995-06-14 23:27 millert
+
+ * sudo.c: fixed problem with "-p prompt" but no args
+
+1995-06-14 04:43 millert
+
+ * sudo.man: added BUGS and annotated -l description
+
+1995-06-14 04:43 millert
+
+ * sudo.h: validate() now takes a flag
+
+1995-06-14 04:43 millert
+
+ * sudo.c: validate() now takes a flag added -l
+
+1995-06-14 04:42 millert
+
+ * parse.yacc: added support for -l
+
+1995-06-14 04:41 millert
+
+ * parse.c: validate() now takes a flag that says whether or not to
+ check the command
+
+1995-06-07 21:36 millert
+
+ * logging.c: now deals with Argv == 1
+
+1995-06-07 21:34 millert
+
+ * sudo.man: added -p option
+
+1995-06-07 21:27 millert
+
+ * sudo.c: added prompt support reworked parse_args()
+
+1995-06-07 20:49 millert
+
+ * sudo.h: added prompt
+
+1995-06-07 20:49 millert
+
+ * options.h: added PASSPROMPT
+
+1995-06-07 20:48 millert
+
+ * check.c: now use BUFSIZ as length of kerb password added kpass so
+ pass is always a char * now use prompt global when asking for a
+ password
+
+1995-06-07 20:47 millert
+
+ * tgetpass.c: now use BUFSIZ as _PASSWD_LEN if using kerberos
+
+1995-06-07 20:43 millert
+
+ * OPTIONS: added PASSPROMPT
+
+1995-06-07 01:44 millert
+
+ * configure.in: only look for -lufc or -lcrypt if crypt() not in
+ libc
+
+1995-06-07 01:43 millert
+
+ * check.c: don't exit on kerb error, just warn if k_errno ==
+ KDC_PR_UNKNOWN (unknown user) silently fail
+
+1995-06-06 22:44 millert
+
+ * INSTALL: added kerb4 note
+
+1995-06-06 22:43 millert
+
+ * tgetpass.c: HAVE_KERBEROS -> HAVE_KERB4
+
+1995-06-06 22:41 millert
+
+ * check.c: removed debugging printf
+
+1995-06-06 22:33 millert
+
+ * configure.in: KERBEROS -> KERB4 added checks for setreuid &
+ setresuid
+
+1995-06-06 22:32 millert
+
+ * config.h.in: HAVE_KERBEROS -> HAVE_KERB4 added HAVE_SETREUID and
+ HAVE_SETRESUID
+
+1995-06-06 22:32 millert
+
+ * compat.h: added deif of UID_NO_CHANGE & GID_NO_CHANGE added
+ setreuid emulation with setresuid if applic
+
+1995-06-06 22:31 millert
+
+ * check.c: HAVE_KERBEROS -> HAVE_KERB4 now only do the stupid
+ chown() hack if no setreuid() or a broken one
+
+1995-06-05 23:44 millert
+
+ * config.h.in: added HAVE_KERBEROS
+
+1995-06-05 23:43 millert
+
+ * tgetpass.c: added KERBEROS support (long passwords)
+
+1995-06-05 23:42 millert
+
+ * check.c, configure.in: added kerberos support
+
+1995-06-03 19:36 millert
+
+ * sudo.h: added MODE_BACKGROUND
+
+1995-06-03 19:36 millert
+
+ * sudo.man: escaped dashes added -b option
+
+1995-06-03 19:34 millert
+
+ * sudo.c: added -b option
+
+1995-06-03 18:52 millert
+
+ * check.c: added crypt() for osf/1 3.x enhanced secuiry
+
+1995-06-03 18:18 millert
+
+ * configure.in: now check for -lcrypt
+
+1995-06-03 18:00 millert
+
+ * interfaces.c: added ENXIO like EADDRNOTAVAIL
+
+1995-05-07 23:14 millert
+
+ * configure.in: now emulate getwd(), not getcwd()
+
+1995-05-07 23:13 millert
+
+ * sudo.c: getcwd() -> getwd()
+
+1995-05-07 23:12 millert
+
+ * getwd.c: getcwd -> getwd
+
+1995-05-02 01:34 millert
+
+ * ins_2001.h, ins_classic.h, ins_goons.h: Initial revision
+
+1995-05-02 01:34 millert
+
+ * insults.h: broke out insults into separate include files
+
+1995-05-02 01:32 millert
+
+ * options.h, OPTIONS: added GOONS
+
+1995-05-02 01:32 millert
+
+ * Makefile.in: added ins_2001.h ins_classic.h ins_goons.h
+
+1995-05-01 23:34 millert
+
+ * Makefile.in, version.h: ++version
+
+1995-05-01 23:34 millert
+
+ * visudo.c: moved signal handler setup to setup_signals()
+
+1995-05-01 23:33 millert
+
+ * sudo.h: added load_interfaces()
+
+1995-05-01 23:33 millert
+
+ * sudo.c: moved load_interfaces to interfaces.c
+
+1995-05-01 23:33 millert
+
+ * parse.yacc: added clearaliases
+
+1995-05-01 23:33 millert
+
+ * OPTIONS, options.h: added FAST_MATCH
+
+1995-05-01 23:32 millert
+
+ * parse.lex: now uses clearaliases variable
+
+1995-05-01 23:31 millert
+
+ * interfaces.c: Initial revision
+
+1995-05-01 23:31 millert
+
+ * Makefile.in: added interfaces.[co]
+
+1995-05-01 23:30 millert
+
+ * testsudoers.c: now uses ip addrs and netmasks via
+ load_interfaces()
+
+1995-05-01 22:47 millert
+
+ * sudo.c: now remove IFS instead of setting to "sane" value
+
+1995-05-01 16:30 millert
+
+ * parse.c: added FAST_MATCH
+
+1995-04-29 20:19 millert
+
+ * Makefile.in: sudo_goodpath.c-> goodpath.c
+
+1995-04-29 20:15 millert
+
+ * sudo.c: added Andy's new ISC changes
+
+1995-04-14 14:06 millert
+
+ * OPTIONS: added a sentence to SECURE_PATH info
+
+1995-04-14 13:57 millert
+
+ * BUGS: added one
+
+1995-04-14 13:54 millert
+
+ * RUNSON, CHANGES: updated
+
+1995-04-13 17:04 millert
+
+ * RUNSON: updated for beta3
+
+1995-04-13 14:32 millert
+
+ * Makefile.in, version.h: ++version
+
+1995-04-13 13:56 millert
+
+ * aclocal.m4: sendmail is now looked for in /usr/ucblib
+
+1995-04-13 13:54 millert
+
+ * sudo.c: fixed indentation
+
+1995-04-13 13:35 millert
+
+ * aclocal.m4: fixed a typo
+
+1995-04-13 13:19 millert
+
+ * sudo.c: updated ISC mods
+
+1995-04-13 13:19 millert
+
+ * configure.in: added unixware case
+
+1995-04-13 13:19 millert
+
+ * check.c: user_is_exempt is no longer hidden
+
+1995-04-13 13:19 millert
+
+ * RUNSON: updated
+
+1995-04-13 13:19 millert
+
+ * aclocal.m4: isc and riscos changes
+
+1995-04-13 13:18 millert
+
+ * OPTIONS: added NOTE about new interaction of EXEMPTGROUP and
+ SECURE_PATH
+
+1995-04-13 13:18 millert
+
+ * Makefile.in: fixed a typo and added testsudoers stuff
+
+1995-04-13 12:34 millert
+
+ * testsudoers.c: Initial revision
+
+1995-04-12 19:31 millert
+
+ * parse.yacc: applied fixed patch from Chris
+
+1995-04-11 14:30 millert
+
+ * Makefile.in: fixed a typo
+
+1995-04-11 14:14 millert
+
+ * parse.yacc: added a set of braces for bison
+
+1995-04-11 14:01 millert
+
+ * parse.yacc: merged in Chris' changes to dekludge the parser.
+
+1995-04-11 00:38 millert
+
+ * logging.c: send_mail() was calling find_path() which is wrong
+ since find_path() stores cmnd in a static var. Anyhow, it
+ doesn't make much sense since MAILER should always be fully
+ qualified
+
+1995-04-10 19:51 millert
+
+ * sample.sudoers: added User_Alias stuff
+
+1995-04-10 19:50 millert
+
+ * aclocal.m4: SUDO_NEXT now looks for
+ /usr/lib/NextStep/software_version
+
+1995-04-10 19:50 millert
+
+ * RUNSON: added DEC UNIX 3.0 w/ gcc
+
+1995-04-10 19:49 millert
+
+ * visudo.c: Exit was being used in places where exit should be used
+
+1995-04-10 19:44 millert
+
+ * sudoers: added "User alias specification"
+
+1995-04-10 18:04 millert
+
+ * parse.yacc: fixed probs caused by making nslots and naliases a
+ size_t
+
+1995-04-10 15:09 millert
+
+ * RUNSON: added KSR, upped rev to 1.3.1b2
+
+1995-04-10 15:07 millert
+
+ * logging.c, parse.yacc: 1024 -> BUFSIZ
+
+1995-04-10 15:05 millert
+
+ * parse.yacc: void * -> VOID * naliases and nslots are now size_t
+ to appease lsearch on 64-bit machines
+
+1995-04-09 19:30 millert
+
+ * TODO: did a bunch of things and added a bunch :-)
+
+1995-04-09 19:30 millert
+
+ * PORTING: updated
+
+1995-04-09 19:24 millert
+
+ * visudo.man: closer to BSD manpage style
+
+1995-04-09 19:15 millert
+
+ * sudo.man: closer to standard BSD man format
+
+1995-04-09 18:58 millert
+
+ * compat.h, config.h.in, insults.h, options.h, pathnames.h.in,
+ sudo.h, version.h, emul/search.h: added RCS id
+
+1995-04-09 17:35 millert
+
+ * sudo.h: removed crufty #defines that are no longer used
+
+1995-04-09 17:13 millert
+
+ * BUGS: fixed a bug
+
+1995-04-09 17:12 millert
+
+ * sudo.man: updated based on sudo changes
+
+1995-04-09 17:11 millert
+
+ * parse.yacc: now allow ALL keyword in User_Aliases now allow ALL
+ keyword as well as a NAME or ALIAS
+
+1995-04-09 17:11 millert
+
+ * CHANGES: updated
+
+1995-04-09 17:04 millert
+
+ * sudo.c: now sets SUDO_COMMAND and SUDO_GID envariables.
+
+1995-04-09 15:24 millert
+
+ * aclocal.m4: fixed bug with full void impl check
+
+1995-04-08 23:11 millert
+
+ * parse.yacc: fixed User_Alias supoprt
+
+1995-04-08 22:27 millert
+
+ * parse.yacc: added stubs for User_Alias support
+
+1995-04-08 22:27 millert
+
+ * sudo.c: now sets removes # bogus interfaces from num_interfaces
+
+1995-04-08 22:26 millert
+
+ * parse.lex: added User_Alias support
+
+1995-04-07 21:10 millert
+
+ * Makefile.in: removed extraneous TODO
+
+1995-04-07 19:48 millert
+
+ * visudo.c: ntwk_matches -> addr_matches
+
+1995-04-07 15:38 millert
+
+ * parse.yacc: ntwk_matches -> addr_matches
+
+1995-04-07 15:37 millert
+
+ * parse.c: ntwk_matches -> addr_matches now use inet_addr() not
+ inet_network() (which expects octet boundaries) fixes for OSF
+ (sizeof(int) != sizeof(long))
+
+1995-04-07 15:08 millert
+
+ * sudo.c: took out debugging info
+
+1995-04-06 23:45 millert
+
+ * aclocal.m4: OS was being set to unknown before non-uname based
+ host checks. This caused no checks to happen since $OS was not
+ zero-length.
+
+1995-04-06 23:30 millert
+
+ * sudo.c: fixed loading of interfaces struct still has debugging
+ info in though
+
+1995-04-06 22:23 millert
+
+ * parse.c: fixed typo
+
+1995-04-06 16:17 millert
+
+ * Makefile.in: ++version
+
+1995-04-06 16:16 millert
+
+ * version.h: ++
+
+1995-04-06 16:16 millert
+
+ * visudo.c: removed extraneous extern decl of "top
+
+1995-04-06 16:14 millert
+
+ * visudo.c: now zeros "top"
+
+1995-04-06 16:13 millert
+
+ * parse.yacc: removed parser_cleanup (no need for it now)
+
+1995-04-06 16:13 millert
+
+ * parse.lex: now calls reset_aliases() directly
+
+1995-04-04 18:21 millert
+
+ * OPTIONS: added a sentence to SECURE_PATH description
+
+1995-04-04 18:17 millert
+
+ * parse.c: fixed my stupid bug where I used NAMLEN on something I
+ wanted to just get the name from. argh.
+
+1995-04-03 16:58 millert
+
+ * lsearch.c: fixed argument order of memmove() that i hosed when
+ converting from bcopy(). arghh.
+
+1995-04-03 15:33 millert
+
+ * Makefile.in: finally fixed DISTFILES line
+
+1995-04-03 15:21 millert
+
+ * Makefile.in: tabs -> spaces
+
+1995-04-03 15:15 millert
+
+ * Makefile.in: added missing files to DISTFILES
+
+1995-04-03 14:50 millert
+
+ * Makefile.in: SUPPORTED -> RUNSON
+
+1995-04-01 03:12 millert
+
+ * TODO: updated
+
+1995-04-01 01:54 millert
+
+ * RUNSON: updated for pl5b1 release
+
+1995-04-01 01:53 millert
+
+ * BUGS, TODO: updated
+
+1995-04-01 01:52 millert
+
+ * check.c: fixed bug where if you hit return at first sudo prompt
+ it would still log as a failure
+
+1995-04-01 01:29 millert
+
+ * CHANGES: updated
+
+1995-04-01 01:25 millert
+
+ * aclocal.m4: better test for bogus void * implementation
+
+1995-03-31 20:33 millert
+
+ * logging.c: added PASSWORDS_NOT_CORRECT
+
+1995-03-31 20:32 millert
+
+ * check.c: added PASSWORDS_NOT_CORRECT stuff]
+
+1995-03-31 20:30 millert
+
+ * sudo.h: added PASSWORDS_NOT_CORRECT
+
+1995-03-31 19:16 millert
+
+ * tgetpass.c: moved pathnames.h
+
+1995-03-31 19:16 millert
+
+ * sudo.c: removed some unused vars and fixed up uid2str
+
+1995-03-31 19:15 millert
+
+ * putenv.c: moved compat.h
+
+1995-03-31 19:14 millert
+
+ * getcwd.c, getwd.c: added pathnames.h
+
+1995-03-31 18:18 millert
+
+ * parse.yacc: fixed a typo I introduced in the last checkin :-(
+
+1995-03-31 18:11 millert
+
+ * parse.lex: can't have #ifdef's where N is defined so just do this
+ the broken way for AIX
+
+1995-03-31 18:08 millert
+
+ * parse.yacc: better hack from Chris (but still a hack)
+
+1995-03-31 18:05 millert
+
+ * parse.lex: stupid hack for broken aix lex
+
+1995-03-31 17:47 millert
+
+ * tgetpass.c: now includes compat.h 
+
+1995-03-31 17:27 millert
+
+ * visudo.c: now includes fcntl.h
+
+1995-03-31 17:27 millert
+
+ * compat.h: added FD_SET and FD_ZERO for 4.2BSD
+
+1995-03-31 16:12 millert
+
+ * parse.yacc: dirty hack to fix parser bug. i don't really like
+ this but it works for now...
+
+1995-03-31 16:12 millert
+
+ * sudo.c: uid2str is now static like the prototype says
+
+1995-03-29 23:48 millert
+
+ * RUNSON: Initial revision
+
+1995-03-29 23:47 millert
+
+ * TODO, CHANGES, SUPPORTED, TROUBLESHOOTING: updated
+
+1995-03-29 23:46 millert
+
+ * sudo.c: check_sudoers now returns an error code and sudo calls
+ inform_user and log_error based on the return value.
+
+1995-03-29 23:45 millert
+
+ * logging.c, sudo.h: added entries for new errors
+
+1995-03-29 23:03 millert
+
+ * parse.c: now set uid to that of SUDOERS_OWNER while parsing
+ sudoers file
+
+1995-03-29 22:52 millert
+
+ * Makefile.in: took out testsudoers 
+
+1995-03-29 22:36 millert
+
+ * sudo.c: now explicately checks that it is setuid root
+
+1995-03-29 22:28 millert
+
+ * sudo.c: If a user has no passwd entry sudo would segv (writing to
+ a garbage pointer). Now allocate space before writing :-)
+
+1995-03-29 22:06 millert
+
+ * configure.in: reordered AC_CHECK_FUNCS
+
+1995-03-29 22:06 millert
+
+ * config.h.in: fixed memset macro
+
+1995-03-29 21:47 millert
+
+ * logging.c: bzero -> memset when a parse error is logged the line
+ number of the error is now logged too
+
+1995-03-29 21:46 millert
+
+ * tgetpass.c, visudo.c: bzero -> memset
+
+1995-03-29 21:46 millert
+
+ * INSTALL: added Sunos to blurb about c2 security
+
+1995-03-29 21:45 millert
+
+ * configure.in: added a SUN4 define for C2 security
+
+1995-03-29 21:44 millert
+
+ * config.h.in: bcopy -> memmove bzero -> memset
+
+1995-03-29 21:43 millert
+
+ * lsearch.c: bcopy -> memmove char * -> VOID *
+
+1995-03-29 21:30 millert
+
+ * check.c: added support for sunos with C2 security
+
+1995-03-29 21:12 millert
+
+ * OPTIONS, options.h: reordered
+
+1995-03-29 21:12 millert
+
+ * pathnames.h.in: _PATH_SUDO_LOGFILE now set based on configure
+
+1995-03-29 21:12 millert
+
+ * configure.in: added SUDO_LOGFILE and SUDO_TYPE_SIZE_T
+
+1995-03-29 21:12 millert
+
+ * config.h.in: added _SUDO_PATH_LOGFILE
+
+1995-03-29 21:11 millert
+
+ * aclocal.m4: added SUDO_LOGFILE to find where to put sudo.log
+ added SUDO_CHECK_TYPE (just AC_CHECK_TYPE but checks unistd.h
+ too) added SUDO_TYPE_SIZE_T (calls SUDO_CHECK_TYPE)
+
+1995-03-29 18:17 millert
+
+ * TROUBLESHOOTING: Initial revision
+
+1995-03-29 17:59 millert
+
+ * sudo.c: now do set_perms(PERM_ROOT) before the getpwuid() in
+ load_global() to work around a problem is trusted hpux shadow
+ passwords. yuck.
