pool/sudo
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
287 Commits 1 Branch 0 Tags 6.4 MiB
factory
Commit Graph

287 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Dominique Leuenberger
d5d48c17b0 Accepting request 756015 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/756015
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=105
 2019-12-18 13:43:05 +00:00
Kristyna Streitova
6db166dae8 Accepting request 754614 from home:kukuk:branches:Base:System 
- Move pam.d/sudo* files to /usr/etc

OBS-URL: https://build.opensuse.org/request/show/754614
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=158
 2019-12-12 09:24:53 +00:00
Dominique Leuenberger
0f9ceb41c1 Accepting request 743446 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/743446
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=104
 2019-10-30 13:42:14 +00:00
Dirk Mueller
7c6c82c48c Accepting request 738914 from home:vitezslav_cizek:branches:Base:System 
- Update to 1.8,28p1
  * The fix for Bug #869 caused "sudo -v" to prompt for a password
    when "verifypw" is set to "all" (the default) and all of the
    user's sudoers entries are marked with NOPASSWD.  Bug #901.

- Update to 1.8.28
 * Fixed CVE-2019-14287 (bsc#1153674),
   a bug where a sudo user may be able to
   run a command as root when the Runas specification explicitly
   disallows root access as long as the ALL keyword is listed first.
   * Sudo will now only set PAM_TTY to the empty string when no
   terminal is present on Solaris and Linux.  This workaround is
   only needed on those systems which may have PAM modules that
   misbehave when PAM_TTY is not set.
 * The mailerflags sudoers option now has a default value even if
   sendmail support was disabled at configure time.  Fixes a crash
   when the mailerpath sudoers option is set but mailerflags is not.
   Bug #878.
 * Sudo will now filter out last login messages on HP-UX unless it
   a shell is being run via "sudo -s" or "sudo -i".  Otherwise,
   when trusted mode is enabled, these messages will be displayed
   for each command.
 * Sudo has a new -B command line option that will ring the terminal
   bell when prompting for a password.
 * Sudo no longer refuses to prompt for a password when it cannot
   determine the user's terminal as long as it can open /dev/tty.
   This allows sudo to function on systems where /proc is unavailable,
   such as when running in a chroot environment.
 * The "env_editor" sudoers flag is now on by default.  This makes
   source builds more consistent with the packages generated by

OBS-URL: https://build.opensuse.org/request/show/738914
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=156
 2019-10-28 10:04:59 +00:00
Dominique Leuenberger
31f8884bee Accepting request 724506 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/724506
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=103
 2019-08-27 13:20:45 +00:00
Kristyna Streitova
69d80cc452 Accepting request 724360 from home:okurz:branches:Base:System 
Correct typo in sudoers patch

OBS-URL: https://build.opensuse.org/request/show/724360
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=154
 2019-08-19 08:38:01 +00:00
Dominique Leuenberger
dd701fbc00 Accepting request 666133 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/666133
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=102
 2019-01-29 13:44:27 +00:00
Dirk Mueller
3bfee6a8e5 Accepting request 665339 from home:seanlew:branches:Base:System 
Update sudo

OBS-URL: https://build.opensuse.org/request/show/665339
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=152
 2019-01-15 08:13:29 +00:00
Dominique Leuenberger
51433b9ed1 Accepting request 650509 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/650509
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=101
 2018-11-22 12:23:26 +00:00
Kristyna Streitova
fdc58f7a5a Accepting request 649898 from home:seanlew:branches:Base:System 
Update sudo to 1.8.26

OBS-URL: https://build.opensuse.org/request/show/649898
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=150
 2018-11-20 14:30:18 +00:00
Dominique Leuenberger
8f2cc83285 Accepting request 637025 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/637025
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=100
 2018-10-01 07:02:33 +00:00
Marcus Meissner
52d6fbb416 Accepting request 636863 from home:kstreitova:branches:Base:System 
- fix permissions for /var/lib/sudo and /var/lib/sudo/ts
  [bsc#1097643]

OBS-URL: https://build.opensuse.org/request/show/636863
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=148
 2018-09-21 09:55:59 +00:00
Kristyna Streitova
9924b7e357 Accepting request 636351 from home:mcalabkova:branches:Base:System 
- Update to 1.8.25p1
  * Fixed a bug introduced in sudo 1.8.25 that caused a crash on 
    systems that have the poll() function but not the ppoll() 
    function

