+2011-01-18 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * term.c:
+ Clear, don't set, OPOST in c_oflag as was intended in e26055d17b72.
+ [eacd774c37c0]
+
+2011-01-11 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * check.c:
+ If the user is running sudo as himself but as a different group we
+ need to prompt for a password.
+ [fe8a94f96542]
+
+2011-01-10 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * pwutil.c:
+ If user has no supplementary groups, fall back on checking the group
+ file explicitly.
+ [c536ddb16bb6]
+
+2011-01-04 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * match.c:
+ Fix NULL dereference with "sudo -g group" when the sudoers rule has
+ no runas user or group listed. Fixes RedHat bug Bug 667103.
+ [c51e2be737b2]
+
+2010-12-21 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * term.c:
+ Clear OPOST from c_oflag like we used to. Fixes screen-based
+ editors such as vi.
+ [e26055d17b72]
+
+ * sudoers.pod:
+ Clarify umask option description. From Reuben Thomas.
+ [fb8bdcb54feb]
+
+2010-11-24 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * pp:
+ Add support for RHEL 6 file modes that include a trailing dot on
+ files with an SELinux security context
+ [fcc1daaf4df0]
+
+2010-11-22 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * sudoers.pod:
+ fix typo; from Michael T Hunter
+ [46e70e2063af]
+
+2010-10-07 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * check.c:
+ Having a timestamp file defined is no longer indicative of tty
+ tickets being enabled. Check def_tty_tickets directly.
+ [6c3803c239d9]
+
+2010-10-01 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * set_perms.c:
+ Sync set_project() with trunk.
+ [646fd9bc0537]
+
+ * set_perms.c, sudo.c:
+ Move set_project() into runas_setup(). Fixes a NULL deref when
+ project support is enabled and sudo's -g flag is used without the
+ -u flag.
+ [6ffd892243ab]
+
+2010-09-21 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * linux_audit.c:
+ Ignore ECONNREFUSED from audit_log_user_command() which will occur
+ if auditd is not running.
+ [a686884684ca]
+
+2010-09-13 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * install-sh:
+ Use sed instead of expr to split a flag from its argument. Fixes a
+ problem with expr interpreting its arguments as a flag when they
+ start with a dash.
+ [16372da8a286]
+
+2010-09-08 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * bsm_audit.c:
+ Solaris BSM audit return EINVAL when auditing is not enabled,
+ whereas OpenBSM returns ENOSYS.
+ [bb9c94a8fa7d]
+
+2010-09-07 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * toke.c, toke.l:
+ Add missing LOG_INPUT/LOG_OUTPUT support in the lexer.
+ [0a5519756bf1]
+
+ * sudo.c:
+ Set NewArgv[0] to the name of the pseudo-command we are running.
+ Fixes a problem with "sudo -l" when auditing is enabled and the user
+ is not allowed to run any commands on the host. Adapted from a patch
+ from Daniel Kopecek.
+ [694ed1a75a4a]
+
+2010-09-06 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * match.c:
+ When matching the runas user and runas group (-u and -g command line
+ options), keep track of runas group and runas user matches
+ separately. Only return a positive match if we have a match for
+ both runas user and runas group (if specified).
+ [68d30216c13a]
+
+2010-09-04 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * ldap.c, parse.c:
+ Do not return -1 on error from the display functions; the call
+ expects a return value >= 0.
+ [e50e6ae4d06d]
+
+ * ldap.c:
+ display_bound_defaults now returns a count so make the stub return
+ 0, not 1.
+ [97293ced4908]
+
+2010-09-03 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * get_pty.c:
+ It looks like AIX doesn't need to push STREAMS modules for ptys.
+ [62c281fcd4ad]
+
+2010-08-30 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Makefile.in:
+ Install sudoers file from the build dir not hte src dir.
+ [a26afd8db531]
+
+2010-08-26 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * set_perms.c:
+ If runas_pw changes, reset the stashed runas aux group vector.
+ Otherwise, if runas_default is set in a per-command Defaults
+ statement, the command runs with root's aux group vector (i.e. the
+ one that was used when locating the command).
