diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2008-11-14 11:53:06 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2008-11-14 11:53:06 +0000 |
commit | b947682bc3ae9dc4a24d5a2c48e88d01ecd53b63 (patch) | |
tree | 084f0d9987add8957f47160e5062ea92eef24212 /usr.bin/sudo | |
parent | 19f20a11ef755ae1d9563a8f8b9a21fd67ba44ec (diff) |
Upgrade to sudo 1.7. See the WHATSNEW files for details.
Diffstat (limited to 'usr.bin/sudo')
-rw-r--r-- | usr.bin/sudo/BUGS | 25 | ||||
-rw-r--r-- | usr.bin/sudo/CHANGES | 2117 | ||||
-rw-r--r-- | usr.bin/sudo/ChangeLog | 19479 | ||||
-rw-r--r-- | usr.bin/sudo/HISTORY | 86 | ||||
-rw-r--r-- | usr.bin/sudo/INSTALL | 39 | ||||
-rw-r--r-- | usr.bin/sudo/LICENSE | 9 | ||||
-rw-r--r-- | usr.bin/sudo/Makefile.in | 339 | ||||
-rw-r--r-- | usr.bin/sudo/README | 13 | ||||
-rw-r--r-- | usr.bin/sudo/README.LDAP | 349 | ||||
-rw-r--r-- | usr.bin/sudo/TROUBLESHOOTING | 9 | ||||
-rw-r--r-- | usr.bin/sudo/UPGRADE | 27 | ||||
-rw-r--r-- | usr.bin/sudo/WHATSNEW | 79 | ||||
-rw-r--r-- | usr.bin/sudo/aclocal.m4 | 13 |
13 files changed, 19994 insertions, 2590 deletions
diff --git a/usr.bin/sudo/BUGS b/usr.bin/sudo/BUGS deleted file mode 100644 index 67b07979448..00000000000 --- a/usr.bin/sudo/BUGS +++ /dev/null @@ -1,25 +0,0 @@ -Known bugs in sudo version 1.6.9 -================================ - -1) Sudo should have an option to log when removing "dangerous" - environment variables. - -2) On DUNIX in sia mode, hitting return at the prompt does not quit. - -3) In parse.lex, '@' should not need to be a special character. - However, because lex does greedy matching, {WORD} will match - instead of the "^Defaults[:@]?" line. - -4) In list mode (sudo -l), characters escaped with a backslash - are shown verbatim with the backslash. - -5) Because the parser only does a single pass it is possible to - make a sudoers file where the "defaults" options are set after - a user's entry has been validated, changing the permissions for - the user. The work-around is to put all 'defaults' entries - before the "User privilege specification" section but after all - the "alias specifications". In the future the parser will - converted to a two-pass parser. - -6) For the same reason as #5, changing the value of "ignore_dot" has - no effect (find_path() is called before sudoers is parsed). diff --git a/usr.bin/sudo/CHANGES b/usr.bin/sudo/CHANGES deleted file mode 100644 index c3124ca8f2e..00000000000 --- a/usr.bin/sudo/CHANGES +++ /dev/null @@ -1,2117 +0,0 @@ -CHANGES since sudo 1.2 - -01) sudo now works under hpux, aix, sunos, bsd43, ultrix, linux, osf and irix. - -02) Files w/o the executable bit will be ignored if they are in your PATH. - -03) If execv() fails, perror is called (which prints out an error based on - errno) and sudo exits with -1. - -04) Included in this shar should also be a version of getpass() derived from - the bsd net-2 source which works on bsd, ultrix, hpux, aix, and irix - at least. The latter three unixes have what i consider to be a broken - getpass() in that if /dev/tty can't be opened it doesn't just use stdin - like bsd getpass(). This means you cannot do: rsh host "sudo command" - and have it work if your ticket has expired. - -05) The Makefile has changed significantly. It now has defines for all - supported architectures. - -06) Changed MAXCOMMANDLENGTH from 48 bytes to MAXPATHLEN and included - sys/param.h where appropriate. - -07) Rewrote the code that expands links & paths. It now works correctly. - (rewrote find_path.c) - -08) Added a define NEED_STRDUP so we don't conflict with the system's strdup(3) - -09) Now does *not* pass LD_* environmental vars on to programs that get - exec'd. Also removes SHLIB_PATH for hpux and _RLD_* for dec osf. - -10) Now searches current dir last if '.' or '' are in PATH. Misses braindeath - like './' but if that's in your path you deserve all the trojans you get. - -11) Added in linux patches from drew + flex support. - -12) Added insults back in from original sudo(8) (define USE_INSULTS). - -13) visudo now uses EDITOR envar (from John_Rouillard@dl5000.bc.edu) - -14) you can now specify a dir containing commands that a sudoer can do. - (from John_Rouillard@dl5000.bc.edu) - -15) Ported to Solaris 2.x (based on a port of sudo 1.1 done by UnixOps). - -16) Took out setuid(0); setruid(uid); pairs that bracketed calls to - update_timestamp() since they are unnecessary and setruid() is - broken on systems without a setreuid(2) or setresuid(2) system call. - (Ie: AIX and Solaris 2.x). - -17) The bulk of sudo now runs with the caller's real uid. Grep for - be_root() to find the exceptions. - -CHANGES from sudo 1.3 - -18) Added SECURE_PATH as suggested by russells@ccu1.auckland.ac.nz. - -19) Reworked clean_envp() to modify environ (not envp) so we can use - execvp() safely. - -20) Now use execvp() instead of execve() so sudo /bin/kill works under - broken solaris. This also fixed sudo /etc/fastboot under stock - 4.3 BSD. Basically, this means that any executable shell script that - lacks a '#!/bin/sh' magic number will now work with sudo. Personally - I think that the broken scripts should be fixed rather than changing - sudo, but vendors will be broken. Sigh. - -21) Added USE_EXECV define so you can make sudo use execv() if you - want. Using execvp() shouldn't be a problem since it is always - handed a non-relative path that begins with '/' but some people - may not trust execvp(). - -22) Log file lines will no longer get truncated. Syslog entries that - would overrun the syslog(3) line limit are continued on another entry. - -23) When logging to a log file, long entries are indented to improve - readability. - -24) Whenever the umask is changed, it is changed back to what it was - before. - -25) Log file is written as mode 600 instead of 644 - -26) Umask that sudo runs with may now be specified. - -27) There is now a "configure" script. - -28) Sudo will use ultra fast crypt (ufc) if it finds it for systems w/o - a real crypt(3) (non-US ConvexOS/Secure for instance). - -29) _BSD_COMPAT is now defined for Irix. - -30) The global variable uid is now initialized to -2 because I'm paranoid. - -31) Native Solaris 2 port from Matthew.Stier@aisg.com - -32) Now use sysconf(2) instead of getdtablesize(2) if it is available - (see change #31). Because of the the getdtablesize() emulation for - hpux is no longer necessary. - -33) Now only do a getcwd(3) or getwd(3) once and do it as the real user. - Sudo should no longer complain that it can't get the cwd unless - there is a real problem. - -34) Changed some malloc'd globals of fixed length to be allocated from - the stack instead as there was no win in allocating them from the - heap. - -35) Fixed AIX STATIC_FLAGS as per the AIX faq. - -36) Added -V flag to sudo and visudo (for version) - -37) Now treat EACCESS like EPERM when doing stat(2) in find_path.c - -38) Added prototypes for sudo functions (via __P macro) - -39) configure now uses uname(1) if it exists - -40) gethostbyname(3) is now only called if you define FQDN. There's really - no reason to not trust gethostname(2) and this way if name service is - hosed sudo isn't... - -41) added -v (validate) flag to sudo to update a timestamp w/o running - a command - -42) now use tgetpass() (getpass with a timeout) - -43) find_path() now uses realpath(3) - -44) wrote versions of realpath(3) and getcwd(3) for those without - -45) wrote tgetpass()--a getpass() that times out via select(2) - -46) sudo now uses posix signals if available - -47) Finally added ConvexOS C2 security support from - "Peter A. Nikitser, Systems Software Support, QUT" <P.NIKITSER@qut.edu.au> - -48) You can now #undef MAILER if you don't run sendmail or the equivalent. - -49) AFS support from adamh@austin.ibm.com - -50) If you define BOTH_LOGS in sudo.h you can log both via syslog(3) *ans* - to a log file. - -51) Added ultrix /etc/auth (enhanced security) support. - -52) Sudo now will work with a 4.2BSD syslog (SunOS < 4 && ultrix). - Personally, I'd say you are better off logging to a file if - your syslog is this ancient. - -53) Changed realpath(3) to sudo_realpath() since we need to do the - chdir(2) with the invoking uid. sudo_realpath() should be - faster than vendor-supplied realpath(3)'s anyway... - -54) No longer create a static binary on AIX since it reportedly - causes problem on newer versions on AIX 3.x. - -55) If sudo_realpath cannot chdir() back to cwd sudo will print - and error and exit. Previously it would either fail silently - or print an incorrect error message. - -56) Moved code to send error mail to be after the log message. - From rouilj@cs.umb.edu. - -57) Added SUDO_USER and SUDO_UID envars. Suggested by John P. Rouillard - (<rouilj@cs.umb.edu). - -58) Added -k and -h options and rearranged some of the code to be - more modular and less braindamaged. This introduces the concept - of "run modes" to sudo. - -59) Fixed visudo and flex. visudo now calls yyrestart() if you are using - flex instead of lex. From bostley@cs.colorado.edu. - -60) Added a "cat page" for systems w/o nroff. - -61) Fixed a bug whereby only the last directory specified in a Cmnd_Alias - was checked. Reported by "James R. Hendrick" <hendrick@ctron.com>. - -62) All .{c,lex,yacc} files now include both sys/types.h and unistd.h so - we are sure to get the typedef of uid_t. - -CHANGES from sudo 1.3.1 - -63) Added preliminary support for DEC OSF/1 protected passwords - (shadow passwords). - -CHANGES from sudo 1.3.1pl1 - -64) More support for DEC OSF/1 protected passwords (shadow passwords). - -CHANGES from sudo 1.3.1pl2 - -65) Fixed mail logging to include the username as it should have. - -66) Added hostname to log message in error mail. - -67) Added -l flag to sudo to list the allowed/forbidden commands. - Suggested by matthew@gateway.bsis.com (Matthew Stier) - -68) Fixed bison warnings for parse.yacc and visudo.yacc. - Pointed out by alfie@dcs.warwick.ac.uk (Nick Holloway). - -CHANGES from sudo 1.3.1pl3 - -69) Sudo will now exit with an error if the command to be run is > MAXPATHLEN. - -70) Test in configure for termios support was insufficient. It thought - Nextstep 3.2 had termios just because it as termios.h (need to link - with -posix for termios on NeXT's) - -CHANGES from sudo 1.3.1pl4 - -71) First stab at Skey support. - -72) Sudo now sets IFS to be SPACE, TAB, NEWLINE. - -73) Sudo now sets the real and effective gid to root's group - (based on passwd file). - -74) Sudo now checks that the sudoers file is owned by a certain user - and not readable or writable by anyone else. - (based on a suggestion by Joerg Schumacher <schuma@ips.cs.tu-bs.de>) - -75) Visudo now sets the owner on the new sudoers file based on #74 - -76) Sudo and visudo will now compile with byacc (Berkeley yacc). - -77) If the rename(2) of stmp -> sudoers fails /bin/mv is executed before - bailing. Based on code from Case Larsen <clarsen@mh1.lbl.gov>. - -78) User-level configuration is now done in options.h. - -79) Moved all compatibility #defines to compat.h - -80) Incorporated new parsing code from Chris Jepeway <jepeway@cs.utk.edu>. - This is much better than the previous parser. - -81) Rewrote visudo.c and tickled parse.yacc to work with it. Visudo - now gives you options if a parse error occurs rather than blindly - dumping you back in the editor. - -82) Took out all references to realpath since we are now checking based - in inode and device (with Chris' new parser). The upshot of this - is that path matches are done safely and the symlink problem has - gone away. - -83) Fixed bison warnings from new parse.yacc. - -84) Added a default case to parse.lex to error on unmatched tokens as Chris - suggested. - -85) Converted configure.in and acsite.m4 to autoconf 2.1. - -86) Added lsearch.c and search.h for os's w/o lsearch()/lfind(). - -87) Sudo now checks to see that the file it is executing is a regular file - (was just checking the execute bit so dirs slipped through). - Pointed out by Barb Dijker <barb@labyrinth.com>. - -88) Fixed a problem on HP-UX trusted systems with getpwuid() returning "*" - unless the real uid is 0. Reported by Brian Cunnie (cunnie@nyc.hp.com). - -89) configure now checks for size_t and ssize_t in unistd.h as well - as sys/types.h. - -90) configure now checks for egrep before actually using it. - -91) configure now checks for a working void implementation (ie: void * as - a generic pointer) and sets VOID to void or char accordingly. - -92) Added support for SunOS 4.x C2 security (shadow passwords) from - Kendall Libby (fubar@shore.net) - -93) Changed all occurrences of bzero() to memset() and bcopy() to - memmove(). - -94) Fixed a bug in sudo.c. If a user has no passwd entry sudo would - dump core (writing to a garbage pointer). Pointed out by - Stephen Schaefer <sps@gateway.bsis.com>. - -95) Worked around a bug in AIX's lex in parse.c. AIX lex doesn't seem - to handle {x,y} range notation correctly. Bleah. - -96) Sudo would not report a failed attempt if the user entered return - at the 2nd password: prompt so someone trying to guess a password - could just invoked sudo multiple times and try one passwd at a time. - Reported by Jonathan Adams <jonathan@smada.com>. - -97) Added User_Alias facility. - -98) Rewrote most of the ip address / network support. Now works on all - systems sudo has currently been tested on. - -99) Sudo now sets SUDO_COMMAND and SUDO_GID envariables in addition to - SUDO_USER and SUDO_UID. - -100) Added changes to configure.in for UnixWare. - (from John Warburton <jwarb@SACBH.com.au>) - -101) Merged in changes for Interactive Unix and RISCos. - (from Andy Smith <abs@maunsell.co.uk>) - -102) Added testsudoers (from Chris Jepeway <jepeway@cs.utk.edu>). - -103) Added fix for parse.yacc to avoid the kludge I was doing. - (from Chris Jepeway <jepeway@cs.utk.edu>) - -104) Now remove the IFS envar if set instead of setting it to a "safe" - value to avoid problems with make and others. - -105) Added FAST_MATCH option to check basenames of sudo command and - paths listed in sudoers file. If the basename doesn't match - then it is not a match. If the basename matches, then do - a stat to make sure it is a valid match. - -106) Now only stat(2) cmnd once in path_matches() (in parse.c). Sudo - was stating cmnd for *every* attempted match. Now the stat struct - is cached (ie: the var is a static). - -107) Signal handlers in visudo are now only installed after the stmp - file is opened. Previously, it was possible to erase an open - stmp file by sending visudo a signal within a small window. - -108) Added Goon Show insults from Russell Street <r.street@auckland.ac.nz>. - -109) Broke out the insults into separate include files (insults.h - is the master and includes the appropriate one). - -110) Now use getwd() instead of getcwd() and provide emulation for - OS's w/o it. This was done since some OS's with getwd() - implement getcwd() via a pipe to pwd(1). By emulating getwd() - by calling getcwd() on OS's w/o getwd() we lose nothing since - the compiler should optimize away the extra function call. - -111) Added crypt() for DEC OSF/1 3.x enhanced security. - From "Richard L Jackson Jr" <rjackson@osf1.gmu.edu>. - -112) Added an option to run the command in the background (-b) as - suggested by Jonathan Adams <jonathan@smada.com> - -113) First stab at kerberos support. I'm not really sure it is - possible to do this in a sane manor. Sigh. - -114) Better kerberos support. Had to use setreuid(2) but falls - back on a kludge if that does not exist or is broken. - -115) Added -p (password prompt) support. - Suggested by "David W. Cooley" <dwcooley@COLBY.EDU> - -116) Added partial implementation of -l (list) flag. - This is probably as good as it will get until sudo:tng. - -117) Added anti-spoofing code to tighten up a race condition - where a user could run sudo some_link and then change - where the link pointed after the old link had been - validated but before the exec(). - -118) Now update timestamp file via utime() (and emulate via utimes() - if necessary) to eliminate a small race. Works with - both POSIX utime() as well as old utime() in BSD <= 4.3. - -119) Kerberos ticket file now lives in same dirs as sudo timestamp - files (to avoid trouncing on normal ticket file) and is removed - after validation. - -120) Now log tty user is on as well as pwd in sudo logs. - -CHANGES from sudo 1.3.2 BETA - -121) Fixed a bug in the anti-spoofing check. - -122) Fixed up ISC support so that it works and looks like non-streams - stuff in interfaces.c. - -123) Now deal correctly with ip implementations that has an sa_len - field in struct sockaddr. - -124) Check ownership and permissions on timestamp dir and ignore if - not owned by root and mode 0700. Problem pointed out by Larry Auton - <lda@research.AT&T.com> and Navjot Singh <singh@research.AT&T.com>. - -125) Ignore timestamp files with preposterous dates to keep people from - faking out sudo on OS's that allow you to give away files to root. - Problem pointed out by Larry Auton <lda@research.AT&T.com> and - Navjot Singh <singh@research.AT&T.com>. - -126) A timeout of 0 will now cause a password to be entered every - time. Based on a suggestion by Larry Auton <lda@research.AT&T.com> - and Navjot Singh <singh@research.AT&T.com>. - -CHANGES from sudo 1.3.3 BETA - -127) Cleaned up interfaces.c so that it is more readable. - -128) Added support for syslog()'s that don't guarantee delivery - of a message. HP-UX is the only known offender. - -129) No longer use memmove() since memcpy() does what we need and - configure doesn't always catch memmove() even when it is - there (may be a library problem). - -130) Updated man page to reflect two more security issues. - -131) Cleaned up shadow password support in check.c. It should now - be readable. - -132) Added SCO support. - -133) Added check to configure to find the max length of a uid_t - in characters. - -134) Removed uid2str() since we now know how big a uid_t/gid_t - can be. This elminates a few malloc()'s. - -135) Added support for multiple insult types. Based on code and - a suggestion from Dieter Dworkin Muller <dworkin@village.org>. - -136) Replaced clean_env() and rmenv() with a rewritten clean_env() - that should be a little faster. This also makes it easier to - add to the list of "dangerous" envariables. - -137) Added netgroup support. Netgroups must start with a leading - "+" to that sudo knows it is a netgroup. - -138) Split out sudoers file format into its own man page. - As suggested by Andy Smith <abs@maunsell.co.uk>. - -139) Updated testsudoers.c to grok netgroups. - -CHANGES from sudo 1.3.4 BETA - -140) Added SecurID support from Giles Todd <giles@gt.demon.co.uk>. - -141) Added -s flag to start a root shell and -- to signify end of args. - -142) Sped up logging routines by replacing strncpy()'s with strcat()'s. - This is safe because we dyanically allocate logline to be big enough. - -143) Now support command line arguments in the sudoers file. - -144) Sped up the loading on command line arguments. This fixes the - "commands with large argc's take forever to run" bug. - -145) Expanded MAXCOMMANDLEN to 8K since we now have to deal with - command line arguments. Added bounds checking in fill() and - append() so we don't drop core. - XXX - 8k makes sudo *SLOW* - -146) Added support in the lexer for "termination characters" to be - escaped. Ie: you can now use [\,:=] in command line args - as long as you escape with a \. - -147) Testsudoers can now deal with commands that have arguments. - -148) If a file is not executable or not a regular file sudo will - now give the appropriate error message instead of just - "command not found" which is misleading. - -149) Fixed a bug where if FQDN is set, load_interfaces() was never - called. - -150) tty is now a global so it can be used in the ticket file - at a later date. - -151) Strings in the parser are now allocated dynamically. This results - in a large speedup as compared to a 1K array on the stack. I - have freed the strings in the parser where appropriate but that - may not catch all instances. Even so, the average sudo now - takes up less memory than the 1K array version. - -152) Fixed a bug in tgetpass() and configure that broke termio/termios - support for some OS's. - -153) Added cheapo implementation of tty-based timestamps. The correct - way is to have username be a directory with the tty tickets - inside. However, the current code does not take to that very - well, and it does not allow the two systems to coexist. Therefore, - instead of timestampdir/user/tty it is timestampdir/user.tty. - -154) Added support for building in other than the source directory. - Based on changes from "Simon J. Gerraty" <sjg@frodo.dn.itg.telecom.com.au> - -155) options.h and pathnames.h are now included via angle brackets - (<>) so as to use the -I include path. This way, those using - a shadow build tree may have local copies of these headers - w/o clobbering the distribution ones. - -156) EXEMPTGROUP is now a string (group name) and user_is_exempt() - is now less of a hack. It uses getgrnam(EXEMPTGROUP) to - get a list of users in the exempted group. - -157) --prefix and --exe_prefix are now honored in the Makefile. - -158) Sudo will now behave reasonably in the case where the sudoers - file location is mounted via NFS and the client does not - have "root" NFS privs. - -159) _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP, and SUDOERS_OWNER are - now set via the Makefile since that appears to be what - most people expect... - -160) Now include a pre-generated version of parse.lex since so many - versions of lex are brain damaged. If parse.lex is changed - a new lex.yy.c will be generated. The distribution copy is - sudo-lex.yy.c. - -161) Upgraded to GNU autoconf version 1.5. There are now even - *more* options. - -CHANGES from sudo 1.3.5 BETA - -162) Fixed S/Key support. - -163) Cleaned up shadow password support further by moving much of - it to getspwuid.c. - -164) First cut at DCE support. [needs work to be functional] - -165) New Digital UNIX C2 support based on code from - "Randy M. Hayman" <haymanr@icefog.sois.alaska.edu> - -166) S/key support now works with the generic bellcore s/key - as well as the s/key from Wietse Venema's logdaemon. - (Previously only worked with the logdaemon s/key). - As an added bonus the s/key challenge is now embedded - in the password prompt for a cleaner look. - -167) lsearch.c will now compile on a strict ANSI C compiler. - ANSI doesn't allow pointer arithmetic on a "void *" - but gcc does. - -168) Bought back latest HP-UX DCE support from Jeff Earickson - <jaearick@colby.edu>. - -169) configure now comletely groks $SUDO_LIBS and $VISUDO_LIBS. - Plain old $LIBS is no longer used. LDFLAGS has also been - split up into $SUDO_LDFLAGS and $VISUDO_LDFLAGS. - The reason for this is that sudo often needs extra libs - for alternate authentication schemes but visudo rarely does. - -170) The code to copy command arguments flaied for large values of - argc due to realloc() lossage. We now cheat and treat argv[] - as a flat string (since that's what it is) and use pointer - arithmetic to compute the length. Kind of sneaky but it - works (and is relatively fast). - -CHANGES from sudo 1.3.6 BETA - -171) Added support for UN*X groups in sudoers based on code from - Dougal Scott <dwagon@aaii.oz.au>. - -172) interfaces.c should work on ISC UN*X again. - -173) All source files are <= 14 characters for old SYSV file systems. - -CHANGES from sudo 1.3.7 GAMMA - -174) Minor configure[.in] fixes. - -175) tgetpass.c now compiles on OS's that put the definition of - fd_set in <sys/bsdtypes.h> - -CHANGES from sudo 1.4 - -176) Command args in sudoers are now stored in an argument vector - instead of a flat string to make wildcard matching simpler. - -177) Added NewArgv and NewArgc that describe the command to be - executed. The copy of args in cmnd_args is no longer necessary - and has been removed. - -178) Using strcmp(3) for argument matching in command_matches() - (was path_matches()) is no longer sufficient since we don't - have a flat string. compare_args() is used instead which - calls either strcmp(3) or wildmat(3l) depending on whether - there are shell-style meta chars (wildcards) present. - -179) Shell-style wildcard matches are now available in the sudoers - file. Matches are done via Rich $alz's wildmat(3). - This required the tweaks described in #176-178 as well as - other, more minor, changes. - -180) Commented out rule to build lex.yy.c from parse.lex since - we ship with a pre-flex'd parser and can't rely on file - dates being set correctly. - -181) Fixed visudo and testsudoers to deal with new argument - vector handling. - -182) A null string ("") as shell in passwd file (or $SHELL) is - now treated as the bourne shell. - -183) Converted *.man to pod format for easy conversion to man, - html, latex, and just plain text. Tried to make the - sudoers manual easier to read in the process. - -184) Updated sample.sudoers and sudoers.pod to include info - on wildcards. - -CHANGES from sudo 1.4.1 - -185) compat.h now defines _PASSWD_LEN based on PASS_MAX if it - is defined (from limits.h on SYSV). - -186) Both short and long hostnames may now be used in the sudoers - file if FQDN is defined. From patches submitted by - Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>. - -187) Now use skeylookup() instead of skeychallenge(). Hopefully - this will work around a problem some people have reported - on Solaris 2.5 with sudo and logdaemon 5.0's skey. - -188) Now uses /var/run to hold timestamp files if it exists. This - is more secure. - -189) configure now puts the timestamp dir in /var/run if it exists. - Sugestion by Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>. - -190) Both short and long hostnames now exist even if FQDN is not set. - This allows machines with fully qualified hostnames set via - hostname(1) to use them in the sudoers file. - -191) sudo was not honoring "." in $PATH due to a bug in find_path(). - -192) Added IGNORE_DOT_PATH option to ignore "." in $PATH. - -193) tgetpass() now uses raw read(2) and write(2) instead of stdio. - This should make it work on more OS's. Previously, it used - stdio (buffered) fgets(3) and fputs(3) with select(2) which - may not be legal. Also got rid of the nasty goto's and - generally simplified the code. - -194) Parser now supports hostnames like UPPERCASE.foo.com. Previously, - `UPPERCASE' was interpreted as an Alias. This means that - the `fqdn' stuff has been moved to the lexer (FQHOST is used - to avoid collision with FQDN option). - -195) Reworked --with-FOO in configure.in to support --without-FOO. - Made shadow passwords the default for appropriate OS's. They - can be turned off with --without-C2. - -196) Added NO_PASSWD option for those who don't want to be bothered - by a password prompt from sudo. This is really just a hack. - -197) Added support for double quotes to mean "treat these words as one - argument". This is similar to what most shells do. - -198) Added mkinstalldirs to make install destination dirs if - they do not already exist. - -CHANGES from sudo 1.4.2 - -199) Added support for --with-CC (which C compiler to use). - -200) Added support for NOPASSWD token and running commands a - specified users (sudo -u) from Keith Garry Boyce - <garp@opustel.com> - -201) Only link with -lshadow for Linux if libc lacks getspnam(). Problem - pointed out by Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>. - -202) Replaced SUDOERS_OWNER with SUDOERS_UID and SUDOERS_GID. Added - SUDOERS_MODE and changed the default to 0440 (from 0400). - It is now possible to NFS-mount sudoers without doing anything fancy. - -202) If a runas list is specified, a user may only run commands as - "root" if "root" is a member of the runas list. The old behavior - was to always allow commands to be run as root, even if a runas - list was specified. Now you can give someone "sudo -u operator" - and not have the equivalent of "sudo -u root" as well. - -203) Added "USER=%s" to logging functions. - -204) configure will now add -lPW to (VI)?SUDO_LIBS if using bison - or DCE and alloca(3) is not in libc (or provided by gcc) but - is in libPW.a. - -205) sudo would give an incorrect error message if the sudoers file - didn't exist due to close() stomping errno if the open() failed. - -206) Fixed "shell" mode (sudo -s). When building NewArgv sudo was - not allocating space for the NULL. - -207) Added support for wildcards in the pathname. Ie: /bin/*. - -208) 'command ""' in sudoers now means no args allowed. - -209) Added command line args to SUDO_COMMAND envariable. - -210) HP-UX 10.x with C2 now uses bigcrypt(). - Changes from david_dill@Merck.Com (David Dill). - -211) lsearch.c will now compile w/o compiler warnings. - (Updated from NetBSD lsearch.c) - -212) Now uses POSIX fnmatch(3) (which uses ! instead of ^ in ranges) - -CHANGES from sudo 1.4.3 - -213) Now allows network/netmask in sudoers to override per-interface - netmask. - -214) Fixed -u support with multiple user lists on a line. - -215) Fixed a core dump problem when built with -DSHELL_IF_NO_ARGS. - -216) Fixed 2 typos in parse.yacc and removed some unnecessary if's. - -217) Now always use install-sh since SunOS install can't do uid/gid's. - Other BSD installs are probably similarly afflicted. - -218) Fixed NFS-mounted sudoers file under solaris both uid *and* gid - were being set to -2. Now set uid to 1 to avoid group being - remapped. - -219) Now includes alloca.c (from gcc) for those w/o it. Linking - against -lPW breaks visudo on HP-UX and probably others. - -220) Added --with-libpath, --with-libraries, --with-incpath options - to configure. - -221) configure now uses shicc instead of gcc on BSD/OS >= 2.0 to - generate binaries linked with shared libs. - -222) The parser was setting no_passwd even if there wasn't a - runas match. I reordered some things in parse.yacc - to fix this. - -223) `sudo -v' (validate) wasn't paying attention to NOPASSWD. - Now it does. - -224) testsudoers now groks "-u user". - -225) Updated AFS support based on what tcsh 6.06 does. - -226) Fixed a typo/thinko that broke BSD > 4.3reno wrt interfaces.c. - -227) HPUX 10.X shadow password stuff now uses SecureWare routines. - -228) SecureWare passwd checking now uses bigcrypt() if available. - Now uses AUTH_MAX_PASSWD_LENGTH if defined. - -229) configure now makes sure you don't have a config.cache file - from another OS. - -230) Added better shadow password detection. - BSD >= 4.3reno -> /etc/master.passwd - hpux9: getspwnam() -> /.secure/etc/passwd - hpux10: getspnam() or getprpwnam() -> /tcb/files/auth/*/* (link with -lsec) - SVR4: getspnam() -> /etc/shadow - solaris: getspnam() -> /etc/shadow - irix[56].x: getspnam() -> /etc/shadow - sunos 4.x: getpwanam() -> /etc/security/passwd.adjunct - DUNIX: getprpwnam() -> /tcb/files/auth/*/* (link with -lsecurity) - SecureWare: getprpwnam() -> /tcb/files/auth/*/* - ultrix 4.x: getauthuid() -> /etc/auth.{pag,dir} - -231) '(' in command args no longer are a syntax error. - -232) '!command' now works in the presence of a runas or NOPASSWD token. - Simplified parse rules wrt runas and NOPASSWD (more consistent). - -233) Command args and now compared as a flat string again. This makes - wildcard matches more consistent. - -234) DUNIX C2 support now groks AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT. - -235) configure now uses config.{sub,guess} to guess OS type. - Sudo should work out of the box on more OS's now. - -236) Got rid of HAVE_C2_SECURITY, now just use SHADOW_TYPE. - -237) Fixed race in tgetpass() where echo can be turned off and - left off if sudo is used in a pipeline and a password is - required. - -CHANGES from sudo 1.4.4 - -238) `sudo -l' output now includes runas and NOPASSWD info and - asks for a password unless NOPASSWD for ALL is set. - -239) Sudo can now deal with all-caps user and host names. - -240) Sudo will now remove the "ENV" and "BASH_ENV" envariables. - From Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>. - -241) `sudo -l' will now expand Cmnd_Alias's (could be prettier). - -242) `sudo -s' will now set $HOME to root's homedir (or that of - the user specified -u) so dot files get sourced. - -CHANGES from sudo 1.4.5 - -243) $HOME was always being set, not just with `-s'. - -244) In visudo, the owner and group of the sudoers file were - being set too early; an editor could change them and change - the owner/group of the resulting sudoers file. - -CHANGES from sudo 1.5 - -245) Added SHELL_SETS_HOME option. - -246) Added NO_MESSAGE option. - -247) Added %u and %h escapes in PASSPROMPT to expand to user's name - and host. - -248) Added "SUDO_PROMPT" envariable. - -249) Usernames may now begin with a digit. Gross, but people do it. - -Sudo 1.5.1 released. - -250) Added `opie' support. - -251) Added check to make sure fnmatch() really works. - -252) Now use the prompt S/Key gives us instead of rolling our own. - -253) Added -H flag from Danny Barron <dcbarro@nppd.com>. - -254) Add SUDO_PS1 envariable support. - -255) Attempt at sequent support. - -Sudo 1.5.2 released. - -256) visudo acts sanely when there is no sudoers file. - -257) Added Runas_Alias support. - -258) Sudo will now work with SUDOERS_MODE == 400 and SUDO_UID = 0. - -259) Alias's in a runas list are now expanded. - -260) Fixed bug with > 32 saved aliases. Reported by BHH@capgroup.com. - -261) Code that uses sprintf() is now more paranoid about buffer - overflows. - -262) Whitespace is now allowed after a line continuation character before - a newline in sudoers. - -263) %h in MAILSUBJECT expands to local hostname. - -Sudo 1.5.3 released. - -264) Don't pass getdtablesize() as first arg to select(2). No need - to do this since we only select on one fd--use (fd+1) as nfds - and the old way caused problems on some systems (arguably - a bug in those OS's). From Marc Slemko marcs@znep.com. - -265) Fixed coredump when passwd file is missing or unavailable. - Reported by Jason Downs <downsj@teeny.org> and - Klee Dienes <klee@mit.edu> (via a Debian Linux bug report). - -266) Fixed bug wrt exclusion lists and relative pathnames. - Reported by osiris@COURIER.CB.LUCENT.COM. - -267) exit(1) if user doesn't enter a passwd. - Noted by Alex Parchkov <alexp@ind.tansu.com.au>. - -Sudo 1.5.4 released. - -268) Newer versions of Irix use _RLDN32_* envariables for 32-bit binaries - so ignore _RLD* instead of _RLD_*. From tarrall@bamboo.Colorado.EDU. - -269) Only open sudoers file once as opposed to once for sanity checks and - once for the parser. Also try to open ten times if we get EAGAIN. - -Sudo 1.5.5 released. - -270) Initialize group vector if we are becoming a user other than root. - For root, it is often more useful to hang on to our existing group - vector. - -271) Fix usage of select(2) to deal correctly with a high-numbered fd. - -272) Fixed a bug where sudo sometime didn't give the user a chance to - enter a password at the prompt. - -273) Use a dynamically sized buffer when reading ether interfaces. - -274) Fixed configure problems with identification of HP-UX > 10.x and - with cc being identified as a cross compiler on some platforms. - -275) Fixed a problem with HP-UX 10.x and alloca. Bison does not - include alloca.h on HP-UX 10.x even though it uses alloca() - (and thus needs the #define of alloca(x) to __builtin_alloca(x)). - To fix this we include alloca.h ourselves if using bison and not gcc. - -276) Included support for the AIX 4.x authenticate() function from - Matt Richards <v2matt@btv.ibm.com>. - -277) Fixed an off by one error in the parser. Found by - Piete Brooks <Piete.Brooks@cl.cam.ac.uk> - -278) Change NewArgv size computation to work on UNICOS. - From Mike Kienenberger <mkienenb@arsc.edu> - -279) Added --with-logfile and --with-timedir configure options. - -280) Use getcwd(3), not getwd(3) to avoid possible buffer overflow. - Use BSD getcwd(3) if system lacks one or is SunOS 4.x. - -281) Fix 'fprintf' argument mismatches in 'visudo.c'. - From ariel@oz.engr.sgi.com (Ariel Faigon) - -282) Use waitpid or wait3 to reap children in logging.c. - Pointed out by Theo de Raadt <deraadt@theos.com> - -283) Sudo should prompt for a password before telling the user that - a command could not be found. Noted by rhodie@NAC.NET. - -284) Fix OTP_ONLY for opie; "Deven T. Corzine" <deven@fuse.net>. - -285) Include pre-yacc'd parse.yacc as sudo.tab.[ch] since more and - more vendors are charging for yacc (bad vendor, no cookie). - -286) Use MAX*, not MAX*+1 - -287) Add support for Hitachi SR2201, from b-edgington@hpcc.hitachi-eu.co.uk - -288) Added RUNAS_DEFAULT option to allow one to compile sudo with a - default runas user other than root. - -289) Add options to log the hostname in the file-based log and to not - do word wrap in file-based log. From Theo Van Dinter <tvd@chrysalis.com> - -290) RedHat Linux pam support, from Gary Calvin <GCalvin@kenwoodusa.com>. - pam.sudo goes in /etc/pam.d/sudo on RedHat 5.0 and above. - -291) With sudo -s, set command the full path of the shell, not the basename. - Noted by Peter W. Osel <pwo@guug.de> - -Sudo 1.5.6 released. - -292) Pam auth now runs as root; necessary for shadow passwords. - -293) Shadow password support is now compiled in by default. You can disable - it via --disable-shadow. - -294) We now remove a timestamp file with a bogus date when it is detected. - From Steve Fobes <sfobes@uswest.com>. - -295) In tgetpass(), restart select if it is interrupted. This really fixes a - problem where a user sometimes is not given a change to enter a password. - -296) All options have moved from options.h -> configure. - -297) visudo is now installed in /usr/local/sbin where it belongs. - -298) Lots of configure changes. Instead of checking for the existence - of -lsocket, -lnsl, or -linet, we instead check them for the - functions we need only if they are not already in libc. - -299) Added DUNIX SIA (Security Integration Architecture) support from - Spider Boardman <spider@Orb.Nashua.NH.US>. - -300) Added test for broken Digital UNIX 4.0 prot.h. - -301) Better support for C2 security on Digital UNIX. - -302) Hacked autoconf so that you have have single quotes in - --with-passprompt. - -303) For SecureWare-style shadow passwords use getprpwnam() instead - of getprpwuid() since getprpwuid is broken in HP-UX 10.20 at - least (it sleeps for 2 minutes if the shadow files don't exist). - -304) We can't really trust UID_MAX or MAXUID since they may only exist for - backwards compatibility; spider-both@Orb.Nashua.NH.US - -305) Make %groups work as RunAs specifiers; Ray Bellis <rpb@community.net.uk>. - -306) Set USER environment variable to target user. - Suggested by Ray Bellis <rpb@community.net.uk>. - -307) Go back to printing "command not found" unless --disable-path-info - specified. Also, tell user when we ignore '.' in their path and it - would have been used but for --with-ignore-dot. - -308) When using tty tickets make it user:tty not user.tty as a username - could have a '.' in it. - -309) Define BSD_COMP for svr4 to get BSD ioctl defs. Also, if we have - sys/sockio.h but SIOCGIFCONF is not defined by including sys/ioctl.h - include sys/sockio.h directly. - -310) Fixed a bug that could cause "sudo -l" to segfault or complain - about non-existent syntax errors. - -Sudo 1.5.7 released. - -311) Fixed square bracket quoting in configure and moved check for -lnsl - to be before -lsocket. - -312) In load_interfaces(), close sock after bwe are done with it. Leak - noticed by Mike Kienenberger <mkienenb@arsc.edu>. - -313) Missing pieces from change #308; from Mike Kienenberger. - -314) Real Kerberos 5 support from Frank Cusack <fcusack@iconnet.net>. - -315) FWTK 'authsrv' support from Kevin Kadow <kadow@MSG.NET>. - -316) Fixed handling and documentation of -with-umask. - -317) If the check for socket() or inet_addr() fails, retry, this time - linking with both -lsocket and -lnsl for those systems that - have interlibrary dependencies. - -Sudo 1.5.8 released. - -318) Add dirfd() macro for systems without it. - -319) Better check for socket() in -lsocket -lnsl in configure. - -320) Minor configure fixes. - -Sudo 1.5.8p1 released. - -321) Fixed a bug wrt quoting characters in command args. - -322) Make --without-sendmail work. - -Sudo 1.5.8p2 released. - -323) Fixed a segv if HOST_IN_LOG defined and gethostbyname() fails. - Reported by Gero Treuner <gero@faveve.uni-stuttgart.de>. - -324) Fixed a parse bug wrt the ! operator and runas specs. Noted by - David A Beck <BKD@payserv.telekurs.com>. - -325) Use new emalloc/erealloc/estrdup functions (catch errors and exit). - -326) New PAM code that should work on both Solaris and Linux. - -327) Make sudo's usage info better when mutually exclusive args are given - and don't rely on argument order to detect this. From Nick Andrew. - -328) In visudo, shift return value of system() by 8 to get the real exit value. - -Sudo 1.5.9 released. - -329) The runas user and NOPASSWD tags are now persistent across entries - in a command list (ie: cmnd1,cmnd2,cmnd3). A PASSWD tag has been - added to reverse NOPASSWD. The runas user and *PASSWD tags can be - overridden on a per-command basis at which point they become the - new default for the rest of the list. - -330) It is now possible to use the '!' operator in a runas list as - well as in a Cmnd_Alias, Host_Alias and User_Alias. - -331) In estrdup(), do the malloc ourselves so we don't need to rely on the - system strdup(3) which may or may not exist. There is now no need to - provide strdup() for those w/o it. - -332) You can now specify a host list instead of just a host or alias - in a privilege list. Ie: user=host1,host2,ALIAS,!host3 /bin/ls - -333) Stash the "safe" path to the command instead of stashing the struct - stat. Should be safer. - -334) Now set $LOGNAME in addition to $USER. - -335) No longer use stdio in tgetpass() - -336) Don't use _PASSWD_LEN or PASS_MAX as we can't rely on them corresponding - to anything real. Instead, we just use a max password size of 256 - everywhere. - -337) Block keyboard-generated signals during startup and restore signal - mask before exec'ing the program. We don't want the user to be - able to simply kill us and avoid logging. - -338) Rewrote timestamp handling. For the default case, a directory is used - instead of a file. For the tty-based case, the timestamp is just a - file in that directory (eg. /var/run/sudo/username/tty). You now only - get the lecture once, even in the tty case. The goal here is to allow - the tty and non-tty schemes to coexist, though it is worth noting that - when you update a tty file, the mtime of the dir gets updated too. - -339) The meaning of -k has changed to mean "invalidate the timestamp". - There is a new -K option to really remove the timestamp file/dir. - -340) New modular authentication API. This fixes the rat's nest of - #ifdefs that was the old auth code. - -341) New logging functions. log_error() now takes a variable number of - args ala printf() and log_auth() reacts to the return value of validate(). - -342) If a user is not in the sudoers file they are still asked for a password. - This keeps someone who finds a user logged in to a terminal from being - able to tell whether or not the user is allowed to use sudo. - -343) New PAM code again, this time it should be correct. - -344) tgetpass() now has a flag to specify whether or not to turn - off echo while reading the password. Used by the new PAM and - fwtk code. - -345) Fixed shadow password dectection on SCO. - -346) Sudo is now available under a BSD/Apache style license. This is - possible because it no longer contains any of the original 1.1 code. - -347) Added configuration info when sudo is run with the -V flag by root. - -348) Change visudo tmp file from /etc/stmp -> /etc/sudoers.tmp since - Solaris uses stmp for shadow temp file. Also rename _PATH_SUDO_SUDOERS - to _PATH_SUDOERS and _PATH_SUDO_STMP to _PATH_SUDOERS_TMP. - -349) Added configure option to set syslog priorities. - -350) Sudo now locks its log file to prevent mangled entries. - -351) Visudo now locks the sudoers temp file instead of bailing when - the temp file already exists. This fixes the problem of stale - temp files but it does *require* that you not try to put the - temp file in a world-writable directory. This shoud not be - an issue as the temp file should live in the same dir as sudoers. - -352) Fixed crypt() check in libufc. - -353) It is now possible to put a list of users as the first thing in a - user specification. I don't suggest this but it makes the grammar - more uniform. - -354) Visudo will now warn about what it thinks are undefined aliases. - Since it can't be 100% sure these are just warnings, not errors. - -355) Add a --without-passwd option to configure that turns off - passwd/shadow file authentication. Only usable with an alternate - authentication scheme. - -356) Add a --disable-authentication option to configure that causes sudo - to not require authentication by default. The PASSWD tag can be - used to require authentication for an entry. - -357) Add a --with-devel option to add -Wall and uncomment yacc/lex - generation in Makefile. - -358) Zero out plaintext password after use (should do encrypted as well). - -359) Added real dependencies in Makefile. - -360) Deprecated --with-otp-only in favor of --without-passwd. - -361) Add --with-mail-if-no-host to send mail if a user tries to run sudo on - a host for which he/she is not authorized. - -362) Most of sudo now runs as root instead of the invoking user to - minimize the possibility of user control via signals or tracing. - -363) Now Support CIDR-style netmasks (ie: 128.138.0.0/16). - -364) In "sudo -l" mode, the type of the stored (expanded) alias was not - stored with the contents. This could lead to incorrect output - if the sudoers file had different alias types with the same name. - Normal parsing (ie: not in '-l' mode) is unaffected. - -365) Now include strcasecmp() for those without it. - -366) Most compile-time options are now changable at runtime via - the 'Defaults' specification in the sudoers file. - -367) Added a -L flag to printout all the possible 'Defaults' parameters. - -368) It is now possible to escape "special" characters in usernames, hostnames, - etc with a backslash. - -369) Sudo will now accept a hostname/username/netgroupname that contains - almost any character in it. It seems many people want to use '.' - and other non-alphanumerics in usernames. - -370) Fixed the root_sudo option. Sudo was always complaining that root - was not allowed to run sudo if the root_sudo flag was turned off. - -371) tgetpass() now uses a function to read up until the end of line. - Fixes problems in a pipeline when a program sets the tty mode - to be character at a time. - -372) sudo now turns off core dumps via setrlimit (probably paranoia). - -Sudo 1.6 released. - -373) Better diagnostics on PAM failure. - -374) Killed shell_noargs option, it cannot work since the command needs to - be set before sudoers is parsed. - -375) Fixed the following Defaults options: set_home, fqdn, syslog, tty_tickets, - ticket_dir, insults. - -376) When using select() in tgetpass(), do a separate select before - each read to be sure we can timeout correctly. - -377) SecurID support compiles and works again. - -378) Fixed a bug parsing runas modifiers. If a user spec contained multiple - runas specs, the latter ones may not be applied. - -379) #uid now works in a RunasAlias - -380) Don't ask the user for a password if the user is not allowed to run - the command and the authenticate flag (in sudoers) is false. - -381) Added configure check for initgroups(3). - -382) Use our own fnmatch() if there is no fnmatch.h, even if there is an - fnmatch() in libc. - -Sudo 1.6.1 released. - -383) Better behavior for -l and -v flags in conjunction with NOPASSWD and - added "verifypw" and "listpw" options. - -384) For HP-UX with cc, add the -Aa flag along with -D_HPUX_SOURCE. - -385) Fix compilation with K&R compilers. - -386) For netgroup host matching, match against the short version of the - hostname as well as the long one if they are different. - -387) Terminate passwd reading on '\r' in addition to '\n' - -388) Visudo used to loop endlessly if a user entered ^D at the whatnow - prompt. EOF is now treaded as 'x' (exit w/o saving changes). - -389) The 'shell_noargs' runtime option is back based on a patch from - bguillory@email.com. - -390) Systems that return RLIM_INFINITY for RLIMIT_NOFILE (like AIX) - would loop for a very loing time during sudo startup. A value of - RLIM_INFINITY is now ignored (getdtablesize/sysconf is used instead). - -391) Locking in visudo was broken. We now lock the sudoers file, not the - sudoers temp file, which should be safe. - -392) PAM fixups: custom prompts now work correctly and errors are - dealt with more sanely. Patches from Cloyce D. Spradling. - -Sudo 1.6.2 released. - -393) Users in the 'exempt' group shouldn't get their $PATH overridden - by 'secure-path'. Patch from jmknoble@pobox.com. - -394) Pam now works on HP-UX 11.0, thanks to Jeff A. Earickson. - -395) Fixed a bug that caused an infinite loop when the password - timeout was disabled. - -396) It is now possible to set the path to the editor for visudo as well - as the flag that determines whether or not visudo will look at - $EDITOR in the sudoers file. - -397) configure now pulls in the values of LIBS, LDFLAGS, CPPFLAGS, etc - as the documentation says it ought to. - -398) Added rootpw, runaspw, and targetpw to prompt for the root, runas_default - and target user's passwords respectively (instead of the invoking user's - password). - -399) Added -S flag to force password read from stdin. - -400) Restore coredumpsize resource limit before exec'ing the child - process (sudo sets it to 0 internally). - -401) Truncate unencrypted password to 8 chars if encrypted password is exactly - 13 characters (indicateing standard a DES password). Many versions - of crypt() do this for you, but not all (like HP-UX's). - -402) Fixed a typo/thinko that broke secureware support for long passwords. - -403) Added a new command line switch '-c' to support BSD login classes. - The '-c' option can be used to sudo a command with specific resource - limits in the login.conf database. This feature is optionally enabled - via the --with-logincap configure switch. Based on a patch from - Michael D. Marchionna. - -404) Fixed a bug where sudo would hang around and consume CPU if we spawn - a long-running process. - -405) Deal with HP-UX password aging info tacked on to the end of the - encrypted password. - -406) Added set_logname run-time option. When unset, sudo will not set - the USER and LOGNAME environment variables. - -407) Wildcards are now allowed in the hostnames specified in sudoers. - The 'fqdn' option is often required for this to be useful. - -408) Fixed a bug where host and user qualifiers in a Defaults entry were - not being used correctly and the entry was being applied globally. - -Sudo 1.6.3 released. - -409) Fixed targetpw, rootpw, and runaspw options when used with non-passwd - authentication (pam, etc). - -Sudo 1.6.3p1 released. - -410) When the targetpw flag is set, use the target username as part - of the timestamp path. - -Sudo 1.6.3p2 released. - -411) Fixed a bug that prevented the -H option from being useful. - -Sudo 1.6.3p3 released. - -412) Fixed a case where a string was used after it had been freed. - -Sudo 1.6.3p4 released. - -413) Fixed listpw and verifypw sudoers options. - -414) Do not write NUL when writing passwd prompt; hag@linnaean.org. - -Sudo 1.6.3p5 released. - -415) Fix word splitting bug that caused a segv for very long command line args. - -Sudo 1.6.3p6 released. - -416) Fix negation of path-type Defaults entries in a boolean context. - -Sudo 1.6.3p7 released. - -417) Visudo now checks for the existence of an editor and gives a sensible - error if it does not exist. - -418) The path to the editor for visudo is now a colon-separated list of - allowable editors. If the user has $EDITOR set and it matches - one of the allowed editors that editor will be used. If not, - the first editor that actually exists is used. - -419) Visudo now does its own fork/exec instead of calling system(3). - -420) Allow special characters (including '#') to be embedded in pathnames - if quoted by a '\\'. The quoted chars will be dealt with by fnmatch(). - Unfortunately, 'sudo -l' still prints the '\\'. - -421) Added the always_set_home option. - -422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent - reading of protected files by a less privileged user. - -423) Added support for BSD authentication and associated -a flag. - -424) Added check for _innetgr(3) since NCR systems have this instead - of innetgr(3). - -425) Added stay_setuid option for systems that have libraries that perform - extra paranoia checks in system libraries for setuid programs. - -426) Environment munging is now done by hand. The environment is zeroed - upon sudo startup and a new environment is built before the command - is executed. This means we don't rely on getenv(3), putenv(3), - or setenv(3). - -427) Added a class of environment variables that are only cleared if they - contain '/' or '%' characters. - -428) Use stashed user_gid when checking against exempt gid since sudo - sets its gid to SUDOERS_GID, making getgid() return that, not the - real gid. Fixes problem with setting exempt group == SUDOERS_GID. - Fix from Paul Kranenburg. - -429) Fixed file locking in visudo on NeXT which has a broken lockf(). - Patch from twetzel@gwdg.de. - -430) Regenerated configure script with autoconf-2.52 (required some - tweaking of configure.in and friends). - -431) Added mail_badpass option to send mail when the user does not - authenticate successfully. - -432) Added env_reset Defaults option to reset the environment to - a clean slate. Also implemented env_keep Defaults option - to specify variables to be preserved when resetting the - environment. - -433) Added env_check and env_delete Defaults options to allow the admin - to modify the built-in list of environment variables to remove. - -434) If timestamp_timeout < 0 then the timestamp never expires. This - allows users to manage their own timestamps and create or delete - them via 'sudo -v' and 'sudo -k' respectively. - -435) Authentication routines that use sudo's tgetpass() now accept - ^C or ^Z at the password prompt and sudo will act appropriately. - -436) Added a check-only mode to visudo to check an existing sudoers - file for sanity. - -437) Visudo can now edit an alternate sudoers file. - -438) If sudo is configured with S/Key support and the system has - skeyaccess(3) use that to determine whether or not to allow - a normal Unix password or just S/Key. - -439) Fixed CIDR handling in sudoers. - -440) Fixed a segv if the local hostname is not resolvable and - the 'fqdn' option is set. - -441) "listpw=never" was not having an effect for users who did not - appear in sudoers--now it does. - -442) The --without-sendmail option now works on systems with - a /usr/include/paths.h file that defines _PATH_SENDMAIL. - -443) Removed the "secure_path" Defaults option as it does not work and - cannot work until the parser is overhauled. - -444) Added new -P flag and "preserve_groups" sudoers option to cause - sudo to preserve the group vector instead of setting it to that - of the target user. Previously, if the target user was root - the group vector was not changed. Now it is always changed unless - the -P flag or "preserve_groups" option was given. - -445) If find_path() fails as root, try again as the invoking user (useful - for NFS). Idea from Chip Capelik. - -446) Use setpwent()/endpwent() and its shadow equivalents to be sure - the passwd/shadow file gets closed. - -447) Use getifaddrs(3) to get the list of network interfaces if it is - available. - -448) Dump list of local IP addresses and environment variables to clear - when 'sudo -V' is run as root. - -449) Reorganized the lexer a bit and added more states. Sudo now does a - better job of parsing command arguments in the sudoers file. - -450) Wrap each call to syslog() with openlog()/closelog() since some - things (such as PAM) may call closelog(3) behind sudo's back. - -451) The LOGNAME and USER environment variables are now set if the user - specified a target uid and that uid exists in the password database. - -452) configure will no longer add the -g flag to CFLAGS by default. - -453) Now call pam_setcreds() to setup creds for the target user when - PAM is in use. On Linux this often sets resource limits. - -454) If "make install" is run by non-root and the destination dir - is writable, install things normally but don't set owner and mode. - -455) The Makefile now supports installing in a shadow hierarchy - specified via the DESTDIR variable. - -456) config.h.in is now generated by autoheader. - -Sudo 1.6.4 released. - -457) Move the call to rebuild_env() until after MODE_RESET_HOME is set. - Otherwise, the set_home option has no effect. - -458) Fix use of freed memory when the "fqdn" flag is set. This was - introduced by the fix for the "segv when gethostbynam() fails" bug. - -459) Add 'continue' statements to optimize the switch statement. - From Solar Designer. - -Sudo 1.6.4p1 released. - -460) Some special characters were not being escaped properly (e.g. '\,') - in command line arguments and would cause a syntax error instead. - -461) "sudo -l" would not work if the always_set_home option was set. - -462) Added a configure option to disable use of POSIX saved IDs for - operating systems where these are broken. - -463) The SHELL environment variable was preserved from the user's environment - instead of being reset based on the passwd database even when the - "env_reset" option was set. - -Sudo 1.6.4p2 released. - -464) Added a configure option to cause mail sent by sudo to be run as - the invoking user instead of root. Some people consider this to - be safer. - -465) If the mailer is being run as root, use a hard-coded environment - that is not influenced in any way by the invoking user's environment. - -466) Fixed the call to skeyaccess(). Patch from Phillip E. Lobbes. - -Sudo 1.6.5 released. - -467) Visudo could access memory that was already freed. - -468) If the skey.access file denied use of plaintext passwords sudo - would exit instead of allowing the user to enter an S/Key. - -Sudo 1.6.5p1 released. - -469) Older versions of BSDi have getifaddrs() but no freeifaddrs(). - -470) BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD. - -471) Ignore the return value of pam_setcred(). In Linux-PAM 0.75, - pam_setcred() will return PAM_PERM_DENIED even if the setcred function - of the module succeeds when pam_authenticate() has not been called. - -472) Avoid giving PAM a NULL password response, use the empty string instead. - This avoids a log warning when the user hits ^C at the password prompt - when Linux-PAM is in use. This also prevents older versions of - Linux-PAM from dereferencing the NULL pointer. - -473) The user's password was not zeroed after use when AIX authentication, - BSD authentication, FWTK or PAM was in use. - -Sudo 1.6.5p2 released. - -474) Fixed compilation problem on HP-UX 9.x. - -475) Moved call to endpwent() and added a call to endgrent(). - -476) Fixed a warning conflicting declaration of VOID with AFS. - -477) Fixed a security hole in prompt rewriting found by Global InterSec. - -Sudo 1.6.6 released. - -478) Wildcards now work correctly in the env_keep Defaults directive. - -479) Added support for non-root timestamp dirs. This allows the timestamp - dir to be shared via NFS (though this is not recommended). - -480) Removed double printing of bad environment variable table in -V mode. - -481) configure script has been regenerated with autoconf 2.5.7. - This required some changes to configure.in. - -482) Fixed a compilation problem on SunOS; thanks to Alek O. Komarnitsky. - -483) SecurID 5.0 API support from Michael Stroucken. - -484) Restore state of signal handlers to what we had upon startup. - Fixes a problem when using sudo with nohup; thanks to Paul Markham. - -485) Revamp set_perms() to use setresuid() or setreuid() when available - in preference to POSIX stuff since they allow us to properly - implement "stay_setuid" whereas POSIX does not really. - -486) In strict mode sudo did not throw an error for undefined User_Aliases. - -487) Fixed a Makefile bug on IRIX. - -488) Write the prompt *after* turning off echo to avoid some password - characters being echoed on heavily-loaded machines with fast typists. - -489) Added %U and %H escapes in the prompt and fixed treatment of %%. - -490) Visudo will now add a final newline to sudoers if the user's editor - not add one before EOF. - -491) The lexer state is now reset to its initial value on EOF. - Previously, the state was not reset between parser invocations - which could cause problems for visudo in rare cases. - -492) Added support for Defaults that apply based on the RunasUser. - -493) Sudo now includes copies of strlc{at,py} and uses them throughout. - -494) Sudo is now careful to avoid interger overflow when allocating - memory. This is one of those "should not happen" situations. - -495) Added a configure option (--with-stow) to make sudo compatible - with GNU stow. - -496) auth/kerb5.c now compiles under Heimdal. - -497) The volatile prefix is used in the hopes of preventing compilers - from optimizing away memory zeroing. Unfortunately, this results - in some warnings from gcc. - -498) Better Kerberos IV/V support in the configure script. - -499) Fixed a logic thinko in the SIGCHLD handler that caused problems - with rlogin on HP-UX. - -500) configure now adds -R to LDFLAGS when it adds -L for Solaris and - SVR4. There is a configure option, --with-rpath, to control this. - -501) On AIX, configure will pass extra directory paths to the linker - via the -blibpath ld option. This is only active when additional - library paths are used. It may be disabled via the - --without-blibpath configure option. - -502) The --with-skey and --with-opie configure options now take - an optional directory argument that should have an include and - lib dir for the skey/opie include file and library respectively. - -Sudo 1.6.7 released. - -503) Fixed false positives in the overflow detection of expand_prompt(). - -Sudo 1.6.7p1 released. - -504) An unterminated comment broke Kerberos V authentication. - -505) The krb5-config script is used to determine Kerberos V CPPFLAGS - and LDFLAGS/LIBS if it exists. - -506) Backed out changes to mkinstalldirs from autoconf 2.57 that - caused problems on Tru64 Unix. - -Sudo 1.6.7p2 released. - -507) Kerberos V support should work on latest MIT Kerberos V and Heimdal. - -Sudo 1.6.7p3 released. - -508) Fixed remaining Kerberos V issues with MIT Kerberos V and old Heimdal. - -Sudo 1.6.7p4 released. - -509) Fixed a typo that caused a compilation error on Heimdal. - -510) Darwin (MacOS X) doesn't have a real setreuid() system call. - -511) Fixed a problem with large numbers of environment variables. - -Sudo 1.6.7p5 released. - -512) Fixed a problem on FreeBSD when the user is only listed in NIS (not - master.passwd) and netgroups are used in the master.passwd file. - -513) BSD-style warn/err functions are now used throughout. - -514) Fixed the --with-stow configure option - -515) Added a "sudo_lecture" option that points to a file containing a custom - lecture. - -516) The username in a log entry is no longer truncated at 8 characters. - -517) A new tag, NOEXEC, will prevent a dynamically-linked program being run - by sudo from executing another program (think shell escapes). - Because this uses LD_PRELOAD it has no effect on static binaries. - Idea from Reznic Valery. - -518) TIS fwtk authentication now supports fwtk 2.0 and higher. - -519) Sudo will now try to stat the command to be run as the user - specified by the -u flag if the stat fails as root. Fixes - an NFS issue. - -520) Added Stan Lee / Uncle Ben quote to the lecture (from RedHat). - -521) Added a -i option to simulate an initial login similar to "su -". - Originally based on a patch from David J. MacKenzie. - -522) Added a -e option to edit files the with uid of the invoking user. - This prevents the user from editing other files or running commands - as the target user. If sudo is run as "sudoedit" the -e flag is implied. - -523) If sudo is used to run as root shell, further sudo commands will - be logged as run by the user specified by the SUDO_USER environment - variable. In -e mode (sudoedit), SUDO_USER is used to determine - what user to run the editor when the real uid is 0. - -524) Merged in LDAP support from Aaron Spangler. - -525) Added the --with-pc-insults configure to replace politically - incorrect insults with ones from Alek O. Komarnitsky. - -526) Added start_tls support from Gudleik Rasch <gudleik@rastamatra.org>. - -527) A uid specified in sudoers now matches the user specified by the - -u flag even if the -u flag specified a name, not a uid. - -528) /tmp/.odus is no longer used for timestamps by default. One of - /var/run/sudo, /var/adm/sudo or /usr/adm/sudo is used depending - on what directories exist. - -529) Quoting globbing characters with a backslash now works as documented. - -530) A negated user/uid in a runas list was not treated the same as a - negated command (it did not override a previously allowed entry). - Now it does. - -531) Added support for Tandem NSK and other systems w/o seteuid(). - -532) The timeout on password reading is now done via alarm(), not select(). - -533) Fixed several issues when closing all open descriptors. Sudo now uses - closefrom() if it exists, using /proc/$$/fd if possible. - -534) Use PATH_MAX, not MAXPATHLEN since the former is standardized. - -535) Added a check in visudo for runas_default being used before it - was set. - -536) If the target user == invoking user a password is no longer required. - -537) PAM support now uses Use pam_acct_mgmt() to check for disabled accounts - (from Brian Farrell). - -538) The sudoers file is now parsed as the runas user in all cases instead - of root. This fixes some issues with running NFS-mounted commands. - -539) Sudo now produces a sensible error message when the targetpw - Defaults option is set and a non-existent uid is specified via -u. - -Sudo 1.6.8 released. - -540) Now find the command base and fill in struct stat earlier. - -541) sudoedit now re-opens the temp file as the invoking user. - -542) struct timespec is used throughout the code base. - -543) Added --with-ldap-conf-file option to override /etc/ldap.conf - -544) Added SSL tls_* certificate checking options when using LDAP. - -545) Sudoedit will now only attempt to edit regular files or links. - -546) Sudo now uses futime() or futimes() where possible. - -547) Updated sample.pam to a current version. - -548) Better detection of unchanged files in sudoedit. - -Sudo 1.6.8p1 released. - -549) Bash exported functions are now stripped from the environment passed - to the program to be executed. - -Sudo 1.6.8p2 released. - -550) The CDPATH variable is now stripped from the environment passed - to the program to be executed. - -551) Fix temp file generation on systems where the _PATH_VARTMP macro - lacks a trailing slash. - -Sudo 1.6.8p3 released. - -552) The KRB5CCNAME environment variable is preserved during sudo - execution for password lookups that use GSSAPI. - -Sudo 1.6.8p4 released. - -553) Added a configure check for systems with a 2-argument version of - timespecsub (like BSD/OS). - -554) Added stub struct defintions to sudo.h to quiet compiler warnings - on some systems. - -555) In sudoers Defaults lines, tuples like "lecture" may now be used - without a value, restoring their old boolean-like nature. - -556) Invalid values for a tuple are now handled correctly. - -Sudo 1.6.8p5 released. - -557) Added a set of missing braces needed for MacOS X / Darwin. - -558) Define LDAP_OPT_SUCCESS for those without it. - -Sudo 1.6.8p6 released. - -559) Warn if the user tries to use the -u option when not running a command. - -560) Better PAM error handling and messages. - -561) Fixed setting of $USER when env_reset is enabled. - -Sudo 1.6.8p7 released. - -562) Fixed noexec functionality on Linux. - -563) Fixed minor format string mismatches in some error cases. - -564) Fixed a bug that prevented Heimdal authentication from working. - -Sudo 1.6.8p8 released. - -565) Updated config.guess and config.sub entries for OpenBSD. - -566) A sudoers entry with sudo ALL no longer overwrites the value of - safe_cmnd. - -Sudo 1.6.8p9 released. - -567) Added PS4 and SHELLOPTS to the list of variables to remove from - the environment. - -Sudo 1.6.8p10 released. - -567) Added JAVA_TOOL_OPTIONS to the list of variables to remove from - the environment. - -Sudo 1.6.8p11 released. - -567) Added PERLLIB, PERL5LIB and PERL5OPT to the list of variables to - remove from the environment. - -Sudo 1.6.8p12 released. - -568) Fixed a file descriptor leak when the lecture file option is enabled. - -569) Added to the list of variables to remove from the environment. - -570) Fixed a Kerberos V security issue that could allow a - user to authenticate using a fake KDC. - -571) Pulled in updated configure and libtool from sudo 1.7. - -572) PAM is now the default on systems where it is supported. - -573) Removed POSIX saved uid use; the stay_setuid option now - requires the setreuid() or setresuid() functions to work. - -574) Regenerated configure with up to date autoconf and libtool. - -575) Fixed fd leak when lecture file option is enabled. - -576) Removed used of POSIX saved uids. The stay_setuid - option now requires setreuid() or setresuid(). - -577) PAM fixes. If the user enters ^C at the password prompt, - abort instead of trying to authenticate with an empty password - (which causes an annoying delay). Also Call pam_open_session() - and pam_close_session() to give pam_limits a chance to run. - -578) Security fix for Kerberos5. If we cannot get a valid service - key using the default keytab it is a fatal error. Now uses - krb5_verify_user() and krb5_init_secure_context() if they - are available. - -579) Fixed securid5 authentication. - -580) Added fcntl F_CLOSEM support to closefrom(). - -581) Added NOEXEC support for AIX 5.3. - -582) Sudo now uses the supplemental group vector for matching. - This fixes problems with split group lines in /etc/group - as well as multiple group sources in nsswitch.conf. - -583) Added more environment variables to remove by default. - -584) Mail from sudo now includes an Auto-Submitted: auto-generated - header ala rfc 3834. - -585) Reworked the environment handling code. - -586) Remove the --with-execv option, it was not useful. - -587) Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since - some OSes have issues with TCSAFLUSH. - -588) Use glob(3) instead of fnmatch(3) for matching pathnames - and stat() each result that matches the basename of the user's - command. This makes "cd /usr/bin ; sudo ./blah" work when - sudoers allows /usr/bin/blah. - -589) Reworked the syslog long line splitting code based on changes - from Eygene Ryabinkin. - -590) Sudo can now with deal more than 32 network interfaces on - Solaris. - -591) Visudo will now honor command line arguments in the EDITOR or - VISUAL environment variables if env_editor is enabled. - -592) LDAP now honors rootbinddn, timelimit and bind_timelimit in - /etc/ldap.conf. - -593) For LDAP, do a sub tree search instead of a base search (one - level in the tree only) for sudo right objects. This allows - system administrators to categorize the rights in a tree to - make them easier to manage. - -594) The env_reset option is now enabled by default. Commands run - through sudo now receive a minimal environment with certain - variables passed through and/or checked. The list of variables - allowed is configurable via the env_keep and env_check options - in sudoers. - -595) Added support for Solaris 10 resource control limits using - the "project" interface. - -596) Moved LDAP schema data into separate files. - -597) Sudo no longer assumes that gr_mem in struct group is non-NULL. - -598) Added support for setting environment variables on the command - line if the command has the SETENV attribute set in sudoers. - -599) Added a -E flag to preserve the environment if the SETENV attribute - has been set. - -600) The sudoers2ldif script now parses Runas users. - -601) The -- flag now behaves as documented. - -602) sudo -k/-K no longer cares if the timestamp is in the future. - -603) When searching for the command, sudo now uses the effective gid - of the runas user. - -604) Sudo no longer updates the timestamp if not validated by sudoers. - -605) Now rebuild environment regardless of how sudo was invoked. - -606) More accurate usage() when called as sudoedit. - -607) Command line environment variables are now treated like - normal environment variables unless the SETENV tag is set. - -608) Better explanation of environment handling in the sudo man page. - -Sudo 1.6.9 released. - -609) Worked around a bug ins some PAM implementations that caused a crash - when no tty was present. - -610) Fixed a crash on some platforms in the error logging function. - -611) Documentation improvements. - -Sudo 1.6.9p1 released. - -612) Fixed updating of the saved environment when the environ pointer - gets changed out from underneath us. - -Sudo 1.6.9p2 released. - -613) Fixed a bug related to supplemental group matching introduced - in 1.6.9. - -Sudo 1.6.9p3 released. - -614) Added IPv6 support from YOSHIFUJI Hideaki. - -615) Fixed sudo_noexec installation path. - -616) Fixed a K&R compilation error. - -Sudo 1.6.9p4 released. - -617) Fixed a bug in the IP address matching introduced by the IPV6 merge. - -618) For "visudo -f file" we now use the permissions of the original file - and not the hard-coded sudoers owner/group/mode. This makes - it possible to use visudo with a revision control system. - -619) Fixed sudoedit when used on a non-existent file. - -620) Regenerated configure using autoconf 2.6.1 and libtool 1.5.24. - -621) Groups and netgroups are now valid in an LDAP sudoRunas statement. - -Sudo 1.6.9p5 released. - -622) Worked around bugs in the session support of some PAM implementations. - The full tty path is now passed to PAM as well. - -623) Sudo now only prints the password prompt if the process is in the - foreground. - -624) inttypes.h is now included when appropriate if it is present. - -625) Simplified alias allocation in the parser. - -Sudo 1.6.9p6 released. - -626) Go back to using TCSAFLUSH instead of TCSADRAIN when turning - off echo in tgetpass(). - -627) Fixed addition of -lutil for logincap on FreeBSD and NetBSD. - -628) Add configure check for struct in6_addr since some systems define - AF_INET6 but have no real IPv6 support. - -Sudo 1.6.9p7 released. - -629) Fixed a bug where a sudoers entry with no runas user specified - was treated differently from a line with the default runas - user specified. - -Sudo 1.6.9p8 released. - -630) The ALL command in sudoers now implies SETENV permissions. - -631) The command search is now performed using the target user's - auxiliary group vector too. - -632) When determining if the PAM prompt is the default "Password: ", - compare the localized version if possible. - -633) Added passprompt_override flag to sudoers to