- Update to 1.9.9
* Sudo can now be built with OpenSSL 3.0 without generating
warnings about deprecated OpenSSL APIs.
* A digest can now be specified along with the ALL command in
the LDAP and SSSD back-ends. Sudo 1.9.0 introduced support for
this in the sudoers file but did not include corresponding
changes for the other back-ends.
* visudo now only warns about an undefined alias or a cycle in
an alias once for each alias.
* The sudoRole cn was truncated by a single character in warning
messages. GitHub issue #115.
* The cvtsudoers utility has new --group-file and --passwd-file
options to use a custom passwd or group file when the
--match-local option is also used.
* The cvtsudoers utility can now filter or match based on a command.
* The cvtsudoers utility can now produce output in csv
(comma-separated value) format. This can be used to help generate
entitlement reports.
* Fixed a bug in sudo_logsrvd that could result in the connection
being dropped for very long command lines.
* Fixed a bug where sudo_logsrvd would not accept a restore point
of zero.
* Fixed a bug in visudo where the value of the editor setting was
not used if it did not match the user’s EDITOR environment
variable. This was only a problem if the env_editor setting was
not enabled. Bug #1000.
* Sudo now builds with the -fcf-protection compiler option and the
-z now linker option if supported.
* The output of sudoreplay -l now more closely matches the
traditional sudo log format.
* The sudo_sendlog utility will now use the full contents of the
log.json file, if present. This makes it possible to send
sudo-format I/O logs that use the newer log.json format to
sudo_logsrvd without losing any information.
* Fixed compilation of the arc4random_buf() replacement on systems
with arc4random() but no arc4random_buf(). Bug #1008.
* Sudo now uses its own getentropy() by default on Linux. The GNU
libc version of getentropy() will fail on older kernels that
don’t support the getrandom() system call.
* It is now possible to build sudo with WolfSSL’s OpenSSL
compatibility layer by using the --enable-wolfssl configure
option.
* Fixed a bug related to Daylight Saving Time when parsing
timestamps in Generalized Time format. This affected the NOTBEFORE
and NOTAFTER options in sudoers. Bug #1006.
* Added the -O and -P options to visudo, which can be used to check
or set the owner and permissions. This can be used in conjunction
with the -c option to check that the sudoers file ownership and
permissions are correct. Bug #1007.
* It is now possible to set resource limits in the sudoers file
itself. The special values default and “user” refer to the
default system limit and invoking user limit respectively. The
core dump size limit is now set to 0 by default unless overridden
by the sudoers file.
* The cvtsudoers utility can now merge multiple sudoers sources into
a single, combined sudoers file. If there are conflicting entries,
cvtsudoers will attempt to resolve them but manual intervention
may be required. The merging of sudoers rules is currently fairly
simplistic but will be improved in a future release.
* Sudo was parsing but not applying the “deref” and “tls_reqcert”
ldap.conf settings. This meant the options were effectively ignored
which broke dereferencing of aliases in LDAP. Bug #1013.
* Clarified in the sudo man page that the security policy may
override the user’s PATH environment variable. Bug #1014.
* When sudo is run in non-interactive mode (with the -n option), it
will now attempt PAM authentication and only exit with an error if
user interaction is required. This allows PAM modules that don’t
interact with the user to succeed. Previously, sudo would not
attempt authentication if the -n option was specified. Bug #956
and GitHub issue #83.
* Fixed a regression introduced in version 1.9.1 when sudo is built
with the --with-fqdn configure option. The local host name was
being resolved before the sudoers file was processed, making it
impossible to disable DNS lookups by negating the fqdn sudoers
option. Bug #1016.
* Added support for negated sudoUser attributes in the LDAP and SSSD
sudoers back ends. A matching sudoUser that is negated will cause
the sudoRole containing it to be ignored.
* Fixed a bug where the stack resource limit could be set to a value
smaller than that of the invoking user and not be reset before the
command was run. Bug #1016.
- sudo no longer ships schema for LDAP.
- sudo-feature-negated-LDAP-users.patch dropped, included upstream
- refreshed sudo-sudoers.patch
OBS-URL: https://build.opensuse.org/request/show/950728
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=207
- Update to 1.9.2:
* The configure script now uses pkg-config to find the openssl cflags
and libs where possible.
* The contents of the log.json I/O log file is now documented in
the sudoers manual.
* The sudoers plugin now properly exports the sudoers_audit symbol
on systems where the compiler lacks symbol visibility controls.
This caused a regression in 1.9.1 where a successful sudo command
was not logged due to the missing audit plugin. Bug #931.
* Fixed a regression introduced in 1.9.1 that can result in crash
when there is a syntax error in the sudoers file. Bug #934.
- Rebase sudo-sudoers.patch
OBS-URL: https://build.opensuse.org/request/show/822654
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=177
- Update to 1.8.31
Major changes between version 1.8.31 and 1.8.30:
* This version fixes a potential security issue that can lead to
a buffer overflow if the pwfeedback option is enabled in
sudoers [CVE-2019-18634] [bsc#1162202]
* The sudoedit_checkdir option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check. Symbolic links will no longer be followed by
sudoedit in any user-owned directory. Bug #912.
* Fixed a crash introduced in sudo 1.8.30 when suspending sudo
at the password prompt. Bug #914.
* Fixed compilation on systems where the mmap MAP_ANON flag is
not available. Bug #915.
