@DEV@PARSESRCS = sudo.tab.h sudo.tab.c lex.yy.c def_data.c def_data.h
# Uncomment the following if you intend to modify parse.yacc
-@DEV@sudo.tab.c sudo.tab.h: parse.yacc
-@DEV@ rm -f sudo.tab.h sudo.tab.c
-@DEV@ $(YACC) -d -b sudo $(srcdir)/parse.yacc
+sudo.tab.c sudo.tab.h: parse.yacc
+ rm -f sudo.tab.h sudo.tab.c
+ $(YACC) -d -b sudo $(srcdir)/parse.yacc
# Uncomment the following if you intend to modify parse.lex
@DEV@lex.yy.c: parse.lex
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
-timestamp='2005-08-03'
+timestamp='2006-02-23'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
: ${TMPDIR=/tmp} ;
- { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
{ test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
{ tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
{ echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
*:ekkoBSD:*:*)
echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
exit ;;
+ *:SolidBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE}
+ exit ;;
macppc:MirBSD:*:*)
echo powerppc-unknown-mirbsd${UNAME_RELEASE}
exit ;;
echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
exit ;;
*:FreeBSD:*:*)
- echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+ case ${UNAME_MACHINE} in
+ pc98)
+ echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ *)
+ echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ esac
exit ;;
i*:CYGWIN*:*)
echo ${UNAME_MACHINE}-pc-cygwin
i*:MINGW*:*)
echo ${UNAME_MACHINE}-pc-mingw32
exit ;;
+ i*:MSYS_NT-*:*:*)
+ echo ${UNAME_MACHINE}-pc-mingw32
+ exit ;;
i*:windows32*:*)
# uname -m includes "-pc" on this system.
echo ${UNAME_MACHINE}-mingw32
i*:PW*:*)
echo ${UNAME_MACHINE}-pc-pw32
exit ;;
- x86:Interix*:[34]*)
- echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//'
+ x86:Interix*:[345]*)
+ echo i586-pc-interix${UNAME_RELEASE}
+ exit ;;
+ EM64T:Interix*:[345]*)
+ echo x86_64-unknown-interix${UNAME_RELEASE}
exit ;;
[345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
echo i${UNAME_MACHINE}-pc-mks
#endif
#endif
EOF
- eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
+ eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+ /^CPU/{
+ s: ::g
+ p
+ }'`"
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;;
mips64:Linux:*:*)
#endif
#endif
EOF
- eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
+ eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+ /^CPU/{
+ s: ::g
+ p
+ }'`"
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;;
or32:Linux:*:*)
sparc:Linux:*:* | sparc64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
+ vax:Linux:*:*)
+ echo ${UNAME_MACHINE}-dec-linux-gnu
+ exit ;;
x86_64:Linux:*:*)
echo x86_64-unknown-linux-gnu
exit ;;
LIBC=gnulibc1
# endif
#else
- #ifdef __INTEL_COMPILER
+ #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__sun)
LIBC=gnu
#else
LIBC=gnuaout
LIBC=dietlibc
#endif
EOF
- eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
+ eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+ /^LIBC/{
+ s: ::g
+ p
+ }'`"
test x"${LIBC}" != x && {
echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
exit
*:Darwin:*:*)
UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
case $UNAME_PROCESSOR in
- *86) UNAME_PROCESSOR=i686 ;;
unknown) UNAME_PROCESSOR=powerpc ;;
esac
echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
i*86:skyos:*:*)
echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//'
exit ;;
+ i*86:rdos:*:*)
+ echo ${UNAME_MACHINE}-pc-rdos
+ exit ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
-timestamp='2005-07-08'
+timestamp='2006-02-23'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
- nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \
- kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
+ nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
+ uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
+ storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
-hiux*)
os=-hiuxwe2
;;
+ -sco6)
+ os=-sco5v6
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
-sco5)
os=-sco3.2v5
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
+ -sco5v6*)
+ # Don't forget version if it is 3.2v4 or newer.