+ [24a695707b67]
+
+ * Makefile.in:
+ Add target to generate sudoers file Remove generated sudoers file as
+ part of distclean
+ [448627fc35b6]
+
+2010-08-23 millert <millert@rh4-x86.home.courtesan.com>
+
+ * exec.c:
+ When not logging I/O install a handler for SIGCONT and deliver it to
+ the command upon resume. Fixes bugzilla #431
+ [e84690aa67bd]
+
+2010-08-21 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * sudo.c:
+ Don't need to fork and wait when compiled with --disable-pam-session
+ [2ae1bbe4437a]
+
+2010-08-20 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * lbuf.c:
+ Convert a remaining puts() and putchar() to use the output function.
+ [d68c213feb0f]
+
+2010-08-18 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Makefile.in:
+ Replace sudoers with sudoers.in in DISTFILES
+ [616509f85d6c]
+
+ * env.c:
+ Set dupcheck to TRUE when setting new HOME value if !env_reset but
+ always_set_home is true. Prevents a duplicate HOME in the
+ environment (old value plus the new one) introduced in 9f97e4b43a4b.
+ [2672ae047984]
+
+ * configure, configure.in, sudoers, sudoers.in:
+ Substitute sysconfdir in the installed sudoers file to get the
+ correct path for sudoers.d.
+ [ab14a68e546f]
+
+2010-08-17 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * boottime.c, get_pty.c:
+ Fix typos that prevented compilation on Irix; Friedrich Haubensak
+ [a3e6c5a66890]
+
+2010-08-14 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * auth/pam.c:
+ If the user hits ^C while a password is being read, error out before
+ reading any further passwords in the pam conversation function.
+ Otherwise, if multiple PAM auth methods are required, the user will
+ have to hit ^C for each one.
+ [c8f6bc58fd86]
+
+2010-08-09 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * exec.c:
+ Fix waitpid() loop termination condition.
+ [97719b3259f2]
+
+ * exec_pty.c:
+ Use sudo_waitpid() instead of bare waitpid()
+ [624a40269189]
+
+2010-08-07 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * sudo.pp:
+ Set pp_kit_version and strip off patchlevel
+ [814c87778567]
+
+ * sudo.pp:
+ Better handling of versions with a patchlevel. For rpm and deb, use
+ the patchlevel+1 as the release. For AIX, use the patchlevel as the
+ 4th version number. For the rest, just leave the patchlevel in the
+ version string.
+ [d18ef30f0a72]
+
+2010-08-06 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * auth/sudo_auth.c:
+ For non-standalone auth methods, stop reading the password if the
+ user enters ^C at the prompt.
+ [59d2b1328d1e]
+
+ * check.c:
+ When removing/resetting the timestamp file ignore the tty ticket
+ contents.
+ [8b285f601ec0]
+
+2010-08-04 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * UPGRADE:
+ Fix typo
+ [0f443aa22e96]
+
+2010-08-03 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * check.c:
+ Do not produce a warning for "sudo -k" if the ticket file does not
+ exist.
+ [eeaaa73d7f5b]
+
+2010-08-02 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * aclocal.m4, configure:
+ Add cross-compile defaults for remaining AC_TRY_RUN usage.
+ [fb88d22eabc6]
+
+2010-07-31 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * aclocal.m4, config.h.in, configure, configure.in, snprintf.c:
+ Use AC_CHECK_MEMBER in SUDO_SOCK_SA_LEN Use AC_TYPE_LONG_LONG_INT
+ and AC_CHECK_SIZEOF([long int]) instead of rolling our own.
+ [5e7cc557a46e]
+
2010-07-30 Todd C. Miller <Todd.Miller@courtesan.com>
* .hgtags:
Added tag SUDO_1_7_4 for changeset 2920a3b9d568
- [e929004d5102] [tip]
+ [e929004d5102]
* pp:
Debian: Remove dots from decoded release number AIX: looser matching
projects / debian / sudo / blobdiff