Major changes between version 1.8.30 and 1.8.29:
* Sudo now closes file descriptors before changing uids. This
prevents a non-root process from interfering with sudo's ability
to close file descriptors on systems that support the prlimit(2)
system call.
* Sudo now treats an attempt to run sudo sudoedit as simply
sudoedit If the sudoers file contains a fully-qualified path
to sudoedit, sudo will now treat it simply as sudoedit
(with no path). Visudo will will now treat a fully-qualified
path to sudoedit as an error. Bug #871.
* Fixed a bug introduced in sudo 1.8.28 where sudo would warn
about a missing /etc/environment file on AIX and Linux when
PAM is not enabled. Bug #907.
* Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
the askpass program from running due to an unlimited stack size
resource limit. Bug #908.
* If a group provider plugin has optional arguments, the argument
OBS-URL: https://build.opensuse.org/request/show/772142
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=160
- Update to 1.8,28p1
* The fix for Bug #869 caused "sudo -v" to prompt for a password
when "verifypw" is set to "all" (the default) and all of the
user's sudoers entries are marked with NOPASSWD. Bug #901.
- Update to 1.8.28
* Fixed CVE-2019-14287 (bsc#1153674),
a bug where a sudo user may be able to
run a command as root when the Runas specification explicitly
disallows root access as long as the ALL keyword is listed first.
* Sudo will now only set PAM_TTY to the empty string when no
terminal is present on Solaris and Linux. This workaround is
only needed on those systems which may have PAM modules that
misbehave when PAM_TTY is not set.
* The mailerflags sudoers option now has a default value even if
sendmail support was disabled at configure time. Fixes a crash
when the mailerpath sudoers option is set but mailerflags is not.
Bug #878.
* Sudo will now filter out last login messages on HP-UX unless it
a shell is being run via "sudo -s" or "sudo -i". Otherwise,
when trusted mode is enabled, these messages will be displayed
for each command.
* Sudo has a new -B command line option that will ring the terminal
bell when prompting for a password.
* Sudo no longer refuses to prompt for a password when it cannot
determine the user's terminal as long as it can open /dev/tty.
This allows sudo to function on systems where /proc is unavailable,
such as when running in a chroot environment.
* The "env_editor" sudoers flag is now on by default. This makes
source builds more consistent with the packages generated by
OBS-URL: https://build.opensuse.org/request/show/738914
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=156
- update to 1.8.14p3:
* changes in 1.8.14p3
* Fixed a bug introduced in sudo 1.8.14p2 that prevented sudo
from working when no tty was present. Bug #706.
* Fixed tty detection on newer AIX systems where dev_t is 64-bit.
* changes in 1.8.14p2
* Fixed a bug introduced in sudo 1.8.14 that prevented the
lecture file from being created. Bug #704.
* changes in 1.8.14p1
* Fixed a bug introduced in sudo 1.8.14 that prevented the sssd
backend from working. Bug #703.
* changes in 1.8.14
* Log messages on Mac OS X now respect sudoers_locale when sudo
is build with NLS support.
* The sudo manual pages now pass mandoc -Tlint with no warnings.
* Fixed a compilation problem on systems with the sig2str()
function that do not define SIG2STR_MAX in signal.h.
* Worked around a compiler bug that resulted in unexpected
behavior when returning an int from a function declared to
return bool without an explicit cast.
* Worked around a bug in Mac OS X 10.10 BSD auditing where the
au_preselect() fails for AUE_sudo events but succeeds for
AUE_DARWIN_sudo.
* Fixed a hang on Linux systems with glibc when sudo is linked
with jemalloc.
* When the user runs a command as a user ID that is not present
in the password database via the -u flag, the command is now
run with the group ID of the invoking user instead of group ID 0.
* Fixed a compilation problem on systems that don't pull in
definitions of uid_t and gid_t without sys/types.h or unistd.h.
OBS-URL: https://build.opensuse.org/request/show/318161
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=87
- update to 1.8.9p3
- set secure_path to /usr/sbin:/usr/bin:/sbin:/bin
- changes since 1.8.8:
* Fixed a bug introduced in sudo 1.8.9 that prevented the tty name
from being resolved properly on Linux systems. Bug #630.
* Updated config.guess, config.sub and libtool to support the ppc64le
architecture (IBM PowerPC Little Endian).
* Fixed a problem with gcc 4.8's handling of bit fields that could
lead to the noexec flag being enabled even when it was not
explicitly set.
* Reworked sudo's main event loop to use a simple event subsystem
using poll(2) or select(2) as the back end.
* It is now possible to statically compile the sudoers plugin into
the sudo binary without disabling shared library support. The
sudo.conf file may still be used to configure other plugins.
* Sudo can now be compiled again with a C preprocessor that does
not support variadic macros.
* Visudo can now export a sudoers file in JSON format using the
new -x flag.
* The locale is now set correctly again for visudo and sudoreplay.
* The plugin API has been extended to allow the plugin to exclude
specific file descriptors from the "closefrom" range.
* There is now a workaround for a Solaris-specific problem where
NOEXEC was overriding traditional root DAC behavior.
* Add user netgroup filtering for SSSD. Previously, rules for
a netgroup were applied to all even when they did not belong
to the specified netgroup.
* On systems with BSD login classes, if the user specified a group
(not a user) to run the command as, it was possible to specify
a different login class even when the command was not run as the
OBS-URL: https://build.opensuse.org/request/show/213857
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=65