+
+1995-03-29 17:41 millert
+
+ * parse.yacc: backed out a change in malloc/realloc
+
+1995-03-29 17:38 millert
+
+ * parse.yacc: now include stdlib.h
+
+1995-03-29 17:22 millert
+
+ * visudo.c: now do an freopen() of the stmp file so that yyin will
+ always point to the same thing. This is important for flex since
+ we are doing a YY_NEWFILE
+
+1995-03-29 17:20 millert
+
+ * parse.yacc: replaced yywrap() with parser_cleanup() since
+ yywrap() needs to be in parse.lex to be able to use YY_NEW_FILE.
+ sigh.
+
+1995-03-29 17:18 millert
+
+ * parse.lex: now have a rule that matches anything that doesn't
+ match an explicite rule. well, you know what i mean (. matches
+ anything not yet matched). However, this means that there is
+ input still queued up so we need to do a YY_NEW_FILE; in yywrap.
+ So, yywrap has moved into parse.lex and it calls parser_cleanup()
+ which is most of the old yywrap() sigh.
+
+1995-03-29 17:17 millert
+
+ * SUPPORTED: no longer used
+
+1995-03-29 16:13 millert
+
+ * getcwd.c, getwd.c: moved compat.h to be the last include file
+
+1995-03-29 16:11 millert
+
+ * parse.yacc: fixed type of aliascmp() args
+
+1995-03-29 15:58 millert
+
+ * find_path.c: NULL -> '\0'
+
+1995-03-29 15:42 millert
+
+ * parse.yacc: added casts to lfind and lsearch args for irix
+
+1995-03-29 08:20 millert
+
+ * Makefile.in: bsdinstall -> install-sh
+
+1995-03-29 08:20 millert
+
+ * INSTALL: added info about make realclean
+
+1995-03-29 08:17 millert
+
+ * Makefile.in: updated VERSION added dependencies for visudo.cat
+
+1995-03-29 08:17 millert
+
+ * version.h: -> pl5b1
+
+1995-03-29 08:16 millert
+
+ * sudo.c: took out -l
+
+1995-03-29 00:03 millert
+
+ * Makefile.in: now there is a real visudo.man and visudo.cat
+
+1995-03-28 23:54 millert
+
+ * sudo.man: took out visudo stuff
+
+1995-03-28 23:54 millert
+
+ * visudo.man: Initial revision
+
+1995-03-28 23:12 millert
+
+ * parse.c, parse.lex, parse.yacc: updated copyright
+
+1995-03-28 23:05 millert
+
+ * README: updated for pl5
+
+1995-03-28 20:02 millert
+
+ * sudo.man: updated Nieusma & Hieb email addresses
+
+1995-03-28 19:57 millert
+
+ * INSTALL: updated to include options.h and OPTIONS
+
+1995-03-28 19:35 millert
+
+ * CHANGES, TODO: updated
+
+1995-03-28 19:35 millert
+
+ * BUGS: eliminated bug #1 (yay)
+
+1995-03-28 19:31 millert
+
+ * configure.in: sunos no longer gets linked statically
+
+1995-03-28 18:58 millert
+
+ * parse.lex: prototype now uses __P()
+
+1995-03-28 18:49 millert
+
+ * parse.lex: make fill() non-ansi
+
+1995-03-28 15:26 millert
+
+ * parse.c: made -v (validate) work
+
+1995-03-28 15:26 millert
+
+ * logging.c: now gives host
+
+1995-03-28 10:34 millert
+
+ * find_path.c: don't check for execute/statable if fq or relative
+ path given
+
+1995-03-28 01:07 millert
+
+ * parse.c: added a cast
+
+1995-03-28 00:49 millert
+
+ * visudo.c: now include ctype.h for islower and tolower macros
+
+1995-03-28 00:48 millert
+
+ * goodpath.c: moved _S_IFMT & _S_ISREG to compat.h
+
+1995-03-28 00:48 millert
+
+ * sudo.c: moved a set of parens
+
+1995-03-28 00:48 millert
+
+ * strdup.c: now include compat.h
+
+1995-03-28 00:47 millert
+
+ * parse.yacc: now cast malloc & realloc return vals added search
+ for HAVE_LSEARCH now use strcmp if no strcasecmp available
+
+1995-03-28 00:46 millert
+
+ * lsearch.c, emul/search.h: void * -> VOID *
+
+1995-03-28 00:45 millert
+
+ * config.h.in: removed HAVE_FLEX added VOID added HAVE_DIRENT_H,
+ HAVE_SYS_NDIR_H, HAVE_SYS_DIR_H, HAVE_NDIR_H added HAVE_LSEARCH
+
+1995-03-28 00:44 millert
+
+ * compat.h: added _S_IFMT, _S_IFREG, and S_ISREG
+
+1995-03-28 00:44 millert
+
+ * aclocal.m4: took out SUDO_PROG_INSTALL 1.x to 2.x changes added
+ echo and results to most SUDO_* macros
+
+1995-03-28 00:43 millert
+
+ * Makefile.in: no more -I.
+
+1995-03-28 00:22 millert
+
+ * configure.in: various 1.x ro 2.x autoconf changes now check for
+ strcasecmp now use AC_INSTALL_PROG instead of custom one added
+ check for fully woorking void implementation
+
+1995-03-28 00:02 millert
+
+ * Makefile.in: added lsearch & search.h visudo links into
+ $(LIBOBJS)
+
+1995-03-27 23:43 millert
+
+ * aclocal.m4: partial 1.x to 2.x changes added SUDO_FULL_VOID
+
+1995-03-27 23:40 millert
+
+ * visudo.c: whatnow_help was prototyped to be static be was not
+ declared as such
+
+1995-03-27 21:15 millert
+
+ * configure.in: autoconf 2.x changes took out HAVE_FLEX (no longer
+ used) added check for dirent/dir/ndir.h
+
+1995-03-27 21:09 millert
+
+ * parse.c: now use groovy gnu autoconf macro AC_HEADER_DIRENT
+
+1995-03-27 20:38 millert
+
+ * getcwd.c, getwd.c: MAXPATHLEN -> MAXPATHLEN+1
+
+1995-03-27 20:23 millert
+
+ * emul/search.h, lsearch.c: Initial revision
+
+1995-03-27 18:26 millert
+
+ * parse.yacc: eliminated bison warnings
+
+1995-03-27 17:10 millert
+
+ * parse.lex: added missing case
+
+1995-03-27 17:04 millert
+
+ * visudo.c: now iincludes signal.h
+
+1995-03-27 15:16 millert
+
+ * parse.yacc: only clear data structures on a parse error
+
+1995-03-27 15:01 millert
+
+ * visudo.c: whatnow() now gives help on invalid input
+
+1995-03-27 14:54 millert
+
+ * visudo.c: added a whatnow() function (sort of like mh)
+
+1995-03-27 14:53 millert
+
+ * parse.yacc: kill_aliases -> reset_aliases yywrap() now cleans up
+ by calling reset_aliases() and clearing top took reset stuff out
+ of yyerror() since it doesn't beling there (and doesn't work
+ anyway). errorlineno is now initially set to -1 so we can set it
+ to the first error that occurrs (it was getting set to the last)
+
+1995-03-27 14:53 millert
+
+ * parse.lex: added a void cast
+
+1995-03-27 13:26 millert
+
+ * visudo.c: rewrote from scratch based on 4.3BSD vipw.c
+
+1995-03-26 01:33 millert
+
+ * sudo.c, sudo.h: removed ocmnd
+
+1995-03-26 01:19 millert
+
+ * sudo.h: no more sudo_realpath() and find_path() changed params
+
+1995-03-26 01:19 millert
+
+ * sudo.c: find_path() changed since no more realpath()
+
+1995-03-26 01:18 millert
+
+ * parse.yacc: on error, errorlineno is set to the line where the
+ error occurred added kill_aliases() to free the aliases struct
+ now clean up in yyerror() so we can reparse cleanly
+
+1995-03-26 01:17 millert
+
+ * logging.c: changed to use new find_path()
+
+1995-03-26 01:17 millert
+
+ * options.h, parse.c: no more USE_REALPATH
+
+1995-03-26 01:16 millert
+
+ * find_path.c: removed all the realpath() stuff
+
+1995-03-26 01:16 millert
+
+ * Makefile.in: sudo_realpath.c -> sudo_goodpath.c
+
+1995-03-26 01:12 millert
+
+ * visudo.c: now works correctly with utk parser
+
+1995-03-26 00:04 millert
+
+ * goodpath.c: Initial revision
+
+1995-03-25 23:23 millert
+
+ * sudo_realpath.c: eliminated a compiler warning
+
+1995-03-25 21:56 millert
+
+ * sudo.c: elinated compiler warning
+
+1995-03-25 20:40 millert
+
+ * sudo_realpath.c: added sudo_goodpath()
+
+1995-03-25 20:40 millert
+
+ * sudo.h: added prototype for sudo_goodpath
+
+1995-03-25 20:39 millert
+
+ * parse.c: added support for /sys/dir.h
+
+1995-03-25 20:39 millert
+
+ * options.h: USE_REALPATH turned off
+
+1995-03-25 20:39 millert
+
+ * find_path.c: added calls to sudo_goodpath()
+
+1995-03-25 20:39 millert
+
+ * configure.in: added check for dirent.h
+
+1995-03-25 20:38 millert
+
+ * config.h.in: added HAVE_DIRENT_H
+
+1995-03-25 19:27 millert
+
+ * configure.in: added in linux shadow pass stuff 
+
+1995-03-24 14:43 millert
+
+ * visudo.c: added back host, user, cmnd, parse_error
+
+1995-03-24 14:19 millert
+
+ * visudo.c: added in utk changes plus some minor cosmetic changes
+
+1995-03-24 14:17 millert
+
+ * sudo.c, sudo_realpath.c: added void casts for printf's
+
+1995-03-24 14:17 millert
+
+ * options.h: added a define of USE_REALPATH
+
+1995-03-24 14:17 millert
+
+ * configure.in: there is no more visudoers/Makefile
+
+1995-03-24 14:16 millert
+
+ * Makefile.in: added in utk changes (visudo is now built from the
+ toplevel)
+
+1995-03-24 14:15 millert
+
+ * find_path.c: added (void) casts to printf's
+
+1995-03-23 22:32 millert
+
+ * parse.c, parse.lex, parse.yacc, sudo.h, sudo_realpath.c: merged
+ in utk changes
+
+1995-03-22 23:13 millert
+
+ * find_path.c: now check to see that what we are trying to run is a
+ file (or a link to a file, we do a stat(2) so there is no diff)
+
+1995-03-13 15:56 millert
+
+ * CHANGES: updated
+
+1995-03-13 15:56 millert
+
+ * Makefile.in: aclocal.m4 -> acsite.m4 make realclean updated for
+ new autoconf 
+
+1995-03-13 15:11 millert
+
+ * sudo.man: added myself as maintainer
+
+1995-02-16 23:31 millert
+
+ * sudo.c: changed setegid -> setgid
+
+1995-02-06 17:43 millert
+
+ * configure.in: fixed the test for irix 5.x to skip bad libs
+
+1995-02-06 17:43 millert
+
+ * aclocal.m4: now initialize OS and OSREV
+
+1995-01-26 20:52 millert
+
+ * configure.in: irix5 changes
+
+1995-01-26 20:28 millert
+
+ * configure.in: AC_WITH -> AC_ARG_WITH changes other misc changes
+ for autoconf 2.1 compatibility
+
+1995-01-18 19:49 millert
+
+ * visudo.c: use YY_NEW_FILE, not yyrestart since OSF flex doesn't
+ do the righ thing wrt yyrestart (grrrr)
+
+1995-01-16 18:44 millert
+
+ * Makefile.in: added visudoers/compat.h to DISTFILES
+
+1995-01-16 17:01 millert
+
+ * configure.in: fixed an echo
+
+1995-01-16 16:36 millert
+
+ * sudo.c: added ocmnd declaration adjusted for find_path()'s new
+ parameters
+
+1995-01-16 16:35 millert
+
+ * sudo.h: added ocmnd extern adjusted find_path() prototype
+
+1995-01-16 16:34 millert
+
+ * parse.c: cmndcmp() now takes 3 arguments and checks against the
+ qualified as well as the unqualified pathname. more code that
+ should use cmndcmp() but did not, now does
+
+1995-01-16 16:34 millert
+
+ * options.h: added to a comment
+
+1995-01-16 16:33 millert
+
+ * logging.c: changed to use new find_path() parameter passing
+
+1995-01-16 16:32 millert
+
+ * find_path.c: find_path() now takes 2 copyout parameters (one for
+ the qualified pathname and one for the unqualified pathname).
+ The third parameter may be NULL.
+
+1995-01-16 16:31 millert
+
+ * configure.in: no longer munge pathnames.h
+
+1995-01-16 16:30 millert
+
+ * pathnames.h.in: changed _PATH_* to use _SUDO_PATH_* (which are
+ defined in config.h) as a result, pathnames.h does not need to be
+ run through configure and the user can override the configured
+ values easily.
+
+1995-01-16 16:30 millert
+
+ * config.h.in: added _SUDO_PATH_* entries
+
+1995-01-16 16:30 millert
+
+ * aclocal.m4: _PATH* -> _SUDO_PATH_*
+
+1995-01-16 16:28 millert
+
+ * Makefile.in: updated DISTFILES and HDRS .o's now depend on
+ config.h
+
+1995-01-13 12:52 millert
+
+ * compat.h: removed extraneous #endif
+
+1995-01-13 12:48 millert
+
+ * aclocal.m4: added SUDO_PROG_MV
+
+1995-01-13 12:47 millert
+
+ * configure.in: added SUDO_PROG_MV added riscos and isc os types
+ took out -DSHORT_MESSAGE from --with-csops since it is now the
+ default
+
+1995-01-13 12:46 millert
+
+ * sudo.c: move the include of id.h to compat.h now includes
+ options.h
+
+1995-01-13 12:45 millert
+
+ * sudo.h: moved compatibility #defines to compat.h
+
+1995-01-13 12:45 millert
+
+ * pathnames.h.in: added _PATH_MV
+
+1995-01-13 12:43 millert
+
+ * config.h.in: move __P to compat.h
+
+1995-01-13 12:39 millert
+
+ * getcwd.c, getwd.c, putenv.c: now includes compat.h
+
+1995-01-13 12:39 millert
+
+ * compat.h: Initial revision
+
+1995-01-11 19:11 millert
+
+ * sudo.h: pull user-configurable stuff out and put in options.h
+
+1995-01-11 18:43 millert
+
+ * check.c, find_path.c, logging.c, parse.c, sudo_realpath.c,
+ sudo_setenv.c, parse.lex, parse.yacc, visudo.c: now includes
+ options.h
+
+1995-01-11 18:41 millert
+
+ * Makefile.in: added visudoers/options.h
+
+1995-01-11 18:40 millert
+
+ * options.h, OPTIONS: Initial revision
+
+1995-01-11 18:39 millert
+
+ * Makefile.in: added OPTIONS and options.h
+
+1995-01-11 18:36 millert
+
+ * logging.c: changed #ifdef's to use LOGGING and
+ SLOG_SYSLOG/SLOG_FILE
+
+1995-01-11 11:02 millert
+
+ * check.c, sudo.h: changed PASSWORD_TIMEOUT to minutes
+
+1994-12-17 18:18 millert
+
+ * visudo.c: now only do Editor +line_num if line_num != 0
+
+1994-12-15 21:06 millert
+
+ * visudo.c: now use mv if rename(2) fails
+
+1994-12-15 20:32 millert
+
+ * BUGS: added a visudo bug
+
+1994-12-15 19:46 millert
+
+ * check.c: expanded comment
+
+1994-11-12 18:33 millert
+
+ * check.c: fixed user_is_exempt to return 0 if EXEMPTGROUP is not
+ set
+
+1994-11-09 19:49 millert
+
+ * sudo.c: added mips & isc support
+
+1994-11-09 19:49 millert
+
+ * parse.c: added support for non-root owned sudoers file
+
+1994-11-09 19:48 millert
+
+ * check.c: added exempt group support
+
+1994-11-09 19:47 millert
+
+ * sudo.h: added set_perms() support added SUDOERS_OWNER so can have
+ non-root own sudoers file added exempt group support added isc
+ support
+
+1994-11-09 19:46 millert
+
+ * visudo.c: now copy sudoers to temp file via read/write (not
+ stdio) now chown new sudoers file to SUDOERS_OWNER
+
+1994-11-07 20:40 millert
+
+ * configure.in: added skey support
+
+1994-11-07 20:39 millert
+
+ * sudo.h: fixed typo added set_perms support added skey support
+ added seteuid()/setegid() emulation for AIX
+
+1994-11-07 20:38 millert
+
+ * sudo.c: be_* -> setperms() now check to make sure sudoers file is
+ owned by root nread/write by only root
+
+1994-11-07 20:38 millert
+
+ * logging.c, parse.c, sudo_realpath.c: be_* -> setperms()
+
+1994-11-07 20:38 millert
+
+ * check.c: be_* -> set_perms() added skey support
+
+1994-11-06 18:59 millert
+
+ * Makefile.in: ++version
+
+1994-11-06 18:59 millert
+
+ * version.h: ++
+
+1994-10-21 13:16 millert
+
+ * sudo.c: now sets IFS
+
+1994-10-21 12:02 millert
+
+ * insults.h: fixed typo
+
+1994-10-15 15:48 millert
+
+ * config.h.in: added HAVE_SKEY
+
+1994-10-04 13:00 millert
+
+ * CHANGES: updated
+
+1994-10-04 12:57 millert
+
+ * Makefile.in: ++version
+
+1994-10-04 12:57 millert
+
+ * version.h: ++
+
+1994-10-04 12:56 millert
+
+ * sudo.c: now bail if ARgv[1] > MAXPATHLEN
+
+1994-10-04 12:56 millert
+
+ * configure.in: added function check for tcgetattr(3)
+
+1994-10-04 12:55 millert
+
+ * config.h.in: only define HAVE_TERMIOS_H if you have tcgetattr(3)
+
+1994-10-04 12:53 millert
+
+ * config.h.in: added check for tcgetattr
+
+1994-09-26 17:38 millert
+
+ * CHANGES: updated
+
+1994-09-22 13:30 millert
+
+ * parse.lex: now only include unistd.h for linux
+
+1994-09-21 14:29 millert
+
+ * Makefile.in: added visudo.8 generation
+
+1994-09-21 14:07 millert
+
+ * configure.in: added -Wl,-bI:./aixcrypt.exp to aix flags
+
+1994-09-20 19:39 millert
+
+ * BUGS: added one
+
+1994-09-20 19:39 millert
+
+ * CHANGES: updated
+
+1994-09-20 19:38 millert
+
+ * README: added mailing list info
+
+1994-09-20 19:37 millert
+
+ * parse.yacc: now use sudolineno instead of yylineno fixed bison
+ warnings
+
+1994-09-20 19:37 millert
+
+ * configure.in: now use -no_library_replacement for osf don't make
+ a static binary for hpux >= 9.0
+
+1994-09-20 19:21 millert
+
+ * tgetpass.c: added string.h/strings.h inclusion
+
+1994-09-20 19:21 millert
+
+ * config.h.in: added ssize_t def
+
+1994-09-20 19:18 millert
+
+ * parse.lex: added inclusion of string.h/strings.h
+
+1994-09-20 18:48 millert
+
+ * aclocal.m4: fixed uname | sed (needed to quote the '[')
+
+1994-09-20 18:42 millert
+
+ * parse.lex: replaced yylineno with sudolineno fixed bison syntax
+ errors
+
+1994-09-20 18:13 millert
+
+ * visudo.c: changed yylineno to sudolineno since yylineno cannot be
+ counted upon.
