+2011-10-21 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * .hgtags:
+ Added tag SUDO_1_8_3 for changeset 82bec4d3a203
+ [6c953ef6f577] [tip] <1.8>
+
+ * Update Japanese sudoers translation from translationproject.org
+ [82bec4d3a203] [SUDO_1_8_3] <1.8>
+
+2011-10-12 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * configure, configure.in:
+ Override and ignore the --disable-static option. Sudo already runs
+ libtool with -tag=disable-static where applicable and we need non-
+ PIC objects to build the executables.
+ [dff177464029] <1.8>
+
+2011-10-10 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Add sudoedit fix
+ [3238dc7e4fb2] <1.8>
+
+ * plugins/sudoers/po/sudoers.pot:
+ regen pot files
+ [7981d6cbf1ab] <1.8>
+
+ * Ignore set_logname (which is now the default) for sudoedit since we
+ want the LOGNAME, USER and USERNAME environment variables to refer
+ to the calling user since that is who the editor runs as. This
+ allows the editor to find the user's startup files. Fixes bugzilla
+ #515
+ [3b9486e5fddb] <1.8>
+
+ * Instead of trying to grow the buffer in make_grlist_item(), simply
+ increase the total length, free the old buffer and allocate a new
+ one. This is less error prone and saves us from having to adjust
+ all the pointers in the buffer. This code path is only taken when
+ there are groups longer than the length of the user field in struct
+ utmp or utmpx, which should be quite rare.
+ [cb7c5ac834b5] <1.8>
+
+ * Add Italian translation for sudo from translationproject.org
+ [c7876fccbc38] <1.8>
+
+ * NEWS:
+ Japanese translation for sudo and sudoers from
+ translationproject.org
+ [9945a3ef7ff7] <1.8>
+
+2011-10-07 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * sudoreplay depends on timestr.lo too; from Mike Frysinger
+ [ad9ae493205f] <1.8>
+
+2011-10-04 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/po/sudoers.pot:
+ Regen sudoers pot file.
+ [2c4d99361994] <1.8>
+
+ * NEWS:
+ Update with latest sudo 1.8.3 news
+ [4e7f59d339d4] <1.8>
+
+ * ldap_start_tls_s() on Debian (at least) sets the effective and saved
+ uids to the same value as the real uid. This prevents sudo from
+ setting the uid or gid later on. As a workaround, we now set perms
+ to root during sudoers_policy_open().
+ [eb4c4f15833a] <1.8>
+
+ * Better warning message on setuid() failure for the setreuid()
+ version of set_perms().
+ [308c72f601e4] <1.8>
+
+2011-10-02 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Combine new translations in NEWS item
+ [0aa07471a5e6] <1.8>
+
+2011-09-27 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Delref auth_pw at the end of check_user() instead of getting a ref
+ twice.
+ [1c882f2fb46c] <1.8>
+
+ * Make sudo_auth_{init,cleanup} return TRUE on success and check for
+ sudo_auth_init() return value in check_user().
+ [573bf35ecac9] <1.8>
+
+ * Do not return without restoring permissions.
+ [2444a0b96469] <1.8>
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen pot files
+ [d286bce8dbb1] <1.8>
+
+ * NEWS:
+ Update for latest release candidate
+ [63d184ba6263] <1.8>
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen pot files
+ [ac3ec1315df7] <1.8>
+
+ * Modify the authentication API such that the init and cleanup
+ functions are always called, regardless of whether or not we are
+ going to verify a password. This is needed for proper PAM session
+ support.
+ [ea281ca46d94] <1.8>
+
+ * Add missing dependency for getspwgen other depends.
+ [9c124272910d] <1.8>
+
+ * Fix a PAM_USER mismatch in session open/close. We update PAM_USER
+ to the target user immediately before setting resource limits, which
+ is after the monitor process has forked (so it has the old value).
+ Also, if the user did not authenticate, there is no pamh in the
+ monitor so we need to init pam here too. This means we end up
+ calling pam_start() twice, which should be fixed, but at least the
+ session is always properly closed now.
+ [d0866ee5f190] <1.8>
+
+ * Add check for old being NULL in utmp_setid(); from Steven McDonald
+ [30cc283ac2b4] <1.8>
+
+2011-09-25 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * If the invoking user cannot be resolved by uid fake the struct
+ passwd and store it in the cache so we can delref it on exit.
+ [19d44f44d45d] <1.8>
+
+2011-09-24 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Don't error out if the group plugin cannot be loaded, just warn.
+ [e91d9912c9a0] <1.8>
+
+2011-09-23 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Quiet a false positive found by several static analysis tools. These
+ tools don't know that log_error() does not return (it longjmps to
+ error_jmp which returns to the sudo front-end).
+ [3cc319e31ed6] <1.8>
+
+2011-09-22 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Add Italian translation for sudo from translationproject.org Regen
+ .mo files
+ [c0b27f9d7e57] <1.8>
+
+ * .hgtags:
+ Added tag SUDO_1_8_2 for changeset 3682e51af1d0
+ [f0be566e9ea2] <1.8>
+
+2011-09-21 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Update to current reality and add bit about ssh auth
+ [48dcb86ce9be] <1.8>
+
+ * Make "verbose" static; fixes a namespace clash with
+ pam_ssh_agent_auth (and it doesn't need to be extern these days).