cause sudo's prompt - to be used in all cases. Also set when the -p flag is used. - -Sudo 1.6.9p9 released. - -634) Moved LDAP options into a table for simplified parsing/setting. - -635) Fixed a problem with how some LDAP options were being applied. - -636) Added support for connecting directly to LDAP servers via SSL - in addition to the existing start_tls support. - -Sudo 1.6.9p10 released. - -637) Fixed a compilation problem on SCO related to how they - store the high resolution timestamps in struct stat. - -638) Avoid checking the passwd file group multiple times - in the LDAP query when the user's passwd group is also - listed in the supplemental group vector. - -639) The URI specifier can now be used in ldap.conf even when - the LDAP SDK doesn't support ldap_initialize(). - -640) New %p prompt escape that expands to the user whose password - is being prompted, as specified by the rootpw, targetpw and - runaspw sudoers flags. Based on a diff from Patrick Schoenfeld. - -Sudo 1.6.9p11 released. - -641) Added a configure check for the ber_set_option() function. - -642) Fixed a compilation problem with the HP-UX K&R C compiler. - -643) Revamped the Kerberos 5 ticket verification code. - -644) Added support for the checkpeer ldap.conf variable for - netscape-based LDAP SDKs. - -645) Fixed a problem where an incomplete password could be echoed - to the screen if there was a read timeout. - -Sudo 1.6.9p12 released. - -646) Sudo will now set the nproc resource limit to unlimited on Linux - systems to work around Linux's setuid() resource limit semantics. - On PAM systems the resource limits will be reset by pam_limits.so - before the command is executed. - -647) SELinux support that can be used to implement role based access - control (RBAC). A role and (optional) type may be specified - in sudoers or on the command line. These are then used in the - security context that the command is run as. - -648) Fixed a Kerberos 5 compilation problem with MIT Kerberos. - -Sudo 1.6.9p13 released. - -649) Fixed an invalid assumption in the PAM conversation function - introduced in version 1.6.9p9. The conversation function may - be called for non-password reading purposes as well. - -650) Fixed freeing an uninitialized pointer in -l mode, introduced in - version 1.6.9p13. - -651) Check /etc/sudoers after LDAP even if the user was found in LDAP. - This allows Defaults options in /etc/sudoers to take effect. - -652) Add missing checks for enforcing mode in SELinux RBAC mode. - -Sudo 1.6.9p14 released. - -653) Fixed installation of sudo_noexec.so on AIX. - -654) Updated libtool to version 1.5.26. - -655) Fixed printing of default SELinux role and type in -V mode. - -656) The HOME environment variable is once again preserved by default, - as per the documentation. - -Sudo 1.6.9p15 released. - -657) There was a missing space before the ldap libraries in the Makefile - for some configurations. - -658) LDAPS_PORT may not be defined on older Solaris LDAP SDKs. - -659) If the LDAP server could not be contacted and the user was not present - in sudoers, a syntax error in sudoers was incorrectly reported. - -Sudo 1.6.9p16 released. - -660) The -i flag should imply resetting the environment, as it did in - sudo version prior to 1.6.9. Also, the -i and -E flags are - mutually exclusive. - -661) Fixed the configure test for dirfd() under Linux. - -662) Fixed test for whether -lintl is required to link. - -663) Changed how sudo handles the child process when sending mail. - This fixes a problem on Linux with the mail_always option. - -664) Fixed a problem with line continuation characters inside of - quoted strings. - -Sudo 1.6.9p17 released. - -665) Fixed a crash when the -i flag was used with a uid not in the password - database. - -666) Regenerated parser to pull in a yacc skeleton fix. diff --git a/usr.bin/sudo/ChangeLog b/usr.bin/sudo/ChangeLog new file mode 100644 index 00000000000..582f72602b2 --- /dev/null +++ b/usr.bin/sudo/ChangeLog @@ -0,0 +1,19479 @@ +2008-11-10 08:07 millert + + * pathnames.h.in, sudo.c: s/overriden/overridden/; from Tobias + Stoeckmann + +2008-11-09 15:18 millert + + * visudo.c, WHATSNEW: check sudoers owner and mode in strict mode + +2008-11-09 09:15 millert + + * gram.c, toke.c: regen + +2008-11-09 09:13 millert + + * alias.c, alloc.c, closefrom.c, compat.h, defaults.c, defaults.h, + env.c, fileops.c, gettime.c, gram.y, ins_csops.h, insults.h, + interfaces.c, interfaces.h, lbuf.c, license.pod, list.c, + logging.c, logging.h, parse.c, parse.h, pwutil.c, redblack.c, + redblack.h, snprintf.c, sudo.c, sudo.pod, sudo_edit.c, + sudo_nss.h, testsudoers.c, toke.l, tsgetgrpw.c, utimes.c, + version.h, visudo.c, zero_bytes.c, LICENSE, sudoers.pod, + visudo.pod, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, + auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c, + auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h, + sudo.man.in, sudoers.man.in, visudo.man.in: Update copyright + years. + +2008-11-09 08:48 millert + + * fnmatch.c, glob.c, emul/charclass.h: add my copyright + +2008-11-08 10:40 millert + + * toke.c, toke.l: The loop in fill_cmnd() was going one byte too + far past the end, resulting in a NUL being written immediately + after the buffer end. + +2008-11-08 10:31 millert + + * UPGRADE, WHATSNEW: add sections on tgetpass changes + +2008-11-08 10:30 millert + + * tgetpass.c: Treat EOF w/o newline as an error. + +2008-11-07 17:42 millert + + * parse.c: Fix "sudo -v" when NOPASSWD is set. + +2008-11-07 12:45 millert + + * auth/: bsdauth.c, fwtk.c, pam.c, sudo_auth.c, sudo_auth.h: No + longer treat an empty password at the prompt as special. To quit + out of sudo you now need to hit ^C at the password prompt. + +2008-11-06 21:07 millert + + * sudoers.cat, sudoers.man.in: regen + +2008-11-06 21:06 millert + + * def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod: Sudo + will now refuse to run if no tty is present unless the new + visiblepw sudoers flag is set. + +2008-11-05 19:42 millert + + * aix.c: just use RLIM_INFINITY for RLIM_SAVED_MAX if + RLIM_SAVED_MAX not defined + +2008-11-05 19:40 millert + + * aix.c: fix fallback value for RLIM_SAVED_MAX + +2008-11-05 19:14 millert + + * auth/: aix_auth.c, sudo_auth.h: Move clearing of AUTHSTATE into + aixauth_cleanup. + +2008-11-05 19:08 millert + + * env.c, auth/aix_auth.c: Unset AUTHSTATE after calling + authenticate() as it may not be correct for the user we are + running the command as. + +2008-11-05 19:05 millert + + * isblank.c: Add isblank() function for systems without it. Needed + for POSIX character class matching in fnmatch.c and glob.c. + +2008-11-05 11:02 millert + + * TROUBLESHOOTING: expound on sudo and cd + +2008-11-04 15:52 millert + + * ChangeLog: regen + +2008-11-04 15:46 millert + + * sudoers.cat, sudoers.man.in: regen + +2008-11-04 15:45 millert + + * sudoers.pod: mention defauts parse order + +2008-11-03 13:19 millert + + * Makefile.in, aclocal.m4, compat.h, configure: Add isblank() + function for systems without it. Needed for POSIX character + class matching in fnmatch.c and glob.c. + +2008-11-03 12:54 millert + + * Makefile.in: add emul/charclass.h to HDRS + +2008-11-02 14:08 millert + + * TODO: checkpoint + +2008-11-02 14:06 millert + + * parse.c, defaults.c, testsudoers.c, visudo.c: Move + update_defaults into defaults.c and call it properly from visudo + and testsudoers. + +2008-11-02 09:51 millert + + * defaults.c, interfaces.c, pwutil.c, sudo.c, sudo_edit.c, + tgetpass.c, tsgetgrpw.c: use zero_bytes() instead of memset() for + consistency + +2008-11-02 09:45 millert + + * logging.c, mon_systrace.c, parse.c, sudo.c, sudo_edit.c, + tgetpass.c, visudo.c: Zero out sigaction_t before use in case it + has non-standard entries. + +2008-11-02 09:35 millert + + * match.c: quiet gcc + +2008-11-02 09:28 millert + + * match.c: Short circuit glob() checks if basename(pattern) != + basename(command). Refactor code that checks for a command in a + directory and use it in the glob case if the resolved pattern + ends in a '/'. + +2008-11-01 09:20 millert + + * defaults.h, parse.c, sudo.c, testsudoers.c, visudo.c: Defer + setting runas defaults until after runaspw/gr is setup. + +2008-10-29 13:26 millert + + * match.c, sudo.c, testsudoers.c: Use MAXHOSTNAMELEN+1 when + allocating host/domain name since some systems do not include + space for the NUL in the size. Also manually NUL-terminate + buffer from gethostname() since POSIX is wishy-washy on this. + +2008-10-26 17:13 millert + + * sudo.c, sudoers.pod: When setting the umask, use the union of the + user's umask and the default value set in sudoers so that we + never lower the user's umask when running a command. + +2008-10-26 16:43 millert + + * sudo.c: Don't try to read from a zero-length sudoers file. + Remove the bogus Solaris work-around for EAGAIN. Since we now + use fgetc() it should not be a problem. + +2008-10-25 09:22 millert + + * parse.c: In update_defaults() check the return value of + user*_matches against ALLOW so we don't inadvertantly match on + UNSPEC. + +2008-10-24 09:52 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat, + sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in: + regen man pages; no more hyphenation + +2008-10-24 09:49 millert + + * sudo.c: Don't error out on a zero-length sudoers file. With the + advent of #include the user could create a situation where sudo + is unusable. + +2008-10-23 12:06 millert + + * config.h.in, configure, configure.in, auth/kerb5.c: Newer heimdal + has 2-argument krb5_get_init_creds_opt_free() like MIT krb5. + Really old heimdal has no krb5_get_init_creds_opt_alloc() at all. + Add configure tests to handle all the cases. + +2008-10-08 17:28 millert + + * sudo.pod: resort ENVIRONMENT + +2008-10-08 17:09 millert + + * sudoers.pod: document sudoers_locale + +2008-10-08 16:56 millert + + * sudo.pod, sudo_edit.c: add SUDO_EDITOR variable that sudoedit + uses in preference to VISUAL or EDITOR + +2008-10-08 14:27 millert + + * toke.c, toke.l: In fill_cmnd(), collapse any escaped + sudo-specific characters. Allows character classes to be used in + pathnames. + +2008-10-03 16:02 millert + + * lbuf.c: fix typo in non-C89 function declaration + +2008-10-03 15:56 millert + + * sudoers.pod: Mention POSIX characters classes now that out + fnmatch() and glob() support them. + +2008-10-03 15:55 millert + + * sample.sudoers, sudoers.pod: Replace [A-z] (which won't match in + UTF8) with [A-Za-z] which is locale agnostic. + +2008-10-03 10:02 millert + + * parse.h: use __signed char if we are going to assign a negative + value since on Power, char is unsigned by default + +2008-10-03 09:59 millert + + * configure, configure.in, config.h.in: Add tests for __signed char + and signed char. + +2008-10-03 09:19 millert + + * aix.c: Fix AIX limit setting. getuserattr() returns values in + disk blocks rather than bytes. The default hard stack size in + newer AIX is RLIM_SAVED_MAX. From Dale King. + +2008-09-26 17:13 millert + + * fnmatch.c, glob.c, emul/charclass.h: Add character class support + to included glob(3) and fnmatch(3). + +2008-09-16 08:28 millert + + * emul/fnmatch.h: Remove UCB advertising clause and some + compatibility defines. + +2008-09-14 16:07 millert + + * sudo_edit.c: Check EDITOR/VISUAL to make sure sudoedit is not + re-invoking itself or sudo. This allows one to set EDITOR to + sudoedit without getting into an infinite loop of sudoedit + running itself until the path gets too big. + +2008-09-13 20:45 millert + + * def_data.c, def_data.h, def_data.in, defaults.c, sudo.c: Add + sudoers_locale Defaults option to override the default sudoers + locale of "C". + +2008-09-13 14:09 millert + + * sudo.c: Set locale to system default except for during sudoers + parse. + +2008-09-12 09:34 millert + + * match.c: Redo change in 1.34 to use pointer arithmetic. + +2008-09-11 07:06 millert + + * match.c: Fix a dereference (read) of a freed pointer. Reported + by Patrick Williams. + +2008-08-23 19:09 millert + + * sudo.c: Set locale to "C" to avoid interpretation issues with + character ranges in sudoers. May want to make the locale a + sudoers option in the future. + +2008-08-20 07:45 millert + + * config.h.in: we no longer use setproctitle + +2008-08-20 07:41 millert + + * sudo.h: remove #if 1 + +2008-08-20 07:40 millert + + * LICENSE, mkstemp.c: Use my replacement mkstemp() from the mktemp + package. + +2008-07-12 08:53 millert + + * gram.c: regen with yacc skeleton bug fixed + +2008-07-12 08:48 millert + + * sudoers.pod: Remove duplicate "as root". From Martin Toft. + +2008-07-02 06:27 millert + + * pwutil.c, sudo.c, testsudoers.c, sudo.h: Flesh out the fake + passwd entry used for running commands as a uid not listed in the + passwd database. Fixes an issue with some PAM modules. + +2008-07-01 07:57 millert + + * sudo.c: Error out in -i mode if the user has no shell. This can + happen when running commands as a uid with no password entry. + +2008-06-26 07:49 millert + + * toke.c, toke.l: Better fix for line continuation inside double + quotes. Now accepts whitespace between the backslash and the + newline like the main lexer. + +2008-06-25 14:31 millert + + * toke.c, toke.l: Fix line continuation in strings. It was only + being honored if preceded by whitespace. + +2008-06-22 16:19 millert + + * config.h.in, configure, configure.in, logging.c: Replace the + double fork with a fork + daemonize. + +2008-06-21 14:59 millert + + * env.c, sudo.c: The -i flag should imply env_reset. This got + broken in sudo 1.6.9. + +2008-06-20 20:34 millert + + * logging.c, sudo.c, sudo_edit.c, visudo.c: Change how the mailer + is waited for. Instead of having a SIGCHLD handler, use the + double fork trick to orphan the child that opens the pipe to + sendmail. Fixes a problem running su on some Linux distros. + +2008-06-20 17:16 millert + + * configure, configure.in: Fix configure test for dirfd() on Linux + where DIR is opaque. + +2008-06-17 17:42 millert + + * tgetpass.c: Get rid of the QNX TCSAFLUSH -> TCSADRAIN hack. If + QNX still has this problem we'll need to revisit this again. + +2008-06-10 21:13 millert + + * logging.c: Ignore SIGPIPE instead of blocking it when piping to + the mailer. If we only block the signal it may be delivered + later when we unblock. Also, there is no need to block SIGCHLD + since we no longer do the double fork. The normal SIGCHLD + handler is sufficient. + +2008-06-08 17:37 millert + + * configure, configure.in: Add description for NO_PAM_SESSION, from + a redhat patch. + +2008-06-06 09:36 millert + + * sudo.cat, sudo.man.in, sudo.pod: Fix typos in -i usage + +2008-05-18 13:54 millert + + * configure, configure.in: Redo the test for dgettext() in a way + that hopefully will work around the libintl_dgettext() undefined + problem. + +2008-05-11 09:21 millert + + * schema.ActiveDirectory: change filename in comment + +2008-05-10 09:18 millert + + * Makefile.in, README.LDAP, sudoers.ldap.cat, sudoers.ldap.man.in, + sudoers.ldap.pod: Reference schema.ActiveDirectory + +2008-05-09 14:49 millert + + * schema.OpenLDAP, schema.iPlanet: Mark sudoRunAs as deprecated. + +2008-05-09 14:48 millert + + * schema.ActiveDirectory: add sudoRunAsUser and sudoRunAsGroup + +2008-05-09 14:01 millert + + * schema.ActiveDirectory: Active Directory schema by Chantal + Paradis and Eric Paquet + +2008-05-08 17:54 millert + + * parse.c: remove an XXX that was fixed + +2008-05-08 12:53 millert + + * ChangeLog: sync + +2008-05-08 12:49 millert + + * parse.c: Initialize tags to UNSPEC instead of def_* in "sudo -l" + mode. This fixes a problem where the tag value printed was + influenced by defaults set in the first pass through the parser. + +2008-05-03 21:29 millert + + * Makefile.in, sudo.psf: No point in packaging the TODO file + +2008-05-03 21:24 millert + + * ChangeLog: sync + +2008-05-02 20:53 millert + + * WHATSNEW, def_data.c, def_data.h, def_data.in, env.c, sudo.c, + sudo.h, sudoers.cat, sudoers.man.in, sudoers.pod: Add env_file + Defaults option that is similar to /etc/environment on some + systems. + +2008-05-02 16:38 millert + + * Makefile.in, README, TODO, WHATSNEW, sudo.cat, sudo.man.in, + sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in, + sudoers.man.in, version.h, visudo.cat, visudo.man.in: change + version to 1.7.0 + +2008-05-02 16:37 millert + + * UPGRADE: initial valgrind pass done + +2008-04-23 08:30 millert + + * ldap.c: Fix typo/think in sudo_ldap_read_secret() when storing + the secret. + +2008-04-11 10:03 millert + + * ldap.c: define LDAPS_PORT if the system headers do not + +2008-04-10 14:54 millert + + * gram.c, gram.y: Fix another memory leak in init_parser(). + +2008-04-10 12:51 millert + + * configure, configure.in: There was a missing space before the + ldap libs in SUDO_LIBS for some configurations. + +2008-04-10 11:28 millert + + * alias.c, gram.c, gram.y, toke.c, toke.l: Clean up some memory + leaks pointed out by valgrind. + +2008-04-07 14:39 millert + + * sudo.c: fix "sudo -s" broken by mode/flags breakout + +2008-04-07 14:26 millert + + * configure, configure.in: remove duplicate check for dgettext + +2008-04-05 15:54 millert + + * aix.c: Fall back to default stanza if no user-specific limit is + found. + +2008-04-02 15:56 millert + + * snprintf.c: include stdint.h if present + +2008-04-02 15:28 millert + + * snprintf.c: Use LLONG_MAX, not the old QUAD_MAX + +2008-04-01 19:18 millert + + * sudoers.ldap.pod: fix cut and pasto + +2008-03-31 11:24 millert + + * pwutil.c: Add #ifdef PURITY + +2008-03-30 17:36 millert + + * auth/bsdauth.c: remove useless cast + +2008-03-27 19:07 millert + + * ChangeLog: sync + +2008-03-27 19:04 millert + + * TODO: sync + +2008-03-27 19:01 millert + + * sudo.h: Split MODE_* defines into primary and flags. + +2008-03-26 13:11 millert + + * aix.c: It turns out the logic for getting AIX limits is more + convoluted than I realized and differs depending on whether the + soft and/or hard limits are defined. + +2008-03-23 10:18 millert + + * Makefile.in, configure, configure.in: Back out AIX-specific + change to set the sudo_noexec path to the .a file, we do really + want to use the .so file. Since libtool doesn't do that + correctly, just install the .so file ourselves in the Makefile. + +2008-03-23 10:12 millert + + * install-sh: If the file given to install is a path, only use the + basename of the file when building the destination path. + +2008-03-18 16:08 millert + + * sudo.c: parse_args() cleanup: Sort command line options in the + getopt() switch The -U option requires a parameter Normalize a + few ISSET calls Split mode into mode and flags and retire the + now-obsolete excl variable + +2008-03-18 16:04 millert + + * WHATSNEW, check.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, + sudo.pod, sudo_usage.h.in: Add -n (non-interactive) flag. + +2008-03-18 15:59 millert + + * sudo.c: Move version printing, etc. into a separate function. + +2008-03-18 15:57 millert + + * sudo.c: Don't try to cleanup nsswitch if it has not been + initialized. + +2008-03-17 11:09 millert + + * logging.c: Block SIGPIPE in send_mail() so sudo is not killed by + a problem executing the mailer. + +2008-03-14 08:11 millert + + * configure.in, configure: AIX shared libs end in .a, not .so. + +2008-03-13 07:34 millert + + * env.c: Preserve HOME by default too. Matches documentation and + previous behavior. + +2008-03-12 19:42 millert + + * sudo.c: Use getopt() to parse the command line. We need to be + able to intersperse env variables and options yet still honor + "--"" which complicates things slightly. + +2008-03-06 14:46 millert + + * ChangeLog: sync + +2008-03-06 14:43 millert + + * acsite.m4, configure, ltmain.sh: update to libtool-1.5.26 + +2008-03-06 14:32 millert + + * config.guess, config.sub: update from libtool-1.5.26 distribution + +2008-03-06 13:18 millert + + * aix.c, sudo.h: attempt to fix compilation errors on AIX + +2008-03-06 13:08 millert + + * Makefile.in: fix typo in last commit + +2008-03-06 13:07 millert + + * Makefile.in: Add WHATSNEW file to the distribution + +2008-03-06 12:43 millert + + * visudo.c: use warningx instead of fprintf(stderr, ...) + +2008-03-06 12:31 millert + + * list.c: add DEBUG to list2tq + +2008-03-06 12:28 millert + + * ChangeLog, TODO: sync + +2008-03-06 12:21 millert + + * WHATSNEW: mention mailfrom + +2008-03-06 12:19 millert + + * Makefile.in, config.h.in, configure, configure.in, set_perms.c, + sudo.h, aix.c: Add aix_setlimits() to set resource limits on AIX + using a combination of getuserattr() and setrlimit(). Currently + untested. + +2008-03-05 16:52 millert + + * def_data.c, def_data.h, def_data.in, logging.c, sudoers.cat, + sudoers.pod, sudoers.man.in: Add mailfrom Defaults option that + sets the value of the From: field in the warning/error mail. If + unset the login name of the invoking user is used. + +2008-03-05 16:18 millert + + * defaults.c: store a copy of _PATH_SUDO_ASKPASS in def_askpass + that is freeable + +2008-03-05 15:19 millert + + * gram.c, gram.y: When adding a default, only call list2tq() once + to do the list to tq conversion. It is not legal to call list2tq + multiple times on the same list since list2tq consumes and + modifies the list argument. + +2008-03-05 09:38 millert + + * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod: comment + out XXXs for now + +2008-03-05 09:36 millert + + * WHATSNEW: mention askpass + +2008-03-04 17:20 millert + + * sudo.c: Error out if both -A and -S are specified Error out if -A + is specified but no askpass is configured + +2008-03-04 17:16 millert + + * configure, configure.in: we are not going to ship a sudo-specific + askpass + +2008-03-03 14:30 millert + + * sudo.h: fix definition of TGP_ASKPASS + +2008-03-03 13:54 millert + + * def_data.c, def_data.in: make askpass boolean-capable + +2008-03-03 13:53 millert + + * INSTALL: document --with-askpass + +2008-03-02 19:27 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, + sudoers.ldap.cat, visudo.cat: regen + +2008-03-02 17:31 millert + + * sudo.pod, sudo_usage.h.in, sudoers.pod: document -A and askpass + +2008-03-02 09:31 millert + + * check.c, configure, configure.in, def_data.c, def_data.h, + def_data.in, defaults.c, pathnames.h.in, sudo.c, sudo.h, + sudo_usage.h.in, tgetpass.c, auth/sudo_auth.c: Add support for + running a helper program to read the password when no tty is + present (or when specified with the -A flag). TODO: docs. + +2008-03-02 08:38 millert + + * def_data.c, def_data.in: add missing printf format to SELinux + role and type strings + +2008-02-27 09:26 millert + + * INSTALL, configure, configure.in: Disable use of + gss_krb5_ccache_name() by default and add + --enable-gss-krb5-ccache-name configure option to enable it. It + seems that gss_krb5_ccache_name() doesn't work properly with some + combinations of Heimdal and OpenLDAP. + +2008-02-22 15:33 millert + + * selinux.c: Ignore setexeccon() failing in permissive mode. Also + add a call to setkeycreatecon() (though this is probably + insufficient). From Dan Walsh. + +2008-02-22 15:19 millert + + * auth/pam.c: Only set std_prompt for the PAM_PROMPT_* cases. The + conversation function may be called for non-password reading + purposes so we must be careful not to use def_prompt in cases + where it may not be set. + +2008-02-20 12:00 millert + + * selinux.c: Don't free the new tty context, we need to keep it + around when we restore the tty context after the command + completes + +2008-02-19 16:04 millert + + * selinux.c: s/newrole/sudo/ + +2008-02-19 13:21 millert + + * sudo.man.pl, sudo.pod: Only put login_cap(3) in SEE ALSO section + if we have login.conf support + +2008-02-18 11:05 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat, + sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in: + regen + +2008-02-18 10:53 millert + + * Makefile.in, configure, configure.in, sudo.man.pl, sudo.pod, + sudoers.man.pl, sudoers.pod: Substitute in comment characters for + lines partaining to login.conf, BSD auth and SELinux and only + enable them if pertinent. + +2008-02-18 10:42 millert + + * Makefile.in, sudo.pod, sudoers.ldap.pod, sudoers.pod, visudo.pod: + Remove the =cut on the first line (above the copyright notice) to + quiet pod2man. Also remove the hackery in the FILES section and + just deal with the fact that there will a newline between each + pathname. + +2008-02-17 08:19 millert + + * Makefile.in: run sudo.man.pl when generating sudo.man.in + +2008-02-17 08:11 millert + + * configure, configure.in, sudo.man.pl: comment out SELinux manual + bits unless --with-selinux was specified + +2008-02-17 08:04 millert + + * sudoers.pod: document role and type defaults for SELinux + +2008-02-16 20:26 millert + + * sudo.c, sudo.cat, sudo.man.in, sudo.pod, sudo_usage.h.in: + Document "sudo -ll" and make "sudo -l -l" be equivalent. + +2008-02-15 15:23 millert + + * configure.in, configure: Treat k*bsd*-gnu like Linux, not BSD. + Fixes compilation problems on Debian GNU/kFreeBSD. + +2008-02-13 17:17 millert + + * auth/kerb5.c: Avoid Heimdal'isms introduced in the rev 1.32 + rewrite of verify_krb_v5_tgt() + +2008-02-13 07:28 millert + + * logging.c, logging.h, sudo.c: Remove dependence on + VALIDATE_NOT_OK in logging functions. Split log_auth() into + log_allowed() and log_denial() Replace mail_auth() with + should_mail() and a call to send_mail() + +2008-02-10 18:06 millert + + * ldap.c: Add debugging so we can tell if the krb5 ccache is + accessible + +2008-02-10 17:34 millert + + * INSTALL: mention --with-selinux + +2008-02-09 09:48 millert + + * configure: regen + +2008-02-09 09:43 millert + + * selinux.c: add Sudo tag + +2008-02-09 09:30 millert + + * Makefile.in, config.h.in, configure.in, def_data.c, def_data.h, + def_data.in, gram.c, gram.h, gram.y, ldap.c, parse.c, parse.h, + pathnames.h.in, selinux.c, sesh.c, sudo.c, sudo.cat, sudo.h, + sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.ldap.cat, + sudoers.ldap.man.in, sudoers.ldap.pod, testsudoers.c, toke.c, + toke.l: Add support for SELinux RBAC. Sudoers entries may + specify a role and type. There are also role and type defaults + that may be used. To make sure a transition occurs, when using + RBAC commands are executed via the new sesh binary. Based on + initial changes from Dan Walsh. + +2008-02-08 08:18 millert + + * lbuf.c, ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.c: Add long + list (sudo -ll) support for printing verbose LDAP and sudoers + file entries. Still need to update manual. + +2008-02-03 10:43 millert + + * ldap.c, parse.c, sudo.h, sudo_nss.c, sudo_nss.h: Unify the -l + output for file and ldap based sudoers and use lbufs for both. + The ldap output does not currently include options that cannot be + represented as tags. This will be remedied in a long list output + mode to come. + +2008-01-27 16:37 millert + + * set_perms.c: Use a specific error message for errno == EAGAIN + when setuid() et al fails. On Linux systems setuid() will fail + with errno set to EAGAIN if changing to the new uid would result + in a resource limit violation. + +2008-01-27 16:34 millert + + * sudo.c: Unlimit nproc on Linux systems where calling the setuid() + family of syscalls causes the nroc resource limit to be checked. + The limits will be reset by pam_limits.so when PAM is used. In + the non-PAM case the nproc limit will remain unlimited but there + doesn't seem to be a way around that other than having sudo parse + /etc/security/limits.conf directly. + +2008-01-27 16:31 millert + + * env.c, sudo.c, sudo.pod: Only read /etc/environment on Linux and + AIX + +2008-01-23 06:33 millert + + * configure, configure.in: Use SUDO_DEFINE_UNQUOTED instead of + AC_DEFINE_UNQUOTED to prevent ldap.conf and ldap.secret paths + from going into config.h. Avoid single quotes in variable + expansion when using SUDO_DEFINE_UNQUOTED since in some versions + of bash they will end up literally in the resulting define. + +2008-01-21 13:22 millert + + * README.LDAP: mention --with-nsswitch=no + +2008-01-21 11:43 millert + + * configure, configure.in: ldap_ssl.h depends on ldap.h being + included first + +2008-01-21 11:07 millert + + * configure, configure.in, ldap.c, config.h.in: Include ldap_ssl.h + if we can find it. Needed for the ldapssl_set_strength defines + on HP-UX at least. + +2008-01-21 10:02 millert + + * TODO, sudoers.ldap.pod: sync + +2008-01-21 10:01 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat, + sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in: + regen + +2008-01-21 10:00 millert + + * Makefile.in: Use 78n line length when formatting cat pages. + +2008-01-21 09:50 millert + + * README.LDAP: Remove redundant info that is now in + sudoers.ldap.pod + +2008-01-20 16:18 millert + + * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod: + Reorganize the first section a bit. Substitute the proper path + for /etc/sudoers. + +2008-01-20 10:17 millert + + * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod: + Substitute values for ldap.conf, ldap.secret and nsswitch.conf + Move schema into EXAMPLES + +2008-01-20 10:15 millert + + * configure.in, configure: Substitute values for ldap.conf, + ldap.secret and nsswitch.conf into sudoers.ldap.man. + +2008-01-19 20:35 millert + + * configure, configure.in: substitute for sudoers.ldap.man + +2008-01-19 20:34 millert + + * Makefile.in: Fix cut & pasto introduced when adding sudoers.ldap + man page. + +2008-01-19 20:25 millert + + * sudoers.ldap.pod, sudoers.ldap.cat, sudoers.ldap.man.in: Fill in + some of the missing pieces. Still needs some reorganization and + editing. + +2008-01-19 15:06 millert + + * Makefile.in, sudoers.ldap.cat, sudoers.ldap.man.in, + sudoers.ldap.pod: Beginnings of a sudoers.ldap man page. + Currently, much of the information is adapted from README.LDAP. + +2008-01-18 17:32 millert + + * pwutil.c: When copying gr_mem we must guarantee that the storage + space for gr_mem is properly aligned. The simplest way to do + this is to simply store gr_mem directly after struct group. This + is not a problem for gr_passwd or gr_name as they are simple + strings. + +2008-01-18 16:47 millert + + * ldap.c: Fix a typo/thinko in one of the calls to + sudo_ldap_check_user_netgroup(). From Marco van Wieringen. + +2008-01-17 15:44 millert + + * config.h.in, configure, configure.in, ldap.c: include + <mps/ldap_ssl.h> in ldap.c if available + +2008-01-16 18:20 millert + + * gram.c, gram.y: Make sure we define SIZE_MAX for yacc's + skeleton.c + +2008-01-16 13:03 millert + + * tgetpass.c: Use TCSAFLUSH when restoring terminal settings (and + echo) to guarantee that any pending output is discarded + +2008-01-15 17:18 millert + + * sudoers: no longer need to specify SETENV when user has sudo ALL + +2008-01-15 09:40 millert + + * testsudoers.c: sync user_args size calculation with sudo.c Add -g + group option, renaming old -g to -G Add set_runasgr() and + set_runaspw() and use them + +2008-01-15 09:23 millert + + * sudo.h, sudo.c: Make set_runaspw static void + +2008-01-15 09:17 millert + + * testsudoers.c, visudo.c: g/c set_runaspw stub + +2008-01-15 07:28 millert + + * configure, configure.in: Don't add -llber twice. + +2008-01-14 06:40 millert + + * ldap.c: fix typo + +2008-01-13 15:39 millert + + * gram.c: regen + +2008-01-13 14:57 millert + + * configure, configure.in: Fix check that determines whether -llber + is required. + +2008-01-13 14:22 millert + + * config.h.in, configure, configure.in, README.LDAP, ldap.c: For + netscape-based LDAP, use ldapssl_set_strength() to implement the + checkpeer ldap.conf option. + +2008-01-13 09:49 millert + + * auth/kerb5.c: Delay krb5_cc_initialize() until we actually need + to use the cred cache, which is what krb5_verify_user() does. + Better cleanup on failure. + +2008-01-12 12:40 millert + + * auth/kerb5.c: Rewrite verify_krb_v5_tgt() based on what heimdal's + krb5_verify_user() does. + +2008-01-09 14:58 millert + + * gram.c: The U suffix on constants is an ANSI feature + +2008-01-09 12:08 millert + + * configure.in, configure: Add check for ber_set_option() in -llber + +2008-01-06 19:02 millert + + * README.LDAP: default if no nsswitch.conf is files only + +2008-01-06 17:28 millert + + * README.LDAP: don't tell people to mail aaron about LDAP stuff + +2008-01-06 12:32 millert + + * README.LDAP: timelimit and bind_timelimit + +2008-01-06 08:54 millert + + * ChangeLog: sync + +2008-01-06 07:56 millert + + * ldap.c: Move ldap.secret reading into a separate function. + +2008-01-05 19:09 millert + + * check.c: user_runas -> runas_pw + +2008-01-05 18:59 millert + + * TODO: sync + +2008-01-05 18:59 millert + + * check.c, sudo.pod, sudoers.pod: Add and document the %p escape in + the password prompt. Based on a patch from Patrick Schoenfeld. + +2008-01-05 18:25 millert + + * ldap.c: Check strlcpy() return values. + +2008-01-05 18:12 millert + + * ldap.c: refactor ldap binding code into sudo_ldap_bind_s() + +2008-01-05 16:35 millert + + * README.LDAP: Make it clear that host and uri can take multiple + parameters. URI is now supported for more than just openldap + nsswitch.conf does't accept "compat" + +2008-01-05 16:27 millert + + * sudo.c: comment cleanup and update (c) year + +2008-01-05 16:25 millert + + * parse.c, sudo_nss.c: Move display_privs() and display_cmnd() from + parse.c to sudo_nss.c. This should make it possible to build an + LDAP-only sudo binary. + +2008-01-05 13:27 millert + + * ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.h: Improve chaining of + multiple sudoers sources by passing in the previous return value + to the next in the chain + +2008-01-05 13:26 millert + + * gram.y: Free up parser data structures in sudo_file_close(). + +2008-01-05 08:13 millert + + * gram.c, parse.c: Free up parser data structures in + sudo_file_close(). + +2008-01-05 07:59 millert + + * ldap.c: Parse uri ourself if no ldap_initialize() is present Use + ldap_create() instead of deprecated ldap_init() Use + ldap_sasl_bind_s() instead of deprecated ldap_simple_bind_s() + +2008-01-05 07:56 millert + + * config.h.in, configure, configure.in: Add check for + ldap_sasl_bind_s() Remove -DLDAP_DEPRECATED from CFLAGS + +2008-01-04 09:56 millert + + * configure.in, configure, config.h.in: add check for ldap_create + +2008-01-03 16:11 millert + + * config.h.in, configure, configure.in, ldap.c: Add + sudo_ldap_get_first_rdn() to return the first rdn of an entry's + dn using the mechanism appropriate for the LDAP SDK in use. Use + ldap_unbind_ext_s() instead of deprecated ldap_unbind_s(). + Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's + without them. + +2008-01-03 16:02 millert + + * lbuf.c: include unistd.h + +2008-01-03 11:05 millert + + * config.h.in, configure.in: fix typo in mtim_getnsec + +2008-01-02 15:29 millert + + * config.h.in, configure.in, configure: add check for st__tim in + struct stat as used by SCO + +2008-01-02 11:05 millert + + * ldap.c: use ldap_search_ext_s instead of deprecated ldap_search_s + +2008-01-02 10:09 millert + + * Makefile.in, TODO, sudo.cat, sudo.man.in: add sudo_nss.h to HDRS + +2008-01-01 19:04 millert + + * ldap.c: Replace deprecated ldap_explode_dn() with calls to + ldap_str2dn() and ldap_rdn2str(). + +2008-01-01 18:37 millert + + * ldap.c: Use ldap_get_values_len()/ldap_value_free_len() instead + of the deprecated ldap_get_values()/ldap_value_free(). + +2008-01-01 17:07 millert + + * TODO, ChangeLog: sync + +2008-01-01 17:06 millert + + * gettime.c, sudo.c: Remove some already fixed XXXs + +2008-01-01 17:03 millert + + * ldap.c: Same return value as non-existent sudoers if LDAP was + unable to connect. + +2008-01-01 16:52 millert + + * sudo.pod: mention /etc/environment + +2008-01-01 16:42 millert + + * UPGRADE, WHATSNEW, README.LDAP: Update to reflect recent + developments. + +2008-01-01 16:42 millert + + * sudo.c: Print nsswitch.conf, ldap.conf and ldap.secret paths in + -V output. + +2008-01-01 16:25 millert + + * ldap.c: When building up a query don't list groups in the aux + group vector that are the same as the passwd file group. On most + systems the first gid in the group vector is the same as the + passwd entry gid. + +2008-01-01 14:01 millert + + * env.c, ldap.c: Define LDAPNOINIT before calling ldap_init(), etc. + to disable user ldaprc and system defaults that could affect how + LDAP works. + +2008-01-01 13:21 millert + + * INSTALL, configure, configure.in, pathnames.h.in, sudo.c, + sudo_nss.c, sudo_nss.h: Rename read_nss -> sudo_read_nss Add + --with-nsswitch to allow users to specify nsswitch.conf path or + disable it. If --with-nsswitch=no but --with-ldap, order is + LDAP, then sudoers. Fix --with-ldap-conf-file and + --with-ldap-secret-file + +2008-01-01 13:12 millert + + * parse.c: Honor def_ignore_local_sudoers + +2007-12-31 16:44 millert + + * ldap.c: no longer need to check def_ignore_local_sudoers here + +2007-12-31 16:36 millert + + * parse.c: Refactor group vector resetting into a function and also + call it from display_cmnd. Stop after the first sucessful match + in display_cmnd. Print a newline between each display_privs + method. + +2007-12-31 16:23 millert + + * parse.c: fix double free introduced in rev 1.218 + +2007-12-31 16:10 millert + + * ldap.c: belt and suspenders; zero out result after freeing it + +2007-12-31 15:04 millert + + * env.c, fileops.c, ldap.c, sudo.h, sudo_nss.c: Refactor line + reading into a separate function, sudo_parseln(), which removes + comments, leading/trailing whitespace and newlines. May want to + rethink the use of sudo_parseln() for /etc/ldap.secret + +2007-12-31 14:26 millert + + * parse.c, sudo.c: Make the inability to read the sudoers file a + non-fatal error if there are other sudoers sources available. + sudoers_file_lookup now returns "not OK" if sudoers was not + present + +2007-12-31 14:24 millert + + * ldap.c: make it clear that the global options are from LDAP + +2007-12-31 14:13 millert + + * logging.c: allocate proper amount of space for error string + +2007-12-31 10:24 millert + + * sudo_nss.c, sudo_nss.h: actual sudo nss code + +2007-12-31 10:08 millert + + * ldap.c, parse.c, sudo.c, sudo.h: nss-ify display_privs and + display_cmnd. + +2007-12-31 07:54 millert + + * defaults.c, parse.c, testsudoers.c, visudo.c: move + update_defaults() to parse.c + +2007-12-31 07:39 millert + + * Makefile.in, ldap.c, list.c, parse.c, parse.h, sudo.c, sudo.h: + Use nsswitch to hide some sudoers vs. ldap implementation details + and reduce the number of #ifdef LDAP TODO: fix display routines + and error handling + +2007-12-28 11:20 millert + + * Makefile.in, README.LDAP, ldap.c, pathnames.h.in, sudo.c, sudo.h: + First cut at nsswitch.conf support. Further reorganizaton and + related changes are forthcoming. + +2007-12-21 16:53 millert + + * env.c, pathnames.h.in, sudo.c, sudo.h: Add support for reading + and /etc/environment file. Still needs to be documented and + should probably only applies to OSes that have it (AIX and Linux, + maybe others). + +2007-12-21 16:20 millert + + * ldap.c: include limits.h + +2007-12-20 10:02 millert + + * WHATSNEW: reword LDAP SASL + +2007-12-19 16:40 millert + + * TODO: sync + +2007-12-19 16:39 millert + + * README.LDAP: Add an example sudoRole, clarify netscape vs. + openldap a bit more + +2007-12-19 14:42 millert + + * README.LDAP: Be clear on what is OpenLDAP vs. Netscape-derived + +2007-12-19 14:28 millert + + * config.h.in, configure, configure.in, ldap.c: Use ldapssl_init() + for ldaps support instead of trying to do it manually with + ldap_init() + ldapssl_install_routines(). Use tls_cert and + tls_key for cert7.db and key3.db respectively. Don't print + debugging info for options that are not set. Add warning if + start_tls specified when not supported. + +2007-12-19 14:25 millert + + * ldap.c: fix compilation on solaris + +2007-12-19 14:23 millert + + * Makefile.in: add missing .h and .c files for missing lib objs + +2007-12-18 09:54 millert + + * ldap.c: fix LDAP_OPT_NETWORK_TIMEOUT setting + +2007-12-17 20:10 millert + + * ldap.c: fix compilation on Solaris + +2007-12-17 10:14 millert + + * configure, configure.in: fix typo + +2007-12-17 08:08 millert + + * README.LDAP: try to clear up which variables are for OpenLDAP and + which are for netscape-derived SDKs + +2007-12-17 07:31 millert + + * config.h.in, configure, configure.in, ldap.c: Add support for + "ssl on" in both netscape and openldap flavors. Only the + OpenLDAP flavor has been tested. + +2007-12-17 07:28 millert + + * logging.c, sudo.c, sudo.h: Call cleanup() before exit in + log_error() instead of calling sudo_ldap_close() directly. + ldap_conn can now be static to sudo.c + +2007-12-16 20:02 millert + + * sudo.c: ld -> ldap_conn + +2007-12-16 14:42 millert + + * logging.c, sudo.c, sudo.h: Better ldap cleanup. + +2007-12-16 14:08 millert + + * ldap.c: Distinguish between LDAP conf settings that are + connection-specific (which take an ld pointer) and those that are + default settings (which do not). + +2007-12-14 16:46 millert + + * ldap.c: Improved warnings on error. + +2007-12-14 15:59 millert + + * ldap.c: Make ldap config table driven and set the config *after* + we open the connection. + +2007-12-13 16:41 millert + + * ldap.c: fix LDAP_OPT_X_CONNECT_TIMEOUT compat define + +2007-12-13 09:13 millert + + * configure, configure.in: some operating systems need to link with + -lkrb5support when using krb5 + +2007-12-10 17:12 millert + + * WHATSNEW: minor update + +2007-12-10 10:56 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen + +2007-12-07 19:17 millert + + * TODO, ChangeLog: sync + +2007-12-07 19:09 millert + + * ldap.c, schema.OpenLDAP, schema.iPlanet, sudoers2ldif: add -g + support for LDAP + +2007-12-03 11:36 millert + + * WHATSNEW, sudo.c, sudo.pod, sudo_usage.h.in: The -i and -s flags + can now take an optional command. + +2007-12-02 12:13 millert + + * def_data.c, def_data.h, def_data.in, sudo.c, sudo.pod, + sudoers.pod, auth/pam.c: Add passprompt_override flag to sudoers + that will cause the prompt to be overridden in all cases. This + flag is also set when the user specifies the -p flag. + +2007-12-01 19:51 millert + + * sudo.c: Move setting of login class until after sudoers has been + parsed. Set NewArgv[0] for -i after runas_pw has been set. + +2007-12-01 19:34 millert + + * configure, configure.in: Move the dgettext check. + +2007-12-01 11:22 millert + + * config.h.in, configure, configure.in, auth/pam.c: Add basic + support for looking up the string "Password: " in the PAM + localized text db. This allows us to determine whether the PAM + prompt is the default "Password: " one even if it has been + localized. + + TODO: concatenate non-std PAM prompts and user-specified sudo + prompts. + +2007-11-27 18:40 millert + + * Makefile.in, config.h.in, configure.in, parse.c, set_perms.c, + sudo.c, configure, sudo.h: Use AC_FUNC_GETGROUPS instead of a + home-grown attempt that was insufficient. + +2007-11-27 12:13 millert + + * configure, acsite.m4, interfaces.c, memrchr.c: Fix typos; + Martynas Venckus + +2007-11-25 19:26 millert + + * set_perms.c: Don't assume runas_pw is set; it may not be in the + -g case. + +2007-11-25 08:07 millert + + * logging.c, set_perms.c: Set aux group vector for PERM_RUNAS and + restore group vector for PERM_ROOT if we previously changed it. + Stash the runas group vector so we don't have to call initgroups + more than once. Also add no-op check to check_perms. + +2007-11-21 15:11 millert + + * WHATSNEW, check.c, def_data.in, defaults.c, gram.c, gram.h, + gram.y, ldap.c, logging.c, match.c, mon_systrace.c, parse.c, + parse.h, pwutil.c, set_perms.c, sudo.c, sudo.cat, sudo.h, + sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.cat, + sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, visudo.c, + visudo.cat, visudo.man.in: Add support for runas groups. This + allows the user to run a command with a different effective + group. If the -g option is specified without -u the command will + be run as the current user (only the group will change). the -g + and -u options may be used together. TODO: implement runas group + for ldap improve runas group documentation add + testsudoers support + +2007-11-21 15:02 millert + + * configure, configure.in: fix setting of mandir + +2007-11-21 14:26 millert + + * sudo.pod, sudoers.pod: document that ALL implies SETENV + +2007-11-21 13:50 millert + + * ldap.c: s/setenv_ok/setenv_implied/g + +2007-11-21 13:44 millert + + * ldap.c: hostname_matches() returns TRUE on match in sudo 1.7. + +2007-11-21 13:26 millert + + * ldap.c: use strcmp, not strcasecmp when comparing ALL + +2007-11-21 11:41 millert + + * ldap.c: Make sudo ALL imply setenv. Note that unlike with + file-based sudoers this does affect all the commands in the + sudoRole. + +2007-11-21 11:05 millert + + * gram.c, gram.y, parse.c, parse.h: sudo "ALL" now implies the + SETENV tag but, unlike an explicit tag, it is not passed on to + other commands in the list. + +2007-11-21 11:02 millert + + * visudo.c: Add missing sudo_setpwent() and sudo_setgrent() calls. + Also use sudo_getpwuid() instead of getpwuid(). + +2007-11-15 11:16 millert + + * sudoers: Expand on the dangers of not using visudo to edit + sudoers. + +2007-11-08 07:24 millert + + * parse.c: Don't quote *?[]! on output since the lexer does not + strip off the backslash when reading those in. + +2007-11-07 13:16 millert + + * glob.c: expand "u_foo" types to "unsigned foo" to avoid + compatibility issues. + +2007-11-04 08:33 millert + + * logging.c: Refactor log line generation in to new_logline(). + +2007-10-25 09:23 millert + + * TROUBLESHOOTING: fix typo + +2007-10-24 12:41 millert + + * config.h.in, configure, configure.in, interfaces.c, interfaces.h, + match.c: Add configure check for struct in6_addr instead of + relying on AF_INET6 since some systems define AF_INET6 but do not + include IPv6 support. + +2007-10-21 09:29 millert + + * configure, configure.in: Fix block to add -lutil for FreeBSD and + NetBSD when logincap is in use. + +2007-10-19 22:28 millert + + * configure, configure.in: POSIX states that struct timespec be + declared in time.h so check there regardless of the value of + TIME_WITH_SYS_TIME. + +2007-10-17 11:37 millert + + * tgetpass.c: Instead of defining a macro to call the appropriate + method for turning on/off echo, just define tc[gs]etattr() and + the related defines that use the correct terminal ioctls if + needed. Also go back to using TCSAFLUSH instead of TCSADRAIN on + all but QNX. + +2007-10-08 20:18 millert + + * Makefile.in: g/c @ALLOCA@ + +2007-10-08 20:07 millert + + * configure: regen + +2007-10-08 20:04 millert + + * INSTALL, config.h.in, configure.in, auth/pam.c: Add + --disable-pam-session configure option to disable calling + pam_{open,close}_session. May work around bugs in some PAM + implementations. + +2007-10-08 12:00 millert + + * tgetpass.c: quiet gcc warnings + +2007-10-08 08:41 millert + + * tgetpass.c: Avoid printing the prompt if we are already + backgrounded. E.g. if the user runs "sudo foo &" from the shell. + In this case, the call to tcsetattr() will cause SIGTTOU to be + delivered. + +2007-09-15 16:07 millert + + * def_data.c, def_data.h, def_data.in: Reorder things such that the + definition of env_reset come right before the env variable lists. + +2007-09-15 07:50 millert + + * parse.h: Shrink type and seqno in struct alias from int to + u_short + +2007-09-15 07:24 millert + + * alias.c, match.c, parse.c, parse.h: Add a sequence number in the + aliases for loop detection. If we find an alias with the seqno + already set to the current (global) value we know we've visited + it before so ignore it. + +2007-09-13 19:05 millert + + * TODO, sudo.c, sudo.h, auth/pam.c: PAM wants the full tty path so + add user_ttypath which holds the full path to the tty or is NULL + if no tty was present. + +2007-09-13 18:42 millert + + * auth/pam.c: Set PAM_RHOST to work around a bug in Solaris 7 and + lower that results in a segv. + +2007-09-11 15:43 millert + + * gram.c: regen + +2007-09-11 15:42 millert + + * alias.c, defaults.c, gram.y, list.c, list.h, match.c, parse.c, + parse.h, testsudoers.c, visudo.c: rename lh_ -> tq_ + +2007-09-10 17:33 millert + + * alloc.c: remove some useless casts + +2007-09-10 17:32 millert + + * alloc.c: pull in inttypes.h for SIZE_MAX; we avoid stdint.h since + inttypes.h predates the final C99 spec and the standard specifies + that it shall include stdint.h anyway + +2007-09-06 12:39 millert + + * Makefile.in, alloca.c, configure.in: Since we ship with a + pre-generated parser there is no need to ship a bogus alloca + implementation. + +2007-09-06 12:22 millert + + * configure: regen + +2007-09-06 12:19 millert + + * configure.in: remove initial setting of CHECKSIA, we require that + it be unset if not used + +2007-09-06 11:55 millert + + * Makefile.in: add list.c to SRCS + +2007-09-06 07:18 millert + + * configure: regen + +2007-09-06 07:17 millert + + * configure.in: only do SIA checks on Digital Unix + +2007-09-05 18:50 millert + + * sudoers.cat, sudoers.man.in: regen + +2007-09-05 18:48 millert + + * ChangeLog, TODO: sync + +2007-09-05 18:39 millert + + * auth/kerb5.c: Remove call to krb5_cc_register() as it is not + needed for modern kerb5. + +2007-09-05 18:16 millert + + * configure: regen + +2007-09-05 18:16 millert + + * configure.in, aclocal.m4: New method for setting the default + authentication type and avoiding conflicts in auth types. + +2007-09-05 14:45 millert + + * match.c, parse.c, testsudoers.c: Each entry in a cmndlist now has + an associated runaslist so no need to keep track of the most + recent non-NULL one. + +2007-09-04 18:51 millert + + * ldap.c: back out partial ldaps support mistakenly committed + +2007-09-04 10:57 millert + + * ldap.c: Add support for unix groups and netgroups in sudoRunas + +2007-09-03 16:28 millert + + * sudo_edit.c: Fix sudoedit of a non-existent file. From Tilo + Stritzky. + +2007-09-02 17:05 millert + + * configure: regen + +2007-09-02 17:05 millert + + * INSTALL: update --passprompt escape info + +2007-09-02 17:03 millert + + * configure.in: remove now-bogus comment and update copyright date + +2007-09-02 16:35 millert + + * configure.in: Fix up use of with_passwd + +2007-09-02 16:25 millert + + * acsite.m4, config.guess, config.sub, configure.in, ltmain.sh: + Update to autoconf-2.61 andf libtool-1.5.24 + +2007-09-02 16:17 millert + + * Makefile.in: "cmp -s" not just cmp Add @datarootdir@ to quiet + autoconf-2.61 + +2007-09-01 17:39 millert + + * gram.c: regen + +2007-09-01 17:39 millert + + * gram.y: move tags and runaslist propagation to be earlier + +2007-09-01 09:34 millert + + * visudo.c: If -f flag given use the permissions of the original + file as a template + +2007-09-01 08:45 millert + + * gram.y: prevent a double free() when re-initing the parser + +2007-08-31 19:30 millert + + * configure: regen + +2007-08-31 19:30 millert + + * aclocal.m4, alias.c, alloc.c, config.h.in, configure.in, env.c, + ldap.c, list.c, list.h, memrchr.c, parse.c, parse.h, pwutil.c, + redblack.c, redblack.h, snprintf.c, sudo.c, sudo.h, + testsudoers.c, visudo.c, zero_bytes.c, auth/API, auth/afs.c, + auth/bsdauth.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c, + auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h: + Remove support for compilers that don't support void * + +2007-08-31 19:14 millert + + * gram.c: regen + +2007-08-31 19:13 millert + + * Makefile.in, alias.c, defaults.c, gram.y, list.c, list.h, + match.c, parse.c, parse.h, testsudoers.c, visudo.c: Move list + manipulation macros to list.h and create C versions of the more + complex ones in list.c. The names have been down-cased so they + appear more like normal functions. + +2007-08-31 17:21 millert + + * Makefile.in: Fix cmp command when regenerating parser. Make + gram.o the first dependency for all programs so gram.h will be + generated before anything that needs it. + +2007-08-31 13:56 millert + + * parse.h, gram.y: Convert NEW_DEFAULT anf NEW_MEMBER into static + functions. + +2007-08-30 21:21 millert + + * match.c, parse.c, testsudoers.c: Use LH_FOREACH_REV when checking + permission and short-circuit on the first non-UNSPEC hit we get + for the command. This means that instead of cycling through the + all the parsed sudoers entries we start at the end and work + backwards and quit after the first positive or negative match. + +2007-08-30 21:13 millert + + * gram.c: regen + +2007-08-30 21:12 millert + + * defaults.c, gram.y, parse.c, parse.h, testsudoers.c, visudo.c: + Change list head macros to take a pointer, not a struct. + +2007-08-30 20:46 millert + + * gram.c: regen + +2007-08-30 20:46 millert + + * gram.y: Propagate the runasspec from one command to the next in a + cmndspec. + +2007-08-30 16:15 millert + + * match.c: Replace has_meta() with a macro that calls strpbrk(). + +2007-08-30 16:04 millert + + * gram.c: regen + +2007-08-30 13:26 millert + + * alias.c, defaults.c, gram.y, match.c, parse.c, parse.h, + testsudoers.c, visudo.c: Use a list head struct when storing the + semi-circular lists and convert to tail queues in the process. + This will allow us to reverse foreach loops more easily and it + makes it clearer which functions expect a list as opposed to a + single member. + + Add macros for manipulating lists. Some of these should become + functions. + + When freeing up a list, just pop off the last item in the queue + instead of going from head to tail. This is simpler since we + don't have to stash a pointer to the next member, we always just + use the last one in the queue until the queue is empty. + + Rename match functions that take a list to have list in the name. + Break cmnd_matches() into cmnd_matches() and cmndlist_matches. + +2007-08-30 13:12 millert + + * parse.c: Fix pasto, append "!" not negated (which is an int) for + sudo -l output. + +2007-08-30 12:45 millert + + * Makefile.in: Remove the dependency of gram .h on gram.y, the .c + dependency is enough. Only move y.tab.h to gram.h if it is + different; avoids needless rebuilding. + +2007-08-27 15:51 millert + + * sudoers.pod: Defaults lines may be associated with lists of + users, hosts, commands and runas users, not just single entries. + +2007-08-26 17:42 millert + + * Makefile.in: Revert the "cmp" portion of the last diff, it + doesn't make sense. + +2007-08-26 17:10 millert + + * Makefile.in: Remove *.lo for clean: When generating the parser, + only move the generated files into place if they differ from the + existing ones. + +2007-08-24 22:47 millert + + * toke.c, toke.l: Replace IPV6 regexp with a much simpler + (readable) one and add an extra check when it matches to make + sure we have a valid address. + +2007-08-24 22:36 millert + + * match.c: Fix thinko introduced when merging IPV6 support. + +2007-08-24 14:23 millert + + * HISTORY, LICENSE: regen + +2007-08-24 14:23 millert + + * license.pod: add 2007 + +2007-08-24 14:19 millert + + * UPGRADE: mention #uid vs. comment pitfall + +2007-08-24 09:50 millert + + * acsite.m4: Merge in a patch from the libtool cvs that fixes a + problem with the latest autoconf. From Stepan Kasal. + +2007-08-23 20:28 millert + + * parse.h: Back out he XOR swap trick, it is slower than a temp + variable on modern CPUs. + +2007-08-23 20:14 millert + + * gram.c: regen + +2007-08-23 20:14 millert + + * gram.y, parse.h: Convert the tail queue to a semi-circle queue + and use the XOR swap trick to swap the prev pointers during + append. + +2007-08-23 15:31 millert + + * parse.h: remove useless statement + +2007-08-23 07:47 millert + + * toke.c, toke.l: Refactor #include parsing into a separate + function and return unparsed chars (such as newline or comment) + back to the lexer. + +2007-08-22 18:56 millert + + * WHATSNEW: mention better uid support + +2007-08-22 18:55 millert + + * sudoers.pod: Users may now consist of a uid. + +2007-08-22 18:39 millert + + * gram.c, gram.h, toke.c: regen + +2007-08-22 18:32 millert + + * parse.c: Use lbuf_append_quoted() for sudo -l output to quote + characters that would require quoting in sudoers. + +2007-08-22 18:31 millert + + * lbuf.c, lbuf.h: Add lbuf_append_quoted() which takes a set of + characters which should be quoted with a backslash when + displayed. + +2007-08-22 18:28 millert + + * toke.l: Require that the first character after a comment not be a + digit or a dash. This allows us to remove the GOTRUNAS state and + treat uid/gids similar to other words. It also means that we can + now specify uids in User_Lists and a User_Spec may now contain a + uid. + +2007-08-22 18:23 millert + + * gram.y, toke.l: Replace RUNAS token with '(' and ')' tokens to + make the runas portion of the grammar more natural. + +2007-08-22 06:35 millert + + * Makefile.in, README, BUGS: The BUGS file is history + +2007-08-21 09:19 millert + + * toke.c, toke.l: Allow comments after a RunasAlias as long as the + character after the pound sign isn't a digit or a dash. + +2007-08-20 20:43 millert + + * WHATSNEW: Glob support was back-ported to 1.6.9 + +2007-08-20 19:59 millert + + * Makefile.in: remove sudo_usage.h in distclean + +2007-08-20 19:24 millert + + * parse.c: If a Defaults value contains a blank, double-quote the + string. + +2007-08-20 19:19 millert + + * toke.c, toke.l: Properly deal with Defaults double-quoted strings + that span multiple lines using the line continuation char. + Previously, the entire thing, including the continuation char, + newline, and spaces was stored as-is. + +2007-08-20 10:46 millert + + * sudo.c: Be consistent when using single quotes and backticks. + +2007-08-19 16:48 millert + + * Makefile.in, configure, configure.in, lbuf.c, lbuf.h, parse.c, + sudo.c, sudo_usage.h.in: Add new linebuf code to do appends of + dynamically allocated strings and word-wrapped output. Currently + used for sudo's usage() and sudo -l output. Sudo usage strings + are now in sudo_usage.h which is generated at configure time. + +2007-08-18 08:22 millert + + * sudo.h, parse.c, sudo.c: Fix line wrapping in usage() and use the + actual tty width instead of assuming 80. + +2007-08-17 18:32 millert + + * history.pod: some more info + +2007-08-17 17:28 millert + + * history.pod: Mentioned Chris Jepeway's parser and also the new + one that is in sudo 1.7. + +2007-08-16 09:38 millert + + * sudo.pod, visudo.pod: For the options list, add flag args where + appropriate and increase the indent level so there is room for + them. + +2007-08-15 13:49 millert + + * parse.c: Fix some spacing in "sudo -l" and add a comment about + some bogosity in the line wrapping. + +2007-08-15 11:21 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, + visudo.man.in, visudo.cat: regen + +2007-08-15 11:20 millert + + * INSTALL, Makefile.in, WHATSNEW, config.h.in, configure.in, + def_data.c, def_data.h, def_data.in, gram.c, gram.h, gram.y, + parse.c, parse.h, pathnames.h.in, sudo.c, sudo.h, sudoers.pod, + testsudoers.c, toke.c, toke.l: Remove monitor support until there + is a versino of systrace that uses a lookaside buffer (or we have + a better mechanism to use). + +2007-08-15 09:22 millert + + * configure.in, configure, config.h.in, sudo.c: use getaddrinfo() + instead of gethostbyname() if it is available + +2007-08-14 15:27 millert + + * parse.c, sudo.c: Deal with OSes where sizeof(gid_t) < + sizeof(int). + +2007-08-14 11:19 millert + + * interfaces.c: repair non-getifaddrs() code after ipv6 integration + +2007-08-14 10:04 millert + + * sudo.c: If we can open sudoers but fail to read the first byte, + close the file stream before trying again. + +2007-08-13 12:34 millert + + * gram.c, toke.c: regen + +2007-08-13 12:29 millert + + * gram.y, interfaces.c, interfaces.h, match.c, sudoers.pod, toke.l: + Add IPv6 support; adapted from patches by YOSHIFUJI Hideaki + +2007-08-13 12:23 millert + + * sudo.pod, sudoers.pod, visudo.pod: Add some missing markup Update + copyright + +2007-08-12 18:55 millert + + * configure, configure.in: fix sudo_noexec extension which got + broken in the libtool update + +2007-08-10 10:41 millert + + * Makefile.in: explicitly specify -Tascii to nroff + +2007-08-08 16:07 millert + + * logging.c: remove an ANSI-ism that crept in + +2007-08-06 20:37 millert + + * sudo.pod: Adjust list indents Prevent -- from being turned into + an em dash Use a list for the environment instead of a literal + paragraph + +2007-08-06 20:36 millert + + * visudo.pod: Use a list for the environment instead of an indented + literal paragraph. + +2007-08-06 20:33 millert + + * sudoers.pod: Adjust list indentation + +2007-08-06 20:31 millert + + * license.pod: add =head3 + +2007-08-06 10:24 millert + + * sudo.pod: mention that when specifying a uid for the -u option + the shell may require that the # be escaped + +2007-08-01 22:08 millert + + * match.c: Fix off by one in group matching. + +2007-07-31 14:04 millert + + * env.c: Fix typo: PYTHONINSPEC should be PYTHONINSPECT. From + David Krause. + +2007-07-30 10:45 millert + + * configure, configure.in: Add missing define of + HAVE_GSS_KRB5_CCACHE_NAME for the -lgssapi_krb5 case. + +2007-07-30 09:29 millert + + * aclocal.m4, configure.in, configure: Fix link tests such that new + gcc doesn't optimize away the test. + +2007-07-29 19:21 millert + + * sudo.pod, sudoers.pod, visudo.pod: add missing over/back + +2007-07-29 19:09 millert + + * sudo.pod, sudoers.pod, visudo.pod: Change FILES section to use + =item + +2007-07-29 18:32 millert + + * env.c: Add back allocation of the env struct in rebuild_env but + save a copy of the old pointer and free it before returning. + +2007-07-29 16:09 millert + + * env.c: Don't init the private environment in rebuild_env() since + it may have already been done implicitly + sudo_setenv/sudo_unsetenv. + + Multiply length by sizeof(char *) in memcpy/memmove when copying + the environment so we copy the full thing. + + Add missing set of parens so we deref the right pointer in + sudo_unsetenv when searching for a matching variable. + +2007-07-26 16:35 millert + + * sudo.pod, sudoers.pod, visudo.pod: Use file markup for paths in + the FILES section + +2007-07-26 10:04 millert + + * sudo.pod, sudoers.pod, visudo.pod: Don't capitalize sudo/visudo + +2007-07-26 07:28 millert + + * sudoers.pod: Sort sudoers options; based on a diff from Igor + Sobrado. + +2007-07-25 16:19 millert + + * sudo.pod, sudoers.pod, visudo.pod: Use 8 and 5 instead of + @mansectsu@ and @mansectform@ since the latter confuses pod2man. + The Makefile rules for the .man.in file will add @mansectsu@ and + @mansectform@ back in after pod2man is done anyway. + +2007-07-22 19:09 millert + + * LICENSE, Makefile.in, license.pod: Move license info to pod + format + +2007-07-22 18:43 millert + + * configure, configure.in, sudoers.pod: Substitute value of + path_info into sudoers man page. + +2007-07-22 16:40 millert + + * WHATSNEW: remove features that were back-ported to 1.6.9 + +2007-07-22 15:20 millert + + * sudo.c, sudo.pod, visudo.c, visudo.pod: Sort SYNOPSIS and sync + usage. From Igor Sobrado. + +2007-07-22 15:19 millert + + * env.c: Only need sudo_setenv/sudo_unsetenv if we are going to use + ldap_sasl_interactive_bind_s() but don't have + gss_krb5_ccache_name(). + +2007-07-22 08:23 millert + + * ChangeLog: rebuild without branch info + +2007-07-22 08:23 millert + + * Makefile.in: Add ChangeLog target + +2007-07-22 08:14 millert + + * auth/pam.c: Run cleanup code if the user hits ^C at the password + prompt. + +2007-07-22 08:13 millert + + * auth/pam.c: Some versions of pam_lastlog have a bug that will + cause a crash if PAM_TTY is not set so if there is no tty, set + PAM_TTY to the empty string. + +2007-07-20 09:32 millert + + * Makefile.in: ChageLog not Changelog + +2007-07-20 09:31 millert + + * ChangeLog: sync + +2007-07-20 09:29 millert + + * Makefile.in: CHANGE -> Changelog + +2007-07-19 20:23 millert + + * TODO: sync + +2007-07-19 19:53 millert + + * config.h.in, configure.in, configure, ldap.c: Add configure hooks + for gss_krb5_ccache_name() and the gssapi headers. + +2007-07-18 12:57 millert + + * env.c, sudo.c: rebuild_env() and insert_env_vars() no longer + return environment pointer, they set environ directly. + + No longer need to pass around an envp pointer since we just + operate on environ now. + + Add dosync argument to insert_env() that indicates whether it + should reset environ when realloc()ing env.envp. + + Use an initial size of 128 for the environment. + +2007-07-18 12:41 millert + + * env.c: Split sudo_setenv() into an external version and a version + only for use by rebuild_env(). + +2007-07-16 19:40 millert + + * ldap.c: Add support for using gss_krb5_ccache_name() instead of + setting KRB5CCNAME. Also use sudo_unsetenv() in the + non-gss_krb5_ccache_name() case if there was no KRB5CCNAME in the + original environment. TODO: configure setup for + gss_krb5_ccache_name() + +2007-07-16 18:44 millert + + * README.LDAP: add krb5_ccname + +2007-07-16 18:44 millert + + * README.LDAP, ldap.c: Add support for sasl_secprops in ldap.conf + +2007-07-16 18:39 millert + + * env.c, sudo.h: Add sudo_unsetenv() and refactor private env + syncing code into sync_env(). + +2007-07-16 07:27 millert + + * README.LDAP, ldap.c: The ldap.conf variable is sasl_auth_id not + sasl_authid. + +2007-07-15 15:44 millert + + * ldap.c, sudo.c, sudo.h: Add support for krb5_ccname in ldap.conf. + If specified, it will override the default value of KRB5CCNAME + in the environment for the duration of the call to + ldap_sasl_interactive_bind_s(). + +2007-07-15 15:41 millert + + * env.c, sudo.h: Remove format_env() Add sudo_setenv() to replace + most format_env() + insert_env() combinations. insert_env() no + longer takes a struct environment * + +2007-07-15 12:47 millert + + * ldap.c: Fix use_sasl vs. rootuse_sasl logic. + +2007-07-15 09:23 millert + + * README.LDAP, config.h.in, configure, configure.in, ldap.c: Add + support for SASL auth when connecting to an LDAP server. Adapted + from a diff by Tom McLaughlin. + +2007-07-14 16:32 millert + + * configure, configure.in: Only enable AIX or BSD auth if no other + exclusive auth method has been chosen. Allows people to e.g., + use PAM on AIX without adding --without-aixauth. A better + solution is needed to deal with default authentication since if a + non-exclusive method is chosen we will still get an error. + +2007-07-11 11:23 millert + + * HISTORY, Makefile.in, history.pod: Generate HISTORY from + history.pod (which is also used for web pages) + +2007-07-09 19:40 millert + + * sudo.man.in, sudoers.man.in: regen + +2007-07-09 19:25 millert + + * sudo.pod: Better explanation of environment handling in the sudo + man page. + +2007-07-09 15:13 millert + + * env.c, sudo.c: Defer setting user-specified env vars until after + authentication. + +2007-07-09 13:25 millert + + * env.c: honor def_default_path for PATH set on the command line + +2007-07-09 13:22 millert + + * sudo.c, env.c, sudo.pod, sudoers.pod: Allow user to set + environment variables on the command line as long as they are + allowed by env_keep and env_check. Ie: apply the same + restrictions as normal environment variables. TODO: deal with + secure_path + +2007-07-08 14:44 millert + + * sudo.c, sudo_edit.c: Call rebuild_env() in call cases. Pass + original envp to sudo_edit(). Don't allow -E or env var setting + in sudoedit mode. More accurate usage() when called as sudoedit. + +2007-07-08 14:41 millert + + * ldap.c: warn -> warning + +2007-07-08 14:11 millert + + * sudo.pod: add -c option to sudoedit synopsis + +2007-07-08 10:27 millert + + * TODO: udpate to reality + +2007-07-08 09:43 millert + + * parse.c: Use ALLOW/DENY instead of TRUE/FALSE when dealing with + the return value from {user,host,runas,cmnd}_matches(). Rename + *matches variables -> *match. Purely cosmetic. + +2007-07-08 09:30 millert + + * parse.c: Move setting of FLAG_NO_CHECK into the if(pwflag) block. + No change in behavior. + +2007-07-08 09:17 millert + + * sudoers: add SETENV tag + +2007-07-06 15:51 millert + + * parse.c: Make pwcheck local to the pwflag block. Use pwcheck + even if user didn't match since Defaults options may still apply. + +2007-07-06 14:51 millert + + * check.c, sudo.c: Do not update timestamp if user not validated by + sudoers. + +2007-07-06 10:14 millert + + * set_perms.c: for PERM_RUNAS, set the egid to the runas user's gid + and restore to the user's original in PERM_ROOT + +2007-07-06 10:04 millert + + * logging.c, mon_systrace.c, set_perms.c, sudo.h: PERM_FULL_ROOT is + now no different than PERM_ROOT so remove PERM_FULL_ROOT + +2007-07-06 09:49 millert + + * check.c: don't check timestamp mtime if we are just going to + remove it + +2007-07-06 09:33 millert + + * sudoers.pod: Move sudoers defaults parameters into their own + section. + +2007-07-05 20:21 millert + + * testsudoers.c: Reduce a level of indent by a few placed continue + statements. + +2007-07-05 20:20 millert + + * parse.c: Make matching but negated commands/hosts/runas entries + override a previous match as expected. Also reduce some levels + of indent by a few placed continue statements. + +2007-07-05 16:34 millert + + * parse.c: Print default runas in "sudo -l" if sudoers don't + specify one. + +2007-07-05 15:46 millert + + * match.c: Less hacky way of testing whether the domain was set. + +2007-07-04 15:50 millert + + * INSTALL: Mention pam-devel and openldap-devel for Linux + +2007-07-03 19:38 millert + + * README.LDAP: or vs. are + +2007-07-01 16:55 millert + + * sudo.c: fix typo in Solaris project support + +2007-07-01 09:40 millert + + * HISTORY: update + +2007-07-01 09:07 millert + + * sudo.c: Make -- on the command line match the manual page. The + implied shell case has been simplified as a result. + +2007-06-28 10:44 millert + + * sudoers2ldif: add simplistic support for sudoRunas; note that if + a sudoers entry contains multiple Runas users, all will apply to + the sudoRole + +2007-06-28 10:42 millert + + * sudoers2ldif: honor SETENV and NOSETENV tags + +2007-06-24 09:25 millert + + * mon_systrace.c: Redo setting of user_args. We now build up a + private copy of argv first and then replace the NULs with spaces. + +2007-06-24 09:19 millert + + * mon_systrace.c: getcwd() returns NULL on failure, not 0 on + success + +2007-06-24 07:39 millert + + * mon_systrace.c: allow chunksiz to reach 1 before erroring out + +2007-06-23 20:00 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in: regen + +2007-06-23 19:58 millert + + * def_data.c, def_data.h, def_data.in, env.c, gram.c, gram.h, + gram.y, logging.c, parse.c, parse.h, sudo.c, sudo.h, sudo.pod, + sudoers.pod, toke.c, toke.l: Add support for setting environment + variables on the command line. This is only allowed if the + setenv sudoers options is enabled or if the command is prefixed + with the SETENV tag. + +2007-06-23 19:57 millert + + * README.LDAP: replace Aaron's email address with the sudo-workers + list + +2007-06-23 19:55 millert + + * configure: regen + +2007-06-21 20:35 millert + + * Makefile.in, README.LDAP, schema.OpenLDAP, schema.iPlanet: Break + schema out into separate files. + +2007-06-21 18:28 millert + + * auth/aix_auth.c: free message if set by authenticate() + +2007-06-21 13:03 millert + + * match.c: deal with NULL gr_mem + +2007-06-20 15:04 millert + + * config.h.in: regen + +2007-06-20 15:04 millert + + * configure.in: add template for HAVE_PROJECT_H + +2007-06-20 07:06 millert + + * closefrom.c: include fcntl.h + +2007-06-19 19:37 millert + + * INSTALL: mention --with-project + +2007-06-19 18:24 millert + + * config.h.in, configure.in, sudo.c: Add Solaris 10 "project" + support. From Michael Brantley. + +2007-06-19 17:27 millert + + * sudoers.pod: fix typo + +2007-06-19 17:22 millert + + * configure: regen + +2007-06-19 17:21 millert + + * configure.in: Fix preservation of LDFLAGS in the LDAP case. + +2007-06-19 17:00 millert + + * memrchr.c: Remove dependecy on NULL + +2007-06-19 15:37 millert + + * configure: regen + +2007-06-19 15:37 millert + + * aclocal.m4, configure.in: Can't use the regular autoconf + fnmatch() check since we need FNM_CASEFOLD so go back to our + custom one. + +2007-06-19 12:52 millert + + * env.c: Fix preserving of variables in env_keep. + +2007-06-19 07:10 millert + + * env.c: add XAUTHORIZATION + +2007-06-18 20:41 millert + + * UPGRADE: expand upon env resetting and mention that it began in + 1.6.9 not 1.7. + +2007-06-18 20:33 millert + + * sudoers.pod: Update descriptions of env_keep and env_check to + match current reality. + +2007-06-18 17:33 millert + + * env.c: Add LINGUAS to initial_checkenv_table. Add COLORS, + HOSTNAME, LS_COLORS, MAIL, PS1, PS2, XAUTHORITY to + intial_keepenv_table. + +2007-06-18 17:23 millert + + * env.c, logging.c: Treat USERNAME environemnt variable like + LOGNAME/USER + +2007-06-18 17:21 millert + + * env.c: Don't need to populate keepenv table with the contents of + the checkenv table. + +2007-06-18 08:57 millert + + * sudo.c: Don't force sudo into the C locale. + +2007-06-18 08:56 millert + + * env.c: Make env_check apply when env_reset it true. Environment + variables are passed through unless they contain '/' or '%'. + There is no need to have a variable in both env_check and + env_keep. + +2007-06-16 07:31 millert + + * visudo.c: Remove an duplicate lock_file() call and add a comment. + +2007-06-15 21:16 millert + + * UPGRADE: Add sudo 1.6.9 upgrade note. + +2007-06-14 12:23 millert + + * interfaces.c: Solaris will return EINVAL if the buffer used in + SIOCGIFCONF is too small. From Klaus Wagner. + +2007-06-14 12:03 millert + + * Makefile.in, config.h.in, configure, configure.in, memrchr.c, + logging.c, sudo.h: Redo the long syslog line splitting based on a + patch from Eygene Ryabinkin. Include memrchr() for systems + without it. + +2007-06-14 07:09 millert + + * configure.in: Since we need to be able to convert timespec to + timeval for utimes() the last 3 digits in the tv_nsec are not + significant. This makes the sudoedit file date comparison work + again. + +2007-06-13 13:41 millert + + * aclocal.m4, configure, configure.in: Add SUDO_ADD_AUTH macro to + deal with adding things to AUTH_OBJS. This deals with exclusive + authentication methods in a simple way. + +2007-06-12 13:08 millert + + * LICENSE: mkstemp.c is BSD code too. + +2007-06-12 09:21 millert + + * sudo.pod, sudoers.pod, visudo.pod: No commercial support for now. + +2007-06-11 18:27 millert + + * sudo.c: cleanenv() is no more. + +2007-06-10 18:37 millert + + * ChangeLog: Display branch info in Changelog + +2007-06-10 18:18 millert + + * utimes.c: Include config.h early so we have it for + TIME_WITH_SYS_TIME + +2007-06-10 18:00 millert + + * ChangeLog: Fix Changelog generation and update. + +2007-06-09 07:26 millert + + * closefrom.c: Use /proc/self/fd instead of /proc/$$/fd + + Move old-style fd closing into closefrom_fallback() and call that + if /proc/self/fd doesn't exist or the F_CLOSEM fcntl() fails + +2007-06-09 07:24 millert + + * config.h.in, configure.in, auth/kerb5.c: o use + krb5_verify_user() if available instead of doing it by hand + o use krb5_init_secure_context() if we have it + o pass an encryption type of 0 to krb5_kt_read_service_key() + instead of + ENCTYPE_DES_CBC_MD5 to let kerberos choose. + +2007-06-09 07:20 millert + + * env.c: Check TERM and COLORTERM for '%' and '/' characters. From + Debian. + +2007-06-09 07:17 millert + + * configure.in: Fix closefrom() substitution in the Makefile + +2007-06-09 07:15 millert + + * TROUBLESHOOTING: Mention alternate sudo pronunciation. + +2007-06-07 07:52 millert + + * env.c: Remove KRB5_KTNAME from environment. Allow COLORTERM. + +2007-06-07 07:22 millert + + * auth/kerb5.c: If we cannot get a valid service key using the + default keytab it is a fatal error. Fixes a bug where sudo could + be tricked into allowing access when it should not by a fake KDC. + From Thor Lancelot Simon. + +2007-05-12 08:56 millert + + * aclocal.m4, configure, configure.in: Update long long checks to + use AC_CHECK_TYPES and to cache values. + +2007-05-12 08:07 millert + + * aclocal.m4, configure.in: Use AC_FUNC_FNMATCH instead of a + homebrew fnmatch checker. We can't use AC_REPLACE_FNMATCH since + that assumes replacing with GNU fnmatch. + +2007-05-11 17:05 millert + + * configure, configure.in: Add closefrom() to LIB_OBJS not + SUDO_OBJS if it is missing since we need it for visudo now too. + +2007-04-24 14:44 millert + + * sudoers.pod: Attempt to clarify the bit talking about network + numbers w/o netmasks. + +2007-04-24 14:25 millert + + * sudo.pod: Clarify timestamp dir ownership sentence. + +2007-04-20 12:40 millert + + * auth/pam.c: Linux PAM now defines __LINUX_PAM__, not + __LIBPAM_VERSION. From Dmitry V. Levin. + +2007-04-16 12:13 millert + + * sudo.c: -i is also one of the mutually exclusive options to list + it in the warning message. Noted by Chris Pepper. + +2007-04-12 11:18 millert + + * visudo.pod: The sudoers variable is env_editor, not enveditor. + From Jean-Francois Saucier. + +2007-03-29 13:30 millert + + * redblack.c: I tracked down the original author so credit him and + include his license info. + +2007-02-06 13:25 millert + + * sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in, + sudoers.pod: Fix typos; from Jason McIntyre. + +2007-02-06 13:23 millert + + * logging.c: Restore signal mask before calling reapchild(). Fixes + a possible race condition that could prevent sudo from properly + waiting for the child. + +2007-01-31 10:02 millert + + * pwutil.c: Don't declare pw_free() if we are not going to use it. + +2007-01-31 10:00 millert + + * env.c: Add NOEXEC support for AIX 5.3 which supports LDR_PRELOAD + and LDR_PRELOAD64. The 64-bit version is not currently + supported. Remove zero_env() prototype as it no longer exists. + +2006-12-11 13:21 millert + + * logging.c: Add "Auto-Submitted: auto-generated" line to sudo mail + for rfc 3834. + +2006-09-29 10:53 millert + + * auth/pam.c: If the user enters ^C at the password prompt, abort + instead of trying to authenticate with an empty password (which + causes an annoying delay). + +2006-08-17 11:26 millert + + * closefrom.c, config.h.in, configure, configure.in: Add fcntl + F_CLOSEM support to closefrom(); adapted from a diff by Darren + Tucker. + +2006-08-17 11:25 millert + + * pwutil.c: pw_free() is only used by sudo_freepwcache() so ifdef + it out too. + +2006-08-04 11:34 millert + + * config.sub, config.guess: Update to latest versions from + cvs.savannah.gnu.org + +2006-07-31 13:51 millert + + * pwutil.c, sudo_edit.c: Move password/group cache cleaning out of + sudo_end{pw,grp}ent() so we can close the passwd/group files + early. + +2006-07-31 13:50 millert + + * config.h.in, configure, configure.in, set_perms.c: Add seteuid() + flavor of set_perms() for systems without setreuid() or + setresuid() that have a working seteuid(). Tested on Darwin. + +2006-07-30 15:56 millert + + * mon_systrace.c: systrace_read() returns ssize_t + +2006-07-30 15:53 millert + + * configure, configure.in: Fix typo, -lldap vs. -ldap; from Tim + Knox. + +2006-07-28 13:12 millert + + * HISTORY: Fix typo; Matt Ackeret + +2006-07-17 08:25 millert + + * sudo.c: Print sudoers path in -V mode for root. + +2006-06-15 14:44 millert + + * ldap.c: Do a sub tree search instead of a base search (one level + in the tree only) for sudo right objects. This allows system + administrators to categorize the rights in a tree to make them + easier to manage. + +2005-12-28 13:52 millert + + * sudo.pod: fix typo + +2005-12-04 12:16 millert + + * ldap.c: Convert GET_OPT and GET_OPTI to use just 2 args. Add + timelimit and bind_timelimit support; adapted from gentoo. + +2005-11-23 18:57 millert + + * ldap.c: Support comments that start in the middle of a line + +2005-11-23 18:56 millert + + * configure.in, configure: Define LDAP_DEPRECATED until we start + using ldap_get_values_len() + +2005-11-18 09:55 millert + + * closefrom.c: Silence gcc -Wsign-compare; djm@openbsd.org + +2005-11-17 20:39 millert + + * error.c, sudo.c, sudo.h, testsudoers.c, visudo.c: cleanup() now + takes an int as an arg so it can be used as a signal handler too. + +2005-11-17 20:38 millert + + * sudo.c: Make a copy of the shell field in the passwd struct for + NewArgv to avoid a use after free situation after sudo_endpwent() + is called. + +2005-11-16 20:36 millert + + * Makefile.in, mkstemp.c, config.h.in, configure, configure.in: Add + mkstemp() for those poor souls without it. + +2005-11-15 09:25 millert + + * env.c: Add PERL5DB to list of environment variables to remove. + +2005-11-13 15:49 millert + + * mon_systrace.c, mon_systrace.h: Instead of calling the check + function twice with a state cookie use separate check/log + functions. + + Check more ioctl() calls for failure. + + systrace_{read,write} now return the number of bytes read/written + or -1 on error. + +2005-11-13 14:51 millert + + * env.c: Add more environment variables to remove; from gentoo + linux Add some comments about what bad env variables go to what + (more to do) + +2005-11-11 17:23 millert + + * sudo.c, sudo_edit.c: Move sudo_end{gr,pw}ent() until just before + the exec since they free up our cached copy of the passwd + structs, including sudo_user and sudo_runas. Fixes a + use-after-free bug. + +2005-11-11 17:19 millert + + * visudo.c: Close all fd's before executing editor. + +2005-11-11 17:17 millert + + * sudo.c: Enable malloc debugging on OpenBSD when SUDO_DEVEL is + set. + +2005-11-11 11:22 millert + + * check.c: Fix fd leak when lecture file option is enabled. From + Jerry Brown + +2005-11-07 11:02 millert + + * env.c: Add PERLLIB, PERL5LIB and PERL5OPT to the default list of + environment variables to remove. From Charles Morris + +2005-11-01 13:24 millert + + * env.c: add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5 + +2005-10-27 20:35 millert + + * env.c: add PS4 and SHELLOPTS to initial_badenv_table for bash + +2005-08-14 20:32 millert + + * sudoers.pod: Fix typo; Toby Peterson + +2005-08-02 09:57 millert + + * tsgetgrpw.c: Make return buffers static so they don't get + clobbered + +2005-07-27 21:14 millert + + * auth/securid5.c: Fix securid5 authentication, was not checking + for ACM_OK. Also add default cases for the two switch()es. + Problem noted by ccon at worldbank + +2005-06-26 20:10 millert + + * ldap.c: Remove ncat() in favor of just counting bytes and + pre-allocating what is needed. + +2005-06-26 19:44 millert + + * ldap.c: Fix up some comments Add missing fclose() for the + rootbinddn case + +2005-06-26 19:38 millert + + * ldap.c: align struct ldap_config + +2005-06-26 19:37 millert + + * ldap.c: use LINE_MAX for max conf file line size + +2005-06-26 18:36 millert + + * pathnames.h.in: add _PATH_LDAP_SECRET + +2005-06-26 18:36 millert + + * README.LDAP: Mention rootbinddn Give example ou=SUDOers container + +2005-06-25 18:03 millert + + * configure, INSTALL, configure.in, ldap.c: Support rootbinddn in + ldap.conf + +2005-06-25 17:46 millert + + * env.c, sudo.pod, sudoers.pod: Preserve DISPLAY environment + variable by default. + +2005-06-25 16:39 millert + + * acsite.m4, configure: set need_lib_prefix=no for all cases; this + is safe for LD_PRELOAD + +2005-06-25 16:15 millert + + * acsite.m4, configure: set need_version=no for all cases; this is + safe for LD_PRELOAD + +2005-06-25 14:45 millert + + * aclocal.m4: typo + +2005-06-25 14:33 millert + + * configure, configure.in: Add dragonfly + +2005-06-25 14:29 millert + + * auth/pam.c: Fix call to pam_end() when pam_open_session() fails. + +2005-06-25 14:21 millert + + * configure: regen + +2005-06-25 14:20 millert + + * acsite.m4: rebuild acsite.m4 from libtool 1.9f libtool.m4 + ltoptions.m4 ltsugar.m4 ltversion.m4 + +2005-06-25 14:08 millert + + * config.guess, config.sub, ltmain.sh: merge in local changes: + config.guess: o better openbsd support config.sub: o hiuxmpp + support ltmain.sh o remove requirement that libs must begin with + "lib" o don't print a bunch of crap about library installs o + don't run ldconfig + +2005-06-25 14:05 millert + + * config.guess, config.sub, ltmain.sh: libtool 1.9f + +2005-06-25 14:04 millert + + * configure.in: Update with autoupdate and make minor changes for + libtool 1.9f + +2005-06-22 23:19 millert + + * parse.c: don't call sudo_ldap_display_cmnd if ldap not setup + +2005-06-22 23:04 millert + + * check.c, compat.h, fileops.c, gettime.c, sudo_edit.c, visudo.c, + emul/timespec.h: Move declatation of struct timespec to its own + include files for systems without it since it needs time_t + defined. + +2005-06-22 22:57 millert + + * ldap.c: Don't set safe_cmnd for the "sudo ALL" case. + +2005-05-27 01:59 millert + + * auth/pam.c: Call pam_open_session() and pam_close_session() to + give pam_limits a chance to run. Idea from Karel Zak. + +2005-04-24 19:24 millert + + * check.c, sudo.c: Add explicit cast from mode_t -> u_int in printf + to silence warnings on Solaris + +2005-04-24 19:22 millert + + * parse.c: include grp.h to silence a warning on Solaris + +2005-04-23 15:10 millert + + * parse.c: Fix printing of += and -= defaults. + +2005-04-17 01:21 millert + + * mon_systrace.c: Sanity check number of syscall args with argsize. + Not really needed but a little paranoia never hurts. + +2005-04-17 01:18 millert + + * mon_systrace.c, mon_systrace.h: Don't do pointer arithmetic on + void * Use int, not size_t/ssize_t for systrace lengths (since it + uses int) + +2005-04-16 03:14 millert + + * mon_systrace.c: Add some memsets for paranoia Fix namespace + collsion w/ error Check rval of decode_args() and update_env() + Remove improper setting of validated variable + +2005-04-11 21:37 millert + + * parse.c, sudo.c, sudo.h: In -l mode, only check local sudoers + file if def_ignore_sudoers is not set and call LDAP versions from + display_privs() and display_cmnd() instead of directly from + main(). Because of this we need to defer closing the ldap + connection until after -l processing has ocurred and we must pass + in the ldap pointer to display_privs() and display_cmnd(). + +2005-04-11 21:33 millert + + * ldap.c: Reorganize LDAP code to better match normal sudoers + parsing. Instead of storing strings for later printing in -l + mode we do another query since the authenticating user and the + user being listed may not be the same (the new -U flag). Also + add support for "sudo -l command". + + There is still a fair bit if duplicated code that can probably be + refactored. + +2005-04-11 00:37 millert + + * ldap.c: Replace pass variable with do_netgr for better + readability. + +2005-04-10 23:49 millert + + * ldap.c: use DPRINTF macro + +2005-04-10 23:18 millert + + * ldap.c: estrdup, not strdup + +2005-04-10 17:44 millert + + * parse.c: Add macro to test if the tag changed to improve + readability. + +2005-04-10 17:40 millert + + * parse.c: Avoid printing defaults header if there are no defaults + to print... + +2005-04-10 15:29 millert + + * glob.c: Fix a warning on systems without strlcpy(). + +2005-04-10 13:32 millert + + * pwutil.c: Use macros where possible for sudo_grdup() like + sudo_pwdup(). + +2005-04-08 17:04 millert + + * utimes.c: It is possible for tv_usec to hold >= 1000000 usecs so + add in tv_usec / 1000000. + +2005-03-29 23:38 millert + + * auth/kerb5.c: The component in krb5_principal_get_comp_string() + should be 1, not 0 for Heimdal. From Alex Plotnick. + +2005-03-29 09:29 millert + + * alias.c, alloc.c, check.c, defaults.c, find_path.c, gram.c, + gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c, + pwutil.c, redblack.c, sudo.c, sudo.h, toke.c, toke.l, visudo.c: + Add efree() for consistency with emalloc() et al. Allows us to + rely on C89 behavior (free(NULL) is valid) even on K&R. + +2005-03-28 22:33 millert + + * parse.c, sudo.c: Move initgroups() for -U option into + display_privs() so group matching in sudoers works correctly. + +2005-03-26 21:34 millert + + * ldap.c: Removed duplicate call to ldap_unbind_s introduced along + with sudo_ldap_close. + +2005-03-26 20:01 millert + + * parse.c: Add missing space in Defaults printing + +2005-03-25 12:36 millert + + * pwutil.c: Sync sudo_pwdup with OpenBSD changes: use macros for + size computaton and string copies. + +2005-03-18 22:08 millert + + * pwutil.c: Zero old pw_passwd before replacing with version from + shadow file. + +2005-03-18 22:07 millert + + * configure, configure.in: Only attempt shadow password detection + if PAM is not being used Add shadow_* variables to make shadow + password detection more generic. + +2005-03-18 21:46 millert + + * configure.in: Use OSDEFS for os-specific -D_FOO_BAR stuff rather + than CPPFLAGS + +2005-03-12 19:27 millert + + * sudoers.pod: use a non-breaking space to avoid a double space + after e.g. + +2005-03-12 19:26 millert + + * sudo.pod: commna, not colon after e.g. + +2005-03-12 18:43 millert + + * sudo_noexec.c: Add __ variants of the exec functions. GNU libc + at least uses __execve() internally. + +2005-03-12 12:29 millert + + * indent.pro: Match reality a bit more. + +2005-03-12 12:27 millert + + * pwutil.c: Missed piece from rev. 1.6, fix sudo_getpwnam() too. + +2005-03-11 23:42 millert + + * pwutil.c: Store shadow password after making a local copy of + struct passwd in case normal and shadow routines use the same + internal buffer in libc. + +2005-03-10 20:57 millert + + * alloc.c, logging.c: Make varargs usage consistent with the rest + of the code. + +2005-03-10 10:09 millert + + * sudo_noexec.c: Wrap more of the exec family since on Linux the + others do not appear to go through the normal execve() path. + +2005-03-10 09:57 millert + + * visudo.c: make print_unused static like proto says + +2005-03-10 09:55 millert + + * glob.c: silence a warning on K&R systems + +2005-03-10 09:51 millert + + * parse.c, alias.c, error.c: make this build in K&R land + +2005-03-07 22:21 millert + + * toke.c: regen + +2005-03-05 22:46 millert + + * ldap.c: return(foo) not return foo optimize _atobool() slightly + +2005-03-05 22:40 millert + + * ldap.c: Use TRUE/FALSE + +2005-03-05 22:31 millert + + * ldap.c: Reformat to match the rest of sudo's code. + +2005-03-05 19:33 millert + + * sudo.pod: I am the primary author + +2005-02-22 22:28 millert + + * README, RUNSON, Makefile.in: The RUNSON file is toast--it + confused too many people and really isn't needed in a + configure-oriented world. + +2005-02-22 22:28 millert + + * INSTALL: alternate -> alternative + +2005-02-22 22:26 millert + + * tgetpass.c: Use TCSADRAIN instead of TCSAFLUSH since some OSes + have issues with TCSAFLUSH. + +2005-02-22 22:16 millert + + * toke.l: Allow leading blanks before Defaults and Foo_Alias + definitions + +2005-02-22 22:14 millert + + * Makefile.in: fix rules to build toke.o and gram.o in devel mode + +2005-02-20 13:00 millert + + * sudoers.pod: env_keep overrides set_logname + +2005-02-20 12:57 millert + + * env.c: Fix disabling set_logname and make env_keep override + set_logname. + +2005-02-20 12:28 millert + + * compat.h, config.h.in, configure, configure.in: No longer need + memmove() + +2005-02-20 11:48 millert + + * env.c, sudo.c: Just clean the environment once. This assumes + that any further setenv/putenv will be able to handle the fact + that we replaced environ with our own malloc'd copy but all the + implementations I've checked do. + +2005-02-15 23:16 millert + + * env.c, sudo.c: In -i mode, base the value of insert_env()'s + dupcheck flag on DID_FOO flags. Move checks for $HOME resetting + into rebuild_env() + +2005-02-13 00:33 millert + + * env.c, sudo.c: Move setting of user_path, user_shell, user_prompt + and prev_user into init_vars() since user_shell at least is + needed there. + +2005-02-12 18:51 millert + + * Makefile.in: fix devel builds + +2005-02-12 18:46 millert + + * check.c, sudo.c: Fix some printf format mismatches on error. + +2005-02-12 18:33 millert + + * configure, gram.c, toke.c: regen + +2005-02-12 17:56 millert + + * LICENSE, Makefile.binary.in, Makefile.in, aclocal.m4, alias.c, + alloc.c, check.c, closefrom.c, compat.h, configure.in, + defaults.c, defaults.h, env.c, error.c, fileops.c, find_path.c, + getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.y, + interfaces.c, interfaces.h, ldap.c, logging.c, logging.h, + match.c, mon_systrace.c, parse.c, redblack.c, redblack.h, + set_perms.c, sigaction.c, snprintf.c, strcasecmp.c, strerror.c, + strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.pod, sudo_edit.c, + sudo_noexec.c, sudoers.pod, testsudoers.c, tgetpass.c, toke.l, + utimes.c, version.h, visudo.c, visudo.pod, zero_bytes.c, + auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, + auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c, + auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c, + auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h, + emul/utime.h: Update copyright years. + +2005-02-12 16:46 millert + + * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in: + version 1.7 + +2005-02-12 16:16 millert + + * WHATSNEW: What's new in sudo 1.7, based on the 1.7 CHANGES + entries. + +2005-02-11 18:06 millert + + * compat.h, logging.h, sudo.h: Add __printflike and use it with gcc + to warn about printf-like format mismatches + +2005-02-10 00:16 millert + + * CHANGES, ChangeLog: Replaced CHANGES file with ChangeLog + generated from cvs logs + +2005-02-10 00:03 millert + + * set_perms.c: Use warning/error instead of perror/fatal. + +2005-02-09 23:13 millert + + * config.guess: Update OpenBSD section + +2005-02-09 23:10 millert + + * UPGRADE: Add upgrading noted for 1.7 + +2005-02-09 23:00 millert + + * env.c, sudo.c, sudoers.pod: Instead of zeroing out the + environment, just prune out entries based on the env_delete and + env_check lists. Base building up the new environment on the + current environment and the variables we removed initially. + +2005-02-09 22:23 millert + + * configure, configure.in, sudo.c, config.h.in: Set locale to "C" + if locales are supported, just to be safe. + +2005-02-09 22:19 millert + + * toke.c, toke.l: Cast argument to ctype functions to unsigned + char. + +2005-02-07 22:56 millert + + * env.c: correct value for DID_USER + +2005-02-07 22:55 millert + + * error.c, fnmatch.c, getcwd.c, glob.c, snprintf.c: #include + <compat.h> not "compat.h" + +2005-02-07 22:51 millert + + * defaults.c: Reset the environment by default. + +2005-02-07 22:50 millert + + * sudo.c: Alloc an extra slot in NewArgv. Removes the need to + malloc an new vector if execve() fails. + +2005-02-06 23:16 millert + + * INSTALL, config.h.in, configure, configure.in, sudo.c: Use + execve(2) and wrap the command in sh if we get ENOEXEC. + +2005-02-05 23:01 millert + + * sudo_noexec.c: Only include time.h on systems that lack struct + timespec which gets defind in compat.h (using time_t). + +2005-02-05 22:59 millert + + * sudo_noexec.c: Include time.h for time_t in compat.h for systems + w/o struct timespec. + +2005-02-05 22:56 millert + + * configure, compat.h, config.h.in, configure.in: use bcopy on + systems w/o memmove + +2005-02-05 22:31 millert + + * compat.h: __attribute__((__unused__)) doesn't work in gcc 2.7.2.1 + so limit its use to gcc >= 2.8. + +2005-02-05 21:21 millert + + * Makefile.in: Add explicit rule to build sudo_noexec.lo + +2005-02-05 17:56 millert + + * INSTALL.configure, Makefile.in: No longer depend on VPATH; + pointed out a bunch of missed dependencies. + +2005-02-05 13:18 millert + + * TROUBLESHOOTING: Help for PAM when account section is missing + +2005-02-05 13:01 millert + + * auth/pam.c: Give user a clue when there is a missing "account" + section in the PAM config. + +2005-02-05 10:22 millert + + * auth/pam.c: Better error handling. + +2005-02-05 09:57 millert + + * configure, config.h.in, configure.in: Move _FOO_SOURCE to + CPPFLAGS so it takes effect as early as possible. Silences a + warning about isblank() on linux. + +2005-02-04 21:49 millert + + * auth/pam.c: Fix typo (missing comma) that caused an incorrect + number of args to be passed to log_error(). + +2005-01-31 23:03 millert + + * pwutil.c: Don't try to destroy a tree we didn't create. + +2005-01-27 10:42 millert + + * alias.c, alloc.c, check.c, closefrom.c, compat.h, defaults.c, + env.c, error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c, + getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.c, + gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c, + parse.c, pwutil.c, set_perms.c, sigaction.c, snprintf.c, + strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c, + sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c, + toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c, + auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c, + auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c, + auth/rfc1938.c, auth/secureware.c, auth/securid.c, + auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Add __unused to + rcsids + +2005-01-21 10:34 millert + + * configure, configure.in: Fix error message when mixing invalid + auth types + +2005-01-21 10:32 millert + + * INSTALL: PAM, AIX auth, BSD auth and login_cap are now on by + default if the OS supports them. + +2005-01-21 10:29 millert + + * config.h.in, auth/sudo_auth.h: s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g + +2005-01-21 10:29 millert + + * configure.in: Better checking for conflicting authentication + methods Display the authentication methods used at the end of + configure Rename --with-authenticate -> --with-aixauth Use + --with-aixauth, --with-bsdauth, --with-pam, --with-logincap by + default on systems that support them unless disabled. Add + OSMAJOR variable that replaces old OSREV; now OSREV has full + version number + +2005-01-17 19:40 millert + + * def_data.c, def_data.in, sudo.c, sudoers.pod: s/-O/-C/ + +2005-01-14 13:35 millert + + * configure.in: Replace: test -n "$FOO" || FOO="bar" + + With: : ${FOO='bar'} + +2005-01-09 18:58 millert + + * pwutil.c, testsudoers.c, tsgetgrpw.c: Use function pointers to + only call private passwd/group routines when using a nonstandard + passwd/group file. + +2005-01-06 10:34 millert + + * CHANGES: sync + +2005-01-05 22:16 millert + + * tsgetgrpw.c: Can't use strtok() since it doesn't handle empty + fields so add getpwent()/getgrent() functions and call those. + +2005-01-05 17:29 millert + + * Makefile.in: Fix dummied out toke.c and gram.c dependencies. + +2005-01-05 17:18 millert + + * Makefile.in: Rename PARSESRCS -> GENERATED since it is only used + in the clean target Add devdir variable and use it to specify the + path to parser sources + +2005-01-05 17:17 millert + + * configure: regen + +2005-01-05 17:17 millert + + * configure.in: Add a devdir variables that defaults to $(srcdir) + and is set to . if --devel was specified. Allows for proper + dependecies building the parser. + +2005-01-05 14:50 millert + + * testsudoers.c: Add support for custom passwd/group files. + +2005-01-05 14:47 millert + + * Makefile.in: Build private copy of pwutil.o for testsudoers with + MYPW defined so it uses our own passwd/group routines. + +2005-01-05 14:46 millert + + * visudo.c: Remove sudo_*{pw,gr}* stubs and add + sudo_setspent/sudo_endspent stubs instead. We can now just use + the caching sudo_*{pw,gr}* functions in pwutil.c Add comment + about wanting to call sudo_endpwent/sudo_endgrent in cleanup() + +2005-01-05 14:44 millert + + * tsgetgrpw.c: Remove caching; we will just use what is in pwutil.c + Use global buffers for passwd/group structs Rename functions from + sudo_* to my_* + +2005-01-05 14:43 millert + + * logging.c, sudo.c: g/c pwcache_init/pwcache_destroy + +2005-01-05 14:42 millert + + * sudo.h: Undo last commit and add sudo_setspent and sudo_endspent + instead. + +2005-01-05 14:41 millert + + * getspwuid.c, pwutil.c: Move all but the shadow stuff from + getspwuid.c to pwutil.c and pwcache_get and pwcache_put as they + are no longer needed. Also add preprocessor magic to use private + versions of the passwd and group routines if MYPW is defined (for + use by testsudoers). + +2005-01-04 22:40 millert + + * tsgetgrpw.c: zero out struct passwd/group before filling it in so + if there are fields we don't handle they end up as 0. + +2005-01-04 20:10 millert + + * logging.c, sudo.c, sudo.h, testsudoers.c, visudo.c: Adapt to + pwutil.c + +2005-01-04 20:09 millert + + * Makefile.in: Add tsgetgrpw.c and pwutil.c Rename the *OBJ + variables for better readability. + +2005-01-04 20:08 millert + + * tsgetgrpw.c: Passwd and group lookup routines for testsudoers + that support alternate passwd and group files. + +2005-01-04 20:07 millert + + * getspwuid.c, pwutil.c: Split off pw/gr cache and dup code into + its own file. This allows visudo and testsudoers to use the + pw/gr cache too. + +2005-01-01 19:31 millert + + * parse.c: Print Defaults info in "sudo -l" output and wrap lines + based on the terminal width. + +2005-01-01 12:41 millert + + * match.c, visudo.c, testsudoers.c: Only check group vector in + usergr_matches() if we are matching the invoking or list user. + Always check the group members, even if there was a group vector. + +2004-12-17 17:24 millert + + * LICENSE, Makefile.in, fnmatch.3: No longer bundle fnmatch.3 + +2004-12-17 13:12 millert + + * CHANGES, TODO: checkpoint + +2004-12-16 14:20 millert + + * sudo.c: sort usage + +2004-12-16 14:20 millert + + * sudo.pod: Sort command line options + +2004-12-16 13:33 millert + + * def_data.c, def_data.h, def_data.in, defaults.c, logging.c, + sudo.c, sudo.pod, sudoers.pod: Add closefrom sudoers option to + start closing at a point other than 3. Add closefrom_override + sudoers option and -C sudo flag to allow the user to specify a + different closefrom starting point. + +2004-12-16 13:25 millert + + * pathnames.h.in: Add _PATH_DEVNULL for those without it. + +2004-12-15 22:55 millert + + * LICENSE: no more UCB strcasecmp + +2004-12-15 22:54 millert + + * strcasecmp.c: replace BSD licensed one with version derived from + pdksh + +2004-12-09 21:07 millert + + * sudo.c: Fix last commit. + +2004-12-09 19:26 millert + + * sudo.c: Make sure stdin, stdout and stderr are open and dup them + to /dev/null if not. + +2004-12-03 13:57 millert + + * ldap.c, mon_systrace.c, sudo.c, sudo.h: add sudo_ldap_close + +2004-12-03 13:52 millert + + * fileops.c, gettime.c, sudo.c, sudo_edit.c, utimes.c, visudo.c: + Use TIME_WITH_SYS_TIME + +2004-12-03 13:48 millert + + * configure, configure.in, config.h.in: Add TIME_WITH_SYS_TIME_H + +2004-12-02 11:18 millert + + * env.c: Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE + being set unconditionally on darwin. From Toby Peterson. + +2004-12-02 10:40 millert + + * getspwuid.c: Check rbinsert() return value. In the case of faked + up entries there is usually a negative response cached that we + need to overwrite. + + In pwfree() don't try to zero out a NULL pw_passwd pointer. + +2004-12-02 09:53 millert + + * mon_systrace.c: Use the double fork trick to avoid the monitor + process being waited for by the main program run through sudo. + +2004-11-29 12:52 millert + + * sudo.c: Call initgroups() in -U mode so group matches work + normally. + +2004-11-29 12:34 millert + + * def_data.h, mkdefaults: Don't print a trailing comma for the last + entry in enum def_tupple + +2004-11-28 16:08 millert + + * sudoers.cat, sudoers.man.in, sudoers.pod: Mention values when + lecture, listpw and verifypw are used in boolean context. + +2004-11-28 16:05 millert + + * def_data.c, def_data.in: verifypw when used in a boolean TRUE + context should be "all", not "any". + +2004-11-26 14:21 millert + + * def_data.in, defaults.c: Allow tuples that can be used as + booleans to be used as boolean TRUE. In this case the 2nd + possible value of the tuple is used for TRUE. + +2004-11-25 12:23 millert + + * configure, configure.in: Correct the test for 2-parameter + timespecsub + +2004-11-25 12:20 millert + + * sudo.h: Add strub struct definitions for passwd, timeval and + timespec + +2004-11-25 12:09 millert + + * configure, configure.in, config.h.in, sudo_edit.c, visudo.c: Add + check for 2-argument form of timespecsub (FreeBSD and BSD/OS) and + fix a typo in the gettimeofday check. + +2004-11-24 16:44 millert + + * match.c, testsudoers.c: Deal with user_stat being NULL as it is + for visudo and testsudoers. + +2004-11-24 16:31 millert + + * parse.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod: Add -U + option to use in conjunction with -l instead of -u. Add support + for "sudo -l command" to test a specific command. + +2004-11-24 16:28 millert + + * gram.c, gram.y, sudo.c: Set safe_cmnd after sudoers_lookup() if + it has not been set. Previously it was set by sudo "ALL" in the + parser but at that point the fully-qualified pathname has not yet + been found. + +2004-11-23 18:18 millert + + * parse.c, testsudoers.c: Correctly handle multiple privileges per + userspec and runas inheritence. + +2004-11-21 14:09 millert + + * defaults.c: Zero out sd_un for each entry in sudo_defs_table in + init_defaults. + +2004-11-19 18:04 millert + + * toke.c, toke.l: make per-command defaults work with sudoedit + +2004-11-19 18:00 millert + + * ldap.c, parse.c, sudo.c, sudo.h: Remove the FLAG_NOPASS, + FLAG_NOEXEC and FLAG_MONITOR flags. Instead, we just set the + approriate defaults variable. + +2004-11-19 17:09 millert + + * sample.sudoers, sudoers.cat, sudoers.man.in, sudoers.pod: + Document per-command Defaults. + +2004-11-19 16:35 millert + + * defaults.c, defaults.h, gram.c, gram.h, gram.y, mon_systrace.c, + sudo.c, testsudoers.c, toke.c, toke.l, visudo.c: Add support for + command-specific Defaults entries. E.g. + Defaults!/usr/bin/vi noexec + +2004-11-19 15:03 millert + + * defaults.c, match.c, parse.c, parse.h, testsudoers.c: Change an + occurence of user_matches() -> runas_matches() missed previously + runas_matches(), host_matches() and cmnd_matches() only really + need to pass in a list of members. user_matches() still needs to + pass in a passwd struct because of "sudo -l" + +2004-11-19 14:46 millert + + * parse.c: Check def_authenticate, def_noexec and def_monitor when + setting return flags. XXX May be better to just set the defaults + directly and get rid of those flags. + +2004-11-19 13:39 millert + + * alias.c, alloc.c, check.c, closefrom.c, defaults.c, env.c, + error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c, + getprogname.c, getspwuid.c, gettime.c, glob.c, goodpath.c, + gram.c, gram.y, interfaces.c, ldap.c, logging.c, match.c, + mon_systrace.c, parse.c, redblack.c, set_perms.c, snprintf.c, + strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c, + sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c, + toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c, + auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c, + auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c, + auth/rfc1938.c, auth/secureware.c, auth/securid.c, + auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Use: #include + <config.h> Not: #include "config.h" That way we get the correct + config.h when build dir != src dir + +2004-11-19 13:30 millert + + * Makefile.in: Back out part of rev 1.263; fix -I order + +2004-11-19 13:12 millert + + * toke.c, toke.l: More robust parsing if #include; could be much + better still. + +2004-11-19 12:55 millert + + * sudo_edit.c, visudo.c: Make arg splitting in visudo and sudoedit + consistent. + +2004-11-19 12:35 millert + + * Makefile.in, alias.c, gram.c, gram.y, parse.h: Split alias + routines out into their own file. + +2004-11-19 12:32 millert + + * error.h: __attribute__ is already defined in compat.h + +2004-11-19 12:30 millert + + * visudo.c: quit() should not be __noreturn__ as it is non-void on + some platforms. + +2004-11-19 12:24 millert + + * auth/: fwtk.c, rfc1938.c, securid.c, securid5.c: Add local + error/warning functions like err/warn but that call an additional + cleanup routine in the error case. This means we no longer need + to compile a special version of alloc.o for visudo. + +2004-11-19 11:54 millert + + * parse.h: Clarify comments about the data structures + +2004-11-18 15:28 millert + + * visudo.c: Add support for VISUAL and EDITOR containing command + line args. If env_editor is not set any args in VISUAL and + EDITOR are ignored. Arguments are also now supported in + def_editor. + +2004-11-17 14:25 millert + + * parse.h: alias_matches() is no more + +2004-11-17 14:09 millert + + * CHANGES, TODO: sync + +2004-11-17 13:19 millert + + * Makefile.in: When regenerating the parser, don't replace gram.h + unless it has changed. + +2004-11-17 11:56 millert + + * Makefile.in: remove Makefile.binary for distclean + +2004-11-17 11:18 millert + + * env.c: Preserve KRB5CCNAME in zero_env() and add a paranoia check + to make sure we can't overflow new_env. + +2004-11-17 10:33 millert + + * sudo_edit.c: paranoia when stripping trailing slashes from + tempdir. + +2004-11-16 19:00 millert + + * sudo.c: Set user_ngroups to 0 if getgroups() returns an error. + +2004-11-16 18:59 millert + + * configure, configure.in, config.h.in, sudo.c: Add configure check + for getgroups() + +2004-11-16 18:55 millert + + * ldap.c: Use supplementary group vector in struct sudo_user. + +2004-11-16 18:40 millert + + * match.c: Only do string comparisons on the group members if there + is no supplemental group list. + +2004-11-16 16:10 millert + + * CHANGES, TODO: sync + +2004-11-16 15:54 millert + + * sudo_edit.c: On Digital UNIX _PATH_VAR_TMP doesn't end with a + trailing slash so chop off any trailing slashes we see and add an + explicit one. + +2004-11-16 12:02 millert + + * match.c: remove bogus XXX comment + +2004-11-16 11:10 millert + + * match.c: Get rid of alias_matches and correctly fall through to + the non-alias cases when there is no alias with the specified + name. + +2004-11-16 10:47 millert + + * getspwuid.c: Cache non-existent passwd/group entries too. + +2004-11-16 10:45 millert + + * gram.c: regen + +2004-11-15 23:32 millert + + * getspwuid.c: fix typo + +2004-11-15 23:24 millert + + * check.c, getspwuid.c, glob.c, ldap.c, logging.c, match.c, + mon_systrace.h, sudo.c, sudo.h, testsudoers.c, visudo.c: + Implement group caching and use the passwd and group caches + throughout. + +2004-11-15 14:43 millert + + * match.c: Properly negate the return value of alias_matches() when + appropriate. + +2004-11-15 14:38 millert + + * match.c: Make hostname_matches() return TRUE for a match, else + FALSE like the caller expects. + +2004-11-15 13:24 millert + + * Makefile.in: Add missing dependencies on gram.h + +2004-11-15 13:06 millert + + * match.c: Use runas_matches in alias_matches() now that we have + it. + +2004-11-15 13:00 millert + + * parse.c, parse.h: Expand aliases in "sudo -l" mode + +2004-11-15 12:33 millert + + * gram.y, match.c: Use ALIAS for the member type when storing an + alias instead of HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since + match.c relies on the more generic type. Expand runas_matches + instead of calling user_matches() inside of it since + user_matches() looks up USERALIASes, not RUNASALIASes. + +2004-11-15 12:05 millert + + * CHANGES, getspwuid.c: Paranoia; zero out pw_passwd before freeing + passwd entry. + +2004-11-15 10:53 millert + + * LICENSE, Makefile.in, alloc.c, check.c, config.h.in, configure, + configure.in, err.c, error.c, error.h, defaults.c, env.c, + find_path.c, interfaces.c, logging.c, mon_systrace.c, sudo.c, + sudo.h, sudo_edit.c, testsudoers.c, visudo.c, emul/err.h: Add + local error/warning functions like err/warn but that call an + additional cleanup routine in the error case. This means we no + longer need to compile a special version of alloc.o for visudo. + +2004-11-15 09:59 millert + + * match.c: Use userpw_matches() to compare usernames, not strcmp(), + since the latter checks for "#uid". + +2004-11-15 09:53 millert + + * getspwuid.c, mon_systrace.c, mon_systrace.h, sudo.c: Cache passwd + db entries in 2 reb-black trees; one indexed by uid, the other by + user name. The data returned from the cache should be considered + read-only and is destroyed by sudo_endpwent(). + +2004-11-15 09:50 millert + + * match.c: add cast to uid_t + +2004-11-15 09:49 millert + + * gram.y: missing free in alias_destroy + +2004-11-15 09:49 millert + + * redblack.c: Can't use rbapply() for rbdestroy since the + destructor is passed a data pointer, not a node pointer. + +2004-11-14 23:06 millert + + * getspwuid.c, logging.c, sudo.c, sudo.h: Create and use private + versions of setpwent() and endpwent() that set/end the shadow + password file too. + +2004-11-14 22:55 millert + + * gram.c, gram.h, gram.y, match.c, parse.h, testsudoers.c, + visudo.c: Store aliases in a red-black tree. + +2004-11-14 22:52 millert + + * Makefile.in, redblack.c, redblack.h: red-black tree + implementation + +2004-11-14 22:37 millert + + * visudo.c: Edit all sudoers file if there were unused or undefined + aliases and we are in strict mode. + +2004-11-12 11:19 millert + + * CHANGES, def_data.c, def_data.h, def_data.in, defaults.c, env.c, + find_path.c, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.c: + Bring back the "secure_path" Defaults option now that Defaults + take effect before the path is searched. + +2004-11-11 12:22 millert + + * logging.c, parse.c: A user can always list their own entries, + even with -u. Better error message when failing to list another + user's entries. + +2004-11-11 12:12 millert + + * parse.c, sudo.c, sudo.h: The syntax to list another user's + entries is now "-u otheruser -l". Only root or users with sudo + "ALL" may list other user's entries. + +2004-11-11 11:30 millert + + * sudo.cat, sudo.man.in, sudo.pod: Update env variable info in + SECURITY NOTES + +2004-11-11 11:25 millert + + * env.c: strip CDPATH too + +2004-11-11 11:20 millert + + * env.c: strip exported bash functions from the environment. + +2004-10-27 12:16 millert + + * sudo.c: Only reset sudo_user.pw based on SUDO_USER environment + variables for real commands and sudoedit. This avoids a + confusing message when a user tries "sudo -l" or "sudo -v" and is + denied. + +2004-10-27 12:06 millert + + * gram.c, gram.y, parse.h: Extend LIST_APPEND to deal with + appending lists too + +2004-10-26 18:39 millert + + * logging.c: Convert some bitwise AND to ISSET + +2004-10-26 18:29 millert + + * lex.yy.c, toke.c: toke.c replaces lex.yy.c + +2004-10-26 18:29 millert + + * CHANGES, TODO: sync + +2004-10-26 18:28 millert + + * BUGS: new parser fixes most of the outstanding bugs + +2004-10-26 18:27 millert + + * configure: regen + +2004-10-26 18:26 millert + + * visudo.c: Rework for the new parser. Now checks for unused + aliases in sudoers. + +2004-10-26 18:25 millert + + * testsudoers.c: Rewrite for the new parser. Now supports a -d + flag (dump) and adds a -h flag (host). It now defaults to the + local hostname unless otherwise specified. + +2004-10-26 18:23 millert + + * sudo.h: Add new prototypes. Remove NOMATCH/UNSPEC (now in + parse.h) + +2004-10-26 18:22 millert + + * sudo.c: Update for new parse. We now call find_path() *after* we + have updated the global defaults based on sudoers. Also adds + support for listing other user's privs if you are root. + +2004-10-26 18:21 millert + + * mon_systrace.c: Working LDAP support; also remove a now-unneeded + rewind(). + +2004-10-26 18:20 millert + + * logging.c, logging.h: Add NO_STDERR flag. + +2004-10-26 18:19 millert + + * ldap.c: Split sudo_ldap_check() into three pieces: + sudo_ldap_open(), udo_ldap_update_defaults() and + sudo_ldap_check(). This allows us to connecto to LDAP, apply the + default options, find the command in the user's path, and then + check whether the user is allowed to run it. The important thing + here is that the default runas user may be specified as a default + option and that needs to be set before we search for the command. + +2004-10-26 18:17 millert + + * ldap.c: Add casts to unsigned char for isspace() to quiet a gcc + warning. + +2004-10-26 18:16 millert + + * defaults.h: Add prototype for update_defaults() + +2004-10-26 18:16 millert + + * defaults.c: Don't warn about line numbers now that we operate on + a set of data structures (or LDAP) and not a file. + +2004-10-26 18:15 millert + + * config.h.in: No long use lsearch() + +2004-10-26 18:14 millert + + * Makefile.in: Update for new and changed file names. + +2004-10-26 18:14 millert + + * LICENSE: no more BSD lsearch.c + +2004-10-26 18:14 millert + + * match.c: foo_matches() routines now live in match.c Added + user_matches(), runas_matches(), host_matches(), cmnd_matches() + and alias_matches() that operate on the parsed sudoers file. + +2004-10-26 18:12 millert + + * parse.lex, toke.l: Move parse.lex -> toke.l Rename buffer_frob() + -> switch_buffer() WORD no longer needs to exclude '@' kill + yywrap() + +2004-10-26 18:10 millert + + * gram.c, gram.h, gram.y, parse.c, parse.h, parse.yacc, sudo.tab.h: + Rewritten parser that converts sudoers into a set of data + structures. This eliminates ordering issues and makes it + possible to apply sudoers Defaults entries before searching for + the command. + +2004-10-26 18:09 millert + + * configure.in, lsearch.c, emul/search.h: We won't be using + lsearch() any longer. + +2004-10-26 18:07 millert + + * ldap.c: sudo should not send mail if someone who runs 'sudo -l' + has no entry. + +2004-10-26 16:09 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in: regen + +2004-10-26 16:09 millert + + * visudo.pod: Update warnings to match new visudo + +2004-10-26 16:08 millert + + * sudoers.pod: The new parser doesn't have the old ordering + constraints. + +2004-10-26 16:08 millert + + * sudo.pod: Document that -l now takes an optional username + argument + +2004-10-25 13:44 millert + + * RUNSON: AIX 5.2.0.0 works + +2004-10-25 13:38 millert + + * ldap.c: If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS + instead. Fixes a compilation problem with Solaris 9's native + LDAP. + + Set FLAG_MONITOR when needed. + +2004-10-23 13:32 millert + + * mon_systrace.c: Call sudo_goodpath() *after* changing the cwd to + match the traced process. Fixes relative paths. + +2004-10-21 12:31 millert + + * testsudoers.c: Kill set_perms() stub--it is no longer needed. + +2004-10-13 12:52 millert + + * sudoers.cat, sudoers.man.in, sudoers.pod: stay_setuid now + requires set_reuid() or setresuid() + +2004-10-13 12:46 millert + + * INSTALL, PORTING, TROUBLESHOOTING, config.h.in, configure, + configure.in, set_perms.c, sudo.c, sudo.h: Kill use of POSIX + saved uids; they aren't worth bothering with. + +2004-10-07 16:23 millert + + * glob.c: remove call to issetugid() + +2004-10-07 14:57 millert + + * sudoers.cat, sudoers.man.in, sudoers.pod: Remove warning about + wildcards. Now that we use glob() the bug is fixed. + +2004-10-07 14:52 millert + + * parse.c: Use glob(3) instead of fnmatch(3) for matching pathnames + and stat each result that matches the basename of the user's + command. This makes "cd /usr/bin ; sudo ./blah" work when + sudoers allows /usr/bin/blah. Fixes bug #143. + +2004-10-07 14:27 millert + + * configure, configure.in, config.h.in: Define HAVE_EXTENDED_GLOB + for extended glob (GLOB_TILDE and GLOB_BRACE) + +2004-10-07 12:59 millert + + * config.h.in, configure, configure.in: Check for a glob() that + supports GLOB_BRACE and GLOB_TILDE + +2004-10-07 12:51 millert + + * LICENSE: reference glob + +2004-10-07 12:50 millert + + * glob.c, emul/glob.h: 4.4BSD glob(3) with fixes from OpenBSD and + some unneeded extensions removed. + +2004-10-05 17:26 millert + + * mon_systrace.c: Just return if STRIOCINJECT or STRIOCREPLACE + fail. It probably means we are out of space in the stack gap... + +2004-10-05 17:20 millert + + * CHANGES: sync + +2004-10-05 16:53 millert + + * mon_systrace.c: Take a stab at ldap sudoers support here. + +2004-10-05 15:13 millert + + * mon_systrace.c, mon_systrace.h: Detach from tracee on SIGHUP, + SIGINT and SIGTERM. Now "sudo reboot" doesn't cause reboot to + inadvertanly kill itself. + +2004-10-05 14:21 millert + + * mon_systrace.c: put "monitor" in the proctitle, not "systrace" + +2004-10-05 14:15 millert + + * mon_systrace.c: When modifying the environment, don't replace + envp when we can get away with just rewriting pointers in the + traced process. + +2004-10-05 13:46 millert + + * mon_systrace.c, mon_systrace.h: Add environment updating via + STRIOCINJECT (if available). + +2004-10-05 10:22 millert + + * sudoers.cat, sudoers.man.in: regen + +2004-10-04 16:15 millert + + * lex.yy.c: regen + +2004-10-04 16:15 millert + + * parse.lex: Fix bug introduced in unput() removal; want yyless(0) + not yyless(1) + +2004-10-04 12:09 millert + + * mon_systrace.c: Include file is now mon_systrace.h + +2004-10-04 12:07 millert + + * Makefile.in, configure, configure.in, def_data.c, def_data.h, + def_data.in, lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc, + sudo.c, sudo.h, sudo.tab.h, sudoers.pod: No longer call it + tracing, it is now "monitoring" which should be more a obvious + name to non-hackers. + +2004-10-01 15:06 millert + + * mon_systrace.c, mon_systrace.h: Fix some XXX + +2004-10-01 14:30 millert + + * mon_systrace.c, mon_systrace.h: No need to include syscall.h, use + 1024 as the max # of entries (the max that systrace(4) allows). + + Only need to use SYSTR_POLICY_ASSIGN once + + Change check_syscall() -> find_handler() and have it return the + handler instead of just running it. We need this since handler + now have two parts: one part that generates and answer and + another that gets called after the answer is accepted (to do + logging). + + Add some missing check_exec for emul execv + +2004-10-01 10:58 millert + + * sample.pam, sample.sudoers, sample.syslog.conf, sudoers: Add + $Sudo: ChangeLog,v 1.16 2008/11/10 20:20:10 millert Exp $ tags. + +2004-10-01 10:47 millert + + * config.h.in: Add missing HAVE_LINUX_SYSTRACE_H + +2004-09-30 20:46 millert + + * Makefile.in: add trace_systrace.o dependency + +2004-09-30 19:00 millert + + * configure, configure.in: Also look for systrace.h in + /usr/include/linux + +2004-09-30 18:27 millert + + * mon_systrace.c, mon_systrace.h: Move all struct defs and + prototypes into trace_systrace.h and mark all but + systace_attach() static. + +2004-09-30 18:14 millert + + * mon_systrace.c, mon_systrace.h: Add support for tracing + emulations. At the moment, all emulations are compiled in. It + might make sense to #ifdef them in the future, though this + impeeds readability. + +2004-09-30 17:07 millert + + * Makefile.in, configure.in, configure: rename systrace.c -> + trace_systrace.c + +2004-09-30 15:58 millert + + * parse.yacc: Allow this to build with a K&R compiler again + +2004-09-30 13:58 millert + + * TODO: sync + +2004-09-30 13:55 millert + + * sudo.c, compat.h, visudo.c: Use __attribute__((__noreturn__)) + +2004-09-30 13:44 millert + + * visudo.c: Exit() takes a negative value to indicate it was not + called via signal. + +2004-09-30 13:25 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in: regen + +2004-09-30 13:22 millert + + * Makefile.in, visudo.c: Define Err() and Errx() that are like + err() and errx() but call Exit() instead of exit(). Build + private copy of alloc.o for visudo that calls Err() and Errx(). + +2004-09-29 15:22 millert + + * lex.yy.c: regen + +2004-09-29 15:22 millert + + * CHANGES: sync + +2004-09-29 14:41 millert + + * visudo.c: Overhaul visudo for editing multiple files: o visudo + has been broken out into functions (more work needed here) o + each file is now edited before sudoers is re-parsed o if a + #include line is added that file will be edited too + + TODO: o cleanup temp files when exiting via err() or errx() o + continue breaking things out into separate functions + +2004-09-29 14:36 millert + + * parse.lex, sudo.c, sudo.h, testsudoers.c, visudo.c: Add keepopen + arg to open_sudoers that open_sudoers can use to indicate to the + caller that the fd should not be closed when it is done with it. + To be used by visudo to keep locked fds from being closed + prematurely (and thus losing the lock). + +2004-09-29 14:33 millert + + * parse.yacc, sudo.c: Add errorfile global that contains the name + of the file that caused the error. + +2004-09-29 14:30 millert + + * parse.lex: return COMMENT to yacc grammar for a #include line + +2004-09-29 14:29 millert + + * parse.lex: Remove us of unput() in favor of yyless() which is + cheaper. + +2004-09-29 14:28 millert + + * parse.yacc: Allow an empty sudoers file. + +2004-09-28 16:50 millert + + * mon_systrace.c: Rewind sudoers_fp now that sudoers_lookup() + doesn't do it for us. + +2004-09-28 14:37 millert + + * lex.yy.c: regen + +2004-09-28 14:36 millert + + * visudo.c: Do signal setup before calling edit_sudoers(). Don't + shadow the "quiet" global. + +2004-09-28 14:33 millert + + * visudo.c: If a sudoers file includes other files, edit those too. + Does not yes deal with creating the new includes files itself. + +2004-09-28 14:31 millert + + * testsudoers.c: init_parser now takes a path + +2004-09-28 14:31 millert + + * parse.c, parse.h, parse.lex, parse.yacc: More scaffolding for + dealing with multiple sudoers files: o init_parser() now takes a + path used to populate the sudoers global o the sudoers global is + used to print the correct file in yyerror() o when switching to + a new sudoers file, perserve old file name and line number + +2004-09-28 14:29 millert + + * Makefile.in, pathnames.h.in: Kill _PATH_SUDOERS_TMP; it is not + meaningful now that we can have multiple sudoers files. + +2004-09-28 13:52 millert + + * parse.c, sudo.c: Rewind sudoers_fp in open_sudoers() instead of + sudoers_lookup() so we start at the right file position when + reading include files. + +2004-09-27 21:04 millert + + * sudoers.pod: document #include + +2004-09-27 20:47 millert + + * lex.yy.c: regen + +2004-09-27 20:47 millert + + * parse.lex: Add max depth of 128 for the include stack to avoid + loops. + + Since yyerror() doesn't stop parsing, pass return values back to + yylex and call yyterminate() on error. + +2004-09-27 14:06 millert + + * sudoers.pod: document tracing + +2004-09-27 14:05 millert + + * sudo.pod: Mention PREVENTING SHELL ESCAPES section of sudoers man + page + +2004-09-27 12:08 millert + + * lex.yy.c: regen + +2004-09-27 12:03 millert + + * parse.lex: Add support for #include in sudoers (visudo support + TBD) + +2004-09-27 12:02 millert + + * parse.yacc: make yyerror()'s argument const + +2004-09-27 12:02 millert + + * testsudoers.c, visudo.c: Add open_sudoers() stubs. + +2004-09-27 12:01 millert + + * sudo.c, sudo.h: Rename check_sudoers() open_sudoers() and make it + return a FILE * + +2004-09-26 12:35 millert + + * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in, + version.h: Crank version + +2004-09-26 12:33 millert + + * Makefile.in, sudo.psf: Better HP-UX depot construction + +2004-09-25 17:08 millert + + * mon_systrace.c: o Made children global so check_exec() can lookup + a child. o Replaced uid in struct childinfo with struct passwd * + (for runas) o new_child() now takes a parent pid so the runas + info can be inherited o Added find_child() to lookup a child by + its pid o update_child() now fills in a struct passwd o Converted + the big if/else mess in set_policy to a switch o Syscalls that + change uid are now "ask" so we get SYSTR_MSG_UGID events + +2004-09-25 17:01 millert + + * getspwuid.c: Add flag to sudo_pwdup that indicates whether or not + to lookup the shadow password. Will be used to a struct passwd + that has the shadow password already filled in. + +2004-09-25 16:58 millert + + * mon_systrace.c: add missing increment of addr in read_string() + +2004-09-25 16:15 millert + + * mon_systrace.c: Remove bogus call to update_child() and some + cosmetic fixes + +2004-09-25 16:11 millert + + * mon_systrace.c: Don't leak /dev/systrace fd to tracee Make + initialized global for simplicity If STRIOCATTACH returns EBUSY + we are already being traced Check for user_args == NULL in + setproctitle() call Add missing calls to STRIOCANSWER + +2004-09-25 13:15 millert + + * sudo.c: g/c sudo_pwdup proto + +2004-09-24 20:21 millert + + * Makefile.in, sudo.psf: Add target for building a depot file + +2004-09-24 20:07 millert + + * mon_systrace.c: trim includes + +2004-09-24 14:11 millert + + * lex.yy.c, sudo.tab.h: regen + +2004-09-24 14:10 millert + + * INSTALL: document --with-systrace + +2004-09-24 14:10 millert + + * config.h.in, configure, configure.in: Add check for setproctitle + +2004-09-24 14:09 millert + + * mon_systrace.c: pass struct str_msg_ask in to syscall checker so + it can set the error code + +2004-09-24 13:30 millert + + * mon_systrace.c: systrace(4) support for sudo. On systems with + the systrace(4) kernel facility (OpenBSD, NetBSD, Linux w/ + patches) sudo can intercept exec calls and check the exec args + against the sudoers file. In other words, sudo can now control + subcommands and shell escapes. + +2004-09-24 13:17 millert + + * sudo.c, sudo.h: Call systrace_attach() if FLAG_TRACE is set. + +2004-09-24 13:15 millert + + * parse.c, parse.h, parse.lex, parse.yacc, sudo.h: Add trace + Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE + +2004-09-24 13:13 millert + + * parse.c, sudo.c: Don't close sudoers_fp, keep it open and set + close on exec flag instead. + +2004-09-24 13:11 millert + + * def_data.c, def_data.h, def_data.in: Add trace option + +2004-09-23 20:24 millert + + * Makefile.in: Add systrace + +2004-09-23 20:23 millert + + * INSTALL: SunOS /bin/sh blows up with configure + +2004-09-23 20:23 millert + + * configure, configure.in: Include sys/param.h before systrace.h + +2004-09-23 20:15 millert + + * configure: regen + +2004-09-23 20:15 millert + + * pathnames.h.in: _PATH_DEV_SYSTRACE + +2004-09-23 20:14 millert + + * configure.in: line up options in --help + +2004-09-23 20:11 millert + + * config.h.in, configure.in: Add --with-systrace + +2004-09-23 13:35 millert + + * configure: regen + +2004-09-23 13:35 millert + + * aclocal.m4, configure.in: make this work with autoconf-2.59 + +2004-09-16 12:58 millert + + * sudo_edit.c: Simplify logic around open & stat of files and do + sanity on edited file even if we lack fstat (still racable but + worth doing). + +2004-09-15 18:47 millert + + * HISTORY: Add support url + +2004-09-15 16:11 millert + + * Makefile.in: versino 1.6.8p1 + +2004-09-15 15:20 millert + + * CHANGES: more changes for 1.6.8p1 + +2004-09-15 15:18 millert + + * version.h: 1.6.8p1 + +2004-09-15 12:16 millert + + * CHANGES, sudo_edit.c: Add sanity check so we don't try to edit + something other than a regular file. + +2004-09-14 20:55 aaron + + * CHANGES: sync + +2004-09-14 20:21 aaron + + * INSTALL: document --with-ldap-conf-file + +2004-09-14 17:43 millert + + * CHANGES, ins_csops.h: political correctness strikes again + +2004-09-14 15:09 millert + + * RUNSON: sync + +2004-09-12 19:50 millert + + * Makefile.binary.in, Makefile.in: Install sudoedit man link + +2004-09-12 14:25 millert + + * INSTALL: Update PAM note and mention where HP-UX users can + download gcc binaries. + +2004-09-12 12:08 millert + + * Makefile.in: libtool wants to install stuff from .libs so fake + one up for binary installations. + +2004-09-12 11:53 millert + + * Makefile.binary.in: rm -f old sudoedit link instead of using ln + -f set LIBTOOL correctly + +2004-09-12 11:53 millert + + * Makefile.in: Deal with "uname -m" having slashes in it rm -f old + sudoedit link instead of using ln -f + +2004-09-12 10:22 millert + + * Makefile.binary, Makefile.binary.in: Makefile.binary -> + Makefile.binary.in for config.status substitution Add support for + installing noexec bits + +2004-09-12 10:21 millert + + * Makefile.in: Copy noexec bits into binary dists too No longer use + my old arch script for making binary dists + +2004-09-12 09:36 millert + + * Makefile.binary: Install sudoedit link. + +2004-09-11 12:25 millert + + * emul/utime.h: avoid __P so there is no need for compat.h to be + included + +2004-09-11 12:24 millert + + * utimes.c: Don't use HAVE_UTIME_H before including config.h. + +2004-09-10 12:31 millert + + * compat.h: Fix Solatis futimes macro + +2004-09-09 11:02 millert + + * sudo_edit.c: Rename ots -> omtim for improved readability. + +2004-09-08 14:38 millert + + * sudo_edit.c: Redo changes in revision 1.7. Don't really need to + keep the temp file open; re-opening it with the invoking user's + euid is sufficient. + +2004-09-08 14:36 millert + + * CHANGES: sync + +2004-09-08 14:35 millert + + * sudo.cat, sudo.man.in: regen + +2004-09-08 14:34 millert + + * sudo.pod: back out revision 1.70; it is no long applicable + +2004-09-08 11:57 millert + + * env.c: Let the loader initialize nep + +2004-09-08 11:49 millert + + * configure, configure.in, config.h.in: Removed unneed check for + fchown Add check for gettimeofday Move autoheader template stuff + into separate AH_TEMPLATE lines + +2004-09-08 11:48 millert + + * check.c, compat.h, fileops.c, sudo.h, sudo_edit.c, visudo.c: Use + timespec throughout. + +2004-09-08 11:47 millert + + * Makefile.in: gettime.[co] + +2004-09-08 11:47 millert + + * gettime.c: function to return the current time in a struct + timespec + +2004-09-08 10:51 millert + + * utimes.c: Not a darpa-sponsored file. + +2004-09-07 16:36 millert + + * compat.h, config.h.in, configure, configure.in: Add a check for + struct timespec and provide it for those without. + +2004-09-07 15:56 millert + + * config.h.in, configure, configure.in, sudo_edit.c: Add checks for + st_mtim and st_mtimespec and add macros for pulling the mtime sec + and nsec out of struct stat. These are used in sudo_edit() to + better tell whether or not the file has changed. + +2004-09-07 15:55 millert + + * check.c, fileops.c, sudo.h, sudo_edit.c, visudo.c: Add an extra + param to touch() for nsec + +2004-09-07 14:06 millert + + * sudo_edit.c: Call mkstemp() as the in invoking user so we don't + have to chown the file later. Only touch() the temp file if we + can do it via the file descriptor. Don't check for modification + of the temp file if we lack fstat(). Catch errors read()ing the + temp file. + +2004-09-07 14:04 millert + + * fileops.c: If path is NULL and fd == -1 return -1. + +2004-09-07 13:31 millert + + * sudo_edit.c: closefrom() is overkill, the only extra fds are the + ones we opened so just close those in the child. + +2004-09-07 13:14 millert + + * Makefile.in, aclocal.m4, check.c, compat.h, config.h.in, + configure, configure.in, fileops.c, sudo.h, sudo_edit.c, utime.c, + utimes.c, visudo.c: Use utimes() and futimes() instead of utime() + in touch(), emulating as needed. Not all systems are able to + support setting the times of an fd so touch() takes both an fd + and a file name as arguments. + +2004-09-06 21:12 aaron + + * env.c: Rare SEGV + +2004-09-06 16:46 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in: regen + +2004-09-06 16:45 millert + + * sudo.pod, sudoers.pod, visudo.pod: Add SUPPORT section and + re-order some of the sections to match the order we use in + OpenBSD. + +2004-09-06 15:05 aaron + + * env.c: Openldap ~/.ldaprc fix + +2004-09-06 12:18 millert + + * sudo.pod: Talk about how the editor must write its changes to the + original file and not just use rename(2). + +2004-09-06 12:12 millert + + * CHANGES: sync + +2004-09-06 12:11 millert + + * sudo_edit.c: Keep the temp file open instead of re-opening after + the editor has exited. + +2004-09-06 12:10 millert + + * sample.pam: Update for current redhat/fedora core. + +2004-09-02 21:56 aaron + + * README.LDAP: tls_ examples + +2004-09-02 00:03 aaron + + * ldap.c: config tls_* options + +2004-08-29 11:39 millert + + * configure, configure.in: No need for -lcrypt when using pam. + +2004-08-26 23:57 millert + + * configure: regen + +2004-08-26 23:44 aaron + + * configure.in, ldap.c, pathnames.h.in: Allow --with-ldap-conf-file + option to override LDAP_CONF + +2004-08-26 22:08 aaron + + * ldap.c: cleanup debug message + +2004-08-26 19:29 aaron + + * README.LDAP: more config info + +2004-08-24 14:01 millert + + * TODO, find_path.c, goodpath.c, parse.c, sudo.c, sudo.h, visudo.c: + Add cmnd_base to struct sudo_user and set it in init_vars(). Add + cmnd_stat to struct sudo_user and set it in sudo_goodpath(). No + longer use gross statics in command_matches(). Also rename some + variables for improved clarity. + +2004-08-21 14:33 millert + + * INSTALL: document HP's crippled compiler deficiency. + +2004-08-21 14:25 millert + + * INSTALL: Fix some thinkos in --with-editor and --with-env-editor + descriptions. Noticed by Norihiko Murase. + +2004-08-21 14:20 millert + + * configure, configure.in: --with-noexec takes an optional PATH + argument. + +2004-08-21 14:20 millert + + * INSTALL: document --with-noexec + +2004-08-17 16:21 millert + + * RUNSON, TODO: sync + +2004-08-17 15:11 millert + + * sudo_edit.c: Better warning message when sudoedit is unable to + write to the destination file. + +2004-08-17 14:53 millert + + * sudo.cat, sudo.man.in: regen + +2004-08-17 14:53 millert + + * sudo.pod: Don't italicize the string "sudoedit" + +2004-08-16 18:45 millert + + * HISTORY: Mention GratiSoft. + +2004-08-11 14:29 millert + + * parse.yacc: Reset used_runas to FALSE when re-intializing the + parser. + +2004-08-09 19:04 millert + + * config.guess: Correct OpenBSD mips support + +2004-08-09 17:28 millert + + * config.guess: Add OpenBSD/mips + +2004-08-06 23:43 aaron + + * README.LDAP: More behavior notes + +2004-08-06 23:36 aaron + + * README.LDAP: Updates on current behavior + +2004-08-06 19:56 millert + + * sudo.pod, sudoers.pod: =back does not take an indentlevel (makes + no difference to formatted files). + +2004-08-06 19:48 millert + + * CHANGES: new + +2004-08-06 19:42 millert + + * sudo.c: Consistency. Use same error for bad -u #uid when + targetpw is set as we do when a bad -u username is specified. + +2004-08-06 19:33 millert + + * TODO: Add checksum idea from Steve Mancini + +2004-08-06 19:32 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen + +2004-08-06 19:31 millert + + * sudo.pod, sudoers.pod: Document the restriction on uids specified + via -u when targetpw is set. + +2004-08-06 19:24 millert + + * sudo.c: Error out when targetpw is enabled and sudo is run with + -u #uid but #uid does not exist in the passwd database. We can't + do target authentication when the target is not in passwd! + +2004-08-05 21:16 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen + +2004-08-05 21:14 millert + + * TODO: Some more todo for the next release. + +2004-08-05 21:13 millert + + * INSTALL: Make it clear that PAM should be used for DCE support + when possible. + +2004-08-05 21:13 millert + + * sudoers.pod: o Document problems with wildcards and relative + paths. o Make the order requirements more prominent. o Change a + "set" to "reset" for clarity. + +2004-08-05 14:29 millert + + * sudo.pod: Mention --with-secure-path, not SECURE_PATH. + +2004-08-02 22:34 aaron + + * ldap.c: reflect changes to parse.c + +2004-08-02 14:44 millert + + * parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c: Don't pass + user_cmnd and user_args to command_matches(), just use the + globals there. Since we keep state with statics anyway it is + misleading to pretend that passing in different cmnd and + cmnd_args will work. + +2004-08-02 14:40 millert + + * parse.c: Fix a bug introduced in rev. 1.149. When checking for + pseudo-commands check for a '/' anywhere in cmnd, not just the + first character. + +2004-07-30 23:07 aaron + + * sudo.man.in, sudo.pod: Clarification thanks to Olivier Blin + <oblin@mandrakesoft.com> + +2004-07-30 22:41 aaron + + * sudoers.man.in, sudoers.pod: Add ignore_local_sudoers + +2004-07-30 22:06 aaron + + * README.LDAP: Sun One schema definition by + Andreas.Bussjaeger@t-systems.com and janth@moldung.no + +2004-07-29 11:57 millert + + * CHANGES: typo + +2004-07-23 16:44 millert + + * CHANGES: sync + +2004-07-23 16:43 millert + + * parse.c: Parse sudoers file as PERM_RUNAS not PERM_ROOT and + remove a useless PERM_SUDOERS. Restore to PERM_ROOT upon exit of + the parse. + +2004-07-08 10:20 millert + + * CHANGES: PAM change + +2004-07-07 21:04 aaron + + * ldap.c: Better debugging of ALL command + +2004-07-07 20:15 millert + + * parse.c: When matching for "sudoedit" in sudoers check both the + command the user typed *and* the command that is listed in the + sudoers entry. + +2004-07-04 19:59 aaron + + * ldap.c: Added !command feature + +2004-06-28 10:51 millert + + * auth/pam.c: Use pam_acct_mgmt() to check for disabled accounts; + Brian Farrell + +2004-06-10 23:11 millert + + * LICENSE: License is ISC-style, not BSD-style + +2004-06-10 20:58 millert + + * CHANGES: sync + +2004-06-10 16:54 millert + + * sudo.man.in, sudo.cat: regen + +2004-06-10 16:53 millert + + * sudo.pod: o Update some out of date bits to reality o Change the + shell promt in examples to bourne-shell style o Clarify some + details o Add a CAVEAT about "sudo cd /foo" + +2004-06-10 16:19 millert + + * check.c: Don't ask for a password if invoking user == target + user. + +2004-06-10 12:32 millert + + * sudo.c: typo in comment + +2004-06-08 19:20 millert + + * sudoers.man.in, sudoers.cat: regen + +2004-06-08 19:19 millert + + * sudoers.pod: Expand on NOEXEC a little. + +2004-06-08 16:20 millert + + * TODO: sync + +2004-06-08 15:58 millert + + * visudo.man.in, visudo.cat: regen + +2004-06-08 15:55 millert + + * CHANGES, parse.yacc, visudo.c, visudo.pod: Add a check in visudo + for runas_default being set after it has already been used. + +2004-06-08 13:53 millert + + * parse.yacc: Add a MATCHED macro for testing whether foo_matches + has been set to TRUE or FALSE. This is more readable than + checking for >=0 or < 0. Doesn't change the actual code + generated. + +2004-06-06 20:11 millert + + * sudoers.man.in, sudoers.cat: regen + +2004-06-06 20:07 millert + + * sudoers, sudoers.pod: Correct description of where Defaults specs + should go. + +2004-06-06 20:02 millert + + * find_path.c, ldap.c, logging.h, testsudoers.c, visudo.c, + auth/bsdauth.c, auth/kerb5.c, auth/pam.c: update (c) year + +2004-06-06 19:58 millert + + * check.c, compat.h, defaults.c, env.c, find_path.c, getcwd.c, + ldap.c, logging.h, parse.c, parse.yacc, sudo.c, testsudoers.c, + tgetpass.c, visudo.c, auth/bsdauth.c, auth/kerb5.c, auth/pam.c: + Remove trailing spaces, no actual code changes. + +2004-06-06 16:22 millert + + * parse.yacc: Fix a >=0 that should be <0 that was improperly + converted when UNSPEC was added. + +2004-06-06 15:54 millert + + * parse.yacc: Add do {} while(0) around pop macro Set cmnd_matches + to UNSPEC, not NOMATCH when resetting it. + +2004-06-06 15:39 millert + + * parse.yacc: Fix pastos introduced in SETNMATCH addition. + +2004-06-05 13:55 millert + + * README.LDAP: Update for configure changes + +2004-06-05 13:42 millert + + * parse.yacc, sudo.h: Add NOMATCH and UNSPEC defines (-1 and -2 + respectively) and use these in parse.yacc. Also in parse.yacc + initialize the *_matches vars to UNSPEC and add two macros, + SETMATCH and SETNMATCH for use when setting *_matches to a value + that may be NOMATCH/UNSPEC/TRUE/FALSE. + +2004-06-05 11:17 millert + + * parse.yacc: Initialize runas to -2, not -1 since we need to be + able to distinguish between the initialized value and the value + of a non-match when passing along the runas value to multiple + commands. + + The result of this is that an unmatched runas is now set to -1, + not 0. This is required now that parse.c treats a FALSE value + for runas as being explicitly denied. + +2004-06-03 16:21 millert + + * getprogname.c, sudo.c, visudo.c: Error out if argc < 1. + +2004-06-03 12:37 millert + + * configure, configure.in: Add tests for what libs we need to link + with for ldap and for whether or not lber.h needs to be + explicitly included. + +2004-06-02 20:30 aaron + + * ldap.c: Solaris native LDAP build fix + +2004-06-01 16:56 millert + + * ldap.c: Set edn to NULL is ldap_get_dn() fails to avoid potential + use of an unset variable. + +2004-06-01 16:56 millert + + * sudo.h: Add prototype for sudo_ldap_list_matches + +2004-06-01 16:53 millert + + * compat.h, config.h.in, configure, configure.in: Better check for + dirfd macro--we now set HAVE_DIRFD for the macro version too. + Added check for dd_fd in `DIR' if no dirfd is found; this is now + used to confitionally define the dirfd macro in compat.h. + +2004-06-01 16:51 millert + + * closefrom.c: Only check /proc/$$/fd if we have the dirfd + function/macro. + +2004-06-01 15:13 millert + + * compat.h, config.h.in, configure, configure.in: Add a check for a + dirfd() function (like Linux) and add a dirfd macro in compat.h + if there is no dirfd() function or macro. + +2004-06-01 14:59 millert + + * closefrom.c, getcwd.c: dirfd() is now defined in compat.h as + needed. + +2004-06-01 14:30 millert + + * CHANGES: Clarify closefrom() note. + +2004-06-01 12:51 millert + + * parse.c: When checking for a command in the directory, only copy + the base dir once. + +2004-06-01 12:44 millert + + * closefrom.c: If there is a /proc/$$/fd directory, behave like the + Solaris closefrom() and only close the descriptors listed + therein. + +2004-06-01 12:23 millert + + * alloc.c: compat.h guarantees INT_MAX is defined. + +2004-06-01 12:23 millert + + * compat.h: Add definitions of OPEN_MAX and INT_MAX for those + without it and remove definition of RLIM_INFINITY (now unused). + +2004-05-31 21:22 millert + + * CHANGES, alloc.c, check.c, compat.h, find_path.c, getcwd.c, + parse.c, sudo.c, sudo.h, visudo.c: Use PATH_MAX, not MAXPATHLEN + since the former is standardized. + +2004-05-31 19:18 millert + + * CHANGES: sync + +2004-05-31 19:10 millert + + * RUNSON: Add some entries that were mailed in a while ago + +2004-05-31 14:16 millert + + * closefrom.c: o sysconf returns a long, not an int. o check for + negative return value from sysconf/getdtablesize and use + OPEN_MAX in this case. o define OPEN_MAX to 256 for those + without it (a fair guess...) + +2004-05-30 12:25 millert + + * UPGRADE: Mention change in parse order for RunAs entries. + +2004-05-30 12:15 millert + + * configure: regen + +2004-05-29 18:29 millert + + * config.h.in, configure.in, INSTALL, README.LDAP: o --with-ldap + now takes an optional dir as a parameter + o added check for ldap_initialize() and start_tls_s() + +2004-05-29 14:54 millert + + * README.LDAP: Fix some typos, word choice and formatting issues. + +2004-05-28 18:06 millert + + * tgetpass.c: Use SA_INTERRUPT so SunOS works correctly, avoid + stdio and just use read/write as it is simpler. + +2004-05-28 16:27 millert + + * configure, configure.in: Remove hack overriding cross-compiler + check. It should no longer be needed. + +2004-05-28 16:26 millert + + * compat.h: Remove select() compat bits since we no longer use + select(). + +2004-05-28 16:24 millert + + * CHANGES, tgetpass.c: Use alarm() instead of select() for the + timeout for systems that don't fully/properly implement select(). + +2004-05-27 19:14 millert + + * CHANGES: synbc + +2004-05-27 19:12 millert + + * RUNSON: update + +2004-05-27 19:12 millert + + * set_perms.c: Deal with systems that have no way of setting the + effective uid such as nsr-tandem-nsk. + +2004-05-27 19:01 millert + + * configure, configure.in: Define NO_SAVED_IDS if we don't find + seteuid() + +2004-05-27 18:21 millert + + * config.h.in, configure, configure.in: Add back check for + setreuid() since NSK doesn't have it. + +2004-05-27 15:57 millert + + * sudoers.cat, sudoers.man.in: regen + +2004-05-27 15:56 millert + + * BUGS, CHANGES: sync + +2004-05-27 15:55 millert + + * parse.c: In sudoers_lookup() return VALIDATE_NOT_OK if the runas + user was explicitly denied and the command matched. This fixes a + long-standing bug and makes: foo machine = (ALL) + /usr/bin/blah foo machine = (!bar) /usr/bin/blah + + equivalent to: foo machine = (ALL, !bar) /usr/bin/blah + +2004-05-27 15:52 millert + + * sudoers.pod: Clarify mail_noperm + +2004-05-19 21:25 aaron + + * Makefile.in: Missing DESTDIR in make install for sudo_noexec.la + +2004-05-17 18:32 millert + + * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat, + sudoers.cat, visudo.cat: regen + +2004-05-17 18:31 millert + + * TODO: sync + +2004-05-17 18:31 millert + + * sample.sudoers, sudoers.pod: Remove fastboot/fasthalt (who still + remembers these?) and add a minimal sudoedit example. + +2004-05-17 18:21 millert + + * CHANGES, INSTALL, TROUBLESHOOTING, UPGRADE, sudo.c, visudo.c: + filesystem -> file system + +2004-05-17 18:19 millert + + * sudo.pod, sudoers.pod: Fix some minor typos and formatting goofs + +2004-05-17 18:10 millert + + * lex.yy.c: regen + +2004-05-17 17:57 millert + + * visudo.pod: remove my email addr + +2004-05-17 17:55 millert + + * sudo.pod, sudoers.pod, visudo.pod: Use @mansectform@ and + @mansectsu@ everywhere Make man page references links with L<> + +2004-05-17 16:51 millert + + * parse.lex: Accept quoted globbing characters and pass them + verbatim for fnmatch() + +2004-05-17 16:50 millert + + * UPGRADE: Document that /tmp/.odus is gone. + +2004-05-17 16:28 millert + + * CHANGES, aclocal.m4, configure, pathnames.h.in: No longer use + /tmp/.odus as a possible timestamp dir unless specifically + configured to do so. Instead, if no /var/run exists, use + /var/adm/sudo or /usr/adm/sudo. + +2004-05-17 16:08 millert + + * check.c, compat.h, logging.c, set_perms.c, sudo.c, tgetpass.c, + visudo.c: Preliminary changes to support nsr-tandem-nsk. Based + on patches from Tom Bates. + +2004-05-16 18:47 millert + + * CHANGES: There was no 1.6.7p6. + +2004-05-16 16:38 millert + + * BUGS, CHANGES: sync + +2004-05-16 16:36 millert + + * Makefile.in: add missing files to DISTFILES + +2004-05-16 16:23 millert + + * sudoers.man.in, sudo.cat, sudoers.cat, visudo.cat: regen + +2004-05-16 16:20 millert + + * Makefile.in: Fix some line wrap and update (c) year + +2004-04-28 15:05 aaron + + * README.LDAP: Build Note + +2004-04-06 22:03 aaron + + * Makefile.in: Fix install-dirs + +2004-04-04 20:27 millert + + * visudo.c: In Exit() when used as a signal handler, emsg is a + pointer so sizeof() is wrong so make it a #define instead. Also + avoid using a negative exit value. Found by Aaron Campbell + +2004-03-24 18:23 millert + + * sudoers.pod: Remove bogus sentence about uids in a User_List. + Document usernames vs. uid parsing in a Runas_List. + +2004-03-24 18:06 millert + + * parse.c, parse.h, parse.yacc, sudo.c, testsudoers.c, visudo.c: If + the user specified a uid with the -u flag and the uid exists in + the passwd file, set runas_user to the name, not the uid. + + When comparing usernames in sudoers, if a name is really a uid + (starts with '#') compare it numerically to pw_uid. + +2004-03-22 13:35 millert + + * auth/kerb5.c: krb5_mcc_ops should be const; Johnny C. Lam + +2004-02-28 18:54 aaron + + * CHANGES, config.h.in, ldap.c: Added start_tls support + +2004-02-14 18:04 millert + + * Makefile.in: Clean up libtool stuff for 'make distclean' and add + def_data.c, def_data.h to PARSESRCS. + +2004-02-14 10:13 aaron + + * strlcat.c, strlcpy.c: Un-Fix last license munge + +2004-02-13 16:37 millert + + * CHANGES, RUNSON, TODO: checkpoint + +2004-02-13 16:37 millert + + * lex.yy.c, configure: regen + +2004-02-13 16:36 millert + + * LICENSE, Makefile.binary, Makefile.in, alloc.c, check.c, + closefrom.c, compat.h, defaults.c, defaults.h, env.c, fileops.c, + find_path.c, getprogname.