OBS-URL: https://build.opensuse.org/request/show/636351
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=147
 2018-09-18 12:51:45 +00:00
Yuchen Lin
6f43d27269 Accepting request 633589 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/633589
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=99
 2018-09-13 10:08:38 +00:00
Kristyna Streitova
b5ce2d1eca Accepting request 633291 from home:mcalabkova:branches:Base:System 
- Update to 1.8.25
  * I/O log timing file entries now use a monotonic timer and 
    include nanosecond precision
  * when sudo runs a command in a pseudo-tty, the slave device is 
    now closed in the main process immediately after starting the 
    monitor process
  * the testsudoers utility now supports querying an LDIF-format 
    policy

OBS-URL: https://build.opensuse.org/request/show/633291
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=145
 2018-09-06 09:28:17 +00:00
Dominique Leuenberger
b2e1d122f7 Accepting request 630800 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/630800
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=98
 2018-08-28 07:22:46 +00:00
Kristyna Streitova
f9a253ec48 Accepting request 630762 from home:mcalabkova:branches:Base:System 
- Update to 1.8.24
  * random insults are now more random 
  * added SUDO_CONV_PREFER_TTY flag for conversation function to 
    tell sudo to try writing to /dev/tty first
  * cvtsudoers can now parse base64-encoded attributes in LDIF 
    files

OBS-URL: https://build.opensuse.org/request/show/630762
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=143
 2018-08-21 16:07:12 +00:00
Dominique Leuenberger
f3da6b1903 Accepting request 624251 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/624251
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=97
 2018-07-23 15:57:23 +00:00
Kristyna Streitova
60c0ac4137 Accepting request 622342 from home:bmwiedemann:branches:Base:System 
Build with make -B to make package build reproducible

e.g. diff had a locale.c vs ./locale.c:

/usr/sbin/visudo differs in ELF section .rodata
@@ -13,8 +13,8 @@ 
  20120 636d6e64 5f616c6c 6f776564 00000000  cmnd_allowed....
  20130 66696e64 5f706174 6800676f 6f647061  find_path.goodpa
  20140 74682e63 00000000 7375646f 5f676f6f  th.c....sudo_goo
- 20150 64706174 68006c6f 63616c65 2e630043  dpath.locale.c.C
- 20160 00000000 00000000 25733a20 75736572  ........%s: user
+ 20150 64706174 68002e2f 6c6f6361 6c652e63  dpath../locale.c
+ 20160 00430000 00000000 25733a20 75736572  .C......%s: user
  20170 206c6f63 616c6520 25732c20 7375646f   locale %s, sudo
  20180 65727320 6c6f6361 6c652025 73000000  ers locale %s...
  20190 25733a20 73657474 696e6720 6c6f6361  %s: setting loca

OBS-URL: https://build.opensuse.org/request/show/622342
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=141
 2018-07-20 11:29:06 +00:00
Dominique Leuenberger
d506443bb6 Accepting request 603566 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/603566
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=96
 2018-05-06 12:59:52 +00:00
Kristyna Streitova
25170bef0d Accepting request 603193 from home:stroeder:branches:Base:System 
- Update to 1.8.23
  * primarily a bug fix release
  * new cvtsudoers utility (replaces sudoers2ldif) and converts
    between sudoers formats and perform some basic filtering.
  * removed obsolete sudoers2ldif-env.patch

OBS-URL: https://build.opensuse.org/request/show/603193
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=139
 2018-05-03 08:02:38 +00:00
Dominique Leuenberger
2d560cb03b Accepting request 597343 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/597343
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=95
 2018-04-23 13:24:41 +00:00
Kristyna Streitova
b023d1651d Accepting request 597150 from home:kstreitova:branches:Base:System 
- integrate pam_keyinit pam module [bsc#1081947]
  * add sudo-i.pamd PAM configuration file and install it as
    /etc/pam.d/sudo-i
  * add "session optional pam_keyinit.so revoke" to sudo.pamd and
    "session optional pam_keyinit.so force revoke" to sudo-i.pamd
  * add "--with-pam-login" build option to enable specific PAM
    session for "sudo -i"
- make pam configuration files (noreplace)
- reorganize Sources

OBS-URL: https://build.opensuse.org/request/show/597150
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=137
 2018-04-17 08:06:20 +00:00
Dominique Leuenberger
2b209e9f64 Accepting request 594820 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/594820
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=94
 2018-04-16 10:43:13 +00:00
Kristyna Streitova
3af71ea9da Accepting request 593440 from home:kukuk:branches:Base:System 
- Use %license instead of %doc [bsc#1082318]

OBS-URL: https://build.opensuse.org/request/show/593440
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=135
 2018-04-09 09:41:40 +00:00
Dominique Leuenberger
f828090e27 Accepting request 578010 from Base:System 
- Fix sudo prompt: escape %p into %%p to ensure 'p' is not wrapped
  and interpreted as being an rpm variable (boo#1081470).

