Kristyna Streitova
3ed4d64671
- Update to 1.9.0rc2
* Fixed a test failure in the strsig_test regress test on FreeBSD.
* Sudo now includes a logging daemon, sudo_logsrvd, which can be
used to implement centralized logging of I/O logs. TLS connections
are supported when sudo is configured with the --enable-openssl
option. For more information, see the sudo_logsrvd, logsrvd.conf
and sudo_logsrv.proto manuals as well as the log_servers setting
in the sudoers manual.
The --disable-log-server and --disable-log-client configure
options can be used to disable building the I/O log server and/or
remote I/O log support in the sudoers plugin.
* The new sudo_sendlog utility can be used to test sudo_logsrvd
or send existing sudo I/O logs to a centralized server.
* It is now possible to write sudo plugins in Python 3 when sudo
is configured with the --enable-python> option. See the
sudo_plugin_python.man.html manual for details.
Sudo 1.9.0 comes with several Python example plugins that get
installed sudo's examples directory.
The sudo blog article "What's new in sudo 1.9: Python"
(https://blog.sudo.ws/posts/2020/01/whats-new-in-sudo-1.9-python/)
includes a simple tutorial on writing python plugins.
* Sudo now supports an "audit" plugin type. An audit plugin
receives accept, reject, exit and error messages and can be used
to implement custom logging that is independent of the underlying
security policy. Multiple audit plugins may be specified in
the sudo.conf file. A sample audit plugin is included that
writes logs in JSON format.
* Sudo now supports an "approval" plugin type. An approval plugin
is run only after the main security policy (such as sudoers) accepts
a command to be run. The approval policy may perform additional
OBS-URL: https://build.opensuse.org/request/show/794915
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=164
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| fate_313276_test.sh | ||
| README_313276.test | ||
| README.SUSE | ||
| sudo-1.9.0rc2.tar.gz | ||
| sudo-1.9.0rc2.tar.gz.sig | ||
| sudo-i.pamd | ||
| sudo-sudoers.patch | ||
| sudo.changes | ||
| sudo.keyring | ||
| sudo.pamd | ||
| sudo.spec | ||
In the default (ie unconfigured) configuration sudo asks for root password. This allows to use an ordinary user account for administration of a freshly installed system. When configuring sudo, please make sure to delete the two following lines: Defaults targetpw # ask for the password of the target user i.e. root %users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!