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + interfaces.h, ldap.c, logging.c, logging.h, parse.c, parse.h, + parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c, + strerror.c, strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.man.in, + sudo.pod, sudo_edit.c, sudo_noexec.c, sudoers.man.in, + sudoers.pod, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c, visudo.man.in, visudo.pod, zero_bytes.c, auth/afs.c, + auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c, + auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c, + auth/rfc1938.c, auth/secureware.c, auth/securid.c, + auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h, + emul/search.h, emul/utime.h: More to a less restrictive, + ISC-style license. + +2004-02-12 21:08 aaron + + * CHANGES, Makefile.in, README.LDAP, config.h.in, configure.in, + def_data.c, def_data.h, def_data.in, ldap.c, sudo.c, sudo.h, + sudoers2ldif: Merged in LDAP Support + +2004-02-08 15:53 millert + + * sudo.h, sudo_noexec.c: Only do "extern int errno" if errno is not + a macro. + +2004-02-06 18:08 millert + + * set_perms.c: setreuid(0, 0) fails on QNX if the euid is not + already 0 so set the euid first, then just call setuid(0) to set + the real uid too. + +2004-02-06 14:52 millert + + * set_perms.c: Use setresuid() and setreuid() for PERM_RUNAS when + appropriate instead of seteuid() which may not exist. + +2004-02-04 14:58 millert + + * LICENSE: 2004 + +2004-02-03 23:38 millert + + * INSTALL, config.h.in, configure, configure.in, ins_classic.h: Add + --with-pc-insults configure option + +2004-02-03 23:32 millert + + * visudo.man.in: Prefer VISUAL over EDITOR like old vipw did. + +2004-02-01 15:45 millert + + * sudo.man.in, sudoers.man.in: regen + +2004-02-01 15:44 millert + + * sudoers.pod: Add a note that noexec is not a cure-all. + +2004-02-01 15:20 millert + + * sudoers.pod: Mention that disabling "root_sudo" is pretty + pointless. + +2004-02-01 15:20 millert + + * configure, configure.in: Substitute for root_sudo in sudoers.pod + +2004-02-01 15:03 millert + + * sudo.pod: Add sudoedit to the NAME section + +2004-02-01 15:00 millert + + * sudoers.pod: Document that fact that setting ignore_dot in + sudoers has no effect due to the fact that find_path() is called + *before* sudoers is read. + +2004-01-29 19:50 millert + + * sudo_edit.c: Do not require _PATH_USRTMP to be set. + +2004-01-29 19:42 millert + + * BUGS, CHANGES, TODO: sync + +2004-01-29 19:42 millert + + * sudo.man.in: regen + +2004-01-29 19:41 millert + + * sudo.pod: Clarify that when sudo is run by root with the + SUDO_USER variable set, the sudoers lookup happens for root and + not the SUDO_USER user. + +2004-01-29 17:33 millert + + * defaults.c, env.c, fnmatch.c, interfaces.c, logging.c, parse.c, + set_perms.c, sigaction.c, sudo.c, tgetpass.c, auth/pam.c, + auth/sudo_auth.c: Use the SET, CLR and ISSET macros. + +2004-01-29 16:22 millert + + * interfaces.h: MAIN was replaced with _SUDO_MAIN some time ago. + +2004-01-29 16:15 millert + + * sudo.c: Don't look at prev_user until after we've parsed sudoers + and done the password check. That way, if sudo/sudoedit is run + from a root process that was invoked by sudo, we check sudoers + for root, not the previous user. This makes sudoedit much more + useful and means that for the sudo case, we get correct logging + on who actually ran the command. + +2004-01-22 19:22 millert + + * sudo_edit.c: Add a comment describing why we need to be notified + about our child stopping. + +2004-01-22 16:06 millert + + * def_data.c, def_data.in: Update the noexec variable descriptions + +2004-01-22 14:18 millert + + * sudoers.man.in, sudoers.pod: noexec now replaces more than just + execve() + +2004-01-22 12:14 millert + + * sudo_noexec.c: Alas, all the world does not go through execve(2). + Many systems still have an execv(2) system call, Linux 2.6 + provides fexecve(2) and it is not uncommon for libc to have + underscore ('_') versions of the functions to be used internally + by the library. Instead of stubbing all these out by hand, + define a macro and let it do the work. Extra exec functions + pointed out by Reznic Valery. + +2004-01-21 21:57 millert + + * sudo.c, sudo_edit.c: Fix suspending the editor in -e mode. + Because we do a fork() first we need to be notified when the + child has been stopped and then send that same signal to ourself + so the shell can do its job control thing. + +2004-01-21 21:44 millert + + * visudo.c: Use WIFEXITED and WEXITSTATUS macros. If there are + systems out there that want to run sudo that still don't support + these we can try to deal with that later. + +2004-01-21 20:03 millert + + * lex.yy.c: regen + +2004-01-21 20:00 millert + + * sudo.man.in, sudo.pod, sudoers.man.in, sudoers.pod: Document sudo + -e / sudoedit + +2004-01-21 19:08 millert + + * configure, configure.in: fix typo + +2004-01-21 19:02 millert + + * config.h.in, configure.in: Add SET/CLR/ISSET + +2004-01-21 18:55 millert + + * sudo.c: Allow non-exclusive flags when invoked as sudoedit. + Pretty print the long usage() line to not wrap (assumes 80 char + display) + +2004-01-21 18:01 millert + + * Makefile.in, sudo.c: If sudo is invoked as "sudoedit" the -e flag + is implied and no other flags are permitted. + +2004-01-21 18:00 millert + + * sudo.h: Add a new flag, -e, that makes it possible to give users + the ability to edit files with the editor of their choice as the + invoking user, not the runas user. Temporary files are used for + the actual edit and the temp file is copied over the original + after the editor is done. + +2004-01-21 17:25 millert + + * Makefile.in, parse.c, parse.lex, sudo.c, sudo_edit.c: Add a new + flag, -e, that makes it possible to give users the ability to + edit files with the editor of their choice as the invoking user, + not the runas user. Temporary files are used for the actual edit + and the temp file is copied over the original after the editor is + done. + +2004-01-21 17:06 millert + + * sudo.c, env.c: If real uid == 0 and the SUDO_USER environment + variables is set, use that to determine the invoking user's true + identity. That way the proper info gets logged by someone who + has done "sudo su" but still uses sudo to as root. We can't do + this for non-root users since that would open up a security hole, + though perhaps it would be acceptable to use getlogin(2) on OSes + where this a system call (and doesn't just look in the utmp + file). + +2004-01-21 16:58 millert + + * pathnames.h.in: Add _PATH_TMP, _PATH_VARTMP and _PATH_USRTMP + +2004-01-21 16:57 millert + + * configure, config.h.in, configure.in: Add check for fchown(2) + +2004-01-20 14:22 millert + + * sudo.c: Back out portions of the -i commit that set NewArgv[0] in + set_runaspw. It is far to late to set NewArgv[0] there and will + have no effect anyway as cmnd and safe_cmnd have already been + set. + +2004-01-20 14:18 millert + + * visudo.c, visudo.pod: Prefer VISUAL over EDITOR like old vipw + did. + +2004-01-18 20:17 millert + + * env.c, sudo.c: In -i mode always set new environment based on the + runas user's passwd entry. + +2004-01-18 17:56 millert + + * sudo.man.in, sudo.pod: Document the new -i flag and sync SYNOPSIS + section with usage() in sudo.c. Also sort the flags in the + OPTIONS section. + +2004-01-18 17:55 millert + + * sudo.c, sudo.h: o Add -i that acts similar to "su -", based on + patches from David J. MacKenzie o Sort the flags in the usage + message + +2004-01-18 17:22 millert + + * sudoers.man.in, sudoers.pod: Add a missing @runas_default@ + substitution. + +2004-01-17 16:34 millert + + * sudo.c: Change euid to runas user before calling find_path(). + Unfortunately, though runas_user can be modified in sudoers we + haven't parsed sudoers yet. + +2004-01-17 16:25 millert + + * sudoers.man.in, sudoers.pod: Add missing defintion of + Parameter_List and use single pipes in the Defaults EBNF + definition. + +2004-01-17 13:49 millert + + * sudo.c: Fix a bug when set_runaspw() is used as a callback. We + don't want to reset the contents of runas_pw if the user + specified a user via the -u flag. + + Avoid unnecessary passwd lookups in set_authpw(). In most cases + we already have the info in runas_pw. + +2004-01-16 18:16 millert + + * check.c: Add Stan Lee / Uncle Ben quote to the lecture from + RedHat + +2004-01-16 18:12 millert + + * sudo.h: Update sudo_getepw() proto and add one for set_runaspw() + +2004-01-16 18:10 millert + + * parse.c: If we can't stat the command as root, try as the runas + user instead. + +2004-01-16 18:09 millert + + * testsudoers.c, visudo.c: Add stub set_runaspw() function + +2004-01-16 18:09 millert + + * sudo.c: Add set_runaspw() function to fill in runas_pw. This + will be used as a callback to update runas_pw when the runas user + changes. + +2004-01-16 18:07 millert + + * env.c, sudo.c: PERM_RUNAS -> PERM_FULL_RUNAS + +2004-01-16 18:05 millert + + * set_perms.c, sudo.h: Rename PERM_RUNAS -> PERM_FULL_RUNAS and add + a PERM_RUNAS that just changes the euid. + +2004-01-16 18:04 millert + + * getspwuid.c: Make sudo_pwdup() act like OpenBSD pw_dup() and + allocate memory in one chunk for easy free()ing. Also change it + from static to extern. + +2004-01-16 18:03 millert + + * defaults.c, defaults.h: Add callback support + +2004-01-16 18:02 millert + + * def_data.c, def_data.in, mkdefaults: Add a callback field and use + it for runas_default + +2004-01-15 15:13 millert + + * auth/fwtk.c: Add support for chalnecho and display server + responses used by fwtk >= 2.0 + +2004-01-12 18:39 millert + + * sudoers.man.in, sudoers.pod: ld.so is ld.so.1 on solaris + +2004-01-12 14:03 millert + + * Makefile.in, config.h.in, configure, configure.in, sudo.c, + sudo.h: Use closefrom() instead of doing the equivalent inline. + +2004-01-12 13:55 millert + + * closefrom.c: closefrom(3) for systems w/o it + +2004-01-09 16:29 millert + + * sudoers.man.in: Update from .pod file. + +2004-01-09 16:26 millert + + * configure, configure.in: Substitute noexec_file for the sudoers + man page + +2004-01-09 16:24 millert + + * sudo.man.in, sudo.pod: Mention noexec + +2004-01-09 16:16 millert + + * sudoers.man.in, sudoers.pod: Document noexec + +2004-01-09 14:38 millert + + * config.h.in, configure.in, auth/pam.c: Move PAM_CONST macro + definition from config.h to pam.c where it belongs. We can't + have this in config.h since that gets included too early. + +2004-01-09 14:35 millert + + * config.h.in, configure, configure.in, auth/pam.c: Some PAM + implementations put their headers in /usr/include/pam instead of + /usr/include/security. + +2004-01-09 14:32 millert + + * configure.in: I missed changing the EXEC macro -> EXECV here when + I changed this in config.h.in and sudo.c a while ago. + +2004-01-09 13:15 millert + + * acsite.m4: OpenBSD vax/m88k/hppa don't do shared libs + +2004-01-09 03:29 millert + + * configure, configure.in: o merge the hpux case entries into a + single entry w/ its own sub-case statement. o HP-UX >= 11 + support getspnam(), use it in preference to getprpwuid() + +2004-01-09 02:58 millert + + * configure, configure.in: eval $shrext so that it expands nicely + on MacOS X + +2004-01-09 02:50 millert + + * Makefile.in: Don't lie about making a module, it does the wrong + thing on mach + +2004-01-09 02:49 millert + + * ltmain.sh: Remove requirement that libs must begin with "lib". + They don't when we point directly at the lib using LD_PRELOAD or + its equivalent. + +2004-01-09 02:01 millert + + * acsite.m4: Disable support for c++, f77 and java. We don't need + it, it takes a lot of time, and it hosed our check for shared lib + support. + +2004-01-09 02:00 millert + + * configure: regen + +2004-01-09 02:00 millert + + * configure.in: Call AC_ENABLE_SHARED and check the status of + enable_shared to know when shared libs are available. + +2004-01-09 01:37 millert + + * acsite.m4: Duh, OpenBSD suports shared libs too + +2004-01-09 01:18 millert + + * configure.in, config.h.in: Only OpenPAM and Linux PAM use const + qualifiers. + +2004-01-09 01:15 millert + + * configure, configure.in: o No need to check for sed, libtool + config does that for us o move check for --with-noexec until + after libtool magic is run so we can use $can_build_shared and + $shrext + +2004-01-09 01:14 millert + + * ltmain.sh: Don't print a bunch of crap about library installs + since we are not really installing a library. + +2004-01-09 00:38 millert + + * env.c: Make format_env() varargs Add noexec support for Darwin, + MacOS X, Irix, and Tru64 + +2004-01-09 00:32 millert + + * acsite.m4, ltconfig, ltmain.sh: Update to libtool 1.5 with local + changes: o no ldconfig in the finish step o assume no libprefix + or version is needed + +2004-01-09 00:15 millert + + * sudo_noexec.c: Fix compilation under K&R + +2004-01-06 09:31 millert + + * CHANGES: checkpoint + +2004-01-06 09:28 millert + + * sudo_noexec.c: stub execve() that just returns EACCES; used for + noexec functionality + +2004-01-06 01:42 millert + + * sudo.tab.h: Regen w/ updated byacc from OpenBSD; fixes a gcc 3.2 + issue with generated code. + +2004-01-05 16:10 millert + + * def_data.c, def_data.h, def_data.in: Move the environment + defaults to the end and shorten a few of the descriptions. + +2004-01-05 15:05 millert + + * configure.in, configure: no shared libs on ultris or convexos + +2004-01-05 15:03 millert + + * Makefile.in, configure, configure.in: Build sudo_noexec shared + object using libtool; could use some cleanup. + +2004-01-05 14:59 millert + + * acsite.m4, ltconfig, ltmain.sh: libtool scaffolding + +2004-01-05 14:56 millert + + * parse.yacc: Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so + that order is not important. + +2004-01-05 12:15 millert + + * defaults.c, env.c, parse.c, parse.h, parse.lex, parse.yacc, + pathnames.h.in, sudo.c, sudo.h, lex.yy.c: update copyright year + +2004-01-04 22:58 millert + + * configure, configure.in, defaults.c, env.c, pathnames.h.in: Add + _PATH_SUDO_NOEXEC and corresponding --with-noexec configure + option. The default value of noexec_file is set to this. + +2004-01-04 21:48 millert + + * def_data.c, def_data.h, def_data.in, env.c, lex.yy.c, parse.c, + parse.h, parse.lex, parse.yacc, sudo.c, sudo.h, sudo.tab.h: Add + support for preloading a shared object containing a dummy + execve() function that just sets error and returns -1. This adds + a "noexec_file" option to load the filename as well as a "noexec" + flag to enable it unconditionally. There is also a NOEXEC tag + that can be attached to specific commands and an EXEC tag to + disable it. + +2004-01-04 21:40 millert + + * mkdefaults: add missing newline to usage statement + +2004-01-04 20:39 millert + + * config.h.in, sudo.c: Rename EXEC macro -> EXECV + +2004-01-04 20:16 millert + + * logging.c: Don't truncate usernames to 8 characters in the log + message. + +2004-01-04 20:13 millert + + * check.c, sudoers.man.in, sudoers.pod: Update copyright year + +2004-01-04 20:12 millert + + * check.c, def_data.c, def_data.h, def_data.in, sudoers.man.in, + sudoers.pod: Add a new option, lecture_file, that can be used to + point to a custom sudo lecture. + +2003-12-31 17:46 millert + + * Makefile.in, sudo.h, zero_bytes.c, auth/aix_auth.c, + auth/bsdauth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Add a + zero_bytes() function to do the equivalent of bzero in such a way + that will heopfully not be optimized away by sneaky compilers. + +2003-12-31 13:35 millert + + * err.c: Use #ifdef __STDC__, not #if __STDC__. + +2003-12-30 17:41 millert + + * mkdefaults: Always put at least one space between the def_* macro + name and its definition. + +2003-12-30 17:34 millert + + * configure, configure.in: Adjust code for --without-lecture to + match new values. + +2003-12-30 17:33 millert + + * visudo.man.in: regen after pasto fix + +2003-12-30 17:31 millert + + * sudoers.man.in, sudoers.pod: Document that "lecture" has changed + from a flag to a tuple. + +2003-12-30 17:31 millert + + * check.c, def_data.c, def_data.h, def_data.in, defaults.c, + defaults.h, logging.c, mkdefaults, parse.c, sudo.c, sudo.h: Add + support for tuples in def_data.in; these are implemented as an + enum type. Currently there is only a single tuple enum but in + the future we may have one tuple enum per T_TUPLE entry in + def_data.in. Currently listpw, verifypw and lecture are tuples. + This avoids the need to have two entries (one ival, one str) for + pwflags and syslog values. + + lecture is now a tuple with the following values: never, once, + always + + We no longer use both an int and string entry for syslog + facilities and priorities. Instead, there are logfac2str() and + logpri2str() functions that get used when we need to print the + string values. + +2003-12-30 17:20 millert + + * check.c, def_data.h, defaults.c, defaults.h, env.c, find_path.c, + logging.c, mkdefaults, parse.c, parse.yacc, set_perms.c, sudo.c, + visudo.c, auth/aix_auth.c, auth/bsdauth.c, auth/fwtk.c, + auth/pam.c, auth/rfc1938.c, auth/securid5.c, auth/sia.c, + auth/sudo_auth.c: Create def_* macros for each defaults value so + we no longer need the def_{flag,ival,str,list,mode} macros (which + have been removed). This is a step toward more flexible data + types in def_data.in. + +2003-12-30 15:55 millert + + * TODO: checkpoint + +2003-12-22 21:18 millert + + * sudo.c: If we are in -k/-K mode, just spew to stderr. It is not + unusual for users to place "sudo -k" in a .logout file which can + cause sudo to be run during reboot after the YP/NIS/NIS+/LDAP/etc + daemon has died. Previously, this would result in useless mail + and logging. + +2003-12-16 13:51 millert + + * visudo.pod: fix pasto in VISUAL description + +2003-12-09 22:09 millert + + * configure: regen + +2003-12-09 22:08 millert + + * CHANGES: checkpoint + +2003-12-09 22:02 millert + + * TROUBLESHOOTING: Some OSes (like Solaris) allow export w/ nosuid + too + +2003-08-12 16:45 millert + + * compat.h: We don't use FD_ZERO anymore so just define FD_SET (if + not already there). + +2003-06-28 21:31 millert + + * auth/pam.c: Fix a core dump on Solaris by preserving the + pam_handle_t we used during authentication for pam_prep_user(). + If we didn't authenticate (ie: ticket still valid), we call + pam_init() from pam_prep_user(). This is something of a hack; it + may be better to change the auth API and add an auth_final() + function that acts like pam_prep_user(). + +2003-06-21 12:50 millert + + * set_perms.c: Add explicit declaration of printerr variable in + function header (was defaulting to int which is OK but oh so K&R + :-). From Theo. + +2003-06-09 19:00 millert + + * config.h.in, configure.in: s/HAVE_STOW/USE_STOW/ + +2003-06-09 16:07 millert + + * logging.c: Also exit waitpid() loop when pid == 0. Fixes a + problem where the sudo process would spin eating up CPU until + sendmail finished when it has to send mail. + +2003-05-30 16:22 millert + + * fnmatch.3, fnmatch.c: Remove advertising clause, UCB has + disavowed it + +2003-05-21 21:53 millert + + * parse.c: Don't assume that getgrnam() calls don't modify contents + of struct passwd returned by getpwnam(). On FreeBSD w/ NIS this + can happen. Based on a patch from Kirk Webb. + +2003-05-06 11:25 millert + + * configure.in: missing ;; + +2003-05-06 00:53 millert + + * configure.in: darwin has a broken setreuid() in at least some + versions + +2003-05-06 00:31 millert + + * env.c: Fix an off by one error when reallocating the environment; + Kevin Pye + +2003-04-30 14:04 millert + + * sudoers.pod: Fix User_Spec definition; SEKINE Tatsuo + +2003-04-28 19:30 millert + + * HISTORY: More info on the early days from Coggs. + +2003-04-21 14:47 millert + + * auth/kerb5.c: remove errant semicolon that prevented compilation + under heimdal + +2003-04-15 20:42 millert + + * Makefile.in, alloc.c, check.c, compat.h, defaults.c, defaults.h, + env.c, fileops.c, find_path.c, getprogname.c, getspwuid.c, + goodpath.c, interfaces.c, interfaces.h, logging.c, parse.c, + parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c, + strerror.c, sudo.c, sudo.h, sudo.man.in, sudo.pod, + sudoers.man.in, sudoers.pod, testsudoers.c, tgetpass.c, utime.c, + version.h, visudo.c, visudo.man.in, visudo.pod, auth/afs.c, + auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c, + auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c, + auth/rfc1938.c, auth/secureware.c, auth/securid.c, + auth/securid5.c, auth/sia.c, auth/sudo_auth.c: add DARPA credit + on affected files + +2003-04-15 20:25 millert + + * LICENSE: slightly different wording for the darpa credit + +2003-04-15 14:37 millert + + * LICENSE: Add DARPA credit + +2003-04-14 16:49 millert + + * auth/kerb5.c: Use krb5_princ_component() instead of + krb5_princ_realm() for MIT Kerberos like we did before I messed + things up ;-) + + Use krb5_principal_get_comp_string() to do the same thing w/ + Heimdal. I'm not sure if the component should be 0 or 1 in this + case. + + #define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 for Heimdal since + older versions lack ENCTYPE_DES_CBC_MD5. This is gross and there + should be a configure check for this I guess. + +2003-04-13 15:48 millert + + * TROUBLESHOOTING, config.h.in, configure, configure.in, + sample.sudoers: builtin -> built-in; Jason McIntyre + +2003-04-13 15:45 millert + + * sudoers.pod: built in -> built-in; Jason McIntyre + +2003-04-09 16:14 millert + + * CHANGES: checkpoint for 1.6.7p3 + +2003-04-09 16:14 millert + + * HISTORY: Update info on the early years @ SUNY-Buffalo from Cliff + Spencer. Amazingly, sudo source from 1985 is available via + groups.google.com + +2003-04-09 16:13 millert + + * sudo.c: Don't change rl.rlim_max for RLIMIT_CORE. We need only + set rl.rlim_cur to 0 to turn off core dumps. This may be needed + for the RLIMIT_CORE restoration on some OSes. + +2003-04-04 12:46 millert + + * auth/kerb5.c: Make this compile on Heimdal and MIT Kerberos 5 + +2003-04-04 12:45 millert + + * config.h.in, configure, configure.in: Check for heimdal even if + we found krb5-config and define HAVE_HEIMDAL. + +2003-04-03 22:04 millert + + * auth/kerb5.c: Replace ETYPE_DES_CBC_MD5 with ENCTYPE_DES_CBC_MD5. + The former is no longer defined by MIT kerb5 (though it used to + be and indeed remains so in Heimdal). + +2003-04-03 10:16 millert + + * mkinstalldirs: Remove newer stuff that passes multiple (possibly + duplicate) directories to "mkdir -p" since that seems to break on + Tru64 Unix at least. This basically brings back what shipped + with sudo 1.6.6. + +2003-04-02 13:57 millert + + * auth/kerb5.c: Correct number of args to + krb5_principal_get_realm() and fix an unclosed comment that hid + the bug. + +2003-04-02 13:45 millert + + * configure: regen + +2003-04-02 13:45 millert + + * BUGS, CHANGES, INSTALL, INSTALL.binary, Makefile.in, README, + configure.in, version.h: ++version + +2003-04-02 13:44 millert + + * configure.in: use krb5-config to determine Kerberos V details if + it exists + +2003-04-02 13:25 millert + + * alloc.c, check.c, compat.h, defaults.c, env.c, find_path.c, + interfaces.c, logging.c, parse.c, sudo.c, sudo.h, testsudoers.c, + visudo.c, auth/fwtk.c, auth/rfc1938.c, auth/securid.c, + auth/securid5.c, auth/sia.c: Use warn/err and getprogname() + throughout. The main exception is openlog(). Since the admin + may be filtering logs based on the program name in the log files, + hard code this to "sudo". + +2003-04-02 13:16 millert + + * Makefile.in: Add getprogname.c and err.c + +2003-04-02 13:15 millert + + * configure: regen + +2003-04-02 13:15 millert + + * configure.in, config.h.in: Add checks for getprognam(), + __progname and err.h + +2003-04-02 13:14 millert + + * err.c, emul/err.h: For systems withour err/warn functions. + +2003-04-02 13:14 millert + + * getprogname.c: For systems neither getprogname() nor __progname; + uses Argv[0]. + +2003-04-01 10:09 millert + + * CHANGES: checkpoint for 1.6.7p1 + +2003-04-01 10:02 millert + + * sudo.c, testsudoers.c: fix strlcpy() rval check (innocuous) + +2003-04-01 09:58 millert + + * check.c: oflow detection in expand_prompt() was faulty (false + positives). The count was based on strlcat() return value which + includes the length of the entire string. + +2003-03-30 19:02 millert + + * CHANGES, RUNSON, TODO: checkpoint for the sudo 1.6.7 release + +2003-03-24 16:09 millert + + * logging.c: g/c unused variable + +2003-03-24 11:06 millert + + * configure: regen + +2003-03-24 11:05 millert + + * configure.in: use man sections 8 and 5 for csops + +2003-03-21 18:11 millert + + * configure: regen + +2003-03-21 15:10 millert + + * configure.in: Add -lskey or -lopie directly to SUDO_LIBS instead + of having AC_CHECK_LIB() add them to LIBS. Fixes visudo linkage. + +2003-03-21 14:02 millert + + * configure: regen + +2003-03-21 14:01 millert + + * INSTALL, aclocal.m4, configure.in: Add --with-blibpath for AIX. + An alternate libpath may be specified or -blibpath support can be + disabled. Also change conifgure such that -blibpath is not + specified if no -L libpaths were added to SUDO_LDFLAGS. + +2003-03-20 22:05 millert + + * configure.in: add AIX blibpath support + +2003-03-20 20:28 millert + + * INSTALL, configure.in: --with-skey and --with-opie now take an + option directory argument This obsoletes a --with-csops hack + (/tools/cs/skey) + + Also remove the remaining direct uses of "echo" + +2003-03-20 17:44 millert + + * configure.in: Detect KTH Kerberos IV and deal with it. Also make + -lroken optional for KTH Kerberos IV and V. + +2003-03-20 14:42 millert + + * aclocal.m4: Add SUDO_APPEND_LIBPATH function that add + -L/path/to/dir (and -R/path/to/dir if $with_rpath) to the + specified variable. + +2003-03-20 14:40 millert + + * INSTALL, configure.in: Add -R/path/to/libs for Solaris and SVR4. + There is a new configure option, --with-rpath to control this + behavior. + +2003-03-19 23:50 millert + + * configure.in: for kerb4 put libdes after libkrb on the link line + +2003-03-19 23:49 millert + + * auth/kerb4.c: typo + +2003-03-19 23:33 millert + + * configure.in: fix kerberos lib check when a path is specified + +2003-03-19 21:04 millert + + * logging.c: Fix boolean thinko in SIGCHLD reaper and call + reapchild after sending mail instead of doing a conditional + sudo_waitpid. + +2003-03-19 16:20 millert + + * configure: regen + +2003-03-19 16:19 millert + + * configure.in: replace =DIR with [=DIR] where sensible + +2003-03-19 16:16 millert + + * configure.in: o Use AC_MSG_* instead of "echo" o New Kerberos + include/lib detection based on openssh's configure.in + +2003-03-19 15:58 millert + + * INSTALL: --with-kerb4 and --with-kerb5 now take an optional + argument. + +2003-03-15 22:03 millert + + * auth/securid.c: Kill remaining strcpy(), the programmer's guide + says username is 32 bytes. + +2003-03-15 21:18 millert + + * auth/kerb4.c: trat uid_t as unsigned long for printf and use + snprintf, not sprintf + +2003-03-15 21:18 millert + + * auth/rfc1938.c: use snprintf + +2003-03-15 15:37 millert + + * auth/: afs.c, aix_auth.c, bsdauth.c, dce.c, fwtk.c, kerb4.c, + kerb5.c, pam.c, passwd.c, rfc1938.c, sudo_auth.c: update + copyright year + +2003-03-15 15:31 millert + + * LICENSE, alloc.c, check.c, configure.in, env.c, sudo.c, + Makefile.in, aclocal.m4, compat.h, find_path.c, interfaces.c, + logging.c, parse.c, parse.lex, parse.yacc, set_perms.c, sudo.h, + sudo.pod, sudoers.pod, testsudoers.c, version.h, visudo.c, + visudo.pod, sudo.man.in, sudoers.man.in, visudo.man.in: update + copyright year + +2003-03-15 15:19 millert + + * check.c, env.c, sudo.c: Cast [ug]ids to unsigned long and printf + with %lu + +2003-03-15 15:17 millert + + * configure: regen + +2003-03-15 15:16 millert + + * configure.in: correct error messages for + --with-sudoers-{mode,uid,gid} + +2003-03-15 15:10 millert + + * alloc.c: make the malloc(0) error specific to each function to + aid tracking down bugs. + +2003-03-15 14:49 millert + + * alloc.c: deal with platforms where size_t is signed and there is + no SIZE_MAX or SIZE_T_MAX + +2003-03-15 14:10 millert + + * auth/kerb5.c: Make this compile w/ Heimdal and fix some gcc + warnings. + +2003-03-15 13:02 millert + + * sudo.c: Use stat_sudoers macro so --with-stow can work + +2003-03-15 13:01 millert + + * INSTALL, config.h.in, configure, configure.in: Add support for + --with-stow based on patches from Robert Uhl + +2003-03-15 12:51 millert + + * env.c: fix indentation + +2003-03-15 00:21 millert + + * configure.in: back out rev 1.352 + +2003-03-14 20:11 millert + + * lex.yy.c: regen + +2003-03-14 20:11 millert + + * parse.lex: use strlcpy, not strncpy + +2003-03-14 19:48 millert + + * set_perms.c: Fix typo; check pw_uid, not pw_gid after + setusercontext() failure. + +2003-03-14 19:43 millert + + * logging.c: use pid_t + +2003-03-14 10:43 millert + + * strlcat.c, strlcpy.c: Make gcc shutup about unused rcsid + +2003-03-14 10:35 millert + + * interfaces.c: Move the n == 0 check for the non-getifaddrs cas + +2003-03-13 21:47 millert + + * auth/rfc1938.c: skeychallenge() on NetBSD take a size parameter + +2003-03-13 21:38 millert + + * configure: regen + +2003-03-13 21:38 millert + + * configure.in: put -ldl after -lpam, not before; fixes static + linking on Linux + +2003-03-13 21:17 millert + + * interfaces.c: Avoid malloc(0) and fix the loop invariant for the + getifaddrs() case. + +2003-03-13 20:24 millert + + * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat, + sudoers.cat, visudo.cat: regen + +2003-03-13 20:23 millert + + * Makefile.in: Preserve copyright notice from .pod file in .man.in + file + +2003-03-13 20:01 millert + + * visudo.pod: Add sudoers(5) to SEE ALSO + +2003-03-13 15:27 millert + + * lex.yy.c: regen + +2003-03-13 15:27 millert + + * parse.lex: Don't assume libc can realloc() a NULL string. If + malloc/realloc fails, make sure we just return; yyerror() is not + terminal. + +2003-03-13 15:17 millert + + * lex.yy.c: regen + +2003-03-13 15:17 millert + + * parse.lex: simplify fill_args a little and use strlcpy for + paranoia + +2003-03-13 15:00 millert + + * check.c, env.c, find_path.c, parse.c, parse.yacc, sudo.c, + testsudoers.c: Use strlc{at,py} for paranoia's sake and exit on + overflow. In all cases the strings were either pre-allocated to + the correct size of length checks were done before the copy but a + little paranoia can go a long way. + +2003-03-13 12:54 millert + + * sudo.h: Add strlc{at,py} protos + +2003-03-13 12:03 millert + + * env.c, interfaces.c: Use erealloc3() + +2003-03-13 12:00 millert + + * configure: regen + +2003-03-13 12:00 millert + + * alloc.c: Oflow test of nmemb > SIZE_MAX / size is fine (don't + need >=). Use memcpy() instead of strcpy() in estrdup() so this + is strcpy()-free. + +2003-03-13 11:58 millert + + * sudo.c: snprintf() a uid as %lu, not %ld to match the + MAX_UID_T_LEN test in configure. + +2003-03-13 11:56 millert + + * aclocal.m4: In MAX_UID_T_LEN test cast uid_t to unsigned long, + just unsigned. + +2003-03-12 18:46 millert + + * sudo.c: Use snprintf() for paranoia + +2003-03-12 17:16 millert + + * parse.yacc: Use emalloc2 and erealloc3 + +2003-03-12 17:08 millert + + * Makefile.in: strlc{at,py} for those w/o it + +2003-03-12 17:07 millert + + * strlcat.c, strlcpy.c: stlc{at,py} for those w/o it. + +2003-03-12 17:07 millert + + * config.h.in, configure, configure.in: Add stlc{at,py} for those + w/o it. + +2003-03-12 16:51 millert + + * alloc.c, sudo.h: Add erealloc3(), a realloc() version of + emalloc2(). + +2003-03-12 16:45 millert + + * interfaces.c, sudo.c: Use emalloc2() to allocate N things of a + certain size. + +2003-03-12 16:41 millert + + * alloc.c, sudo.h: Add emalloc2() -- like calloc() but w/o the + bzero and with error/oflow checking. + +2003-03-12 16:23 millert + + * alloc.c: Error out on malloc(0); suggested by theo + +2003-03-09 19:34 millert + + * configure, configure.in: fix a typo; David Krause + +2003-03-07 10:46 millert + + * sudo.pod: fix typo + +2003-03-03 21:47 millert + + * env.c: Remove DYLD_ from the environment for MacOS X; from bbraun + +2003-03-01 13:20 millert + + * configure.in, config.h.in: not not; Anil Madhavapeddy + +2003-01-23 03:03 millert + + * sudo.pod, sudoers.pod, visudo.pod: typos; jmc@openbsd.org + +2003-01-20 16:13 millert + + * parse.yacc: Add some missing ';' rule terminators that bison + warns about. + +2003-01-20 16:07 millert + + * config.sub: fix typo I introduced in last merge + +2003-01-20 15:59 millert + + * configure: regenerate with autoconf 2.57 + +2003-01-20 15:58 millert + + * config.h.in: Add missing "$HOME" + +2003-01-20 15:57 millert + + * configure.in: Add some more square backets to make autoconf 2.57 + happy + +2003-01-20 14:39 millert + + * config.guess, config.sub, mkinstalldirs: Updates from + autoconf-2.57 + +2003-01-17 18:10 millert + + * lex.yy.c, sudo.tab.h: regen + +2003-01-17 18:09 millert + + * parse.lex, parse.yacc, sudoers.pod: Add support for + Defaults>RunasUser + +2003-01-06 19:10 millert + + * visudo.c: fclose() yyin after each yyparse() is done and use + fopen() instead of using freopen(). + +2003-01-06 19:02 millert + + * parse.lex: Better fix for sudoers files w/o a newline before EOF. + It looks like the issue is that yyrestart() does not reset the + start condition to INITIAL which is an issue since we parse + sudoers multiple times. + +2003-01-06 18:47 millert + + * parse.lex: Work around what appears to be a flex bug when dealing + with files that lack a final newline before EOF. This adds a + rule to match EOF in the non-initial states which resets the + state to INITIAL and throws an error. + +2003-01-06 15:06 millert + + * visudo.c: o The parser needs sudoers to end with a newline but + some editors (emacs) may not add one. Check for a missing + newline at EOF and add one if needed. o Set quiet flag during + initial sudoers parse (to get options) o Move yyrestart() call + and always use freopen() to open yyin after initial sudoers + parse. + +2002-12-15 11:24 millert + + * set_perms.c: Fix pasto/thinko in setresgid()/setregid() usage. + Want to set effective gid, not real gid, when reading sudoers. + +2002-12-15 11:08 millert + + * set_perms.c: don't compile set_perms_posix if we have setreuid or + setresuid + +2002-12-14 14:21 millert + + * sudo.pod, sudoers.pod: document new prompt escapes + +2002-12-14 14:15 millert + + * check.c: Add %U and %H escapes and redo prompt rewriting. "%%" + now gets collapsed to "%" as was originally intended. This also + gets rid of lastchar (does lookahead instead of lookback) which + should simplify the logic slightly. + +2002-12-13 13:20 millert + + * tgetpass.c: Write the prompt *after* turning off echo to avoid + some password characters being echoed on heavily-loaded machines + with fast typists. + +2002-12-13 13:09 millert + + * config.sub: Add support for mipseb; wiz@danbala.tuwien.ac.at + +2002-12-13 12:48 millert + + * configure.in: Fix IRIX fallout from name changes in man dir/sect + Makefile variables. Patch from erici AT motown DOT cc DOT utexas + DOT edu + +2002-12-13 11:33 millert + + * auth/pam.c: Keep a local copy of tgetpass_flags so we don't add + in TGP_ECHO to the global copy. Problem noted by Peter Pentchev. + +2002-11-28 18:43 millert + + * parse.yacc: Add missing yyerror() calls; YYERROR does not seem to + call this for us. + +2002-11-26 12:09 millert + + * sudo.c: fix typo in comment; Pedro Bastos + +2002-11-22 14:41 millert + + * INSTALL: document --disable-setresuid + +2002-11-22 14:41 millert + + * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c: + Sprinkle some volatile qualifiers to prevent over-enthusiastic + optimizers from removing memset() calls. + +2002-11-22 14:11 millert + + * logging.c, parse.yacc: minor sign fixes pointed out by gcc + -Wsign-compare + +2002-11-22 14:09 millert + + * set_perms.c, sudo.c, sudo.h: Revamp set_perms. We now use a + version based on setresuid() or setreuid() when possible since + that allows us to support the stay_setuid option and we always + know exactly what the semantics will be (various Linux kernels + have broken POSIX saved uid support). + +2002-11-22 14:08 millert + + * config.h.in, configure: regen from configure.in + +2002-11-22 14:07 millert + + * configure.in: Add checks for setresuid() and a way to disable + using it + +2002-11-22 14:05 millert + + * compat.h: No long need to emulate set*[ug]id() via setres[ug]id() + or setre[ug]id(). The new set_perms stuff only uses things it + knows are there. + +2002-11-22 13:33 millert + + * sudo.c: Before exec, restore state of signal handlers to be the + same as when we were initialy invoked instead of just reseting to + SIG_DFL. Fixes a problem when using sudo with nohup. Based on a + patch from Paul Markham. + +2002-11-22 13:23 millert + + * sudo.c: o timestamp_uid should be uid_t, not int o clarify error + message when sudo is run by root and no_root_sudo is set + +2002-09-19 17:27 millert + + * README: update ftp link for bison + +2002-07-20 08:30 millert + + * set_perms.c: Error out if setusercontext() fails and the runas + user is not root. + +2002-05-20 16:51 millert + + * auth/securid5.c: Fix rcsid + +2002-05-20 16:50 millert + + * configure.in: Fix SecurID API test + +2002-05-17 13:20 millert + + * env.c: typo in comment + +2002-05-17 13:20 millert + + * configure.in: securid5 stuff needs pthreads. Just adding + -lpthread is suboptimal but I don't see a better way at the + moment. + +2002-05-17 13:04 millert + + * Makefile.in, auth/securid5.c: SecurID API version 5 support from + Michael Stroucken + +2002-05-17 13:02 millert + + * configure.in: Add check for SecurID 5.0 API + +2002-05-08 16:46 millert + + * strerror.c: We actually do still need config.h to get the 'const' + definition for K&R C. + +2002-05-05 16:43 millert + + * configure: regen with autoconf 2.5.3 + +2002-05-05 16:25 millert + + * configure.in: Don't set sysconfdir to '/etc' if the user has + specified a --prefix. + +2002-05-05 16:14 millert + + * configure.in: Some fixes for autoconf 2.53 from Robert Uhl o + don't AC_SUBST LIBOBJS o force a 4th arg for AC_CHECK_HEADER() + to workaround a bug + +2002-05-05 15:58 millert + + * env.c, sudo.c, sudo.h: No need for dump_badenv() now that + dump_defaults() knows how to dump lists. + +2002-05-04 21:31 millert + + * BUGS, INSTALL, Makefile.in, configure.in, version.h, + INSTALL.binary, README: ++version + +2002-05-04 20:57 millert + + * sudoers.pod: document timestampowner + +2002-05-04 20:45 millert + + * check.c: Don't call set_perms() when doing timestamp stuff unless + timestamp_uid != 0. + +2002-05-04 20:43 millert + + * check.c, logging.c, parse.c, set_perms.c, sudo.c, sudo.h, + testsudoers.c, auth/sudo_auth.c: g/c second arg to set_perms--it + is no longer used + +2002-05-03 18:48 millert + + * check.c, set_perms.c, sudo.c, sudo.h: Add support for non-root + timestamp dirs. This allows the timestamp dir to be shared via + NFS (though this is not recommended). + +2002-05-03 18:47 millert + + * def_data.c, def_data.h, def_data.in: Add timestampowner, "Owner + of the authentication timestamp dir" + +2002-05-02 15:40 millert + + * env.c: Don't try to pre-compute the size of the new envp, just + allocate space up front and realloc as needed. Changes to the + new env pointer must all be made through insert_env() which now + keeps track of spaced used and allocates as needed. + +2002-04-26 15:12 millert + + * configure: regen + +2002-04-26 15:12 millert + + * configure.in: Fix two typo/pastos; from jrj@purdue.edu + +2002-04-25 11:36 millert + + * INSTALL.binary, README: ++version + +2002-04-25 11:35 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in, configure: regen + +2002-04-25 11:31 millert + + * CHANGES, RUNSON, TODO: Sync with 1.6.6 + +2002-04-25 11:30 millert + + * check.c: The the loop used to expand %h and %u, the lastchar + variable was not being initialized. This means that if the last + char in the prompt is '%' and the first char is 'h' or 'u' a + extra copy of the host or user name would be copied, for which + space had not been allocated. + +2002-04-18 11:41 millert + + * BUGS, INSTALL, Makefile.in, configure.in, version.h: crank + version to 1.6.6 + +2002-04-18 11:39 millert + + * auth/afs.c: #undef VOID to get rid of an AFS warning + +2002-04-18 11:38 millert + + * env.c: Use easprintf instead of emalloc + sprintf for some + things. + +2002-03-15 19:45 millert + + * lex.yy.c: regen + +2002-03-15 19:44 millert + + * parse.c, parse.lex, parse.yacc, testsudoers.c: Remove Chris + Jepeway's email address so people don't bug him ;-) + +2002-03-11 22:19 millert + + * sudo.c: Move endpwent() to be after set_perms(PERM_RUNAS, ...) + and also call endgrent() at the same time. + +2002-02-21 22:23 millert + + * INSTALL: Make it clear which configure options take arguments. + +2002-01-25 13:38 millert + + * compat.h: HP-UX 9.x has RLIMIT_* but no RLIM_INFINITY. If there + is no RLIM_INFINITY, just pretend it is -1. This works because + we only check for RLIM_INFINITY and do not set anything to that + value. + +2002-01-22 11:43 millert + + * auth/pam.c: Zero and free allocated memory when there is a + conversation error. + +2002-01-21 22:37 millert + + * auth/bsdauth.c: Use sigaction() not signal() + +2002-01-21 22:26 millert + + * INSTALL: Mention that some linux kernels have broken POSIX saved + ID support + +2002-01-21 21:03 millert + + * CHANGES: checkpoint for 1.6.5p2 + +2002-01-21 21:01 millert + + * configure: regen + +2002-01-21 21:01 millert + + * configure.in: Add --disable-setreuid flag + +2002-01-21 21:00 millert + + * INSTALL: Document new --disable-setreuid option and change + description for --disable-saved-ids to match new error message. + +2002-01-21 21:00 millert + + * set_perms.c: fatal() now takes an argument that determines + whether or not to call perror(). + +2002-01-21 20:58 millert + + * PORTING, TROUBLESHOOTING: Update for new error messages from + set_perms() + +2002-01-21 17:46 millert + + * auth/pam.c: Make this compile w/o warnings + +2002-01-21 17:36 millert + + * auth/pam.c: Mention that we can't use pam_acct_mgmt() + +2002-01-21 17:25 millert + + * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c: The user's password + was not zeroed after use when AIX authentication, BSD + authentication, FWTK or PAM was in use. + +2002-01-20 14:21 millert + + * auth/pam.c: Avoid giving PAM a NULL password response, use the + empty string instead. This avoids a log warning when the user + hits ^C at the password prompt when PAM is in use. + +2002-01-19 19:46 millert + + * auth/pam.c: Don't check the return value of pam_setcred(). In + Linux-PAM 0.75 pam_setcred() returns the last saved return code, + not the return code for the setcred module. Because we haven't + called pam_authenticate(), this is not set and so pam_setcred() + returns PAM_PERM_DENIED. + +2002-01-19 19:43 millert + + * Makefile.binary, Makefile.in: Don't need a '/' between $(DESTDIR) + and a directory. + +2002-01-18 14:18 millert + + * configure: regen + +2002-01-18 14:18 millert + + * configure.in: o BSDi also has a bogus setreuid() o Old FreeBSD + has a bogus setreuid() o new NetBSD has a real setreuid() o add + check for freeifaddrs() if getifaddrs() exists. + +2002-01-18 14:17 millert + + * config.h.in, interfaces.c: Older BSDi releases lack freeifaddrs() + so add a test for that and if it is not present just use free(). + +2002-01-17 11:30 millert + + * CHANGES, RUNSON: Checkpoint for 1.6.5p1 + +2002-01-17 10:56 millert + + * auth/passwd.c: Return AUTH_FAILURE in passwd_init() if + skeyaccess() denies access to normal passwords, not AUTH_FATAL + (which just causes an exit). + +2002-01-17 10:35 millert + + * visudo.c: Don't use memory after it has been freed. + +2002-01-17 00:24 millert + + * auth/passwd.c: skeyaccess() wants a struct passwd * not a char *; + Patch from Phillip E. Lobbes + +2002-01-16 20:00 millert + + * BUGS: ++version + +2002-01-16 19:53 millert + + * CHANGES, RUNSON, TODO: checkpoint for sudo 1.6.5 + +2002-01-16 18:37 millert + + * configure: regen + +2002-01-16 18:37 millert + + * INSTALL, INSTALL.binary, Makefile.in, README, configure.in: + version 1.6.5 + +2002-01-16 18:37 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in: sudo version 1.6.5 + +2002-01-16 16:28 millert + + * logging.c: o when invoking the mailer as root use a hard-coded + environment that doesn't include any info from the user's + environment. Basically paranoia. + + o Add support for the NO_ROOT_MAILER compile-time option and run + the mailer as the user and not root if NO_ROOT_MAILER is + defined. + +2002-01-16 16:27 millert + + * set_perms.c, sudo.h: Bring back PERM_FULL_USER + +2002-01-16 16:26 millert + + * configure: regen + +2002-01-16 16:26 millert + + * version.h: version 1.6.5 + +2002-01-16 16:26 millert + + * INSTALL, config.h.in, configure.in: Add --disable-root-mailer + option to run the mailer as the user and not root. + +2002-01-16 12:44 millert + + * CHANGES: checkpoint for 1.6.4p2 + +2002-01-15 19:22 millert + + * PORTING: Mention the "seteuid(0): Operation not permitted" + problem here too just for good measure. + +2002-01-15 18:43 millert + + * env.c, getspwuid.c, sudo.c: The SHELL environment variable was + preserved from the user's environment instead of being reset + based on the passwd database when the "env_reset" option was + used. Now it is reset as it should be. + +2002-01-15 17:47 millert + + * configure: regen + +2002-01-15 17:47 millert + + * INSTALL, TROUBLESHOOTING, config.h.in, configure.in, set_perms.c, + sudo.c: Add a configure option to turn off use of POSIX saved IDs + +2002-01-15 15:48 millert + + * configure: regen + +2002-01-15 15:48 millert + + * configure.in: add --with-efence option + +2002-01-15 15:39 millert + + * sudo.c: Only OR in MODE_RESET_HOME if MODE_RUN is set. Fixes a + problem where "sudo -l" would not work if always_set_home was + set. + +2002-01-15 13:16 millert + + * lex.yy.c: regen + +2002-01-15 13:16 millert + + * parse.lex: Quoted commas were not being treated correctly in + command line arguments. + +2002-01-14 20:53 millert + + * sudo.c: o Move the call to rebuild_env() until after + MODE_RESET_HOME is set. Otherwise, the set_home option has no + effect. + + o Fix use of freed memory when the "fqdn" flag is set. This was + introduced by the fix for the "segv when gethostbynam() fails" + bug. Also, we no longer call set_fqdn() if the "fqdn" flag is + not set so there is no need to check the "fqdn" flag in + set_fqdn() itself. + +2002-01-14 20:45 millert + + * env.c: Add 'continue' statements to optimize the switch + statement. From Solar. + +2002-01-13 13:42 millert + + * sudoers.cat, sudoers.man.in: Regen from new sudoers.pod + +2002-01-13 13:36 millert + + * sudoers.pod: Add caveat about stay_setuid flag + +2002-01-13 13:29 millert + + * sudo.c: If set_perms == set_perms_posix and the stay_setuid flag + is not set, set all uids to 0 and use set_perms_fallback(). + +2002-01-13 13:28 millert + + * set_perms.c, sudo.h: Remove PERM_FULL_USER (which is no longer + used) and add PERM_FULL_ROOT (used when exec'ing the mailer). + +2002-01-13 13:27 millert + + * logging.c: Use set_perms(PERM_FULL_ROOT, 0) before exec'ing the + mailer since we never want to run the mailer setuid. + +2002-01-12 17:55 millert + + * sudo.cat, sudo.man.in, sudo.pod, visudo.cat, visudo.man.in, + visudo.pod: Use sudo.ws instead of courtesan.com in URLs + +2002-01-12 14:00 millert + + * Makefile.in, Makefile.binary: Fix mansect substitution + +2002-01-12 13:15 millert + + * Makefile.in: Substitute man sections in Makefile.binary + +2002-01-12 13:15 millert + + * Makefile.binary: Sync install targets with Makefile.in and + substitute in man sections. + +2002-01-12 13:09 millert + + * INSTALL, INSTALL.binary: version is 1.6.4 + +2002-01-12 12:59 millert + + * Makefile.in: Repair bindist target + +2002-01-12 11:43 millert + + * CHANGES: sync for 1.6.4 + +2002-01-10 13:00 millert + + * install-sh: Fix case where neither whoami nor id are found + +2002-01-09 12:35 millert + + * install-sh: If neither whoami nor id exists, just assume we are + root. + +2002-01-09 11:56 millert + + * alloc.c: Add explicit cast to (VOID *) on malloc/realloc. Seems + to be needed on AIX which for some reason isn't pulling in the + malloc prototype. + +2002-01-08 10:00 millert + + * Makefile.in, aclocal.m4, compat.h, parse.c, sudo.c: (c) 2002 + +2002-01-08 09:21 millert + + * CHANGES: checkpoint + +2002-01-08 09:20 millert + + * sudo.c: Defer assigning new environment until right before the + exec. + +2002-01-08 09:08 millert + + * parse.c: kill extra blank line + +2002-01-07 13:59 millert + + * configure: regen + +2002-01-07 13:59 millert + + * configure.in: Use -O not -O2 for m88k-motorola-sysv* since + motorola gcc-derived compiler doesn't recognise -O2. + +2002-01-06 23:02 millert + + * HISTORY: Clarify origins of Root Group sudo a bit based on info + from billp@rootgroup.com + +2002-01-02 22:41 millert + + * LICENSE: 2002 + +2002-01-02 22:26 millert + + * CHANGES: checkpoint for 1.6.4rc1 + +2002-01-02 17:40 millert + + * config.h.in: now generated via autoheader + +2002-01-02 17:40 millert + + * configure: regen + +2002-01-02 17:37 millert + + * compat.h: Move in some stuff that was previously in config.h. + +2002-01-02 17:36 millert + + * configure.in, aclocal.m4: Add info for autoheader. + +2002-01-01 16:53 millert + + * Makefile.in: o Add DESTDIR support + o Use -M, -O, and -G instead of -m, -o, and -g to facilitate + non-root installs + +2002-01-01 16:48 millert + + * install-sh: Add -M option (like -m but only for root) If we can't + find "whoami", use "id" w/ some sed. + +2002-01-01 14:01 millert + + * configure: regen + +2002-01-01 14:00 millert + + * configure.in: allow user to always override mansectsu and + mansectform + +2001-12-31 17:05 millert + + * mkinstalldirs: update from autoconf 2.52 + +2001-12-31 17:03 millert + + * config.guess, config.sub: Update from autoconf 2.52 + +2001-12-31 16:57 millert + + * configure: regen with autoconf 2.52 + +2001-12-31 16:57 millert + + * configure.in: o Call AC_PROG_CC_STDC to find out how to run the + compiler in ANSI mode + o Remove compiler-specific checks for HP-UX now that we use + AC_PROG_CC_STDC + +2001-12-31 12:19 millert + + * RUNSON: Checkpoint + +2001-12-31 12:18 millert + + * auth/pam.c: o Add pam_prep_user function to call pam_setcred() + for the target user; on Linux this often sets resource limits. + o When calling pam_end(), try to convert the auth->result to a + PAM_FOO value. This is a hack--we really need to stash the + last PAM_FOO value received and use that instead. + +2001-12-31 12:18 millert + + * set_perms.c, sudo.h: o Add pam_prep_user function to call + pam_setcred() for the target user; on Linux this often sets + resource limits. + +2001-12-31 00:53 millert + + * env.c: Fix off by one error in number of bytes allocated via + malloc (does not affected any released version of sudo). + +2001-12-30 17:12 millert + + * lex.yy.c: regen + +2001-12-30 17:12 millert + + * parse.lex: Allow '@', '(', ')', ':' in arguments to a defaults + variable w/o requiring that they be quoted. + +2001-12-30 14:26 millert + + * sudoers.cat, sudoers.man.in, sudoers.pod: Mention that no double + quotes are needed when adding/deleting/assigning a single value + to a list. + +2001-12-30 13:58 millert + + * Makefile.in: Don't rely on mkdefaults being executable, call perl + explicitly. + +2001-12-30 13:41 millert + + * parse.yacc: Remove some XXX that are no longer relevant. + +2001-12-30 13:40 millert + + * defaults.c: o Roll our own loop instead of using strpbrk() for + better grokability o When adding to a list we must malloc() and + use memcpy(), not strdup() since we must only copy len bytes + from str. + +2001-12-21 16:49 millert + + * parse.yacc: typo in comment + +2001-12-19 11:50 millert + + * CHANGES: checkpoint + +2001-12-19 10:56 millert + + * configure: regen + +2001-12-19 10:56 millert + + * configure.in: avoid the -g flag unless --with-devel was specified + +2001-12-19 10:04 millert + + * Makefile.in: mkdefaults, def_data.in and sigaction.c were missing + from the tarball + +2001-12-19 09:46 millert + + * Makefile.in: def_data.c was missing + +2001-12-18 12:42 millert + + * env.c: Fix setting of $USER and $LOGNAME in the non-reset_env + case. Also allow HOME, SHELL, LOGNAME, and USER to be specified + in keep_env + +2001-12-17 20:48 millert + + * TODO: Another TODO item + +2001-12-17 19:50 millert + + * sudoers: Add comment for Default section so folks know where it + should go. + +2001-12-17 18:56 millert + + * tgetpass.c: Use TCSETAF, not TCSETA to set terminal in termio + case + +2001-12-17 18:35 millert + + * sudoers.man.in, sudoers.cat: regen from sudoers.pod + +2001-12-17 18:33 millert + + * sudoers.pod: o Typo, Runas_User_List should be Runas_List + o a User_List can not contain a uid + o mention that the Defaults section should come after Alias + definitions but before the user specifications + +2001-12-15 11:51 millert + + * sudoers.cat, sudoers.man.in: regen + +2001-12-15 11:51 millert + + * sudoers.pod: Fix listpw and verifypw sections, they were not + being formatted properly. + +2001-12-15 11:39 millert + + * sudoers.cat, sudoers.man.in: regen + +2001-12-15 11:38 millert + + * sudoers.pod: fix typos + +2001-12-15 10:57 millert + + * configure: regen + +2001-12-15 10:57 millert + + * configure.in, config.h.in: use AC_SYS_POSIX_TERMIOS instead of + rolling our own + +2001-12-15 10:33 millert + + * README: Reference sudo.ws not courtesan.com + +2001-12-15 10:29 millert + + * PORTING: Add notes on shadow passwords + +2001-12-15 00:48 millert + + * BUGS: In list mode (sudo -l), characters escaped with a backslash + are shown verbatim with the backslash. + +2001-12-15 00:44 millert + + * sudoers: Add simple examples from OpenBSD (Marc Espie) + +2001-12-15 00:40 millert + + * tgetpass.c: Catch SIGTTIN and SIGTTOU too and treat them like + SIGTSTP. + +2001-12-14 21:53 millert + + * CHANGES: minor prettyification + +2001-12-14 21:43 millert + + * CHANGES: Updated change log + +2001-12-14 21:27 millert + + * testsudoers.c: Fix CIDR handling here too. + +2001-12-14 21:21 millert + + * auth/pam.c: Apparently a NULL response is OK + +2001-12-14 21:19 millert + + * TODO: Checkpoint for upcoming beta release + +2001-12-14 21:17 millert + + * TROUBLESHOOTING: Many people believe that adding a runas spec + should obviate the need for the -u flag. It does not. + +2001-12-14 21:11 millert + + * RUNSON: checkpoint update for upcoming 1.6.4 beta + +2001-12-14 20:44 millert + + * config.h.in: o Add HAVE_STDLIB_H and HAVE_MEMORY_H o Define + HAVE_STRINGS_H even if HAVE_STRING_H is defined -- this is safe + now + +2001-12-14 20:07 millert + + * PORTING: Add signals section + +2001-12-14 20:00 millert + + * configure: regen + +2001-12-14 20:00 millert + + * configure.in: Fix check for sigaction_t + +2001-12-14 19:45 millert + + * sudo.c: XXX - should call find_path() as runas user, not root. + Can't do that until the parser changes though. + +2001-12-14 19:38 millert + + * sudo.c: If find_path() fails as root, try again as the invoking + user (useful for NFS). Idea from Chip Capelik. + +2001-12-14 19:28 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: Regenerate + after pod file changes + +2001-12-14 19:24 millert + + * def_data.c, def_data.h, def_data.in, set_perms.c, sudo.c, sudo.h, + sudo.pod, sudoers.pod: Add new sudoers option "preserve_groups". + Previously sudo would not call initgroups() if the target user + was root. Now it always calls initgroups() unless the -P command + line option or the "preserve_groups" sudoers option is set. Idea + from TJ Saunders. + +2001-12-14 18:38 millert + + * compat.h, config.h.in: Use new HAVE_SIGACTION_T define + +2001-12-14 18:33 millert + + * logging.c: Fix compilation on K&C + +2001-12-14 18:14 millert + + * configure: regen + +2001-12-14 18:14 millert + + * configure.in: Add check for sigaction_t -- IRIX already defines + this so don't redefine it. + +2001-12-14 17:15 millert + + * snprintf.c: fix typo + +2001-12-14 17:12 millert + + * interfaces.c: need stdlib.h here too + +2001-12-14 15:31 millert + + * configure: regen + +2001-12-14 15:31 millert + + * configure.in: Remove redundant checks for string.h, strings.h and + unistd.h + +2001-12-14 15:29 millert + + * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat, + visudo.man.in: Regen from pod files + +2001-12-14 15:03 millert + + * BUGS: Update for 1.6.4 + +2001-12-14 14:59 millert + + * configure, lex.yy.c: regen + +2001-12-14 14:56 millert + + * strerror.c: Return EINVAL if errnum > sys_nerr + +2001-12-14 14:54 millert + + * LICENSE, Makefile.binary, Makefile.in, aclocal.m4, compat.h, + config.h.in, defaults.h, interfaces.h, pathnames.h.in, sudo.h, + sudo.pod, auth/sudo_auth.h: o Update copyright year + +2001-12-14 14:54 millert + + * configure.in: o Don't define STDC_HEADERS unconditionally for + IRIX o Update copyright year + +2001-12-14 14:53 millert + + * README: update version + +2001-12-14 14:52 millert + + * alloc.c, check.c, defaults.c, env.c, fileops.c, find_path.c, + fnmatch.c, getcwd.c, getspwuid.c, goodpath.c, interfaces.c, + logging.c, lsearch.c, parse.c, parse.lex, parse.yacc, + set_perms.c, snprintf.c, sudo.c, testsudoers.c, tgetpass.c, + utime.c, visudo.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, + auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c, + auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c, + auth/sia.c, auth/sudo_auth.c: o Reorder some headers and use + STDC_HEADERS define properly o Update copyright year + +2001-12-14 01:53 millert + + * configure: regen + +2001-12-14 01:53 millert + + * tgetpass.c: flags set in signal handlers should be volatile + sig_atomic_t + +2001-12-14 01:52 millert + + * config.h.in, configure.in: Add checks for volatile and + sig_atomic_t + +2001-12-14 01:42 millert + + * lex.yy.c, configure: regen + +2001-12-14 01:40 millert + + * def_data.c, def_data.h, def_data.in, defaults.c, env.c, + find_path.c, sudo.c, sudoers.pod: Remove "secure_path" Defaults + option since it cannot work with the existing parser. + +2001-12-14 01:26 millert + + * find_path.c, sudo.c: Unset "secure_path" if user_is_exempt() + +2001-12-14 01:24 millert + + * env.c, pathnames.h.in: o Remove assumption that PATH and TERM are + not listed in env_keep o If no PATH is in the environment use a + default value o If TERM is not set in the non-reset case also + give it a default value. + +2001-12-14 01:17 millert + + * aclocal.m4, configure.in, defaults.c, pathnames.h.in: + _PATH_SENDMAIL -> _PATH_SUDO_SENDMAIL so --without-sendmail works + on systems that define in paths.h + +2001-12-14 01:15 millert + + * auth/: passwd.c, sudo_auth.c, sudo_auth.h: Add support for + skeyaccess(3) if it is present in libskey. + +2001-12-12 21:42 millert + + * sudo.c: Only need to do 'lc = login_getclass(NULL)' if lc == NULL + +2001-12-12 21:24 millert + + * parse.lex: '\\' is a perfectly legal character to have in a + command line argument. + +2001-12-12 20:24 millert + + * sudo.c: o Defer call to set_fqdn() until it is safe to use + log_error() o Don't print errno string value if gethostbyname + fails, it is not relevant + +2001-12-12 20:07 millert + + * parse.c: Fix CIDR -> in_addr_t conversion. + +2001-12-12 16:21 millert + + * sudoers.pod: Remove an extra "User_List" in the User_Spec + definition From ybertrand AT snoopymail.com + +2001-12-12 16:00 millert + + * parse.c: Make 'listpw=never' work for users who are not + explicitly mentioned in sudoers. + +2001-12-12 15:40 millert + + * sudoers.pod: Remove gratuitous '=' in EBNF grammar; era AT iki.fi + +2001-12-12 15:34 millert + + * sudoers.pod: Document new list Defaults type and convert env_keep + and env_delete to lists. Document new env_check option. + +2001-12-12 15:11 millert + + * lex.yy.c, sudo.tab.h: regen parser + +2001-12-12 14:56 millert + + * parse.lex: Don't let '#' appear in a {WORD} and restrict #foo in + a Runas spec to #[0-9-]+. + +2001-12-12 14:55 millert + + * configure: regen + +2001-12-12 14:55 millert + + * aclocal.m4: Simpler SUDO_FUNC_ISBLANK that uses AC_TRY_LINK + +2001-12-12 14:43 millert + + * config.h.in, configure.in: Add check for skeyaccess(3) + +2001-12-11 19:47 millert + + * visudo.pod: Document new -c, -f, and -q options + +2001-12-11 19:41 millert + + * visudo.c: o Add -f option (alternate sudoers file) o Convert to + use getopt(3) + +2001-12-11 19:31 millert + + * configure: regen + +2001-12-11 19:31 millert + + * aclocal.m4, config.h.in, configure.in: Add check for isblank and + a replacement macro if it doesn't exist. + +2001-12-11 18:22 millert + + * visudo.c: In check-only mode, don't create sudoers if it does not + already exist. + +2001-12-11 18:06 millert + + * parse.yacc: o Add a new token, DEFVAR, to indicate a Defaults + variable name + o Add support for "+=" and "-=" list operators + o replace some 1 and 0 with TRUE and FALSE for greater + legibility. + +2001-12-11 18:05 millert + + * parse.lex: o Use exclusive start conditions to remove some + ambiguity in the + lexer. Also reorder some things for clarity. + o Add support for "+=" and "-=" list operators. + o Use the new DEFVAR token to denote a Defaults variable name. + +2001-12-11 18:03 millert + + * sudo.h: Prototype init_envtables() + +2001-12-11 18:02 millert + + * env.c: o Convert environment handling to use lists instead of + strings. + This greatly simplifies routines that need to do "foreach" + type + operations. + o Add new init_envtables() function to set env_check and + env_delete + defaults based on initial_badenv_table and + initial_checkenv_table + (formerly sudo_badenv_table). + +2001-12-11 18:00 millert + + * defaults.c, defaults.h: o Add a new LIST type and functions to + manipulate it. + o This is for use with environment handling variables. + o Call new init_envtables() routine inside init_defaults() to + initialize the environment lists. + +2001-12-11 17:57 millert + + * def_data.c, def_data.h, def_data.in: Convert environment options + to use the new LIST type and add a new one, env_check that only + deletes if the sanity check fails. + +2001-12-11 17:55 millert + + * testsudoers.c: Add dummy version of init_envtables() + +2001-12-11 17:53 millert + + * parse.yacc: honor quiet mode + +2001-12-11 17:51 millert + + * visudo.c: Add check-only mode + +2001-12-10 20:27 millert + + * mkdefaults: Fix generation of entries with NULL descriptions. + +2001-12-09 00:27 millert + + * tgetpass.c: Use sigaction_t and quiet a gcc warning. + +2001-12-09 00:20 millert + + * sudo.c: Must reset signal handlers before we exec + +2001-12-09 00:16 millert + + * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c: Be + carefule now that tgetpass() can return NULL (user hit ^C). PAM + version needs testing. Set SIGTSTP to SIG_DFL during password + entry so user can suspend us. + +2001-12-09 00:14 millert + + * tgetpass.c: Add support for interrupting/suspending tgetpass via + keyboard input. If you suspend sudo from the password prompt and + resume it will re-prompt you. + +2001-12-09 00:09 millert + + * sudo.c: Don't block keyboard interrupt signals, just set them to + SIG_IGN. + +2001-12-08 14:48 millert + + * config.h.in: add back HAVE_SIGACTION + +2001-12-08 14:44 millert + + * configure: regen + +2001-12-08 14:44 millert + + * config.h.in, configure.in, logging.c, sudo.c, visudo.c: Kill + POSIX_SIGNALS define and old signal support now that we emulate + POSIX ones Also be sure to correctly initialize struct sigaction. + +2001-12-08 14:42 millert + + * strerror.c: Don't need config.h or "#ifndef HAVE_STRERROR" + wrapper. + +2001-12-08 14:39 millert + + * compat.h: Add scaffolding for POSIX signal emulation + +2001-12-08 14:36 millert + + * sigaction.c: o Add missing ';' so this compiles o Can't use NULL + since we don't include stdio.h + +2001-12-08 14:23 millert + + * sigaction.c: Emulate sigaction() using sigvec() + +2001-11-12 19:32 millert + + * sudoers.pod: Document new behavior of negative values of + timestamp_timeout Fix a typo + +2001-11-12 19:31 millert + + * sudo.pod: Add security note about command not being logged after + 'sudo su' and friends. + +2001-11-12 19:19 millert + + * sudo.pod: Mention that -V prints default values when run as root, + including the list of environment variables to clear. + +2001-11-12 19:14 millert + + * Makefile.in: Run pod2man with --quotes=none to avoid stupid + quoting of C<> entries. + +2001-11-12 13:12 millert + + * def_data.c, def_data.h, def_data.in, sudoers.pod, + auth/sudo_auth.c: Add mail_badpass option Also modify mail_always + behavior to also send mail when the password is wrong + +2001-11-12 13:08 millert + + * env.c, sudo.c, sudo.h: Dump default bad env table when 'sudo -V' + is run by root. + +2001-11-11 23:52 millert + + * sudoers.pod: document env_delete + +2001-11-11 23:51 millert + + * env.c: Add support for '*' in env_keep when not resetting the + environment (ie: the normal case). + +2001-11-11 23:47 millert + + * env.c: Add env_delete variable that lets the user replace/add to + the bad_env_table. Allow '*' wildcard in env_keep entries. + +2001-11-06 13:59 millert + + * mkinstalldirs: Force umask to 022 to guarantee sane directory + permissions. + +2001-11-02 18:09 millert + + * Makefile.in: add sudo.tab.h and sudo.tab.c to sudo.tab.o + dependency + +2001-11-02 17:25 millert + + * mkdefaults: fix breakage in last commit + +2001-11-02 17:18 millert + + * Makefile.in: acsite.m4 -> aclocal.m4 + +2001-11-02 15:59 millert + + * check.c: fix I_TS_TIMEOUT vs. I_TIMESTAMP_TIMEOUT pasto in + previous commit + +2001-11-02 15:57 millert + + * def_data.c: regenerated from def_data.in + +2001-11-02 15:56 millert + + * check.c, defaults.c, defaults.h: Add new T_UINT type that most + things use instead of T_INT If timestamp_timeout is < 0 then + treat the ticket as never expiring (to be expired manually by the + user). + +2001-11-02 15:51 millert + + * def_data.in: change most T_INT -> T_UINT + +2001-11-02 15:51 millert + + * mkdefaults: fix warning when no args + +2001-11-02 12:52 millert + + * visudo.c: Change 2 Exit() -> exit() Avoid stdio in Exit() and + call _exit() if we are a signal handler. We no longer print the + signal number but the user can just check the exit value for + that. + +2001-10-16 01:35 millert + + * logging.c: when setting up pipes in child process check for case + where stdin == pipe fd 0 + +2001-10-11 13:20 millert + + * visudo.c: Ignore editor exit value since XPG4 says vi's exit + value is the count of editing errors made (failed searches, etc). + +2001-10-05 16:39 millert + + * configure: regen + +2001-10-05 16:39 millert + + * configure.in: sco now is identified by config.guess as *-sco-* + +2001-10-05 16:24 millert + + * configure.in: Check for getspnam() in -lgen if not in -lc for + UnixWare. + +2001-09-17 21:48 millert + + * sudoers.pod, visudo.pod: "upper case" -> "uppercase" + +2001-09-17 21:32 millert + + * sudoers.pod: fix typos and grammar; pjanzen@foatdi.harvard.edu + +2001-08-28 10:26 millert + + * sudoers.pod: Missing word (specify); krapht@secureops.com + +2001-08-23 17:43 millert + + * sudo.c: If we fail to lookup a login class, apply the default + one. + +2001-08-23 17:42 millert + + * logging.c: In log_error() free message, not logline + unconditionally, then free logline if it is not the same as + message. No function change but this mirrors how they are + allocated. + +2001-07-16 23:33 millert + + * configure: regenerate + +2001-07-16 23:33 millert + + * configure.in: remove some backslash quotes that are unneeded + +2001-07-16 23:30 millert + + * configure.in: o Tweaks to make this work with autoconf-2.50 o Use + AC_LIBOBJ instead of changing LIBOBJS directly o Use + AC_REPLACE_FUNCS where we can o Use AC_CHECK_FUNCS instead of + AC_CHECK_FUNC so we don't have to AC_DEFINE things manually. + +2001-07-16 23:28 millert + + * config.guess, config.sub: Updated from autoconf-2.50 + +2001-05-22 19:11 millert + + * README: Update mailing list section. We use mailman now, not + majordomo. + +2001-05-10 14:55 millert + + * getspwuid.c, logging.c, sudo.c: Use setpwent()/endpwent() + all + the shadow variants to make sure we don't inadvertantly leak an + fd to the child. Apparently Linux's shadow routines leave the fd + open even if you don't call setspent(). Reported by + mike@gistnet.com; different patch used. + +2001-04-12 21:43 millert + + * sudoers.pod: s/eg./e.g./ + +2001-04-12 21:42 millert + + * tgetpass.c: select() may return EAGAIN. If so, continue like we + do for EINTR. + +2001-04-12 21:41 millert + + * logging.c: Fix a non-exploitable buffer overflow in the word + splitting code. This should really be rewritten. + +2001-04-12 21:41 millert + + * Makefile.in: FAQ link goes away + +2001-04-12 21:40 millert + + * INSTALL: Tell people to look in sample.syslog.conf for examples, + not FAQ + +2001-04-12 21:40 millert + + * TROUBLESHOOTING: Update list of env vars that are cleared + +2001-04-12 21:36 millert + + * sudo.c: remove struct env_table decl since that stuff has all + moved to env.c + +2001-04-04 13:17 millert + + * fileops.c: Fix a pasto in flock-style unlocking and include + <sys/file.h> for flock on older systems; twetzel@gwdg.de + +2001-04-04 13:14 millert + + * configure: regen to get NeXT lockf/flock fix + +2001-04-04 13:14 millert + + * configure.in: force NeXT to use flock since lockf is broken + +2001-03-30 08:54 millert + + * check.c: Use stashed user_gid when checking against exempt gid + since sudo sets its gid to a a value that makes sudoers readable. + Previously if you used gid 0 as the exempt group everyone would + be exempt. From Paul Kranenburg <pk@cs.few.eur.nl> + +2001-03-29 13:14 millert + + * configure: regen + +2001-03-29 13:08 millert + + * aclocal.m4: #include stdio.h in SUDO_CHECK_TYPE since IRIX 6 + aparently defines some types (such as ssize_t) therein. + +2001-03-02 09:09 millert + + * defaults.c: Fix negation of paths in a boolean context. Problem + found by apt@UH.EDU + +2001-02-23 13:03 millert + + * visudo.c: pasto + +2001-02-17 16:11 millert + + * visudo.c: SA_RESETHAND means the opposite of what I was + thinking--oops To block all signals in old-style signals use ~0, + not 0xffffffff + +2001-02-04 11:16 millert + + * defaults.c: coerce difference of pointers to int when used in a + string length printf format; deraadt@openbsd.org + +2001-01-17 11:34 millert + + * visudo.c: Block all signals in Exit() to avoid a signal race. + There is still a tiny window but I'm not going to worry about it. + +2001-01-07 13:57 millert + + * env.c: glibc uses the LANGUAGE env var so clear that too; Solar + Designer + +2001-01-07 13:55 millert + + * lex.yy.c: Regenerate with a fix to flex.skl that preserves errno + from clobbering by isatty(). + +2000-12-30 20:39 millert + + * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sia.c, sudo_auth.c: + Some defaults I_ defines got renamed. + +2000-12-30 20:38 millert + + * Makefile.in, check.c, def_data.c, def_data.h, def_data.in, + defaults.c, defaults.h, env.c, logging.c, mkdefaults, parse.yacc, + set_perms.c, sudo.c: Move defaults info into its own files from + which we generate .h and .c files. This makes adding or + rearranging variables much simpler. + +2000-12-30 16:58 millert + + * configure, configure.in: fix typo in last commit + +2000-12-30 16:55 millert + + * compat.h, config.h.in, configure, configure.in: Add check + + emulation for setegid (like seteuid). + +2000-12-30 16:22 millert + + * env.c: Make env_keep override badenv_table as documented Fix + traversal of badenv_table (broken in last commit) + +2000-12-29 22:59 millert + + * set_perms.c, sudo.c, sudo.h: Don't try and build saved uid + version of set_perms on systems w/o them. Rename + set_perms_saved_uid() -> set_perms_posix() Make + set_perms_setreuid simply be set_perms_fallback() and simply + include the appropriate function at compile time (setreuid() + vs. setuid()). + +2000-12-29 22:45 millert + + * sudoers.pod, sudoers.cat, sudoers.man.in: PATH is also preserved + when env_reset is in effect + +2000-12-29 22:29 millert + + * CHANGES, env.c, Makefile.in, check.c, compat.h, config.h.in, + configure, configure.in, defaults.c, defaults.h, find_path.c, + getspwuid.c, set_perms.