OBS-URL: https://build.opensuse.org/request/show/578010
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=93
 2018-02-19 12:03:47 +00:00
Kristyna Streitova
6eb28ea1f9 Accepting request 577967 from home:dimstar:Factory 
- Fix sudo prompt: escape %p into %%p to ensure 'p' is not wrapped
  and interpreted as being an rpm variable (boo#1081470).

OBS-URL: https://build.opensuse.org/request/show/577967
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=133
 2018-02-19 10:49:40 +00:00
Dominique Leuenberger
0dea457431 Accepting request 576060 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/576060
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=92
 2018-02-16 20:40:11 +00:00
Kristyna Streitova
733596dd0b Accepting request 576059 from home:kstreitova:branches:Base:System 
- The sudo distribution files are now signed with a new pgp key.
  Refresh sudo.keyring

- Update to 1.8.22 [bsc#1080793]

OBS-URL: https://build.opensuse.org/request/show/576059
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=131
 2018-02-13 12:26:57 +00:00
Kristyna Streitova
fc0b553ce4 Accepting request 568794 from home:avindra 
- Update to 1.8.22
  * Commands run in the background from a script run via sudo will
    no longer receive SIGHUP when the parent exits and I/O logging
    is enabled
  * A particularly offensive insult is now disabled by default
  * The description of sudo -i now correctly documents that the
    env_keep and env_check sudoers options are applied to the
    environment
  * Fixed a crash when the system's host name is not set
  * The sudoers2ldif script now handles #include and #includedir
    directives.
  * Fixed a bug where sudo would silently exit when the command
    was not allowed by sudoers and the passwd_tries sudoers option
    was set to a value less than one.
  * Fixed a bug with the listpw and verifypw sudoers options and
    multiple sudoers sources. If the option is set to all a
    password should be required unless none of a user's sudoers
    entries from any source require authentication.
  * Fixed a bug with the listpw and verifypw sudoers options in
    the LDAP and SSSD back-ends. If the option is set to any and
    the entry contained multiple rules, only the first matching
    rule was checked. If an entry contained more than one matching
    rule and the first rule required authentication but a
    subsequent rule did not, sudo would prompt for a password when
    it should not have.
  * When running a command as the invoking user (not root), sudo
    would execute the command with the same group vector it was
    started with. Sudo now executes the command with a new group
    vector based on the group database which is consistent with how
    su(1) operates.
  * Fixed a double free in the SSSD back-end that could occur when
    ipa_hostname is present in sssd.conf and is set to an unqualified
    host name.
  * When I/O logging is enabled, sudo will now write to the terminal
    even when it is a background process. Previously, sudo would only
    write to the tty when it was the foreground process when I/O
    logging was enabled. If the TOSTOP terminal flag is set, sudo
    will suspend the command (and then itself) with the SIGTTOU signal.
  * A new authfail_message sudoers option that overrides the default
    N incorrect password attempt(s).
  * An empty sudoRunAsUser attribute in the LDAP and SSSD backends
    will now match the invoking user. This is more consistent with
    how an empty runas user in the sudoers file is treated.
  * Documented that in check mode, visudo does not check the owner /
    mode on files specified with the -f flag
  * It is now an error to specify the runas user as an empty string
    on the command line. Previously, an empty runas user was treated
    the same as an unspecified runas user
  * When timestamp_type option is set to tty and a terminal is
    present, the time stamp record will now include the start time
    of the session leader. When the timestamp_type option is set
    to ppid or when no terminal is available, the start time of the
    parent process is used instead. This significantly reduces the
    likelihood of a time stamp record being re-used when a user logs
    out and back in again.
  * The sudoers time stamp file format is now documented in the new
    sudoers_timestamp manual.
  * Visudo will now use the SUDO_EDITOR environment variable (if
    present) in addition to VISUAL and EDITOR. 
- rebase sudoers2ldif-env.patch
- cleanup with spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/568794
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=130
 2018-01-24 11:27:07 +00:00
Dominique Leuenberger
1cde0d82dd Accepting request 556001 from Base:System 
OBS-URL: https://build.opensuse.org/request/show/556001
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=91
 2017-12-13 10:57:53 +00:00
Kristyna Streitova
c2d7e5850a Accepting request 555983 from home:kstreitova:branches:Base:System 
- remove sudoers.dist that is not needed [bsc#1071379]

OBS-URL: https://build.opensuse.org/request/show/555983
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=128
 2017-12-11 14:43:16 +00:00
Dominique Leuenberger
627619056b Accepting request 526347 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/526347
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=90
 2017-09-18 17:50:39 +00:00
Kristyna Streitova
4817eb67fb Accepting request 525888 from home:kstreitova:branches:Base:System 
- remove "--with-insults" and disable insults by default. Now
  insults sets are included but user must enable it in the sudoers
  file [bsc#1053911]