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
-sco*)
os=-sco3.2v2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
- | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \
+ | m32r | m32rle | m68000 | m68k | m88k | maxq | mb | microblaze | mcore \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
- | ms1 \
+ | mt \
| msp430 \
+ | nios | nios2 \
| ns16k | ns32k \
| or32 \
| pdp10 | pdp11 | pj | pjl \
;;
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
;;
+ ms1)
+ basic_machine=mt-unknown
+ ;;
# We use `pc' rather than `unknown'
# because (1) that's what they normally are, and
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
| mipstx39-* | mipstx39el-* \
| mmix-* \
- | ms1-* \
+ | mt-* \
| msp430-* \
+ | nios-* | nios2-* \
| none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
basic_machine=i386-pc
os=-msdos
;;
+ ms1-*)
+ basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
+ ;;
mvs)
basic_machine=i370-ibm
os=-mvs
pc532 | pc532-*)
basic_machine=ns32k-pc532
;;
+ pc98)
+ basic_machine=i386-pc
+ ;;
+ pc98-*)
+ basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
pentium | p5 | k5 | k6 | nexgen | viac3)
basic_machine=i586-pc
;;
basic_machine=i586-unknown
os=-pw32
;;
+ rdos)
+ basic_machine=i386-pc
+ os=-rdos
+ ;;
rom68k)
basic_machine=m68k-rom68k
os=-coff
| -aos* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
- | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \
+ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
+ | -openbsd* | -solidbsd* \
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
- | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \
+ | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
+ | -uxpv* | -beos* | -mpeix* | -udk* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
- | -skyos* | -haiku*)
+ | -skyos* | -haiku* | -rdos*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
--- /dev/null
+The version of sudo that ships with Debian by default resets the
+environment, as described by the "env_reset" flag in the sudoers file.
+
+This implies that all environment variables are removed, except for
+HOME, LOGNAME, PATH, SHELL, TERM, DISPLAY, XAUTHORITY, XAUTHORIZATION,
+LANG, LANGUAGE, LC_*, and USER.
+
+In case you want sudo to preserve more environment variables, you must
+specify the env_keep variable in the sudoers file. You should edit the
+sudoers file using the visudo tool.
+
+Examples:
+Preserve the default variables plus the EDITOR variable:
+
+ Defaults env_keep+="EDITOR"
+
+Preserve the default variables plus all variables starting with LC_:
+
+ Defaults env_keep+="LC_*"
+
+See the file OPTIONS in this directory for more information on the sudo
+build options used in building the Debian package.
+sudo (1.6.8p12-2) unstable; urgency=low
+
+ * fix typos in init scripts, closes: #346325
+ * update to debhelper compat level 5
+ * build depend on autotools-dev to ensure config.sub/guess are fresh
+ * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
+ use it here as well. Thanks to Martin and the debian-security team.
+ closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
+ closes: #315115, #315718, #203874
+ * Non-maintainer upload by the Security Team
+ * Reworked the former patch to limit environment variables from being
+ passed through, set env_reset as default instead [sudo.c, env.c,
+ sudoers.pod, Bug#342948, CVE-2005-4158]
+ * env_reset is now set by default
+ * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
+ DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
+ (in addition to the SUDO_* variables)
+ * Rebuild sudoers.man.in from the POD file
+ * Added README.Debian
+ * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
+ * simplify rules file by using more of Makefile, despite having to override
+ default directories with more arguments to configure, closes: #292833
+ * update sudo man page to reflect use of SECURE_PATH, closes: #228551
+ * inconsistencies in sudoers man page resolved, closes: #220808, #161012
+ * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
+ unresolveable (requires adding bison as build dep), closes: #314949
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
+
sudo (1.6.8p12-1) unstable; urgency=low
* new upstream version, closes: #342948 (CVE-2005-4158)
Section: admin
Priority: optional
Maintainer: Bdale Garbee <bdale@gag.com>
-Build-Depends: debhelper (>= 5), libpam0g-dev, libldap2-dev
+Build-Depends: debhelper (>= 5), libpam0g-dev, libldap2-dev, autotools-dev, bison
Standards-Version: 3.6.2.1
Package: sudo
#! /bin/sh
### BEGIN INIT INFO
-# Provides: sudu
+# Provides: sudo
# Required-Start: $local_fs $remote_fs
# Required-Stop:
# Default-Start: S 1 2 3 4 5
endif
export CFLAGS
-build: config-stamp
+config: config-stamp
config-stamp:
dh_testdir
--with-timeout=15 --with-password-timeout=0 \
--disable-root-mailer --disable-setresuid \
--with-sendmail=/usr/sbin/sendmail \
+ --mandir=/usr/share/man --libexecdir=/usr/lib/sudo \
--with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin"
# LDAP version
--disable-root-mailer --disable-setresuid \
--with-sendmail=/usr/sbin/sendmail \
--with-ldap-conf-file=/etc/ldap/ldap.conf \
+ --mandir=/usr/share/man --libexecdir=/usr/lib/sudo \
--with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin"
touch config-stamp
build-stamp: config-stamp
dh_testdir
+ # ensure our pod changes get picked up
+ -rm -f sudoers.man.in sudoers.man sudo.man.in sudo.man
+ -$(MAKE) sudoers.man.in sudo.man.in
+
-$(MAKE) -C build-simple
-$(MAKE) -C build-ldap
dh_clean -k
dh_installdirs
- # simple version
- install -o root -g root -m 4755 -s build-simple/sudo debian/sudo/usr/bin/sudo
- ln -sf sudo debian/sudo/usr/bin/sudoedit
- install -o root -g root -m 0755 -s build-simple/visudo \
- debian/sudo/usr/sbin/visudo
- install -o root -g root -m 0644 build-simple/sudo.man \
- debian/sudo/usr/share/man/man8/sudo.8
- ln -sf sudo.8 debian/sudo/usr/share/man/man8/sudoedit.8
- install -o root -g root -m 0644 build-simple/visudo.man \
- debian/sudo/usr/share/man/man8/visudo.8
- install -o root -g root -m 0644 build-simple/sudoers.man \
- debian/sudo/usr/share/man/man5/sudoers.5
- install -o root -g root -m 0644 sample.sudoers \
- debian/sudo/usr/share/doc/sudo/examples/sudoers
- install -o root -g root -m 0644 debian/sudo.pam \
- debian/sudo/etc/pam.d/sudo
+ $(MAKE) -C build-simple install DESTDIR=$(CURDIR)/debian/sudo
+ $(MAKE) -C build-ldap install DESTDIR=$(CURDIR)/debian/sudo-ldap
- install -o root -g root -m 0644 debian/sudo.lintian \
- debian/sudo/usr/share/lintian/overrides/sudo
+ # remove stuff we don't want
+ rm -f $(CURDIR)/debian/sudo/etc/sudoers \
+ $(CURDIR)/debian/sudo-ldap/etc/sudoers
- # LDAP version
- install -o root -g root -m 4755 -s build-ldap/sudo debian/sudo-ldap/usr/bin/sudo
- ln -sf sudo debian/sudo-ldap/usr/bin/sudoedit
- install -o root -g root -m 0755 -s build-ldap/visudo debian/sudo-ldap/usr/sbin/visudo
- install -o root -g root -m 0644 build-ldap/sudo.man \
- debian/sudo-ldap/usr/share/man/man8/sudo.8
- ln -sf sudo.8 debian/sudo-ldap/usr/share/man/man8/sudoedit.8
- install -o root -g root -m 0644 build-ldap/visudo.man \
- debian/sudo-ldap/usr/share/man/man8/visudo.8
- install -o root -g root -m 0644 build-ldap/sudoers.man \
- debian/sudo-ldap/usr/share/man/man5/sudoers.5
- install -o root -g root -m 0644 sample.sudoers \
- debian/sudo-ldap/usr/share/doc/sudo-ldap/examples/sudoers
- install -o root -g root -m 0644 debian/sudo.pam \
+ # and install things we do want that make install doesn't know about
+ install -o root -g root -m 0644 $(CURDIR)/debian/sudo.pam \
+ debian/sudo/etc/pam.d/sudo
+ install -o root -g root -m 0644 $(CURDIR)/debian/sudo.pam \
debian/sudo-ldap/etc/pam.d/sudo
- install -o root -g root -m 0644 debian/sudo-ldap.lintian \
+ install -o root -g root -m 0644 $(CURDIR)/debian/sudo.lintian \
+ debian/sudo/usr/share/lintian/overrides/sudo
+ install -o root -g root -m 0644 $(CURDIR)/debian/sudo-ldap.lintian \