+
+1994-09-20 18:10 millert
+
+ * TODO: updated
+
+1994-09-20 17:52 millert
+
+ * parse.c: added code to support command listings
+
+1994-09-20 17:36 millert
+
+ * sudo.c: added code for -l flag
+
+1994-09-20 17:35 millert
+
+ * sudo.man: fixed typo added info for -l flag
+
+1994-09-20 14:45 millert
+
+ * configure.in: AC_SSIZE_T -> SUDO_SSIZE_T
+
+1994-09-20 14:45 millert
+
+ * aclocal.m4: added SUDO_SSIZE_T
+
+1994-09-20 14:44 millert
+
+ * sudo.h: added MODE_LIST
+
+1994-09-20 14:43 millert
+
+ * configure.in: added AC_SSIZE_T
+
+1994-09-19 20:53 millert
+
+ * find_path.c, sudo_realpath.c: readlink() is now declared as
+ returning ssize~_t
+
+1994-09-19 20:44 millert
+
+ * configure.in: added -laud for OSF c2
+
+1994-09-02 15:55 millert
+
+ * config.h.in, parse.lex, parse.yacc, pathnames.h.in, visudo.c,
+ Makefile.in: changed sudo-bugs.cs.colorado.edu ->
+ sudo-bugs@cs.colorado.edu
+
+1994-09-02 15:54 millert
+
+ * check.c, find_path.c, getcwd.c, getwd.c, insults.h, logging.c,
+ parse.c, putenv.c, strdup.c, sudo.c, sudo.h, sudo_realpath.c,
+ sudo_setenv.c, tgetpass.c, version.h: changed
+ sudo-bugs.cs.colorado.edu -> sudo-bugs@cs.colorado.ed
+
+1994-09-01 15:56 millert
+
+ * Makefile.in: ++version
+
+1994-09-01 15:55 millert
+
+ * version.h: ++
+
+1994-09-01 15:55 millert
+
+ * logging.c: added host to alertmail messages
+
+1994-09-01 15:55 millert
+
+ * CHANGES, TODO: udpated
+
+1994-09-01 15:26 millert
+
+ * logging.c: fixed logging problem where mail would not say which
+ user it was
+
+1994-09-01 13:45 millert
+
+ * configure.in: added -laud for gcc if osf & c2
+
+1994-09-01 13:39 millert
+
+ * check.c: moved set_auth_parameters to sudo.c
+
+1994-09-01 13:38 millert
+
+ * sudo.c: added set_auth_parameters for osf
+
+1994-09-01 13:22 millert
+
+ * configure.in: cleaned up -static stuff
+
+1994-09-01 13:15 millert
+
+ * Makefile.in: ++version
+
+1994-09-01 13:15 millert
+
+ * version.h: ++
+
+1994-09-01 13:15 millert
+
+ * sudo.c: changed setenv() to sudo_setenv()
+
+1994-09-01 13:12 millert
+
+ * check.c: fixed osf problem
+
+1994-08-31 22:17 millert
+
+ * configure.in: added OSF C2 stuff
+
+1994-08-31 22:00 millert
+
+ * CHANGES: updated
+
+1994-08-31 21:56 millert
+
+ * check.c: added osf auth support & removed some extra spaces
+
+1994-08-31 21:52 millert
+
+ * INSTALL, SUPPORTED: added osf C2 stuff
+
+1994-08-31 19:52 millert
+
+ * TODO: added 2 suggestions
+
+1994-08-31 19:33 millert
+
+ * Makefile.in: removed README.v1.3.1 and added VERSION stuff
+
+1994-08-31 18:48 millert
+
+ * version.h: pl1
+
+1994-08-30 18:31 millert
+
+ * version.h: 1.3.1final
+
+1994-08-30 18:30 millert
+
+ * Makefile.in: added HISTORY
+
+1994-08-30 18:30 millert
+
+ * sudo.man: mention HISTPRY file
+
+1994-08-30 18:30 millert
+
+ * sudo.c: use sizeof instead of a constant in 1 place
+
+1994-08-30 18:30 millert
+
+ * parse.yacc: added unistd.h
+
+1994-08-30 18:29 millert
+
+ * parse.lex: added unistd.h
+
+1994-08-30 18:27 millert
+
+ * README: udpated
+
+1994-08-30 18:15 millert
+
+ * HISTORY: Initial revision
+
+1994-08-17 12:45 millert
+
+ * version.h: ++
+
+1994-08-17 12:39 millert
+
+ * CHANGES: updated
+
+1994-08-17 12:36 millert
+
+ * sudo_setenv.c: added unistd.h include
+
+1994-08-16 15:46 millert
+
+ * sudo.c: added sys/time.h for AIX
+
+1994-08-14 21:22 millert
+
+ * configure.in: added check for -lsocket and sys/sockio.h
+
+1994-08-14 21:21 millert
+
+ * config.h.in: took out libshadow check and added in sys/sockio.h
+ check
+
+1994-08-14 21:21 millert
+
+ * sudo.c: now include sockio.h instead of ioctl.h if it exists
+ "sudo -" now gets a better error message
+
+1994-08-14 20:47 millert
+
+ * sample.sudoers: now has a dir and subnet entry
+
+1994-08-13 18:15 millert
+
+ * sudo.c: removed if_ether.h
+
+1994-08-13 17:16 millert
+
+ * TODO: added an item
+
+1994-08-13 17:15 millert
+
+ * sudo.man: added network and ip addresses to man page
+
+1994-08-13 17:09 millert
+
+ * sudo.c: no error if can't get interfaces or netmask since
+ networking may not be in the kernel.
+
+1994-08-13 17:08 millert
+
+ * parse.c: nwo check for interfaces == NULL
+
+1994-08-12 21:22 millert
+
+ * parse.c: fixed a bug that caused directory specs in a Cmnd_Alias
+ to fail if the last entry in the spec failed (ie: it was only
+ looking at the last entry). CLeaned things up by adding the
+ cmndcmp() function--all neat & tidy
+
+1994-08-12 21:21 millert
+
+ * CHANGES: added one
+
+1994-08-11 23:42 millert
+
+ * sudo.c: now do two passes to skip bogus interfaces (lo0, etc)
+
+1994-08-11 21:58 millert
+
+ * logging.c, sudo_realpath.c, sudo_setenv.c: added ninclude of
+ netinet/in.h
+
+1994-08-11 21:58 millert
+
+ * check.c, find_path.c, getcwd.c, getwd.c, parse.lex, parse.yacc,
+ visudo.c: added include of netinet/in.h
+
+1994-08-11 21:57 millert
+
+ * version.h: ++
+
+1994-08-11 21:57 millert
+
+ * sudo.h: added interfaces global
+
+1994-08-11 21:56 millert
+
+ * parse.c: now uses new interfaces global
+
+1994-08-11 21:56 millert
+
+ * sudo.c: now ip addresses are gleaned fw/o dns
+
+1994-08-10 19:21 millert
+
+ * sudo.c: added load_ip_addrs() to load the ip_addrs global var
+
+1994-08-10 19:21 millert
+
+ * parse.c: added hostcmp() to compare hostnames, ip addrs, and
+ network addrs
+
+1994-08-10 19:20 millert
+
+ * sudo.h: added ip_addrs def added load_ip_addrs prototype
+
+1994-08-08 16:03 millert
+
+ * CHANGES: updated
+
+1994-08-08 15:57 millert
+
+ * Makefile.in: removed multiple entries in DISTFILES
+
+1994-08-08 13:05 millert
+
+ * visudo.c: ansified the !STDC_HEADERS decls
+
+1994-08-08 13:05 millert
+
+ * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c: don't do
+ malloc decl if gnuc
+
+1994-08-08 13:04 millert
+
+ * sudo.c: can't use getopt(3) since it munges args to the command
+ to be run as root don't do malloc decl if gnuc
+
+1994-08-08 00:41 millert
+
+ * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c, sudo.c,
+ sudo_realpath.c, sudo_setenv.c: ansi-fied !STDC_HEADER function
+ prottypes
+
+1994-08-08 00:27 millert
+
+ * getcwd.c, getwd.c: added missing paren
+
+1994-08-08 00:23 millert
+
+ * Makefile.in: added putenv.c to DISTFILES
+
+1994-08-08 00:08 millert
+
+ * sudo_setenv.c: added params to func decls when STDC_HEADERS is
+ not defined now can count on putenv() being there
+
+1994-08-08 00:08 millert
+
+ * sudo_realpath.c: took out errno decl since sudo.h does it for us
+ fixed up a next cc warning added params to func decls when
+ STDC_HEADERS is not defined
+
+1994-08-08 00:07 millert
+
+ * sudo.h: took out environ extern added local declaratio of
+ putenv() if local version is needed
+
+1994-08-08 00:05 millert
+
+ * find_path.c, getcwd.c, getwd.c, strdup.c, sudo.c: added params to
+ func decls when STDC_HEADERS is not defined
+
+1994-08-08 00:04 millert
+
+ * config.h.in: added memcpy check check to see that ansi vs bsd
+ macros are ntot already defiend before defining (ie: avoid
+ redefinition)
+
+1994-08-08 00:03 millert
+
+ * configure.in: removed fluff setenv check plus check w/ replace
+ for putenv if also no setenv
+
+1994-08-08 00:01 millert
+
+ * putenv.c: Initial revision
+
+1994-08-06 19:19 millert
+
+ * sudo_setenv.c: Initial revision
+
+1994-08-06 19:19 millert
+
+ * sudo.h: rm'd s realp[ath added sudo_realpath and sudo_setenv
+
+1994-08-06 19:19 millert
+
+ * sudo.c: now use sudo_setenvc
+
+1994-08-06 19:18 millert
+
+ * configure.in: added puteenv and setenv, removed realpath
+
+1994-08-06 19:18 millert
+
+ * config.h.in: added putenv & setenv
+
+1994-08-06 19:18 millert
+
+ * Makefile.in: added sudo_setenv
+
+1994-08-06 19:16 millert
+
+ * version.h: ++
+
+1994-08-05 19:43 millert
+
+ * configure.in: added MAN_POSTINSTALL and /usr/share/catman for
+ irix
+
+1994-08-05 19:43 millert
+
+ * Makefile.in: added MAN_POSTINSTALL
+
+1994-08-05 19:43 millert
+
+ * CHANGES: added
+
+1994-08-05 19:10 millert
+
+ * sudo.man: added SUDO_* plus new options
+
+1994-08-05 19:10 millert
+
+ * CHANGES: added one
+
+1994-08-05 19:07 millert
+
+ * configure.in: took out shadow lib
+
+1994-08-05 18:35 millert
+
+ * TODO: adde done
+
+1994-08-05 17:52 millert
+
+ * visudo.c: now use yyrestart() if flex now reset yylineno to 0
+
+1994-08-05 17:49 millert
+
+ * Makefile.in: support for installing a cat page instead of a man
+ page if no nroff
+
+1994-08-05 17:48 millert
+
+ * configure.in: now defines HAVE_FLEX fixed up man stuff so that it
+ looks for nroff to determine whether or not to install a cat or
+ man page
+
+1994-08-05 17:48 millert
+
+ * config.h.in: added HAVE_FLEX
+
+1994-08-05 16:14 millert
+
+ * sudo.c: not set ret to MODE_RUN initially
+
+1994-08-05 16:12 millert
+
+ * find_path.c: made command (and therefor cmnd dynamically
+ allocated)
+
+1994-08-04 20:25 millert
+
+ * TODO: did #8
+
+1994-08-04 20:24 millert
+
+ * version.h: ++
+
+1994-08-04 20:24 millert
+
+ * sudo_realpath.c: changed bufs from MAXPATHLEN to MAXPATHLEN+1
+
+1994-08-04 20:24 millert
+
+ * sudo.h: added MODE_ removed validate_only and added
+ remove_timestamp()
+
+1994-08-04 20:22 millert
+
+ * sudo.c: usage() now takes an int (exit value) added parse_args()
+ to parse command line arguments moved call to find_path() from
+ load_globals to new function load_cmnd() removed validate_only
+ global -- now use the concept of "modes" added -h and -k options
+
+1994-08-04 20:21 millert
+
+ * parse.c: no longer use global validate_only now checks for
+ command called "validate" removed check for non-fully qualified
+ commands since that is done by find_path
+
+1994-08-04 20:20 millert
+
+ * find_path.c: changed MAXPATHLEN r to MAXPATHLEN+1
+
+1994-08-04 20:17 millert
+
+ * find_path.c: fixed off by one error with MAXPATHLEN and fixed a
+ comment
+
+1994-08-04 20:17 millert
+
+ * check.c: check_timestamp no longer runs reminder(), it is implied
+ in the return val added remove_timestamp()
+
+1994-08-04 20:16 millert
+
+ * CHANGES: updated
+
+1994-08-04 16:38 millert
+
+ * BUGS: fixed on
+
+1994-08-04 16:38 millert
+
+ * sudo_realpath.c: took out old_errno
+
+1994-08-04 16:37 millert
+
+ * CHANGES: updated
+
+1994-08-03 12:08 millert
+
+ * logging.c: moved send_mail to after syslog
+
+1994-08-02 22:41 millert
+
+ * sudo.c: now set SUDO_ envariables
+
+1994-08-01 13:40 millert
+
+ * version.h: ++
+
+1994-08-01 13:39 millert
+
+ * sudo_realpath.c: now print error if chdir fails
+
+1994-08-01 13:39 millert
+
+ * find_path.c: removed an XXX
+
+1994-07-25 20:40 millert
+
+ * CHANGES: updated
+
+1994-07-25 20:36 millert
+
+ * configure.in: no more static binaries for aix
+
+1994-07-25 18:37 millert
+
+ * INSTALL: fixed typo
+
+1994-07-25 18:33 millert
+
+ * sudo_realpath.c: took out stuff not needed for sudo now does
+ be_root/be_user itself now uses cwd global
+
+1994-07-25 18:32 millert
+
+ * version.h: +=2
+
+1994-07-25 18:31 millert
+
+ * logging.c, sudo.c: be_root/be_user is now down in sudo_realpath()
+
+1994-07-25 18:26 millert
+
+ * logging.c, sudo.h: now works with 4.2BSD syslog (blech)
+
+1994-07-25 18:25 millert
+
+ * find_path.c: now use sudo_realpath()
+
+1994-07-25 18:25 millert
+
+ * config.h.in: took out realpth() stuff since we now use
+ sudo_realpath()
+
+1994-07-25 18:25 millert
+
+ * configure.in: ultrix enhanced sec
+
+1994-07-25 18:25 millert
+
+ * SUPPORTED: added ultrix enhanced sec.
+
+1994-07-25 18:24 millert
+
+ * INSTALL: updated
+
+1994-07-25 18:21 millert
+
+ * check.c: ultrix enhanced security suport
+
+1994-07-25 18:20 millert
+
+ * Makefile.in: added sudo_realpath.c
+
+1994-07-25 18:18 millert
+
+ * CHANGES: updated
+
+1994-07-25 14:28 millert
+
+ * tgetpass.c: increased passwd len to 24 for c2 security
+
+1994-07-25 13:17 millert
+
+ * BUGS: updated BUGS
+
+1994-07-15 11:49 millert
+
+ * check.c: now use user global var
+
+1994-07-15 11:48 millert
+
+ * configure.in: took out -ls
+
+1994-07-14 19:11 millert
+
+ * configure.in: added AFS libs
+
+1994-07-14 17:45 millert
+
+ * sudo.h: user is now a char * added epasswd
+
+1994-07-14 17:43 millert
+
+ * sudo.c: added tzset() to load_globals added epasswd (encrypted
+ password) global made user dynamically allocated
+
+1994-07-14 17:43 millert
+
+ * configure.in: added tzset test
+
+1994-07-14 17:43 millert
+
+ * config.h.in: added HAVE_TZSET
+
+1994-07-14 17:42 millert
+
+ * check.c: cleaned up encrypted passwd grab somewhat
+
+1994-07-14 12:34 millert
+
+ * configure.in: fixed AFS typo
+
+1994-07-14 12:34 millert
+
+ * INSTALL: added AFS not
+
+1994-07-14 12:34 millert
+
+ * CHANGES: udpated
+
+1994-07-14 12:33 millert
+
+ * logging.c: can now log to both syslog & a file
+
+1994-07-14 12:12 millert
+
+ * sudo.h: added BOTH_LOGS
+
+1994-07-14 11:34 millert
+
+ * CHANGES: updated
+
+1994-07-14 11:32 millert
+
+ * configure.in: --with-AFS
+
+1994-07-14 11:32 millert
+
+ * config.h.in: added HAVE_AFS
+
+1994-07-14 11:31 millert
+
+ * check.c: added afs changes
+
+1994-07-14 11:21 millert
+
+ * sudo.h: removed AFS stuff :-)
+
+1994-07-14 11:19 millert
+
+ * tgetpass.c: include sys/select for AIX
+
+1994-07-14 11:17 millert
+
+ * sudo.h: added AFS
+
+1994-07-14 11:16 millert
+
+ * version.h: ++
+
+1994-07-07 14:45 millert
+
+ * SUPPORTED, CHANGES: updated
+
+1994-07-07 14:44 millert
+
+ * logging.c: can now have MAILER undefined
+
+1994-07-07 14:37 millert
+
+ * INSTALL: new sub-note about MAILER
+
+1994-07-06 23:11 millert
+
+ * sudo.man: added blurb about password timeout
+
+1994-07-06 20:52 millert
+
+ * configure.in: convex c2 changes
+
+1994-07-06 20:52 millert
+
+ * aclocal.m4: took out duplicate define of _CONVEX_SOURCE
+
+1994-07-06 20:51 millert
+
+ * Makefile.in: added OSDEFS
+
+1994-07-06 20:46 millert
+
+ * config.h.in: added spaces
+
+1994-07-06 20:08 millert
+
+ * tgetpass.c: added a goto if fgets fails
+
+1994-07-06 20:08 millert
+
+ * sudo.h: use __hpux not hpux convex c2 stuff
+
+1994-07-06 20:08 millert
+
+ * sudo.c: use __hpux not hpux
+
+1994-07-06 20:08 millert
+
+ * logging.c: convex c2 stuff
+
+1994-07-06 20:07 millert
+
+ * config.h.in: define ansi-ish cpp os defines if non-ansi are
+ defined for hpux & convex
+
+1994-07-06 20:07 millert
+
+ * INSTALL: updated to say we support sonvex C2
+
+1994-07-06 20:05 millert
+
+ * check.c: added convex c2 support
+
+1994-07-01 12:06 millert
+
+ * tgetpass.c: no more ioctl never returns NULL uses fgets() and
+ select() to timeout
+
+1994-06-29 17:04 millert
+
+ * configure.in: things were testing -n "$GCC" instead of -z "$GCC"
+
+1994-06-29 16:39 millert
+
+ * tgetpass.c: now works + uses fgets()
+
+1994-06-28 18:25 millert
+
+ * tgetpass.c: select doesn't seem to recognize a single '\n' as
+ input waiting so we can;t use it, sigh.