OBS-URL: https://build.opensuse.org/request/show/525888
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=126
 2017-09-15 10:12:27 +00:00
Dominique Leuenberger
37c343a593 Accepting request 522271 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/522271
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=89
 2017-09-12 17:37:04 +00:00
Vítězslav Čížek
d65790fef1 Accepting request 522266 from home:stroeder:branches:Base:System 
- update to 1.8.21p2

OBS-URL: https://build.opensuse.org/request/show/522266
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=124
 2017-09-08 09:43:33 +00:00
Dominique Leuenberger
67ef25f26a Accepting request 505125 from Base:System 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/505125
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=88
 2017-06-29 13:08:51 +00:00
Kristyna Streitova
a08fbe3e8f OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=122 2017-06-13 16:29:37 +00:00
Dominique Leuenberger
a94f80e226 Accepting request 500408 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/500408
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=87
 2017-06-03 23:48:57 +00:00
Vítězslav Čížek
40ee4d9fc5 Accepting request 500303 from home:stroeder:branches:Base:System 
update to 1.8.20p2

OBS-URL: https://build.opensuse.org/request/show/500303
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=120
 2017-06-01 13:59:33 +00:00
Dominique Leuenberger
9715fd989f Accepting request 499850 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/499850
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=86
 2017-05-31 19:26:18 +00:00
Vítězslav Čížek
aae3725cc0 Accepting request 499849 from home:simotek:branches:Base:System 
Security issue please approve

OBS-URL: https://build.opensuse.org/request/show/499849
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=118
 2017-05-30 19:30:20 +00:00
Dominique Leuenberger
960d34d01e Accepting request 477786 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/477786
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=85
 2017-03-10 20:05:57 +00:00
Kristyna Streitova
5350e3c426 Accepting request 477147 from home:kstreitova:branches:Base:System 
- update sudo in SLE12SP3 to the latest Factory version [fate#322095]
  * remove sudo-1.8.10p3-CVE-2016-7032.patch [bsc#1007766]
    * fixed in sudo 1.8.15
  * remove sudo-1.8.10p3-CVE-2016-7076.patch [bsc#1007501]
    * fixed in sudo 1.8.18p1
  * remove sudo-1.8.10p3-parse_boottime_properly.patch [bsc#899252]
    * fixed in sudo 1.8.14
  * remove sudo-1.8.10p3-user_groups.patch [bsc#988014]
    * fixed in sudo 1.8.17p1
  * remove sudo-1.8.10p3_pam_groups_upstream.patch [fate#318850]
    * fixed in sudo 1.8.17 
  * remove sudo-1.8.10p3-CVE-2014-9680.patch [bsc#917806]
    * fixed in sudo 1.8.12

OBS-URL: https://build.opensuse.org/request/show/477147
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=116
 2017-03-08 15:53:23 +00:00
Dominique Leuenberger
6077721eb4 Accepting request 453713 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/453713
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=84
 2017-02-05 14:44:38 +00:00
Marcus Meissner
0b246503a9 Accepting request 453650 from home:kstreitova:branches:Base:System 
- add sudo-1.8.19p2-decrement_env_len.patch - In 
  sudo_unsetenv_nodebug(), decrement envp.env_len after removing
  the variable [bsc#981124]
- add sudo-1.8.19p2-dont_overwrite_ret_val.patch - don't overwrite
  the return value of ldap_sasl_interactive_bind_s() by the
  subsequent call to sudo_set_krb5_ccache_name() [bsc#981124]

OBS-URL: https://build.opensuse.org/request/show/453650
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=114
 2017-02-01 06:48:54 +00:00
Dominique Leuenberger
1ce25a0e11 Accepting request 450497 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/450497
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=83
 2017-01-19 09:34:14 +00:00
Marcus Meissner
c3b3e5cc11 Accepting request 450320 from home:stroeder:branches:Base:System 
update to 1.8.19p2

OBS-URL: https://build.opensuse.org/request/show/450320
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=112
 2017-01-16 12:29:14 +00:00
Kristyna Streitova
e279162d42 Accepting request 448723 from home:kstreitova:branches:Base:System 
- add /usr/lib/tmpfiles.d directory to the %files section and fix
  build for SLE12SP2

OBS-URL: https://build.opensuse.org/request/show/448723
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=111
 2017-01-05 09:56:38 +00:00
Kristyna Streitova
75391bf1c3 Accepting request 447202 from home:stroeder:branches:Base:System 
update to 1.8.19p1 (not sure what the deal with /usr/lib/tmpfiles.d on older platforms is)

OBS-URL: https://build.opensuse.org/request/show/447202
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=110
 2017-01-02 09:53:20 +00:00