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, + sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod, + testsudoers.c, visudo.c, visudo.cat, visudo.man.in: New Defaults + options: o stay_setuid - sudo will remain setuid if system has + saved uids or setreuid(2) o env_reset - reset the environment to + a sane default o env_keep - preserve environment variables that + would otherwise be cleared + + No longer use getenv/putenv/setenv functions--do environment + munging by hand. Potentially dangerous environment variables can + be cleared only if they contain '/' pr '%' characters to protect + buggy programs. Moved environment routines into env.c (new file) + +2000-12-29 22:17 millert + + * INSTALL: Clear up --without-passwd description + +2000-12-29 19:39 millert + + * sudo_setenv.c, putenv.c: We now build up a new environment from + scratch and assign it to "environ". + +2000-12-18 22:35 millert + + * sudo.pod, visudo.pod: Grammatical fixes from Paul Janzen + +2000-12-14 23:19 millert + + * visudo.c: If there was a syntax error and the user just wants to + quit, unlink sudoers if it is zero length. + +2000-12-14 23:10 millert + + * visudo.c: 'Q' means ignore parse error, not 'q' + +2000-12-14 22:57 millert + + * visudo.c: Open sudoers for writing with mode SUDOERS_MODE From + Dimitry Andric <dim@xs4all.nl> + +2000-12-13 12:23 millert + + * set_perms.c: Add missing #ifdef HAVE_LOGIN_CAP_H; + ayamura@ayamura.org + +2000-12-09 11:46 millert + + * config.guess, config.sub: Darwin / Mac OS X support from Wilfredo + Sanchez <wsanchez@apple.com> + +2000-11-03 09:36 millert + + * sudo.c, visudo.c: Use exit(127), not exit(-1) + +2000-11-03 00:37 millert + + * defaults.h, set_perms.c, sudo.c, Makefile.in, defaults.c: Move + set_perms() to its own file and use POSIX saved uid or setreuid() + if available. + + Added stay_setuid option for systems that have libraries that + perform extra paranoia checks in system libraries for setuid + programs (ie: anything with issetugid(2)). + +2000-11-02 20:28 millert + + * sudo.c: strip more bits from the environment and add a facility + for stripping things only if they contain '/' or '%' to address + printf format string vulnerabilities in other programs. + +2000-11-02 12:55 millert + + * configure: regen + +2000-11-02 12:55 millert + + * configure.in: For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache + the existence of strcasecmp(). + +2000-11-02 12:46 millert + + * configure: regen + +2000-11-02 12:46 millert + + * configure.in: Check for strcasecmp(3) in -lc89 for NCR Unix + +2000-11-01 10:22 millert + + * config.h.in: Define HAVE_INNETGR #ifdef HAVE__INNETGR + +2000-11-01 10:17 millert + + * configure: regen + +2000-11-01 10:17 millert + + * compat.h, config.h.in, configure.in: Add check for _innetgr(3) + since NCR systems have that instead of innetgr(3). + +2000-10-31 14:16 millert + + * auth/securid.c: check return value of creadcfg() call sd_close() + after sd_auth() store username in sd->username so we don't rely + on the USER env variable + +2000-10-29 23:00 millert + + * INSTALL: document --with-bsdauth + +2000-10-29 22:57 millert + + * configure: regen + +2000-10-29 22:56 millert + + * configure.in: --with-bsdauth assumes --with-logincap + +2000-10-29 22:45 millert + + * auth/: bsdauth.c, fwtk.c: When prompting for a response to a + challenge, if the user just hits return then reprompt with echo + turned on. + +2000-10-29 17:31 millert + + * sudo.c: Remove debugging code that should not have been + committed, oops. + +2000-10-29 17:31 millert + + * auth/bsdauth.c: Use lower-level routines and get the password + ourselves. Checks for a challenge and if there is one echo is + not turned off. + +2000-10-29 17:30 millert + + * auth/: pam.c, sudo_auth.h: minor housekeeping, no real code + changes + +2000-10-27 18:41 millert + + * sudo.c: Fix a coredump in the logging functions if gethostname(2) + fails by deferring the call to log_error() until things are + better setup. + + Fix return value of set_loginclass() in non-BSD-auth case. + + Hard-code 'sudo' in the usage message so we can fit more options + on a line + +2000-10-27 18:35 millert + + * logging.c: Fix errant ';' (typo) that broken MSG_ONLY + +2000-10-26 13:03 millert + + * sudo.cat, sudo.man.in: regen + +2000-10-26 13:01 millert + + * sudo.pod: Document -a flag + +2000-10-26 12:42 millert + + * Makefile.in, config.h.in, configure, configure.in, getspwuid.c, + sudo.c, auth/sudo_auth.h, auth/bsdauth.c: Add support for BSD + authentication. + +2000-10-19 10:09 millert + + * sudoers.pod: Fix typo; from sato@complex.eng.hokudai.ac.jp + +2000-10-12 09:49 millert + + * sudoers.pod: Mention negating umask + +2000-10-12 01:30 millert + + * defaults.c: Allow user to specify umask of 0777 (same as !umask) + +2000-10-08 21:46 millert + + * sudo.pod, visudo.pod: Fix a typo and give a URL for the sudo + history. + +2000-10-08 12:25 millert + + * defaults.c, sudo.pod: fix typos; pepper@reppep.com + +2000-09-14 16:48 millert + + * sudo.c, sudo.h, sudo_setenv.c: sudo_setenv() now exits on memory + alloc failure instead of returning -1. + +2000-09-07 17:41 millert + + * sudo.c: Strip out NLSPATH and PATH_LOCALE from the environment + for FreeBSD and possibly others. + +2000-09-07 10:43 millert + + * logging.c: Don't use vsyslog(3) since HP-UX (and others?) lack + it. This means that "%m" won't be expanded but we don't use that + anyway since the logging routines may splat to stderr as well. + +2000-09-06 21:35 millert + + * defaults.c, defaults.h, sudo.c, sudoers.cat, sudoers.man.in, + sudoers.pod: Add always_set_home variable + +2000-09-06 21:24 millert + + * configure, configure.in: Have to hard code default values in help + since the defaults are set _after_ the help stuff. + +2000-08-31 13:08 millert + + * lex.yy.c, parse.lex: Allow special characters (including '#') to + be embedded in pathnames if quoted by a '\\'. The quoted chars + will be dealt with by fnmatch(). Unfortunately, 'sudo -l' still + prints the '\\'. + +2000-08-13 17:10 millert + + * install-sh: Better path searching for programs we need. + +2000-08-13 17:10 millert + + * TROUBLESHOOTING: Add section on "C compiler cannot create + executables" errors. + +2000-08-13 17:10 millert + + * Makefile.binary, Makefile.in, version.h: Crank version + +2000-08-13 17:09 millert + + * aclocal.m4, configure, configure.in, sudo.cat, sudo.man.in, + sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.cat, + visudo.man.in, visudo.pod: Substitute values from configure into + man pages. + +2000-08-12 16:48 millert + + * parse.c, sudo.c: The listpw and verifypw sudoers options would + not take effect because the value of the default was checked + *before* sudoers was parsed. Instead of passing in the value of + PWCHECK_* to sudoers_lookup(), pass in the arg for def_ival() so + the check can be deferred until after sudoers is parsed. + +2000-08-11 15:41 millert + + * tgetpass.c: When writing prompt, no need to write the NUL as + well; hag@linnaean.org + +2000-06-09 12:25 millert + + * install-sh: When looking for chown, check in /sbin too + +2000-06-04 22:57 millert + + * visudo.c: Remove extraneous call to init_defaults() and set + runas_user to NULL betweem parses so init_defaults will reset it + each time, thus avoiding a reference to free()d data. + +2000-06-04 19:57 millert + + * config.h.in, interfaces.c, interfaces.h, sudo.c: Add support for + using getifaddrs() to get the list of ip addr / netmask pairs. + Currently IPv4-only. + +2000-06-04 19:51 millert + + * visudo.c: Add a missing check for UserEditor == NULL Add missing + '+' before line number when invoking editor to fix a syntax error + +2000-05-12 16:55 millert + + * sudo.c: Call clean_env very early in main() for paranoia's sake. + Idea from Marc Esipovich. + +2000-05-10 01:11 millert + + * sudo.h: Update proto for evasprintf and easprintf + +2000-05-10 01:10 millert + + * alloc.c: Make easprintf() and evasprintf() return an int. + +2000-05-10 00:56 millert + + * check.c: If the targetpw flag is set, use target username as part + of the timestamp path. If tty tickets are in effect cat the tty + and the target username with a ':' as the separator. + +2000-05-09 12:05 millert + + * auth/pam.c: Backout part of last change; setting PAM_USER to the + invoking user breaks things like targetpw. + +2000-05-09 11:52 millert + + * auth/pam.c: set tty and username via pam_set_item + +2000-05-09 11:42 millert + + * check.c, getspwuid.c, sudo.c, sudo.h, auth/sudo_auth.c: Fix root, + runas, and target authentication for non-passwd file auth + methods. + +2000-04-22 14:15 millert + + * sudo.pod, sudo.man.in, sudoers.man.in, sudoers.pod, visudo.pod, + sudo.cat, sudoers.cat, visudo.man.in, visudo.cat: Use B<-Z> not + C<-Z> for command line flags in all places. This is more + consistent and works around a bug in Pod::Man. + +2000-04-22 13:59 millert + + * sudoers.cat, sudoers.man.in, sudoers.pod: Fix an occurence of + 'semicolon' that should be 'colon' + +2000-04-19 15:30 millert + + * configure, configure.in: Fix --with-badpri help line + +2000-04-17 14:01 millert + + * defaults.c, logging.c, sudo.c: Bracket calls to syslog with an + openlog() and closelog() since some authentication methods (like + PAM) may do their own logging via syslog. Since we don't use + syslog much (usually just once per session) this doesn't really + incur a performance penalty. It also Fixes a SEGV with pam_kafs. + +2000-04-15 16:32 millert + + * sudo.c: Fix -H flag. runas_homedir is only valid after + set_perms(PERM_RUNAS, mode) + +2000-04-12 18:56 millert + + * INSTALL: Clarify the fact that insults are not enabled just by + including them in the binary. + +2000-04-07 10:39 millert + + * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat, + sudoers.cat, visudo.cat: Regenerated with perl 5.6.0 pod2man + +2000-04-07 10:38 millert + + * Makefile.in: Give date string to pod2man since its default is + ugly and it ain't got no alibi. + +2000-04-07 10:27 millert + + * Makefile.in: Do section substitution on the output of pod2man and + remove hack needed for old pod2man. + +2000-04-07 10:26 millert + + * sudo.pod, sudoers.pod, visudo.pod: Put back real man sections, we + will do the substitution later. + +2000-04-02 11:44 millert + + * configure, configure.in: Don't bother checking for the path to vi + if user specified --with-editor + +2000-04-01 17:25 millert + + * CHANGES, visudo.c: Visudo now does its own fork/exec instead of + calling system(3). + +2000-04-01 16:23 millert + + * CHANGES, INSTALL, Makefile.in, sudoers.cat, sudoers.man.in, + sudoers.pod, visudo.c: Visudo now checks for the existence of an + editor and gives a sensible error if it does not exist. + + The path to the editor for visudo is now a colon-separated list + of allowable editors. If the user has $EDITOR set and it matches + one of the allowed editors that editor will be used. If not, the + first editor in the list that actually exists is used. + +2000-04-01 16:22 millert + + * sudo.pod, sudo.cat, sudo.man.in: Clear up confusion wrt sudo's + return value. + +2000-03-27 12:08 millert + + * Makefile.in: Strip sudo and visudo for bindist target + +2000-03-26 22:26 millert + + * sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in, + sudoers.pod, visudo.cat, visudo.man.in, visudo.pod: Use + @mansectsu@ and @mansectform@ in the man page bodies as well. + +2000-03-26 22:07 millert + + * visudo.cat, visudo.man.in, visudo.pod: Typo: @sysconf@ -> + @sysconfdir@ + +2000-03-26 21:57 millert + + * Makefile.in: 'make dist' should not cause any files to be + modified so remove its dependencies. + +2000-03-26 21:43 millert + + * CHANGES: Whoops, forgot to add release marker + +2000-03-26 11:57 millert + + * CHANGES: Final change for 1.6.3 (or so I hope) + +2000-03-26 11:57 millert + + * sudo.cat, sudoers.cat, visudo.cat: Use SYSV man sections since + BSD systems will have nroff... + +2000-03-24 18:58 millert + + * parse.yacc: When checking to see if the host/user matches in a + defaults spec, check against TRUE, not just non-zero since it + might be -1. + +2000-03-24 15:14 millert + + * configure.in, configure: OSF/1 puts file formats in section 4, + not 5. + +2000-03-24 15:13 millert + + * CHANGES, INSTALL, sudo.c: Make login class support work on BSD/OS + +2000-03-23 20:24 millert + + * RUNSON: Update for 1.6.3 + +2000-03-23 20:23 millert + + * configure, configure.in: If there is no inet_addr but there *is* + an __inet_addr that's ok since inet_addr is probably just a macro + then. The better thing to do would be to look for the macro, but + this is fine for now. + +2000-03-23 19:50 millert + + * configure, configure.in: Don't use shlicc for BSD/OS 4.x + +2000-03-23 19:40 millert + + * Makefile.in, configure, configure.in: *.man lives in cwd, *.cat + lives in $(srcdir), add a @mansrcdir@ configure variable so we + can deal with this. Also, only remove *.man for 'distclean' not + 'clean'. + +2000-03-23 19:16 millert + + * sudo.c: set_loginclass() should be static like the proto says + +2000-03-23 14:14 millert + + * fnmatch.c: Add #ifdef __STDC__ around the rangematch function + header to avoid promotion of test to int, thus violating the + prototype. Gcc handles this gracefully but more std ANSI + compilers will complain. + +2000-03-23 10:11 millert + + * emul/fnmatch.h: Pull in newer fnmatch(3) that supports + FNM_CASEFOLD + +2000-03-23 10:11 millert + + * aclocal.m4, configure, fnmatch.3, fnmatch.c: Pull in newer + fnmatch(3) that supports FNM_CASEFOLD Check for FNM_CASEFOLD in + configure + +2000-03-22 23:41 millert + + * CHANGES, TODO: update for 1.6.3 + +2000-03-22 23:38 millert + + * lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc, sudo.tab.h, + testsudoers.c, visudo.c: Fully qualified hosts w/ wildcards were + not matching the FQHOST token type. There's really no need for a + separate token for fully-qualified vs. unqualified anymore so + FQHOST is now history and hostname_matches now decides which + hostname (short or long) to check based on whether or not the + pattern contains a '.'. + +2000-03-22 23:09 millert + + * parse.c, parse.h, parse.yacc, sudoers.pod, testsudoers.c, + visudo.c, sudoers.cat, sudoers.man.in: Add support for wildcards + in the hostname. + +2000-03-22 22:50 millert + + * Makefile.in: Add targets for *.man.in, using config.status to + generate *.man from *.man.in + +2000-03-22 22:20 millert + + * sudoers.cat, sudoers.man.in, sudoers.pod: Document set_logname + option and enbolden refs to sudo and visudo. + +2000-03-22 19:35 millert + + * INSTALL, Makefile.in, aclocal.m4, configure, configure.in, + sudo.cat, sudo.pod, sudo.man.in, sudoers.cat, sudoers.pod, + visudo.cat, visudo.pod, sudoers.man.in, visudo.man.in: Add + FreeBSD login.conf support (untested on BSD/OS) based on a patch + from Michael D. Marchionna. configure now does substitution on + the man pages, allowing us to fix up the paths and set the + section correctly. Based on an idea from Michael D. Marchionna. + +2000-03-22 19:27 millert + + * auth/passwd.c: Better fix for handling HP-UX aging info. + +2000-03-22 19:20 millert + + * sudo.c: Add support for set_logname run-time default + +2000-03-22 19:17 millert + + * sudo.man.in, sudoers.man.in, visudo.man.in: configure does + substitution on these to produce *.man + +2000-03-22 19:16 millert + + * sudo.man, sudoers.man, visudo.man: These files now get generated + from *.man.in at configure time. + +2000-03-22 18:40 millert + + * defaults.c, defaults.h: Add set_logname option so users can turn + off setting of LOGNAME/USER environment variables. + +2000-03-22 10:53 millert + + * testsudoers.c, lsearch.c, parse.c: kill register + +2000-03-13 15:52 millert + + * auth/passwd.c: HP-UX adds extra info at the end for password + aging so when comparing the result of crypt to pw_passwd we only + compare the first len(epass) bytes *unless* the user entered an + empty string for a password. + +2000-03-13 11:05 millert + + * logging.c: Get rid of grandchild hack, it was causing problems + and there is really no need for it. This fixes a bug where we + spin eating up CPU when the user runs a long-running process like + a shell. + +2000-03-07 14:26 millert + + * sudo.c: User can always specify a login class if he/she is + already root. + +2000-03-06 23:29 millert + + * config.h.in, configure, configure.in, defaults.c, defaults.h, + sudo.c, sudo.h: FreeBSD login class (login.conf) support. + +2000-03-06 14:42 millert + + * auth/sudo_auth.c: HAVE_SECUREWARE -> HAVE_GETPRPWNAM; fixes + secureware support + +2000-03-03 18:04 millert + + * auth/passwd.c: Truncate unencrypted password to 8 chars if + encrypted password is exactly 13 characters (indicateing standard + a DES password). Many versions of crypt() do this for you, but + not all (like HP-UX's). + +2000-03-01 21:01 millert + + * INSTALL, RUNSON: Mention that gcc on dynix may have problems + +2000-02-29 17:46 millert + + * Makefile.in: Link visudo with NET_LIBS since we now call syslog + via defaults.c + +2000-02-29 17:41 millert + + * defaults.c: Use Argv[0] as the first arg to openlog() since + visudo uses this too. + +2000-02-28 18:58 millert + + * sudo.c: Stash coredumpsize resource limit and retsore it before + the exec() Otherwise the child ends up with a coredumpsize of 0. + +2000-02-26 22:56 millert + + * sudo.cat, sudo.man, sudo.pod: document -S flag + +2000-02-26 22:54 millert + + * sudo.c: fix usage string + +2000-02-26 22:48 millert + + * CHANGES, RUNSON, TODO, sudo.c, sudo.h, tgetpass.c, + auth/aix_auth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Added + -S flag (read passwd from stdin) and tgetpass_flags global that + holds flags to be passed in to tgetpass(). Change echo_off param + to tgetpass() into a flags field. There are currently 2 possible + flags for tgetpass(): TGP_ECHO and TGP_STDIN. In tgetpass(), + abstract the echo set/clear via macros and if (flags & TGP_ECHO) + but echo is not set on the terminal, but sure to set it. + +2000-02-26 22:11 millert + + * tgetpass.c: Fixed a bug that caused an infinite loop when the + password timeout was disabled. + +2000-02-18 12:56 millert + + * CHANGES, defaults.c, defaults.h, getspwuid.c, sudo.c, sudo.h, + sudoers.cat, sudoers.man, sudoers.pod, visudo.c: Add rootpw, + runaspw, and targetpw options. + +2000-02-18 12:11 millert + + * CHANGES, defaults.c, sudoers.cat, sudoers.man, sudoers.pod, + visudo.c: enveditor -> env_editor + +2000-02-15 19:07 millert + + * BUGS, INSTALL, Makefile.in, README, configure, configure.in, + sudo.cat, sudo.man, sudoers.cat, sudoers.man, version.h, + visudo.cat, visudo.man: crank versino to 1.6.3 + +2000-02-15 19:03 millert + + * INSTALL, TODO, defaults.c, defaults.h, sudoers.cat, sudoers.man, + sudoers.pod, visudo.c: Add 'editor' and 'enveditor' sudoers + defaults and make visudo honor them. This means that visudo will + now parse the sudoers file *before* it is edited so a bogus + sudoers file will cause a warning to go to stderr. Also, visudo + checks the variables once--it does not check them after each + editor run since that could be confusing. + +2000-02-15 18:49 millert + + * RUNSON: 1.6.2 -> 1.6.2p1 + +2000-02-15 18:36 millert + + * check.c, sudo.c, sudo.h: Move user_is_exempt prototype into + sudo.h + +2000-02-13 13:38 millert + + * configure, configure.in: Fix thinko, some && should have been || + in the last commit + +2000-02-13 13:28 millert + + * configure, configure.in: Don't initialized Makefile variables to + be NULL since the user may want to import variables from their + environment. + +2000-02-03 21:09 millert + + * configure, configure.in: typo + +2000-01-27 15:01 millert + + * INSTALL, RUNSON, configure, configure.in: Make pam work on HP-UX + 11.0;jaearick@colby.edu + +2000-01-27 15:01 millert + + * CHANGES: recent changes; prepare for 1.6.2p1 + +2000-01-26 23:31 millert + + * find_path.c: Don't apply SECURE_PATH if user is example; + jmknoble@pobox.com + +2000-01-26 16:21 millert + + * sudoers.cat, sudoers.man, sudoers.pod: Expanded docs on sudoers + 'defaults' options based on INSTALL file info. + +2000-01-26 16:21 millert + + * INSTALL: Fix some while lies + +2000-01-24 10:48 millert + + * Makefile.in: When making a bindist, link FAQ to TROUBLESHOOTING + instead of copying. + +2000-01-23 22:57 millert + + * sudoers.cat, sudoers.man, sudoers.pod: Add netgroup caveat + +2000-01-23 22:42 millert + + * RUNSON: Last minute updates + +2000-01-23 22:26 millert + + * TROUBLESHOOTING: PAM entry + +2000-01-23 22:23 millert + + * auth/pam.c: correct a comment + +2000-01-23 22:03 millert + + * CHANGES, RUNSON: update for 1.6.2 + +2000-01-23 21:59 millert + + * auth/pam.c: Better detection of PAM errors and fix custom prompts + with PAM. Based on patches from "Cloyce D. Spradling" + <cloyce@headgear.org> + +2000-01-20 11:15 millert + + * snprintf.c: Cast ULONG_MAX to unsigned long long when comparing + to an unsigned long long value. + +2000-01-19 14:07 millert + + * CHANGES, config.h.in, configure, configure.in, visudo.c: Fix + sudoers locking in visudo. We now lock the sudoers file itself, + not the temp file (since locking the temp file can foul up + editors). The previous locking scheme didn't work because the fd + was closed too early. + +2000-01-19 13:37 millert + + * configure, config.h.in, configure.in: Don't need test for + ftruncate() any more. + +2000-01-18 21:23 millert + + * configure, configure.in: Add a test for the -Aa flag w/ HP-UX's + cc. Fixes compilation with the unbundled HP-UX cc. + +2000-01-18 17:00 millert + + * sudoers.cat, sudoers.man, sudoers.pod: "a a" -> "a"; Aaron + Campbell <aaron@cs.dal.ca> + +2000-01-17 18:46 millert + + * LICENSE, Makefile.in, defaults.c, defaults.h, parse.c, parse.h, + parse.yacc, sudo.c, sudo.h, sudoers.pod, testsudoers.c, + tgetpass.c, version.h, visudo.c: update copyright year on changed + files + +2000-01-17 18:45 millert + + * RUNSON: updates + +2000-01-17 18:45 millert + + * CHANGES: aix fix + +2000-01-17 18:42 millert + + * INSTALL: Crank version to 1.6.2 + +2000-01-17 18:11 millert + + * configure: Crank version to 1.6.2 + +2000-01-17 17:46 millert + + * sudo.c: When using rlimit check for RLIM_INFINITY When computing + the value of maxfd, use min(getdtablesize(), RLIMIT_NOFILE) + +2000-01-17 12:32 millert + + * CHANGES: recent changes + +2000-01-17 12:28 millert + + * BUGS, Makefile.in, README, configure.in, sudo.cat, sudo.man, + sudoers.cat, sudoers.man, version.h, visudo.cat, visudo.man: + Crank version to 1.6.2 + +2000-01-17 12:25 millert + + * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.pod: Add + 'shell_noargs' runtime option back in. We have to defer checking + until after the sudoers file has been parsed but since there are + now other options that operate that way this one can too. Based + on a patch from bguillory@email.com. + +2000-01-16 23:05 millert + + * defaults.c, defaults.h, parse.c, sudo.c, sudo.h: Add "listpw" and + "verifypw" options. + +2000-01-16 22:57 millert + + * sudoers.cat, sudoers.man, sudoers.pod: o Fix some typos/omissions + o Add section on verifypw and listpw o Define how NOPASSWD + interacts with the -v and -l flags + +2000-01-14 12:39 millert + + * configure, configure.in: For HP-UX cc, add -Aa to CPPFLAGS. For + HP-UX always add -D_HPUX_SOURCE to CPPFLAGS. + +2000-01-14 12:29 millert + + * defaults.c, defaults.h: In struct sudo_defs_types, move the union + to the end and don't initialize the union member since that only + works with an ANSI compiler. We set the value of the union by + hand in init_defaults() anyway. This allows sudo to compile on a + K&R compiler again. + +2000-01-11 13:20 millert + + * parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c: + netgr_matches needs to check shost as well as host since they may + be different. + +2000-01-11 13:17 millert + + * tgetpass.c: End on \r as well as \n + +2000-01-02 23:53 millert + + * sudo.c: Update statbuf.st_mode based on SUDOERS_MODE when we are + chaning from 0400 to whatever SUDOERS_MODE is (converting from + the old sudoers mode). Assumes that SUDOERS_MODE is less + restrictive than 0400 which should always be the case. + +2000-01-02 23:43 millert + + * parse.c, parse.yacc, sudo.c, sudo.h: Make treatment of -l and -v + sane wrt NOPASSWD flags. Now allow -l w/o a passwd if there is + *any* entry for the user on the host with a NOPASSWD flag. For + -v, only allow w/o a passwd if *all* entries for the user on the + host w/ the specified runas user have the NOPASSWD flag set. + +2000-01-02 23:26 millert + + * Makefile.in: add check target + +1999-12-16 13:02 millert + + * visudo.c: Treat EOF at whatnow prompt like 'x' instead of + looping. + +1999-12-10 00:09 millert + + * CHANGES: recent changes + +1999-12-08 23:04 millert + + * config.h.in, configure, configure.in, sudo.c: Add check for + initgroups() since old SYSV lacks this. + +1999-12-08 22:54 millert + + * CHANGES, RUNSON, aclocal.m4, config.h.in, configure, + configure.in, parse.c, testsudoers.c: o Kill HAVE_FNMATCH_H o + Only define HAVE_FNMATCH if <fnmatch.h> exists. + +1999-12-06 01:47 millert + + * CHANGES, RUNSON, insults.h, auth/sudo_auth.c: Don't allow insults + to be enabled if the insults[] array is empty. Otherwise there + would be division by zero. + +1999-12-06 01:25 millert + + * insults.h: Don't care about USE_INSULTS #define since the insult + stuff may be overridden at runtime. + +1999-12-06 01:23 millert + + * auth/sudo_auth.c: Honor insults flag. + +1999-12-05 19:14 millert + + * CHANGES, parse.c: Don't ask the user for a password if the user + is not allowed to run the command and the authenticate flag (in + sudoers) is false. + +1999-12-05 19:05 millert + + * CHANGES, RUNSON, lex.yy.c, parse.lex: o Whenever we get a bare + newline we change to the INITIAL state. o Enter GOTRUNAS when we + see Runas_Alias + + This allows #uid to work in a RunasAlias. + +1999-12-05 14:06 millert + + * CHANGES, parse.yacc: fix parsing of runas lists: o oprunasuser + and runaslist now return a value o in a runasspec, if a runaslist + does not return TRUE, set runas_matches to FALSE. Normally, a + runaslist only returns FALSE for explicitly denied users. o + since runaslist does not modify the stack there is no need for a + push/pop in runasalias. + +1999-12-04 21:54 millert + + * check.c, sudo.c: Don't kill the user's tickets until after + sudoers has been parsed since tty_tickets and ticket_dir could be + set in sudoers. + +1999-12-04 21:18 millert + + * BUGS, CHANGES, Makefile.binary, Makefile.in, README, RUNSON, + configure, configure.in, sudo.cat, sudo.man, sudoers.cat, + sudoers.man, tgetpass.c, version.h, visudo.cat, visudo.man: crank + version to 1.6 + +1999-12-04 21:18 millert + + * testsudoers.c: add set_fqdn() stub + +1999-12-02 15:31 millert + + * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.cat, + sudoers.man, sudoers.pod, visudo.c: o Kill shell_noargs option, + it cannot work since the command needs to be set before sudoers + is parsed. o Fix the "set_home" sudoers option (only worked at + compile time). o Fix "fqdn" sudoers option. We now set + host/shost via set_fqdn which gets called when the "fqdn" + option is set in sudoers. o Move the openlog() to + store_syslogfac() so this gets overridden correctly from the + sudoers file. + +1999-12-02 15:21 millert + + * auth/securid.c: SecurID support should compile now. + +1999-11-28 20:56 millert + + * sudo.pod, visudo.pod, sudo.cat, sudo.man, sudoers.man, + visudo.man, sudoers.cat, visudo.cat: fix some syntactic goofs + +1999-11-28 18:51 millert + + * sudo.html, sudoers.html, Makefile.in, visudo.html: No longer need + the .html files as they are generated automatically on the web + site. + +1999-11-28 18:49 millert + + * CHANGES, LICENSE: kill characters that made wml unhappy + +1999-11-28 18:34 millert + + * HISTORY: typo + +1999-11-25 12:05 millert + + * README: majordomo@cs.colorado.edu -> majordomo@courtesan.com + +1999-11-24 19:43 millert + + * Makefile.in, configure: Wrap script execution w/ /bin/sh for the + benefit of ctm + +1999-11-23 22:52 millert + + * sudo.c: Make the -s flag be exclusive too. Also reorder the + flags in the exclusive usage message so they are alphabetical. + +1999-11-23 13:27 millert + + * auth/pam.c: make pam errors other than PAM_PERM_DENIED fatal + +1999-11-23 13:07 millert + + * auth/API: fix typo + +1999-11-23 13:07 millert + + * INSTALL: make it clear that /etc/pam.d/sudo is required on linux + +1999-11-23 13:06 millert + + * auth/pam.c: fix a warning on redhat and spew an error if + pam_authenticate() returns an error other than AUTH_SUCCESS or + PAM_PERM_DENIED + +1999-11-23 00:43 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: Be very clear that the + password required is the user's not root's + +1999-11-19 21:04 millert + + * Makefile.in: add sample.syslog.conf to DISTFILES and BINFILES + +1999-11-18 19:13 millert + + * RUNSON: updates from Brian Jackson + some formatting + +1999-11-17 21:39 millert + + * INSTALL.binary, Makefile.binary, README, RUNSON: o One RUNSon + update o Changes for automating real binary releases + +1999-11-17 21:38 millert + + * Makefile.in: Add bindist target + +1999-11-16 16:26 millert + + * TROUBLESHOOTING: talk about run-time options in addition to + compile-time options + +1999-11-16 01:16 millert + + * CHANGES: fix typos + +1999-11-16 01:09 millert + + * sudo.c: need sys/time.h if HAVE_SETRLIMIT + +1999-11-16 00:42 millert + + * PORTING, README, RUNSON, sudo.c, sudo.cat, sudo.html, sudo.man, + sudo.pod, visudo.cat, visudo.html, visudo.man, visudo.pod: get + rid of references to sudo-bugs. Now mention the web site or the + sudo@ alias + +1999-11-16 00:35 millert + + * sudoers.html: repair pod2html damage + +1999-11-16 00:28 millert + + * RUNSON, TODO: Update for 1.6 release + +1999-11-16 00:23 millert + + * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Add warning + about using ALL in a command context. + +1999-11-09 15:12 millert + + * visudo.c: Call yyrestart() on a parse error to reset the lexer + state. + +1999-11-09 15:06 millert + + * parse.lex, lex.yy.c: Don't need YY_FLUSH_BUFFER after all Move + yyrestart() into visudo.c since it might not get called in yywrap + if we get a parse error (and we only reread the file on error + anyway). + +1999-11-09 14:32 millert + + * parse.lex, lex.yy.c: Call YY_FLUSH_BUFFER macro in yywrap() to + clean up any buffers that might still exist. Call yyrestart() + instead of using the deprecated YY_NEW_FILE macro. + +1999-11-09 12:13 millert + + * lex.yy.c, parse.lex: flex doesn't need %N table size declarations + +1999-11-08 19:00 millert + + * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Mention what + characters need to be escaped in names. + +1999-11-08 18:59 millert + + * configure: regen + +1999-11-08 18:59 millert + + * INSTALL: clarify Mac OS X entry + +1999-11-08 18:59 millert + + * RUNSON: update + +1999-11-08 17:45 millert + + * configure.in: o Use AC_MSG_ERROR throughout o Check syslog + configure options for danity + +1999-11-05 17:11 millert + + * defaults.c: Fix printing of type T_MODE in dump_defaults() + +1999-11-05 12:00 millert + + * strcasecmp.c: missing sys/types.h + +1999-11-05 00:42 millert + + * INSTALL: Break out options that may be overridden at run time + into their own section. Add a not about Max OS X and correct + some lies. + +1999-11-04 14:01 millert + + * CHANGES, config.h.in, configure, configure.in, sudo.c: o Now use + getrlimit to find the highest fd when closing all non-std fd's o + Turn off core dumps via setrlimit for the sake of paranoia + +1999-11-04 13:57 millert + + * RUNSON: updates + +1999-11-01 10:59 millert + + * CHANGES: updates + +1999-11-01 10:58 millert + + * tgetpass.c: When read()'ing, do a single character at a time to + be sure we don't go oast the newline. + +1999-11-01 10:43 millert + + * sudo.c: For the sudo_root option, check against user_uid, not + getuid() since at this point, ruid == euid == 0. + +1999-10-31 23:14 millert + + * RUNSON: some updates + +1999-10-31 23:14 millert + + * logging.h: Fix compilation problem when --with-logging=file was + specified. This means that syslog is now required to build sudo + but that should not be a problem. If it is it can be fixed + trivially with a configure check for syslog() or syslog.h. + +1999-10-31 23:00 millert + + * tgetpass.c: Make this work again for things like "sudo echo hi | + more" where the tty gets put into character at a time mode. We + read until we read end of line or we run out of space (similar to + fgets(3)). + +1999-10-20 11:23 millert + + * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: change ital + to bold + +1999-10-20 11:23 millert + + * RUNSON: update + +1999-10-16 13:56 millert + + * defaults.c: Error out if syslog parameters are given without a + value. For Ultrix or 4.2BSD "syslog" is allowed without a value + since there are no facilities in the 4.2BSD syslog. + +1999-10-15 16:37 millert + + * defaults.c: Ignore the syslog facility for systems w/ old syslog + like Ultrix. + +1999-10-15 12:51 millert + + * TROUBLESHOOTING: people with "." early in their path can have + problems running sudo from the build dir ;-) + +1999-10-13 00:18 millert + + * sudo.man, sudo.pod, sudo.cat, sudo.html: Remove -r realm option + +1999-10-12 22:34 millert + + * configure, configure.in, sudo.c, auth/kerb5.c, auth/sudo_auth.c, + auth/sudo_auth.h: New krb5 code from Frank Cusack + <fcusack@iconnet.net>. + +1999-10-12 22:33 millert + + * CHANGES: update to reality + +1999-10-11 20:53 millert + + * auth/fwtk.c: include <auth.h> to get function prototypes. + +1999-10-11 20:05 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: document -L flag + +1999-10-11 19:42 millert + + * sudo.c: in set_perms(), always call setuid(0) before changing the + ruid/euid so we always know it will succeed. + +1999-10-11 12:24 millert + + * defaults.h: #undef T_FOO to avoid conflicts with system defines + (like on ULTRIX). + +1999-10-11 11:55 millert + + * TODO, sample.sudoers, sudoers.cat, sudoers.html, sudoers.man, + sudoers.pod: Docuement "Defaults" lines in /etc/sudoers. Still + needs some fleshing out but this is a start. + +1999-10-10 17:21 millert + + * defaults.c: use strtol, not strtoul since not everyone has not + strtoul + +1999-10-10 15:01 millert + + * lex.yy.c, parse.lex: last {WORD} rule should only apply in the + INITIAL state + +1999-10-10 14:38 millert + + * lex.yy.c, parse.lex: o Add support for escaped characters in the + WORD macro o Modify fill() to squash escape chars + +1999-10-10 13:56 millert + + * defaults.c, defaults.h: o Add T_PATH flag to allow simple sanity + checks for default values that are supposed to be pathnames. o + Fix a duplicate free when visudo finds an error. + +1999-10-09 01:01 millert + + * defaults.c, defaults.h, logging.c: mail_if_foo -> mail_foo + +1999-10-07 21:12 millert + + * compat.h, defaults.c, defaults.h, sudo.c, tgetpass.c: o Add + requiretty option o Move O_NOCTTY to compat.h + +1999-10-07 21:12 millert + + * logging.c: The exit() in log_error() was mistakenly removed in a + previous version. Put it back... + +1999-10-07 17:20 millert + + * INSTALL, TODO, check.c, config.h.in, configure, configure.in, + defaults.c, defaults.h, find_path.c, getspwuid.c, lex.yy.c, + logging.c, parse.yacc, sudo.c, auth/aix_auth.c, auth/fwtk.c, + auth/pam.c, auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: o + Change defaults stuff to put the value right in the struct. o + Implement mailer_flags o Store syslog stuff both in int and + string form. Setting the string form magically updates the int + version. o Add boolean attribute to strings where it makes sense + to say !foo + +1999-10-07 17:13 millert + + * tgetpass.c: add O_NOCTTY when opening /dev/tty just in case + +1999-10-06 00:48 millert + + * auth/API: cleanup function no longer takes a status arg + +1999-10-06 00:48 millert + + * INSTALL: the the + +1999-09-15 05:15 millert + + * TODO, config.h.in, configure, configure.in, logging.c: Use + strftime() instead of ctime() if it is available. + +1999-09-14 12:58 millert + + * defaults.c: fix copyright date + +1999-09-14 12:57 millert + + * RUNSON: update ReliantUNIX entry + +1999-09-14 12:56 millert + + * defaults.c, defaults.h, logging.c: add log_year option + +1999-09-14 04:01 millert + + * configure, configure.in: add --without-sendmail to help output + +1999-09-14 03:42 millert + + * configure, configure.in: enforce an otctal arg for + --with-suoders-mode + +1999-09-08 04:06 millert + + * BUGS, INSTALL, Makefile.in, TODO, aclocal.m4, check.c, + config.h.in, configure, configure.in, defaults.c, defaults.h, + find_path.c, lex.yy.c, logging.c, parse.h, parse.lex, parse.yacc, + sudo.c, sudo.h, sudo.tab.h, testsudoers.c, version.c, visudo.c, + auth/aix_auth.c, auth/fwtk.c, auth/kerb5.c, auth/pam.c, + auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: Add support for + "Defaults" line in sudoers to make configuration variables + changable at runtime (and on a global, per-host and per-user + basis). Both the names and the internal representation are still + subject to change. It was necessary to make sudo_user.runas but + a char ** instead of a char * since this value can be changed by + a Defaults line. There is a similar (but more complicated) issue + with sudo_user.prompt but it is handled differently at the + moment. + + Add a "-L" flag to list the name of options with their + descriptions. This may only be temporary. + + Move some prototypes to parse.h + + Be much less restrictive on what is allowed for a username. + +1999-09-08 04:01 millert + + * sample.syslog.conf: Add more info + +1999-09-04 03:09 millert + + * fnmatch.3, fnmatch.c, getcwd.c, lsearch.c, snprintf.c, + strcasecmp.c, LICENSE: UCB has dropped the advertising clause + from their license. + +1999-08-31 05:39 millert + + * auth/sudo_auth.h: move dce_verofy proto to correct section + +1999-08-31 05:39 millert + + * auth/dce.c: remove XXX + +1999-08-28 06:00 millert + + * emul/fnmatch.h: Add fnmatch() prototype + +1999-08-28 06:00 millert + + * fnmatch.c, parse.c, testsudoers.c: Move inclusion of + emul/fnmatch.h to be after sudo.h for __P + +1999-08-28 05:59 millert + + * sudo.h: add strcasecmp proto + +1999-08-28 05:50 millert + + * auth/sudo_auth.c: add check for case where there are no auth + methods + +1999-08-28 05:36 millert + + * configure, configure.in: Define _XOPEN_EXTENDED_SOURCE on AIX and + __USE_FIXED_PROTOTYPES__ on SunOS4 w/ gcc + +1999-08-28 05:24 millert + + * getspwuid.c, lex.yy.c, parse.lex, parse.yacc: include strings.h + everywhere we include string.h + +1999-08-28 05:22 millert + + * version.c: nicer output when showing auth methods + +1999-08-28 05:00 millert + + * version.c: Add support for SEND_MAIL_WHEN_NO_HOST + +1999-08-28 04:49 millert + + * config.h.in, configure.in, configure: Add _GNU_SOURCE for Linux + +1999-08-28 04:22 millert + + * parse.lex, lex.yy.c: fix definition of OCTECT + +1999-08-28 04:10 millert + + * configure, configure.in: aix_auth.o not authenticate.o + +1999-08-27 17:02 millert + + * sudo.c: Only block SIGINT, SIGQUIT, SIGTSTP (which can be + generated from the keyboard). Since we run with ruid/euid == 0 + the user can't really signal us in nasty ways. + +1999-08-27 17:01 millert + + * visudo.c: Don't need to worry about catching too many signals + since we do locking on the tmp file. If a lockfile is really + stale, it will be detected and overwritten. + +1999-08-27 16:09 millert + + * INSTALL, Makefile.in: include auth/API in tarball + +1999-08-27 16:09 millert + + * auth/sudo_auth.c: move memset() of plaintext pw outside of verify + loop and only do the memset if we are *not* in standalone mode. + +1999-08-27 13:46 millert + + * auth/: sudo_auth.c, sudo_auth.h: DCE is not a standalone method + +1999-08-27 11:53 millert + + * sudo.c: fix --enable-noargs-shell + +1999-08-27 11:06 millert + + * snprintf.c: "#ifdef __STDC__" not "#if __STDC__" (I missed one) + +1999-08-27 10:54 millert + + * auth/: fwtk.c, sia.c: _cleanup() function returns an int. + +1999-08-27 10:50 millert + + * auth/dce.c: there were still some return(0)'s hanging around, + make them AUTH_FAILURE + +1999-08-27 10:39 millert + + * parse.c: typo in comment + +1999-08-27 10:03 millert + + * version.c: add missing semicolon + +1999-08-27 08:31 millert + + * auth/sudo_auth.h: missing backslash + +1999-08-26 17:24 millert + + * CHANGES, config.h.in, configure, configure.in: Kill + _XOPEN_EXTENDED_SOURCE -- causes problems on some OSes + +1999-08-26 09:21 millert + + * Makefile.in: add parse.h to HDRS + +1999-08-26 09:16 millert + + * Makefile.in, configure, configure.in: Kill VISUDO_LIBS and + VISUDO_LDFLAGS. Add LIBS, NET_LIBS, and LDFLAGS. Common libs go + in LIBS, commong ld flags go in LDFLAGS and network libs like + -lsocket, -lnsl go in NET_LIBS. This allows testsudoers to build + on Solaris and is a bit cleaner in general. + +1999-08-26 06:56 millert + + * UPGRADE: mention ptmp -> sudoers.tmp + +1999-08-26 06:12 millert + + * configure.in, configure, config.h.in: Define + _XOPEN_SOURCE_EXTENDED not _XOPEN_SOURCE + +1999-08-26 05:37 millert + + * RUNSON: add 2 reports + +1999-08-26 05:20 millert + + * auth/kerb5.c: Minor changes, mostly cosmetic. + verify_krb_v5_tgt() changed to return a value more like a system + function + +1999-08-26 05:19 millert + + * auth/dce.c: Add an XXX + +1999-08-26 05:19 millert + + * TODO: more things todo! + +1999-08-26 05:18 millert + + * sample.sudoers: update based on what is in the man page + +1999-08-26 05:10 millert + + * parse.yacc: minor change to first line printed in -l mode + +1999-08-26 05:10 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: rename "ENVIRONMENT + VARIABLES" section to "ENVIRONMENT" to be more standard and add + "EXAMPLES" section + +1999-08-26 05:08 millert + + * visudo.cat, visudo.html, visudo.man, visudo.pod: rename + "ENVIRONMENT VARIABLES" section to "ENVIRONMENT" to be more + standard + +1999-08-26 05:06 millert + + * logging.c, parse.c, sudo.h: add FLAG_NO_CHECK + +1999-08-26 05:05 millert + + * parse.lex, lex.yy.c: make an OCTET really be limited to 0-255 + +1999-08-26 05:04 millert + + * UPGRADE: mention timestamp changes + +1999-08-26 05:04 millert + + * PORTING: cosmetic cleanup + +1999-08-26 05:00 millert + + * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: new + sudoers(8) man page + +1999-08-24 13:45 millert + + * version.c: Update comments about syslog name tables + +1999-08-24 13:37 millert + + * CHANGES, LICENSE, Makefile.in, configure, strcasecmp.c, + configure.in, parse.yacc: include strcasecmp() for those without + it + +1999-08-24 12:43 millert + + * sample.sudoers: Use the : operator some more and fix a typo + +1999-08-24 12:43 millert + + * HISTORY: update the history of sudo + +1999-08-24 12:42 millert + + * parse.c, parse.lex, testsudoers.c: CIDR-style netmask support + +1999-08-24 12:41 millert + + * CHANGES: recent changes + +1999-08-24 12:40 millert + + * sudo.tab.h: these should be generated with byacc, not bison + +1999-08-24 12:40 millert + + * lex.yy.c: regen + +1999-08-24 11:58 millert + + * parse.h, parse.yacc, sudo.tab.h: In "sudo -l" mode, the type of + the stored (expanded) alias was not stored with the contents. + This could lead to incorrect output if the sudoers file had + different alias types with the same name. Normal parsing (ie: + not in '-l' mode) is unaffected. + +1999-08-23 12:47 millert + + * configure, configure.in: define _XOPEN_SOURCE to get at crypt() + proto on some systems + +1999-08-22 13:10 millert + + * snprintf.c: fix comment + +1999-08-22 13:09 millert + + * tgetpass.c: don't need limits.h + +1999-08-22 07:36 millert + + * snprintf.c: kill bogus reference to vfprintf + +1999-08-22 07:26 millert + + * sample.sudoers, sudoers: better examples + +1999-08-22 07:23 millert + + * snprintf.c: Add some const in the K&R defs. This is safe since + we define const away if the compiler doesn't grok it. + +1999-08-22 07:22 millert + + * aclocal.m4, configure: Better test for working long long support. + Ultrix compiler supports basic long long but not all operations + on them. + +1999-08-22 05:59 millert + + * aclocal.m4, config.h.in, configure, getspwuid.c, snprintf.c, + sudo.c, auth/secureware.c: Add check for LONG_IS_QUAD #undef + MAXINT before including hpsecurity.h to silence an HP-UX warning + Check for U?LONG_LONG_MAX in snprintf.c and use LONG_IS_QUAD + +1999-08-21 15:00 millert + + * LICENSE, aclocal.m4, config.h.in, configure, configure.in, + snprintf.c: UCB-derived snprintf + asprintf support. Supports + quads if the compiler does. No floating point yet, perhaps + later... + +1999-08-20 16:37 millert + + * check.c, find_path.c, goodpath.c, logging.c, parse.c, sudo.c, + auth/API, auth/sudo_auth.c, auth/sudo_auth.h: Run most of the + code as root, not the invoking user. It doesn't really gain us + anything to run as the user since an attacker can just have an + setuid(0) in their egg. Running as root solves potential + problems wrt signalling. + +1999-08-19 13:45 millert + + * logging.c, sudo.c: Don't wait for child to finish in log_error(), + let the signal handler get it if we are still running, else let + init reap it for us. The extra time it takes to wait lets the + user know that mail is being sent. + + Install SIGCHLD handler in main() and for POSIX signals, block + everything *except* SIGCHLD. + +1999-08-19 12:30 millert + + * logging.c, parse.c, parse.yacc, sudo.c, configure, sudo.h, + INSTALL, config.h.in, configure.in: sudoers_lookup() now returns + a bitmap instead of an int. This makes it possible to express + things like "failed to validate because user not listed for this + host". Some thigns that were previously VALIDATE_FOO are now + FLAG_FOO. This may change later on. + + Reorganized code in log_auth() and sudo.c to deal with above + changes. + + Safer versions of push/pushcp with in the do { ... } while (0) + style + + parse.yacc now saves info on the stack to allow parse.c to + determine if a user was listed, but not for the host he/she tried + to run on. + + Added --with-mail-if-no-host option + +1999-08-17 11:29 millert + + * parse.yacc, sudo.h, visudo.c, visudo.cat, visudo.html, + visudo.man, visudo.pod: o NewArgv and NewArgc don't need to be + externally visible. o If pedantic > 1, it is a parse error. o + Add -s (strict) option to visudo which sets pedantic to 2. + +1999-08-17 11:26 millert + + * HISTORY, INSTALL: Just have sudo-bugs contact info in one place + +1999-08-17 11:20 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: Add BUGS section + +1999-08-17 10:29 millert + + * configure, configure.in, Makefile.in: Add testsudoers to default + build target if --with-devel Don't clean generated parser files + unless "distclean". + +1999-08-17 08:47 millert + + * parse.yacc: In pedantic mode we need to save *all* the aliases, + not just those that match, or we get spurious warnings. + +1999-08-17 05:32 millert + + * TROUBLESHOOTING: reference samples.sylog.conf + +1999-08-14 11:50 millert + + * sample.syslog.conf: Sample entries for syslog.conf + +1999-08-14 11:40 millert + + * CHANGES: recent changes + +1999-08-14 11:36 millert + + * auth/: API, afs.c, aix_auth.c, dce.c, fwtk.c, kerb4.c, kerb5.c, + pam.c, passwd.c, rfc1938.c, secureware.c, securid.c, sia.c, + sudo_auth.c, sudo_auth.h: In struct sudo_auth, turn need_root and + configured into flags and add a flag to specify an auth method is + running alone (the only one). Pass auth methods their sudo_auth + pointer, not the data pointer. This allows us to get at the + flags and tell if we are the only auth method. That, in turn, + allows the method to be able to decide what should/should not be + a fatal error. Currently only rfc1938 uses it this way, which + allows us to kill the OTP_ONLY define and te hackery that went + with it. With access to the sudo_auth struct, methods can also + get at a string holding their cannonical name (useful in error + messages). + +1999-08-14 11:34 millert + + * Makefile.in, INSTALL, README, config.h.in, configure, + configure.in, getspwuid.c, lex.yy.c, parse.lex, parse.yacc, + sudo.tab.h: o --with-otp deprecated, use --without-passwd instead + o real dependencies in the Makefile o --with-devel option to + enable yacc, lex, and -Wall o style -- "foo -> bar" becomes + "foo->bar" o ALL goes back to being a token, not a string but + don't leak memory o rename hsotspec -> host in parse.yacc + +1999-08-12 12:26 millert + + * BUGS, CHANGES: recent changes + +1999-08-12 12:24 millert + + * configure, configure.in, interfaces.c, snprintf.c, sudo.c, + sudo.h, auth/sudo_auth.c: o Digital UNIX needs to check for + *snprintf() before -ldb is added to LIBS since -ldb includes a + bogus snprintf(). o Add forward refs for struct mbuf and struct + rtentry for Digital UNIX. o Reorder some functions in snprintf.c + to fix -Wall o Add missing includes to fix more -Wall + +1999-08-12 10:37 millert + + * INSTALL, check.c, config.h.in, configure, configure.in, + parse.yacc, testsudoers.c, version.c, visudo.c, auth/sudo_auth.c: + o Add a "pedentic" flag to the parser. This makes sudo warn in + cases where an alias may be used before it is defined. Only + turned on for visudo and testsudoers. o Add + --disable-authentication option that makes sudo not require + authentication by default. The PASSWD tag can be used to require + authentication for an entry. We no longer overload + --without-passwd. + +1999-08-12 10:29 millert + + * lex.yy.c, parse.lex: Break 'WORD' regexp def into HOSTNAME and + USERNAME. These days a username can contain just about anything + so be very permissive. Also drop the unused \. punctuation. + +1999-08-09 18:25 millert + + * parse.yacc: o add a 'val' element to aliasinfo struct and move -> + parse.h o find_alias() now returns an aliasinfo * instead of + boolean o add_alias() now takes a value parameter to store in the + aliasinfo.val o The cmnd, hostspec, runasuser, and user rules now + return: 1) positive match 0) negative match (due to '!') -1) no + match This means setting $$ explicitly in all cases, which I + should have done in the first place. It also means that we + always store a value that is != -1 and when we see a '!' we can + set *_matches to !rv if rv != -1. The upshot of all of this is + that '!' now works the way it should in lists and some of the + rules are more uniform and sensible. + +1999-08-09 18:17 millert + + * Makefile.in: add parse.h dependency + +1999-08-09 18:17 millert + + * parse.h: kill unused *_matched macros + +1999-08-09 10:35 millert + + * parse.yacc: Allow a list of users as the first thing in a user + spec, not just a single entry. This makes things more uniform, + though it does allow you to write user specs that are hard to + read. + +1999-08-09 10:08 millert + + * configure: regen + +1999-08-09 10:08 millert + + * configure.in: fix check for crypt() in libufc + +1999-08-07 14:03 millert + + * README: sudo-users list now exists + +1999-08-07 07:46 millert + + * INSTALL, PORTING, README, TODO, TROUBLESHOOTING: Update to + reality. + +1999-08-07 05:59 millert + + * CHANGES, Makefile.in, TODO, TROUBLESHOOTING, check.c, compat.h, + config.h.in, configure.in, logging.c, sudo.h, version.c, + visudo.c, configure, fileops.c: o Move lock_file() and touch() + into fileops.c so visudo can use them o Visudo now locks the + sudoers temp file instead of bailing when the temp file already + exists. This fixes the problem of stale temp files but it does + *require* that you not try to put the temp file in a + world-writable directory. This shoud not be an issue as the temp + file should live in the same dir as sudoers. o Visudo now only + installs the temp file as sudoers if it changed. + +1999-08-06 09:49 millert + + * logging.c: add fcntl locking + +1999-08-06 09:33 millert + + * configure, config.h.in, configure.in, logging.c: Lock the log + file. + +1999-08-06 05:36 millert + + * Makefile.in, TROUBLESHOOTING, parse.c, pathnames.h.in, sudo.c, + visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod: o + /etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow + temp file o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and + _PATH_SUDO_STMP -> _PATH_SUDOERS_TMP + +1999-08-05 17:38 millert + + * INSTALL, check.c, config.h.in, configure, configure.in, + version.c: o Kill *_MESSAGE and replace with NO_LECTURE o Add + more things to root sudo -V config reporting + +1999-08-05 10:56 millert + + * configure, configure.in: aix_auth.o not authenticate.o + +1999-08-05 10:48 millert + + * config.h.in: Add --with-goodpri and --with-badpri configure + options to specify the syslog priority to use. + +1999-08-05 10:30 millert + + * INSTALL, configure.in, logging.h, configure: Add --with-goodpri + and --with-badpri configure options to specify the syslog + priority to use. + +1999-08-05 10:25 millert + + * compat.h: kill crufty AIX stuff + +1999-08-05 06:55 millert + + * Makefile.in: Sigh, some versions of make (like Solaris's) don't + deal with $< like I would expect. Both GNU and BSD makes get + this right but... So, we just expand $< inline at the cost of + some ugliness. + +1999-08-05 06:52 millert + + * version.c: If the invoking user is root, sudo will now print + configure info in -V mode. Currently just prints logging info, + to be expanded later. + +1999-08-05 06:51 millert + + * logging.c, logging.h, sudo.c, sudo.h: o new defines for syslog + facility and priority o use new print_version() functino for -V + mode + +1999-08-05 06:49 millert + + * check.c: Don't need version.c + +1999-08-05 06:21 millert + + * configure, configure.in, aclocal.m4, config.h.in: Add check for + syslog facilities and priorities tables in syslog.h + +1999-08-05 05:23 millert + + * Makefile.in: o authenticate -> aix_auth o add version.c + +1999-08-05 05:21 millert + + * auth/sudo_auth.c: Missed a prompt -> user_prompt conversion + +1999-08-04 13:32 millert + + * TODO: sudo should lock its logfile + +1999-08-04 13:28 millert + + * parse.yacc: o Add '!' correctly when expanding Aliases. o Add + shortcut macros for append() to make things more readable. o The + separator in append() is now a string instead of a char. o In + append(), only prepend the separator if the last char is not a + '!'. This is a hack but it greatly simplifies '!' handling. o + In -l mode, Runas lists and NOPASSWD/PASSWD tags are now + inherited across entries in a list (matches current behavior). + o Fix formatting in -l mode such that items in a list are + separated by a space. Greatlt improves readability. o Space + for name field in struct aliasinfo is now allocated dyanically + instead of using a (big) buffer. o In add_alias(), only search + the list once (lsearch instead of lfind + lsearch) + +1999-08-04 11:31 millert + + * lex.yy.c, sudo.tab.h: regen + +1999-08-04 10:54 millert + + * configure, configure.in: Solais pam doesn't require anye xtra + setup + +1999-08-04 05:35 millert + + * parse.yacc: o Simpler '!' support now that the lexer deals with + multiple !'s for us. o In the case of opFOO, have FOO give a + boolean return value and set foo_matches in opFOO, not FOO. o + Treat 'ALL' as a string since it gets fill()'d in + parse.lex--fixes a small memory leak. In the long run it may + be better to just fix parse.lex and make ALL back into a token. + However, having it be a string is useful since it can be + easily passed back to the parent rule if we so desire. + +1999-08-04 03:54 millert + + * parse.lex: o Remove some unnecessary backslashes o collapse + multiple !'s by using !+ and checking if yyleng is even or odd. + this allows us to simplify ! handling in parse.yacc + +1999-08-04 03:53 millert + + * sudo.c: -u flag was being ignored + +1999-08-01 13:04 millert + + * Makefile.in: correct fix + +1999-08-01 12:37 millert + + * Makefile.in: work around pod2man stupididy + +1999-08-01 12:35 millert + + * Makefile.in: correct dependencies for .cat + +1999-08-01 12:26 millert + + * sudo.cat, sudo.man, visudo.cat, visudo.man: regen + +1999-08-01 12:25 millert + + * sudo.pod, visudo.pod: Add copyright Update to reality + +1999-08-01 11:42 millert + + * parse.c, sudo.c, sudo.h: rename validate() to the more + descriptive sudoers_lookup() + +1999-08-01 06:49 millert + + * auth/aix_auth.c: use tgetpass + +1999-07-31 12:32 millert + + * CHANGES: updates + +1999-07-31 12:31 millert + + * HISTORY, INSTALL, Makefile.in, README, RUNSON, TROUBLESHOOTING, + configure, configure.in, sudo.c: Sudo, not CU Sudo + +1999-07-31 12:19 millert + + * Makefile.in, alloc.c, check.c, compat.h, config.h.in, + find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, interfaces.h, + lex.yy.c, logging.c, logging.h, parse.c, parse.h, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strerror.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c, auth/afs.c, auth/aix_auth.c, auth/dce.c, auth/fwtk.c, + auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c, + auth/rfc1938.c, auth/secureware.c, auth/securid.c, auth/sia.c, + auth/sudo_auth.c, auth/sudo_auth.h, emul/search.h, emul/utime.h, + LICENSE: add 4th term to license similar to term 5 in the apache + license + +1999-07-31 12:02 millert + + * LICENSE, aclocal.m4, check.c, configure.in, insults.h, logging.c, + sudo.c, sudo.h, auth/rfc1938.c: there was a 1995 release too + +1999-07-28 05:24 millert + + * CHANGES: updates + +1999-07-28 05:21 millert + + * check.c: Use dirs instead of files for timestamp. This allows + tty and non-tty schemes to coexist reasonably. Note, however, + that when you update a tty ticket, the mtime on the user dir gets + updated as well. + +1999-07-28 05:17 millert + + * configure.in, configure: Fix getprpwnam() checking on SCO. Need + to link with "-lprot -lx" when linking test program, not just + -lprot. Also add check for getspnam(). The SCO docs indicate + that /etc/shadow can be used but this may be a lie. + +1999-07-24 03:35 millert + + * auth/API: first cut at auth API description + +1999-07-22 15:48 millert + + * auth/: fwtk.c, kerb4.c, kerb5.c, pam.c, rfc1938.c, secureware.c, + securid.c, sudo_auth.c, sudo_auth.h: auth API change. There is + now an init method that gets run before the main loop. This + allows auth routines to differentiate between initialization that + happens once vs. setup that needs to run each time through the + loop. + +1999-07-22 12:23 millert + + * logging.c, auth/kerb5.c: use easprintf() and evasprintf() + +1999-07-22 12:22 millert + + * alloc.c, sudo.h: add easprintf() and evasprintf(), error checking + versions of asprintf() and vasprintf() + +1999-07-22 09:14 millert + + * TODO: remove 2 items. One done, one won't do. + +1999-07-22 09:10 millert + + * sudo.man, visudo.man, sudo.cat, sudo.html, sudoers.html, + visudo.cat, visudo.html, configure, lex.yy.c: regen + +1999-07-22 09:06 millert + + * CHANGES: new changes + +1999-07-22 09:01 millert + + * sudo.pod: o Document -K flag and update meaning of -k flag. o + BSD-style copyright o Document clearing of BIND resolver + environment variables o Clarify bit about shared libs o suggest + rc files create /tmp/.odus if your OS gives away files + +1999-07-22 08:59 millert + + * visudo.pod: BSD license + +1999-07-22 08:58 millert + + * tgetpass.c: o BSD copyright o no need to block signals, we now do + that in main() o cosmetic changes + +1999-07-22 08:57 millert + + * testsudoers.c, visudo.c: o BSD-style copyright o Use "struct + sudo_user" instead of old globals. o some cometic cleanup + +1999-07-22 08:56 millert + + * sudo_setenv.c, version.h: BSD-style copyright + +1999-07-22 08:56 millert + + * sudo.h: o BSD copyright o logging and parser bits moved to their + own .h files o new "struct sudo_user" to encapsulate many of the + old globals. + +1999-07-22 08:55 millert + + * sudo.c: o no longer contains sudo 1.1/1.2 code o BSD copyright o + use new logging routines o simplified flow of control o BIND + resolver additions to badenv_table + +1999-07-22 08:53 millert + + * strerror.c: BSD-style copyright + +1999-07-22 08:53 millert + + * snprintf.c: Now compiles on more K&R compilers + +1999-07-22 08:52 millert + + * putenv.c: BSD-style copyright, cosmetic changes + +1999-07-22 08:51 millert + + * parse.c, parse.yacc, parse.h, parse.lex: BSD-style copyright. + Move parser-specific defines and structs into parse.h + other + cosmetic changes + +1999-07-22 08:51 millert + + * logging.h: defines for logging routines + +1999-07-22 08:49 millert + + * ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.h, pathnames.h.in: BSD-style copyright + +1999-07-22 08:48 millert + + * find_path.c, getspwuid.c, goodpath.c, interfaces.c: BSD-style + copyright, cosmetic changes + +1999-07-22 08:46 millert + + * configure.in: o tgetpass.c is no longer optional o kill DCE_OBJS, + add AUTH_OBJS o kill --disable-tgetpass o add --without-passwd o + changes to fill in AUTH_OBJS for new auth api o check for + strerror(), v?snprintf() and v?asprintf() o replace + --with-AuthSRV with --with-fwtk + +1999-07-22 08:43 millert + + * config.h.in: BSD-style copyright. Remove USE_GETPASS and + HAVE_UTIME_NULL. Add HAVE_FWTK, HAVE_STRERROR, HAVE_SNPRINTF, + HAVE_VSNPRINTF, HAVE_ASPRINTF, HAVE_VASPRINTF, WITHOUT_PASSWD and + NO_PASSWD + +1999-07-22 08:42 millert + + * compat.h: BSD-style copyright; Add S_IFLNK and MIN/MAX id they + are missing. + +1999-07-22 08:39 millert + + * alloc.c: BSD-style copyright + +1999-07-22 08:38 millert + + * TROUBLESHOOTING: no more --with-getpass + +1999-07-22 08:34 millert + + * TODO: Take out things I've done... + +1999-07-22 08:34 millert + + * README: Refer to LICENSE + +1999-07-22 08:34 millert + + * PORTING: --with-getpass no longer exists + +1999-07-22 08:33 millert + + * Makefile.in: BSD-style copyright. Update to reflect reality wrt + new files and new auth modules. + +1999-07-22 08:32 millert + + * INSTALL: Remove --with-AuthSRV and --disable-tgetpass. Add + --with-fwtk and --without-passwd. + +1999-07-22 08:31 millert + + * HISTORY: Update history a bit + +1999-07-22 08:29 millert + + * COPYING, LICENSE: Now distributed under a BSD-style license + +1999-07-22 08:28 millert + + * auth/sudo_auth.c: o BSD-style copyright o Add support for + NO_PASSWD/WITHOUT_PASSWD options. o skey/opie replaced by + rfc1938 code o new struct sudo_user global + +1999-07-22 08:25 millert + + * auth/: pam.c, sia.c: BSD-style copyright and use new log + functions + +1999-07-22 08:24 millert + + * auth/kerb5.c: o BSD-style copyright o Use new log functiongs o + Use asprintf() and snprintf() where sensible. + +1999-07-22 08:19 millert + + * check.c: Rewrote all the old sudo 1.1/1.2 code. Timestamp + handling is now done more reasonably--better sanity checks and + tty-based stamps are now done as files in a directory with the + same name as the invoking user, eg. /var/run/sudo/millert/ttyp1. + It is not currently possible to mix tty and non-tty based ticket + schemes but this may change in the future (it requires sudo to + use a directory instead of a file in the non-tty case). Also, + ``sudo -k'' now sets the ticket back to the epoch and ``sudo -K'' + really deletes the file. That way you don't get the lecture + again just because you killed your ticket in .logout. BSD-style + copyright now. + +1999-07-22 08:13 millert + + * logging.c: o rewritten logging routines. log_error() now takes + printf-style varargs and log_auth() for the return value of + validate(). o BSD-style copyright + +1999-07-22 07:04 millert + + * auth.c, check_sia.c, dce_pwent.c, secureware.c: superceded by new + auth API + +1999-07-22 07:02 millert + + * auth/fwtk.c: Use snprintf() where it makes sense and add a + BSD-style copyright + +1999-07-22 07:00 millert + + * auth/: afs.c, aix_auth.c, dce.c, passwd.c, rfc1938.c, + secureware.c, securid.c, sudo_auth.h, kerb4.c: BSD-style + copyright + +1999-07-22 06:57 millert + + * emul/utime.h, utime.c: BSD-style copyright + +1999-07-22 06:57 millert + + * emul/search.h: this has been rewritten so use my BSD-style + copyright + +1999-07-15 11:21 millert + + * snprintf.c: include malloc.h if no stdlib.h + +1999-07-15 10:21 millert + + * snprintf.c: KTH snprintf()/asprintf() for systems w/o them + +1999-07-15 10:20 millert + + * strerror.c: strerror() for systems w/o it + +1999-07-12 06:53 millert + + * visudo.c: stylistic changes + +1999-07-12 06:25 millert + + * parse.c, parse.lex, parse.yacc: Add contribution info in the main + comment + +1999-07-11 16:10 millert + + * auth/pam.c: remove missed ref to PAM_nullpw + +1999-07-11 16:10 millert + + * auth/sudo_auth.h: pasto + +1999-07-11 15:19 millert + + * auth/kerb5.c: more or less complete now--still untested + +1999-07-11 15:09 millert + + * auth/: afs.c, pam.c: don't use user_name macro, it will go away + +1999-07-11 14:42 millert + + * auth/: opie.c, rfc1938.c, sudo_auth.h, skey.c: combine skey/opie + code into rfc1938.c + +1999-07-11 07:22 millert + + * auth/: dce.c, sudo_auth.h: DCE authentication method; basically + unchanged from dce_pwent.c + +1999-07-11 06:44 millert + + * auth/: aix_auth.c, sudo_auth.h: AIX authenticate() support. + Could probably be much better + +1999-07-11 06:43 millert + + * auth/sia.c: Fix an uninitialized variable and some cleanup. Now + works (tested) + +1999-07-11 05:37 millert + + * auth/: sia.c, sudo_auth.h: SIA support for digital unix + +1999-07-11 05:33 millert + + * auth/pam.c: don't use prompt global, it will go away + +1999-07-11 05:32 millert + + * auth/secureware.c: correct copyright years + +1999-07-10 20:32 millert + + * auth/: afs.c, fwtk.c, kerb4.c, sudo_auth.h, kerb5.c, opie.c, + pam.c, passwd.c, secureware.c, securid.c, skey.c, sudo_auth.c: + New authentication API and methods + +1999-07-08 06:46 millert + + * parse.yacc: only save an entry if user_matches && host_matches, + even if the stack is empty (fix for previous commit) + +1999-07-08 06:35 millert + + * parse.yacc: 1) Always save an entry on the stack if it is empty. + This fixes the -l and -v flags that were broken by earlier parser + changes. + + 2) In a Runas list, don't negate FALSE -> TRUE since that would + make !foo match any time the user specified a runas user (via -u) + other than foo. + +1999-07-08 05:45 millert + + * testsudoers.c: interfaces and num_interfaces are now auto, not + extern + +1999-07-07 14:09 millert + + * auth.c: use a static global to keep stae about empty passwords + +1999-07-07 14:08 millert + + * check_sia.c: make PASSWORD_NOT_CORRECT logging consistent with + other modules + +1999-07-05 16:53 millert + + * auth.c: PAM prompt code was wrong, looks like we have to kludge + it after all. + +1999-07-05 16:35 millert + + * auth.c: In the PAM code, when a user hits return at the first + password prompt, exit without a warning just like the normal auth + code + +1999-07-05 16:15 millert + + * configure, configure.in: kludge around cross-compiler false + positives + +1999-07-05 16:14 millert + + * auth.c, check.c, check_sia.c, logging.c, sudo.h, tgetpass.c: New + (correct) PAM code Tgetpass now takes an echo flag for use with + PAM_PROMPT_ECHO_ON Block SIGINT and SIGTSTP during auth remove a + useless umask setting Change error from BAD_ALLOCATION -> + BAD_AUTH_INIT (for use with sia/PAM) Some cosmetic changes to + auth.c for consistency + +1999-07-05 16:11 millert + + * sudo.c: Some -Wall and kill some trailing spaces + +1999-07-05 16:10 millert + + * configure.in: define -D__EXTENSIONS__ for solaris so we get + crypt() proto + +1999-06-22 09:42 millert + + * RUNSON: add Dynix 4.4.4 + +1999-06-22 09:30 millert + + * INSTALL, config.h.in, configure.in, configure: for kerberos V < + version, fall back on old kerb4 auth code + +1999-06-22 06:41 millert + + * INSTALL: clarify some things + +1999-06-22 06:38 millert + + * UPGRADE, sudoers.cat, sudoers.man, sudoers.pod: typos + +1999-06-14 19:47 millert + + * sudo.c: mention why DONT_LEAK_PATH_INFO is not the default + +1999-06-03 12:34 millert + + * tgetpass.c: Fix open(2) return value checking, was NULL for + fopen, should be -1 for open + +1999-06-03 12:06 millert + + * configure: regen + +1999-06-03 12:06 millert + + * configure.in: better wording for solaris pam notice + +1999-06-03 11:52 millert + + * CHANGES: document recent changes + +1999-06-03 11:52 millert + + * TROUBLESHOOTING: Update shadow password section + +1999-06-03 11:51 millert + + * auth.c: move authentication code from check.c to auth.c + +1999-06-03 11:51 millert + + * Makefile.in, check.c, sudo.h: move authentication code to auth.c + +1999-05-16 21:36 millert + + * Makefile.in, check.c, check_sia.c, compat.h, find_path.c, + getspwuid.c, goodpath.c, interfaces.c, interfaces.h, lex.yy.c, + logging.c, parse.c, parse.lex, parse.yacc, secureware.c, sudo.c, + sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, visudo.c: Move + interface-related defines to interfaces.h so we don't have to + include <netinet/in.h> everywhere. + +1999-05-14 12:30 millert + + * CHANGES, INSTALL, TODO, check.c, compat.h, getspwuid.c, + logging.c, parse.yacc, sudo.c, tgetpass.c: o Replace _PASSWD_LEN + braindeath with our own SUDO_MAX_PASS. + It turns out the old DES crypt does the right thing with + passwords + longert than 8 characters. + o Fix common typo (necesary -> necessary) + o Update TODO list + +1999-05-03 12:00 millert + + * sudo.c: set $LOGNAME when we set $USER + +1999-04-27 00:00 millert + + * INSTALL: add comment about digital unix and interfaces.c warning + with gcc + +1999-04-15 01:12 millert + + * sample.sudoers: use modern paths and give examples for some of + the new parser features + +1999-04-10 13:03 millert + + * parse.c: fix comment + +1999-04-10 00:49 millert + + * alloc.c, check.c, check_sia.c, dce_pwent.c, find_path.c, + getspwuid.c, goodpath.c, interfaces.c, lex.yy.c, logging.c, + parse.c, parse.lex, parse.yacc, putenv.c, secureware.c, sudo.c, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: + Function names should be flush with the start of the line so they + can be found trivially in an editor and with grep + +1999-04-10 00:40 millert + + * find_path.c, interfaces.c, lex.yy.c, parse.c, parse.lex, + parse.yacc, sudo.c, testsudoers.c, tgetpass.c, visudo.c: free(3) + is already void, no need to cast it + +1999-04-10 00:37 millert + + * logging.c, sudo.c, sudo.h: catch case where cmnd_safe is not set + (this should not be possible) + +1999-04-10 00:10 millert + + * CHANGES, logging.c, parse.c, parse.yacc, sudo.c, sudo.h, + testsudoers.c, visudo.c: Stash the "safe" path (ie: the one + listed in sudoers) to the command instead of stashing the struct + stat. Should be safer. + +1999-04-08 19:56 millert + + * INSTALL, Makefile.in, UPGRADE: notes on updating from an earlier + release + +1999-04-07 20:20 millert + + * CHANGES: updated + +1999-04-07 19:18 millert + + * parse.yacc, sudo.tab.h, sudoers.cat, sudoers.html, sudoers.man, + sudoers.pod: You can now specifiy a host list instead of just a + host or alias. Ie: user = host1,host2,ALIAS,!host3 my_command + now works. + +1999-04-07 02:59 millert + + * testsudoers.c: Quiet -Wall + +1999-04-07 02:50 millert + + * parse.yacc: Move the push from the beginning of cmndspec to the + end. This means we no longer have to do a push at the end of + privilege, just reset some values. + +1999-04-06 20:24 millert + + * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: runas-lists + and NOPASSWD/PASSWD modifiers are now sticky and you can use "!" + most everywhere + +1999-04-06 14:12 millert + + * sudoers.pod: modernize paths and update su example based on + sample.sudoers one + +1999-04-06 14:06 millert + + * sample.sudoers: New runas semantics + +1999-04-06 13:54 millert + + * CHANGES, Makefile.in, alloc.c, config.h.in, configure, + configure.in, strdup.c, sudo.h: In estrdup(), do the malloc + ourselves so we don't need to rely on the system strdup(3) which + may or may not exist. There is now no need to provide strdup() + for those w/o it. Also, the prototype for estrdup() was wrong, + it returns char * and its param is const. + +1999-04-06 13:40 millert + + * getcwd.c: $Sudo tag + +1999-04-06 13:20 millert + + * check.c: buf should be prompt; Michael Robokoff + <mrobo@networkcs.com> + +1999-04-06 01:40 millert + + * CHANGES, TODO, parse.yacc: It is now possible to use the '!' + operator in a runas list as well as in a Cmnd_Alias, Host_Alias + and User_Alias. + +1999-04-06 01:38 millert + + * logging.c, sudo.h: Kill GLOBAL_NO_SPW_ENT (not used) and crank + GLOBAL_PROBLEM + +1999-04-06 01:08 millert + + * sudo.h: Definitions of *_matched were wrong--user top, not top-2 + as subscript. + +1999-04-06 01:00 millert + + * logging.c, parse.c, parse.yacc, sudo.c, sudo.h: Add + VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a + command but the NOPASSWD flag was set. Make runasspec, + runaslist, runasuser, and nopasswd typeless in parse.yacc Add + support for '!' in the runas list Fix double printing of '%' and + '+' for groups and netgroups respectively Add *_matched macros + (no need for local stack variable). Should only be used directly + after a pop (since top must be >= 2). + +1999-04-05 23:25 millert + + * aclocal.m4, configure.in: Add copyright, somewhat silly + +1999-04-05 16:57 millert + + * BUGS, INSTALL, Makefile.in, README, alloc.c, check.c, + check_sia.c, compat.h, config.h.in, configure, configure.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c, + sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat, + sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c, visudo.cat, visudo.man, emul/utime.h: Crank version to + 1.6 and combine copyright statements + +1999-04-05 16:30 millert + + * sample.sudoers: Use ! not ^ to do negation + +1999-04-05 16:29 millert + + * lex.yy.c: regen + +1999-04-05 16:28 millert + + * parse.yacc, parse.lex: Make runas and NOPASSWD tags persistent + across entris in a command list. Add a PASSWD tag to reverse + NOPASSWD. When you override a runas or *PASSWD tag the value + given becomes the new default for the rest of the command list. + +1999-04-02 16:03 millert + + * CHANGES, RUNSON: update for 1.5.9 + +1999-04-02 16:02 millert + + * visudo.c: Shift return value of system(3) by 8 to get real exit + value and if it is not 1 or 0 print the retval along with the + error message. + +1999-03-30 16:45 millert + + * Makefile.in: testsudoers needs LIBOBJS too + +1999-03-30 12:17 millert + + * parse.c, parse.yacc: Fix another parser bug. For a sudoers entry + like this: millert ALL=/bin/ls,(daemon) !/bin/ls sudo + would not allow millert to run ls as root. + +1999-03-30 01:08 millert + + * CHANGES: new change + +1999-03-30 01:03 millert + + * parse.yacc: Save entries that match a ! command on the matching + stack too + +1999-03-30 01:01 millert + + * sudo.c: Make sudo's usage info better when mutually exclusive + args are given and don't rely on argument order to detect this; + nick@zeta.org.au + +1999-03-29 15:03 millert + + * CHANGES, Makefile.in, RUNSON: updates from CU + +1999-03-28 23:38 millert + + * Makefile.in: use gzip + +1999-03-28 23:31 millert + + * parse.yacc: Fix off by one error introduced in *alloc changes + +1999-03-28 23:05 millert + + * BUGS, CHANGES, INSTALL, Makefile.in, README, alloc.c, check.c, + check_sia.c, compat.h, config.h.in, configure, configure.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c, + sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat, + sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod, + emul/utime.h: ++version + +1999-03-28 21:59 millert + + * Makefile.in, check.c, find_path.c, getspwuid.c, goodpath.c, + interfaces.c, lex.yy.c, logging.c, parse.c, parse.lex, + parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, utime.c, visudo.c: Use + emalloc/erealloc/estrdup + +1999-03-28 20:29 millert + + * alloc.c: error checking memory allocation routines + +1999-03-28 19:23 millert + + * parse.yacc: Still not right, this fixes it for real + +1999-03-28 19:08 millert + + * parse.yacc: Fix for previous commit + +1999-03-28 19:05 millert + + * CHANGES, INSTALL, parse.yacc: Fix a parser bug that was exposed + when mixing different runas specs and ! commands. For example: + millert ALL=(daemon) /usr/bin/whoami,!/bin/ls would + allow millert to run whoami as root as well as daemon when it + should just allow daemon. The problem was that comma-separated + commands in a list shared the same entry on the matching stack. + Now they get their own entry iff there is a full match. It may + be better to just make the runas spec persistent across all + commands in a list like the user and host entries of the matching + stack. However, since that is a fairly major change it should + gets its own minor rev increase. + +1999-03-28 13:50 millert + + * check.c, config.h.in: Simplify PAM code and fix a PAM-related + warning on Linux + +1999-03-26 13:17 millert + + * CHANGES: updates + +1999-03-26 13:12 millert + + * sample.sudoers: better su entry + +1999-03-26 13:10 millert + + * configure: regen + +1999-03-26 13:09 millert + + * check.c, configure.in: new pam code that works on solaris, should + work on linux too; aelberg@home.com + +1999-03-19 14:44 millert + + * RUNSON: more entries + +1999-03-19 14:43 millert + + * config.h.in: only include strings.h if there is no string.h + +1999-03-17 15:25 millert + + * config.guess: Sinix is now being called ReliantUNIX; + bjjackso@us.oracle.com + +1999-03-13 13:37 millert + + * sudo.c: shost must be set before log functions are called #ifdef + HOST_IN_LOG + +1999-03-07 18:34 millert + + * CHANGES, lex.yy.c, parse.lex: Fix a bug wrt quoting characters in + command args. Stop processing an arg when you hit a backslash so + the quoted-character detection can catch it. + +1999-02-26 01:19 millert + + * interfaces.c: include sys/time.h; aparently AIX needs it. + ppz@cdu.elektra.ru + +1999-02-23 19:43 millert + + * configure, configure.in: add missing case statement so + --without-sendmail works + +1999-02-22 21:51 millert + + * CHANGES: more + +1999-02-22 15:10 millert + + * configure, configure.in: only search for -lsun in irix <= 4.x + +1999-02-22 15:01 millert + + * configure, configure.in: back out last configure.in change now + that I've hacked autoconf to fix the real problem and add a + missing newline + +1999-02-22 14:32 millert + + * CHANGES: updated + +1999-02-22 14:05 millert + + * getcwd.c: add def of dirfd() for those without it + +1999-02-22 10:58 millert + + * configure.in, configure: When falling back to checking for + socket() when linking with "-lsocket -lnsl" check for main() + instead since autoconf has already cached the results of checking + for socket() in -lsocket. This is really an autoconf bug as it + should use the extra libs as part of the cache variable name. + +1999-02-22 10:47 millert + + * configure.in: typo + +1999-02-21 15:18 millert + + * configure.in: fix occurrence of $with_timeout that should be + $with_password_timeout; + Michael.Neef@neuroinformatik.ruhr-uni-bochum.de + +1999-02-17 11:40 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: fix grammar; + espie@openbsd.org + +1999-02-11 01:41 millert + + * parse.yacc, sudo.c, testsudoers.c: add cast for strdup in places + it does not have it + +1999-02-09 13:11 millert + + * configure, configure.in: define for_BSD_TYPES irix + +1999-02-06 19:47 millert + + * Makefile.in, sudo.cat, sudo.html, sudo.man, sudo.pod: Make it + clear that it is the user's password, not root's, that we want. + +1999-02-06 19:43 millert + + * check.c, sudo.h: If the user enters an empty password and really + has no password, accept the empty password they entered. + Perviously, they could enter anything *but* an empty password. + Also, add GETPASS macro that calls either tgetpass() or getpass() + depending on how sudo was configured. Problem noted by + jdg@maths.qmw.ac.uk + +1999-02-02 23:32 millert + + * Makefile.in, check.c, check_sia.c, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, secureware.