+ [b60fdd82de94] <1.8>
+
+ * configure, configure.in:
+ FreeBSD has libutil.h not util.h
+ [c03b121e0193] <1.8>
+
+ * configure, configure.in:
+ Define _BSD_SOURCE on FreeBSD, OpenBSD and DragonflyBSD
+ [002e3e0bb173] <1.8>
+
+ * Update po files from translationproject.org
+ [2b36af902213] <1.8>
+
+2011-09-16 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Mention DEREF support
+ [dfeb152f1686] <1.8>
+
+ * plugins/sudoers/po/sudoers.pot:
+ sync pot files
+ [1fba22e927a3] <1.8>
+
+ * doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in:
+ Add support for DEREF in ldap.conf.
+ [fe1cf6ad0add] <1.8>
+
+ * Makefile.in:
+ install target should depend on ChangeLog too, not just install-doc
+ [f54e2ab633b8] <1.8>
+
+ * NEWS, configure.in, doc/sudoers.cat, doc/sudoers.man.in:
+ Only iolog_file (not iolog_dir) supports mktemp-style suffixes.
+ [44a25099594e] <1.8>
+
+ * configure.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen pot files
+ [e14ee85cf49b] <1.8>
+
+ * configure, configure.in:
+ Fix some square brackets in case statements that needed to be
+ doubled up. While here, use $OSMAJOR when it makes sense.
+ [853c6e5f994c] <1.8>
+
+ * Fix a crash in make_grlist_item() on 64-bit machines with strict
+ alignment.
+ [e877c89ae32f] <1.8>
+
+ * Remove list_options() function that is no longer used now that "sudo
+ -L" is gone.
+ [f31543c80b98] <1.8>
+
+ * configure, configure.in:
+ Error message if user tries --with-CC
+ [0ed7558b8924] <1.8>
+
+ * configure, configure.in:
+ Check for -libmldap too when looking for ldap libs, which is the
+ Tivoli Directory Server client library.
+ [831e32d1453c] <1.8>
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen pot files for 1.8.3
+ [df2fb085cff2] <1.8>
+
+ * NEWS, configure, configure.in, doc/sudo.cat, doc/sudo.man.in,
+ doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
+ doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
+ doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat,
+ doc/visudo.man.in:
+ Update for version 1.8.3
+ [38cf153add0a] <1.8>
+
+2011-09-09 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Honor NOPASSWD tag for denied commands too.
+ [f473c443ad54] <1.8>
+
+ * INSTALL, configure, configure.in:
+ Remove --with-CC option; it doesn't work correctly now that we use
+ libtool. Users can get the same effect by setting the CC
+ environment variable when running configure.
+ [4f04869d74fd] <1.8>
+
+2011-08-31 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * configure, configure.in:
+ Assume all modern systems support fstat(2).
+ [0422b19dced3] <1.8>
+
+2011-08-30 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * configure, configure.in:
+ Add configure test for missing errno declaration and only declare it
+ ourselves if it is missing.
+ [6d26974f7e16] <1.8>
+
+ * Include errno.h before sudo.h to avoid conflicting with the system
+ definition of errno.
+ [8000bdc0968f] <1.8>
+
+2011-08-29 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Only print individual check status when there is a failure.
+ [bbdd669e7615] <1.8>
+
+ * Add calls to setprogname() for test programs.
+ [c721f3466a3a] <1.8>
+
+ * configure, configure.in:
+ Add -Wall and -Werror after all tests so they don't cause failures.
+ [20d75ce40086] <1.8>
+
+ * Actually run check_addr in the check target
+ [dcd96ef0dc57] <1.8>
+
+ * Split out address matching into its own file and add regression
+ tests for it.
+ [863f28589c24] <1.8>
+
+2011-08-27 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Fix matching a network number with netmask when the network number
+ is not the first address in the CIDR block.
+ [719942c986e9] <1.8>
+
+2011-08-26 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Don't assume all editors support the +linenumber command line
+ argument, use a whitelist of known good editors.
+ [d8d884af3b05] <1.8>
+
+2011-08-23 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Silence compiler warnings on Solaris with gcc 3.4.3
+ [8047cdb5d6a1] <1.8>
+
+ * Fix building on RHEL 3
+ [6bb0464a7450] <1.8>
+
+ * INSTALL, configure, configure.in:
+ Add --enable-werror configure option.
+ [aa40fd459836] <1.8>
+
+ * setgroups() proto lives in grp.h on RHEL4, perhaps others.
+ [92f98cbaebf0] <1.8>
+
+ * configure, configure.in:
+ Use PAM by default on AIX 6 and higher.
+ [7ef53d5ac819] <1.8>
+
+2011-08-22 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Add new Esperanto translation from translationproject.org
+ [109ed683b885] <1.8>
+
+2011-08-19 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Quiet an innocuous valgrind warning.
+ [fc453e49f9dd] <1.8>
+
+2011-08-18 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * Fix expansion of strftime() escapes in log_dir and add a regress
+ test that exhibited the problem.
+ [784e60d21f11] <1.8>
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ Fix "make check" return value.
+ [d3608efd8da6] <1.8>
+
2011-08-17 Todd C. Miller <Todd.Miller@courtesan.com>
* plugins/sudoers/po/sudoers.pot:
Regen pot files
- [3682e51af1d0] [tip] <1.8>
+ [3682e51af1d0] [SUDO_1_8_2] <1.8>
* Makefile.in:
Fix logic inversion in pot file up to date check.