debian/sudo-ldap/usr/share/lintian/overrides/sudo-ldap
binary-indep: build install
sudo source: maintainer-script-lacks-debhelper-token debian/postinst
+sudo source: maintainer-script-lacks-debhelper-token debian/sudo-ldap.postinst
#! /bin/sh
### BEGIN INIT INFO
-# Provides: sudu
+# Provides: sudo
# Required-Start: $local_fs $remote_fs
# Required-Stop:
# Default-Start: S 1 2 3 4 5
sudo-ldap: setuid-binary usr/bin/sudo 4755 root/root
+sudo-ldap: setuid-binary usr/bin/sudoedit 4755 root/root
sudo-ldap: postrm-contains-additional-updaterc.d-calls /etc/init.d/sudo-ldap
sudo-ldap: script-in-etc-init.d-not-registered-via-update-rc.d /etc/init.d/sudo-ldap
sudo: setuid-binary usr/bin/sudo 4755 root/root
+sudo: setuid-binary usr/bin/sudoedit 4755 root/root
sudo: postrm-contains-additional-updaterc.d-calls /etc/init.d/sudo
sudo: script-in-etc-init.d-not-registered-via-update-rc.d /etc/init.d/sudo
"LC_*",
"LANG",
"LANGUAGE",
+ "TERM",
NULL
};
}
}
+ if (!strncmp (*ep, "DISPLAY=",8)
+ || !strncmp (*ep, "XAUTHORITY=", 11)
+ || !strncmp (*ep, "XAUTHORIZATION=", 15)
+ || !strncmp (*ep, "LANG=", 5)
+ || !strncmp (*ep, "LANGUAGE=", 9)
+ || !strncmp (*ep, "LC_", 3))
+ keepit = 1;
+
/* For SUDO_PS1 -> PS1 conversion. */
if (strncmp(*ep, "SUDO_PS1=", 8) == 0)
ps1 = *ep + 5;
if (strncmp(*ep, "USER=", 5) == 0)
SET(didvar, DID_USER);
break;
+ case 'P':
+ if (strncmp("PATH=", *ep, 5) == 0)
+ SET(didvar,DID_PATH);
+ break;
}
insert_env(*ep, 0);
} else {
free($1);
}
| NETGROUP {
+ set_fqdn();
if (netgr_matches($1, user_host, user_shost, NULL))
$$ = TRUE;
else
free($1);
}
| WORD {
+ set_fqdn();
if (hostname_matches(user_shost, user_host, $1) == 0)
$$ = TRUE;
else
| ALIAS {
aliasinfo *aip = find_alias($1, HOST_ALIAS);
+ set_fqdn();
/* could be an all-caps hostname */
if (aip)
$$ = aip->val;
* "host" is the (possibly fully-qualified) hostname and
* "shost" is the unqualified form of the hostname.
*/
+ sudo_user.host_fqdn_queried = FALSE;
nohostname = gethostname(thost, sizeof(thost));
if (nohostname)
user_host = user_shost = "localhost";
else {
user_host = estrdup(thost);
- if (def_fqdn) {
- /* Defer call to set_fqdn() until log_error() is safe. */
- user_shost = user_host;
+ if ((p = strchr(user_host, '.'))) {
+ *p = '\0';
+ user_shost = estrdup(user_host);
+ *p = '.';
} else {
- if ((p = strchr(user_host, '.'))) {
- *p = '\0';
- user_shost = estrdup(user_host);
- *p = '.';
- } else {
- user_shost = user_host;
- }
+ user_shost = user_host;
}
}
/* It is now safe to use log_error() and set_perms() */
- if (def_fqdn)
- set_fqdn(); /* may call log_error() */
-
if (nohostname)
log_error(USE_ERRNO|MSG_ONLY, "can't get hostname");
+ /* We don't query FQDN yet, it might get disabled later. Querying is done
+ * when host matching is executed and def_fqdn still true */
+
set_runaspw(*user_runas); /* may call log_error() */
if (*user_runas[0] == '#' && runas_pw->pw_name && runas_pw->pw_name[0])
*user_runas = estrdup(runas_pw->pw_name);
return(rval);
}
+ /* New default: reset the environment */
+ def_env_reset = TRUE;
while (NewArgc > 0 && NewArgv[0][0] == '-') {
if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0')
warnx("please use single character options");
struct hostent *hp;
char *p;
+ if (!def_fqdn || sudo_user.host_fqdn_queried) {
+ /* Only querying just once is good enough */
+ return;
+ }
+
if (!(hp = gethostbyname(user_host))) {
log_error(MSG_ONLY|NO_EXIT,
"unable to lookup %s via gethostbyname()", user_host);
} else {
user_shost = user_host;
}
+ sudo_user.host_fqdn_queried = TRUE;
}
/*
char cwd[PATH_MAX];
char *host;
char *shost;
+ int host_fqdn_queried;
char **runas;
char *prompt;
char *cmnd;
To prevent command spoofing, B<sudo> checks "." and "" (both denoting
current directory) last when searching for a command in the user's
PATH (if one or both are in the PATH). Note, however, that the
-actual C<PATH> environment variable is I<not> modified and is passed
-unchanged to the program that B<sudo> executes.