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, + testsudoers.c, tgetpass.c, utime.c, version.h, visudo.c, + emul/utime.h: add explicate copyright + +1999-02-02 23:16 millert + + * CHANGES: mention -lsocket, -lnsl configure changes + +1999-02-02 17:54 millert + + * sudo.c: Don't clobber errno after calling check_sudoers(). + +1999-01-31 19:46 millert + + * configure.in, configure: When linking with both -lsocket and + -lnsl be sure to do so in that order. Also, when we can't find + socket() or inet_addr() and have to try linking with both libs, + issue a warning. + +1999-01-31 19:45 millert + + * sudo.cat, sudo.man, sudo.pod: clarify bad timestamp and fmt + +1999-01-23 12:18 millert + + * INSTALL, RUNSON: be clear that pam is linux-only and add a RUNSON + entry + +1999-01-22 13:13 millert + + * configure, CHANGES, INSTALL, configure.in: fix and correctly + document --with-umask; problem noted by adap@adap.org + +1999-01-19 20:38 millert + + * configure.in, configure: only use /usr/{man,catman}/local to + store man pages if suer didn't override prefix or mandir + +1999-01-19 20:24 millert + + * configure, INSTALL, configure.in: fix typo, make --with-SecurID + take an arg + +1999-01-18 21:53 millert + + * RUNSON: updates from users + +1999-01-18 21:04 millert + + * CHANGES, INSTALL, check.c, configure, configure.in: FWTK + 'authsrv' support from Kevin Kadow <kadow@MSG.NET> + +1999-01-18 20:00 millert + + * configure, configure.in: better fix for the problem of unresolved + symbols in -lnsl or -lsocket + +1999-01-18 19:39 millert + + * configure, configure.in: when checking for functions in -lnsl and + -lsocket link with both of them to avoid unresolved symbols on + some weirdo systems + +1999-01-17 20:49 millert + + * BUGS, CHANGES, RUNSON, TODO: old changes that didn't make it into + RCS before the RCS->CVS switch + +1999-01-17 18:16 millert + + * Makefile.in, check.c, check_sia.c, compat.h, config.h.in, + configure.in, dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, lex.yy.c, logging.c, lsearch.c, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, secureware.c, strdup.c, + sudo.c, sudo.pod, sudo_setenv.c, sudoers.pod, testsudoers.c, + tgetpass.c, utime.c, visudo.c, visudo.pod, emul/search.h, + emul/utime.h: add sudo tags + +1999-01-17 17:53 millert + + * version.h, sudo.h: testing Sudo tag + +1999-01-17 17:40 millert + + * BUGS, INSTALL, Makefile.in, README, check.c, check_sia.c, + compat.h, config.h.in, configure, configure.in, dce_pwent.c, + find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, lex.yy.c, + logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, sudo.h, + sudo.man, sudo_setenv.c, sudoers.cat, sudoers.man, testsudoers.c, + tgetpass.c, utime.c, version.h, visudo.c, visudo.cat, visudo.man, + emul/utime.h: crank version and regen files + +1999-01-17 17:27 millert + + * Makefile.in: kill rcs goop in update_version and fix now that + version is a const + +1999-01-17 17:08 millert + + * INSTALL, check.c, config.h.in, configure, configure.in, + logging.c, sudo.c, sudo.h, sudo.pod: kerb5 support from + fcusack@iconnet.net + +1999-01-17 16:45 millert + + * realpath.c, sudo_realpath.c: we no longer use realpath + +1999-01-17 16:44 millert + + * qualify.c: replaced by find_path.c + +1999-01-17 16:43 millert + + * options.h: all options are now configure flags + +1999-01-17 16:42 millert + + * lex.yy.c: regen + +1999-01-17 16:41 millert + + * getwd.c: superceded by getcwd.c + +1999-01-17 16:36 millert + + * getpass.c: superceded by tgetpass.c + +1999-01-17 16:36 millert + + * SUPPORTED: superceded by RUNSON + +1999-01-17 16:33 millert + + * OPTIONS: No longer used now that we have configure options for + everything. + +1999-01-17 16:32 millert + + * configure: regen based on configure.in + +1999-01-17 16:31 millert + + * sudo.man, sudoers.man, visudo.man, sudo.cat, sudo.html, + sudoers.cat, visudo.cat, sudoers.html, visudo.html: regen based + on sudo.pod, sudoers.pod, and visudo.pod + +1998-12-11 12:16 millert + + * check.c: fix tty tickets in remove_timestamp (didn't use ':') + +1998-12-07 16:16 millert + + * interfaces.c: close sock when we are done with it + +1998-11-27 19:37 millert + + * parse.yacc: never say "error on line -1" + +1998-11-23 23:38 millert + + * configure.in: check for -lnsl before -lsocket + +1998-11-23 23:29 millert + + * configure.in: quote '[', ']' used in ranges correctly + +1998-11-21 17:54 millert + + * config.h.in: add missing NO_ROOT_SUDO noted by drno@tsd.edu + +1998-11-20 18:33 millert + + * version.h: 1.5.7 + +1998-11-20 18:33 millert + + * INSTALL: more info for 1.5.7 + +1998-11-20 18:30 millert + + * README: update for 1.5.7 + +1998-11-20 14:26 millert + + * parse.yacc: make increases of cm_list_size and ga_list_size be + similar to increases of stacksize (ie: >= not > in initial + compare). + +1998-11-20 14:22 millert + + * parse.yacc: when we get a syntax error, report it for the + previous line since that's generally where the error occurred. + +1998-11-18 15:31 millert + + * config.h.in, configure.in, interfaces.c: add back check for + sys/sockio.h but only use it if SIOCGIFCONF is not defined + +1998-11-18 15:25 millert + + * config.h.in: define BSD_COMP for svr4 + +1998-11-17 23:16 millert + + * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c, + goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c, + parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: more + -Wall + +1998-11-17 23:10 millert + + * configure.in: kill check for sockio,h + +1998-11-17 23:10 millert + + * config.h.in: no more HAVE_SYS_SOCKIO_H + +1998-11-17 22:51 millert + + * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c, + goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c, + parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: + -Wall + +1998-11-16 17:38 millert + + * sudo.c: add missing inform_user() + +1998-11-13 19:21 millert + + * find_path.c: return NOT_FOUND if given fully qualified path and + it does not exist previously it would perror(ENOENT) which + bypasses the option to not leak path info + +1998-11-13 19:20 millert + + * configure.in: for kerb5, check for -lkerb4, fall back on -lkrb + for kerb, check for -ldes + +1998-11-13 14:19 millert + + * INSTALL: tty tickets are user:tty now + +1998-11-13 14:10 millert + + * check.c: when using tty tickets make it user:tty not user.tty as + a username could have a '.' in it + +1998-11-09 19:15 millert + + * sudo.c: add "ignoring foo found in ." for auth successful case + +1998-11-09 17:57 millert + + * sudo.c: add missing printf param + +1998-11-08 15:56 millert + + * INSTALL, config.h.in, configure.in, find_path.c, sudo.c, sudo.h: + go back to printing "command not found" unless + --disable-path-info specified. Also, tell user when we ignore + '.' in their path and it would have been used but for + --with-ignore-dot. + +1998-11-08 13:51 millert + + * check.c, sudo.c: Only one space after a colon, not two, in + printf's + +1998-11-05 12:59 millert + + * sudo.pod: document setting $USER + +1998-11-04 22:24 millert + + * check.c: fix bugs with prompt expansion + +1998-11-04 21:21 millert + + * sudo.c: set $USER for root too + +1998-11-04 17:13 millert + + * getspwuid.c: typo + +1998-11-04 17:07 millert + + * configure.in: HP-UX's iscomsec is in -lsec, not libc + +1998-11-03 22:24 millert + + * configure.in: remove some entries in the OS case statement that + did nothing + +1998-11-03 22:19 millert + + * TROUBLESHOOTING: add "cd" section and flush out syslog section + +1998-11-03 20:51 millert + + * Makefile.in: no more sudo-lex.yy.c + +1998-11-03 20:50 millert + + * check_sia.c: add custom prompt support + +1998-11-03 20:40 millert + + * sudo.c: kill perror("malloc") since we already have a good error + messages pw_ent -> pw for brevity set $USER if -u specified + +1998-11-03 20:39 millert + + * parse.c: kill perror("malloc") since we already have a good error + messages pw_ent -> pw for brevity when checking if %group + matches, look up user in password file so that %groups works in a + RunAs spec. + +1998-11-03 20:39 millert + + * logging.c, parse.yacc: kill perror("malloc") since we already + have a good error messages + +1998-11-03 20:38 millert + + * check.c, getspwuid.c, interfaces.c, testsudoers.c: kill + perror("malloc") since we already have a good error messages + pw_ent -> pw for brevity + +1998-11-03 15:03 millert + + * tgetpass.c: the prompt is expanded before tgetpass is called + +1998-11-03 15:03 millert + + * sudo.h: tgetpass now has the same args as getpass again + +1998-11-03 15:02 millert + + * getspwuid.c: add iscomsec, issecure support + +1998-11-03 15:02 millert + + * check.c: we now expand any %h or %u in the prompt before passing + to tgetpass + +1998-11-03 14:58 millert + + * configure.in: add check for syslog(3) in -lsocket, -lnsl, -linet + +1998-11-03 14:56 millert + + * config.h.in: add HAVE_ISCOMSEC and HAVE_ISSECURE + +1998-11-03 14:55 millert + + * configure.in: add check for iscomsec in HP-UX + +1998-11-03 14:51 millert + + * configure.in: check for issecure if we have getpwanam on SunOS + some options are incompatible with DUNIX SIA check for dispcrypt + on DUNIX + +1998-10-25 15:21 millert + + * config.h.in: add HAVE_DISPCRYPT + +1998-10-25 15:21 millert + + * secureware.c: add back support for non-dispcrypt based checking + for older DUNIX + +1998-10-25 00:51 millert + + * INSTALL: sia changes + +1998-10-25 00:48 millert + + * configure.in: SIA becomes the default on Digital UNIX now havbe + --disable-sia to turn it off... + +1998-10-24 23:52 millert + + * check.c: move local includes after system ones + +1998-10-24 19:28 millert + + * check.c, check_sia.c, sudo.h: add pass_warn() which prints out + INCORRECT_PASSWORD or an insult to stderr + +1998-10-24 19:07 millert + + * check_sia.c: fix while loop in sia_attempt_auth() that checks the + password. Only the first iteration was working. + +1998-10-21 21:00 millert + + * aclocal.m4: don't trust UID_MAX or MAXUID + +1998-10-21 20:35 millert + + * configure.in: fix two pastos + +1998-10-21 20:30 millert + + * configure.in: fix typo + +1998-10-21 20:19 millert + + * getspwuid.c, secureware.c: init crypt_type to INT_MAX since it is + legal to be negative in DUNX 5.0 + +1998-10-21 20:15 millert + + * configure.in: for secureware on dunix, use -lsecurity -ldb -laud + -lm but check for -ldb since DUNX < 4.0 lacks it + +1998-10-21 19:50 millert + + * check.c, compat.h, config.h.in, configure.in, getspwuid.c, + secureware.c, sudo.c, tgetpass.c: getprpwuid is broken in HP-UX + 10.20 at least (it sleeps for 2 minutes if the shadow files don't + exist). + +1998-10-20 17:22 millert + + * INSTALL: updated --with-editor blurb + +1998-10-20 17:21 millert + + * TROUBLESHOOTING: tell how to put sudoers in a different dir + +1998-10-20 16:22 millert + + * configure.in: add missing quotes around $with_editor + +1998-10-20 14:00 millert + + * configure.in: typo in --with-editor bits + +1998-10-20 01:24 millert + + * INSTALL: I don't expect it to work on Solaris + +1998-10-20 01:24 millert + + * check.c: add back security/pam_misc.h + +1998-10-19 17:13 millert + + * INSTALL: remove dunix note since configure checks for this now + +1998-10-19 16:30 millert + + * configure.in: add check for broken dunix prot.h (4.0 < 4.0D is + bad) + +1998-10-19 14:32 millert + + * getspwuid.c, secureware.c, tgetpass.c: new dunix shadow code, use + dispcrypt(3) + +1998-10-19 14:32 millert + + * config.h.in: add HAVE_INITPRIVS + +1998-10-19 14:31 millert + + * sudo.c: call initprivs() if we have it for getprpwuid later on + +1998-10-19 14:30 millert + + * Makefile.in: clean pathnames.h too + +1998-10-19 14:28 millert + + * configure.in: quote "Sorry, try again." with [] since it has a + comma in it set LIBS when we add stuff to SUDO_LIBS set + SECUREWARE when we find getprpwuid() so we can check for + bigcrypt, set_auth_parameters, and initprivs later. + +1998-10-19 13:48 millert + + * INSTALL: update Digital UNIX note about acl.h + +1998-10-18 20:26 millert + + * INSTALL: add --with-sia --without-root-sudo -> + --disable-root-sudo some reordering + +1998-10-18 20:22 millert + + * secureware.c: add whitespace + +1998-10-18 20:22 millert + + * Makefile.in, check.c, config.h.in, configure.in, logging.c, + sudo.h: add SIA support + +1998-10-18 20:21 millert + + * check_sia.c: Initial revision + +1998-10-18 19:42 millert + + * configure.in: when checking for -lsocket, -lnsl, and -linet, + check for the specific functions we need from them. + +1998-10-18 19:10 millert + + * config.h.in, sudo.h: move Syslog_* defs into sudo.h + +1998-10-18 18:15 millert + + * sudo.h, Makefile.in: added check_secureware + +1998-10-18 18:12 millert + + * configure.in: finished adding AC_MSG_CHECKING and AC_MSG_RESULT + bits + +1998-10-18 18:00 millert + + * insults.h: don't define CLASSIC_INSULTS and CSOPS_INSULTS if no + other sets defined. configure now does that for us + +1998-10-18 17:45 millert + + * configure.in: move some --with options around change a bunch of + echo's to AC_MSG_CHECKING, AC_MSG_RESULT pairs + +1998-10-18 01:09 millert + + * configure.in: change $with_foo-bar -> $with_foo_bar kill extra " + that caused a syntax error add some echo verbage + +1998-10-17 18:08 millert + + * check.c: moved SecureWare stuff into secureware.c + +1998-10-17 18:07 millert + + * secureware.c: Initial revision + +1998-10-17 17:02 millert + + * INSTALL: update url to solaris gcc bins + +1998-10-17 16:39 millert + + * INSTALL: change option formatter and flesh out someentries + +1998-10-17 16:18 millert + + * sudo.pod, visudo.pod, TROUBLESHOOTING: environmental variable -> + environment variable + +1998-10-17 16:01 millert + + * BUGS: everything is now done via configure + +1998-10-17 16:00 millert + + * README: prev rev was 1.5.6 + +1998-10-17 00:33 millert + + * Makefile.in: passing SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID + correctly + +1998-10-17 00:32 millert + + * config.h.in: SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID now come from + the Makefile + +1998-10-17 00:31 millert + + * Makefile.in: merge OSDEFS and OPTIONS into DEFS get sudoers_uid, + sudoers_gid, sudoers_mode from configure + +1998-10-17 00:30 millert + + * configure.in: SUDOERS_MODE, SUDOERS_UID, and SUDOERS_GID now get + substituted into the Makefile, not config.h + +1998-10-17 00:30 millert + + * INSTALL: document all --with/--enable options + +1998-10-15 02:25 millert + + * insults.h: options.h is no more + +1998-10-15 02:25 millert + + * config.h.in: assimilated options.h + +1998-10-15 02:24 millert + + * configure.in: moved options from options.h to configure + +1998-10-15 01:41 millert + + * check.c, find_path.c, getspwuid.c, goodpath.c, interfaces.c, + logging.c, parse.c, parse.lex, parse.yacc, sudo.c, sudo.pod, + sudo_setenv.c, visudo.c: no more options.h + +1998-10-15 01:39 millert + + * INSTALL, Makefile.in, PORTING, TROUBLESHOOTING: remove references + to options.h + +1998-10-15 01:32 millert + + * interfaces.c, dce_pwent.c, sudo.c: kill sys/time.h + +1998-10-15 00:10 millert + + * tgetpass.c: if select return < -1 still prompt for pw + +1998-10-15 00:03 millert + + * options.h: convert LOGGING, LOGFAC, MAXLOGFILELEN, + IGNORE_DOT_PATH into configure options + +1998-10-14 23:57 millert + + * parse.c: FAST_MATCH is no longer an optino + +1998-10-14 23:52 millert + + * check.c: remove_timestamp() if timestamp is preposterous + +1998-10-14 23:36 millert + + * options.h: convert more options to --with/--enable + +1998-10-14 23:36 millert + + * INSTALL, aclocal.m4: logfile -> logpath + +1998-10-14 23:31 millert + + * configure.in: convert more options into --with and --enable + +1998-10-14 23:28 millert + + * tgetpass.c: catch EINTR in select and restart + +1998-10-14 23:15 millert + + * logging.c: sys/errno -> errno + +1998-09-24 11:40 millert + + * sudo.c: UMASK -> SUDO_UMASK. + +1998-09-24 11:36 millert + + * check.c, logging.c: time.h, not sys/time.h + +1998-09-21 19:52 millert + + * logging.c: MAILER -> _PATH_SENDMAIL + +1998-09-21 00:06 millert + + * INSTALL, configure.in: no more --with-C2, now it is + --disable-shadow + +1998-09-21 00:00 millert + + * aclocal.m4, check.c, compat.h, config.h.in, configure.in, + getspwuid.c, sudo.c, tgetpass.c: new shadow password scheme. + Always include shadow support if the platform supports it and the + user did not disable it via configure + +1998-09-20 19:48 millert + + * configure.in: --with-getpass -> --{enable,disable}-tgetpass + +1998-09-20 19:16 millert + + * Makefile.in: pathnames.h -> pathnames.h.in + +1998-09-20 19:14 millert + + * check.c: fix version string + +1998-09-20 19:12 millert + + * check.c: move pam_conv to be static to auth function remove + pam_misc.h (solaris doesn't have one) + +1998-09-20 19:10 millert + + * aclocal.m4: _CONFIG_PATH_* -> _PATH_* or _PATH_SUDO_* kill + SUDO_PROG_PWD + +1998-09-20 19:10 millert + + * configure.in: munge pathnames.h.in -> pathnames.h kill + SUDO_PROG_PWD + +1998-09-20 19:10 millert + + * pathnames.h.in: convert to pathnames.h.in + +1998-09-18 20:20 millert + + * configure.in: fix typo in sysv4 matching case /. + +1998-09-18 01:29 millert + + * check.c: pam stuff needs to run as root, not user, for shadow + passwords + +1998-09-17 12:26 millert + + * Makefile.in, emul/utime.h, check.c, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c, + BUGS, INSTALL, README, configure.in: updated version + +1998-09-17 12:13 millert + + * check.c: user version.h for long message + +1998-09-17 11:53 millert + + * check.c: this is version 1.5.6 + +1998-09-16 13:42 millert + + * Makefile.in: remove errant backslash + +1998-09-14 22:25 millert + + * options.h, parse.yacc, pathnames.h.in: fix version string + +1998-09-14 22:02 millert + + * BUGS, CHANGES, TODO: updtaed for 1.5.6 + +1998-09-14 22:02 millert + + * RUNSON: updated for 1.5.6 + +1998-09-14 11:48 millert + + * interfaces.c: kill unused localhost_mask var copy if name to + ifr_tmp after we zero it + +1998-09-13 15:50 millert + + * INSTALL: Better description of new vs. old sudoers modes fix some + typos better description of /usr/ucb/cc gotchas on slowaris + +1998-09-13 15:49 millert + + * Makefile.in: add sample.pam + +1998-09-13 15:32 millert + + * sudo.c: set NewArgv[0] to user_shell, not basename(user_shell) + +1998-09-12 11:10 millert + + * README: mention TROUBLESHOOTING more fix some typos + +1998-09-11 20:30 millert + + * configure.in: move --enable/--disable to be after --with + +1998-09-11 20:30 millert + + * INSTALL: document --enable/--disable + +1998-09-11 20:26 millert + + * INSTALL: document --with-pam + +1998-09-11 19:47 millert + + * configure.in: Add message for pam users + +1998-09-11 19:27 millert + + * sample.pam: Initial revision + +1998-09-11 19:23 millert + + * config.h.in: fix HAVE_PAM + +1998-09-11 19:19 millert + + * check.c, config.h.in, configure.in: pam support, from Gary Calvin + <GCalvin@kenwoodusa.com> + +1998-09-10 18:51 millert + + * config.h.in: add HOST_IN_LOG and WRAP_LOG + +1998-09-10 18:51 millert + + * logging.c: add WRAP_LOG and HOST_IN_LOG + +1998-09-10 18:37 millert + + * configure.in: add --enable-log-host and --enable-log-wrap + +1998-09-10 18:32 millert + + * aclocal.m4: use AC_DEFINE_UNQUOTED for --with-logfile and + --with-timedir + +1998-09-08 20:45 millert + + * compat.h: add howmany macro + +1998-09-08 20:43 millert + + * tgetpass.c: include sys/param.h to get howmany macro + +1998-09-07 20:42 millert + + * OPTIONS, options.h, parse.yacc, sudo.c, testsudoers.c, visudo.c: + add RUNAS_DEFAULT + +1998-09-07 12:51 millert + + * fnmatch.c: bring in stdio.h for NULL + +1998-09-07 12:50 millert + + * aclocal.m4: allow /bin/{ksh,bach} and /usr/bin/{ksh,bash} as sh + +1998-09-07 12:43 millert + + * sudo.c: use HAVE_SET_AUTH_PARAMETERS + +1998-09-07 12:42 millert + + * config.h.in: add HAVE_SET_AUTH_PARAMETERS + +1998-09-07 12:41 millert + + * configure.in: add *-*-hiuxmpp* add test for set_auth_parameters() + if secureware + +1998-09-07 12:39 millert + + * config.sub: add support for HI-UX/MPP SR220001 02-03 0 SR2201 + +1998-09-07 12:06 millert + + * interfaces.c: initialize previfname + +1998-09-07 11:51 millert + + * interfaces.c: Don't use SIOCGIFADDR, we don't need it Use + SIOCGIFFLAGS if we have it check ifr_flags against IFF_UP and + IFF_LOOPBACK instead of kludging it + +1998-09-07 11:49 millert + + * configure.in: typo + +1998-09-07 00:01 millert + + * Makefile.in: don't need special build line for sudo.tab.o + +1998-09-06 23:58 millert + + * Makefile.in: don't clean sudo.tab.[ch] + +1998-09-06 23:48 millert + + * sudo.c: Sudo should prompt for a password before telling the user + that a command could not be found. + +1998-09-06 23:47 millert + + * BUGS: for 1.5.6 + +1998-09-06 23:25 millert + + * INSTALL, README: no longer require yacc + +1998-09-06 23:19 millert + + * Makefile.in: typo + +1998-09-06 23:18 millert + + * Makefile.in: y.tab -> sudo.tab include pre-yacc'd parse.yacc + +1998-09-06 23:09 millert + + * parse.lex: include sudo.tab.h, not y.tab.h don't break out of + command args if you get a '=' + +1998-09-06 22:59 millert + + * insults.h: fix version , + +1998-09-06 22:57 millert + + * compat.h, ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h: + fix version + +1998-09-06 22:55 millert + + * getcwd.c: getcwd(3) from OpenBSD for those without it. + +1998-09-06 22:51 millert + + * sudo.h: HAVE_GETWD -> HAVE_GETCWD + +1998-09-06 22:49 millert + + * configure.in: pretend sunos doesn't have getcwd(3) since it opens + a pipe to getpwd! + +1998-09-06 22:41 millert + + * parse.c: use NAMLEN() macro + +1998-09-06 22:34 millert + + * fnmatch.c: remove duplicate include of string.h + +1998-09-06 22:28 millert + + * configure.in: call SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T + +1998-09-06 22:28 millert + + * aclocal.m4: add SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T + +1998-09-06 22:28 millert + + * config.h.in: add dev_t and ino_t + +1998-07-28 12:44 millert + + * check.c: fix OTP_ONLY for opie + +1998-06-24 12:22 millert + + * testsudoers.c, tgetpass.c: include stdlib.h for malloc proto + +1998-05-19 00:10 millert + + * Makefile.in: make update_version saner + +1998-05-18 23:32 millert + + * config.h.in: add HAVE_WAITPID, HAVE_WAIT3, and sudo_waitpid() + +1998-05-18 23:32 millert + + * configure.in: check for waitpid and wait3 or no waitpid + +1998-05-18 23:31 millert + + * logging.c: used waitpid or wait3 if we have 'em + +1998-05-02 14:16 millert + + * visudo.c: fix some fprintf args, ariel@oz.engr.sgi.com (Ariel + Faigon) + +1998-04-27 20:09 millert + + * configure.in: don't need to explicately mention -lsocket -lnsl + for sequent + +1998-04-25 01:56 millert + + * configure.in: dynix should not link with -linet + +1998-04-10 15:32 millert + + * INSTALL: mention that HP-UX doesn't ship with yacc + +1998-04-06 22:35 millert + + * check.c: ignore kerberos if we can't get the local realm + +1998-04-05 23:37 millert + + * configure.in, BUGS, INSTALL, README: ++version + +1998-04-05 23:36 millert + + * version.h: ++ + +1998-04-05 23:35 millert + + * Makefile.in, emul/utime.h, check.c, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getcwd.c, goodpath.c, interfaces.c, + logging.c, parse.c, parse.lex, putenv.c, strdup.c, sudo.c, + sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, + visudo.c: updated version + +1998-04-05 23:34 millert + + * check.c, sudo.h: fix version + +1998-04-05 23:33 millert + + * getcwd.c: don't use popen/pclose. Do it inline. + +1998-04-05 23:25 millert + + * lsearch.c: add rcsid + +1998-04-05 23:21 millert + + * sudo.c: typo + +1998-04-05 23:17 millert + + * sudo.h, pathnames.h.in, compat.h, options.h, ins_2001.h, + insults.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc, + check.c: updated version + +1998-04-05 23:15 millert + + * check.c, find_path.c, parse.c, sudo.c, testsudoers.c: MAX* + 1 -> + MAX* + +1998-04-05 23:14 millert + + * Makefile.in: getwd.c -> getcwd.c + +1998-04-05 22:49 millert + + * config.h.in: kill HAVE_GETWD + +1998-04-05 22:49 millert + + * configure.in: getcwd, not getwd + +1998-04-05 22:48 millert + + * getcwd.c: use MAX* not MAX* + 1 always run pwd as using getwd() + defeats the purpose + +1998-03-31 00:15 millert + + * OPTIONS, options.h: add STUB_LOAD_INTERFACES + +1998-03-31 00:05 millert + + * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: + updated version + +1998-03-30 23:54 millert + + * configure.in: support *-ccur-sysv4 and fix two typos + +1998-03-27 19:52 millert + + * configure.in: don't echo about with_logfile and with_timedir + +1998-03-27 19:49 millert + + * INSTALL: document --with-logfile and --with-timedir + +1998-03-27 19:46 millert + + * aclocal.m4: support --with-logfile and --with-timedir + +1998-03-27 19:46 millert + + * configure.in: Add --with-logfile and --with-timedir + +1998-03-27 19:27 millert + + * sudo.c: change size computation of NewArgv for UNICOS + +1998-02-18 20:10 millert + + * configure.in: treate -*-sysv4* like *-*-svr4 + +1998-02-18 18:19 millert + + * configure.in: fix spacing for --with-authenticate help + +1998-02-18 16:39 millert + + * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: + updated version + +1998-02-18 16:23 millert + + * parse.yacc: fix off by one error in push macro + +1998-02-17 01:15 millert + + * configure.in: removed bogus alloca hack + +1998-02-17 01:15 millert + + * check.c: added AIX 4.x authenticate() support + +1998-02-17 01:11 millert + + * parse.yacc: include alloca.h if using bison and not gcc and it + exists. fixes an alloca problem on hpux 10.x + +1998-02-17 00:39 millert + + * INSTALL: mention --with-authenticate + +1998-02-17 00:37 millert + + * configure.in: added AIX authenticate() support + +1998-02-17 00:22 millert + + * config.h.in: add HAVE_AUTHENTICATE + +1998-02-16 23:58 millert + + * interfaces.c: dynamically size ifconf buffer + +1998-02-16 23:56 millert + + * configure.in: quote '[' and ']' + +1998-02-16 21:42 millert + + * Makefile.in, emul/utime.h, check.c, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: + updated version + +1998-02-16 19:06 millert + + * visudo.pod: add ERRORS section + +1998-02-16 18:57 millert + + * TROUBLESHOOTING: add busy stmp file explanation + +1998-02-15 18:49 millert + + * configure.in: the name of the cached var that signals whether or + not you are cross compiling changed. It is now + ac_cv_prog_cc_cross + +1998-02-11 16:26 millert + + * INSTALL: mention glibc 2.07 is fixed wrt lsearch()\. + +1998-02-06 21:55 millert + + * sample.sudoers, sudoers.pod: better example of su but not root su + +1998-02-06 15:49 millert + + * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: + updated version + +1998-02-06 15:48 millert + + * Makefile.in: correct regexp for updating version + +1998-02-06 14:05 millert + + * tgetpass.c: remove bogus flush of stderr spew prompt before + turning off echo. Seems to fix a weird problem where if sudo + complained about a bogus stamp file the user would sometimes not + have a chance to enter a password + +1998-02-06 14:05 millert + + * check.c: fix bogus flush of stderr + +1998-02-05 19:19 millert + + * sudo.c: close fd's <=2 not <=3 and move that chunk of code up + +1998-02-05 19:18 millert + + * configure.in: support hpux1[0-9] not just hpux10 + +1998-01-30 14:59 millert + + * parse.c: set sudoers_fp to nil after closing + +1998-01-24 01:05 millert + + * config.guess, config.sub: updated from autoconf 2.12 + +1998-01-24 00:50 millert + + * configure.in: add *-*-svr4 rule + +1998-01-22 22:53 millert + + * tgetpass.c: fix select usage for high fd's (dynamically allocate + readfds) + +1998-01-22 22:49 millert + + * check.c: kill extra whitespace + +1998-01-22 19:28 millert + + * sudo.c: do an initgroups() before running a command, unless the + target user is root. + +1998-01-22 12:22 millert + + * TROUBLESHOOTING: tell people to use tabs, not spaces, in + syslog.conf + +1998-01-21 01:56 millert + + * parse.lex, Makefile.in, config.h.in, getwd.c, strdup.c, putenv.c, + emul/utime.h, testsudoers.c, utime.c, dce_pwent.c: updated + version + +1998-01-21 01:32 millert + + * goodpath.c, sudo_setenv.c, interfaces.c, tgetpass.c, visudo.c: + updated version + +1998-01-21 01:29 millert + + * sudo.h, pathnames.h.in, options.h, compat.h, insults.h, + ins_2001.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc, + check.c, getspwuid.c, find_path.c, logging.c, parse.c, sudo.c: + updated version + +1998-01-21 01:20 millert + + * Makefile.in: more tweaks to update_version + +1998-01-21 01:19 millert + + * Makefile.in: fixed up update_version rule + +1998-01-21 00:55 millert + + * configure.in: ++version + +1998-01-21 00:53 millert + + * Makefile.in: removed supe of check.c + +1998-01-21 00:51 millert + + * INSTALL: ++version I missed + +1998-01-21 00:51 millert + + * RUNSON: updated + +1998-01-21 00:48 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c, emul/utime.h, BUGS, INSTALL, README: updated version + +1998-01-21 00:47 millert + + * CHANGES: updated for 1.5.5 + +1998-01-21 00:35 millert + + * Makefile.in: add rules to update version stuff in files so I + don't need to do it by hand + +1998-01-21 00:04 millert + + * sudo.h: sudoers_fp is now extern + +1998-01-21 00:03 millert + + * sudo.c: in check_sudoers, cache the sudoers file handle in + sudoers_fp so we don't have to open it again in the parse. This + may help with weird solaris problems where EAGAIN sometime + occurrs. + +1998-01-21 00:02 millert + + * parse.c: sudoers file open is now done only in check_sudoers() so + we just do a rewind() instead of an open. May help people on + solaris who were getting EAGAIN. + +1998-01-16 11:43 millert + + * INSTALL: mention that newer glibc is fixed + +1998-01-13 12:58 millert + + * sudo.c: newer irix uses _RLDN32_* envariables for 32-bit binaries + so ignore _RLD* instead of _RLD_* + +1998-01-13 10:32 millert + + * parse.c: typo + +1998-01-13 10:19 millert + + * parse.c: fix that bug for real + +1998-01-13 02:39 millert + + * INSTALL: document Linux's libc6 brokenness. + +1998-01-13 02:00 millert + + * parse.yacc: -Wall + +1998-01-13 01:22 millert + + * RUNSON: updated + +1998-01-13 00:50 millert + + * TROUBLESHOOTING: remind people to HUP syslogd + +1998-01-13 00:05 millert + + * Makefile.in: add -O flag to tar + +1998-01-13 00:00 millert + + * TODO, RUNSON: updated + +1998-01-12 23:59 millert + + * sudo.pod: remove author's email addr. people should mail + sudo-bugs + +1998-01-12 23:49 millert + + * INSTALL: fix version + +1998-01-12 23:48 millert + + * README, check.c, compat.h, config.h.in, configure.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c: ++version + +1998-01-12 23:44 millert + + * RUNSON: updated + +1998-01-12 23:42 millert + + * INSTALL, Makefile.in: ++version + +1998-01-12 23:41 millert + + * CHANGES: updated fort 1.5.4 + +1998-01-12 23:41 millert + + * check.c: exit(1) if user enters no passwd + +1998-01-12 23:37 millert + + * BUGS: ++version + +1998-01-12 23:10 millert + + * parse.c: commands can start with ./* not just /* -- fixes a + serious security hole. + +1997-12-21 18:17 millert + + * sudo.c: Don't set the tty variable to NULL when we lack a tty, + leave it as "unknown". + +1997-11-23 13:29 millert + + * sample.sudoers: fix usage of (username) in conjunction with , and + ! + +1997-11-23 13:28 millert + + * visudo.c: catch the case where the user is not in the passwd file + +1997-11-23 13:24 millert + + * tgetpass.c: use fileno(input) + 1 instead of getdtablesize() as + the nfds arg to select(2) + +1997-11-23 01:53 millert + + * sudo.c: define tty global to an initial value to avoid dumping + core in logging functions when passwd file is unavailable. + +1997-11-23 01:51 millert + + * sudo.c: do the set_perms(PERM_USER, sudo_mode) after we have + gotten the passwd entry + +1997-11-23 00:21 millert + + * sudo.pod: talk about problem of ALL + +1997-10-10 00:54 millert + + * README: new web location + +1997-10-10 00:54 millert + + * INSTALL: fdesc bug is fixed in Open/Net BSD + +1997-10-10 00:52 millert + + * HISTORY: updates from Nieusma + +1997-10-09 18:37 millert + + * dce_pwent.c: move compat.h after the system includes + +1997-08-06 14:58 millert + + * logging.c: save errno from being clobbered by wait(). From Theo + +1997-05-21 11:57 millert + + * compat.h: fix an occurence of setresuid -> setreuid (typo) + +1997-03-19 17:45 millert + + * install-sh: check for path to strip + +1997-01-15 19:05 millert + + * logging.c: deal with maxfilelen < 0 case + +1997-01-15 19:05 millert + + * OPTIONS: fixed descriptin + +1996-12-11 23:10 millert + + * sudo.c: correct error message if mode/owner wrong and not + statable by owner but is statable by root. + +1996-11-23 02:18 millert + + * config.guess, config.sub: autoconf 2.11 + +1996-11-16 14:42 millert + + * CHANGES, RUNSON, TODO: sudo 1.5.3. + +1996-11-14 15:08 millert + + * sudo.h, parse.yacc: command_alias -> generic_alias + +1996-11-13 22:50 millert + + * sample.sudoers: added Runas_Alias example and fixed syntax errors + +1996-11-13 22:50 millert + + * OPTIONS, options.h: updated MAILSUBJECT + +1996-11-13 22:49 millert + + * logging.c: added %h expansion + +1996-11-13 21:37 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c, INSTALL, README, configure.in: ++version + +1996-11-13 20:01 millert + + * emul/utime.h, BUGS: ++version + +1996-11-13 19:45 millert + + * sudoers.pod: document Runas_Alias + +1996-11-13 19:22 millert + + * visudo.pod: q (uid) -> Q + +1996-11-13 19:21 millert + + * visudo.c: buffer oflow checking q (uit) -> Q if yyparse() fails + drop into whatnow + +1996-11-13 19:05 millert + + * parse.yacc: add size params to sprintf + +1996-11-13 19:04 millert + + * parse.lex: allow trailing space after '\\' but before '\n' + +1996-11-13 19:04 millert + + * find_path.c: off by one error in path size check + +1996-11-13 19:03 millert + + * check.c: sprintf paranoia + +1996-11-12 11:59 millert + + * parse.yacc: fixed more_aliases + +1996-11-12 11:58 millert + + * visudo.c: now warns if killed by signal ./ + +1996-11-11 10:49 millert + + * parse.yacc: fix Runas_Alias stuff Alias's in runas list now get + expanded (but it is gross) + +1996-11-10 20:32 millert + + * sudo.c: Can now deal with SUDOERS_UID == 0 and SUDOERS_MODE == + 0400 + +1996-11-10 20:08 millert + + * parse.yacc: add Runas_Alias support change FOO to FOO_ALIAS (ie: + USER_ALIAS) + +1996-11-10 20:02 millert + + * parse.lex: Add Runas_Alias and simplify a rule. + +1996-11-10 19:15 millert + + * parse.yacc: always store User_Alias's since they can be used + inside of a runas list. Sigh. Really need a Runas_Alias + instead. + +1996-10-30 18:04 millert + + * visudo.c: deal with case where there is no sudoers file + +1996-10-11 23:01 millert + + * TROUBLESHOOTING: added one + +1996-10-10 22:11 millert + + * HISTORY, testsudoers.c: developement -> development + +1996-10-10 22:08 millert + + * INSTALL: added a note + +1996-10-10 20:36 millert + + * RUNSON: for 1.5.2 + +1996-10-10 20:36 millert + + * CHANGES: updated + +1996-10-10 00:56 millert + + * PORTING: removed seteuid() notes + +1996-10-09 13:37 millert + + * compat.h: better seteuid() emulatino + +1996-10-09 13:36 millert + + * configure.in: added check for seteuid + +1996-10-09 13:36 millert + + * config.h.in: added HAVE_SETEUID + +1996-10-08 19:22 millert + + * configure.in: first stab at sequent support + +1996-10-08 19:21 millert + + * config.h.in: added HAVE_SYS_SELECT_H + +1996-10-08 19:21 millert + + * compat.h: sequent -> _SEQUENT_ + +1996-10-08 19:11 millert + + * compat.h: added seteuid() macro for DYNIX + +1996-10-08 18:54 millert + + * tgetpass.c: _AIX -> HAVE_SYS_SELECT_H + +1996-10-07 01:05 millert + + * emul/utime.h, check.c, compat.h, dce_pwent.c, find_path.c, + getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, options.h, + pathnames.h.in, version.h, BUGS, INSTALL, Makefile.in, OPTIONS, + README, config.h.in, logging.c, parse.c, parse.lex, parse.yacc, + putenv.c, strdup.c, sudo_setenv.c, testsudoers.c, utime.c, + visudo.c, tgetpass.c: ++version + +1996-10-07 00:59 millert + + * sudo.pod: added -H and SUDO_PS1 + +1996-10-07 00:55 millert + + * configure.in: use SUDO_FUNC_FNMATCH + +1996-10-07 00:54 millert + + * aclocal.m4: added SUDO_FUNC_FNMATCH + +1996-10-07 00:53 millert + + * sudo.c: added -H flag + +1996-10-07 00:53 millert + + * sudo.h: added MODE_RESET_HOME / + +1996-10-05 00:00 millert + + * INSTALL: mention OPIE + +1996-10-04 23:59 millert + + * configure.in: added opie support + +1996-10-04 23:59 millert + + * check.c: added HAVE_OPIE and changed to *_OTP_* + +1996-10-04 23:58 millert + + * compat.h, config.h.in: added HAVE_OPIE + +1996-10-04 23:58 millert + + * OPTIONS, options.h: SKEY -> OTP + +1996-10-03 23:27 millert + + * check.c: moved fclose() in skey stuff. + +1996-10-03 19:53 millert + + * putenv.c: index -> strchr remove unnecesary stuff + +1996-10-03 19:43 millert + + * check.c: now call skeychallenge() to get challenge instead of + making one up ourselves. this way, we get extra goodies in the + prompt. + +1996-09-10 00:32 millert + + * CHANGES: added one + +1996-09-10 00:18 millert + + * parse.lex: allow logins to start with a number (YUCK!) + +1996-09-08 15:18 millert + + * TROUBLESHOOTING: added soalris 2.5 vs 2.4 note + +1996-09-08 15:15 millert + + * configure.in: DUNIX doesn't need -lnsl + +1996-09-07 20:22 millert + + * CHANGES: [no log message] + +1996-09-07 20:21 millert + + * check.c, compat.h, config.h.in, dce_pwent.c, find_path.c, + getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c, + options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c, + tgetpass.c, utime.c, version.h, visudo.c: courtesan + +1996-09-07 20:13 millert + + * TROUBLESHOOTING, INSTALL, Makefile.in, PORTING, RUNSON, README: + courtesan + +1996-09-07 20:12 millert + + * visudo.pod: [no log message] + +1996-09-07 20:00 millert + + * sudo.pod, visudo.pod: courtesan + +1996-09-07 19:45 millert + + * HISTORY: added courtesan ./ + +1996-09-06 00:12 millert + + * sudo.c: added $SUDO_PROMPT support + +1996-09-04 17:19 millert + + * check.c: print long skey challemged to stderr, not stdout + +1996-08-31 23:10 millert + + * CHANGES: updated for 1.5.1 + +1996-08-31 23:07 millert + + * emul/utime.h: ++version + +1996-08-31 12:34 millert + + * RUNSON: updated for 1.5.1 + +1996-08-30 10:49 millert + + * check.c: use shost, not host for tgetpass + +1996-08-30 00:21 millert + + * OPTIONS, sudo.pod: documented %u and %h + +1996-08-29 20:40 millert + + * configure.in: fixed typo + +1996-08-29 20:37 millert + + * INSTALL, Makefile.in, README, check.c, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c: ++version + +1996-08-29 20:30 millert + + * BUGS: ++version + +1996-08-29 18:32 millert + + * configure.in, Makefile.in, version.h: ++version + +1996-08-29 17:58 millert + + * sudo.h: new tgetpass() params + +1996-08-29 17:58 millert + + * check.c: pass use and host to tgetpass + +1996-08-29 17:57 millert + + * tgetpass.c: added %u and %h escapes + +1996-08-29 16:56 millert + + * OPTIONS, options.h, check.c: added NO_MESSAGE + +1996-08-29 16:23 millert + + * configure.in: added cray (unicos) support + +1996-08-27 11:36 millert + + * OPTIONS, options.h, sudo.c: added SHELL_SETS_HOME + +1996-08-25 17:56 millert + + * INSTALL: added note about "make install" + +1996-08-25 17:50 millert + + * parse.yacc: changed length/size params from int to size_t + +1996-08-25 13:35 millert + + * OPTIONS: now get CSOPS insults as well by default + +1996-08-25 13:33 millert + + * insults.h: use csops insults too by default + +1996-08-25 13:31 millert + + * INSTALL, Makefile.in, README, config.h.in, configure.in, + version.h: version = 1.5 + +1996-08-25 13:27 millert + + * sudo.c: added runas_homedir + +1996-08-25 13:27 millert + + * TODO: updated for 1.5 + +1996-08-25 13:23 millert + + * RUNSON: updated for 1.5 + +1996-08-25 13:19 millert + + * CHANGES: 1.5 release + +1996-08-25 13:17 millert + + * INSTALL: added "upgrading" notes + +1996-08-22 14:00 millert + + * visudo.c: now do chmod and chown after edit of temp file and + before rename + +1996-08-18 12:52 millert + + * Makefile.in: ++version added INSTALL.configure + +1996-08-18 12:52 millert + + * version.h, configure.in: ++version + +1996-08-18 12:51 millert + + * TROUBLESHOOTING: [no log message] + +1996-08-18 12:50 millert + + * parse.yacc: added missing cast + +1996-08-17 20:37 millert + + * sudo.c: sets $HOME to pw_dir of runas user + +1996-08-17 20:02 millert + + * sudo.pod: document $HOME change + +1996-08-17 19:43 millert + + * sudo.pod: fixed up some wording + +1996-08-17 19:25 millert + + * check.c, dce_pwent.c, find_path.c, getspwuid.c, getwd.c, + goodpath.c, interfaces.c, logging.c, parse.c, parse.lex, + parse.yacc, putenv.c, strdup.c, sudo.c, sudo_setenv.c, + testsudoers.c, tgetpass.c, utime.c, visudo.c: ++version + +1996-08-17 19:19 millert + + * emul/utime.h, compat.h, ins_2001.h, ins_classic.h, ins_csops.h, + ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h: + ++version + +1996-08-17 19:18 millert + + * sudo.h: name nad type changes + +1996-08-17 19:17 millert + + * testsudoers.c: now works with new sudo + +1996-08-17 19:07 millert + + * parse.yacc: fixed some XXX + +1996-08-17 18:52 millert + + * parse.yacc: some variable name changes + comment headers for + functions. + +1996-08-17 18:41 millert + + * tgetpass.c: added extra paren's to make compilers happy + +1996-08-17 18:34 millert + + * sudo.c: [no log message] + +1996-08-17 18:30 millert + + * parse.c: now uses init_parser() if not in sudoers and tries + "list" or "validate" scold but don't be nasty. + +1996-08-17 18:29 millert + + * TROUBLESHOOTING: now can use upper case login names + +1996-08-17 18:29 millert + + * visudo.c: now uses init_parser() + +1996-08-17 18:28 millert + + * PORTING: added info about PASSWORD_TIMEOUT + +1996-08-17 18:28 millert + + * INSTALL, README: updated + +1996-08-17 18:28 millert + + * INSTALL.configure: Initial revision + +1996-08-17 18:27 millert + + * BUGS: fixed a bug , + +1996-08-17 18:27 millert + + * parse.yacc: now dynamically allocates memory for the stacks -- no + more overflows! + +1996-08-17 18:26 millert + + * sudo.pod: -l now explands command aliases + +1996-08-17 13:22 millert + + * parse.yacc: hacks to expand command aliases for `sudo -l' + +1996-08-17 13:22 millert + + * sudo.c: remove $ENV and $BASH_ENV (dangerous in ksh, posix sh, + and bash) + +1996-08-17 13:22 millert + + * sudo.h: added struct command_alias + +1996-08-17 13:20 millert + + * sudo.pod: fixed a bug + +1996-08-17 13:15 millert + + * lsearch.c: in compar() key should be first arg + +1996-08-15 15:48 millert + + * BUGS: fixed some bugs + +1996-08-15 15:47 millert + + * parse.yacc: can now deal with upcase HOST and USER names + +1996-08-15 15:47 millert + + * sudo.c: don't yell too loudly at non-sudoers if they do "sudo -l" + +1996-08-15 15:46 millert + + * sudo.pod: fixed thinko + +1996-08-15 15:46 millert + + * parse.c: fix comment + +1996-08-09 18:07 millert + + * parse.c, parse.yacc: added support for new `sudo -l' stuff + +1996-08-09 18:06 millert + + * sudo.c: now uses list_matches() + +1996-08-09 18:06 millert + + * sudo.h: added struct sudo_match + +1996-08-09 17:37 millert + + * configure.in: now more -lgnumalloc + +1996-08-01 13:12 millert + + * install-sh: added more paths for chown and whoami + +1996-07-31 10:41 millert + + * check.c: typo + +1996-07-30 13:45 millert + + * aclocal.m4: fixed DUNIX check for shadow pw + +1996-07-30 13:41 millert + + * tgetpass.c: now only turn off echo if it is already on. this + fixes a race when you use sudo in a pipelin + +1996-07-30 12:53 millert + + * INSTALL: updated + +1996-07-29 22:29 millert + + * configure.in: changed "test -z $foo && do_this" to if; then + construct + +1996-07-28 22:47 millert + + * configure.in: added missing defines of SHADOW_TYPE + +1996-07-26 14:10 millert + + * check.c: protect AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT since + they are only in dunix 4.x + +1996-07-26 14:09 millert + + * getspwuid.c: added AUTH_CRYPT_C1CRYPT support + +1996-07-26 13:23 millert + + * parse.c: no longer return VALIDATE_NOT_OK if there was a runas + that didn't match. Now we can have runas stuff on more than one + line. + +1996-07-25 23:45 millert + + * configure.in: got rid of HAVE_C2_SECURITY SHADOW_TYPE is always + defined to something + +1996-07-25 23:45 millert + + * config.h.in: removed HAVE_C2_SECURITY added SPW_BSD + +1996-07-25 23:44 millert + + * compat.h, getspwuid.c, sudo.c, tgetpass.c: use SHADOW_TYPE + instead of HAVE_C2_SECURITY + +1996-07-25 23:44 millert + + * check.c: SHADOW_TYPE is always defined so just against its value + +1996-07-25 23:44 millert + + * aclocal.m4: added SUDO_CHECK_SHADOW_DUNIX + +1996-07-25 18:47 millert + + * sudoers.pod: * -> ?* in one example added another instance of + (runas) and one of NOPASSWD: + +1996-07-24 13:02 millert + + * configure.in: added back check for config.cache from other host + type + +1996-07-24 12:49 millert + + * parse.lex: removed an instance of \" + +1996-07-24 12:49 millert + + * sample.sudoers: added an example + +1996-07-24 12:44 millert + + * sudoers.pod: updated wrt new wildcard matching + +1996-07-24 10:28 millert + + * configure.in: new check for shadow passwords if we don't know + anything + +1996-07-24 10:28 millert + + * aclocal.m4: new SUDO_CHECK_SHADOW_GENERIC + +1996-07-24 02:19 millert + + * configure.in: added back check for -lsocket (oops) + +1996-07-24 02:16 millert + + * configure.in: better (working) check for shadow passwd type if we + know to use C2. + +1996-07-24 01:59 millert + + * configure.in: now uses AC_CANONICAL_HOST to figure out os type + +1996-07-24 01:59 millert + + * Makefile.in: added config.{guess,sub} + +1996-07-24 01:58 millert + + * aclocal.m4: removed unused stuff to figure out os type + +1996-07-23 22:58 millert + + * config.sub: added openbsd + +1996-07-23 22:54 millert + + * config.sub: Initial revision + +1996-07-23 22:40 millert + + * config.guess: Initial revision + +1996-07-23 21:18 millert + + * testsudoers.c: don't call fnmatch() with FNM_PATHNAME flag unless + it can only be a pathname. need to check against sudoers_args + even if user_args is nil + +1996-07-23 21:18 millert + + * parse.c: don't call fnmatch() with FNM_PATHNAME flag unless it + can only be a pathname need to check against sudoers_args even if + user_args is nil + +1996-07-23 18:52 millert + + * check.c: added support for AUTH_CRYPT_OLDCRYPT w/ DUNIX C2 + +1996-07-23 01:18 millert + + * testsudoers.c: now takes command line args and uses cmnd_args + +1996-07-23 01:10 millert + + * parse.lex: fill_args was adding an extra leading space + +1996-07-22 15:50 millert + + * visudo.c: fixed dummy command_matches() + +1996-07-22 15:50 millert + + * parse.yacc: fixed prototype + +1996-07-22 15:31 millert + + * sudo.h: added cmnd_args + +1996-07-22 15:31 millert + + * parse.yacc: now uses flat args string + +1996-07-22 15:30 millert + + * parse.c, parse.lex: now uses flat arg string + +1996-07-22 15:29 millert + + * visudo.c: added cmnd_args def + +1996-07-22 14:30 millert + + * sudo.c: now sets cmnd_args global + +1996-07-22 14:30 millert + + * logging.c: cmnd_args is now exported from sudo.[ch] + +1996-07-21 18:41 millert + + * parse.yacc: can't rely on cmnd_matches as much as I thought -- + added some $$ stuff back in to prevent namespace pollution + problems. + +1996-07-21 18:01 millert + + * parse.yacc: Simplified parse rules wrt runas and NOPASSWD (more + consistent). + +1996-07-20 00:45 millert + + * parse.lex: NOPASSWD may now have blanks before the ':' '(' only + starts a 'runas' if in the initial state to avoid collision with + command args + +1996-07-20 00:23 millert + + * configure.in: added checks for specific shadow passwd schemes + +1996-07-20 00:18 millert + + * aclocal.m4: added routines to check for specific shadow passwd + types + +1996-07-18 18:27 millert + + * configure.in: added support for ncr boxen + +1996-07-18 18:26 millert + + * aclocal.m4: added support for detecting ncr boxen + +1996-07-16 14:57 millert + + * configure.in: added sinix support + +1996-07-13 22:29 millert + + * TROUBLESHOOTING: added info about "config.cache from other other" + error. + +1996-07-13 22:22 millert + + * aclocal.m4: now makes sure you don't have a config.cache file + from another OS + +1996-07-13 21:36 millert + + * configure.in: now sets $LIBS when needed to configure links with + libs when doing tests hpux10 now uses SPW_SECUREWARE for C2 added + check for bigcrypt(3) if SPW_SECUREWARE + +1996-07-13 21:30 millert + + * getspwuid.c: fixed typo + +1996-07-13 21:05 millert + + * tgetpass.c: now include stuff for SPW_SECUREWARE to get + AUTH_MAX_PASSWD_LENGTH + +1996-07-13 21:05 millert + + * getspwuid.c: no more SPW_HPUX10 + +1996-07-13 21:04 millert + + * config.h.in: no more SPW_HPUX10 added HAVE_BIGCRYPT + +1996-07-13 21:04 millert + + * compat.h: now uses AUTH_MAX_PASSWD_LENGTH if SPW_SECUREWARE + +1996-07-13 21:04 millert + + * check.c: SPW_SECUREWARE now uses bigcrypt + +1996-07-13 18:24 millert + + * sample.sudoers: fixed 2 syntax errors + +1996-07-13 18:24 millert + + * sudoers: root may now run ALL as ALL + +1996-07-11 20:59 millert + + * interfaces.c: fixed a typo/thinko that broke BSD's with sa_len + +1996-07-08 16:08 millert + + * check.c, configure.in: updated AFS support + +1996-07-08 16:07 millert + + * TROUBLESHOOTING: added entry about /usr/ucb/cc + +1996-07-08 16:06 millert + + * INSTALL: prep no longer holds gcc binaries + +1996-07-08 15:48 millert + + * INSTALL: updated AFS note + +1996-07-08 15:43 millert + + * Makefile.in: added @AFS_LIBS@ + +1996-07-08 15:33 millert + + * compat.h: AFS allows long passwords + +1996-07-08 14:16 millert + + * testsudoers.c: fixed -u user support + +1996-07-08 14:16 millert + + * parse.c: sudo -v now groks VALIDATE_OK_NOPASS + +1996-07-08 13:30 millert + + * parse.yacc: fixed no_passwd vs. runas_matched + +1996-07-08 10:30 millert + + * TROUBLESHOOTING: took out stuff about NFS-mounting since it is no + longer an issue + +1996-07-08 10:30 millert + + * INSTALL: added --with-libraries > --with-libpath --with-incpath + +1996-07-08 10:21 millert + + * parse.yacc: was setting runas_matches to -1 in wrong place + +1996-07-08 09:58 millert + + * check.c: removed usersec.h which is not present in new AFS + versions + +1996-07-08 09:55 millert + + * tgetpass.c: now deals with timeout <= 0 + +1996-07-08 09:51 millert + + * OPTIONS: updated + +1996-07-08 00:04 millert + + * configure.in: BSD/OS >= 2.0 now uses shlicc instead of just gcc + +1996-07-07 22:30 millert + + * sudo.c: fixed backwards compatibility with sudo 1.4 sudoers mode + for root readable/writable filesystems + +1996-07-07 20:49 millert + + * Makefile.in: now gives INSTALL -c flag + +1996-07-07 20:34 millert + + * parse.yacc: slightly simpler initialization of no_passwd and + runas_matches + +1996-07-07 20:33 millert + + * testsudoers.c: added -u username support + +1996-07-07 20:32 millert + + * configure.in: improved --with-libraries support + +1996-07-07 16:27 millert + + * configure.in: added --with-incpath, --with-libpath, + --with-libraries + +1996-07-07 16:01 millert + + * parse.yacc: now initializes some fields that weren't getting set + to -1 pretty gross -- need a rewrite. + +1996-06-25 23:19 millert + + * alloca.c: removed emacs'isms + +1996-06-25 22:29 millert + + * configure.in: no longer add -lPW to *_LIBS since we include + alloca.c + +1996-06-25 22:29 millert + + * config.h.in: added HAVE_ALLOCA_H + +1996-06-25 22:28 millert + + * Makefile.in: added alloca.c + +1996-06-25 22:18 millert + + * alloca.c: Initial revision + +1996-06-25 21:58 millert + + * configure.in: ++version + +1996-06-25 19:32 millert + + * sudo.c: now set uid to 1 instead of nobody for PERM_SUDOERS since + nobody is not always set to a valid uid. + +1996-06-25 19:31 millert + + * OPTIONS: fixed entry for SUDO_MODE + +1996-06-25 18:02 millert + + * sudo.c: Fixed NFS-mounted sudoers file under solaris both uid + *and* gid were being set to -2. Now beat NFS to the punch and + set uid to "nobody" ourselves, preserving group 0 to read + sudoers. + +1996-06-25 18:02 millert + + * parse.c: moved set_perms(PERM_ROOT) to be before yyparse() + +1996-06-25 18:00 millert + + * logging.c: fixed a typo + +1996-06-25 18:00 millert + + * configure.in: no longer need AC_PROG_INSTALL + +1996-06-25 17:59 millert + + * Makefile.in: always use install-sh to avoid install(1)'s that use + get{pw,gr}nam + +1996-06-25 16:07 millert + + * INSTALL: make clean -> make distclean + +1996-06-20 01:17 millert + + * parse.yacc: removed some unnecsary if's + +1996-06-20 01:16 millert + + * Makefile.in, version.h: ++version + +1996-06-20 01:16 millert + + * parse.c, testsudoers.c: now includes netgroup.h + +1996-06-20 00:45 millert + + * interfaces.c: removed cats of ioctl to int since they didn't shut + up -Wall + +1996-06-20 00:43 millert + + * interfaces.c: explicately cast ioctl() to int since it it not + always declared + +1996-06-20 00:41 millert + + * sudo.h: added declarations for yyparse() and yylex() + +1996-06-20 00:27 millert + + * parse.yacc: fixed an occurence of '==' -> '=' + +1996-06-20 00:22 millert + + * config.h.in, configure.in: added check for netgroup.h + +1996-06-20 00:20 millert + + * sudo.c: fixed 2 compiler warnings + +1996-06-20 00:08 millert + + * sudo.c: SHELL_IF_NO_ARGS caused core dump since NewArg[cv] + weren't being initialized + +1996-06-19 13:53 millert + + * sudo.pod: fixed a typo + +1996-06-17 12:19 millert + + * parse.yacc: fixed a formatting thingie + +1996-06-17 12:16 millert + + * parse.c, parse.yacc: fixed -u support with multiple user lists on + a line + +1996-06-17 10:23 millert + + * configure.in: unixware needs -lgen + +1996-06-17 10:23 millert + + * README: updated ftp location + +1996-06-17 00:08 millert + + * sudoers.pod: add net_addr/netmask support + +1996-06-17 00:07 millert + + * sample.sudoers: added net_addr/mask example + +1996-06-17 00:02 millert + + * parse.lex, parse.c: added support for net_addr/netmask + +1996-06-15 20:13 millert + + * sudoers.pod: ^ -> ! + +1996-06-15 18:12 millert + + * RUNSON: updated for 1.4.3 + +1996-06-15 18:12 millert + + * CHANGES: udpated for 1.4.3 + +1996-06-15 18:11 millert + + * TROUBLESHOOTING, TODO, BUGS: updated + +1996-06-15 18:11 millert + + * sample.sudoers: updated with examples of new stuff + +1996-06-15 18:10 millert + + * INSTALL, README: ++version + +1996-06-15 18:01 millert + + * sudoers.pod: updated wrt -u and NOPASSWD + +1996-06-15 17:58 millert + + * sudo.pod: updated wrt -u and CAVEATS + +1996-06-08 23:15 millert + + * sudo.c: fixed usage() + +1996-06-08 22:57 millert + + * parse.lex: now use :foo: character classes (makes no diff for + generated lexer) + +1996-06-07 14:33 millert + + * check.c: fixed LONG_SKEY_PROMPT stuff + +1996-06-06 15:35 millert + + * visudo.c: fixed a comment + +1996-06-06 15:03 millert + + * lsearch.c: make more like NetBSD one -- now compiles w/o warnings + +1996-06-06 15:02 millert + + * emul/search.h: fixed decls of lsearch() + +1996-06-05 22:20 millert + + * config.h.in, configure.in, getspwuid.c: added SPW_HPUX10 + +1996-06-05 22:20 millert + + * check.c: hpux 10 uses bigcrypt() if C2 + +1996-06-04 19:57 millert + + * parse.c: now always uses fnmatch to match args + +1996-06-04 19:40 millert + + * tgetpass.c: back to using stdio instead of raw i/o since that + caused some problems + +1996-05-28 22:14 millert + + * sudo.c: now give usage warning if use -l,-v,-k with args + +1996-05-28 18:22 millert + + * sudo.c: NewArgc is now set to 1 for -l, -v, -k + +1996-05-28 12:50 millert + + * sudo.c: now sets sudoers to correct group if mode is 0400 + +1996-05-28 12:02 millert + + * install-sh: updated to version used by inn and bind + +1996-05-28 00:08 millert + + * configure.in: now uses -lgnumalloc if it exists + +1996-05-28 00:02 millert + + * Makefile.in: "make install" now sets uid/gid and mode on sudoers + if it exists + +1996-05-28 00:01 millert + + * sudo.c: rmeoved debugging statements + +1996-05-28 00:00 millert + + * parse.yacc: added a missing free() + +1996-05-27 23:58 millert + + * sudo.c: now uses user_gid instead of getegid (which was wrong + anyway) to set SUDO_GID Now sets command line args in + SUDO_COMMAND envariabled (logging.c depends on args being in the + environment) + +1996-05-27 23:57 millert + + * logging.c: now uses SUDO_COMMAND envariable to get command args + rather than building it up again. + +1996-05-27 22:42 millert + + * parse.c: now uses user_gid + +1996-05-27 20:02 millert + + * sudo.c: fixed off by one error in allocation NewArgv + +1996-05-27 20:01 millert + + * parse.c: in sudoers, 'command ""' now means command with no args + +1996-05-27 20:01 millert + + * configure.in: added check for fnmatch(3) and fnmatch.h + +1996-05-27 20:01 millert + + * config.h.in: added HAVE_FNMATCH + +1996-05-27 20:00 millert + + * Makefile.in: replaced wildcat.* with fnmatch.* + +1996-05-27 20:00 millert + + * testsudoers.c: now uses fnmatch() + +1996-05-27 19:38 millert + + * parse.c: now uses fnmatch() instead of wildmat a trailing star + (*) by itself now matches multiple args added support for + wildcards in the pathname in sudoers + +1996-05-25 19:23 millert + + * fnmatch.c: now includes compat.h and config.h + +1996-05-25 18:09 millert + + * config.h.in: added HAVE_FNMATCH_H + +1996-05-25 18:07 millert + + * configure.in: now checks for alloca() (if needed by bison or dce) + and links with -lPW if it contains alloca() and libv and compiler + do not. + +1996-05-25 18:03 millert + + * fnmatch.3, fnmatch.c, emul/fnmatch.h: Initial revision + +1996-04-28 22:38 millert + + * sudo.c: now fixes mode on sudoers if set to 0400 to aid in + upgrade + +1996-04-28 17:44 millert + + * Makefile.in: fixed pod2man usage + +1996-04-28 17:40 millert + + * configure.in, Makefile.in, version.h: ++version + +1996-04-28 17:20 millert + + * testsudoers.c, visudo.c: runas_user is now initialized to "root" + +1996-04-28 17:20 millert + + * sudo.h: removed PERM_FULL_ROOT + +1996-04-28 17:18 millert + + * sudo.c: runas_user defaults to "root" so no more need to + PERM_RUNAS + +1996-04-28 17:16 millert + + * parse.c: will now only running commands as root if there was no + runas list (or if root is in the runas list) + +1996-04-28 17:15 millert + + * logging.c: now logs "USER=%s" + +1996-04-28 17:12 millert + + * parse.yacc: runas_matches is now set to false if we get a + negative match + +1996-04-28 15:01 millert + + * parse.lex: make #uid work + some minor cleanup + +1996-04-27 21:04 millert + + * sample.sudoers: added support for NOPASSWD and "runas" from + garp@opustel.com / + +1996-04-27 21:03 millert + + * visudo.c: added support for "runas" from garp@opustel.com + replaced SUDOERS_OWNER with SUDOERS_UID, SUDOERS_GID added + support for SUDOERS_MODE + +1996-04-27 21:03 millert + + * testsudoers.c: added support for "runas" from garp@opustel.com + +1996-04-27 21:02 millert + + * sudo.h: added support for NO_PASSWD and runas from + garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and + SUDOERS_GID and added support fro SUDOERS_MODE + +1996-04-27 21:00 millert + + * sudo.c: added support for NO_PASSWD and runas from + garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and + SUDOERS_GID and added support fro SUDOERS_MODE + +1996-04-27 21:00 millert + + * parse.yacc: added support for NO_PASSWD and runas from + garp@opustel.com + +1996-04-27 20:58 millert + + * parse.c, parse.lex: added support for NO_PASSWD and runas from + garp@opustel.com + +1996-04-27 20:56 millert + + * logging.c: added support for SUDOERS_WRONG_MODE and "runas" + +1996-04-27 20:40 millert + + * configure.in: added --with-CC only link with -lshadow on linux + (with shadow pw) if libc lacks getspnam() + +1996-04-27 20:39 millert + + * OPTIONS, options.h: removed NO_PASSWD since it is not possible to + do this in the sudoers file itself. Replaced SUDOERS_OWNER with + SUDOERS_UID and SUDOERS_GID. Added SUDOERS_MODE. + +1996-04-27 20:26 millert + + * Makefile.in: now uses SUDOERS_UID and SUDOERS_GID + +1996-04-27 11:20 millert + + * INSTALL: added --with-CC + +1996-04-06 16:31 millert + + * parse.lex: added double quote support + +1996-04-06 16:29 millert + + * sudoers.pod: documented double quoting + +1996-04-05 16:53 millert + + * mkinstalldirs: Initial revision + +1996-04-05 16:53 millert + + * check.c: fixed some indentation + +1996-04-05 16:48 millert + + * Makefile.in: fixed a typo + +1996-04-04 19:39 millert + + * Makefile.in: added install-dirs . + +1996-04-04 14:16 millert + + * dce_pwent.c: new version from "Jeff A. Earickson" + <jaearick@colby.edu> + +1996-04-03 13:40 millert + + * configure.in: $CSOPS -> $with_csops (whoops, missed one) + +1996-04-03 13:40 millert + + * BUGS: updated + +1996-04-03 13:36 millert + + * parse.lex: FQHOST now has same constraints as non-FQHOST + +1996-04-02 19:00 millert + + * INSTALL: added note about OS's w/ shadow passwords turned on by + default + +1996-04-02 18:58 millert + + * configure.in: fixed a typo + +1996-04-02 18:48 millert + + * configure.in: added support for --without-THING sanitized shadow + pw situtation by adding support for --without-C2 + +1996-04-02 16:42 millert + + * tgetpass.c: fixed a typo wrt placement of an end paren + +1996-04-02 14:57 millert + + * check.c: was closing an fd that may not have been opened + +1996-03-21 19:55 millert + + * sudo.c, OPTIONS, options.h: added NO_PASSWD + +1996-03-19 19:40 millert + + * configure.in: now always use shadow pw on some arches + +1996-03-19 17:07 millert + + * configure.in: added pyramid support + +1996-03-19 17:04 millert + + * configure.in: no longer check for C2 if alternate passwd method + is used no longer check for some libs twice + +1996-03-19 17:00 millert + + * parse.yacc: moved fqdn stuff into parse.lex (FQHOST) + +1996-03-19 17:00 millert + + * parse.lex: added FQHOST rules + +1996-03-18 20:57 millert + + * tgetpass.c: now define TCSASOFT in necesary + +1996-03-18 20:31 millert + + * tgetpass.c: now uses read/write instead of stdio string goop to + avoid problems with select(2) + +1996-03-18 19:37 millert + + * OPTIONS, find_path.c, options.h: -DNO_DOT_PATH -> + -DIGNORE_DOT_PATH + +1996-03-17 16:18 millert + + * INSTALL: added note about no shadow auto-detect if using + alternate auth schemes + +1996-03-17 15:33 millert + + * configure.in: don't check for C2 if AFS or DCE (unless they said + --with-C2) + +1996-03-17 15:08 millert + + * testsudoers.c: now groks shost + +1996-03-17 15:01 millert + + * options.h, OPTIONS, find_path.c: added NO_DOT_PATH + +1996-03-16 14:43 millert + + * find_path.c: checkdot now works correctly + +1996-03-12 18:01 millert + + * configure.in: can't have DCE and C2 passwords both... + +1996-03-11 14:05 millert + + * parse.yacc, sudo.c, sudo.h, visudo.c: now uses shost even if not + FQDN + +1996-03-11 14:04 millert + + * configure.in: now looks for skey in /usr/lib and doesn't require + libskey to be in /usr/local/lib just because skey.h is (for my + netbsd box :-) + +1996-03-11 02:00 millert + + * aclocal.m4, config.h.in, pathnames.h.in: _SUDO_PATH_ -> + _CONFIG_PATH_ + +1996-03-10 21:01 millert + + * aclocal.m4, sudo.pod: /var/run/.odus -> /var/run/sudo + +1996-03-10 20:59 millert + + * pathnames.h.in: now uses _SUDO_PATH_TIMEDIR + +1996-03-10 20:59 millert + + * OPTIONS: udpated FQDN + +1996-03-10 20:58 millert + + * config.h.in: added _SUDO_PATH_TIMEDIR + +1996-03-10 20:58 millert + + * aclocal.m4, configure.in: added SUDO_TIMEDIR + +1996-03-10 20:58 millert + + * sudo.pod: updated wrt /var/run/sudo + +1996-03-10 20:16 millert + + * sudo.c, sudo.h: added support for shost if FQDN + +1996-03-10 20:14 millert + + * parse.yacc, visudo.c: now uses shost if FQDN + +1996-03-10 20:12 millert + + * check.c: Now use skeylookup() instead off skeychallenge() + +1996-02-27 20:41 millert + + * logging.c: mail_argv should not contain ALERTMAIL as it includes + "-t" + +1996-02-22 17:06 millert + + * INSTALL, Makefile.in, README, version.h, configure.in: ++version + +1996-02-22 16:27 millert + + * compat.h: added more _PASSWD_LEN stuff -- now uses PASS_MAX too + +1996-02-22 16:27 millert + + * tgetpass.c: now includes limits.h moved _PASSWD_LEN -> compat.h + +1996-02-05 19:20 millert + + * README, INSTALL: ++version + +1996-02-05 19:20 millert + + * Makefile.in: ++versoin + +1996-02-05 19:16 millert + + * Makefile.in: fixed a typo + +1996-02-05 19:16 millert + + * configure.in: ++version + +1996-02-05 18:53 millert + + * RUNSON: updated + +1996-02-05 18:47 millert + + * CHANGES: done for 1.4.1 (I hope) + +1996-02-05 18:45 millert + + * sudoers.pod: added info on wildcards + +1996-02-05 18:39 millert + + * sample.sudoers: added wildcard example + +1996-02-05 17:03 millert + + * Makefile.in: now uses *.pod to build *.man and *.cat & *.html + +1996-02-05 17:03 millert + + * configure.in: addedSUDO_PROG_BSHELL !ll + +1996-02-05 16:10 millert + + * visudo.pod: fixed up some formatting + +1996-02-05 16:10 millert + + * sudoers.pod: redid section describing sample sudoers stuff + +1996-02-05 16:10 millert + + * sudo.pod: fixed some formatting + +1996-02-04 22:50 millert + + * getspwuid.c: now treats "" as bourne shell + +1996-02-04 22:49 millert + + * Makefile.in: TESTOBJS nwo includes wildmat.o + +1996-02-04 22:48 millert + + * testsudoers.c: now works with NewArg[cv] + +1996-02-04 21:59 millert + + * sudo.c: removed an XXX (fixed it in getspwuid.c) + +1996-02-04 21:58 millert + + * aclocal.m4: added check for bourne shell + +1996-02-04 21:58 millert + + * pathnames.h.in: added _PATH_BSHELL + +1996-02-04 21:58 millert + + * config.h.in: added _SUDO_PATH_BSHELL + +1996-02-04 16:36 millert + + * visudo.c: unixware vi returns 256 instead of 0 + +1996-02-04 16:24 millert + + * INSTALL: added Linux note + +1996-02-04 16:13 millert + + * logging.c: fixed up some XXX's. file log format now looks a + little more like real syslog(3) format. + +1996-02-04 16:13 millert + + * README, TROUBLESHOOTING: updated wrt lex/flex + +1996-02-04 16:11 millert + + * Makefile.in: commented out rule to build lex.yy.c from parse.lex + since we ship with a pre-flex'd parser + +1996-02-04 16:09 millert + + * parse.c, parse.yacc, visudo.c: path_matches -> command_matches + +1996-02-04 02:28 millert + + * logging.c: eliminated some strcat()'s + +1996-02-04 02:10 millert + + * configure.in: no longer checks for lex/flex (now assumes flex) + +1996-02-04 02:08 millert + + * configure.in: now checks for $kerb_dir_candidate/krb.h instead of + just kerb_dir_candidate + +1996-02-02 20:48 millert + + * parse.yacc: now use a 'hook' expression instead of an iffy one + :-) + +1996-02-02 01:14 millert + + * visudo.c: now works with new sudo arg stuff + +1996-02-02 01:14 millert + + * parse.yacc: fixed dereferencing deadbeef + +1996-02-01 23:53 millert + + * sudo.c: changed an occurrence of Argv to NewArgv + +1996-02-01 23:53 millert + + * parse.lex: took out support for quoted commands since there is no + need... + +1996-02-01 23:52 millert + + * parse.c: fixed a typo in a for() loop + +1996-02-01 23:52 millert + + * logging.c: protected against dereferencing rogue pointers + +1996-02-01 22:34 millert + + * sudo.c: now uses NewArgv amd NewArgc so cmnd_aegs is no longer + needed this also allows us to eliminate some kludges in + parse_args() and eliminate superfluous code. + +1996-02-01 22:34 millert + + * logging.c: no longer uses cmnd_args, now uses NewArgv instead. + +1996-02-01 22:32 millert + + * sudo.h: added struct sudo_command, NewArgc, and NewArgv removed + cmnd_args (no longer used) + +1996-02-01 22:31 millert + + * Makefile.in: added wildmat.c to SRCS & SUDOBJS + +1996-02-01 22:30 millert + + * parse.yacc: COMMAND is now a struct containing the path and args + +1996-02-01 22:30 millert + + * parse.lex: replaced append() with fill_cmnd() and fill_args. + command args from a sudoers entry are now stored in an arrary for + easy matching. + +1996-02-01 22:28 millert + + * parse.c: command line args from sudoers file are now in an array + like ones passed in from the command line + +1996-01-31 20:59 millert + + * parse.c: wildwat stuff now works + +1996-01-29 00:44 millert + + * version.h: ++version + +1996-01-29 00:44 millert + + * Makefile.in: ++version added wildmat.* + +1996-01-28 17:55 millert + + * parse.lex: added support for quoted commands (w/ or w/o args) + +1996-01-22 01:55 millert + + * sudo.pod, visudo.pod: cleaned up formatting + +1996-01-21 20:53 millert + + * sudo.pod, visudo.pod: Initial revision + +1996-01-21 02:07 millert + + * sudoers.pod: looks reasonable, could be mroe readable + +1996-01-20 23:47 millert + + * sudoers.pod: Initial revision + +1996-01-16 14:38 millert + + * RUNSON: updated + +1996-01-16 14:37 millert + + * OPTIONS: updated NO_ROOT_SUDO entry + +1996-01-15 11:37 millert + + * RUNSON: [no log message] + +1996-01-15 11:34 millert + + * sudo.c: fixed SECURE_PATH + +1996-01-14 20:55 millert + + * RUNSON: udpa`ted for 1.4 + +1996-01-14 20:52 millert + + * configure.in: AIX aixcrypt.exp now uses $(srcdir) + +1996-01-14 20:32 millert + + * TROUBLESHOOTING: added entry for anal ansi compilers + +1996-01-14 16:13 millert + + * INSTALL: added info on libcrypt_i for SCO + +1996-01-14 16:05 millert + + * TODO: [no log message] + +1996-01-14 15:39 millert + + * sample.sudoers: added comments + +1996-01-14 15:25 millert + + * TODO: 1.4 release + +1996-01-14 15:22 millert + + * README, config.h.in, configure.in, CHANGES: ++version + +1996-01-14 15:21 millert + + * BUGS: ++version and fixed ISC + +1996-01-14 15:19 millert + + * check.c, compat.h, dce_pwent.c, find_path.c, getspwuid.c, + getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h, + ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h, + logging.c, putenv.c, strdup.c, sudo.c, sudo_setenv.c, + testsudoers.c, tgetpass.c, utime.c, visudo.c, INSTALL, OPTIONS: + ++version + +1996-01-14 15:16 millert + + * interfaces.c: added STUB_LOAD_INTERFACES ++version + +1996-01-14 15:14 millert + + * Makefile.in, version.h, parse.c, parse.lex, parse.yacc, + emul/utime.h: ++version + +1996-01-14 15:13 millert + + * PORTING: added info about fd_set in tgetpass added info on + interfaces.c + +1996-01-11 13:22 millert + + * dce_pwent.c: added sudo header + +1996-01-11 13:04 millert + + * tgetpass.c: fixed a typo + +1996-01-11 13:01 millert + + * Makefile.in: tgetpass.o is now only linked in with sudo (not + visudo) + +1996-01-09 12:56 millert + + * BUGS, INSTALL, OPTIONS, README, Makefile.in, config.h.in, + configure.in: ++version + +1996-01-09 12:54 millert + + * emul/utime.h: added copyright notice + +1996-01-09 12:52 millert + + * check.c, compat.h, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, + sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h, + visudo.c: ++version + +1996-01-09 12:46 millert + + * tgetpass.c: minor cleanup and now includes sys/bsdtypes for + svr4'ish boxen + +1996-01-09 12:42 millert + + * configure.in: ISC now gets -lcrypt now check for sys/bsdtypes.h + +1996-01-09 12:41 millert + + * config.h.in: added check for sys/bsdtypes.h + +1996-01-07 16:00 millert + + * parse.yacc: removed debugging stuff (setting freed ptr to NULL) + +1996-01-07 15:55 millert + + * TROUBLESHOOTING: added 2 entries + +1996-01-07 15:55 millert + + * Makefile.in: added FAQ + +1996-01-07 14:26 millert + + * TROUBLESHOOTING: added section on syslog + +1996-01-07 14:25 millert + + * configure.in: added AC_ISC_POSIX for better ISC support + +1996-01-07 14:25 millert + + * config.h.in: fixed typo + +1996-01-07 14:25 millert + + * config.h.in: added define for _POSIX_SOURCE + +1996-01-04 00:41 millert + + * configure.in: fixed check for lsearch() + +1995-12-21 21:53 millert + + * interfaces.c: fixed for AIX now deal if num_interfaces == 0 + (should not happen) + +1995-12-20 17:02 millert + + * configure.in: now only define HAVE_LSEARCH if there is a + corresponding search.h + +1995-12-20 15:52 millert + + * interfaces.c: works on ISC again + +1995-12-18 17:36 millert + + * configure.in: now define HAVE_LSEARCH if we find lsearch() in + libcompat + +1995-12-18 17:32 millert + + * lsearch.c: char * -> const char * + +1995-12-18 17:29 millert + + * configure.in: now looks in -lcompat for lsearch() + +1995-12-18 17:23 millert + + * Makefile.in: remove sudo.core visudo.core for clan target + +1995-12-17 22:53 millert + + * aclocal.m4: added UID_MAX support in check for MAX_UID_T_LEN + +1995-12-17 22:36 millert + + * Makefile.in: fixed another occurence of sudo_getpwuid.