+
+1994-06-26 16:38 millert
+
+ * PORTING: updated tgetpass() blurb
+
+1994-06-26 16:35 millert
+
+ * configure.in: added --with-getpass
+
+1994-06-26 16:35 millert
+
+ * Makefile.in: added tgetpass stuff
+
+1994-06-26 15:25 millert
+
+ * tgetpass.c: now uses stdio
+
+1994-06-26 15:17 millert
+
+ * version.h: ++
+
+1994-06-24 19:48 millert
+
+ * PORTING: updated ,.
+
+1994-06-24 19:46 millert
+
+ * config.h.in: added USE_GETPASS && HAVE_C2_SECURITY
+
+1994-06-24 19:45 millert
+
+ * configure.in: fixed a test aded --with-C2 and --with-tgetpass
+
+1994-06-24 19:45 millert
+
+ * check.c: added hpux C2 shit
+
+1994-06-24 19:45 millert
+
+ * Makefile.in: took out tgetpass.*
+
+1994-06-24 19:45 millert
+
+ * INSTALL: added C2 blurb
+
+1994-06-13 15:54 millert
+
+ * configure.in: no termio(s) for ultrix since it is broken
+
+1994-06-13 15:41 millert
+
+ * check.c: added a space (yeah, anal)
+
+1994-06-13 15:17 millert
+
+ * realpath.c, sudo_realpath.c: fixed it (duh, rtfm)
+
+1994-06-08 14:34 millert
+
+ * config.h.in: took out bsd signal stuff for irix
+
+1994-06-08 14:26 millert
+
+ * visudo.c: comments in #endif
+
+1994-06-08 14:09 millert
+
+ * configure.in: don't define BSD signals for irix
+
+1994-06-08 12:57 millert
+
+ * TODO: did some...
+
+1994-06-08 12:57 millert
+
+ * CHANGES: updated
+
+1994-06-08 12:56 millert
+
+ * realpath.c, sudo_realpath.c: took out unneeded code by changing
+ where a strings was terminated
+
+1994-06-07 19:21 millert
+
+ * realpath.c, sudo_realpath.c: fix bug where /dirname would return
+ NULL
+
+1994-06-07 17:40 millert
+
+ * sudo.h: move __P to config.h
+
+1994-06-07 17:40 millert
+
+ * getcwd.c, getwd.c, realpath.c, sudo_realpath.c: added errno
+ definition
+
+1994-06-07 17:40 millert
+
+ * config.h.in: added __P
+
+1994-06-07 17:21 millert
+
+ * config.h.in: added HAVE_FCHDIR
+
+1994-06-07 17:18 millert
+
+ * strdup.c: now include stdio
+
+1994-06-07 14:55 millert
+
+ * realpath.c, sudo_realpath.c: now works if no fchdir
+
+1994-06-07 14:55 millert
+
+ * visudo.c: define SA_RESETHAND to null if not defined
+
+1994-06-07 14:54 millert
+
+ * configure.in: added check & replace
+
+1994-06-06 20:05 millert
+
+ * configure.in: took out -static for nextstep -- it doesn't work
+
+1994-06-06 19:59 millert
+
+ * logging.c: moved #endif to where it belongs
+
+1994-06-06 19:54 millert
+
+ * SUPPORTED: correction
+
+1994-06-06 19:42 millert
+
+ * configure.in: now checks for strdup realpath getcwd bzero
+
+1994-06-06 19:31 millert
+
+ * config.h.in: emulate bzero
+
+1994-06-06 16:57 millert
+
+ * visudo.c: added posic signals
+
+1994-06-06 16:57 millert
+
+ * tgetpass.c: bzero cast
+
+1994-06-06 16:57 millert
+
+ * logging.c: added posix signals
+
+1994-06-06 16:56 millert
+
+ * configure.in: removed BROKEN_GETPASS added new srcs toreplace
+ missing functions
+
+1994-06-06 16:56 millert
+
+ * config.h.in: added posix signal stuff
+
+1994-06-06 16:56 millert
+
+ * Makefile.in: added new srcs
+
+1994-06-06 12:53 millert
+
+ * visudo.c: updated useag
+
+1994-06-06 12:39 millert
+
+ * tgetpass.c: now uses posix signals
+
+1994-06-05 20:17 millert
+
+ * PORTING: updated sto reflect major changes
+
+1994-06-05 20:05 millert
+
+ * TODO, CHANGES: updated
+
+1994-06-05 20:04 millert
+
+ * tgetpass.c: uses sysconf() if available
+
+1994-06-05 20:04 millert
+
+ * sudo.h: added PASSWORD_TIMEOUT + prototypes for new functions
+
+1994-06-05 20:04 millert
+
+ * realpath.c, sudo_realpath.c: for those w/o this in libc
+
+1994-06-05 20:03 millert
+
+ * getcwd.c, getwd.c: Initial revision
+
+1994-06-05 20:03 millert
+
+ * find_path.c: rewrote to use realpath(3) - nis now all my code
+
+1994-06-05 20:02 millert
+
+ * config.h.in: added HAVE_REALPATH
+
+1994-06-05 20:02 millert
+
+ * check.c: now use tgetpass
+
+1994-06-05 20:02 millert
+
+ * Makefile.in: added LIBOBJS use tgetpass.c
+
+1994-06-05 18:55 millert
+
+ * tgetpass.c: works now :-)
+
+1994-06-05 18:27 millert
+
+ * tgetpass.c: Initial revision
+
+1994-06-05 17:17 millert
+
+ * pathnames.h.in: added /dev/tty
+
+1994-06-04 17:12 millert
+
+ * version.h: incremented
+
+1994-06-04 15:29 millert
+
+ * sudo.c: always use getcwd
+
+1994-06-04 14:49 millert
+
+ * config.h.in: added check for getwd
+
+1994-06-04 14:48 millert
+
+ * configure.in: replace strdup & realpath & getcwd if missing
+
+1994-06-04 14:47 millert
+
+ * pathnames.h.in: added _PATH_PWD
+
+1994-06-04 14:46 millert
+
+ * aclocal.m4: added SUDO_PROG_PWD
+
+1994-06-04 14:37 millert
+
+ * realpath.c, sudo_realpath.c, strdup.c: Initial revision
+
+1994-06-03 11:31 millert
+
+ * configure.in: quoted quare brackets
+
+1994-06-02 17:49 millert
+
+ * sudo.c: no need to strdup() a constant
+
+1994-06-02 15:45 millert
+
+ * CHANGES: updated
+
+1994-06-02 15:44 millert
+
+ * sudo.man: added validate
+
+1994-06-02 15:42 millert
+
+ * sudo.c: added -v to usage
+
+1994-06-02 15:41 millert
+
+ * parse.c, sudo.c, sudo.h: added validate_only stuff
+
+1994-05-29 21:29 millert
+
+ * configure.in: now finds sed
+
+1994-05-29 21:28 millert
+
+ * aclocal.m4: $OSREV is now an int
+
+1994-05-29 19:13 millert
+
+ * configure.in: added mtxinu to caser
+
+1994-05-29 18:37 millert
+
+ * sudo.h: added EXEC macro
+
+1994-05-29 18:36 millert
+
+ * sudo.c: now use the EXEC nmacro now only do a gethostbyname() if
+ FQDN is set
+
+1994-05-29 18:36 millert
+
+ * logging.c: changed mail_argv[] def now use EXEC() macro
+
+1994-05-29 18:35 millert
+
+ * check.c: took out crypt() definition
+
+1994-05-29 17:23 millert
+
+ * version.h: upped the version
+
+1994-05-29 15:52 millert
+
+ * configure.in: always look for -lnsl
+
+1994-05-29 15:29 millert
+
+ * aclocal.m4: added an echo
+
+1994-05-29 15:25 millert
+
+ * sudo.h: SHORT_MESSAGE is now the default
+
+1994-05-29 15:18 millert
+
+ * config.h.in: fixed typo
+
+1994-05-29 01:29 millert
+
+ * configure.in: added missing AC_DEFINE(SVR4) for solaris
+
+1994-05-28 20:42 millert
+
+ * sudo.man: documented the -v flag
+
+1994-05-28 20:34 millert
+
+ * SUPPORTED: updated
+
+1994-05-28 20:31 millert
+
+ * check.c: proto-ized crypt()
+
+1994-05-28 20:28 millert
+
+ * config.h.in: added LIBSHADOW undef
+
+1994-05-28 20:18 millert
+
+ * configure.in: nwo set OS to be lowercase
+
+1994-05-28 19:36 millert
+
+ * configure.in: now use SUDO_OSTYPE to set $OS
+
+1994-05-28 19:36 millert
+
+ * aclocal.m4: now use uname to determine os
+
+1994-05-28 16:23 millert
+
+ * visudo.c: added prototypes & moved sig handler around
+
+1994-05-28 15:13 millert
+
+ * sudo.h: added prototyppes
+
+1994-05-28 15:13 millert
+
+ * parse.c: added comment
+
+1994-05-28 15:12 millert
+
+ * config.h.in: nwo use _BSD_SIGNALS not _BSD_COMPAT
+
+1994-05-28 15:11 millert
+
+ * check.c, logging.c, sudo.c: added prototypes
+
+1994-05-28 15:11 millert
+
+ * aixcrypt.exp: Initial revision
+
+1994-05-28 15:11 millert
+
+ * Makefile.in: added aixcrypt.exp
+
+1994-05-28 13:21 millert
+
+ * parse.lex, parse.yacc: moved config.h to top of includes
+
+1994-05-25 15:48 millert
+
+ * find_path.c: now don't bitch if get EACCESS (treat like EPERM)
+
+1994-05-24 23:08 millert
+
+ * visudo.c: added -v flag and usage()
+
+1994-05-24 23:08 millert
+
+ * version.h: fixed a typo
+
+1994-05-24 23:08 millert
+
+ * sudo.c: cast Argv to a const for exec added -v flag
+
+1994-05-24 23:07 millert
+
+ * logging.c: mail_argv is now a const
+
+1994-05-24 23:07 millert
+
+ * configure.in: only set RETSIGTYPE if it is not set already
+
+1994-05-24 23:07 millert
+
+ * aclocal.m4: now defines & STDC_HEADERS for Irix
+
+1994-05-24 23:07 millert
+
+ * Makefile.in: added version.h
+
+1994-05-24 21:25 millert
+
+ * insults.h, sudo.h: prevent multiple inclusion
+
+1994-05-24 21:20 millert
+
+ * version.h: Initial revision
+
+1994-05-24 21:09 millert
+
+ * parse.lex, parse.yacc: now includes config.h
+
+1994-05-24 20:54 millert
+
+ * aclocal.m4: now talks about sunos 4.x
+
+1994-05-24 20:23 millert
+
+ * visudo.c: calls to Exit now pass an arg
+
+1994-05-24 18:00 millert
+
+ * visudo.c: signal handler now takes an int argument
+
+1994-05-24 18:00 millert
+
+ * CHANGES: updated
+
+1994-05-24 17:44 millert
+
+ * sudo.c: ok, the getcwd() is now *really* done as the user
+
+1994-05-24 17:44 millert
+
+ * configure.in: changed AIX STATIC_FLAGS
+
+1994-05-24 16:27 millert
+
+ * aclocal.m4: solaris now defines SVR4
+
+1994-05-24 16:18 millert
+
+ * sudo.h: added cwd and fixed stupid core dump that makes no sense.
+ sigh.
+
+1994-05-24 16:18 millert
+
+ * sudo.c: moved getcwd stuff into load_globals
+
+1994-05-24 16:18 millert
+
+ * parse.c: took out externs that are in suod.h
+
+1994-05-24 16:18 millert
+
+ * logging.c: moved cwd into load_globals
+
+1994-05-24 16:17 millert
+
+ * find_path.c: moved cwd stuff
+
+1994-05-24 15:55 millert
+
+ * Makefile.in: fixed make distclean & realclean
+
+1994-05-24 12:51 millert
+
+ * TODO: updated .,
+
+1994-05-24 12:51 millert
+
+ * CHANGES: added solaris changes
+
+1994-05-24 12:51 millert
+
+ * aclocal.m4: added solaris changes, need to rework
+
+1994-05-24 12:50 millert
+
+ * configure.in: cleaned up for solaris
+
+1994-05-24 12:13 millert
+
+ * logging.c: reinstall reapchild signal handler for non-bsd signals
+
+1994-05-24 12:03 millert
+
+ * sudo.h: took out getdtablesize() emulation for HP-UX (no longer
+ needed)
+
+1994-05-24 12:03 millert
+
+ * sudo.c: support for HAVE_SYSCONF
+
+1994-05-24 12:02 millert
+
+ * visudo.c: added <fcntl.h> for solaris & reorg'd the includes +
+ minor prettying up /
+
+1994-05-23 20:26 millert
+
+ * config.h.in: added HAVE_SYSCONF
+
+1994-05-16 18:57 millert
+
+ * configure.in: now tells you what os you are running /.
+
+1994-05-16 18:56 millert
+
+ * aclocal.m4: took out extra ','
+
+1994-05-14 17:56 millert
+
+ * config.h.in: added _BSD_COMPAT
+
+1994-05-14 17:56 millert
+
+ * aclocal.m4: fixed for irix5
+
+1994-05-14 17:55 millert
+
+ * CHANGES: updated
+
+1994-05-14 17:27 millert
+
+ * sudo.c: uid seinitialized to -2
+
+1994-04-28 12:36 millert
+
+ * sudo.c: now removes LIBPATH for AIX
+
+1994-03-12 20:41 millert
+
+ * configure.in: now uses ufc if it finds it
+
+1994-03-12 17:42 millert
+
+ * sudo.h: no longer define yyval & yylval since yacc does it
+
+1994-03-12 17:42 millert
+
+ * parse.lex: now defines yylval as extenr
+
+1994-03-12 17:41 millert
+
+ * configure.in: BROKEN_GETPASS is now an OPTION
+
+1994-03-12 17:41 millert
+
+ * config.h.in: took out BROKEN_GETPASS
+
+1994-03-12 17:20 millert
+
+ * Makefile.in: took out big comment
+
+1994-03-12 16:24 millert
+
+ * README: updated
+
+1994-03-12 16:20 millert
+
+ * Makefile.in: took out README.beta
+
+1994-03-12 16:19 millert
+
+ * SUPPORTED: Initial revision
+
+1994-03-12 16:19 millert
+
+ * INSTALL: now reference SUPPORTED .,
+
+1994-03-12 16:17 millert
+
+ * config.h.in: now check for convex OR __convex__
+
+1994-03-12 16:16 millert
+
+ * aclocal.m4: now check for convex or __convex__
+
+1994-03-12 16:15 millert
+
+ * Makefile.in: added dist target
+
+1994-03-12 15:19 millert
+
+ * aclocal.m4: use __convex__
+
+1994-03-12 14:33 millert
+
+ * find_path.c: now use _S_* stat stuff to be ansi-like
+
+1994-03-12 14:11 millert
+
+ * INSTALL: updated for configure directions
+
+1994-03-12 14:05 millert
+
+ * Makefile.in: distclean now removes config.h and pathnames.h
+
+1994-03-12 14:03 millert
+
+ * CHANGES: updated
+
+1994-03-12 14:00 millert
+
+ * TODO: fixed typoe
+
+1994-03-12 13:57 millert
+
+ * Makefile.in, visudo.c: updated version
+
+1994-03-12 13:57 millert
+
+ * config.h.in, pathnames.h.in: added copyright header
+
+1994-03-12 13:55 millert
+
+ * check.c, find_path.c, insults.h, logging.c, parse.c, parse.lex,
+ parse.yacc, sudo.c, sudo.h: udpated version
+
+1994-03-12 13:39 millert
+
+ * visudo.c: udpated to use configure + pathnames.h
+
+1994-03-12 13:37 millert
+
+ * Makefile.in, config.h.in, configure.in, aclocal.m4: updated
+
+1994-03-12 13:37 millert
+
+ * sudo.h: now works with configure
+
+1994-03-12 13:36 millert
+
+ * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c:
+ updated to work with configure + pathnames.h
+
+1994-03-12 10:40 millert
+
+ * Makefile.in: added LEXLIB
+
+1994-03-10 03:18 millert
+
+ * COPYING: updated gnu general licence to versio 2
+
+1994-03-10 02:44 millert
+
+ * pathnames.h.in, config.h.in: Initial revision
+
+1994-03-10 01:43 millert
+
+ * sudo.h: changed to work with configure
+
+1994-03-09 18:51 millert
+
+ * Makefile.in, aclocal.m4, configure.in: Initial revision
+
+1994-03-09 17:36 millert
+
+ * visudo.c: now uses defines used by configure
+
+1994-03-01 16:31 millert
+
+ * find_path.c: sudo won't bitch about EPERM now, for real
+
+1994-02-28 00:36 millert
+
+ * logging.c: renamed exec_argv to eliminate a libc name clash with
+ ksros
+
+1994-02-28 00:28 millert
+
+ * CHANGES: corrected
+
+1994-02-28 00:27 millert
+
+ * logging.c, sudo.c, sudo.h: execve -> execv
+
+1994-02-27 23:27 millert
+
+ * TODO: upated
+
+1994-02-27 23:19 millert
+
+ * PORTING: added 2 mroe items
+
+1994-02-27 23:12 millert
+
+ * CHANGES: updated
+
+1994-02-27 23:11 millert
+
+ * sudo.h: added UMASK and mode_t declaration
+
+1994-02-27 23:11 millert
+
+ * sudo.c: added UMASK
+
+1994-02-27 20:55 millert
+
+ * logging.c: now opens log file with mode 077
+
+1994-02-27 20:55 millert
+
+ * check.c: saved current umask ans restores it
+
+1994-02-27 20:36 millert
+
+ * sudo.h: added MAXLOGFILELEN
+
+1994-02-27 20:35 millert
+
+ * logging.c: split long log lines. FOr syslog, split into multiple
+ entries, for a log file, indent the extra for readability
+
+1994-02-27 17:22 millert
+
+ * CHANGES: added changes
+
+1994-02-27 17:18 millert
+
+ * sudo.h: MAXLOGLEN & MAXSYSLOGLEN are now different (as they
+ should be)
+
+1994-02-25 16:04 millert
+
+ * TODO: added input from Brett M Hogden <hogden@rge.com>
+
+1994-02-16 13:35 millert
+
+ * sudo.c: added rmenv() to remove stuff from environ. can now uses
+ execvp() OR execve() becuase of this.