+C<PATH> environment variable is further modified in Debian because of
+the use of the I<SECURE_PATH> build option.
For security reasons, if your OS supports shared libraries and does
not disable user-defined library search paths for setuid programs
homedir of the target user
PATH Set to a sane value if sudo was configured with
- the --with-secure-path option
+ the --with-secure-path option (true for Debian)
SHELL Used to determine shell to run with -s option
I<sudoers> file. I.e., instead of myhost you would use myhost.mydomain.edu.
You may still use the short form if you wish (and even mix the two).
Beware that turning on I<fqdn> requires B<sudo> to make DNS lookups
-which may make B<sudo> unusable if DNS stops working (for example
-if the machine is not plugged into the network). Also note that
+which may make affect B<sudo> performance if DNS stops working (for example
+if the machine is not plugged into the network). The default behavior for
+Debian has been modified to minimize the potential of a problem, but there
+may still be some cases in which lack of working DNS might make sudo work
+very slowly. Also note that
you must use the host's official name as DNS knows it. That is,
you may not use a host alias (C<CNAME> entry) due to performance
issues and the fact that there is no way to get all aliases from
If set, B<sudo> will reset the environment to only contain the
following variables: C<HOME>, C<LOGNAME>, C<PATH>, C<SHELL>, C<TERM>,
+C<DISPLAY>, C<XAUTHORITY>, C<XAUTHORIZATION>,
+C<LANG>, C<LANGUAGE>, C<LC_*>,
and C<USER> (in addition to the C<SUDO_*> variables).
-Of these, only C<TERM> is copied unaltered from the old environment.
+
+Of these, only C<TERM>, C<DISPLAY>, C<XAUTHORITY>, C<XAUTHORIZATION>,
+C<LANG>, C<LANGUAGE>, and C<LC_*> are copied unaltered from the old environment.
The other variables are set to default values (possibly modified
by the value of the I<set_logname> option). If B<sudo> was compiled
with the C<SECURE_PATH> option, its value will be used for the C<PATH>
environment variable.
+
+This option is enabled by default.
+
Other variables may be preserved with the I<env_keep> option.
=item use_loginclass
=item env_check
-Environment variables to be removed from the user's environment if
-the variable's value contains C<%> or C</> characters. This can
+Like I<env_keep>, but listed environment variables are taken from the user's environment if
+the variable's value does B<not> contain C<%> or C</> characters. This can
be used to guard against printf-style format vulnerabilities in
poorly-written programs. The argument may be a double-quoted,
space-separated list or a single value without double-quotes. The
=item env_delete
-Environment variables to be removed from the user's environment.
+
+Not effective due to security issues: only variables listed in
+I<env_keep> or I<env_check> can be passed through B<sudo>!
+
The argument may be a double-quoted, space-separated list or a
single value without double-quotes. The list can be replaced, added
to, deleted from, or disabled by using the C<=>, C<+=>, C<-=>, and
=item env_keep
-Environment variables to be preserved in the user's environment
-when the I<env_reset> option is in effect. This allows fine-grained
+Environment variables to be preserved in the user's environment.
+This allows fine-grained
control over the environment B<sudo>-spawned processes will receive.
The argument may be a double-quoted, space-separated list or a
single value without double-quotes. The list can be replaced, added
is you cannot reference an Alias that has not already been defined.
Below are example I<sudoers> entries. Admittedly, some of
-these are a bit contrived. First, we define our I<aliases>:
-
+these are a bit contrived. First, we allow a few environment
+variables to pass and then define our I<aliases>:
+
+ # Run X applications through sudo; HOME is used to find .Xauthority file
+ # Note that some programs may use HOME for other purposes too and
+ # this may lead to privilege escalation!
+ Defaults env_keep = "DISPLAY HOME"
+
# User alias specification
User_Alias FULLTIMERS = millert, mikef, dowdy
User_Alias PARTTIMERS = bostley, jwfox, crawl
projects / debian / sudo / commitdiff