* + +1995-12-17 22:30 millert + + * getspwuid.c, Makefile.in: sudo_getpwuid.c -> getspwuid.c + +1995-12-17 22:22 millert + + * configure.in: moved the "echo" + +1995-12-17 22:09 millert + + * CHANGES, BUGS, INSTALL, Makefile.in, OPTIONS, README, check.c, + compat.h, config.h.in, configure.in, find_path.c, getspwuid.c, + getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h, + ins_goons.h, insults.h, interfaces.c, logging.c, options.h, + parse.c, parse.lex, parse.yacc, pathnames.h.in, putenv.c, + strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c, + tgetpass.c, utime.c, version.h, visudo.c: ++version + +1995-12-17 22:04 millert + + * testsudoers.c: added group support + +1995-12-17 22:00 millert + + * sample.sudoers: added group entry + +1995-12-17 21:59 millert + + * sudoers.man: documented group support + +1995-12-17 21:50 millert + + * parse.c, parse.lex, visudo.c, parse.yacc: added group support + +1995-12-15 17:45 millert + + * check.c: tkfile was too short and overflowed the kerberos realm + +1995-12-11 17:09 millert + + * sudo.c: now copy command args directly from Argv + +1995-12-11 15:55 millert + + * sudo.c: replaced code to copy cmnd_args so that is does not use + realloc since most realloc()'s really stink + +1995-12-08 14:11 millert + + * configure.in: syslog() fixed in hpux 10.01 + +1995-12-06 17:45 millert + + * configure.in: AC_CHECK_LIB() now sets SUDO_LIBS (and VISUDO_LIBS + if appropriate) + +1995-12-06 17:30 millert + + * configure.in: better error if cannot find skey incs or libs + +1995-12-06 17:26 millert + + * aclocal.m4: now use a temp file for determining max len of uid_t + in string form. the old hacky way broke on netbsd + +1995-12-05 19:02 millert + + * sudo.c: added set of parens and a space + +1995-12-05 18:58 millert + + * dce_pwent.c: fixes from Jeff Earickson <jaearick@colby.edu> , + +1995-12-05 18:58 millert + + * check.c: modified a comment + +1995-12-05 18:57 millert + + * Makefile.in: fixed up testsudoers target + +1995-12-05 18:56 millert + + * configure.in: DCE changes from Jeff Earickson + <jaearick@colby.edu> LIBS -> SUDO_LIBS and VISUDO_LIBS LDFLAGS -> + SUDO_FDFLAGS and VISUDO_LDFLAGS + +1995-12-05 18:17 millert + + * Makefile.in: LIBS -> SUDO_LIBS , VISUDO_LIBS LDFLAGS -> + SUDO_LDFLAGS, VISUDO_LDFLAGS + +1995-11-27 23:32 millert + + * configure.in: fix for C2 on hpux 10 now uses -linet if it exists + +1995-11-27 23:17 millert + + * check.c: LONG_SKEY_PROMPT is less of a klusge / + +1995-11-27 23:17 millert + + * configure.in: fixed typos w/ dce stuff + +1995-11-27 23:14 millert + + * Makefile.in: added dce_pwent.c + +1995-11-26 13:48 millert + + * INSTALL: amended section on combining authentication mechanisms + +1995-11-26 13:48 millert + + * PORTING: minor updates for 1.3.6 + +1995-11-26 13:47 millert + + * TROUBLESHOOTING: added 2 more entries + +1995-11-26 13:39 millert + + * BUGS: updated for 1.3.6 + +1995-11-26 13:39 millert + + * README: overhauled + +1995-11-25 21:23 millert + + * INSTALL: rewrote for sudo 1.3.6 + +1995-11-25 21:23 millert + + * TROUBLESHOOTING: added 3 entries + +1995-11-25 13:53 millert + + * find_path.c, getspwuid.c, sudo.c: added explict casts for strdup + since many includes don't prototype it. gag me. + +1995-11-25 13:23 millert + + * sudo.h: removed prototype for sudo_getpwuid() since convex C + compiler choked on it. + +1995-11-25 13:23 millert + + * sudo.c: added prototype for sudo_getpwuid() + +1995-11-25 13:23 millert + + * lsearch.c: now compiles on strict ANSI compilers + +1995-11-24 23:56 millert + + * check.c: added LONG_SKEY_PROMPT support + +1995-11-24 23:55 millert + + * Makefile.in: added extra $'s for make to eat up, yum. + +1995-11-24 23:38 millert + + * OPTIONS, options.h: added LONG_SKEY_PROMPT + +1995-11-24 18:48 millert + + * check.c: s/key support now works with normal s/key as well as + logdaemon + +1995-11-24 18:46 millert + + * options.h, OPTIONS: added SKEY_ONLY + +1995-11-24 18:46 millert + + * compat.h: set _PASSWD_LEN to 256 for any of KERB4, DCE, SKEY + +1995-11-24 00:42 millert + + * INSTALL: added DCE note added more AIX notes + +1995-11-24 00:39 millert + + * sudo.c: now include pthread.h for DCE support + +1995-11-23 22:22 millert + + * check.c: dce_pwent() is ok after all ., + +1995-11-23 22:21 millert + + * logging.c: now uses SYSLOG() macro that equates to either + syslog() or syslog_wrapper + +1995-11-23 21:44 millert + + * dce_pwent.c: minor formatting changes. renamed check() to + somthing less generic + +1995-11-23 21:27 millert + + * check.c, logging.c, parse.yacc, sudo.c, sudo.h, testsudoers.c, + visudo.c: now uses user_pw_ent and simple macros to get at the + contents + +1995-11-22 20:35 millert + + * check.c: simpler dec unix C2 support + +1995-11-22 20:35 millert + + * getspwuid.c: now sets crypt_type for DEC unix C2 + +1995-11-21 18:00 millert + + * configure.in: added csops paths for skey + +1995-11-21 16:27 millert + + * getspwuid.c: now includes string.h for strdup() prototype + +1995-11-21 01:47 millert + + * getspwuid.c: fixed a few typos + +1995-11-20 22:59 millert + + * check.c: now includes skey.h + +1995-11-20 22:10 millert + + * getspwuid.c: fixed up comments + +1995-11-20 22:04 millert + + * check.c: moved a lot of the shadow passwd crap to sudo_getpwuid() + +1995-11-20 22:01 millert + + * sudo.c: now uses sudo_pw_ent + +1995-11-20 21:50 millert + + * testsudoers.c: now uses sudo_pw_ent + +1995-11-20 21:40 millert + + * visudo.c: now sets sudo_pw_ent + +1995-11-20 21:28 millert + + * getspwuid.c: Initial revision + +1995-11-20 21:28 millert + + * tgetpass.c: moved dce stuff into compat.h + +1995-11-20 21:27 millert + + * sudo.h, logging.c: now uses sudo_pw_ent + +1995-11-20 21:27 millert + + * Makefile.in: added sudo_getpwuid.c + +1995-11-20 21:25 millert + + * compat.h: added dce support + +1995-11-20 21:13 millert + + * parse.yacc: now uses sudo_pw_ent + +1995-11-20 14:40 millert + + * check.c: fixed exempt_group stuff for OS's that don't put base + gid in group vector + +1995-11-20 01:39 millert + + * check.c: S/Key support now works with sunos4 shadow passwords + +1995-11-19 22:31 millert + + * Makefile.in: fixed clean rule + +1995-11-19 22:31 millert + + * config.h.in, configure.in: added DCE support + +1995-11-19 22:30 millert + + * tgetpass.c: DCE & KERB support + +1995-11-19 22:30 millert + + * check.c: first stab at dce support + +1995-11-19 22:24 millert + + * dce_pwent.c: now smells like sudo + +1995-11-19 22:11 millert + + * dce_pwent.c: Initial revision + +1995-11-19 21:36 millert + + * check.c: skey'd sudo now works w/ normal password as well + +1995-11-19 18:37 millert + + * Makefile.in, OPTIONS, check.c, compat.h, config.h.in, + find_path.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c, + options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c, + tgetpass.c, utime.c, version.h, visudo.c: updated version number + +1995-11-19 18:32 millert + + * README: updated to reflect version change + +1995-11-19 18:27 millert + + * configure.in: --with options now line up ++version + +1995-11-19 18:26 millert + + * sudo.h: removed unecesary S/Key stuff + +1995-11-19 18:25 millert + + * configure.in: fixed S/Key support + +1995-11-19 18:24 millert + + * Makefile.in: -I stuff now goes in CPPFLAGS + +1995-11-19 18:23 millert + + * check.c: fixed SKey support + +1995-11-19 15:23 millert + + * README: updated version + +1995-11-19 13:59 millert + + * OPTIONS: fixed description of EXEMPTGROUP + +1995-11-19 10:47 millert + + * sudo.c: more people use _RLD_ than just alphas... + +1995-11-18 21:35 millert + + * Makefile.in: replaced $man_prefix with $mandir + +1995-11-18 21:30 millert + + * configure.in: fixed a typo + +1995-11-18 21:28 millert + + * Makefile.in: now use more GNU'ish dir names + +1995-11-18 21:27 millert + + * configure.in: now set *dir correctly (can override from command + line) + +1995-11-18 19:17 millert + + * sudo.c: now deal with situations where we getwd() fails + +1995-11-17 00:37 millert + + * Makefile.in: added etc_dir, bin_dir, sbin_dir + +1995-11-17 00:37 millert + + * configure.in: added sbin_dir + +1995-11-16 21:28 millert + + * Makefile.in: now ship a flex-generated lex.yy.c + +1995-11-16 21:09 millert + + * Makefile.in: now sets _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP, + SUDOERS_OWNER + +1995-11-16 21:06 millert + + * pathnames.h.in: _PATH_SUDO_SUDOERS & _PATH_SUDO_STMP are now + overridden via Makefile + +1995-11-16 21:05 millert + + * options.h: no more error for redefining SUDOERS_OWNER + +1995-11-16 21:05 millert + + * OPTIONS: expanded SUDOERS_OWNER section + +1995-11-16 03:05 millert + + * visudo.c: now warn if chown(2) failed + +1995-11-16 02:55 millert + + * logging.c: better default warning for NO_SUDOERS_FILE + +1995-11-16 02:54 millert + + * sudo.c: added missing set_perms() no more cryptic message if the + sudoers file is zero length, now just give a parse error + +1995-11-16 02:42 millert + + * logging.c: better diagnostics if NO_SUDOERS_FILE + +1995-11-16 02:41 millert + + * sudo.c: check_sudoers() now catches sudoers files that are not + readable (but are stat'able). + +1995-11-13 01:12 millert + + * configure.in: now add -D__STDC__ for convex cc (not gcc) + +1995-11-13 00:52 millert + + * configure.in: MAN_PREFIX -> man_prefix now sets prefix and + exec_prefix + +1995-11-13 00:52 millert + + * Makefile.in: now uses exec_prefix & prefix from configure + +1995-11-13 00:16 millert + + * find_path.c, getwd.c, goodpath.c, interfaces.c, logging.c, + parse.c, parse.lex, parse.yacc, sudo.c, sudo.h, sudo_setenv.c, + tgetpass.c, utime.c, visudo.c: options.h is now <> instead of "" + so shadow build trees can have a custom copy of options.h + +1995-11-13 00:15 millert + + * check.c: user_is_exempt() is no longer a hack, it now uses + getgrnam() + +1995-11-12 23:56 millert + + * options.h: EXEMPTGROUP is now "sudo" + +1995-11-12 22:25 millert + + * configure.in: MAN_POSTINSTALL now contains a leading space + +1995-11-12 22:25 millert + + * Makefile.in: removed leading tab if @MAN_POSTINSTALL@ not defined + now removes testsudoers in clean: + +1995-11-12 22:24 millert + + * tgetpass.c: includes pwd.h to get _PASSWD_LEN definition + +1995-10-30 15:51 millert + + * sudo.c: unset the KRB_CONF envariable if using kerberos so we + don't get spoofed into using a bogus server + +1995-09-29 17:50 millert + + * parse.yacc: now explicately initialize match[] tp be FALSE + +1995-09-23 16:48 millert + + * sudo.c: removed unused variable now passes -Wall + +1995-09-23 16:48 millert + + * parse.yacc: yyerror and dumpaliases are now void's now passes + -Wall + +1995-09-23 16:48 millert + + * parse.lex: added prototype for yyerror + +1995-09-23 16:47 millert + + * interfaces.c: rmeoved unused cruft now passes -Wall + +1995-09-23 16:47 millert + + * check.c, logging.c, parse.c: now passes -Wall + +1995-09-23 16:46 millert + + * Makefile.in: fixed headers that moved to emul dir + +1995-09-23 12:05 millert + + * logging.c: fixed deref of nil pointer if no args + +1995-09-15 19:18 millert + + * OPTIONS: added a caveat to FQDN section + +1995-09-13 19:48 millert + + * Makefile.in: more $srcdir support for install targets + +1995-09-13 17:17 millert + + * find_path.c, interfaces.c, parse.c, parse.lex, parse.yacc, + putenv.c, strdup.c, sudo.c, sudo_setenv.c, testsudoers.c, + visudo.c: don't include malloc.h if we include stdlib.h + +1995-09-12 21:44 millert + + * parse.yacc: local search.h now lives in emul + +1995-09-12 21:41 millert + + * lsearch.c: local search.h now lives in emul + +1995-09-12 21:41 millert + + * check.c, utime.c: local utime.h now lives in emul dir + +1995-09-12 21:38 millert + + * Makefile.in: added support for building in other than the + sourcedir + +1995-09-10 14:01 millert + + * OPTIONS: annotated CSOPS_INSULTS option + +1995-09-10 13:56 millert + + * TROUBLESHOOTING: updated shadow passwords blurb + +1995-09-09 21:00 millert + + * sudo.c: if SHELL_IF_NO_ARGS is set, "sudo -- foo" now runs a + shell and passes along foo as the arguments + +1995-09-09 18:52 millert + + * parse.lex: collapsed pathname and dir sections into one -- its + now less expensive + +1995-09-09 18:34 millert + + * parse.lex: fixed spacing quoting [,:\\=] now works correctly + append() and fill() now take args to make the above work + +1995-09-08 20:51 millert + + * sudo.c: fixed a typo that caused commands with no tty on fd 0 but + a tty on fd 1 to erroneously have "none" as their tty + +1995-09-04 15:35 millert + + * check.c: timestampfile is now a global static removed decl of + timestampfile in remove_timestamp since we can just use the + global one + +1995-09-04 15:28 millert + + * check.c: created touch() to update timestamps added + USE_TTY_TICKETS support (bit of a kludge) + +1995-09-04 15:28 millert + + * compat.h: added _S_IFDIR and S_ISDIR + +1995-09-04 15:22 millert + + * OPTIONS, options.h: added USE_TTY_TICKETS + +1995-09-04 00:38 millert + + * parse.yacc: removed const from casts for lsearch() & lfind() to + placate irix 4.x C compiler + +1995-09-03 14:12 millert + + * sudo.c: now only strip '/dev/' off of a tty if it starts with + '/dev/' + +1995-09-03 14:12 millert + + * pathnames.h.in: added _PATH_DEV + +1995-09-03 14:11 millert + + * configure.in: AC_HAVE_HEADERS -> AC_CHECK_HEADERS now check for + tcgetattr only if have termios.h + +1995-09-03 14:09 millert + + * tgetpass.c: fixed incorrect #ifdef termio uses "unsigned short" + not int for c_?flag + +1995-09-03 13:19 millert + + * parse.lex, parse.yacc: fixed a spelling error + +1995-09-03 13:17 millert + + * Makefile.in: fixed typo + +1995-09-02 12:55 millert + + * Makefile.in: fixed a comment + +1995-09-02 12:54 millert + + * parse.yacc: added dotcat() to cat 2 strings w/ a dot effeciently + now that we dynamically allocate strings they need to be free()'d + +1995-09-02 12:46 millert + + * parse.lex: dynamically allocates space for strings + +1995-09-02 12:34 millert + + * sudo.h: no more MAXCOMMANDLENGTH + +1995-09-01 22:25 millert + + * sudo.h: added decl of tty + +1995-09-01 22:25 millert + + * logging.c, sudo.c: moved tty stuff into sudo.c + +1995-09-01 14:18 millert + + * parse.c: fixed a logic bug. Was denying a command if user gave + command line args but there were none in the sudoers file which + is wrong. + +1995-09-01 01:18 millert + + * sudo.h: MAXCOMMMANDLEN dropped down to 1K + +1995-09-01 01:13 millert + + * parse.lex: return foo; -> return(foo); + +1995-09-01 01:03 millert + + * parse.yacc: fixed netgr_matches() prototype + +1995-09-01 01:02 millert + + * parse.lex: added support for escaping "termination" characters + +1995-09-01 00:55 millert + + * parse.c: buf is now of size MAXPATHLEN+1 since it never holds + command args + +1995-09-01 00:50 millert + + * sudo.c: fixed comments + +1995-09-01 00:49 millert + + * goodpath.c: fixed negation problem (doh!) + +1995-09-01 00:25 millert + + * parse.yacc: fixed 2nd parameter to lfind() + +1995-09-01 00:24 millert + + * parse.lex: now do bounds checking in fill() and append() + +1995-09-01 00:23 millert + + * sudo.c: include netdb.h as we should added a missing void cast + added SHELL_IF_NO_ARGS support now use realloc() properly. would + fail if realloc actually moved the string instead of shrinking it + +1995-09-01 00:17 millert + + * sample.sudoers: updated with examples of new features + +1995-09-01 00:05 millert + + * goodpath.c: now set errno to EACCES if not a regular file or not + executable + +1995-09-01 00:04 millert + + * find_path.c: if given a fully-qualified or relative path we now + check it with sudo_goodpath() and error out with the appropriate + error message if the file does not exist or is not executable + +1995-09-01 00:03 millert + + * lsearch.c, emul/search.h: now use correct args for lfind + +1995-09-01 00:03 millert + + * logging.c: added a comment + +1995-08-31 23:52 millert + + * insults.h: added in CSOps insults + +1995-08-31 23:51 millert + + * ins_csops.h: Initial revision + +1995-08-31 23:35 millert + + * tgetpass.c: added RCS id + +1995-08-31 22:56 millert + + * sudo.h: increased MAXCOMMANDLENGTH to 8k HAVE_GETCWD -> + HAVE_GETWD + +1995-08-31 22:55 millert + + * OPTIONS: added CLASSIC_INSULTS, CSOPS_INSULTS, SHELL_IF_NO_ARGS + +1995-08-31 22:54 millert + + * sudo.c: fixed -k load_interfaces() now gets called if FQDN is set + -p now works with -s + +1995-08-31 22:54 millert + + * parse.c: don't try to stat() "pseudo commands" like "validate" + +1995-08-31 22:53 millert + + * options.h: added CLASSIC_INSULTS added CSOPS_INSULTS added + SHELL_IF_NO_ARGS + +1995-08-31 22:53 millert + + * configure.in: added SecurID support added other insults to + --with-csops + +1995-08-31 22:52 millert + + * config.h.in: added HAVE_SECURID + +1995-08-31 22:52 millert + + * Makefile.in: added clobber target added ins_csops.h now gets + CFLAGS from configure + +1995-08-31 22:46 millert + + * aclocal.m4: relaxed SUDO_FULL_VOID + +1995-08-31 22:44 millert + + * visudo.c: function comment blocks are now in same style as rest + of code + +1995-08-31 22:44 millert + + * testsudoers.c: added support for command line args in + /etc/sudoers + +1995-08-31 22:43 millert + + * sudoers.man: updated to have command args in the sudoers file + +1995-08-31 22:42 millert + + * sudo.man: added -s and -- flags added SHELL to ENVIRONMENT + VARIABLES section + +1995-08-19 19:32 millert + + * parse.yacc: PATH renamed to COMMAND + +1995-08-19 19:31 millert + + * parse.lex: it is now a parse error for directories to have args + attached to them + +1995-08-19 19:30 millert + + * logging.c: now say command args if telling user to buzz off + +1995-08-19 19:30 millert + + * sudo.c: -s no longer indicates end of args sped up loading on + cmnd_args in load_cmnd() + +1995-08-19 19:29 millert + + * parse.c: removed an unreachable statement + +1995-08-19 17:53 millert + + * parse.lex: made more efficient by pulling out the terminators + when in GOTCMND state and making them their own rule + +1995-08-14 00:07 millert + + * sudo.h: removed MAXLOGLEN since it is no longer used + +1995-08-14 00:07 millert + + * parse.lex: now allows command args + +1995-08-14 00:06 millert + + * parse.c: now groks command arguments + +1995-08-13 23:39 millert + + * logging.c: now sets tty correctly when piped input + +1995-08-13 23:35 millert + + * sudo.c: fixed loading of cmnd_args (was including command name + too) + +1995-08-13 23:34 millert + + * logging.c: fixed a core dump due to incorrect if construct + +1995-08-13 00:33 millert + + * configure.in: only add -lsun is irix < 5 don't look for -lnsl or + -lsocket if irix + +1995-08-13 00:33 millert + + * aclocal.m4: fixed check for ISC + +1995-08-13 00:32 millert + + * sudo.c: now sets cmnd_args used by log_error() and that will be + used by the parse to check against command args + +1995-08-13 00:32 millert + + * sudo.h: added cmnd_args + +1995-08-13 00:31 millert + + * logging.c: now dynamically allocate logline since we can guess at + its size + +1995-08-05 13:52 millert + + * logging.c: cleaned up a bunch of unnecesary #ifdef's eliminated a + buffer remove "register" since the compiler knows more than I do + now do a "basename" of the tty + +1995-07-31 18:20 millert + + * configure.in: ++version + +1995-07-30 22:37 millert + + * sudo.h: added shell extern changed MODE_* to be bit masks to + allow for several options together + +1995-07-30 22:36 millert + + * sudo.c: added -s (shell) option made MODE_* masks so we can do + bitwise & and | to see if multiple flags are set. + +1995-07-30 22:01 millert + + * check.c: added securid support + +1995-07-30 14:38 millert + + * logging.c: removed a bunch of unnecesary strncpy()'s and replaced + with strcat() + +1995-07-29 17:17 millert + + * Makefile.in, version.h: ++version + +1995-07-27 06:52 millert + + * parse.yacc: fixed free() of an uninitialized pointer (yuck) + +1995-07-26 22:00 millert + + * testsudoers.c: added netgr_matches + +1995-07-26 21:29 millert + + * parse.c: cleaned up netgr_matches + +1995-07-26 00:26 millert + + * RUNSON: updated for 1.3.4 + +1995-07-24 21:51 millert + + * Makefile.in: now installs sudoers.man -- really should clean this + up though. + +1995-07-24 21:18 millert + + * Makefile.in: added sudoers.cat and sudoers.man + +1995-07-24 21:15 millert + + * sudo.man: pulled out stuff on the sudoers file format into a + separate man page + +1995-07-24 21:14 millert + + * sudoers.man: Initial revision + +1995-07-24 21:04 millert + + * HISTORY: fixed up my email address + +1995-07-24 20:03 millert + + * configure.in: added checks for innetgr and getdomainname + +1995-07-24 20:02 millert + + * visudo.c: added dummy netgr_matches function + +1995-07-24 20:01 millert + + * parse.c: added netgr_matches + +1995-07-24 20:01 millert + + * parse.lex, parse.yacc: added NETGROUP support + +1995-07-24 20:01 millert + + * config.h.in: added HAVE_INNETGR & HAVE_GETDOMAINNAME + +1995-07-24 18:07 millert + + * sudo.c: rewrote clean_env() that has rm_env() builtin + +1995-07-23 19:58 millert + + * check.c: now cast uid to long in sprintf + +1995-07-23 19:58 millert + + * OPTIONS: added _INSULTS suffix to HAL & GOONS end + +1995-07-23 19:57 millert + + * options.h: added _INSULTS suffix to HAL & GOONS + +1995-07-23 19:35 millert + + * ins_2001.h, ins_classic.h, ins_goons.h, insults.h: converted to + new scheme of insult "unions" end + +1995-07-23 17:48 millert + + * sudo.c: now uses MAX_UID_T_LEN + +1995-07-23 17:48 millert + + * configure.in: added SUDO_UID_T_LEN !l + +1995-07-23 17:48 millert + + * config.h.in: added MAX_UID_T_LEN + +1995-07-23 17:47 millert + + * check.c: now use MAX_UID_T_LEN + +1995-07-23 17:47 millert + + * aclocal.m4: added check for max len of uid_t fixed sco vs. isc + check + +1995-07-19 19:05 millert + + * configure.in: corrected version + +1995-07-19 17:29 millert + + * configure.in: added sco support + +1995-07-19 17:29 millert + + * aclocal.m4: hack to check for sco + +1995-07-18 21:27 millert + + * interfaces.c: removed #include <net/route.h> since it was hosing + some OS's + +1995-07-18 13:35 millert + + * find_path.c: fixed prreadlink() prototype + +1995-07-17 23:54 millert + + * check.c: added parens in #if's + +1995-07-17 23:53 millert + + * configure.in: added SPW_ prefix + +1995-07-17 23:20 millert + + * sudo.h: moved SPW_* to config.h.in + +1995-07-17 23:19 millert + + * sudo.c: added a set of parens + +1995-07-17 23:19 millert + + * config.h.in: added SPW_* + +1995-07-17 22:50 millert + + * sudo.h: added SPW_* reordered error codes + +1995-07-17 22:49 millert + + * check.c: moved SPW_* to sudo.h + +1995-07-17 14:29 millert + + * logging.c: GLOBAL_NO_AUTH_ENT -> GLOBAL_NO_SPW_ENT + +1995-07-17 14:29 millert + + * configure.in: AUTH -> SECUREWARE + +1995-07-17 14:29 millert + + * check.c, sudo.c: SPW_AUTH -> SPW_SECUREWARE + +1995-07-17 00:22 millert + + * check.c: now uses SHADOW_TYPE to make shadow pw support more + readable and modular. It's a start... + +1995-07-17 00:21 millert + + * configure.in: added autodetection of shadow passwords + +1995-07-17 00:20 millert + + * sudo.c: now uses SHADOW_TYPE define + +1995-07-17 00:19 millert + + * config.h.in: added SHADOW_TYPE which replaces SUNOS4 & __svr4__ + defines + +1995-07-17 00:19 millert + + * aclocal.m4: added SUDO_CHECK_SHADOW + +1995-07-12 17:09 millert + + * configure.in: define SVR4 for ISC define BROKEN_SYSLOG for hpux + took out test for memmove() since we dno longer use it... + +1995-07-12 17:08 millert + + * CHANGES: updated + +1995-07-12 17:05 millert + + * logging.c: added BROKEN_SYSLOG support + +1995-07-12 17:05 millert + + * config.h.in: added BROKEN_SYSLOG + +1995-07-12 17:04 millert + + * check.c: now only bitch it timestamp > time_now + 2 * timeout to + allow for a machine udpating its time from a server + +1995-07-12 17:04 millert + + * sudo.man: added 2 security notes updated Nieusma's email addr + +1995-07-12 14:18 millert + + * lsearch.c: changed a memmove() to memcpy() since we don't have to + worry about overlapping segments. + +1995-07-11 15:41 millert + + * interfaces.c: cleanup up the loop when interfaces are groped in + so that it is readable + +1995-07-11 14:52 millert + + * Makefile.in, version.h: ++version + +1995-07-09 18:17 millert + + * CHANGES: annotated 124-126 + +1995-07-07 16:06 millert + + * check.c: fixed permissions check on /tmp/.odus + +1995-07-06 19:35 millert + + * check.c: fixed some comments + +1995-07-06 14:49 millert + + * check.c: now checks owner & mode of timedir also checks for bogus + dates on timestamp file + +1995-07-06 14:49 millert + + * OPTIONS: updated TIMEOUT info + +1995-07-06 14:48 millert + + * logging.c, sudo.h: added BAD_STAMPDIR and BAD_STAMPFILE + +1995-07-06 14:47 millert + + * compat.h: added definition of S_IRWXU + +1995-07-06 14:47 millert + + * CHANGES: updated + +1995-07-03 14:16 millert + + * interfaces.c: added #ifdef to make it compile on strange arches + +1995-07-02 18:13 millert + + * aclocal.m4: fixed check for fulkl void impl. + +1995-07-02 09:56 millert + + * check.c: added mssing "static" + +1995-07-01 20:41 millert + + * insults.h: replaced #elif with #else #if constructs for ancient C + compilers + +1995-07-01 20:18 millert + + * INSTALL: updated irix c2 & kerb5 info + +1995-07-01 20:15 millert + + * configure.in: added shadow pw support for irix + +1995-07-01 16:07 millert + + * CHANGES: last changes for sudo 1.3.3 + +1995-07-01 16:07 millert + + * TODO, BUGS: updated + +1995-07-01 16:04 millert + + * configure.in: now calls SUDO_SOCK_SA_LEN + +1995-07-01 16:04 millert + + * config.h.in: added HAVE_SA_LEN + +1995-07-01 16:04 millert + + * aclocal.m4: added SUDO_SOCK_SA_LEN + +1995-07-01 15:49 millert + + * interfaces.c: now works with ip implementations that use sa_len + in sockaddr + +1995-07-01 14:26 millert + + * INSTALL: added note about buggy AIX compiler + +1995-07-01 14:24 millert + + * interfaces.c: now include sys/time.h for AIX + +1995-06-27 22:35 millert + + * Makefile.in: getcwd -> getwd + +1995-06-27 21:28 millert + + * interfaces.c: now works for ISC and others. yay. + +1995-06-26 14:24 millert + + * Makefile.in, version.h: version++ + +1995-06-22 20:26 millert + + * aclocal.m4: fixed test for full void impl + +1995-06-22 20:25 millert + + * sudo.c: now check to see that st_dev is non-zero before assuming + that we are being spoofed + +1995-06-20 16:56 millert + + * aclocal.m4, configure.in: SUDO_FUNC_UTIME_NULL -> + AC_FUNC_UTIME_NULL + +1995-06-19 16:32 millert + + * aclocal.m4: fixed include file order for SUDO_FUNC_UTIME_POSIX + +1995-06-19 16:10 millert + + * logging.c: added cast for ttyname() + +1995-06-19 15:23 millert + + * configure.in: fixed typo + +1995-06-19 15:19 millert + + * check.c: now deal correctly with all known variation of utime() + -- yippe + +1995-06-19 15:19 millert + + * configure.in: added SUDO_FUNC_UTIME_POSIX + +1995-06-19 15:19 millert + + * aclocal.m4: added SUDO_FUNC_UTIME_NULL and SUDO_FUNC_UTIME_POSIX + +1995-06-19 15:14 millert + + * config.h.in: added HAVE_UTIME_POSIX + +1995-06-19 13:38 millert + + * check.c: fixed a typo + +1995-06-19 13:29 millert + + * check.c: no longer assume !HAVE_UTIME_NULL means old BSD utime() + +1995-06-19 13:20 millert + + * check.c: fixed fascist C compiler warning + +1995-06-18 23:14 millert + + * interfaces.c: now set strioctl.ic_timout in STRSET() now + initialize num_interfaces to 0 (just to be anal) + +1995-06-18 18:06 millert + + * sudo.h: increaed MAXLOGLEN by MAXPATHLEN to account for ttyname + +1995-06-18 18:05 millert + + * logging.c: added tty logging + +1995-06-18 16:04 millert + + * interfaces.c: reworked the ISC code + +1995-06-18 15:27 millert + + * Makefile.in, version.h: updated version + +1995-06-18 15:24 millert + + * check.c: now expect old-style utime(3) if utime() can't take NULL + as an arg + +1995-06-18 15:08 millert + + * configure.in: added check for utime.h + +1995-06-18 15:08 millert + + * config.h.in: added HAVE_UTIME_H + +1995-06-18 14:48 millert + + * Makefile.in: added CPPFLAGS STATIC_FLAGS -> LDFLAGS + +1995-06-18 13:58 millert + + * configure.in: now search for kerb libs and includes + +1995-06-18 13:03 millert + + * check.c: added support for utime(2)'s that can't take a NULL + parameter + +1995-06-18 13:03 millert + + * utime.c: moved HAVE_UTIME_NULL stuff to update_timestamp() where + t belongs + +1995-06-17 20:46 millert + + * configure.in: added utime(s) stuff + +1995-06-17 20:46 millert + + * check.c: now use utime() + +1995-06-17 20:46 millert + + * config.h.in: added HAVE_UTIME and HAVE_UTIME_NULL + +1995-06-17 19:12 millert + + * utime.c: now use HAVE_UTIME_NULL + +1995-06-17 19:02 millert + + * utime.c, emul/utime.h: Initial revision + +1995-06-17 18:24 millert + + * check.c: need to setuid(0) to make kerb4 stuff work. + +1995-06-17 18:14 millert + + * tgetpass.c: no more special case for kerberos + +1995-06-17 18:13 millert + + * config.h.in: took out setreuid and setresuid stuff added kerb5 + stuff (use kerb4 emulation) + +1995-06-17 18:13 millert + + * compat.h: no longer need setreuid() emulation now set _PASSWD_LEN + to 128 if kerberos + +1995-06-17 18:12 millert + + * check.c: now use private ticket file for kerberos support to + avoid trouncing on system one + +1995-06-15 00:48 millert + + * sudo.h: added SPOOF_ATTEMPT & cmnd_st + +1995-06-15 00:47 millert + + * sudo.c: added anti-spoofing support + +1995-06-15 00:47 millert + + * parse.c: now use global cmnd_st + +1995-06-15 00:47 millert + + * logging.c: added SPOOF_ATTEMPT suypport + +1995-06-14 23:41 millert + + * testsudoers.c, visudo.c: added void casts where appropriate + +1995-06-14 23:40 millert + + * parse.yacc: fixed up spacing and added void casts where + appropriate + +1995-06-14 23:27 millert + + * sudo.c: fixed problem with "-p prompt" but no args + +1995-06-14 04:43 millert + + * sudo.man: added BUGS and annotated -l description + +1995-06-14 04:43 millert + + * sudo.h: validate() now takes a flag + +1995-06-14 04:43 millert + + * sudo.c: validate() now takes a flag added -l + +1995-06-14 04:42 millert + + * parse.yacc: added support for -l + +1995-06-14 04:41 millert + + * parse.c: validate() now takes a flag that says whether or not to + check the command + +1995-06-07 21:36 millert + + * logging.c: now deals with Argv == 1 + +1995-06-07 21:34 millert + + * sudo.man: added -p option + +1995-06-07 21:27 millert + + * sudo.c: added prompt support reworked parse_args() + +1995-06-07 20:49 millert + + * sudo.h: added prompt + +1995-06-07 20:49 millert + + * options.h: added PASSPROMPT + +1995-06-07 20:48 millert + + * check.c: now use BUFSIZ as length of kerb password added kpass so + pass is always a char * now use prompt global when asking for a + password + +1995-06-07 20:47 millert + + * tgetpass.c: now use BUFSIZ as _PASSWD_LEN if using kerberos + +1995-06-07 20:43 millert + + * OPTIONS: added PASSPROMPT + +1995-06-07 01:44 millert + + * configure.in: only look for -lufc or -lcrypt if crypt() not in + libc + +1995-06-07 01:43 millert + + * check.c: don't exit on kerb error, just warn if k_errno == + KDC_PR_UNKNOWN (unknown user) silently fail + +1995-06-06 22:44 millert + + * INSTALL: added kerb4 note + +1995-06-06 22:43 millert + + * tgetpass.c: HAVE_KERBEROS -> HAVE_KERB4 + +1995-06-06 22:41 millert + + * check.c: removed debugging printf + +1995-06-06 22:33 millert + + * configure.in: KERBEROS -> KERB4 added checks for setreuid & + setresuid + +1995-06-06 22:32 millert + + * config.h.in: HAVE_KERBEROS -> HAVE_KERB4 added HAVE_SETREUID and + HAVE_SETRESUID + +1995-06-06 22:32 millert + + * compat.h: added deif of UID_NO_CHANGE & GID_NO_CHANGE added + setreuid emulation with setresuid if applic + +1995-06-06 22:31 millert + + * check.c: HAVE_KERBEROS -> HAVE_KERB4 now only do the stupid + chown() hack if no setreuid() or a broken one + +1995-06-05 23:44 millert + + * config.h.in: added HAVE_KERBEROS + +1995-06-05 23:43 millert + + * tgetpass.c: added KERBEROS support (long passwords) + +1995-06-05 23:42 millert + + * check.c, configure.in: added kerberos support + +1995-06-03 19:36 millert + + * sudo.h: added MODE_BACKGROUND + +1995-06-03 19:36 millert + + * sudo.man: escaped dashes added -b option + +1995-06-03 19:34 millert + + * sudo.c: added -b option + +1995-06-03 18:52 millert + + * check.c: added crypt() for osf/1 3.x enhanced secuiry + +1995-06-03 18:18 millert + + * configure.in: now check for -lcrypt + +1995-06-03 18:00 millert + + * interfaces.c: added ENXIO like EADDRNOTAVAIL + +1995-05-07 23:14 millert + + * configure.in: now emulate getwd(), not getcwd() + +1995-05-07 23:13 millert + + * sudo.c: getcwd() -> getwd() + +1995-05-07 23:12 millert + + * getwd.c: getcwd -> getwd + +1995-05-02 01:34 millert + + * ins_2001.h, ins_classic.h, ins_goons.h: Initial revision + +1995-05-02 01:34 millert + + * insults.h: broke out insults into separate include files + +1995-05-02 01:32 millert + + * options.h, OPTIONS: added GOONS + +1995-05-02 01:32 millert + + * Makefile.in: added ins_2001.h ins_classic.h ins_goons.h + +1995-05-01 23:34 millert + + * Makefile.in, version.h: ++version + +1995-05-01 23:34 millert + + * visudo.c: moved signal handler setup to setup_signals() + +1995-05-01 23:33 millert + + * sudo.h: added load_interfaces() + +1995-05-01 23:33 millert + + * sudo.c: moved load_interfaces to interfaces.c + +1995-05-01 23:33 millert + + * parse.yacc: added clearaliases + +1995-05-01 23:33 millert + + * OPTIONS, options.h: added FAST_MATCH + +1995-05-01 23:32 millert + + * parse.lex: now uses clearaliases variable + +1995-05-01 23:31 millert + + * interfaces.c: Initial revision + +1995-05-01 23:31 millert + + * Makefile.in: added interfaces.[co] + +1995-05-01 23:30 millert + + * testsudoers.c: now uses ip addrs and netmasks via + load_interfaces() + +1995-05-01 22:47 millert + + * sudo.c: now remove IFS instead of setting to "sane" value + +1995-05-01 16:30 millert + + * parse.c: added FAST_MATCH + +1995-04-29 20:19 millert + + * Makefile.in: sudo_goodpath.c-> goodpath.c + +1995-04-29 20:15 millert + + * sudo.c: added Andy's new ISC changes + +1995-04-14 14:06 millert + + * OPTIONS: added a sentence to SECURE_PATH info + +1995-04-14 13:57 millert + + * BUGS: added one + +1995-04-14 13:54 millert + + * RUNSON, CHANGES: updated + +1995-04-13 17:04 millert + + * RUNSON: updated for beta3 + +1995-04-13 14:32 millert + + * Makefile.in, version.h: ++version + +1995-04-13 13:56 millert + + * aclocal.m4: sendmail is now looked for in /usr/ucblib + +1995-04-13 13:54 millert + + * sudo.c: fixed indentation + +1995-04-13 13:35 millert + + * aclocal.m4: fixed a typo + +1995-04-13 13:19 millert + + * sudo.c: updated ISC mods + +1995-04-13 13:19 millert + + * configure.in: added unixware case + +1995-04-13 13:19 millert + + * check.c: user_is_exempt is no longer hidden + +1995-04-13 13:19 millert + + * RUNSON: updated + +1995-04-13 13:19 millert + + * aclocal.m4: isc and riscos changes + +1995-04-13 13:18 millert + + * OPTIONS: added NOTE about new interaction of EXEMPTGROUP and + SECURE_PATH + +1995-04-13 13:18 millert + + * Makefile.in: fixed a typo and added testsudoers stuff + +1995-04-13 12:34 millert + + * testsudoers.c: Initial revision + +1995-04-12 19:31 millert + + * parse.yacc: applied fixed patch from Chris + +1995-04-11 14:30 millert + + * Makefile.in: fixed a typo + +1995-04-11 14:14 millert + + * parse.yacc: added a set of braces for bison + +1995-04-11 14:01 millert + + * parse.yacc: merged in Chris' changes to dekludge the parser. + +1995-04-11 00:38 millert + + * logging.c: send_mail() was calling find_path() which is wrong + since find_path() stores cmnd in a static var. Anyhow, it + doesn't make much sense since MAILER should always be fully + qualified + +1995-04-10 19:51 millert + + * sample.sudoers: added User_Alias stuff + +1995-04-10 19:50 millert + + * aclocal.m4: SUDO_NEXT now looks for + /usr/lib/NextStep/software_version + +1995-04-10 19:50 millert + + * RUNSON: added DEC UNIX 3.0 w/ gcc + +1995-04-10 19:49 millert + + * visudo.c: Exit was being used in places where exit should be used + +1995-04-10 19:44 millert + + * sudoers: added "User alias specification" + +1995-04-10 18:04 millert + + * parse.yacc: fixed probs caused by making nslots and naliases a + size_t + +1995-04-10 15:09 millert + + * RUNSON: added KSR, upped rev to 1.3.1b2 + +1995-04-10 15:07 millert + + * logging.c, parse.yacc: 1024 -> BUFSIZ + +1995-04-10 15:05 millert + + * parse.yacc: void * -> VOID * naliases and nslots are now size_t + to appease lsearch on 64-bit machines + +1995-04-09 19:30 millert + + * TODO: did a bunch of things and added a bunch :-) + +1995-04-09 19:30 millert + + * PORTING: updated + +1995-04-09 19:24 millert + + * visudo.man: closer to BSD manpage style + +1995-04-09 19:15 millert + + * sudo.man: closer to standard BSD man format + +1995-04-09 18:58 millert + + * compat.h, config.h.in, insults.h, options.h, pathnames.h.in, + sudo.h, version.h, emul/search.h: added RCS id + +1995-04-09 17:35 millert + + * sudo.h: removed crufty #defines that are no longer used + +1995-04-09 17:13 millert + + * BUGS: fixed a bug + +1995-04-09 17:12 millert + + * sudo.man: updated based on sudo changes + +1995-04-09 17:11 millert + + * parse.yacc: now allow ALL keyword in User_Aliases now allow ALL + keyword as well as a NAME or ALIAS + +1995-04-09 17:11 millert + + * CHANGES: updated + +1995-04-09 17:04 millert + + * sudo.c: now sets SUDO_COMMAND and SUDO_GID envariables. + +1995-04-09 15:24 millert + + * aclocal.m4: fixed bug with full void impl check + +1995-04-08 23:11 millert + + * parse.yacc: fixed User_Alias supoprt + +1995-04-08 22:27 millert + + * parse.yacc: added stubs for User_Alias support + +1995-04-08 22:27 millert + + * sudo.c: now sets removes # bogus interfaces from num_interfaces + +1995-04-08 22:26 millert + + * parse.lex: added User_Alias support + +1995-04-07 21:10 millert + + * Makefile.in: removed extraneous TODO + +1995-04-07 19:48 millert + + * visudo.c: ntwk_matches -> addr_matches + +1995-04-07 15:38 millert + + * parse.yacc: ntwk_matches -> addr_matches + +1995-04-07 15:37 millert + + * parse.c: ntwk_matches -> addr_matches now use inet_addr() not + inet_network() (which expects octet boundaries) fixes for OSF + (sizeof(int) != sizeof(long)) + +1995-04-07 15:08 millert + + * sudo.c: took out debugging info + +1995-04-06 23:45 millert + + * aclocal.m4: OS was being set to unknown before non-uname based + host checks. This caused no checks to happen since $OS was not + zero-length. + +1995-04-06 23:30 millert + + * sudo.c: fixed loading of interfaces struct still has debugging + info in though + +1995-04-06 22:23 millert + + * parse.c: fixed typo + +1995-04-06 16:17 millert + + * Makefile.in: ++version + +1995-04-06 16:16 millert + + * version.h: ++ + +1995-04-06 16:16 millert + + * visudo.c: removed extraneous extern decl of "top + +1995-04-06 16:14 millert + + * visudo.c: now zeros "top" + +1995-04-06 16:13 millert + + * parse.yacc: removed parser_cleanup (no need for it now) + +1995-04-06 16:13 millert + + * parse.lex: now calls reset_aliases() directly + +1995-04-04 18:21 millert + + * OPTIONS: added a sentence to SECURE_PATH description + +1995-04-04 18:17 millert + + * parse.c: fixed my stupid bug where I used NAMLEN on something I + wanted to just get the name from. argh. + +1995-04-03 16:58 millert + + * lsearch.c: fixed argument order of memmove() that i hosed when + converting from bcopy(). arghh. + +1995-04-03 15:33 millert + + * Makefile.in: finally fixed DISTFILES line + +1995-04-03 15:21 millert + + * Makefile.in: tabs -> spaces + +1995-04-03 15:15 millert + + * Makefile.in: added missing files to DISTFILES + +1995-04-03 14:50 millert + + * Makefile.in: SUPPORTED -> RUNSON + +1995-04-01 03:12 millert + + * TODO: updated + +1995-04-01 01:54 millert + + * RUNSON: updated for pl5b1 release + +1995-04-01 01:53 millert + + * BUGS, TODO: updated + +1995-04-01 01:52 millert + + * check.c: fixed bug where if you hit return at first sudo prompt + it would still log as a failure + +1995-04-01 01:29 millert + + * CHANGES: updated + +1995-04-01 01:25 millert + + * aclocal.m4: better test for bogus void * implementation + +1995-03-31 20:33 millert + + * logging.c: added PASSWORDS_NOT_CORRECT + +1995-03-31 20:32 millert + + * check.c: added PASSWORDS_NOT_CORRECT stuff] + +1995-03-31 20:30 millert + + * sudo.h: added PASSWORDS_NOT_CORRECT + +1995-03-31 19:16 millert + + * tgetpass.c: moved pathnames.h + +1995-03-31 19:16 millert + + * sudo.c: removed some unused vars and fixed up uid2str + +1995-03-31 19:15 millert + + * putenv.c: moved compat.h + +1995-03-31 19:14 millert + + * getcwd.c, getwd.c: added pathnames.h + +1995-03-31 18:18 millert + + * parse.yacc: fixed a typo I introduced in the last checkin :-( + +1995-03-31 18:11 millert + + * parse.lex: can't have #ifdef's where N is defined so just do this + the broken way for AIX + +1995-03-31 18:08 millert + + * parse.yacc: better hack from Chris (but still a hack) + +1995-03-31 18:05 millert + + * parse.lex: stupid hack for broken aix lex + +1995-03-31 17:47 millert + + * tgetpass.c: now includes compat.h + +1995-03-31 17:27 millert + + * visudo.c: now includes fcntl.h + +1995-03-31 17:27 millert + + * compat.h: added FD_SET and FD_ZERO for 4.2BSD + +1995-03-31 16:12 millert + + * parse.yacc: dirty hack to fix parser bug. i don't really like + this but it works for now... + +1995-03-31 16:12 millert + + * sudo.c: uid2str is now static like the prototype says + +1995-03-29 23:48 millert + + * RUNSON: Initial revision + +1995-03-29 23:47 millert + + * TODO, CHANGES, SUPPORTED, TROUBLESHOOTING: updated + +1995-03-29 23:46 millert + + * sudo.c: check_sudoers now returns an error code and sudo calls + inform_user and log_error based on the return value. + +1995-03-29 23:45 millert + + * logging.c, sudo.h: added entries for new errors + +1995-03-29 23:03 millert + + * parse.c: now set uid to that of SUDOERS_OWNER while parsing + sudoers file + +1995-03-29 22:52 millert + + * Makefile.in: took out testsudoers + +1995-03-29 22:36 millert + + * sudo.c: now explicately checks that it is setuid root + +1995-03-29 22:28 millert + + * sudo.c: If a user has no passwd entry sudo would segv (writing to + a garbage pointer). Now allocate space before writing :-) + +1995-03-29 22:06 millert + + * configure.in: reordered AC_CHECK_FUNCS + +1995-03-29 22:06 millert + + * config.h.in: fixed memset macro + +1995-03-29 21:47 millert + + * logging.c: bzero -> memset when a parse error is logged the line + number of the error is now logged too + +1995-03-29 21:46 millert + + * tgetpass.c, visudo.c: bzero -> memset + +1995-03-29 21:46 millert + + * INSTALL: added Sunos to blurb about c2 security + +1995-03-29 21:45 millert + + * configure.in: added a SUN4 define for C2 security + +1995-03-29 21:44 millert + + * config.h.in: bcopy -> memmove bzero -> memset + +1995-03-29 21:43 millert + + * lsearch.c: bcopy -> memmove char * -> VOID * + +1995-03-29 21:30 millert + + * check.c: added support for sunos with C2 security + +1995-03-29 21:12 millert + + * OPTIONS, options.h: reordered + +1995-03-29 21:12 millert + + * pathnames.h.in: _PATH_SUDO_LOGFILE now set based on configure + +1995-03-29 21:12 millert + + * configure.in: added SUDO_LOGFILE and SUDO_TYPE_SIZE_T + +1995-03-29 21:12 millert + + * config.h.in: added _SUDO_PATH_LOGFILE + +1995-03-29 21:11 millert + + * aclocal.m4: added SUDO_LOGFILE to find where to put sudo.log + added SUDO_CHECK_TYPE (just AC_CHECK_TYPE but checks unistd.h + too) added SUDO_TYPE_SIZE_T (calls SUDO_CHECK_TYPE) + +1995-03-29 18:17 millert + + * TROUBLESHOOTING: Initial revision + +1995-03-29 17:59 millert + + * sudo.c: now do set_perms(PERM_ROOT) before the getpwuid() in + load_global() to work around a problem is trusted hpux shadow + passwords. yuck. + +1995-03-29 17:41 millert + + * parse.yacc: backed out a change in malloc/realloc + +1995-03-29 17:38 millert + + * parse.yacc: now include stdlib.h + +1995-03-29 17:22 millert + + * visudo.c: now do an freopen() of the stmp file so that yyin will + always point to the same thing. This is important for flex since + we are doing a YY_NEWFILE + +1995-03-29 17:20 millert + + * parse.yacc: replaced yywrap() with parser_cleanup() since + yywrap() needs to be in parse.lex to be able to use YY_NEW_FILE. + sigh. + +1995-03-29 17:18 millert + + * parse.lex: now have a rule that matches anything that doesn't + match an explicite rule. well, you know what i mean (. matches + anything not yet matched). However, this means that there is + input still queued up so we need to do a YY_NEW_FILE; in yywrap. + So, yywrap has moved into parse.lex and it calls parser_cleanup() + which is most of the old yywrap() sigh. + +1995-03-29 17:17 millert + + * SUPPORTED: no longer used + +1995-03-29 16:13 millert + + * getcwd.c, getwd.c: moved compat.h to be the last include file + +1995-03-29 16:11 millert + + * parse.yacc: fixed type of aliascmp() args + +1995-03-29 15:58 millert + + * find_path.c: NULL -> '\0' + +1995-03-29 15:42 millert + + * parse.yacc: added casts to lfind and lsearch args for irix + +1995-03-29 08:20 millert + + * Makefile.in: bsdinstall -> install-sh + +1995-03-29 08:20 millert + + * INSTALL: added info about make realclean + +1995-03-29 08:17 millert + + * Makefile.in: updated VERSION added dependencies for visudo.cat + +1995-03-29 08:17 millert + + * version.h: -> pl5b1 + +1995-03-29 08:16 millert + + * sudo.c: took out -l + +1995-03-29 00:03 millert + + * Makefile.in: now there is a real visudo.man and visudo.cat + +1995-03-28 23:54 millert + + * sudo.man: took out visudo stuff + +1995-03-28 23:54 millert + + * visudo.man: Initial revision + +1995-03-28 23:12 millert + + * parse.c, parse.lex, parse.yacc: updated copyright + +1995-03-28 23:05 millert + + * README: updated for pl5 + +1995-03-28 20:02 millert + + * sudo.man: updated Nieusma & Hieb email addresses + +1995-03-28 19:57 millert + + * INSTALL: updated to include options.h and OPTIONS + +1995-03-28 19:35 millert + + * CHANGES, TODO: updated + +1995-03-28 19:35 millert + + * BUGS: eliminated bug #1 (yay) + +1995-03-28 19:31 millert + + * configure.in: sunos no longer gets linked statically + +1995-03-28 18:58 millert + + * parse.lex: prototype now uses __P() + +1995-03-28 18:49 millert + + * parse.lex: make fill() non-ansi + +1995-03-28 15:26 millert + + * parse.c: made -v (validate) work + +1995-03-28 15:26 millert + + * logging.c: now gives host + +1995-03-28 10:34 millert + + * find_path.c: don't check for execute/statable if fq or relative + path given + +1995-03-28 01:07 millert + + * parse.c: added a cast + +1995-03-28 00:49 millert + + * visudo.c: now include ctype.h for islower and tolower macros + +1995-03-28 00:48 millert + + * goodpath.c: moved _S_IFMT & _S_ISREG to compat.h + +1995-03-28 00:48 millert + + * sudo.c: moved a set of parens + +1995-03-28 00:48 millert + + * strdup.c: now include compat.h + +1995-03-28 00:47 millert + + * parse.yacc: now cast malloc & realloc return vals added search + for HAVE_LSEARCH now use strcmp if no strcasecmp available + +1995-03-28 00:46 millert + + * lsearch.c, emul/search.h: void * -> VOID * + +1995-03-28 00:45 millert + + * config.h.in: removed HAVE_FLEX added VOID added HAVE_DIRENT_H, + HAVE_SYS_NDIR_H, HAVE_SYS_DIR_H, HAVE_NDIR_H added HAVE_LSEARCH + +1995-03-28 00:44 millert + + * compat.h: added _S_IFMT, _S_IFREG, and S_ISREG + +1995-03-28 00:44 millert + + * aclocal.m4: took out SUDO_PROG_INSTALL 1.x to 2.x changes added + echo and results to most SUDO_* macros + +1995-03-28 00:43 millert + + * Makefile.in: no more -I. + +1995-03-28 00:22 millert + + * configure.in: various 1.x ro 2.x autoconf changes now check for + strcasecmp now use AC_INSTALL_PROG instead of custom one added + check for fully woorking void implementation + +1995-03-28 00:02 millert + + * Makefile.in: added lsearch & search.h visudo links into + $(LIBOBJS) + +1995-03-27 23:43 millert + + * aclocal.m4: partial 1.x to 2.x changes added SUDO_FULL_VOID + +1995-03-27 23:40 millert + + * visudo.c: whatnow_help was prototyped to be static be was not + declared as such + +1995-03-27 21:15 millert + + * configure.in: autoconf 2.x changes took out HAVE_FLEX (no longer + used) added check for dirent/dir/ndir.h + +1995-03-27 21:09 millert + + * parse.c: now use groovy gnu autoconf macro AC_HEADER_DIRENT + +1995-03-27 20:38 millert + + * getcwd.c, getwd.c: MAXPATHLEN -> MAXPATHLEN+1 + +1995-03-27 20:23 millert + + * emul/search.h, lsearch.c: Initial revision + +1995-03-27 18:26 millert + + * parse.yacc: eliminated bison warnings + +1995-03-27 17:10 millert + + * parse.lex: added missing case + +1995-03-27 17:04 millert + + * visudo.c: now iincludes signal.h + +1995-03-27 15:16 millert + + * parse.yacc: only clear data structures on a parse error + +1995-03-27 15:01 millert + + * visudo.c: whatnow() now gives help on invalid input + +1995-03-27 14:54 millert + + * visudo.c: added a whatnow() function (sort of like mh) + +1995-03-27 14:53 millert + + * parse.yacc: kill_aliases -> reset_aliases yywrap() now cleans up + by calling reset_aliases() and clearing top took reset stuff out + of yyerror() since it doesn't beling there (and doesn't work + anyway). errorlineno is now initially set to -1 so we can set it + to the first error that occurrs (it was getting set to the last) + +1995-03-27 14:53 millert + + * parse.lex: added a void cast + +1995-03-27 13:26 millert + + * visudo.c: rewrote from scratch based on 4.3BSD vipw.c + +1995-03-26 01:33 millert + + * sudo.c, sudo.h: removed ocmnd + +1995-03-26 01:19 millert + + * sudo.h: no more sudo_realpath() and find_path() changed params + +1995-03-26 01:19 millert + + * sudo.c: find_path() changed since no more realpath() + +1995-03-26 01:18 millert + + * parse.yacc: on error, errorlineno is set to the line where the + error occurred added kill_aliases() to free the aliases struct + now clean up in yyerror() so we can reparse cleanly + +1995-03-26 01:17 millert + + * logging.c: changed to use new find_path() + +1995-03-26 01:17 millert + + * options.h, parse.c: no more USE_REALPATH + +1995-03-26 01:16 millert + + * find_path.c: removed all the realpath() stuff + +1995-03-26 01:16 millert + + * Makefile.in: sudo_realpath.c -> sudo_goodpath.c + +1995-03-26 01:12 millert + + * visudo.c: now works correctly with utk parser + +1995-03-26 00:04 millert + + * goodpath.c: Initial revision + +1995-03-25 23:23 millert + + * sudo_realpath.c: eliminated a compiler warning + +1995-03-25 21:56 millert + + * sudo.c: elinated compiler warning + +1995-03-25 20:40 millert + + * sudo_realpath.c: added sudo_goodpath() + +1995-03-25 20:40 millert + + * sudo.h: added prototype for sudo_goodpath + +1995-03-25 20:39 millert + + * parse.c: added support for /sys/dir.h + +1995-03-25 20:39 millert + + * options.h: USE_REALPATH turned off + +1995-03-25 20:39 millert + + * find_path.c: added calls to sudo_goodpath() + +1995-03-25 20:39 millert + + * configure.in: added check for dirent.h + +1995-03-25 20:38 millert + + * config.h.in: added HAVE_DIRENT_H + +1995-03-25 19:27 millert + + * configure.in: added in linux shadow pass stuff + +1995-03-24 14:43 millert + + * visudo.c: added back host, user, cmnd, parse_error + +1995-03-24 14:19 millert + + * visudo.c: added in utk changes plus some minor cosmetic changes + +1995-03-24 14:17 millert + + * sudo.c, sudo_realpath.c: added void casts for printf's + +1995-03-24 14:17 millert + + * options.h: added a define of USE_REALPATH + +1995-03-24 14:17 millert + + * configure.in: there is no more visudoers/Makefile + +1995-03-24 14:16 millert + + * Makefile.in: added in utk changes (visudo is now built from the + toplevel) + +1995-03-24 14:15 millert + + * find_path.c: added (void) casts to printf's + +1995-03-23 22:32 millert + + * parse.c, parse.lex, parse.yacc, sudo.h, sudo_realpath.c: merged + in utk changes + +1995-03-22 23:13 millert + + * find_path.c: now check to see that what we are trying to run is a + file (or a link to a file, we do a stat(2) so there is no diff) + +1995-03-13 15:56 millert + + * CHANGES: updated + +1995-03-13 15:56 millert + + * Makefile.in: aclocal.m4 -> acsite.m4 make realclean updated for + new autoconf + +1995-03-13 15:11 millert + + * sudo.man: added myself as maintainer + +1995-02-16 23:31 millert + + * sudo.c: changed setegid -> setgid + +1995-02-06 17:43 millert + + * configure.in: fixed the test for irix 5.x to skip bad libs + +1995-02-06 17:43 millert + + * aclocal.m4: now initialize OS and OSREV + +1995-01-26 20:52 millert + + * configure.in: irix5 changes + +1995-01-26 20:28 millert + + * configure.in: AC_WITH -> AC_ARG_WITH changes other misc changes + for autoconf 2.1 compatibility + +1995-01-18 19:49 millert + + * visudo.c: use YY_NEW_FILE, not yyrestart since OSF flex doesn't + do the righ thing wrt yyrestart (grrrr) + +1995-01-16 18:44 millert + + * Makefile.in: added visudoers/compat.h to DISTFILES + +1995-01-16 17:01 millert + + * configure.in: fixed an echo + +1995-01-16 16:36 millert + + * sudo.c: added ocmnd declaration adjusted for find_path()'s new + parameters + +1995-01-16 16:35 millert + + * sudo.h: added ocmnd extern adjusted find_path() prototype + +1995-01-16 16:34 millert + + * parse.c: cmndcmp() now takes 3 arguments and checks against the + qualified as well as the unqualified pathname. more code that + should use cmndcmp() but did not, now does + +1995-01-16 16:34 millert + + * options.h: added to a comment + +1995-01-16 16:33 millert + + * logging.c: changed to use new find_path() parameter passing + +1995-01-16 16:32 millert + + * find_path.c: find_path() now takes 2 copyout parameters (one for + the qualified pathname and one for the unqualified pathname). + The third parameter may be NULL. + +1995-01-16 16:31 millert + + * configure.in: no longer munge pathnames.h + +1995-01-16 16:30 millert + + * pathnames.h.in: changed _PATH_* to use _SUDO_PATH_* (which are + defined in config.h) as a result, pathnames.h does not need to be + run through configure and the user can override the configured + values easily. + +1995-01-16 16:30 millert + + * config.h.in: added _SUDO_PATH_* entries + +1995-01-16 16:30 millert + + * aclocal.m4: _PATH* -> _SUDO_PATH_* + +1995-01-16 16:28 millert + + * Makefile.in: updated DISTFILES and HDRS .o's now depend on + config.h + +1995-01-13 12:52 millert + + * compat.h: removed extraneous #endif + +1995-01-13 12:48 millert + + * aclocal.m4: added SUDO_PROG_MV + +1995-01-13 12:47 millert + + * configure.in: added SUDO_PROG_MV added riscos and isc os types + took out -DSHORT_MESSAGE from --with-csops since it is now the + default + +1995-01-13 12:46 millert + + * sudo.c: move the include of id.h to compat.h now includes + options.h + +1995-01-13 12:45 millert + + * sudo.h: moved compatibility #defines to compat.h + +1995-01-13 12:45 millert + + * pathnames.h.in: added _PATH_MV + +1995-01-13 12:43 millert + + * config.h.in: move __P to compat.h + +1995-01-13 12:39 millert + + * getcwd.c, getwd.c, putenv.c: now includes compat.h + +1995-01-13 12:39 millert + + * compat.h: Initial revision + +1995-01-11 19:11 millert + + * sudo.h: pull user-configurable stuff out and put in options.h + +1995-01-11 18:43 millert + + * check.c, find_path.c, logging.c, parse.c, sudo_realpath.c, + sudo_setenv.c, parse.lex, parse.yacc, visudo.c: now includes + options.h + +1995-01-11 18:41 millert + + * Makefile.in: added visudoers/options.h + +1995-01-11 18:40 millert + + * options.h, OPTIONS: Initial revision + +1995-01-11 18:39 millert + + * Makefile.in: added OPTIONS and options.h + +1995-01-11 18:36 millert + + * logging.c: changed #ifdef's to use LOGGING and + SLOG_SYSLOG/SLOG_FILE + +1995-01-11 11:02 millert + + * check.c, sudo.h: changed PASSWORD_TIMEOUT to minutes + +1994-12-17 18:18 millert + + * visudo.c: now only do Editor +line_num if line_num != 0 + +1994-12-15 21:06 millert + + * visudo.c: now use mv if rename(2) fails + +1994-12-15 20:32 millert + + * BUGS: added a visudo bug + +1994-12-15 19:46 millert + + * check.c: expanded comment + +1994-11-12 18:33 millert + + * check.c: fixed user_is_exempt to return 0 if EXEMPTGROUP is not + set + +1994-11-09 19:49 millert + + * sudo.c: added mips & isc support + +1994-11-09 19:49 millert + + * parse.c: added support for non-root owned sudoers file + +1994-11-09 19:48 millert + + * check.c: added exempt group support + +1994-11-09 19:47 millert + + * sudo.h: added set_perms() support added SUDOERS_OWNER so can have + non-root own sudoers file added exempt group support added isc + support + +1994-11-09 19:46 millert + + * visudo.c: now copy sudoers to temp file via read/write (not + stdio) now chown new sudoers file to SUDOERS_OWNER + +1994-11-07 20:40 millert + + * configure.in: added skey support + +1994-11-07 20:39 millert + + * sudo.h: fixed typo added set_perms support added skey support + added seteuid()/setegid() emulation for AIX + +1994-11-07 20:38 millert + + * sudo.c: be_* -> setperms() now check to make sure sudoers file is + owned by root nread/write by only root + +1994-11-07 20:38 millert + + * logging.c, parse.c, sudo_realpath.c: be_* -> setperms() + +1994-11-07 20:38 millert + + * check.c: be_* -> set_perms() added skey support + +1994-11-06 18:59 millert + + * Makefile.in: ++version + +1994-11-06 18:59 millert + + * version.h: ++ + +1994-10-21 13:16 millert + + * sudo.c: now sets IFS + +1994-10-21 12:02 millert + + * insults.h: fixed typo + +1994-10-15 15:48 millert + + * config.h.in: added HAVE_SKEY + +1994-10-04 13:00 millert + + * CHANGES: updated + +1994-10-04 12:57 millert + + * Makefile.in: ++version + +1994-10-04 12:57 millert + + * version.h: ++ + +1994-10-04 12:56 millert + + * sudo.c: now bail if ARgv[1] > MAXPATHLEN + +1994-10-04 12:56 millert + + * configure.in: added function check for tcgetattr(3) + +1994-10-04 12:55 millert + + * config.h.in: only define HAVE_TERMIOS_H if you have tcgetattr(3) + +1994-10-04 12:53 millert + + * config.h.in: added check for tcgetattr + +1994-09-26 17:38 millert + + * CHANGES: updated + +1994-09-22 13:30 millert + + * parse.lex: now only include unistd.h for linux + +1994-09-21 14:29 millert + + * Makefile.in: added visudo.8 generation + +1994-09-21 14:07 millert + + * configure.in: added -Wl,-bI:./aixcrypt.exp to aix flags + +1994-09-20 19:39 millert + + * BUGS: added one + +1994-09-20 19:39 millert + + * CHANGES: updated + +1994-09-20 19:38 millert + + * README: added mailing list info + +1994-09-20 19:37 millert + + * parse.yacc: now use sudolineno instead of yylineno fixed bison + warnings + +1994-09-20 19:37 millert + + * configure.in: now use -no_library_replacement for osf don't make + a static binary for hpux >= 9.0 + +1994-09-20 19:21 millert + + * tgetpass.c: added string.h/strings.h inclusion + +1994-09-20 19:21 millert + + * config.h.in: added ssize_t def + +1994-09-20 19:18 millert + + * parse.lex: added inclusion of string.h/strings.h + +1994-09-20 18:48 millert + + * aclocal.m4: fixed uname | sed (needed to quote the '[') + +1994-09-20 18:42 millert + + * parse.lex: replaced yylineno with sudolineno fixed bison syntax + errors + +1994-09-20 18:13 millert + + * visudo.c: changed yylineno to sudolineno since yylineno cannot be + counted upon. + +1994-09-20 18:10 millert + + * TODO: updated + +1994-09-20 17:52 millert + + * parse.c: added code to support command listings + +1994-09-20 17:36 millert + + * sudo.c: added code for -l flag + +1994-09-20 17:35 millert + + * sudo.man: fixed typo added info for -l flag + +1994-09-20 14:45 millert + + * configure.in: AC_SSIZE_T -> SUDO_SSIZE_T + +1994-09-20 14:45 millert + + * aclocal.m4: added SUDO_SSIZE_T + +1994-09-20 14:44 millert + + * sudo.h: added MODE_LIST + +1994-09-20 14:43 millert + + * configure.in: added AC_SSIZE_T + +1994-09-19 20:53 millert + + * find_path.c, sudo_realpath.c: readlink() is now declared as + returning ssize~_t + +1994-09-19 20:44 millert + + * configure.in: added -laud for OSF c2 + +1994-09-02 15:55 millert + + * config.h.in, parse.lex, parse.yacc, pathnames.h.in, visudo.c, + Makefile.in: changed sudo-bugs.cs.colorado.edu -> + sudo-bugs@cs.colorado.edu + +1994-09-02 15:54 millert + + * check.c, find_path.c, getcwd.c, getwd.c, insults.h, logging.c, + parse.c, putenv.c, strdup.c, sudo.c, sudo.h, sudo_realpath.c, + sudo_setenv.c, tgetpass.c, version.h: changed + sudo-bugs.cs.colorado.edu -> sudo-bugs@cs.colorado.ed + +1994-09-01 15:56 millert + + * Makefile.in: ++version + +1994-09-01 15:55 millert + + * version.h: ++ + +1994-09-01 15:55 millert + + * logging.c: added host to alertmail messages + +1994-09-01 15:55 millert + + * CHANGES, TODO: udpated + +1994-09-01 15:26 millert + + * logging.c: fixed logging problem where mail would not say which + user it was + +1994-09-01 13:45 millert + + * configure.in: added -laud for gcc if osf & c2 + +1994-09-01 13:39 millert + + * check.c: moved set_auth_parameters to sudo.c + +1994-09-01 13:38 millert + + * sudo.c: added set_auth_parameters for osf + +1994-09-01 13:22 millert + + * configure.in: cleaned up -static stuff + +1994-09-01 13:15 millert + + * Makefile.in: ++version + +1994-09-01 13:15 millert + + * version.h: ++ + +1994-09-01 13:15 millert + + * sudo.c: changed setenv() to sudo_setenv() + +1994-09-01 13:12 millert + + * check.c: fixed osf problem + +1994-08-31 22:17 millert + + * configure.in: added OSF C2 stuff + +1994-08-31 22:00 millert + + * CHANGES: updated + +1994-08-31 21:56 millert + + * check.c: added osf auth support & removed some extra spaces + +1994-08-31 21:52 millert + + * INSTALL, SUPPORTED: added osf C2 stuff + +1994-08-31 19:52 millert + + * TODO: added 2 suggestions + +1994-08-31 19:33 millert + + * Makefile.in: removed README.v1.3.1 and added VERSION stuff + +1994-08-31 18:48 millert + + * version.h: pl1 + +1994-08-30 18:31 millert + + * version.h: 1.3.1final + +1994-08-30 18:30 millert + + * Makefile.in: added HISTORY + +1994-08-30 18:30 millert + + * sudo.man: mention HISTPRY file + +1994-08-30 18:30 millert + + * sudo.c: use sizeof instead of a constant in 1 place + +1994-08-30 18:30 millert + + * parse.yacc: added unistd.h + +1994-08-30 18:29 millert + + * parse.lex: added unistd.h + +1994-08-30 18:27 millert + + * README: udpated + +1994-08-30 18:15 millert + + * HISTORY: Initial revision + +1994-08-17 12:45 millert + + * version.h: ++ + +1994-08-17 12:39 millert + + * CHANGES: updated + +1994-08-17 12:36 millert + + * sudo_setenv.c: added unistd.h include + +1994-08-16 15:46 millert + + * sudo.c: added sys/time.h for AIX + +1994-08-14 21:22 millert + + * configure.in: added check for -lsocket and sys/sockio.h + +1994-08-14 21:21 millert + + * config.h.in: took out libshadow check and added in sys/sockio.h + check + +1994-08-14 21:21 millert + + * sudo.c: now include sockio.h instead of ioctl.h if it exists + "sudo -" now gets a better error message + +1994-08-14 20:47 millert + + * sample.sudoers: now has a dir and subnet entry + +1994-08-13 18:15 millert + + * sudo.c: removed if_ether.h + +1994-08-13 17:16 millert + + * TODO: added an item + +1994-08-13 17:15 millert + + * sudo.man: added network and ip addresses to man page + +1994-08-13 17:09 millert + + * sudo.c: no error if can't get interfaces or netmask since + networking may not be in the kernel. + +1994-08-13 17:08 millert + + * parse.c: nwo check for interfaces == NULL + +1994-08-12 21:22 millert + + * parse.c: fixed a bug that caused directory specs in a Cmnd_Alias + to fail if the last entry in the spec failed (ie: it was only + looking at the last entry). CLeaned things up by adding the + cmndcmp() function--all neat & tidy + +1994-08-12 21:21 millert + + * CHANGES: added one + +1994-08-11 23:42 millert + + * sudo.c: now do two passes to skip bogus interfaces (lo0, etc) + +1994-08-11 21:58 millert + + * logging.c, sudo_realpath.c, sudo_setenv.c: added ninclude of + netinet/in.h + +1994-08-11 21:58 millert + + * check.c, find_path.c, getcwd.c, getwd.c, parse.lex, parse.yacc, + visudo.c: added include of netinet/in.h + +1994-08-11 21:57 millert + + * version.h: ++ + +1994-08-11 21:57 millert + + * sudo.h: added interfaces global + +1994-08-11 21:56 millert + + * parse.c: now uses new interfaces global + +1994-08-11 21:56 millert + + * sudo.c: now ip addresses are gleaned fw/o dns + +1994-08-10 19:21 millert + + * sudo.c: added load_ip_addrs() to load the ip_addrs global var + +1994-08-10 19:21 millert + + * parse.c: added hostcmp() to compare hostnames, ip addrs, and + network addrs + +1994-08-10 19:20 millert + + * sudo.h: added ip_addrs def added load_ip_addrs prototype + +1994-08-08 16:03 millert + + * CHANGES: updated + +1994-08-08 15:57 millert + + * Makefile.in: removed multiple entries in DISTFILES + +1994-08-08 13:05 millert + + * visudo.c: ansified the !STDC_HEADERS decls + +1994-08-08 13:05 millert + + * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c: don't do + malloc decl if gnuc + +1994-08-08 13:04 millert + + * sudo.c: can't use getopt(3) since it munges args to the command + to be run as root don't do malloc decl if gnuc + +1994-08-08 00:41 millert + + * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c, sudo.c, + sudo_realpath.c, sudo_setenv.c: ansi-fied !STDC_HEADER function + prottypes + +1994-08-08 00:27 millert + + * getcwd.c, getwd.c: added missing paren + +1994-08-08 00:23 millert + + * Makefile.in: added putenv.c to DISTFILES + +1994-08-08 00:08 millert + + * sudo_setenv.c: added params to func decls when STDC_HEADERS is + not defined now can count on putenv() being there + +1994-08-08 00:08 millert + + * sudo_realpath.c: took out errno decl since sudo.h does it for us + fixed up a next cc warning added params to func decls when + STDC_HEADERS is not defined + +1994-08-08 00:07 millert + + * sudo.h: took out environ extern added local declaratio of + putenv() if local version is needed + +1994-08-08 00:05 millert + + * find_path.c, getcwd.c, getwd.c, strdup.c, sudo.c: added params to + func decls when STDC_HEADERS is not defined + +1994-08-08 00:04 millert + + * config.h.in: added memcpy check check to see that ansi vs bsd + macros are ntot already defiend before defining (ie: avoid + redefinition) + +1994-08-08 00:03 millert + + * configure.in: removed fluff setenv check plus check w/ replace + for putenv if also no setenv + +1994-08-08 00:01 millert + + * putenv.c: Initial revision + +1994-08-06 19:19 millert + + * sudo_setenv.c: Initial revision + +1994-08-06 19:19 millert + + * sudo.h: rm'd s realp[ath added sudo_realpath and sudo_setenv + +1994-08-06 19:19 millert + + * sudo.c: now use sudo_setenvc + +1994-08-06 19:18 millert + + * configure.in: added puteenv and setenv, removed realpath + +1994-08-06 19:18 millert + + * config.h.in: added putenv & setenv + +1994-08-06 19:18 millert + + * Makefile.in: added sudo_setenv + +1994-08-06 19:16 millert + + * version.h: ++ + +1994-08-05 19:43 millert + + * configure.in: added MAN_POSTINSTALL and /usr/share/catman for + irix + +1994-08-05 19:43 millert + + * Makefile.in: added MAN_POSTINSTALL + +1994-08-05 19:43 millert + + * CHANGES: added + +1994-08-05 19:10 millert + + * sudo.man: added SUDO_* plus new options + +1994-08-05 19:10 millert + + * CHANGES: added one + +1994-08-05 19:07 millert + + * configure.in: took out shadow lib + +1994-08-05 18:35 millert + + * TODO: adde done + +1994-08-05 17:52 millert + + * visudo.c: now use yyrestart() if flex now reset yylineno to 0 + +1994-08-05 17:49 millert + + * Makefile.in: support for installing a cat page instead of a man + page if no nroff + +1994-08-05 17:48 millert + + * configure.in: now defines HAVE_FLEX fixed up man stuff so that it + looks for nroff to determine whether or not to install a cat or + man page + +1994-08-05 17:48 millert + + * config.h.in: added HAVE_FLEX + +1994-08-05 16:14 millert + + * sudo.c: not set ret to MODE_RUN initially + +1994-08-05 16:12 millert + + * find_path.c: made command (and therefor cmnd dynamically + allocated) + +1994-08-04 20:25 millert + + * TODO: did #8 + +1994-08-04 20:24 millert + + * version.h: ++ + +1994-08-04 20:24 millert + + * sudo_realpath.c: changed bufs from MAXPATHLEN to MAXPATHLEN+1 + +1994-08-04 20:24 millert + + * sudo.h: added MODE_ removed validate_only and added + remove_timestamp() + +1994-08-04 20:22 millert + + * sudo.c: usage() now takes an int (exit value) added parse_args() + to parse command line arguments moved call to find_path() from + load_globals to new function load_cmnd() removed validate_only + global -- now use the concept of "modes" added -h and -k options + +1994-08-04 20:21 millert + + * parse.c: no longer use global validate_only now checks for + command called "validate" removed check for non-fully qualified + commands since that is done by find_path + +1994-08-04 20:20 millert + + * find_path.c: changed MAXPATHLEN r to MAXPATHLEN+1 + +1994-08-04 20:17 millert + + * find_path.c: fixed off by one error with MAXPATHLEN and fixed a + comment + +1994-08-04 20:17 millert + + * check.c: check_timestamp no longer runs reminder(), it is implied + in the return val added remove_timestamp() + +1994-08-04 20:16 millert + + * CHANGES: updated + +1994-08-04 16:38 millert + + * BUGS: fixed on + +1994-08-04 16:38 millert + + * sudo_realpath.c: took out old_errno + +1994-08-04 16:37 millert + + * CHANGES: updated + +1994-08-03 12:08 millert + + * logging.c: moved send_mail to after syslog + +1994-08-02 22:41 millert + + * sudo.c: now set SUDO_ envariables + +1994-08-01 13:40 millert + + * version.h: ++ + +1994-08-01 13:39 millert + + * sudo_realpath.c: now print error if chdir fails + +1994-08-01 13:39 millert + + * find_path.c: removed an XXX + +1994-07-25 20:40 millert + + * CHANGES: updated + +1994-07-25 20:36 millert + + * configure.in: no more static binaries for aix + +1994-07-25 18:37 millert + + * INSTALL: fixed typo + +1994-07-25 18:33 millert + + * sudo_realpath.c: took out stuff not needed for sudo now does + be_root/be_user itself now uses cwd global + +1994-07-25 18:32 millert + + * version.h: +=2 + +1994-07-25 18:31 millert + + * logging.c, sudo.c: be_root/be_user is now down in sudo_realpath() + +1994-07-25 18:26 millert + + * logging.c, sudo.h: now works with 4.2BSD syslog (blech) + +1994-07-25 18:25 millert + + * find_path.c: now use sudo_realpath() + +1994-07-25 18:25 millert + + * config.h.in: took out realpth() stuff since we now use + sudo_realpath() + +1994-07-25 18:25 millert + + * configure.in: ultrix enhanced sec + +1994-07-25 18:25 millert + + * SUPPORTED: added ultrix enhanced sec. + +1994-07-25 18:24 millert + + * INSTALL: updated + +1994-07-25 18:21 millert + + * check.c: ultrix enhanced security suport + +1994-07-25 18:20 millert + + * Makefile.in: added sudo_realpath.c + +1994-07-25 18:18 millert + + * CHANGES: updated + +1994-07-25 14:28 millert + + * tgetpass.c: increased passwd len to 24 for c2 security + +1994-07-25 13:17 millert + + * BUGS: updated BUGS + +1994-07-15 11:49 millert + + * check.c: now use user global var + +1994-07-15 11:48 millert + + * configure.in: took out -ls + +1994-07-14 19:11 millert + + * configure.in: added AFS libs + +1994-07-14 17:45 millert + + * sudo.h: user is now a char * added epasswd + +1994-07-14 17:43 millert + + * sudo.c: added tzset() to load_globals added epasswd (encrypted + password) global made user dynamically allocated + +1994-07-14 17:43 millert + + * configure.in: added tzset test + +1994-07-14 17:43 millert + + * config.h.in: added HAVE_TZSET + +1994-07-14 17:42 millert + + * check.c: cleaned up encrypted passwd grab somewhat + +1994-07-14 12:34 millert + + * configure.in: fixed AFS typo + +1994-07-14 12:34 millert + + * INSTALL: added AFS not + +1994-07-14 12:34 millert + + * CHANGES: udpated + +1994-07-14 12:33 millert + + * logging.c: can now log to both syslog & a file + +1994-07-14 12:12 millert + + * sudo.h: added BOTH_LOGS + +1994-07-14 11:34 millert + + * CHANGES: updated + +1994-07-14 11:32 millert + + * configure.in: --with-AFS + +1994-07-14 11:32 millert + + * config.h.in: added HAVE_AFS + +1994-07-14 11:31 millert + + * check.c: added afs changes + +1994-07-14 11:21 millert + + * sudo.h: removed AFS stuff :-) + +1994-07-14 11:19 millert + + * tgetpass.c: include sys/select for AIX + +1994-07-14 11:17 millert + + * sudo.h: added AFS + +1994-07-14 11:16 millert + + * version.h: ++ + +1994-07-07 14:45 millert + + * SUPPORTED, CHANGES: updated + +1994-07-07 14:44 millert + + * logging.c: can now have MAILER undefined + +1994-07-07 14:37 millert + + * INSTALL: new sub-note about MAILER + +1994-07-06 23:11 millert + + * sudo.man: added blurb about password timeout + +1994-07-06 20:52 millert + + * configure.in: convex c2 changes + +1994-07-06 20:52 millert + + * aclocal.m4: took out duplicate define of _CONVEX_SOURCE + +1994-07-06 20:51 millert + + * Makefile.in: added OSDEFS + +1994-07-06 20:46 millert + + * config.h.in: added spaces + +1994-07-06 20:08 millert + + * tgetpass.c: added a goto if fgets fails + +1994-07-06 20:08 millert + + * sudo.h: use __hpux not hpux convex c2 stuff + +1994-07-06 20:08 millert + + * sudo.c: use __hpux not hpux + +1994-07-06 20:08 millert + + * logging.c: convex c2 stuff + +1994-07-06 20:07 millert + + * config.h.in: define ansi-ish cpp os defines if non-ansi are + defined for hpux & convex + +1994-07-06 20:07 millert + + * INSTALL: updated to say we support sonvex C2 + +1994-07-06 20:05 millert + + * check.c: added convex c2 support + +1994-07-01 12:06 millert + + * tgetpass.c: no more ioctl never returns NULL uses fgets() and + select() to timeout + +1994-06-29 17:04 millert + + * configure.in: things were testing -n "$GCC" instead of -z "$GCC" + +1994-06-29 16:39 millert + + * tgetpass.c: now works + uses fgets() + +1994-06-28 18:25 millert + + * tgetpass.c: select doesn't seem to recognize a single '\n' as + input waiting so we can;t use it, sigh. + +1994-06-26 16:38 millert + + * PORTING: updated tgetpass() blurb + +1994-06-26 16:35 millert + + * configure.in: added --with-getpass + +1994-06-26 16:35 millert + + * Makefile.in: added tgetpass stuff + +1994-06-26 15:25 millert + + * tgetpass.c: now uses stdio + +1994-06-26 15:17 millert + + * version.h: ++ + +1994-06-24 19:48 millert + + * PORTING: updated ,. + +1994-06-24 19:46 millert + + * config.h.in: added USE_GETPASS && HAVE_C2_SECURITY + +1994-06-24 19:45 millert + + * configure.in: fixed a test aded --with-C2 and --with-tgetpass + +1994-06-24 19:45 millert + + * check.c: added hpux C2 shit + +1994-06-24 19:45 millert + + * Makefile.in: took out tgetpass.