+
+1994-02-16 13:35 millert
+
+ * logging.c: now uses execvp() OR execve()
+
+1994-02-16 13:31 millert
+
+ * sudo.h: added USE_EXECVE
+
+1994-02-16 13:27 millert
+
+ * sudo.h: added environ
+
+1994-02-16 12:53 millert
+
+ * find_path.c: now ignore EPERM
+
+1994-02-15 23:52 millert
+
+ * sudo.h: moved some func decls out of sudo.h and into sudo.c as
+ statics /.
+
+1994-02-15 23:52 millert
+
+ * CHANGES: updated
+
+1994-02-15 23:40 millert
+
+ * sudo.h: took out Envp
+
+1994-02-14 12:28 millert
+
+ * BUGS: Initial revision
+
+1994-02-10 14:29 millert
+
+ * sudo.c, sudo.h, CHANGES: added SECURE_PATH
+
+1994-02-10 14:05 millert
+
+ * sudo.h: added SECURE_PATH
+
+1994-02-10 13:50 millert
+
+ * INSTALL: added sample.sudoers note
+
+1994-02-10 13:47 millert
+
+ * sudoers: Initial revision
+
+1994-02-09 14:54 millert
+
+ * find_path.c: fixed typo
+
+1994-02-08 23:06 millert
+
+ * PORTING: took out SAVED_UID garbage
+
+1994-02-08 22:55 millert
+
+ * INSTALL: mentioned HAL
+
+1994-02-08 22:50 millert
+
+ * sudo.h: added HAL line
+
+1994-02-08 22:48 millert
+
+ * insults.h: added HAL insults
+
+1994-02-08 22:48 millert
+
+ * TODO: updated
+
+1994-02-08 22:02 millert
+
+ * logging.c: more verbose error if mailer not found
+
+1994-02-08 22:02 millert
+
+ * check.c: now do getpwent as root for soem shadow password systems
+ (bsdi)
+
+1994-02-08 13:22 millert
+
+ * sudo.h: took out SAVED_UID garbade
+
+1994-02-08 13:21 millert
+
+ * sudo.c: took out SAVED_UID garbage since it don't work
+
+1994-02-06 17:43 millert
+
+ * README: updated
+
+1994-02-06 17:40 millert
+
+ * insults.h: added a missing space :-)
+
+1994-02-05 19:48 millert
+
+ * sudo.c, sudo.h: took out multimax cruft
+
+1994-02-05 19:30 millert
+
+ * INSTALL: minor update
+
+1994-02-05 19:30 millert
+
+ * PORTING: finished
+
+1994-02-05 19:19 millert
+
+ * sudo.c: fixed a typo + indentation
+
+1994-02-05 18:43 millert
+
+ * sudo.h: took outumoved some defines to the config file ,. ,.
+
+1994-02-05 15:17 millert
+
+ * PORTING: Initial revision
+
+1994-02-05 15:17 millert
+
+ * TODO: did #6
+
+1994-02-05 15:16 millert
+
+ * sudo.h: added HAS_SAVED_UID
+
+1994-02-05 15:16 millert
+
+ * sudo.c: put back AIX cruft
+
+1994-02-03 00:44 millert
+
+ * sudo.c: aix changes
+
+1994-02-02 01:31 millert
+
+ * CHANGES: updated
+
+1994-02-02 01:30 millert
+
+ * check.c, logging.c, parse.c, sudo.c, sudo.h: now is only root
+ when abs necesary
+
+1994-02-01 22:21 millert
+
+ * check.c: added missing %s\n
+
+1994-01-31 02:06 millert
+
+ * install-sh: Initial revision
+
+1994-01-31 01:58 millert
+
+ * CHANGES, TODO: updated
+
+1994-01-31 01:56 millert
+
+ * sudo.c: now removed _RLD_* for alphas
+
+1994-01-31 01:50 millert
+
+ * INSTALL: updated for new config scheme
+
+1994-01-30 19:42 millert
+
+ * find_path.c: more verbose eror messages
+
+1994-01-27 14:08 millert
+
+ * TODO: now have solaris
+
+1994-01-27 14:07 millert
+
+ * sudo.h: define __svr4__ for SOLARIS
+
+1994-01-27 14:07 millert
+
+ * check.c: added svr4 junk for shadow pws for solaris 2.x
+
+1994-01-27 13:19 millert
+
+ * check.c, sudo.c: took out setuid(0) and setreuid(udi) garbage.
+ Its not needed since we start out setuid with the correct perms.
+
+1994-01-26 19:51 millert
+
+ * check.c, sudo.c, sudo.h: now use setreuid()
+
+1994-01-26 18:58 millert
+
+ * sudo.man: revised AUTHORS secrtion & added ENV_EDITOR stuff to
+ VARIABLES sectoin
+
+1994-01-26 18:52 millert
+
+ * visudo.c: now uses ENV_EDITOR if you want to use the EDITOR envar
+
+1994-01-26 18:52 millert
+
+ * sudo.h: now uses ENV_EDITOR if you want to use the EDITOR envar
+ >> .
+
+1993-12-07 01:33 millert
+
+ * README: minor update + spell fix
+
+1993-12-07 01:33 millert
+
+ * INSTALL: rewrote most of this
+
+1993-12-07 01:13 millert
+
+ * sudo.h: added all options that are in the Makefile
+
+1993-12-07 00:23 millert
+
+ * getpass.c: now use USE_TERMIO #define for sgi & hpux
+
+1993-12-06 23:19 millert
+
+ * TODO: todo: posix sigs
+
+1993-12-06 01:12 millert
+
+ * check.c, find_path.c: always include strings.h
+
+1993-12-05 20:34 millert
+
+ * visudo.c: added STATICEDITOR
+
+1993-12-05 20:30 millert
+
+ * sudo.h: sgi has vi in /usr/bin too
+
+1993-12-05 20:23 millert
+
+ * sudo.man: added VISUAL
+
+1993-12-02 22:20 millert
+
+ * sudo.h: sue /usr/bin/vi on some systems
+
+1993-12-02 22:19 millert
+
+ * sudo.c: fixed warning (include strings.h)
+
+1993-12-02 22:06 millert
+
+ * sudo.man: added John_Rouillard@dl5000.bc.edu's changes (new
+ features)
+
+1993-12-02 21:38 millert
+
+ * CHANGES: changes from John_Rouillard@dl5000.bc.edu
+
+1993-12-02 21:35 millert
+
+ * visudo.c: added EDITOR envar
+
+1993-12-02 21:34 millert
+
+ * check.c, find_path.c, parse.c, sudo.c: added patches from
+ John_Rouillard directory spec uses EDITOR
+
+1993-12-01 19:32 millert
+
+ * getpass.c: added flush for hpux
+
+1993-11-30 13:37 millert
+
+ * sudo.c: no longer assume malloc returns a char *
+
+1993-11-29 20:35 millert
+
+ * sudo.c: alpha change to remove LD_-like thing fixed SHLIB_PATH
+ stuff -- now gets removed correctly
+
+1993-11-29 19:31 millert
+
+ * sudo.h: added STD_HEADERS macro
+
+1993-11-29 19:14 millert
+
+ * sudo.c: now uses STD_HEADERS macor for ansi
+
+1993-11-29 19:14 millert
+
+ * find_path.c: now uses STD_HEADERS macro
+
+1993-11-29 19:13 millert
+
+ * check.c: niceties for C compiler bitches -- no real change
+
+1993-11-29 13:04 millert
+
+ * visudo.c: now doesn't fclose a file never opened.
+
+1993-11-28 16:35 millert
+
+ * sudo.man: added visudo line
+
+1993-11-28 16:31 millert
+
+ * sudo.man: added error stuff added me in there...
+
+1993-11-28 03:12 millert
+
+ * CHANGES: noted insults
+
+1993-11-28 03:01 millert
+
+ * INSTALL: added blurb about reading stuff
+
+1993-11-28 03:00 millert
+
+ * sudo.h: added insults
+
+1993-11-28 03:00 millert
+
+ * insults.h: corrected somments and removed newlines
+
+1993-11-28 03:00 millert
+
+ * check.c: now uses insults
+
+1993-11-28 02:45 millert
+
+ * insults.h: Initial revision
+
+1993-11-27 19:46 millert
+
+ * INSTALL: added dec syslog note
+
+1993-11-27 19:25 millert
+
+ * sample.sudoers: added real stuff in there
+
+1993-11-27 19:24 millert
+
+ * TODO: added a todo
+
+1993-11-27 19:10 millert
+
+ * TODO: added one
+
+1993-11-27 18:59 millert
+
+ * sample.sudoers: Initial revision
+
+1993-11-27 18:59 millert
+
+ * sudo.man: updated with changes
+
+1993-11-27 18:52 millert
+
+ * sudo.man: Initial revision
+
+1993-11-27 18:48 millert
+
+ * CHANGES, COPYING, INSTALL, README, TODO, indent.pro: Initial
+ revision
+
+1993-11-27 18:46 millert
+
+ * visudo.c: updated version number and took out jeff's old addr
+ since it is no good
+
+1993-11-27 18:42 millert
+
+ * sudo.h, check.c, find_path.c, logging.c, parse.c, parse.lex,
+ parse.yacc, sudo.c: updated version number and took out jeff's
+ email (since it is invalid)
+
+1993-10-28 09:36 millert
+
+ * check.c: added fflush()
+
+1993-10-22 20:46 millert
+
+ * find_path.c: now return NULL instead pfof exiting for
+ nopnn-fatal errors
+
+1993-10-21 16:57 millert
+
+ * check.c: new banner
+
+1993-10-21 16:42 millert
+
+ * parse.lex: now sudo.h gets included first
+
+1993-10-17 20:31 millert
+
+ * parse.lex: now can use flex
+
+1993-10-17 20:31 millert
+
+ * sudo.h: linux patch
+
+1993-10-17 20:30 millert
+
+ * sudo.c: hpux 9 fix, removes SHLIB_PATH linux patch
+
+1993-10-17 20:30 millert
+
+ * check.c: linux diff
+
+1993-10-15 16:03 millert
+
+ * find_path.c: stat now ignores EINVAL
+
+1993-10-05 21:48 millert
+
+ * find_path.c, sudo.c: now declare strdup as extern
+
+1993-10-04 15:23 millert
+
+ * visudo.c: reformatted with indent + by hand
+
+1993-10-04 15:10 millert
+
+ * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c,
+ sudo.h: used indent to "fix" coding style
+
+1993-10-03 20:12 millert
+
+ * find_path.c: now checks '.' or '.' or '' in PATH -- but does it
+ LAST should maybe move the code that does this into the loop
+ body. makes it messier tho. hmmm.
+
+1993-09-08 11:53 millert
+
+ * find_path.c: redid the fix for non-executable files in an easier
+ to read way plus some minor aethetic changes
+
+1993-09-08 11:39 millert
+
+ * find_path.c: fixed bug with non-executable tings of same name in
+ path introduced by checkig errno after stat(2).
+
+1993-09-05 10:02 millert
+
+ * sudo.c: fixed off by one error
+
+1993-09-05 09:55 millert
+
+ * find_path.c: now handles decending below '/' correctly
+
+1993-09-05 08:35 millert
+
+ * sudo.c: now actually builds Envp instead of munging envp
+
+1993-09-04 15:42 millert
+
+ * parse.yacc: now includes sys/param.h
+
+1993-09-04 15:41 millert
+
+ * visudo.c: now includes sys/param.h
+
+1993-09-04 15:30 millert
+
+ * sudo.h: fixed ifndef -> ifdef
+
+1993-09-04 15:19 millert
+
+ * qualify.c: make more like find_path.c
+
+1993-09-04 15:18 millert
+
+ * find_path.c: rewritten by millert
+
+1993-09-04 15:17 millert
+
+ * sudo.h: fixed MAXCOMMANDLENGTH now uses USE_CWD and NEED_STRDUP
+ added info about new defines in the comment
+
+1993-09-04 15:15 millert
+
+ * logging.c: now uses USE_CWD
+
+1993-09-04 14:10 millert
+
+ * sudo.h: added delc for clean_envp() and Envp
+
+1993-09-04 14:09 millert
+
+ * sudo.c: now rips LD_* env vars out of envp and passed sanitized
+ Envp to exec
+
+1993-09-04 14:09 millert
+
+ * logging.c: now uses execve()
+
+1993-09-04 14:08 millert
+
+ * find_path.c: ENOTDIR is ok now too (in case part of the path is
+ bogus)
+
+1993-09-04 08:17 millert
+
+ * qualify.c: now works correctly (ttaltotal rewrite)
+
+1993-09-04 07:59 millert
+
+ * parse.lex: now includes sys/param.h didn't match trailing / --
+ fix from rouilj@cs.umb.edu
+
+1993-06-11 18:04 millert
+
+ * sudo.c: moved around the #ifndef _AIX
+
+1993-06-11 18:03 millert
+
+ * check.c, logging.c, parse.c: Initial revision
+
+1993-03-20 07:57 millert
+
+ * qualify.c: Initial revision
+
+1993-03-13 15:09 millert
+
+ * find_path.c: now works if you do sudo bin/test
+
+1993-03-13 14:20 millert
+
+ * find_path.c: works
+
+1993-03-02 18:28 millert
+
+ * sudo.h: Initial revision
+
+1993-03-02 11:35 millert
+
+ * visudo.c: Initial revision
+
+1993-03-02 11:32 millert
+
+ * parse.lex, parse.yacc: Initial revision
+
+1993-02-16 13:24 millert
+
+ * sudo.c: took out errno.h
+
+1993-02-16 13:22 millert
+
+ * sudo.c: now spews error if exec fails and exits with -1
+
+1993-02-16 12:07 millert
+
+ * sudo.c: Initial revision
+
+1993-02-15 22:27 millert
+
+ * find_path.c: now only execs files with (an) executable bit set.
+
+1993-02-15 22:01 millert
+
+ * find_path.c: Initial revision
+
+1993-02-15 14:32 millert
+
+ * getpass.c: added nice comment
+
+1993-02-15 14:19 millert
+
+ * getpass.c: now works on sgi's
+
+1993-02-15 13:57 millert
+
+ * getpass.c: Initial revision
+
diff --git a/usr.bin/sudo/HISTORY b/usr.bin/sudo/HISTORY
index 17d0b79416a..f9a12b2c38a 100644
--- a/usr.bin/sudo/HISTORY
+++ b/usr.bin/sudo/HISTORY
@@ -1,47 +1,49 @@
-A Brief history of sudo(8):
-
-Sudo was first conceived and implemented by Bob Coggeshall and Cliff
-Spencer around 1980 at the Department of Computer Science at
-SUNY/Buffalo. It ran on a VAX-11/750 running 4.1BSD. An updated
-version, credited to Phil Betchel, Cliff Spencer, Gretchen Phillips,
-John LoVerso and Don Gworek, was posted to the net.sources newsgroup
-in December of 1985.
-
-In the Summer of 1986, Garth Snyder released an enhanced version
-of sudo. For the next 5 years, sudo was fed and watered by a handful
-of folks at CU-Boulder, including Bob Coggeshall, Bob Manchek, and
-Trent Hein.
-
-In 1991, Dave Hieb and Jeff Nieusma wrote a new version of sudo
-with an enhanced sudoers format under contract to a consulting firm
-called "The Root Group". This version was later released under the
-GNU public license.
-
-In 1994, after maintaining sudo informally within CU-Boulder for
-some time, Todd Miller made a public release of "CU sudo" (version
-1.3) with bug fixes and support for more operating systems. The
-"CU" was added to differentiate it from the "official" version from
-"The Root Group".
-
-In 1996, Todd, who had been maintaining sudo for several years in
-his spare time, brought sudo development under the umbrella of his
-consulting firm, Courtesan Consulting. Courtesan remains committed
-to a free sudo and is sponsoring another sudo rewrite as well as
-continued development of the sudo 1.x code base.
-
-In 1999, the "CU" prefix was dropped from the name since there has
-been no formal release of sudo from "The Root Group" since 1991
-(the original authors now work elsewhere). As of version 1.6, Sudo
-no longer contains any of the original "Root Group" code and is
-available under an ISC-style license.
-
-In 2004, Todd incorporated as GratiSoft, Inc. to provide commercial
-support and enhancements to the sudo community.
-
-In 2005, GratiSoft was put on hold.
+A brief history of sudo:
+
+Sudo was first conceived and implemented by Bob Coggeshall and Cliff Spencer
+around 1980 at the Department of Computer Science at SUNY/Buffalo. It ran on
+a VAX-11/750 running 4.1BSD. An updated version, credited to Phil Betchel,
+Cliff Spencer, Gretchen Phillips, John LoVerso and Don Gworek, was posted to
+the net.sources Usenet newsgroup in December of 1985.
+
+In the Summer of 1986, Garth Snyder released an enhanced version of sudo.
+For the next 5 years, sudo was fed and watered by a handful of folks at
+CU-Boulder, including Bob Coggeshall, Bob Manchek, and Trent Hein.
+
+In 1991, Dave Hieb and Jeff Nieusma wrote a new version of sudo with an
+enhanced sudoers format under contract to a consulting firm called "The Root
+Group". This version was later released under the GNU public license.
+
+In 1994, after maintaining sudo informally within CU-Boulder for some time,
+Todd Miller made a public release of "CU sudo" (version 1.3) with bug fixes
+and support for more operating systems. The "CU" was added to differentiate
+it from the "official" version from "The Root Group".
+
+In 1995, a new parser for the sudoers file was contributed by Chris Jepeway.
+The new parser was a proper grammar (unlike the old one) and could work with
+both sudo and visudo (previously they had slightly different parsers).
+
+In 1996, Todd, who had been maintaining sudo for several years in his spare
+time, moved distribution of sudo from a CU-Boulder ftp site to his domain,
+courtesan.com.
+
+In 1999, the "CU" prefix was dropped from the name since there has been no
+formal release of sudo from "The Root Group" since 1991 (the original
+authors now work elsewhere). As of version 1.6, Sudo no longer contains any
+of the original "Root Group" code and is available under an ISC-style
+license.
+
+In 2001, the sudo web site, ftp site and mailing lists were moved from
+courtesan.com to the sudo.ws domain (sudo.org was already taken).
+
+In 2005, Todd rewrote the sudoers parser to better support the features that
+had been added in the past ten years. This new parser removes some
+limitations of the previous one, removes ordering constraints and adds
+support for including multiple sudoers files.
sudo, in its current form, is maintained by:
- Todd Miller <Todd.Miller@courtesan.com>
+ Todd Miller <Todd.Miller@courtesan.com>
Todd continues to enhance sudo and fix bugs.
+
diff --git a/usr.bin/sudo/INSTALL b/usr.bin/sudo/INSTALL
index 1692887912e..2ffb8f214b1 100644
--- a/usr.bin/sudo/INSTALL
+++ b/usr.bin/sudo/INSTALL
@@ -1,5 +1,5 @@
-Installation instructions for Sudo 1.6.9
-========================================
+Installation instructions for Sudo 1.7
+======================================
Sudo uses a `configure' script to probe the capabilities and type
of the system in question. In this release, `configure' takes many
@@ -189,6 +189,12 @@ Special features/options:
this file instead of /etc/ldap.secret to read the secret password
when rootbinddn is specified in the ldap config file.
+ --with-nsswitch[=filename]
+ Path to nsswitch.conf or "no" to disable nsswitch support.
+ If specified, sudo uses this file instead of /etc/nsswitch.conf.
+ If nsswitch is disabled but LDAP is enabled, sudo will check
+ LDAP first, then the sudoers file.
+
--with-aixauth
Enable support for the AIX 4.x general authentication function.
This will use the authentication scheme specified for the user
@@ -200,7 +206,7 @@ Special features/options:
Linux, Solaris and HP-UX (version 11 and higher).
NOTE: on RedHat Linux and Fedora you *must* have an /etc/pam.d/sudo
- file installed. You may either use the sample.pam file included with
+ file install. You may either use the sample.pam file included with
sudo or use /etc/pam.d/su as a reference. The sample.pam file
included with sudo may or may not work with other Linux distributions.
On Solaris and HP-UX 11 systems you should check (and understand)
@@ -228,10 +234,6 @@ Special features/options:
unless the 'use_loginclass' option is defined in sudoers or the user
specifies a class on the command line.
- --with-project
- Enable support for Solaris project resource limits.
- This option is only available on Solaris 9 and above.
-
--with-bsdauth
Enable support for BSD authentication. This is the default
for BSD/OS and OpenBSD systems that support it.
@@ -241,6 +243,10 @@ Special features/options:
is supported. If you don't have /usr/include/bsd_auth.h
then you cannot use this.
+ --with-project
+ Enable support for Solaris project resource limits.
+ This option is only available on Solaris 9 and above.
+
--with-noexec[=PATH]
Enable support for the "noexec" functionality which prevents
a dynamically-linked program being run by sudo from executing
@@ -522,6 +528,13 @@ The following options are also configurable at runtime:
option. visudo will then only use the VISUAL or EDITOR variables
if they match a value specified via --with-editor.
+ --with-askpass=PATH
+ Set PATH as the "askpass" program to use when no tty is
+ available. Typically, this is a graphical password prompter,
+ similar to the one used by ssh. The program must take a
+ prompt as an argument and print the received password to
+ the standard output.
+
--disable-authentication
By default, sudo requires the user to authenticate via a
password or similar means. This options causes sudo to
@@ -533,6 +546,13 @@ The following options are also configurable at runtime:
"chaining" sudo commands to get a root shell by doing something
like "sudo sudo /bin/sh".
+ --enable-gss-krb5-ccache-name
+ Use the gss_krb5_ccache_name() function to set the Kerberos
+ V credential cache file name. By default, sudo will use
+ the KRB5CCNAME environment variable to set this. While
+ gss_krb5_ccache_name() provides a better API to do this it
+ is not supported by all Kerberos V and SASL combinations.
+
--enable-log-host
Log the hostname in the log file.
@@ -702,6 +722,11 @@ HP-UX:
noexec to work. Binary packages of gcc are available from
http://hpux.connect.org.uk/ and http://hpux.cs.utah.edu/.
+ To prevent PAM from overriding the value of umask on HP-UX 11,
+ you will need to add a line like the following to /etc/pam.conf:
+
+ sudo session required libpam_hpsec.so.1 bypass_umask
+
SunOS 4.x:
The /bin/sh shipped with SunOS blows up while running configure.
You can work around this by installalling bash or zsh. If you
diff --git a/usr.bin/sudo/LICENSE b/usr.bin/sudo/LICENSE
index 69266beec3e..786b7a096ee 100644
--- a/usr.bin/sudo/LICENSE
+++ b/usr.bin/sudo/LICENSE
@@ -1,6 +1,7 @@
Sudo is distributed under the following ISC-style license:
- Copyright (c) 1994-1996,1998-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ Copyright (c) 1994-1996, 1998-2008
+ Todd C. Miller <Todd.Miller@courtesan.com>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
@@ -18,11 +19,11 @@ Sudo is distributed under the following ISC-style license:
Agency (DARPA) and Air Force Research Laboratory, Air Force
Materiel Command, USAF, under agreement number F39502-99-1-0512.
-Additionally, fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h, mkstemp.c
-and snprintf.c bear the following UCB license:
+Additionally, fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h and snprintf.c
+bear the following UCB license:
Copyright (c) 1987, 1989, 1990, 1991, 1992, 1993, 1994
- The Regents of the University of California. All rights reserved.
+ The Regents of the University of California. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
diff --git a/usr.bin/sudo/Makefile.in b/usr.bin/sudo/Makefile.in
index 1650803fe2a..264f4e0d5c6 100644
--- a/usr.bin/sudo/Makefile.in
+++ b/usr.bin/sudo/Makefile.in
@@ -1,5 +1,6 @@
#
-# Copyright (c) 1996, 1998-2007 Todd C. Miller <Todd.Miller@courtesan.com>
+# Copyright (c) 1996, 1998-2005, 2007-2008
+# Todd C. Miller <Todd.Miller@courtesan.com>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@@ -20,21 +21,21 @@
#
# @configure_input@
#
-# $Sudo: Makefile.in,v 1.246.2.32 2008/06/22 20:29:03 millert Exp $
+# $Sudo: Makefile.in,v 1.325 2008/11/03 18:19:14 millert Exp $
#
#### Start of system configuration section. ####
srcdir = @srcdir@
+devdir = @devdir@
authdir = $(srcdir)/auth
top_builddir = .
-VPATH = @srcdir@
# Compiler & tools to use
CC = @CC@
LEX = flex
YACC = @YACC@
-NROFF = nroff
+NROFF = nroff -Tascii
LIBTOOL = @LIBTOOL@
# Our install program supports extra flags...
@@ -61,11 +62,11 @@ exec_prefix = @exec_prefix@
bindir = @bindir@
sbindir = @sbindir@
sysconfdir = @sysconfdir@
+libexecdir = @libexecdir@
+datarootdir = @datarootdir@
mandir = @mandir@
noexecfile = @NOEXECFILE@
noexecdir = @NOEXECDIR@
-libexecdir = @libexecdir@
-datarootdir = @datarootdir@
# Directory in which to install sudo.
sudodir = $(bindir)
@@ -93,7 +94,7 @@ sudoers_gid = @SUDOERS_GID@
sudoers_mode = @SUDOERS_MODE@
# Pass in paths and uid/gid + OS dependent defined
-DEFS = @OSDEFS@ -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -D_PATH_SUDOERS_TMP=\"$(sudoersdir)/sudoers.tmp\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode)
+DEFS = @OSDEFS@ -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode)
#### End of system configuration section. ####
@@ -101,60 +102,68 @@ SHELL = /bin/sh
PROGS = @PROGS@
-SRCS = alloc.c alloca.c check.c closefrom.c def_data.c defaults.c env.c err.c \
- fileops.c find_path.c fnmatch.c getcwd.c getprogname.c getspwuid.c \
- gettime.c glob.c goodpath.c interfaces.c ldap.c lex.yy.c lsearch.c \
- logging.c memrchr.c mkstemp.c parse.c parse.lex parse.yacc set_perms.c \
- sigaction.c snprintf.c strcasecmp.c strerror.c strlcat.c strlcpy.c \
- sudo.c sudo_noexec.c sudo.tab.c sudo_edit.c testsudoers.c tgetpass.c \
- utimes.c visudo.c zero_bytes.c selinux.c sesh.c $(AUTH_SRCS)
+SRCS = aix.c alias.c alloc.c check.c closefrom.c def_data.c defaults.c env.c \
+ error.c fileops.c find_path.c fnmatch.c getcwd.c getprogname.c \
+ getspwuid.c gettime.c glob.c goodpath.c gram.c gram.y interfaces.c \
+ isblank.c lbuf.c ldap.c list.c logging.c match.c mkstemp.c memrchr.c \
+ parse.c pwutil.c set_perms.c sigaction.c snprintf.c strcasecmp.c \
+ strerror.c strlcat.c strlcpy.c sudo.c sudo_noexec.c sudo_edit.c \
+ sudo_nss.c testsudoers.c tgetpass.c toke.c toke.l tsgetgrpw.c utimes.c \
+ visudo.c zero_bytes.c redblack.c selinux.c sesh.c $(AUTH_SRCS)
AUTH_SRCS = auth/afs.c auth/aix_auth.c auth/bsdauth.c auth/dce.c auth/fwtk.c \
auth/kerb4.c auth/kerb5.c auth/pam.c auth/passwd.c auth/rfc1938.c \
auth/secureware.c auth/securid.c auth/securid5.c auth/sia.c \
auth/sudo_auth.c
-HDRS = compat.h def_data.h defaults.h ins_2001.h ins_classic.h ins_csops.h \
- ins_goons.h insults.h interfaces.h logging.h parse.h sudo.h sudo.tab.h \
- version.h auth/sudo_auth.h emul/err.h emul/fnmatch.h emul/search.h \
- emul/utime.h emul/glob.h emul/timespec.h
+HDRS = compat.h def_data.h defaults.h error.h ins_2001.h ins_classic.h \
+ ins_csops.h ins_goons.h insults.h interfaces.h lbuf.h list.h \
+ logging.h parse.h sudo.h sudo_nss.h gram.h version.h auth/sudo_auth.h \
+ emul/charclass.h emul/fnmatch.h emul/glob.h emul/timespec.h \
+ emul/utime.h redblack.h
AUTH_OBJS = sudo_auth.o @AUTH_OBJS@
-PARSEOBJS = sudo.tab.o lex.yy.o alloc.o defaults.o
+# Note: gram.o must come first here
+COMMON_OBJS = gram.o alias.o alloc.o defaults.o error.o list.o match.o \
+ toke.o redblack.o zero_bytes.o
-SUDOBJS = check.o env.o getspwuid.o gettime.o goodpath.o fileops.o find_path.o \
- interfaces.o logging.o parse.o set_perms.o sudo.o sudo_edit.o \
- tgetpass.o zero_bytes.o @SUDO_OBJS@ $(AUTH_OBJS) $(PARSEOBJS)
+SUDO_OBJS = $(COMMON_OBJS) $(AUTH_OBJS) @SUDO_OBJS@ check.o env.o \
+ getspwuid.o gettime.o goodpath.o fileops.o find_path.o \
+ interfaces.o lbuf.o logging.o parse.o pwutil.o set_perms.o \
+ sudo.o sudo_edit.o sudo_nss.o tgetpass.o
-VISUDOBJS = visudo.o fileops.o gettime.o goodpath.o find_path.o $(PARSEOBJS)
+VISUDO_OBJS = $(COMMON_OBJS) visudo.o fileops.o gettime.o goodpath.o \
+ find_path.o pwutil.o
-TESTOBJS = interfaces.o testsudoers.o $(PARSEOBJS)
+TEST_OBJS = $(COMMON_OBJS) interfaces.o testsudoers.o tsgetgrpw.o tspwutil.o
-LIBOBJS = @LIBOBJS@ @ALLOCA@
+LIB_OBJS = @LIBOBJS@
-VERSION = 1.6.9p17
+VERSION = 1.7.0
-DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \
- LICENSE Makefile.in PORTING README README.LDAP \
- TROUBLESHOOTING UPGRADE aclocal.m4 acsite.m4 aixcrypt.exp \
- config.guess config.h.in config.sub configure configure.in \
- def_data.in fnmatch.3 indent.pro install-sh ltmain.sh \
- mkdefaults mkinstalldirs pathnames.h.in sample.pam \
- sample.syslog.conf sample.sudoers schema.OpenLDAP \
- schema.iPlanet sudo.cat sudo.man.in sudo.pod sudoers \
- sudoers.cat sudoers.man.in sudoers.pod sudoers2ldif \
- visudo.cat visudo.man.in visudo.pod auth/API
+DISTFILES = $(SRCS) $(HDRS) ChangeLog HISTORY INSTALL INSTALL.configure \
+ LICENSE Makefile.in PORTING README README.LDAP TROUBLESHOOTING \
+ UPGRADE WHATSNEW aclocal.m4 acsite.m4 aixcrypt.exp config.guess \
+ config.h.in config.sub configure configure.in def_data.in \
+ indent.pro install-sh ltmain.sh mkdefaults mkinstalldirs \
+ pathnames.h.in sample.pam sample.syslog.conf sample.sudoers \
+ schema.ActiveDirectory schema.OpenLDAP schema.iPlanet sudo.cat \
+ sudo.man.in sudo.pod sudo.psf sudo_usage.h.in sudoers sudoers.cat \
+ sudoers.man.in sudoers.pod sudoers.ldap.cat sudoers.ldap.man.in \
+ sudoers.ldap.pod sudoers2ldif visudo.cat visudo.man.in visudo.pod \
+ auth/API
-BINFILES= BUGS CHANGES HISTORY LICENSE README TROUBLESHOOTING \
+BINFILES= ChangeLog HISTORY LICENSE README TROUBLESHOOTING \
UPGRADE install-sh mkinstalldirs sample.syslog.conf sample.sudoers \
sudo sudo.cat sudo.man sudo.pod sudoers sudoers.cat sudoers.man \
sudoers.pod visudo visudo.cat visudo.man visudo.pod
-BINSPECIAL= INSTALL.binary Makefile.binary libtool
+BINSPECIAL= INSTALL.binary Makefile.binary.in libtool
SUDODEP = $(srcdir)/sudo.h $(srcdir)/compat.h $(srcdir)/defaults.h \
- $(srcdir)/logging.h config.h def_data.h pathnames.h
+ $(srcdir)/error.h $(srcdir)/list.h $(srcdir)/logging.h \
+ $(srcdir)/sudo_nss.h $(devdir)/def_data.h pathnames.h config.h
AUTHDEP = $(SUDODEP) $(authdir)/sudo_auth.h
@@ -163,7 +172,7 @@ INSDEP = $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \
all: $(PROGS)
-.SUFFIXES: .o .c .h .lex .yacc .man .cat .lo
+.SUFFIXES: .o .c .h .l .y .man .cat .lo
.c.o:
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $<
@@ -173,16 +182,16 @@ all: $(PROGS)
.man.cat:
@rm -f $(srcdir)/$@
- $(NROFF) -man $< > $(srcdir)/$@
+ sed '1s/^/.if n .ll 78n/' $< | $(NROFF) -man > $(srcdir)/$@
-sudo: $(SUDOBJS) $(LIBOBJS)
- $(CC) -o $@ $(SUDOBJS) $(LIBOBJS) $(SUDO_LDFLAGS) $(SUDO_LIBS)
+sudo: $(SUDO_OBJS) $(LIB_OBJS)
+ $(CC) -o $@ $(SUDO_OBJS) $(LIB_OBJS) $(SUDO_LDFLAGS) $(SUDO_LIBS)
-visudo: $(VISUDOBJS) $(LIBOBJS)
- $(CC) -o $@ $(VISUDOBJS) $(LIBOBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS)
+visudo: $(VISUDO_OBJS) $(LIB_OBJS)
+ $(CC) -o $@ $(VISUDO_OBJS) $(LIB_OBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS)
-testsudoers: $(TESTOBJS) $(LIBOBJS)
- $(CC) -o $@ $(TESTOBJS) $(LIBOBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS)
+testsudoers: $(TEST_OBJS) $(LIB_OBJS)
+ $(CC) -o $@ $(TEST_OBJS) $(LIB_OBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS)
sudo_noexec.lo: $(srcdir)/sudo_noexec.c
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
@@ -191,61 +200,129 @@ sudo_noexec.la: sudo_noexec.lo
$(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir)
# Uncomment the following if you want "make distclean" to clean the parser
-@DEV@PARSESRCS = sudo.tab.h sudo.tab.c lex.yy.c def_data.c def_data.h
+@DEV@GENERATED = gram.h gram.c toke.c def_data.c def_data.h
-# Uncomment the following if you intend to modify parse.yacc
-@DEV@sudo.tab.c sudo.tab.h: parse.yacc
-@DEV@ rm -f sudo.tab.h sudo.tab.c
-@DEV@ $(YACC) -d -b sudo $(srcdir)/parse.yacc
+# Uncomment the lines before -@true if you intend to modify gram.y
+$(devdir)/gram.c: $(srcdir)/gram.y
+@DEV@ $(YACC) -d $(srcdir)/gram.y
+@DEV@ mv -f y.tab.c gram.c
+@DEV@ if cmp -s y.tab.h gram.h; then rm -f y.tab.h; else mv -f y.tab.h gram.h; fi
+ -@true
-# Uncomment the following if you intend to modify parse.lex
-@DEV@lex.yy.c: parse.lex
-@DEV@ rm -f lex.yy.c
-@DEV@ $(LEX) $(srcdir)/parse.lex
+# Uncomment the lines before -@true if you intend to modify toke.l
+$(devdir)/toke.c: $(srcdir)/toke.l
+@DEV@ $(LEX) $(srcdir)/toke.l
+@DEV@ mv -f lex.yy.c toke.c
+ -@true
# Uncomment the following if you intend to modify def_data.in
-@DEV@def_data.h def_data.c: def_data.in
+@DEV@$(devdir)/def_data.h $(devdir)/def_data.c: $(srcdir)/def_data.in
@DEV@ perl $(srcdir)/mkdefaults -o def_data $(srcdir)/def_data.in
# Dependencies (not counting auth functions)
-alloc.o: alloc.c $(SUDODEP)
-check.o: check.c $(SUDODEP)
-closefrom.o: closefrom.c config.h
-env.o: env.c $(SUDODEP)
-err.o: err.c config.h compat.h emul/err.h
-fileops.o: fileops.c $(SUDODEP)
-find_path.o: find_path.c $(SUDODEP)
-getprogname.o: getprogname.c config.h
-getspwuid.o: getspwuid.c $(SUDODEP)
-goodpath.o: goodpath.c $(SUDODEP)
-logging.o: logging.c $(SUDODEP)
-set_perms.o: set_perms.c $(SUDODEP)
-tgetpass.o: tgetpass.c $(SUDODEP)
-visudo.o: visudo.c $(SUDODEP) version.h
-sudo.o: sudo.c $(SUDODEP) interfaces.h version.h
-interfaces.o: interfaces.c $(SUDODEP) interfaces.h
-testsudoers.o: testsudoers.c $(SUDODEP) parse.h interfaces.h
-parse.o: parse.c $(SUDODEP) parse.h interfaces.h
-lex.yy.o: lex.yy.c $(SUDODEP) parse.h sudo.tab.h
-sudo.tab.o: sudo.tab.c $(SUDODEP) parse.h sudo.tab.c sudo.tab.h
-defaults.o: defaults.c $(SUDODEP) def_data.c auth/sudo_auth.h
-fnmatch.o: fnmatch.c config.h compat.h emul/fnmatch.h
-getcwd.o: getcwd.c config.h compat.h
-glob.o: glob.c config.h compat.h emul/glob.h
-lsearch.o: lsearch.c config.h compat.h emul/search.h
-memrchr.o: memrchr.c config.h compat.h
-mkstemp.o: mkstemp.c config.h compat.h
-selinux.o: selinux.c $(SUDODEP)
-snprintf.o: snprintf.c config.h compat.h
-strcasecmp.o: strcasecmp.c config.h
-strlcat.o: strlcat.c config.h