* + +1994-06-24 19:45 millert + + * INSTALL: added C2 blurb + +1994-06-13 15:54 millert + + * configure.in: no termio(s) for ultrix since it is broken + +1994-06-13 15:41 millert + + * check.c: added a space (yeah, anal) + +1994-06-13 15:17 millert + + * realpath.c, sudo_realpath.c: fixed it (duh, rtfm) + +1994-06-08 14:34 millert + + * config.h.in: took out bsd signal stuff for irix + +1994-06-08 14:26 millert + + * visudo.c: comments in #endif + +1994-06-08 14:09 millert + + * configure.in: don't define BSD signals for irix + +1994-06-08 12:57 millert + + * TODO: did some... + +1994-06-08 12:57 millert + + * CHANGES: updated + +1994-06-08 12:56 millert + + * realpath.c, sudo_realpath.c: took out unneeded code by changing + where a strings was terminated + +1994-06-07 19:21 millert + + * realpath.c, sudo_realpath.c: fix bug where /dirname would return + NULL + +1994-06-07 17:40 millert + + * sudo.h: move __P to config.h + +1994-06-07 17:40 millert + + * getcwd.c, getwd.c, realpath.c, sudo_realpath.c: added errno + definition + +1994-06-07 17:40 millert + + * config.h.in: added __P + +1994-06-07 17:21 millert + + * config.h.in: added HAVE_FCHDIR + +1994-06-07 17:18 millert + + * strdup.c: now include stdio + +1994-06-07 14:55 millert + + * realpath.c, sudo_realpath.c: now works if no fchdir + +1994-06-07 14:55 millert + + * visudo.c: define SA_RESETHAND to null if not defined + +1994-06-07 14:54 millert + + * configure.in: added check & replace + +1994-06-06 20:05 millert + + * configure.in: took out -static for nextstep -- it doesn't work + +1994-06-06 19:59 millert + + * logging.c: moved #endif to where it belongs + +1994-06-06 19:54 millert + + * SUPPORTED: correction + +1994-06-06 19:42 millert + + * configure.in: now checks for strdup realpath getcwd bzero + +1994-06-06 19:31 millert + + * config.h.in: emulate bzero + +1994-06-06 16:57 millert + + * visudo.c: added posic signals + +1994-06-06 16:57 millert + + * tgetpass.c: bzero cast + +1994-06-06 16:57 millert + + * logging.c: added posix signals + +1994-06-06 16:56 millert + + * configure.in: removed BROKEN_GETPASS added new srcs toreplace + missing functions + +1994-06-06 16:56 millert + + * config.h.in: added posix signal stuff + +1994-06-06 16:56 millert + + * Makefile.in: added new srcs + +1994-06-06 12:53 millert + + * visudo.c: updated useag + +1994-06-06 12:39 millert + + * tgetpass.c: now uses posix signals + +1994-06-05 20:17 millert + + * PORTING: updated sto reflect major changes + +1994-06-05 20:05 millert + + * TODO, CHANGES: updated + +1994-06-05 20:04 millert + + * tgetpass.c: uses sysconf() if available + +1994-06-05 20:04 millert + + * sudo.h: added PASSWORD_TIMEOUT + prototypes for new functions + +1994-06-05 20:04 millert + + * realpath.c, sudo_realpath.c: for those w/o this in libc + +1994-06-05 20:03 millert + + * getcwd.c, getwd.c: Initial revision + +1994-06-05 20:03 millert + + * find_path.c: rewrote to use realpath(3) - nis now all my code + +1994-06-05 20:02 millert + + * config.h.in: added HAVE_REALPATH + +1994-06-05 20:02 millert + + * check.c: now use tgetpass + +1994-06-05 20:02 millert + + * Makefile.in: added LIBOBJS use tgetpass.c + +1994-06-05 18:55 millert + + * tgetpass.c: works now :-) + +1994-06-05 18:27 millert + + * tgetpass.c: Initial revision + +1994-06-05 17:17 millert + + * pathnames.h.in: added /dev/tty + +1994-06-04 17:12 millert + + * version.h: incremented + +1994-06-04 15:29 millert + + * sudo.c: always use getcwd + +1994-06-04 14:49 millert + + * config.h.in: added check for getwd + +1994-06-04 14:48 millert + + * configure.in: replace strdup & realpath & getcwd if missing + +1994-06-04 14:47 millert + + * pathnames.h.in: added _PATH_PWD + +1994-06-04 14:46 millert + + * aclocal.m4: added SUDO_PROG_PWD + +1994-06-04 14:37 millert + + * realpath.c, sudo_realpath.c, strdup.c: Initial revision + +1994-06-03 11:31 millert + + * configure.in: quoted quare brackets + +1994-06-02 17:49 millert + + * sudo.c: no need to strdup() a constant + +1994-06-02 15:45 millert + + * CHANGES: updated + +1994-06-02 15:44 millert + + * sudo.man: added validate + +1994-06-02 15:42 millert + + * sudo.c: added -v to usage + +1994-06-02 15:41 millert + + * parse.c, sudo.c, sudo.h: added validate_only stuff + +1994-05-29 21:29 millert + + * configure.in: now finds sed + +1994-05-29 21:28 millert + + * aclocal.m4: $OSREV is now an int + +1994-05-29 19:13 millert + + * configure.in: added mtxinu to caser + +1994-05-29 18:37 millert + + * sudo.h: added EXEC macro + +1994-05-29 18:36 millert + + * sudo.c: now use the EXEC nmacro now only do a gethostbyname() if + FQDN is set + +1994-05-29 18:36 millert + + * logging.c: changed mail_argv[] def now use EXEC() macro + +1994-05-29 18:35 millert + + * check.c: took out crypt() definition + +1994-05-29 17:23 millert + + * version.h: upped the version + +1994-05-29 15:52 millert + + * configure.in: always look for -lnsl + +1994-05-29 15:29 millert + + * aclocal.m4: added an echo + +1994-05-29 15:25 millert + + * sudo.h: SHORT_MESSAGE is now the default + +1994-05-29 15:18 millert + + * config.h.in: fixed typo + +1994-05-29 01:29 millert + + * configure.in: added missing AC_DEFINE(SVR4) for solaris + +1994-05-28 20:42 millert + + * sudo.man: documented the -v flag + +1994-05-28 20:34 millert + + * SUPPORTED: updated + +1994-05-28 20:31 millert + + * check.c: proto-ized crypt() + +1994-05-28 20:28 millert + + * config.h.in: added LIBSHADOW undef + +1994-05-28 20:18 millert + + * configure.in: nwo set OS to be lowercase + +1994-05-28 19:36 millert + + * configure.in: now use SUDO_OSTYPE to set $OS + +1994-05-28 19:36 millert + + * aclocal.m4: now use uname to determine os + +1994-05-28 16:23 millert + + * visudo.c: added prototypes & moved sig handler around + +1994-05-28 15:13 millert + + * sudo.h: added prototyppes + +1994-05-28 15:13 millert + + * parse.c: added comment + +1994-05-28 15:12 millert + + * config.h.in: nwo use _BSD_SIGNALS not _BSD_COMPAT + +1994-05-28 15:11 millert + + * check.c, logging.c, sudo.c: added prototypes + +1994-05-28 15:11 millert + + * aixcrypt.exp: Initial revision + +1994-05-28 15:11 millert + + * Makefile.in: added aixcrypt.exp + +1994-05-28 13:21 millert + + * parse.lex, parse.yacc: moved config.h to top of includes + +1994-05-25 15:48 millert + + * find_path.c: now don't bitch if get EACCESS (treat like EPERM) + +1994-05-24 23:08 millert + + * visudo.c: added -v flag and usage() + +1994-05-24 23:08 millert + + * version.h: fixed a typo + +1994-05-24 23:08 millert + + * sudo.c: cast Argv to a const for exec added -v flag + +1994-05-24 23:07 millert + + * logging.c: mail_argv is now a const + +1994-05-24 23:07 millert + + * configure.in: only set RETSIGTYPE if it is not set already + +1994-05-24 23:07 millert + + * aclocal.m4: now defines & STDC_HEADERS for Irix + +1994-05-24 23:07 millert + + * Makefile.in: added version.h + +1994-05-24 21:25 millert + + * insults.h, sudo.h: prevent multiple inclusion + +1994-05-24 21:20 millert + + * version.h: Initial revision + +1994-05-24 21:09 millert + + * parse.lex, parse.yacc: now includes config.h + +1994-05-24 20:54 millert + + * aclocal.m4: now talks about sunos 4.x + +1994-05-24 20:23 millert + + * visudo.c: calls to Exit now pass an arg + +1994-05-24 18:00 millert + + * visudo.c: signal handler now takes an int argument + +1994-05-24 18:00 millert + + * CHANGES: updated + +1994-05-24 17:44 millert + + * sudo.c: ok, the getcwd() is now *really* done as the user + +1994-05-24 17:44 millert + + * configure.in: changed AIX STATIC_FLAGS + +1994-05-24 16:27 millert + + * aclocal.m4: solaris now defines SVR4 + +1994-05-24 16:18 millert + + * sudo.h: added cwd and fixed stupid core dump that makes no sense. + sigh. + +1994-05-24 16:18 millert + + * sudo.c: moved getcwd stuff into load_globals + +1994-05-24 16:18 millert + + * parse.c: took out externs that are in suod.h + +1994-05-24 16:18 millert + + * logging.c: moved cwd into load_globals + +1994-05-24 16:17 millert + + * find_path.c: moved cwd stuff + +1994-05-24 15:55 millert + + * Makefile.in: fixed make distclean & realclean + +1994-05-24 12:51 millert + + * TODO: updated ., + +1994-05-24 12:51 millert + + * CHANGES: added solaris changes + +1994-05-24 12:51 millert + + * aclocal.m4: added solaris changes, need to rework + +1994-05-24 12:50 millert + + * configure.in: cleaned up for solaris + +1994-05-24 12:13 millert + + * logging.c: reinstall reapchild signal handler for non-bsd signals + +1994-05-24 12:03 millert + + * sudo.h: took out getdtablesize() emulation for HP-UX (no longer + needed) + +1994-05-24 12:03 millert + + * sudo.c: support for HAVE_SYSCONF + +1994-05-24 12:02 millert + + * visudo.c: added <fcntl.h> for solaris & reorg'd the includes + + minor prettying up / + +1994-05-23 20:26 millert + + * config.h.in: added HAVE_SYSCONF + +1994-05-16 18:57 millert + + * configure.in: now tells you what os you are running /. + +1994-05-16 18:56 millert + + * aclocal.m4: took out extra ',' + +1994-05-14 17:56 millert + + * config.h.in: added _BSD_COMPAT + +1994-05-14 17:56 millert + + * aclocal.m4: fixed for irix5 + +1994-05-14 17:55 millert + + * CHANGES: updated + +1994-05-14 17:27 millert + + * sudo.c: uid seinitialized to -2 + +1994-04-28 12:36 millert + + * sudo.c: now removes LIBPATH for AIX + +1994-03-12 20:41 millert + + * configure.in: now uses ufc if it finds it + +1994-03-12 17:42 millert + + * sudo.h: no longer define yyval & yylval since yacc does it + +1994-03-12 17:42 millert + + * parse.lex: now defines yylval as extenr + +1994-03-12 17:41 millert + + * configure.in: BROKEN_GETPASS is now an OPTION + +1994-03-12 17:41 millert + + * config.h.in: took out BROKEN_GETPASS + +1994-03-12 17:20 millert + + * Makefile.in: took out big comment + +1994-03-12 16:24 millert + + * README: updated + +1994-03-12 16:20 millert + + * Makefile.in: took out README.beta + +1994-03-12 16:19 millert + + * SUPPORTED: Initial revision + +1994-03-12 16:19 millert + + * INSTALL: now reference SUPPORTED ., + +1994-03-12 16:17 millert + + * config.h.in: now check for convex OR __convex__ + +1994-03-12 16:16 millert + + * aclocal.m4: now check for convex or __convex__ + +1994-03-12 16:15 millert + + * Makefile.in: added dist target + +1994-03-12 15:19 millert + + * aclocal.m4: use __convex__ + +1994-03-12 14:33 millert + + * find_path.c: now use _S_* stat stuff to be ansi-like + +1994-03-12 14:11 millert + + * INSTALL: updated for configure directions + +1994-03-12 14:05 millert + + * Makefile.in: distclean now removes config.h and pathnames.h + +1994-03-12 14:03 millert + + * CHANGES: updated + +1994-03-12 14:00 millert + + * TODO: fixed typoe + +1994-03-12 13:57 millert + + * Makefile.in, visudo.c: updated version + +1994-03-12 13:57 millert + + * config.h.in, pathnames.h.in: added copyright header + +1994-03-12 13:55 millert + + * check.c, find_path.c, insults.h, logging.c, parse.c, parse.lex, + parse.yacc, sudo.c, sudo.h: udpated version + +1994-03-12 13:39 millert + + * visudo.c: udpated to use configure + pathnames.h + +1994-03-12 13:37 millert + + * Makefile.in, config.h.in, configure.in, aclocal.m4: updated + +1994-03-12 13:37 millert + + * sudo.h: now works with configure + +1994-03-12 13:36 millert + + * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c: + updated to work with configure + pathnames.h + +1994-03-12 10:40 millert + + * Makefile.in: added LEXLIB + +1994-03-10 03:18 millert + + * COPYING: updated gnu general licence to versio 2 + +1994-03-10 02:44 millert + + * pathnames.h.in, config.h.in: Initial revision + +1994-03-10 01:43 millert + + * sudo.h: changed to work with configure + +1994-03-09 18:51 millert + + * Makefile.in, aclocal.m4, configure.in: Initial revision + +1994-03-09 17:36 millert + + * visudo.c: now uses defines used by configure + +1994-03-01 16:31 millert + + * find_path.c: sudo won't bitch about EPERM now, for real + +1994-02-28 00:36 millert + + * logging.c: renamed exec_argv to eliminate a libc name clash with + ksros + +1994-02-28 00:28 millert + + * CHANGES: corrected + +1994-02-28 00:27 millert + + * logging.c, sudo.c, sudo.h: execve -> execv + +1994-02-27 23:27 millert + + * TODO: upated + +1994-02-27 23:19 millert + + * PORTING: added 2 mroe items + +1994-02-27 23:12 millert + + * CHANGES: updated + +1994-02-27 23:11 millert + + * sudo.h: added UMASK and mode_t declaration + +1994-02-27 23:11 millert + + * sudo.c: added UMASK + +1994-02-27 20:55 millert + + * logging.c: now opens log file with mode 077 + +1994-02-27 20:55 millert + + * check.c: saved current umask ans restores it + +1994-02-27 20:36 millert + + * sudo.h: added MAXLOGFILELEN + +1994-02-27 20:35 millert + + * logging.c: split long log lines. FOr syslog, split into multiple + entries, for a log file, indent the extra for readability + +1994-02-27 17:22 millert + + * CHANGES: added changes + +1994-02-27 17:18 millert + + * sudo.h: MAXLOGLEN & MAXSYSLOGLEN are now different (as they + should be) + +1994-02-25 16:04 millert + + * TODO: added input from Brett M Hogden <hogden@rge.com> + +1994-02-16 13:35 millert + + * sudo.c: added rmenv() to remove stuff from environ. can now uses + execvp() OR execve() becuase of this. + +1994-02-16 13:35 millert + + * logging.c: now uses execvp() OR execve() + +1994-02-16 13:31 millert + + * sudo.h: added USE_EXECVE + +1994-02-16 13:27 millert + + * sudo.h: added environ + +1994-02-16 12:53 millert + + * find_path.c: now ignore EPERM + +1994-02-15 23:52 millert + + * sudo.h: moved some func decls out of sudo.h and into sudo.c as + statics /. + +1994-02-15 23:52 millert + + * CHANGES: updated + +1994-02-15 23:40 millert + + * sudo.h: took out Envp + +1994-02-14 12:28 millert + + * BUGS: Initial revision + +1994-02-10 14:29 millert + + * sudo.c, sudo.h, CHANGES: added SECURE_PATH + +1994-02-10 14:05 millert + + * sudo.h: added SECURE_PATH + +1994-02-10 13:50 millert + + * INSTALL: added sample.sudoers note + +1994-02-10 13:47 millert + + * sudoers: Initial revision + +1994-02-09 14:54 millert + + * find_path.c: fixed typo + +1994-02-08 23:06 millert + + * PORTING: took out SAVED_UID garbage + +1994-02-08 22:55 millert + + * INSTALL: mentioned HAL + +1994-02-08 22:50 millert + + * sudo.h: added HAL line + +1994-02-08 22:48 millert + + * insults.h: added HAL insults + +1994-02-08 22:48 millert + + * TODO: updated + +1994-02-08 22:02 millert + + * logging.c: more verbose error if mailer not found + +1994-02-08 22:02 millert + + * check.c: now do getpwent as root for soem shadow password systems + (bsdi) + +1994-02-08 13:22 millert + + * sudo.h: took out SAVED_UID garbade + +1994-02-08 13:21 millert + + * sudo.c: took out SAVED_UID garbage since it don't work + +1994-02-06 17:43 millert + + * README: updated + +1994-02-06 17:40 millert + + * insults.h: added a missing space :-) + +1994-02-05 19:48 millert + + * sudo.c, sudo.h: took out multimax cruft + +1994-02-05 19:30 millert + + * INSTALL: minor update + +1994-02-05 19:30 millert + + * PORTING: finished + +1994-02-05 19:19 millert + + * sudo.c: fixed a typo + indentation + +1994-02-05 18:43 millert + + * sudo.h: took outumoved some defines to the config file ,. ,. + +1994-02-05 15:17 millert + + * PORTING: Initial revision + +1994-02-05 15:17 millert + + * TODO: did #6 + +1994-02-05 15:16 millert + + * sudo.h: added HAS_SAVED_UID + +1994-02-05 15:16 millert + + * sudo.c: put back AIX cruft + +1994-02-03 00:44 millert + + * sudo.c: aix changes + +1994-02-02 01:31 millert + + * CHANGES: updated + +1994-02-02 01:30 millert + + * check.c, logging.c, parse.c, sudo.c, sudo.h: now is only root + when abs necesary + +1994-02-01 22:21 millert + + * check.c: added missing %s\n + +1994-01-31 02:06 millert + + * install-sh: Initial revision + +1994-01-31 01:58 millert + + * CHANGES, TODO: updated + +1994-01-31 01:56 millert + + * sudo.c: now removed _RLD_* for alphas + +1994-01-31 01:50 millert + + * INSTALL: updated for new config scheme + +1994-01-30 19:42 millert + + * find_path.c: more verbose eror messages + +1994-01-27 14:08 millert + + * TODO: now have solaris + +1994-01-27 14:07 millert + + * sudo.h: define __svr4__ for SOLARIS + +1994-01-27 14:07 millert + + * check.c: added svr4 junk for shadow pws for solaris 2.x + +1994-01-27 13:19 millert + + * check.c, sudo.c: took out setuid(0) and setreuid(udi) garbage. + Its not needed since we start out setuid with the correct perms. + +1994-01-26 19:51 millert + + * check.c, sudo.c, sudo.h: now use setreuid() + +1994-01-26 18:58 millert + + * sudo.man: revised AUTHORS secrtion & added ENV_EDITOR stuff to + VARIABLES sectoin + +1994-01-26 18:52 millert + + * visudo.c: now uses ENV_EDITOR if you want to use the EDITOR envar + +1994-01-26 18:52 millert + + * sudo.h: now uses ENV_EDITOR if you want to use the EDITOR envar + >> . + +1993-12-07 01:33 millert + + * README: minor update + spell fix + +1993-12-07 01:33 millert + + * INSTALL: rewrote most of this + +1993-12-07 01:13 millert + + * sudo.h: added all options that are in the Makefile + +1993-12-07 00:23 millert + + * getpass.c: now use USE_TERMIO #define for sgi & hpux + +1993-12-06 23:19 millert + + * TODO: todo: posix sigs + +1993-12-06 01:12 millert + + * check.c, find_path.c: always include strings.h + +1993-12-05 20:34 millert + + * visudo.c: added STATICEDITOR + +1993-12-05 20:30 millert + + * sudo.h: sgi has vi in /usr/bin too + +1993-12-05 20:23 millert + + * sudo.man: added VISUAL + +1993-12-02 22:20 millert + + * sudo.h: sue /usr/bin/vi on some systems + +1993-12-02 22:19 millert + + * sudo.c: fixed warning (include strings.h) + +1993-12-02 22:06 millert + + * sudo.man: added John_Rouillard@dl5000.bc.edu's changes (new + features) + +1993-12-02 21:38 millert + + * CHANGES: changes from John_Rouillard@dl5000.bc.edu + +1993-12-02 21:35 millert + + * visudo.c: added EDITOR envar + +1993-12-02 21:34 millert + + * check.c, find_path.c, parse.c, sudo.c: added patches from + John_Rouillard directory spec uses EDITOR + +1993-12-01 19:32 millert + + * getpass.c: added flush for hpux + +1993-11-30 13:37 millert + + * sudo.c: no longer assume malloc returns a char * + +1993-11-29 20:35 millert + + * sudo.c: alpha change to remove LD_-like thing fixed SHLIB_PATH + stuff -- now gets removed correctly + +1993-11-29 19:31 millert + + * sudo.h: added STD_HEADERS macro + +1993-11-29 19:14 millert + + * sudo.c: now uses STD_HEADERS macor for ansi + +1993-11-29 19:14 millert + + * find_path.c: now uses STD_HEADERS macro + +1993-11-29 19:13 millert + + * check.c: niceties for C compiler bitches -- no real change + +1993-11-29 13:04 millert + + * visudo.c: now doesn't fclose a file never opened. + +1993-11-28 16:35 millert + + * sudo.man: added visudo line + +1993-11-28 16:31 millert + + * sudo.man: added error stuff added me in there... + +1993-11-28 03:12 millert + + * CHANGES: noted insults + +1993-11-28 03:01 millert + + * INSTALL: added blurb about reading stuff + +1993-11-28 03:00 millert + + * sudo.h: added insults + +1993-11-28 03:00 millert + + * insults.h: corrected somments and removed newlines + +1993-11-28 03:00 millert + + * check.c: now uses insults + +1993-11-28 02:45 millert + + * insults.h: Initial revision + +1993-11-27 19:46 millert + + * INSTALL: added dec syslog note + +1993-11-27 19:25 millert + + * sample.sudoers: added real stuff in there + +1993-11-27 19:24 millert + + * TODO: added a todo + +1993-11-27 19:10 millert + + * TODO: added one + +1993-11-27 18:59 millert + + * sample.sudoers: Initial revision + +1993-11-27 18:59 millert + + * sudo.man: updated with changes + +1993-11-27 18:52 millert + + * sudo.man: Initial revision + +1993-11-27 18:48 millert + + * CHANGES, COPYING, INSTALL, README, TODO, indent.pro: Initial + revision + +1993-11-27 18:46 millert + + * visudo.c: updated version number and took out jeff's old addr + since it is no good + +1993-11-27 18:42 millert + + * sudo.h, check.c, find_path.c, logging.c, parse.c, parse.lex, + parse.yacc, sudo.c: updated version number and took out jeff's + email (since it is invalid) + +1993-10-28 09:36 millert + + * check.c: added fflush() + +1993-10-22 20:46 millert + + * find_path.c: now return NULL instead pfof exiting for + nopnn-fatal errors + +1993-10-21 16:57 millert + + * check.c: new banner + +1993-10-21 16:42 millert + + * parse.lex: now sudo.h gets included first + +1993-10-17 20:31 millert + + * parse.lex: now can use flex + +1993-10-17 20:31 millert + + * sudo.h: linux patch + +1993-10-17 20:30 millert + + * sudo.c: hpux 9 fix, removes SHLIB_PATH linux patch + +1993-10-17 20:30 millert + + * check.c: linux diff + +1993-10-15 16:03 millert + + * find_path.c: stat now ignores EINVAL + +1993-10-05 21:48 millert + + * find_path.c, sudo.c: now declare strdup as extern + +1993-10-04 15:23 millert + + * visudo.c: reformatted with indent + by hand + +1993-10-04 15:10 millert + + * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c, + sudo.h: used indent to "fix" coding style + +1993-10-03 20:12 millert + + * find_path.c: now checks '.' or '.' or '' in PATH -- but does it + LAST should maybe move the code that does this into the loop + body. makes it messier tho. hmmm. + +1993-09-08 11:53 millert + + * find_path.c: redid the fix for non-executable files in an easier + to read way plus some minor aethetic changes + +1993-09-08 11:39 millert + + * find_path.c: fixed bug with non-executable tings of same name in + path introduced by checkig errno after stat(2). + +1993-09-05 10:02 millert + + * sudo.c: fixed off by one error + +1993-09-05 09:55 millert + + * find_path.c: now handles decending below '/' correctly + +1993-09-05 08:35 millert + + * sudo.c: now actually builds Envp instead of munging envp + +1993-09-04 15:42 millert + + * parse.yacc: now includes sys/param.h + +1993-09-04 15:41 millert + + * visudo.c: now includes sys/param.h + +1993-09-04 15:30 millert + + * sudo.h: fixed ifndef -> ifdef + +1993-09-04 15:19 millert + + * qualify.c: make more like find_path.c + +1993-09-04 15:18 millert + + * find_path.c: rewritten by millert + +1993-09-04 15:17 millert + + * sudo.h: fixed MAXCOMMANDLENGTH now uses USE_CWD and NEED_STRDUP + added info about new defines in the comment + +1993-09-04 15:15 millert + + * logging.c: now uses USE_CWD + +1993-09-04 14:10 millert + + * sudo.h: added delc for clean_envp() and Envp + +1993-09-04 14:09 millert + + * sudo.c: now rips LD_* env vars out of envp and passed sanitized + Envp to exec + +1993-09-04 14:09 millert + + * logging.c: now uses execve() + +1993-09-04 14:08 millert + + * find_path.c: ENOTDIR is ok now too (in case part of the path is + bogus) + +1993-09-04 08:17 millert + + * qualify.c: now works correctly (ttaltotal rewrite) + +1993-09-04 07:59 millert + + * parse.lex: now includes sys/param.h didn't match trailing / -- + fix from rouilj@cs.umb.edu + +1993-06-11 18:04 millert + + * sudo.c: moved around the #ifndef _AIX + +1993-06-11 18:03 millert + + * check.c, logging.c, parse.c: Initial revision + +1993-03-20 07:57 millert + + * qualify.c: Initial revision + +1993-03-13 15:09 millert + + * find_path.c: now works if you do sudo bin/test + +1993-03-13 14:20 millert + + * find_path.c: works + +1993-03-02 18:28 millert + + * sudo.h: Initial revision + +1993-03-02 11:35 millert + + * visudo.c: Initial revision + +1993-03-02 11:32 millert + + * parse.lex, parse.yacc: Initial revision + +1993-02-16 13:24 millert + + * sudo.c: took out errno.h + +1993-02-16 13:22 millert + + * sudo.c: now spews error if exec fails and exits with -1 + +1993-02-16 12:07 millert + + * sudo.c: Initial revision + +1993-02-15 22:27 millert + + * find_path.c: now only execs files with (an) executable bit set. + +1993-02-15 22:01 millert + + * find_path.c: Initial revision + +1993-02-15 14:32 millert + + * getpass.c: added nice comment + +1993-02-15 14:19 millert + + * getpass.c: now works on sgi's + +1993-02-15 13:57 millert + + * getpass.c: Initial revision + diff --git a/usr.bin/sudo/HISTORY b/usr.bin/sudo/HISTORY index 17d0b79416a..f9a12b2c38a 100644 --- a/usr.bin/sudo/HISTORY +++ b/usr.bin/sudo/HISTORY @@ -1,47 +1,49 @@ -A Brief history of sudo(8): - -Sudo was first conceived and implemented by Bob Coggeshall and Cliff -Spencer around 1980 at the Department of Computer Science at -SUNY/Buffalo. It ran on a VAX-11/750 running 4.1BSD. An updated -version, credited to Phil Betchel, Cliff Spencer, Gretchen Phillips, -John LoVerso and Don Gworek, was posted to the net.sources newsgroup -in December of 1985. - -In the Summer of 1986, Garth Snyder released an enhanced version -of sudo. For the next 5 years, sudo was fed and watered by a handful -of folks at CU-Boulder, including Bob Coggeshall, Bob Manchek, and -Trent Hein. - -In 1991, Dave Hieb and Jeff Nieusma wrote a new version of sudo -with an enhanced sudoers format under contract to a consulting firm -called "The Root Group". This version was later released under the -GNU public license. - -In 1994, after maintaining sudo informally within CU-Boulder for -some time, Todd Miller made a public release of "CU sudo" (version -1.3) with bug fixes and support for more operating systems. The -"CU" was added to differentiate it from the "official" version from -"The Root Group". - -In 1996, Todd, who had been maintaining sudo for several years in -his spare time, brought sudo development under the umbrella of his -consulting firm, Courtesan Consulting. Courtesan remains committed -to a free sudo and is sponsoring another sudo rewrite as well as -continued development of the sudo 1.x code base. - -In 1999, the "CU" prefix was dropped from the name since there has -been no formal release of sudo from "The Root Group" since 1991 -(the original authors now work elsewhere). As of version 1.6, Sudo -no longer contains any of the original "Root Group" code and is -available under an ISC-style license. - -In 2004, Todd incorporated as GratiSoft, Inc. to provide commercial -support and enhancements to the sudo community. - -In 2005, GratiSoft was put on hold. +A brief history of sudo: + +Sudo was first conceived and implemented by Bob Coggeshall and Cliff Spencer +around 1980 at the Department of Computer Science at SUNY/Buffalo. It ran on +a VAX-11/750 running 4.1BSD. An updated version, credited to Phil Betchel, +Cliff Spencer, Gretchen Phillips, John LoVerso and Don Gworek, was posted to +the net.sources Usenet newsgroup in December of 1985. + +In the Summer of 1986, Garth Snyder released an enhanced version of sudo. +For the next 5 years, sudo was fed and watered by a handful of folks at +CU-Boulder, including Bob Coggeshall, Bob Manchek, and Trent Hein. + +In 1991, Dave Hieb and Jeff Nieusma wrote a new version of sudo with an +enhanced sudoers format under contract to a consulting firm called "The Root +Group". This version was later released under the GNU public license. + +In 1994, after maintaining sudo informally within CU-Boulder for some time, +Todd Miller made a public release of "CU sudo" (version 1.3) with bug fixes +and support for more operating systems. The "CU" was added to differentiate +it from the "official" version from "The Root Group". + +In 1995, a new parser for the sudoers file was contributed by Chris Jepeway. +The new parser was a proper grammar (unlike the old one) and could work with +both sudo and visudo (previously they had slightly different parsers). + +In 1996, Todd, who had been maintaining sudo for several years in his spare +time, moved distribution of sudo from a CU-Boulder ftp site to his domain, +courtesan.com. + +In 1999, the "CU" prefix was dropped from the name since there has been no +formal release of sudo from "The Root Group" since 1991 (the original +authors now work elsewhere). As of version 1.6, Sudo no longer contains any +of the original "Root Group" code and is available under an ISC-style +license. + +In 2001, the sudo web site, ftp site and mailing lists were moved from +courtesan.com to the sudo.ws domain (sudo.org was already taken). + +In 2005, Todd rewrote the sudoers parser to better support the features that +had been added in the past ten years. This new parser removes some +limitations of the previous one, removes ordering constraints and adds +support for including multiple sudoers files. sudo, in its current form, is maintained by: - Todd Miller <Todd.Miller@courtesan.com> + Todd Miller <Todd.Miller@courtesan.com> Todd continues to enhance sudo and fix bugs. + diff --git a/usr.bin/sudo/INSTALL b/usr.bin/sudo/INSTALL index 1692887912e..2ffb8f214b1 100644 --- a/usr.bin/sudo/INSTALL +++ b/usr.bin/sudo/INSTALL @@ -1,5 +1,5 @@ -Installation instructions for Sudo 1.6.9 -======================================== +Installation instructions for Sudo 1.7 +====================================== Sudo uses a `configure' script to probe the capabilities and type of the system in question. In this release, `configure' takes many @@ -189,6 +189,12 @@ Special features/options: this file instead of /etc/ldap.secret to read the secret password when rootbinddn is specified in the ldap config file. + --with-nsswitch[=filename] + Path to nsswitch.conf or "no" to disable nsswitch support. + If specified, sudo uses this file instead of /etc/nsswitch.conf. + If nsswitch is disabled but LDAP is enabled, sudo will check + LDAP first, then the sudoers file. + --with-aixauth Enable support for the AIX 4.x general authentication function. This will use the authentication scheme specified for the user @@ -200,7 +206,7 @@ Special features/options: Linux, Solaris and HP-UX (version 11 and higher). NOTE: on RedHat Linux and Fedora you *must* have an /etc/pam.d/sudo - file installed. You may either use the sample.pam file included with + file install. You may either use the sample.pam file included with sudo or use /etc/pam.d/su as a reference. The sample.pam file included with sudo may or may not work with other Linux distributions. On Solaris and HP-UX 11 systems you should check (and understand) @@ -228,10 +234,6 @@ Special features/options: unless the 'use_loginclass' option is defined in sudoers or the user specifies a class on the command line. - --with-project - Enable support for Solaris project resource limits. - This option is only available on Solaris 9 and above. - --with-bsdauth Enable support for BSD authentication. This is the default for BSD/OS and OpenBSD systems that support it. @@ -241,6 +243,10 @@ Special features/options: is supported. If you don't have /usr/include/bsd_auth.h then you cannot use this. + --with-project + Enable support for Solaris project resource limits. + This option is only available on Solaris 9 and above. + --with-noexec[=PATH] Enable support for the "noexec" functionality which prevents a dynamically-linked program being run by sudo from executing @@ -522,6 +528,13 @@ The following options are also configurable at runtime: option. visudo will then only use the VISUAL or EDITOR variables if they match a value specified via --with-editor. + --with-askpass=PATH + Set PATH as the "askpass" program to use when no tty is + available. Typically, this is a graphical password prompter, + similar to the one used by ssh. The program must take a + prompt as an argument and print the received password to + the standard output. + --disable-authentication By default, sudo requires the user to authenticate via a password or similar means. This options causes sudo to @@ -533,6 +546,13 @@ The following options are also configurable at runtime: "chaining" sudo commands to get a root shell by doing something like "sudo sudo /bin/sh". + --enable-gss-krb5-ccache-name + Use the gss_krb5_ccache_name() function to set the Kerberos + V credential cache file name. By default, sudo will use + the KRB5CCNAME environment variable to set this. While + gss_krb5_ccache_name() provides a better API to do this it + is not supported by all Kerberos V and SASL combinations. + --enable-log-host Log the hostname in the log file. @@ -702,6 +722,11 @@ HP-UX: noexec to work. Binary packages of gcc are available from http://hpux.connect.org.uk/ and http://hpux.cs.utah.edu/. + To prevent PAM from overriding the value of umask on HP-UX 11, + you will need to add a line like the following to /etc/pam.conf: + + sudo session required libpam_hpsec.so.1 bypass_umask + SunOS 4.x: The /bin/sh shipped with SunOS blows up while running configure. You can work around this by installalling bash or zsh. If you diff --git a/usr.bin/sudo/LICENSE b/usr.bin/sudo/LICENSE index 69266beec3e..786b7a096ee 100644 --- a/usr.bin/sudo/LICENSE +++ b/usr.bin/sudo/LICENSE @@ -1,6 +1,7 @@ Sudo is distributed under the following ISC-style license: - Copyright (c) 1994-1996,1998-2005 Todd C. Miller <Todd.Miller@courtesan.com> + Copyright (c) 1994-1996, 1998-2008 + Todd C. Miller <Todd.Miller@courtesan.com> Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above @@ -18,11 +19,11 @@ Sudo is distributed under the following ISC-style license: Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F39502-99-1-0512. -Additionally, fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h, mkstemp.c -and snprintf.c bear the following UCB license: +Additionally, fnmatch.c, fnmatch.h, getcwd.c, glob.c, glob.h and snprintf.c +bear the following UCB license: Copyright (c) 1987, 1989, 1990, 1991, 1992, 1993, 1994 - The Regents of the University of California. All rights reserved. + The Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions diff --git a/usr.bin/sudo/Makefile.in b/usr.bin/sudo/Makefile.in index 1650803fe2a..264f4e0d5c6 100644 --- a/usr.bin/sudo/Makefile.in +++ b/usr.bin/sudo/Makefile.in @@ -1,5 +1,6 @@ # -# Copyright (c) 1996, 1998-2007 Todd C. Miller <Todd.Miller@courtesan.com> +# Copyright (c) 1996, 1998-2005, 2007-2008 +# Todd C. Miller <Todd.Miller@courtesan.com> # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -20,21 +21,21 @@ # # @configure_input@ # -# $Sudo: Makefile.in,v 1.246.2.32 2008/06/22 20:29:03 millert Exp $ +# $Sudo: Makefile.in,v 1.325 2008/11/03 18:19:14 millert Exp $ # #### Start of system configuration section. #### srcdir = @srcdir@ +devdir = @devdir@ authdir = $(srcdir)/auth top_builddir = . -VPATH = @srcdir@ # Compiler & tools to use CC = @CC@ LEX = flex YACC = @YACC@ -NROFF = nroff +NROFF = nroff -Tascii LIBTOOL = @LIBTOOL@ # Our install program supports extra flags... @@ -61,11 +62,11 @@ exec_prefix = @exec_prefix@ bindir = @bindir@ sbindir = @sbindir@ sysconfdir = @sysconfdir@ +libexecdir = @libexecdir@ +datarootdir = @datarootdir@ mandir = @mandir@ noexecfile = @NOEXECFILE@ noexecdir = @NOEXECDIR@ -libexecdir = @libexecdir@ -datarootdir = @datarootdir@ # Directory in which to install sudo. sudodir = $(bindir) @@ -93,7 +94,7 @@ sudoers_gid = @SUDOERS_GID@ sudoers_mode = @SUDOERS_MODE@ # Pass in paths and uid/gid + OS dependent defined -DEFS = @OSDEFS@ -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -D_PATH_SUDOERS_TMP=\"$(sudoersdir)/sudoers.tmp\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode) +DEFS = @OSDEFS@ -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode) #### End of system configuration section. #### @@ -101,60 +102,68 @@ SHELL = /bin/sh PROGS = @PROGS@ -SRCS = alloc.c alloca.c check.c closefrom.c def_data.c defaults.c env.c err.c \ - fileops.c find_path.c fnmatch.c getcwd.c getprogname.c getspwuid.c \ - gettime.c glob.c goodpath.c interfaces.c ldap.c lex.yy.c lsearch.c \ - logging.c memrchr.c mkstemp.c parse.c parse.lex parse.yacc set_perms.c \ - sigaction.c snprintf.c strcasecmp.c strerror.c strlcat.c strlcpy.c \ - sudo.c sudo_noexec.c sudo.tab.c sudo_edit.c testsudoers.c tgetpass.c \ - utimes.c visudo.c zero_bytes.c selinux.c sesh.c $(AUTH_SRCS) +SRCS = aix.c alias.c alloc.c check.c closefrom.c def_data.c defaults.c env.c \ + error.c fileops.c find_path.c fnmatch.c getcwd.c getprogname.c \ + getspwuid.c gettime.c glob.c goodpath.c gram.c gram.y interfaces.c \ + isblank.c lbuf.c ldap.c list.c logging.c match.c mkstemp.c memrchr.c \ + parse.c pwutil.c set_perms.c sigaction.c snprintf.c strcasecmp.c \ + strerror.c strlcat.c strlcpy.c sudo.c sudo_noexec.c sudo_edit.c \ + sudo_nss.c testsudoers.c tgetpass.c toke.c toke.l tsgetgrpw.c utimes.c \ + visudo.c zero_bytes.c redblack.c selinux.c sesh.c $(AUTH_SRCS) AUTH_SRCS = auth/afs.c auth/aix_auth.c auth/bsdauth.c auth/dce.c auth/fwtk.c \ auth/kerb4.c auth/kerb5.c auth/pam.c auth/passwd.c auth/rfc1938.c \ auth/secureware.c auth/securid.c auth/securid5.c auth/sia.c \ auth/sudo_auth.c -HDRS = compat.h def_data.h defaults.h ins_2001.h ins_classic.h ins_csops.h \ - ins_goons.h insults.h interfaces.h logging.h parse.h sudo.h sudo.tab.h \ - version.h auth/sudo_auth.h emul/err.h emul/fnmatch.h emul/search.h \ - emul/utime.h emul/glob.h emul/timespec.h +HDRS = compat.h def_data.h defaults.h error.h ins_2001.h ins_classic.h \ + ins_csops.h ins_goons.h insults.h interfaces.h lbuf.h list.h \ + logging.h parse.h sudo.h sudo_nss.h gram.h version.h auth/sudo_auth.h \ + emul/charclass.h emul/fnmatch.h emul/glob.h emul/timespec.h \ + emul/utime.h redblack.h AUTH_OBJS = sudo_auth.o @AUTH_OBJS@ -PARSEOBJS = sudo.tab.o lex.yy.o alloc.o defaults.o +# Note: gram.o must come first here +COMMON_OBJS = gram.o alias.o alloc.o defaults.o error.o list.o match.o \ + toke.o redblack.o zero_bytes.o -SUDOBJS = check.o env.o getspwuid.o gettime.o goodpath.o fileops.o find_path.o \ - interfaces.o logging.o parse.o set_perms.o sudo.o sudo_edit.o \ - tgetpass.o zero_bytes.o @SUDO_OBJS@ $(AUTH_OBJS) $(PARSEOBJS) +SUDO_OBJS = $(COMMON_OBJS) $(AUTH_OBJS) @SUDO_OBJS@ check.o env.o \ + getspwuid.o gettime.o goodpath.o fileops.o find_path.o \ + interfaces.o lbuf.o logging.o parse.o pwutil.o set_perms.o \ + sudo.o sudo_edit.o sudo_nss.o tgetpass.o -VISUDOBJS = visudo.o fileops.o gettime.o goodpath.o find_path.o $(PARSEOBJS) +VISUDO_OBJS = $(COMMON_OBJS) visudo.o fileops.o gettime.o goodpath.o \ + find_path.o pwutil.o -TESTOBJS = interfaces.o testsudoers.o $(PARSEOBJS) +TEST_OBJS = $(COMMON_OBJS) interfaces.o testsudoers.o tsgetgrpw.o tspwutil.o -LIBOBJS = @LIBOBJS@ @ALLOCA@ +LIB_OBJS = @LIBOBJS@ -VERSION = 1.6.9p17 +VERSION = 1.7.0 -DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \ - LICENSE Makefile.in PORTING README README.LDAP \ - TROUBLESHOOTING UPGRADE aclocal.m4 acsite.m4 aixcrypt.exp \ - config.guess config.h.in config.sub configure configure.in \ - def_data.in fnmatch.3 indent.pro install-sh ltmain.sh \ - mkdefaults mkinstalldirs pathnames.h.in sample.pam \ - sample.syslog.conf sample.sudoers schema.OpenLDAP \ - schema.iPlanet sudo.cat sudo.man.in sudo.pod sudoers \ - sudoers.cat sudoers.man.in sudoers.pod sudoers2ldif \ - visudo.cat visudo.man.in visudo.pod auth/API +DISTFILES = $(SRCS) $(HDRS) ChangeLog HISTORY INSTALL INSTALL.configure \ + LICENSE Makefile.in PORTING README README.LDAP TROUBLESHOOTING \ + UPGRADE WHATSNEW aclocal.m4 acsite.m4 aixcrypt.exp config.guess \ + config.h.in config.sub configure configure.in def_data.in \ + indent.pro install-sh ltmain.sh mkdefaults mkinstalldirs \ + pathnames.h.in sample.pam sample.syslog.conf sample.sudoers \ + schema.ActiveDirectory schema.OpenLDAP schema.iPlanet sudo.cat \ + sudo.man.in sudo.pod sudo.psf sudo_usage.h.in sudoers sudoers.cat \ + sudoers.man.in sudoers.pod sudoers.ldap.cat sudoers.ldap.man.in \ + sudoers.ldap.pod sudoers2ldif visudo.cat visudo.man.in visudo.pod \ + auth/API -BINFILES= BUGS CHANGES HISTORY LICENSE README TROUBLESHOOTING \ +BINFILES= ChangeLog HISTORY LICENSE README TROUBLESHOOTING \ UPGRADE install-sh mkinstalldirs sample.syslog.conf sample.sudoers \ sudo sudo.cat sudo.man sudo.pod sudoers sudoers.cat sudoers.man \ sudoers.pod visudo visudo.cat visudo.man visudo.pod -BINSPECIAL= INSTALL.binary Makefile.binary libtool +BINSPECIAL= INSTALL.binary Makefile.binary.in libtool SUDODEP = $(srcdir)/sudo.h $(srcdir)/compat.h $(srcdir)/defaults.h \ - $(srcdir)/logging.h config.h def_data.h pathnames.h + $(srcdir)/error.h $(srcdir)/list.h $(srcdir)/logging.h \ + $(srcdir)/sudo_nss.h $(devdir)/def_data.h pathnames.h config.h AUTHDEP = $(SUDODEP) $(authdir)/sudo_auth.h @@ -163,7 +172,7 @@ INSDEP = $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \ all: $(PROGS) -.SUFFIXES: .o .c .h .lex .yacc .man .cat .lo +.SUFFIXES: .o .c .h .l .y .man .cat .lo .c.o: $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $< @@ -173,16 +182,16 @@ all: $(PROGS) .man.cat: @rm -f $(srcdir)/$@ - $(NROFF) -man $< > $(srcdir)/$@ + sed '1s/^/.if n .ll 78n/' $< | $(NROFF) -man > $(srcdir)/$@ -sudo: $(SUDOBJS) $(LIBOBJS) - $(CC) -o $@ $(SUDOBJS) $(LIBOBJS) $(SUDO_LDFLAGS) $(SUDO_LIBS) +sudo: $(SUDO_OBJS) $(LIB_OBJS) + $(CC) -o $@ $(SUDO_OBJS) $(LIB_OBJS) $(SUDO_LDFLAGS) $(SUDO_LIBS) -visudo: $(VISUDOBJS) $(LIBOBJS) - $(CC) -o $@ $(VISUDOBJS) $(LIBOBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS) +visudo: $(VISUDO_OBJS) $(LIB_OBJS) + $(CC) -o $@ $(VISUDO_OBJS) $(LIB_OBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS) -testsudoers: $(TESTOBJS) $(LIBOBJS) - $(CC) -o $@ $(TESTOBJS) $(LIBOBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS) +testsudoers: $(TEST_OBJS) $(LIB_OBJS) + $(CC) -o $@ $(TEST_OBJS) $(LIB_OBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS) sudo_noexec.lo: $(srcdir)/sudo_noexec.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c @@ -191,61 +200,129 @@ sudo_noexec.la: sudo_noexec.lo $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) # Uncomment the following if you want "make distclean" to clean the parser -@DEV@PARSESRCS = sudo.tab.h sudo.tab.c lex.yy.c def_data.c def_data.h +@DEV@GENERATED = gram.h gram.c toke.c def_data.c def_data.h -# Uncomment the following if you intend to modify parse.yacc -@DEV@sudo.tab.c sudo.tab.h: parse.yacc -@DEV@ rm -f sudo.tab.h sudo.tab.c -@DEV@ $(YACC) -d -b sudo $(srcdir)/parse.yacc +# Uncomment the lines before -@true if you intend to modify gram.y +$(devdir)/gram.c: $(srcdir)/gram.y +@DEV@ $(YACC) -d $(srcdir)/gram.y +@DEV@ mv -f y.tab.c gram.c +@DEV@ if cmp -s y.tab.h gram.h; then rm -f y.tab.h; else mv -f y.tab.h gram.h; fi + -@true -# Uncomment the following if you intend to modify parse.lex -@DEV@lex.yy.c: parse.lex -@DEV@ rm -f lex.yy.c -@DEV@ $(LEX) $(srcdir)/parse.lex +# Uncomment the lines before -@true if you intend to modify toke.l +$(devdir)/toke.c: $(srcdir)/toke.l +@DEV@ $(LEX) $(srcdir)/toke.l +@DEV@ mv -f lex.yy.c toke.c + -@true # Uncomment the following if you intend to modify def_data.in -@DEV@def_data.h def_data.c: def_data.in +@DEV@$(devdir)/def_data.h $(devdir)/def_data.c: $(srcdir)/def_data.in @DEV@ perl $(srcdir)/mkdefaults -o def_data $(srcdir)/def_data.in # Dependencies (not counting auth functions) -alloc.o: alloc.c $(SUDODEP) -check.o: check.c $(SUDODEP) -closefrom.o: closefrom.c config.h -env.o: env.c $(SUDODEP) -err.o: err.c config.h compat.h emul/err.h -fileops.o: fileops.c $(SUDODEP) -find_path.o: find_path.c $(SUDODEP) -getprogname.o: getprogname.c config.h -getspwuid.o: getspwuid.c $(SUDODEP) -goodpath.o: goodpath.c $(SUDODEP) -logging.o: logging.c $(SUDODEP) -set_perms.o: set_perms.c $(SUDODEP) -tgetpass.o: tgetpass.c $(SUDODEP) -visudo.o: visudo.c $(SUDODEP) version.h -sudo.o: sudo.c $(SUDODEP) interfaces.h version.h -interfaces.o: interfaces.c $(SUDODEP) interfaces.h -testsudoers.o: testsudoers.c $(SUDODEP) parse.h interfaces.h -parse.o: parse.c $(SUDODEP) parse.h interfaces.h -lex.yy.o: lex.yy.c $(SUDODEP) parse.h sudo.tab.h -sudo.tab.o: sudo.tab.c $(SUDODEP) parse.h sudo.tab.c sudo.tab.h -defaults.o: defaults.c $(SUDODEP) def_data.c auth/sudo_auth.h -fnmatch.o: fnmatch.c config.h compat.h emul/fnmatch.h -getcwd.o: getcwd.c config.h compat.h -glob.o: glob.c config.h compat.h emul/glob.h -lsearch.o: lsearch.c config.h compat.h emul/search.h -memrchr.o: memrchr.c config.h compat.h -mkstemp.o: mkstemp.c config.h compat.h -selinux.o: selinux.c $(SUDODEP) -snprintf.o: snprintf.c config.h compat.h -strcasecmp.o: strcasecmp.c config.h -strlcat.o: strlcat.c config.h -strlcpy.o: strlcpy.c config.h -strerror.o: strerror.c config.h -utime.o: utime.c config.h pathnames.h compat.h emul/utime.h -ldap.o: ldap.c $(SUDODEP) parse.h -sudo_edit.o: sudo_edit.c $(SUDODEP) - -# Authentication functions live in "auth" dir and so need extra care +aix.o: $(srcdir)/aix.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/aix.c +alias.o: $(srcdir)/alias.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/redblack.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alias.c +alloc.o: $(srcdir)/alloc.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alloc.c +check.o: $(srcdir)/check.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/check.c +closefrom.o: $(srcdir)/closefrom.c config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/closefrom.c +defaults.o: $(srcdir)/defaults.c $(SUDODEP) $(srcdir)/def_data.c $(authdir)/sudo_auth.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/defaults.c +env.o: $(srcdir)/env.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/env.c +error.o: $(srcdir)/error.c $(srcdir)/compat.h $(srcdir)/error.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/error.c +fileops.o: $(srcdir)/fileops.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fileops.c +find_path.o: $(srcdir)/find_path.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/find_path.c +fnmatch.o: $(srcdir)/fnmatch.c $(srcdir)/emul/fnmatch.h $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/fnmatch.c +getcwd.o: $(srcdir)/getcwd.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getcwd.c +getprogname.o: $(srcdir)/getprogname.c config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getprogname.c +getspwuid.o: $(srcdir)/getspwuid.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/getspwuid.c +gettime.o: $(srcdir)/gettime.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/gettime.c +glob.o: $(srcdir)/glob.c $(srcdir)/emul/glob.h $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/glob.c +goodpath.o: $(srcdir)/goodpath.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/goodpath.c +gram.o: $(devdir)/gram.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/gram.c +interfaces.o: $(srcdir)/interfaces.c $(SUDODEP) $(srcdir)/interfaces.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/interfaces.c +isblank.o: $(srcdir)/isblank.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/isblank.c +lbuf.o: $(srcdir)/lbuf.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/lbuf.c +ldap.o: $(srcdir)/ldap.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/ldap.c +list.o: $(srcdir)/list.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/list.c +logging.o: $(srcdir)/logging.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/logging.c +match.o: $(srcdir)/match.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/match.c +memrchr.o: $(srcdir)/memrchr.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/memrchr.c +mkstemp.o: $(srcdir)/mkstemp.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/mkstemp.c +parse.o: $(srcdir)/parse.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse.c +pwutil.o: $(srcdir)/pwutil.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/pwutil.c +redblack.o: $(srcdir)/redblack.c $(SUDODEP) $(srcdir)/redblack.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/redblack.c +set_perms.o: $(srcdir)/set_perms.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/set_perms.c +sigaction.o: $(srcdir)/sigaction.c $(srcdir)/compat.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sigaction.c +snprintf.o: $(srcdir)/snprintf.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/snprintf.c +strcasecmp.o: $(srcdir)/strcasecmp.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strcasecmp.c +strerror.o: $(srcdir)/strerror.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strerror.c +strlcat.o: $(srcdir)/strlcat.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcat.c +strlcpy.o: $(srcdir)/strlcpy.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/strlcpy.c +selinux.o: $(srcdir)/selinux.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/selinux.c +sudo.o: $(srcdir)/sudo.c $(SUDODEP) sudo_usage.h $(srcdir)/interfaces.h $(srcdir)/version.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo.c +sudo_edit.o: $(srcdir)/sudo_edit.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_edit.c +sudo_noexec.o: $(srcdir)/sudo_noexec.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c +sudo_nss.o: $(srcdir)/sudo_nss.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_nss.c +testsudoers.o: $(srcdir)/testsudoers.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/testsudoers.c +tgetpass.o: $(srcdir)/tgetpass.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tgetpass.c +toke.o: $(devdir)/toke.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(devdir)/toke.c +tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/tsgetgrpw.c +utimes.o: $(srcdir)/utimes.c $(srcdir)/compat.h $(srcdir)/emul/utime.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/utimes.c +visudo.o: $(srcdir)/visudo.c $(SUDODEP) $(srcdir)/version.h $(devdir)/gram.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/visudo.c +zero_bytes.o: $(srcdir)/zero_bytes.c $(srcdir)/compat.h config.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/zero_bytes.c + +# Private copy of pwutil.o with MYPW defined for testsudoers +tspwutil.o: $(srcdir)/pwutil.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) -DMYPW -o tspwutil.o $(srcdir)/pwutil.c + sudo_auth.o: $(authdir)/sudo_auth.c $(AUTHDEP) $(INSDEP) $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sudo_auth.c afs.o: $(authdir)/afs.c $(AUTHDEP) @@ -304,6 +381,24 @@ sudoers.man:: sudoers.man.in sudoers.cat: sudoers.man +sudoers.ldap.man.in: $(srcdir)/sudoers.ldap.pod + @rm -f $(srcdir)/$@ + ( cd $(srcdir); mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e '/^=pod/q' -e 's/^/.\\" /p' sudoers.ldap.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectform --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudoers.ldap.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" >> $@ ) + +sudoers.ldap.man:: sudoers.ldap.man.in + CONFIG_FILES=$@ CONFIG_HEADERS= sh ./config.status + +sudoers.ldap.cat: sudoers.ldap.man + +@DEV@HISTORY: history.pod +@DEV@ pod2text -l -i0 $> > $@ +@DEV@ +@DEV@LICENSE: license.pod +@DEV@ pod2text -l -i0 $> | sed '1,2d' > $@ + +ChangeLog: + cvs2cl --follow-only trunk + install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man install-dirs: @@ -333,27 +428,23 @@ install-man: ln $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu) $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu) $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform) + @LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0444 @mansrcdir@/sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform) @MAN_POSTINSTALL@ check: @echo nothing to check -tags: $(SRCS) - ctags $(SRCS) - -TAGS: $(SRCS) - etags $(SRCS) - clean: - -rm -f *.o $(PROGS) testsudoers core sudo.core visudo.core \ + -rm -f *.o *.lo $(PROGS) testsudoers core sudo.core visudo.core \ testsudoers.core mostlyclean: clean distclean: clean -rm -rf Makefile pathnames.h config.h config.status config.cache \ - config.log libtool sudo_noexec.lo .libs $(PARSESRCS) \ - sudo.man sudoers.man visudo.man + config.log libtool sudo_noexec.lo .libs $(GENERATED) \ + sudo.man sudoers.man sudoers.ldap.man visudo.man sudo_usage.h \ + Makefile.binary clobber: distclean @@ -394,9 +485,43 @@ bindist: fi ; \ cp $(srcdir)/INSTALL.binary $$tdir/INSTALL ; \ sh ./config.status --file=Makefile.binary && cp Makefile.binary $$tdir/Makefile ; \ - strip sudo ; \ - strip visudo ; \ + strip $$tdir/sudo ; \ + strip $$tdir/visudo ; \ cd tmp.$$ARCH && tar Ocf ../sudo-$(VERSION)-$$ARCH.tar sudo-$(VERSION) && cd .. ; \ - gzip --best sudo-$(VERSION)-$$ARCH.tar ; \ + gzip -f --best sudo-$(VERSION)-$$ARCH.tar ; \ rm -rf tmp.$$ARCH ; \ ) + +depot: + ( \ + tdir=tmp.depot ; \ + mkdir $$tdir ; \ + for i in sudo visudo sudo.man visudo.man sudoers.man sudoers ChangeLog HISTORY LICENSE README TROUBLESHOOTING UPGRADE sample.syslog.conf sample.sudoers; do \ + if [ -f $$i ]; then \ + cp $$i $$tdir ; \ + elif [ -f $(srcdir)/$$i ]; then \ + cp $(srcdir)/$$i $$tdir ; \ + else \ + echo cannot find $$i ; \ + exit 1 ; \ + fi ; \ + done ; \ + if [ -f sudo_noexec.la ]; then \ + cp libtool $$tdir ; \ + $(LIBTOOL) --mode=install $(INSTALL) sudo_noexec.la `pwd`/$$tdir ; \ + fi ; \ + sed 's/@VERSION@/$(VERSION)/g' <$(srcdir)/sudo.psf >$$tdir/sudo.psf ; \ + printf '#!/sbin/sh\nrm -f /usr/local/bin/sudoedit\nln /usr/local/bin/sudo /usr/local/bin/sudoedit\n' > $$tdir/sudo-exec.postinstall ; \ + printf '#!/sbin/sh\nrm -f /usr/local/man/man1m/sudoedit.1m\nln /usr/local/man/man1m/sudo.1m /usr/local/man/man1m/sudoedit.1m\n' > $$tdir/sudo-man.postinstall ; \ + printf '#!/sbin/sh\nif [ ! -s /etc/sudoers ]; then\n\techo installing /usr/local/doc/sudo/sudoers as /etc/sudoers\n\techo use /usr/local/sbin/visudo to configure sudo\n\tcp /usr/local/doc/sudo/sudoers /etc/sudoers\n\tchmod 440 /etc/sudoers\n\tchown root:root /etc/sudoers\nfi\n' > $$tdir/sudo-config.postinstall ; \ + chmod 755 $$tdir/sudo-exec.postinstall $$tdir/sudo-man.postinstall $$tdir/sudo-config.postinstall ; \ + strip $$tdir/sudo ; \ + strip $$tdir/visudo ; \ + cd $$tdir ; \ + swpackage -x target_type=tape -d ../sudo-$(VERSION).depot -s sudo.psf ; \ + cd .. ; \ + gzip -f --best sudo-$(VERSION).depot; \ + rm -rf tmp.depot ; \ + ) + +.PHONY: ChangeLog diff --git a/usr.bin/sudo/README b/usr.bin/sudo/README index 4986b56aaf2..301ca551758 100644 --- a/usr.bin/sudo/README +++ b/usr.bin/sudo/README @@ -1,4 +1,4 @@ -This is Sudo version 1.6.9 +This is Sudo version 1.7.0 The sudo philosophy =================== @@ -80,15 +80,14 @@ for the appropriate links. Web page ======== -There is a sudo `web page' at http://www.sudo.ws/sudo/ -that contains an overview of sudo as well as pointers to BETA versions -and other useful info. +There is a sudo web page at http://www.sudo.ws/sudo/ that contains +an overview of sudo, documentation, downloads, information about +beta versions and other useful info. Bug reports =========== -A list of known bugs may be found in the `BUGS' file. If you have -found what you believe to be a bug, you can file a bug report with -the sudo bug database, on at web at http://www.sudo.ws/bugs/. +If you have found what you believe to be a bug, you can file a bug +report with the sudo bug database, on at web at http://www.sudo.ws/bugs/. Please read over the `TROUBLESHOOTING' file *before* submitting a bug report. When reporting bugs, please be sure to include the diff --git a/usr.bin/sudo/README.LDAP b/usr.bin/sudo/README.LDAP index df4ad2107ec..85f05f54994 100644 --- a/usr.bin/sudo/README.LDAP +++ b/usr.bin/sudo/README.LDAP @@ -1,16 +1,27 @@ -This file explains how to use the optional LDAP functionality of SUDO to +This file explains how to build the optional LDAP functionality of SUDO to store /etc/sudoers information. This feature is distinct from LDAP passwords. +For general sudo LDAP configuration details, see the sudoers.ldap manual that +comes with the sudo distribution. A pre-formatted version of the manual may +be found in the sudoers.ldap.cat file. + +The sudo binary compiled with LDAP support should be totally backward +compatible and be syntactically and source code equivalent to its +non LDAP-enabled build. + LDAP philosophy =============== As times change and servers become cheap, an enterprise can easily have 500+ UNIX servers. Using LDAP to synchronize Users, Groups, Hosts, Mounts, and others across an enterprise can greatly reduce the administrative overhead. -Sudo in the past has only used a single local configuration file /etc/sudoers. -Some have attempted to workaround this by synchronizing changes via -RCS/CVS/RSYNC/RDIST/RCP/SCP and even NFS. Many have asked for a Hesiod, NIS, -or LDAP patch for sudo, so here is my attempt at LDAP'izing sudo. +In the past, sudo has used a single local configuration file, /etc/sudoers. +While the same sudoers file can be shared among machines, no built-in +mechanism exists to distribute it. Some have attempted to workaround this +by synchronizing changes via CVS/RSYNC/RDIST/RCP/SCP and even NFS. + +By using LDAP for sudoers we gain a centrally administered, globally +available configuration source for sudo. For information on OpenLDAP, please see http://www.openldap.org/. @@ -22,75 +33,6 @@ server, structure and contents. Many times 'options' are used in this document to refer to sudoer 'defaults'. They are one and the same. -Design Features -=============== - - * Sudo no longer needs to read sudoers in its entirety. Parsing of - /etc/sudoers requires the entire file to be read. The LDAP feature of sudo - uses two (sometimes three) LDAP queries per invocation. It never reads all - the sudoer entries in the LDAP store. This makes it especially fast and - particularly usable in LDAP environments. The first query is to parse - default options (see below). The second is to match against the username or - groups a user belongs to. (The special ALL tag is matched in this query - too.) If no match is made against the username, the third query pulls the - entries that match against user netgroups to compare back to the user. - - * Sudo no longer blows up if there is a typo. Parsing of /etc/sudoers can - still blow up when sudo is invoked. However when using the LDAP feature of - sudo, LDAP syntax rules are applied before the data is uploaded into the - LDAP server, so proper syntax is always guaranteed! One can of course still - insert a bogus hostname or username, but sudo will not care. - - * Options inside of entries now override global default options. - /etc/sudoers allowed for only default options and limited options associated - with user/host/command aliases. The syntax can be difficult for the newbie. - The LDAP feature attempts to simplify this and yet still provide maximum - flexibility. - - Sudo first looks for an entry called 'cn=default' in the SUDOers container. - If found, the multi-valued sudoOption attribute is parsed the same way the - global 'Defaults' line in /etc/sudoers is parsed. - - If on the second or third query, a response contains a sudoRole which - matches against the user, host, and command, then the matched object is - scanned for a additional options to override the top-level defaults. See - the example LDAP content below for more information. - - * Visudo is no longer needed. Visudo provides locking and syntax checking - against the /etc/sudoers file. Since LDAP updates are atomic, locking is no - longer necessary. Because syntax is checked when the data is inserted into - LDAP, the sudoers syntax check becomes unnecessary. - - * Aliases are no longer needed. User, Host, and Command Aliases were setup - to allow simplification and readability of the sudoers files. Since the - LDAP sudoer entry allows multiple values for each of its attributes and - since most LDAP browsers are graphical and easy to work with, original - aliases are no longer needed. - - If you want to specify lots of users into an entry or want to have similar - entries with identical users, then use either groups or user netgroups. - Thats what groups and netgroups are for and Sudo handles this well. - Alternately, one can just paste them all into the LDAP record. - - If you want to specify lots of hosts into an entry, use netgroups or IP - address matches (10.2.3.4/255.255.0.0). Thats what netgroups are for and - Sudo handles this well. Or just past them all into the LDAP record. - - If you want to specify lots of commands, use directories or wildcards, or - just paste them all into LDAP. That's what it's for. - - * The /etc/sudoers file can be disabled. Paranoid security administrators - can now disallow parsing of any local /etc/sudoers file by an LDAP - sudoOption 'ignore_local_sudoers'. This way all sudoers can be controlled - and audited in one place because local entries are not allowed. - In fact, if this option is included in the cn=defaults object of LDAP, - sudo won't even look for a /etc/sudoers file. - - * The sudo binary compiled with LDAP support should be totally backward - compatible and be syntactically and source code equivalent to its non - LDAP-enabled build. - - Build instructions ================== The most simplest way to build sudo with LDAP support is to include the @@ -103,33 +45,56 @@ to specify them at configure time. E.g. $ ./configure --with-ldap=/usr/local/ldapsdk -Sudo is developed using OpenLDAP. Other LDAP implementations may -require adding '-lldif' to SUDO_LIBS in the Makefile. +Sudo is developed using OpenLDAP but Netscape-based LDAP libraries +(such as those present in Solaris) are also known to work. Your Mileage may vary. Please let the sudo workers mailing list -<sudo-workers@sudo.ws> know what combinations worked best for your -OS and LDAP Combinations so we can improve sudo. - -More Build Notes: -HP-UX 11.23 (gcc3) Galen Johnson <Galen.Johnson@sas.com> - CFLAGS="-D__10_10_compat_code" LDFLAGS="-L/opt/ldapux/lib" +<sudo-workers@sudo.ws> know if special configuration was required +to build an LDAP-enabled sudo so we can improve sudo. Schema Changes ============== -Add the appropriate schema to your LDAP server so that it may contain -sudoers content. +You must add the appropriate schema to your LDAP server before it +can store sudoers content. + +For OpenLDAP, copy the file schema.OpenLDAP to the schema directory +(e.g. /etc/openldap/schema). You must then edit your slapd.conf and +add an include line the new schema, e.g. + + # Sudo LDAP schema + include /etc/openldap/schema/sudo.schema + +In order for sudoRole LDAP queries to be efficient, the server must index +the attribute 'sudoUser', e.g. + + # Indices to maintain + index sudoUser eq + +After making the changes to slapd.conf, restart slapd. -For OpenLDAP, simply copy schema.OpenLDAP to the schema directory -(e.g. /etc/openldap/schema) and 'include' it in your slapd.conf and -restart slapd. For other LDAP servers, provide this to your LDAP -Administrator. Make sure to index the attribute 'sudoUser'. +For Netscape-derived LDAP servers such as SunONE, iPlanet or Fedora Directory, +copy the schema.iPlanet file to the schema directory with the name 99sudo.ldif. -For netscape-derived LDAP servers such as SunONE, iPlanet or Fedora -Directory, use the schema.iPlanet file. +On Solaris, schemas are stored in /var/Sun/mps/slapd-`hostname`/config/schema/. +For Fedora Directory Server, they are stored in /etc/dirsrv/schema/. -Importing /etc/sudoers to LDAP -============================== -Importing is a two step process. +After copying the schema file to the appropriate directory, restart +the LDAP server. + +Finally, using an LDAP browser/editor, enable indexing by editing the +client profile to provide a Service Search Descriptor (SSD) for sudoers, +replacing example.com with your domain: + + serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com + +If using an Active Directory server, copy schema.ActiveDirectory +to your Windows domain controller and run the following command: + + ldifde -i -f schema.ActiveDirectory -c dc=X dc=example,dc=com + +Importing /etc/sudoers into LDAP +================================ +Importing sudoers is a two-step process. Step 1: Ask your LDAP Administrator where to create the ou=SUDOers container. @@ -150,28 +115,12 @@ options. # ./sudoers2ldif /etc/sudoers > /tmp/sudoers.ldif Step 2: -Import into your directory server. If you are using OpenLDAP, do the following -if you are using another directory, provide the LDIF file to your LDAP -Administrator. An example is shown below. +Import into your directory server. The following example is for +OpenLDAP. If you are using another directory, provide the LDIF +file to your LDAP Administrator. # ldapadd -f /tmp/sudoers.ldif -h ldapserver \ - > -D cn=Manager,dc=example,dc=com -W -x - -Example sudoers Entries in LDAP -=============================== -The equivalent of a sudoer in LDAP is a 'sudoRole'. It contains sudoUser(s), -sudoHost, sudoCommand and optional sudoOption(s) and sudoRunAs(s). - -The following example allows users in group wheel to run any -command on any host through sudo: - -dn: cn=%wheel,ou=SUDOers,dc=example,dc=com -objectClass: top -objectClass: sudoRole -cn: %wheel -sudoUser: %wheel -sudoHost: ALL -sudoCommand: ALL + -D cn=Manager,dc=example,dc=com -W -x Managing LDAP entries ===================== @@ -198,168 +147,32 @@ I recommend using any of the following LDAP browsers to administer your SUDOers. There are dozens of others, some Open Source, some free, some not. - -Configure your /etc/ldap.conf -============================= +Configure your /etc/ldap.conf and /etc/nsswitch.conf +==================================================== The /etc/ldap.conf file is meant to be shared between sudo, pam_ldap, nss_ldap and other ldap applications and modules. IBM Secureway unfortunately uses the same filename but has a different syntax. If you need to rename where this file is stored, re-run configure with the --with-ldap-conf-file=filename option. -Make sure you sudoers_base matches exactly with the location you specified -when you imported the sudoers. Below is an example /etc/ldap.conf - - # Either specify one or more URIs or one or more host:port pairs. - # If neither is specified sudo will default to localhost, port 389. - # - #host ldapserver - #host ldapserver1 ldapserver2:390 - # - # Default port if host is specified without one, defaults to 389. - #port 389 - # - # URI will override the host and port settings. - uri ldap://ldapserver - #uri ldaps://secureldapserver - #uri ldaps://secureldapserver ldap://ldapserver - # - # The amount of time, in seconds, to wait while trying to connect to - # an LDAP server. - bind_timelimit 30 - # - # The amount of time, in seconds, to wait while performing an LDAP query. - timelimit 30 - # - # must be set or sudo will ignore LDAP - sudoers_base ou=SUDOers,dc=example,dc=com - # - # verbose sudoers matching from ldap - #sudoers_debug 2 - # - # optional proxy credentials - #binddn <who to search as> - #bindpw <password> - #rootbinddn <who to search as, uses /etc/ldap.passwd for bindpw> - # - # LDAP protocol version, defaults to 3 - #ldap_version 3 - # - # Define if you want to use an encrypted LDAP connection. - # Typically, you must also set the port to 636 (ldaps). - #ssl on - # - # Define if you want to use port 389 and switch to - # encryption before the bind credentials are sent. - # Only supported by LDAP servers that support the start_tls - # extension such as OpenLDAP. - #ssl start_tls - # - # Additional TLS options follow that allow tweaking of the - # SSL/TLS connection. - # - #tls_checkpeer yes # verify server SSL certificate - #tls_checkpeer no # ignore server SSL certificate - # - # If you enable tls_checkpeer, specify either tls_cacertfile - # or tls_cacertdir. Only supported when using OpenLDAP. - # - #tls_cacertfile /etc/certs/trusted_signers.pem - #tls_cacertdir /etc/certs - # - # For systems that don't have /dev/random - # use this along with PRNGD or EGD.pl to seed the - # random number pool to generate cryptographic session keys. - # Only supported when using OpenLDAP. - # - #tls_randfile /etc/egd-pool - # - # You may restrict which ciphers are used. Consult your SSL - # documentation for which options go here. - # Only supported when using OpenLDAP. - # - #tls_ciphers <cipher-list> - # - # Sudo can provide a client certificate when communicating to - # the LDAP server. - # Tips: - # * Enable both lines at the same time. - # * Do not password protect the key file. - # * Ensure the keyfile is only readable by root. - # - # For OpenLDAP: - #tls_cert /etc/certs/client_cert.pem - #tls_key /etc/certs/client_key.pem - # - # For SunONE or iPlanet LDAP, the file specified by tls_cert may - # contain CA certs and/or the client's cert. If the client's - # cert is included, tls_key should be specified as well. - # For backward compatibility, sslpath may be used in place of tls_cert. - #tls_cert /var/ldap/cert7.db - #tls_key /var/ldap/key3.db +See the "Configuring ldap.conf" section in the sudoers.ldap manual +for a list of supported ldap.conf parameters and an example ldap.conf + +Make sure you sudoers_base matches the location you specified when you +imported the sudoers ldif data. + +After configuring /etc/ldap.conf, you must add a line in /etc/nsswitch.conf +to tell sudo to look in LDAP for sudoers. See the "Configuring nsswitch.conf" +section in the sudoers.ldap manual for details. Note that sudo will use +/etc/nsswitch.conf even if the underlying operating system does not support it. +To disable nsswitch support, run configure with the --with-nsswitch=no option. +This will cause sudo to consult LDAP first and /etc/sudoers second, unless the +ignore_sudoers_file flag is set in the global LDAP options. Debugging your LDAP configuration ================================= Enable debugging if you believe sudo is not parsing LDAP the way you think it -it should. A value of 1 shows moderate debugging. A value of 2 shows the -results of the matches themselves. Make sure to set the value back to zero -so that other users don't get confused by the debugging messages. This value -is 'sudoers_debug' in the /etc/ldap.conf. - -Parsing Differences between /etc/sudoers and LDAP -================================================= -There are some subtle differences in the way sudoers is handled once in LDAP. -Probably the biggest is that according to the RFC, LDAP's ordering is -arbitrary and you cannot expect that Attributes & Entries are returned in -any order. If there are conflicting command rules on an entry, the negative -takes precedence. This is called paranoid behavior (not necessarily the -most specific match). - -Here is an example: - - # /etc/sudoers: - # Allow all commands except shell - johnny ALL=(root) ALL,!/bin/sh - # Always allows all commands because ALL is matched last - puddles ALL=(root) !/bin/sh,ALL - - # LDAP equivalent of Johnny - # Allows all commands except shell - dn: cn=role1,ou=Sudoers,dc=my-domain,dc=com - objectClass: sudoRole - objectClass: top - cn: role1 - sudoUser: johnny - sudoHost: ALL - sudoCommand: ALL - sudoCommand: !/bin/sh - - # LDAP equivalent of Puddles - # Notice that even though ALL comes last, it still behaves like - # role1 since the LDAP code assumes the more paranoid configuration - dn: cn=role2,ou=Sudoers,dc=my-domain,dc=com - objectClass: sudoRole - objectClass: top - cn: role2 - sudoUser: puddles - sudoHost: ALL - sudoCommand: !/bin/sh - sudoCommand: ALL - -Another difference is that negations on the Host, User or Runas are -currently ignorred. For example, these attributes do not work how -they first seem. - - # does not match all but joe - # rather, does not match anyone - sudoUser: !joe - - # does not match all but joe - # rather, matches everyone including Joe - sudoUser: ALL - sudoUser: !joe - - # does not match all but web01 - # rather, matches all hosts including web01 - sudoHost: ALL - sudoHost: !web01 +should. Setting the 'sudoers_debug' parameter to a value of 1 shows moderate +debugging. A value of 2 shows the results of the matches themselves. Make +sure to set the value back to zero so that other users don't get confused by +the debugging messages. diff --git a/usr.bin/sudo/TROUBLESHOOTING b/usr.bin/sudo/TROUBLESHOOTING index 4bf571bf31d..a90b5eb9ff6 100644 --- a/usr.bin/sudo/TROUBLESHOOTING +++ b/usr.bin/sudo/TROUBLESHOOTING @@ -158,9 +158,12 @@ A) "cd" is a shell built-in command, you can't run it as a command Q) When I try to use "cd" with sudo the command completes without errors but nothing happens. -A) Some SVR4-derived OS's include a /usr/bin/cd command for reasons - unfathomable. A "cd" command is totally useless since a child process - cannot affect the current working directory of the parent (your shell). +A) Even though "cd" is a shell built-in command, some operating systems + include a /usr/bin/cd command for some reason. A standalone + "cd" command is totally useless since a child process (cd) cannot + affect the current working directory of the parent (your shell). + Thus, "sudo cd /foo" will start a child process, change the + directory and immediately exit without doing anything useful. Q) When I run sudo it says I am not allowed to run the command as root but I don't want to run it as root, I want to run it as another user. diff --git a/usr.bin/sudo/UPGRADE b/usr.bin/sudo/UPGRADE index 5d8591fa264..86e646f353b 100644 --- a/usr.bin/sudo/UPGRADE +++ b/usr.bin/sudo/UPGRADE @@ -1,6 +1,33 @@ Notes on upgrading from an older release ======================================== +o Upgrading from a version prior to 1.7.0: + + Starting with sudo 1.7.0 comments in the sudoers file must not + have a digit or minus sign immediately after the comment character + ('#'). Otherwise, the comment may be interpreted as a user or + group ID. + + When sudo is build with LDAP support the /etc/nsswitch.conf file is + now used to determine the sudoers seach order. sudo will default to + only using /etc/sudoers unless /etc/nsswitch.conf says otherwise. + This can be changed with an nsswitch.conf line, e.g.: + sudoers: ldap files + Would case LDAP to be searched first, then the sudoers file. + To restore the pre-1.7.0 behavior, run configure with the + --with-nsswitch=no flag. + + Sudo now ignores user .ldaprc files as well as system LDAP defaults. + All LDAP configuration is now in /etc/ldap.conf (or whichever file + was specified by configure's --with-ldap-conf-file option). + If you are using TLS, you may now need to specify: + tls_checkpeer no + in sudo's ldap.conf unless ldap.conf references a valid certificate + authority file(s). + + Please also see the WHATSNEW file for a list of new features in + sudo 1.7.0. + o Upgrading from a version prior to 1.6.9: Starting with sudo 1.6.9, if an OS supports a modular authentication diff --git a/usr.bin/sudo/WHATSNEW b/usr.bin/sudo/WHATSNEW new file mode 100644 index 00000000000..2d36f065289 --- /dev/null +++ b/usr.bin/sudo/WHATSNEW @@ -0,0 +1,79 @@ +What's new in Sudo 1.7.0? + + * Rewritten parser that converts sudoers into a set of data structures. + This eliminates a number of ordering issues and makes it possible to + apply sudoers Defaults entries before searching for the command. + It also adds support for per-command Defaults specifications. + + * Sudoers now supports a #include facility to allow the inclusion of other + sudoers-format files. + + * Sudo's -l (list) flag has been enhanced: + o applicable Defaults options are now listed + o a command argument can be specified for testing whether a user + may run a specific command. + o a new -U flag can be used in conjunction with "sudo -l" to allow + root (or a user with "sudo ALL") list another user's privileges. + + * A new -g flag has been added to allow the user to specify a + primary group to run the command as. The sudoers syntax has been + extended to include a group section in the Runas specification. + + * A uid may now be used anywhere a username is valid. + + * The "secure_path" run-time Defaults option has been restored. + + * Password and group data is now cached for fast lookups. + + * The file descriptor at which sudo starts closing all open files is now + configurable via sudoers and, optionally, the command line. + + * Visudo will now warn about aliases that are defined but not used. + + * The -i and -s command line flags now take an optional command + to be run via the shell. Previously, the argument was passed + to the shell as a script to run. + + * Improved LDAP support. SASL authentication may now be used in + conjunction when connecting to an LDAP server. The krb5_ccname + parameter in ldap.conf may be used to enable Kerberos. + + * Support for /etc/nsswitch.conf. LDAP users may now use nsswitch.conf + to specify the sudoers order. E.g.: + sudoers: ldap files + to check LDAP, then /etc/sudoers. The default is "files", even + when LDAP support is compiled in. This differs from sudo 1.6 + where LDAP was always consulted first. + + * Support for /etc/environment on AIX and Linux. If sudo is run + with the -i flag, the contents of /etc/environment are used to + populate the new environment that is passed to the command being + run. + + * If no terminal is available or if the new -A flag is specified, + sudo will use a helper program to read the password if one is + configured. Typically, this is a graphical password prompter + such as ssh-askpass. + + * A new Defaults option, "mailfrom" that sets the value of the + "From:" field in the warning/error mail. If unspecified, the + login name of the invoking user is used. + + * A new Defaults option, "env_file" that refers to a file containing + environment variables to be set in the command being run. + + * A new flag, -n, may be used to indicate that sudo should not + prompt the user for a password and, instead, exit with an error + if authentication is required. + + * If sudo needs to prompt for a password and it is unable to disable + echo (and no askpass program is defined), it will refuse to run + unless the "visiblepw" Defaults option has been specified. + + * Prior to version 1.7.0, hitting enter/return at the Password: prompt + would exit sudo. In sudo 1.7.0 and beyond, this is treated as + an empty password. To exit sudo, the user must press ^C or ^D + at the prompt. + + * visudo will now check the sudoers file owner and mode in -c (check) + mode when the -s (strict) flag is specified. diff --git a/usr.bin/sudo/aclocal.m4 b/usr.bin/sudo/aclocal.m4 index b751eeb8fcd..13089f09012 100644 --- a/usr.bin/sudo/aclocal.m4 +++ b/usr.bin/sudo/aclocal.m4 @@ -1,6 +1,6 @@ dnl Local m4 macros for autoconf (used by sudo) dnl -dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller <Todd.Miller@courtesan.com> +dnl Copyright (c) 1994-1996,1998-2004 Todd C. Miller <Todd.Miller@courtesan.com> dnl dnl XXX - should cache values in all cases!!! dnl @@ -156,15 +156,6 @@ fi ])dnl dnl -dnl check for fullly working void -dnl -AC_DEFUN(SUDO_FULL_VOID, [AC_MSG_CHECKING(for full void implementation) -AC_TRY_COMPILE(, [void *foo; -foo = (void *)0; (void *)"test";], AC_DEFINE(VOID, void, [Define to "void" if your compiler supports void pointers, else use "char"].) -AC_MSG_RESULT(yes), AC_DEFINE(VOID, char) -AC_MSG_RESULT(no))]) - -dnl dnl SUDO_CHECK_TYPE(TYPE, DEFAULT) dnl XXX - should require the check for unistd.h... dnl @@ -234,6 +225,8 @@ AC_DEFUN([SUDO_FUNC_ISBLANK], ] [ if test "$sudo_cv_func_isblank" = "yes"; then AC_DEFINE(HAVE_ISBLANK, 1, [Define if you have isblank(3).]) + else + AC_LIBOBJ(isblank) fi ]) |