-strlcpy.o: strlcpy.c config.h
-strerror.o: strerror.c config.h
-utime.o: utime.c config.h pathnames.h compat.h emul/utime.h
-ldap.o: ldap.c $(SUDODEP) parse.h
-sudo_edit.o: sudo_edit.c $(SUDODEP)
-
-# Authentication functions live in "auth" dir and so need extra care
+aix.o: $(srcdir)/aix.c
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/aix.c
+alias.o: $(srcdir)/alias.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/redblack.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alias.c
+alloc.o: $(srcdir)/alloc.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alloc.c
+check.o: $(srcdir)/check.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/check.c
+closefrom.o: $(srcdir)/closefrom.c config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/closefrom.c
+defaults.o: $(srcdir)/defaults.c $(SUDODEP) $(srcdir)/def_data.c $(authdir)/sudo_auth.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/defaults.c
+env.o: $(srcdir)/env.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/env.c
+error.o: $(srcdir)/error.c $(srcdir)/compat.h $(srcdir)/error.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/error.c
+fileops.o: $(srcdir)/fileops.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fileops.c
+find_path.o: $(srcdir)/find_path.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/find_path.c
+fnmatch.o: $(srcdir)/fnmatch.c $(srcdir)/emul/fnmatch.h $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fnmatch.c
+getcwd.o: $(srcdir)/getcwd.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getcwd.c
+getprogname.o: $(srcdir)/getprogname.c config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getprogname.c
+getspwuid.o: $(srcdir)/getspwuid.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getspwuid.c
+gettime.o: $(srcdir)/gettime.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/gettime.c
+glob.o: $(srcdir)/glob.c $(srcdir)/emul/glob.h $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/glob.c
+goodpath.o: $(srcdir)/goodpath.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/goodpath.c
+gram.o: $(devdir)/gram.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/gram.c
+interfaces.o: $(srcdir)/interfaces.c $(SUDODEP) $(srcdir)/interfaces.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/interfaces.c
+isblank.o: $(srcdir)/isblank.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/isblank.c
+lbuf.o: $(srcdir)/lbuf.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/lbuf.c
+ldap.o: $(srcdir)/ldap.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/ldap.c
+list.o: $(srcdir)/list.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/list.c
+logging.o: $(srcdir)/logging.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/logging.c
+match.o: $(srcdir)/match.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/match.c
+memrchr.o: $(srcdir)/memrchr.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/memrchr.c
+mkstemp.o: $(srcdir)/mkstemp.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/mkstemp.c
+parse.o: $(srcdir)/parse.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse.c
+pwutil.o: $(srcdir)/pwutil.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/pwutil.c
+redblack.o: $(srcdir)/redblack.c $(SUDODEP) $(srcdir)/redblack.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/redblack.c
+set_perms.o: $(srcdir)/set_perms.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/set_perms.c
+sigaction.o: $(srcdir)/sigaction.c $(srcdir)/compat.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sigaction.c
+snprintf.o: $(srcdir)/snprintf.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/snprintf.c
+strcasecmp.o: $(srcdir)/strcasecmp.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strcasecmp.c
+strerror.o: $(srcdir)/strerror.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strerror.c
+strlcat.o: $(srcdir)/strlcat.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcat.c
+strlcpy.o: $(srcdir)/strlcpy.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcpy.c
+selinux.o: $(srcdir)/selinux.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/selinux.c
+sudo.o: $(srcdir)/sudo.c $(SUDODEP) sudo_usage.h $(srcdir)/interfaces.h $(srcdir)/version.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo.c
+sudo_edit.o: $(srcdir)/sudo_edit.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_edit.c
+sudo_noexec.o: $(srcdir)/sudo_noexec.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
+sudo_nss.o: $(srcdir)/sudo_nss.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_nss.c
+testsudoers.o: $(srcdir)/testsudoers.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/testsudoers.c
+tgetpass.o: $(srcdir)/tgetpass.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tgetpass.c
+toke.o: $(devdir)/toke.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/toke.c
+tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tsgetgrpw.c
+utimes.o: $(srcdir)/utimes.c $(srcdir)/compat.h $(srcdir)/emul/utime.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/utimes.c
+visudo.o: $(srcdir)/visudo.c $(SUDODEP) $(srcdir)/version.h $(devdir)/gram.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/visudo.c
+zero_bytes.o: $(srcdir)/zero_bytes.c $(srcdir)/compat.h config.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/zero_bytes.c
+
+# Private copy of pwutil.o with MYPW defined for testsudoers
+tspwutil.o: $(srcdir)/pwutil.c $(SUDODEP)
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) -DMYPW -o tspwutil.o $(srcdir)/pwutil.c
+
sudo_auth.o: $(authdir)/sudo_auth.c $(AUTHDEP) $(INSDEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sudo_auth.c
afs.o: $(authdir)/afs.c $(AUTHDEP)
@@ -304,6 +381,24 @@ sudoers.man:: sudoers.man.in
sudoers.cat: sudoers.man
+sudoers.ldap.man.in: $(srcdir)/sudoers.ldap.pod
+ @rm -f $(srcdir)/$@
+ ( cd $(srcdir); mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' sudoers.ldap.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectform --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudoers.ldap.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" >> $@ )
+
+sudoers.ldap.man:: sudoers.ldap.man.in
+ CONFIG_FILES=$@ CONFIG_HEADERS= sh ./config.status
+
+sudoers.ldap.cat: sudoers.ldap.man
+
+@DEV@HISTORY: history.pod
+@DEV@ pod2text -l -i0 $> > $@
+@DEV@
+@DEV@LICENSE: license.pod
+@DEV@ pod2text -l -i0 $> | sed '1,2d' > $@
+
+ChangeLog:
+ cvs2cl --follow-only trunk
+
install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man
install-dirs:
@@ -333,27 +428,23 @@ install-man:
ln $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu)
$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu)
$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform)
+ @LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform)
@MAN_POSTINSTALL@
check:
@echo nothing to check
-tags: $(SRCS)
- ctags $(SRCS)
-
-TAGS: $(SRCS)
- etags $(SRCS)
-
clean:
- -rm -f *.o $(PROGS) testsudoers core sudo.core visudo.core \
+ -rm -f *.o *.lo $(PROGS) testsudoers core sudo.core visudo.core \
testsudoers.core
mostlyclean: clean
distclean: clean
-rm -rf Makefile pathnames.h config.h config.status config.cache \
- config.log libtool sudo_noexec.lo .libs $(PARSESRCS) \
- sudo.man sudoers.man visudo.man
+ config.log libtool sudo_noexec.lo .libs $(GENERATED) \
+ sudo.man sudoers.man sudoers.ldap.man visudo.man sudo_usage.h \
+ Makefile.binary
clobber: distclean
@@ -394,9 +485,43 @@ bindist:
fi ; \
cp $(srcdir)/INSTALL.binary $$tdir/INSTALL ; \
sh ./config.status --file=Makefile.binary && cp Makefile.binary $$tdir/Makefile ; \
- strip sudo ; \
- strip visudo ; \
+ strip $$tdir/sudo ; \
+ strip $$tdir/visudo ; \
cd tmp.$$ARCH && tar Ocf ../sudo-$(VERSION)-$$ARCH.tar sudo-$(VERSION) && cd .. ; \
- gzip --best sudo-$(VERSION)-$$ARCH.tar ; \
+ gzip -f --best sudo-$(VERSION)-$$ARCH.tar ; \
rm -rf tmp.$$ARCH ; \
)
+
+depot:
+ ( \
+ tdir=tmp.depot ; \
+ mkdir $$tdir ; \
+ for i in sudo visudo sudo.man visudo.man sudoers.man sudoers ChangeLog HISTORY LICENSE README TROUBLESHOOTING UPGRADE sample.syslog.conf sample.sudoers; do \
+ if [ -f $$i ]; then \
+ cp $$i $$tdir ; \
+ elif [ -f $(srcdir)/$$i ]; then \
+ cp $(srcdir)/$$i $$tdir ; \
+ else \
+ echo cannot find $$i ; \
+ exit 1 ; \
+ fi ; \
+ done ; \
+ if [ -f sudo_noexec.la ]; then \
+ cp libtool $$tdir ; \
+ $(LIBTOOL) --mode=install $(INSTALL) sudo_noexec.la `pwd`/$$tdir ; \
+ fi ; \
+ sed 's/@VERSION@/$(VERSION)/g' <$(srcdir)/sudo.psf >$$tdir/sudo.psf ; \
+ printf '#!/sbin/sh\nrm -f /usr/local/bin/sudoedit\nln /usr/local/bin/sudo /usr/local/bin/sudoedit\n' > $$tdir/sudo-exec.postinstall ; \
+ printf '#!/sbin/sh\nrm -f /usr/local/man/man1m/sudoedit.1m\nln /usr/local/man/man1m/sudo.1m /usr/local/man/man1m/sudoedit.1m\n' > $$tdir/sudo-man.postinstall ; \
+ printf '#!/sbin/sh\nif [ ! -s /etc/sudoers ]; then\n\techo installing /usr/local/doc/sudo/sudoers as /etc/sudoers\n\techo use /usr/local/sbin/visudo to configure sudo\n\tcp /usr/local/doc/sudo/sudoers /etc/sudoers\n\tchmod 440 /etc/sudoers\n\tchown root:root /etc/sudoers\nfi\n' > $$tdir/sudo-config.postinstall ; \
+ chmod 755 $$tdir/sudo-exec.postinstall $$tdir/sudo-man.postinstall $$tdir/sudo-config.postinstall ; \
+ strip $$tdir/sudo ; \
+ strip $$tdir/visudo ; \
+ cd $$tdir ; \
+ swpackage -x target_type=tape -d ../sudo-$(VERSION).depot -s sudo.psf ; \
+ cd .. ; \
+ gzip -f --best sudo-$(VERSION).depot; \
+ rm -rf tmp.depot ; \
+ )
+
+.PHONY: ChangeLog
diff --git a/usr.bin/sudo/README b/usr.bin/sudo/README
index 4986b56aaf2..301ca551758 100644
--- a/usr.bin/sudo/README
+++ b/usr.bin/sudo/README
@@ -1,4 +1,4 @@
-This is Sudo version 1.6.9
+This is Sudo version 1.7.0
The sudo philosophy
===================
@@ -80,15 +80,14 @@ for the appropriate links.
Web page
========
-There is a sudo `web page' at http://www.sudo.ws/sudo/
-that contains an overview of sudo as well as pointers to BETA versions
-and other useful info.
+There is a sudo web page at http://www.sudo.ws/sudo/ that contains
+an overview of sudo, documentation, downloads, information about
+beta versions and other useful info.
Bug reports
===========
-A list of known bugs may be found in the `BUGS' file. If you have
-found what you believe to be a bug, you can file a bug report with
-the sudo bug database, on at web at http://www.sudo.ws/bugs/.
+If you have found what you believe to be a bug, you can file a bug
+report with the sudo bug database, on at web at http://www.sudo.ws/bugs/.
Please read over the `TROUBLESHOOTING' file *before* submitting a
bug report. When reporting bugs, please be sure to include the
diff --git a/usr.bin/sudo/README.LDAP b/usr.bin/sudo/README.LDAP
index df4ad2107ec..85f05f54994 100644
--- a/usr.bin/sudo/README.LDAP
+++ b/usr.bin/sudo/README.LDAP
@@ -1,16 +1,27 @@
-This file explains how to use the optional LDAP functionality of SUDO to
+This file explains how to build the optional LDAP functionality of SUDO to
store /etc/sudoers information. This feature is distinct from LDAP passwords.
+For general sudo LDAP configuration details, see the sudoers.ldap manual that
+comes with the sudo distribution. A pre-formatted version of the manual may
+be found in the sudoers.ldap.cat file.
+
+The sudo binary compiled with LDAP support should be totally backward
+compatible and be syntactically and source code equivalent to its
+non LDAP-enabled build.
+
LDAP philosophy
===============
As times change and servers become cheap, an enterprise can easily have 500+
UNIX servers. Using LDAP to synchronize Users, Groups, Hosts, Mounts, and
others across an enterprise can greatly reduce the administrative overhead.
-Sudo in the past has only used a single local configuration file /etc/sudoers.
-Some have attempted to workaround this by synchronizing changes via
-RCS/CVS/RSYNC/RDIST/RCP/SCP and even NFS. Many have asked for a Hesiod, NIS,
-or LDAP patch for sudo, so here is my attempt at LDAP'izing sudo.
+In the past, sudo has used a single local configuration file, /etc/sudoers.
+While the same sudoers file can be shared among machines, no built-in
+mechanism exists to distribute it. Some have attempted to workaround this
+by synchronizing changes via CVS/RSYNC/RDIST/RCP/SCP and even NFS.
+
+By using LDAP for sudoers we gain a centrally administered, globally
+available configuration source for sudo.
For information on OpenLDAP, please see http://www.openldap.org/.
@@ -22,75 +33,6 @@ server, structure and contents.
Many times 'options' are used in this document to refer to sudoer 'defaults'.
They are one and the same.
-Design Features
-===============
-
- * Sudo no longer needs to read sudoers in its entirety. Parsing of
- /etc/sudoers requires the entire file to be read. The LDAP feature of sudo
- uses two (sometimes three) LDAP queries per invocation. It never reads all
- the sudoer entries in the LDAP store. This makes it especially fast and
- particularly usable in LDAP environments. The first query is to parse
- default options (see below). The second is to match against the username or
- groups a user belongs to. (The special ALL tag is matched in this query
- too.) If no match is made against the username, the third query pulls the
- entries that match against user netgroups to compare back to the user.
-
- * Sudo no longer blows up if there is a typo. Parsing of /etc/sudoers can
- still blow up when sudo is invoked. However when using the LDAP feature of
- sudo, LDAP syntax rules are applied before the data is uploaded into the
- LDAP server, so proper syntax is always guaranteed! One can of course still
- insert a bogus hostname or username, but sudo will not care.
-
- * Options inside of entries now override global default options.
- /etc/sudoers allowed for only default options and limited options associated
- with user/host/command aliases. The syntax can be difficult for the newbie.
- The LDAP feature attempts to simplify this and yet still provide maximum
- flexibility.
-
- Sudo first looks for an entry called 'cn=default' in the SUDOers container.
- If found, the multi-valued sudoOption attribute is parsed the same way the
- global 'Defaults' line in /etc/sudoers is parsed.
-
- If on the second or third query, a response contains a sudoRole which
- matches against the user, host, and command, then the matched object is
- scanned for a additional options to override the top-level defaults. See
- the example LDAP content below for more information.
-
- * Visudo is no longer needed. Visudo provides locking and syntax checking
- against the /etc/sudoers file. Since LDAP updates are atomic, locking is no
- longer necessary. Because syntax is checked when the data is inserted into
- LDAP, the sudoers syntax check becomes unnecessary.
-
- * Aliases are no longer needed. User, Host, and Command Aliases were setup
- to allow simplification and readability of the sudoers files. Since the
- LDAP sudoer entry allows multiple values for each of its attributes and
- since most LDAP browsers are graphical and easy to work with, original
- aliases are no longer needed.
-
- If you want to specify lots of users into an entry or want to have similar
- entries with identical users, then use either groups or user netgroups.
- Thats what groups and netgroups are for and Sudo handles this well.
- Alternately, one can just paste them all into the LDAP record.
-
- If you want to specify lots of hosts into an entry, use netgroups or IP
- address matches (10.2.3.4/255.255.0.0). Thats what netgroups are for and
- Sudo handles this well. Or just past them all into the LDAP record.
-
- If you want to specify lots of commands, use directories or wildcards, or
- just paste them all into LDAP. That's what it's for.
-
- * The /etc/sudoers file can be disabled. Paranoid security administrators
- can now disallow parsing of any local /etc/sudoers file by an LDAP
- sudoOption 'ignore_local_sudoers'. This way all sudoers can be controlled
- and audited in one place because local entries are not allowed.
- In fact, if this option is included in the cn=defaults object of LDAP,
- sudo won't even look for a /etc/sudoers file.
-
- * The sudo binary compiled with LDAP support should be totally backward
- compatible and be syntactically and source code equivalent to its non
- LDAP-enabled build.
-
-
Build instructions
==================
The most simplest way to build sudo with LDAP support is to include the
@@ -103,33 +45,56 @@ to specify them at configure time. E.g.
$ ./configure --with-ldap=/usr/local/ldapsdk
-Sudo is developed using OpenLDAP. Other LDAP implementations may
-require adding '-lldif' to SUDO_LIBS in the Makefile.
+Sudo is developed using OpenLDAP but Netscape-based LDAP libraries
+(such as those present in Solaris) are also known to work.
Your Mileage may vary. Please let the sudo workers mailing list
-<sudo-workers@sudo.ws> know what combinations worked best for your
-OS and LDAP Combinations so we can improve sudo.
-
-More Build Notes:
-HP-UX 11.23 (gcc3) Galen Johnson <Galen.Johnson@sas.com>
- CFLAGS="-D__10_10_compat_code" LDFLAGS="-L/opt/ldapux/lib"
+<sudo-workers@sudo.ws> know if special configuration was required
+to build an LDAP-enabled sudo so we can improve sudo.
Schema Changes
==============
-Add the appropriate schema to your LDAP server so that it may contain
-sudoers content.
+You must add the appropriate schema to your LDAP server before it
+can store sudoers content.
+
+For OpenLDAP, copy the file schema.OpenLDAP to the schema directory
+(e.g. /etc/openldap/schema). You must then edit your slapd.conf and
+add an include line the new schema, e.g.
+
+ # Sudo LDAP schema
+ include /etc/openldap/schema/sudo.schema
+
+In order for sudoRole LDAP queries to be efficient, the server must index
+the attribute 'sudoUser', e.g.
+
+ # Indices to maintain
+ index sudoUser eq
+
+After making the changes to slapd.conf, restart slapd.
-For OpenLDAP, simply copy schema.OpenLDAP to the schema directory
-(e.g. /etc/openldap/schema) and 'include' it in your slapd.conf and
-restart slapd. For other LDAP servers, provide this to your LDAP
-Administrator. Make sure to index the attribute 'sudoUser'.
+For Netscape-derived LDAP servers such as SunONE, iPlanet or Fedora Directory,
+copy the schema.iPlanet file to the schema directory with the name 99sudo.ldif.
-For netscape-derived LDAP servers such as SunONE, iPlanet or Fedora
-Directory, use the schema.iPlanet file.
+On Solaris, schemas are stored in /var/Sun/mps/slapd-`hostname`/config/schema/.
+For Fedora Directory Server, they are stored in /etc/dirsrv/schema/.
-Importing /etc/sudoers to LDAP
-==============================
-Importing is a two step process.
+After copying the schema file to the appropriate directory, restart
+the LDAP server.
+
+Finally, using an LDAP browser/editor, enable indexing by editing the
+client profile to provide a Service Search Descriptor (SSD) for sudoers,
+replacing example.com with your domain:
+
+ serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com
+
+If using an Active Directory server, copy schema.ActiveDirectory
+to your Windows domain controller and run the following command:
+
+ ldifde -i -f schema.ActiveDirectory -c dc=X dc=example,dc=com
+
+Importing /etc/sudoers into LDAP
+================================
+Importing sudoers is a two-step process.
Step 1:
Ask your LDAP Administrator where to create the ou=SUDOers container.
@@ -150,28 +115,12 @@ options.
# ./sudoers2ldif /etc/sudoers > /tmp/sudoers.ldif
Step 2:
-Import into your directory server. If you are using OpenLDAP, do the following
-if you are using another directory, provide the LDIF file to your LDAP
-Administrator. An example is shown below.
+Import into your directory server. The following example is for
+OpenLDAP. If you are using another directory, provide the LDIF
+file to your LDAP Administrator.
# ldapadd -f /tmp/sudoers.ldif -h ldapserver \
- > -D cn=Manager,dc=example,dc=com -W -x
-
-Example sudoers Entries in LDAP
-===============================
-The equivalent of a sudoer in LDAP is a 'sudoRole'. It contains sudoUser(s),
-sudoHost, sudoCommand and optional sudoOption(s) and sudoRunAs(s).
-
-The following example allows users in group wheel to run any
-command on any host through sudo:
-
-dn: cn=%wheel,ou=SUDOers,dc=example,dc=com
-objectClass: top
-objectClass: sudoRole
-cn: %wheel
-sudoUser: %wheel
-sudoHost: ALL
-sudoCommand: ALL
+ -D cn=Manager,dc=example,dc=com -W -x
Managing LDAP entries
=====================
@@ -198,168 +147,32 @@ I recommend using any of the following LDAP browsers to administer your SUDOers.
There are dozens of others, some Open Source, some free, some not.
-
-Configure your /etc/ldap.conf
-=============================
+Configure your /etc/ldap.conf and /etc/nsswitch.conf
+====================================================
The /etc/ldap.conf file is meant to be shared between sudo, pam_ldap, nss_ldap
and other ldap applications and modules. IBM Secureway unfortunately uses
the same filename but has a different syntax. If you need to rename where
this file is stored, re-run configure with the --with-ldap-conf-file=filename
option.
-Make sure you sudoers_base matches exactly with the location you specified
-when you imported the sudoers. Below is an example /etc/ldap.conf
-
- # Either specify one or more URIs or one or more host:port pairs.
- # If neither is specified sudo will default to localhost, port 389.
- #
- #host ldapserver
- #host ldapserver1 ldapserver2:390
- #
- # Default port if host is specified without one, defaults to 389.
- #port 389
- #
- # URI will override the host and port settings.
- uri ldap://ldapserver
- #uri ldaps://secureldapserver
- #uri ldaps://secureldapserver ldap://ldapserver
- #
- # The amount of time, in seconds, to wait while trying to connect to
- # an LDAP server.
- bind_timelimit 30
- #
- # The amount of time, in seconds, to wait while performing an LDAP query.
- timelimit 30
- #
- # must be set or sudo will ignore LDAP
- sudoers_base ou=SUDOers,dc=example,dc=com
- #
- # verbose sudoers matching from ldap
- #sudoers_debug 2
- #
- # optional proxy credentials
- #binddn <who to search as>
- #bindpw <password>
- #rootbinddn <who to search as, uses /etc/ldap.passwd for bindpw>
- #
- # LDAP protocol version, defaults to 3
- #ldap_version 3
- #
- # Define if you want to use an encrypted LDAP connection.
- # Typically, you must also set the port to 636 (ldaps).
- #ssl on
- #
- # Define if you want to use port 389 and switch to
- # encryption before the bind credentials are sent.
- # Only supported by LDAP servers that support the start_tls
- # extension such as OpenLDAP.
- #ssl start_tls
- #
- # Additional TLS options follow that allow tweaking of the
- # SSL/TLS connection.
- #
- #tls_checkpeer yes # verify server SSL certificate
- #tls_checkpeer no # ignore server SSL certificate
- #
- # If you enable tls_checkpeer, specify either tls_cacertfile
- # or tls_cacertdir. Only supported when using OpenLDAP.
- #
- #tls_cacertfile /etc/certs/trusted_signers.pem
- #tls_cacertdir /etc/certs
- #
- # For systems that don't have /dev/random
- # use this along with PRNGD or EGD.pl to seed the
- # random number pool to generate cryptographic session keys.
- # Only supported when using OpenLDAP.
- #
- #tls_randfile /etc/egd-pool
- #
- # You may restrict which ciphers are used. Consult your SSL
- # documentation for which options go here.
- # Only supported when using OpenLDAP.
- #
- #tls_ciphers <cipher-list>
- #
- # Sudo can provide a client certificate when communicating to
- # the LDAP server.
- # Tips:
- # * Enable both lines at the same time.
- # * Do not password protect the key file.
- # * Ensure the keyfile is only readable by root.
- #
- # For OpenLDAP:
- #tls_cert /etc/certs/client_cert.pem
- #tls_key /etc/certs/client_key.pem
- #
- # For SunONE or iPlanet LDAP, the file specified by tls_cert may
- # contain CA certs and/or the client's cert. If the client's
- # cert is included, tls_key should be specified as well.
- # For backward compatibility, sslpath may be used in place of tls_cert.
- #tls_cert /var/ldap/cert7.db
- #tls_key /var/ldap/key3.db
+See the "Configuring ldap.conf" section in the sudoers.ldap manual
+for a list of supported ldap.conf parameters and an example ldap.conf
+
+Make sure you sudoers_base matches the location you specified when you
+imported the sudoers ldif data.
+
+After configuring /etc/ldap.conf, you must add a line in /etc/nsswitch.conf
+to tell sudo to look in LDAP for sudoers. See the "Configuring nsswitch.conf"
+section in the sudoers.ldap manual for details. Note that sudo will use
+/etc/nsswitch.conf even if the underlying operating system does not support it.
+To disable nsswitch support, run configure with the --with-nsswitch=no option.
+This will cause sudo to consult LDAP first and /etc/sudoers second, unless the
+ignore_sudoers_file flag is set in the global LDAP options.
Debugging your LDAP configuration
=================================
Enable debugging if you believe sudo is not parsing LDAP the way you think it
-it should. A value of 1 shows moderate debugging. A value of 2 shows the
-results of the matches themselves. Make sure to set the value back to zero
-so that other users don't get confused by the debugging messages. This value
-is 'sudoers_debug' in the /etc/ldap.conf.
-
-Parsing Differences between /etc/sudoers and LDAP
-=================================================
-There are some subtle differences in the way sudoers is handled once in LDAP.
-Probably the biggest is that according to the RFC, LDAP's ordering is
-arbitrary and you cannot expect that Attributes & Entries are returned in
-any order. If there are conflicting command rules on an entry, the negative
-takes precedence. This is called paranoid behavior (not necessarily the
-most specific match).
-
-Here is an example:
-
- # /etc/sudoers:
- # Allow all commands except shell
- johnny ALL=(root) ALL,!/bin/sh
- # Always allows all commands because ALL is matched last
- puddles ALL=(root) !/bin/sh,ALL
-
- # LDAP equivalent of Johnny
- # Allows all commands except shell
- dn: cn=role1,ou=Sudoers,dc=my-domain,dc=com
- objectClass: sudoRole
- objectClass: top
- cn: role1
- sudoUser: johnny
- sudoHost: ALL
- sudoCommand: ALL
- sudoCommand: !/bin/sh
-
- # LDAP equivalent of Puddles
- # Notice that even though ALL comes last, it still behaves like
- # role1 since the LDAP code assumes the more paranoid configuration
- dn: cn=role2,ou=Sudoers,dc=my-domain,dc=com
- objectClass: sudoRole
- objectClass: top
- cn: role2
- sudoUser: puddles
- sudoHost: ALL
- sudoCommand: !/bin/sh
- sudoCommand: ALL
-
-Another difference is that negations on the Host, User or Runas are
-currently ignorred. For example, these attributes do not work how
-they first seem.
-
- # does not match all but joe
- # rather, does not match anyone
- sudoUser: !joe
-
- # does not match all but joe
- # rather, matches everyone including Joe
- sudoUser: ALL
- sudoUser: !joe
-
- # does not match all but web01
- # rather, matches all hosts including web01
- sudoHost: ALL
- sudoHost: !web01
+should. Setting the 'sudoers_debug' parameter to a value of 1 shows moderate
+debugging. A value of 2 shows the results of the matches themselves. Make
+sure to set the value back to zero so that other users don't get confused by
+the debugging messages.
diff --git a/usr.bin/sudo/TROUBLESHOOTING b/usr.bin/sudo/TROUBLESHOOTING
index 4bf571bf31d..a90b5eb9ff6 100644
--- a/usr.bin/sudo/TROUBLESHOOTING
+++ b/usr.bin/sudo/TROUBLESHOOTING
@@ -158,9 +158,12 @@ A) "cd" is a shell built-in command, you can't run it as a command
Q) When I try to use "cd" with sudo the command completes without
errors but nothing happens.
-A) Some SVR4-derived OS's include a /usr/bin/cd command for reasons
- unfathomable. A "cd" command is totally useless since a child process
- cannot affect the current working directory of the parent (your shell).
+A) Even though "cd" is a shell built-in command, some operating systems
+ include a /usr/bin/cd command for some reason. A standalone
+ "cd" command is totally useless since a child process (cd) cannot
+ affect the current working directory of the parent (your shell).
+ Thus, "sudo cd /foo" will start a child process, change the
+ directory and immediately exit without doing anything useful.
Q) When I run sudo it says I am not allowed to run the command as root
but I don't want to run it as root, I want to run it as another user.
diff --git a/usr.bin/sudo/UPGRADE b/usr.bin/sudo/UPGRADE
index 5d8591fa264..86e646f353b 100644
--- a/usr.bin/sudo/UPGRADE
+++ b/usr.bin/sudo/UPGRADE
@@ -1,6 +1,33 @@
Notes on upgrading from an older release
========================================
+o Upgrading from a version prior to 1.7.0:
+
+ Starting with sudo 1.7.0 comments in the sudoers file must not
+ have a digit or minus sign immediately after the comment character
+ ('#'). Otherwise, the comment may be interpreted as a user or
+ group ID.
+
+ When sudo is build with LDAP support the /etc/nsswitch.conf file is
+ now used to determine the sudoers seach order. sudo will default to
+ only using /etc/sudoers unless /etc/nsswitch.conf says otherwise.
+ This can be changed with an nsswitch.conf line, e.g.:
+ sudoers: ldap files
+ Would case LDAP to be searched first, then the sudoers file.
+ To restore the pre-1.7.0 behavior, run configure with the
+ --with-nsswitch=no flag.
+
+ Sudo now ignores user .ldaprc files as well as system LDAP defaults.
+ All LDAP configuration is now in /etc/ldap.conf (or whichever file
+ was specified by configure's --with-ldap-conf-file option).
+ If you are using TLS, you may now need to specify:
+ tls_checkpeer no
+ in sudo's ldap.conf unless ldap.conf references a valid certificate
+ authority file(s).
+
+ Please also see the WHATSNEW file for a list of new features in
+ sudo 1.7.0.
+
o Upgrading from a version prior to 1.6.9:
Starting with sudo 1.6.9, if an OS supports a modular authentication
diff --git a/usr.bin/sudo/WHATSNEW b/usr.bin/sudo/WHATSNEW
new file mode 100644
index 00000000000..2d36f065289
--- /dev/null
+++ b/usr.bin/sudo/WHATSNEW
@@ -0,0 +1,79 @@
+What's new in Sudo 1.7.0?
+
+ * Rewritten parser that converts sudoers into a set of data structures.
+ This eliminates a number of ordering issues and makes it possible to
+ apply sudoers Defaults entries before searching for the command.
+ It also adds support for per-command Defaults specifications.
+
+ * Sudoers now supports a #include facility to allow the inclusion of other
+ sudoers-format files.
+
+ * Sudo's -l (list) flag has been enhanced:
+ o applicable Defaults options are now listed
+ o a command argument can be specified for testing whether a user
+ may run a specific command.
+ o a new -U flag can be used in conjunction with "sudo -l" to allow
+ root (or a user with "sudo ALL") list another user's privileges.
+
+ * A new -g flag has been added to allow the user to specify a
+ primary group to run the command as. The sudoers syntax has been
+ extended to include a group section in the Runas specification.
+
+ * A uid may now be used anywhere a username is valid.
+
+ * The "secure_path" run-time Defaults option has been restored.
+
+ * Password and group data is now cached for fast lookups.
+
+ * The file descriptor at which sudo starts closing all open files is now
+ configurable via sudoers and, optionally, the command line.
+
+ * Visudo will now warn about aliases that are defined but not used.
+
+ * The -i and -s command line flags now take an optional command
+ to be run via the shell. Previously, the argument was passed
+ to the shell as a script to run.
+
+ * Improved LDAP support. SASL authentication may now be used in
+ conjunction when connecting to an LDAP server. The krb5_ccname
+ parameter in ldap.conf may be used to enable Kerberos.
+
+ * Support for /etc/nsswitch.conf. LDAP users may now use nsswitch.conf
+ to specify the sudoers order. E.g.:
+ sudoers: ldap files
+ to check LDAP, then /etc/sudoers. The default is "files", even
+ when LDAP support is compiled in. This differs from sudo 1.6
+ where LDAP was always consulted first.
+
+ * Support for /etc/environment on AIX and Linux. If sudo is run
+ with the -i flag, the contents of /etc/environment are used to
+ populate the new environment that is passed to the command being
+ run.
+
+ * If no terminal is available or if the new -A flag is specified,
+ sudo will use a helper program to read the password if one is
+ configured. Typically, this is a graphical password prompter
+ such as ssh-askpass.
+
+ * A new Defaults option, "mailfrom" that sets the value of the
+ "From:" field in the warning/error mail. If unspecified, the
+ login name of the invoking user is used.
+
+ * A new Defaults option, "env_file" that refers to a file containing
+ environment variables to be set in the command being run.
+
+ * A new flag, -n, may be used to indicate that sudo should not
+ prompt the user for a password and, instead, exit with an error
+ if authentication is required.
+
+ * If sudo needs to prompt for a password and it is unable to disable
+ echo (and no askpass program is defined), it will refuse to run
+ unless the "visiblepw" Defaults option has been specified.
+
+ * Prior to version 1.7.0, hitting enter/return at the Password: prompt
+ would exit sudo. In sudo 1.7.0 and beyond, this is treated as
+ an empty password. To exit sudo, the user must press ^C or ^D
+ at the prompt.
+
+ * visudo will now check the sudoers file owner and mode in -c (check)
+ mode when the -s (strict) flag is specified.
diff --git a/usr.bin/sudo/aclocal.m4 b/usr.bin/sudo/aclocal.m4
index b751eeb8fcd..13089f09012 100644
--- a/usr.bin/sudo/aclocal.m4
+++ b/usr.bin/sudo/aclocal.m4
@@ -1,6 +1,6 @@
dnl Local m4 macros for autoconf (used by sudo)
dnl
-dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller <Todd.Miller@courtesan.com>
+dnl Copyright (c) 1994-1996,1998-2004 Todd C. Miller <Todd.Miller@courtesan.com>
dnl
dnl XXX - should cache values in all cases!!!
dnl
@@ -156,15 +156,6 @@ fi
])dnl
dnl
-dnl check for fullly working void
-dnl
-AC_DEFUN(SUDO_FULL_VOID, [AC_MSG_CHECKING(for full void implementation)
-AC_TRY_COMPILE(, [void *foo;
-foo = (void *)0; (void *)"test";], AC_DEFINE(VOID, void, [Define to "void" if your compiler supports void pointers, else use "char"].)
-AC_MSG_RESULT(yes), AC_DEFINE(VOID, char)
-AC_MSG_RESULT(no))])
-
-dnl
dnl SUDO_CHECK_TYPE(TYPE, DEFAULT)
dnl XXX - should require the check for unistd.h...
dnl
@@ -234,6 +225,8 @@ AC_DEFUN([SUDO_FUNC_ISBLANK],
] [
if test "$sudo_cv_func_isblank" = "yes"; then
AC_DEFINE(HAVE_ISBLANK, 1, [Define if you have isblank(3).])
+ else
+ AC_LIBOBJ(isblank)
fi
])