1 2010-04-09 Todd C. Miller <Todd.Miller@courtesan.com>
3 * configure, configure.in: Fix installation of sudoers.ldap
4 in "make install" when --with-ldap was specified without a
5 directory. From Prof. Dr. Andreas Mueller
7 2010-04-09 Todd C. Miller <Todd.Miller@courtesan.com>
9 * find_path.c: Qualify the command even if it is in the
10 current working directory, e.g. "./foo" instead of just
11 returning "foo". This removes an ambiguity between real
12 commands and possible pseudo-commands in command matching.
14 2010-04-07 Todd C. Miller <Todd.Miller@courtesan.com>
16 * sudoers.cat, sudoers.man.in, sudoers.pod: Add a note about
17 the security implications of the fast_glob option.
19 * memrchr.c: Remove duplicate includes
21 2010-03-10 Todd C. Miller <Todd.Miller@courtesan.com>
23 * sudo.c: Fix a bug introduced with def_closefrom. The value
24 of def_closefrom already includes the +1.
26 2010-03-09 Todd C. Miller <Todd.Miller@courtesan.com>
28 * match.c: When doing a glob match, short circuit if
29 gl.gl_pathc is 0. From Mark Kettenis.
31 2010-02-22 Todd C. Miller <Todd.Miller@courtesan.com>
33 * match.c: Check for pseudo-command by looking at the first
34 character of the command in sudoers instead of checking the
35 user-supplied command for a slash.
37 2010-02-09 Todd C. Miller <Todd.Miller@courtesan.com>
39 * toke.l: Fix size arg when realloc()ing include stack.
42 * toke.l: Avoid a duplicate fclose() of the sudoers file.
44 2010-02-06 Todd C. Miller <Todd.Miller@courtesan.com>
46 * aix.c, config.h.in, configure, configure.in: Use setrlimit64(),
47 if available, instead of setrlimit() when setting AIX resource
48 limits since rlim_t is 32bits.
50 * logging.c: Fix use after free when sending error messages.
51 From Timo Juhani Lindfors
53 2009-12-17 15:02 millert
55 * parse.c: Fix printing of entries with multiple host entries on
58 2009-12-09 16:05 millert
60 * logging.c: fix typo in last commit
62 2009-12-08 22:19 millert
64 * logging.c: Convert fmt_first and fmt_confd into macros.
66 2009-11-23 10:56 millert
68 * match.c: cmnd_matches() already deals with negation so
69 _cmndlist_matches() does not need to do so itself. Fixes a bug
70 with negated entries in a Cmnd_List.
72 2009-11-22 11:12 millert
74 * sudo.c: Don't exit() from open_sudoers, just return NULL for all
77 2009-11-22 09:54 millert
79 * toke.c, toke.l: Add missing extern def for parse_error
81 2009-11-20 19:11 millert
83 * toke.c, toke.l: Avoid a parse error when #includedir doesn't find
84 any files. Closes bug #375
86 2009-11-20 19:03 millert
88 * Makefile.in: Include sudo.man.pl and sudoers.man.pl in the
91 2009-11-04 09:42 millert
93 * configure, configure.in: Fix a few typos in the descriptions;
94 from Jeff Makey Only do the check for
95 krb5_get_init_creds_opt_free() taking two arguments if we find
96 krb5_get_init_creds_opt_alloc(). Otherwise we will get a false
97 positive when using our own krb5_get_init_creds_opt_free which
98 takes only a single argument.
100 2009-11-03 09:58 millert
102 * configure, configure.in: Remove a spurious comma in the kerb5
105 2009-11-03 09:51 millert
107 * auth/kerb5.c: Call krb5_get_init_creds_opt_init() in our emulated
108 krb5_get_init_creds_opt_alloc() for MIT kerberos.
110 2009-09-30 09:50 millert
112 * sudo_edit.c: Always update the stashed mtime of the temp file
113 instead of using what we have for the original because the time
114 resolution of the filesystem the temporary is on may not match
115 that of the filesystem that holds the original. Should fix bz
116 #371 found by Philippe Levan.
118 2009-09-24 21:11 millert
120 * configure, configure.in, sudoers.man.pl, sudoers.pod: Substitute
121 in default value for secure_path
123 2009-09-24 20:31 millert
125 * sudo.pod: Mention that the password must be followed by a newline
128 2009-08-07 10:21 millert
130 * auth/pam.c: Set PAM_RUSER and PAM_RHOST early so they can be used
131 during authentication. Based on a patch from Jamie Beverly.
133 2009-08-07 09:25 millert
135 * match.c: Close dir before returning if strlcpy() reports
136 overflow. From Martynas Venckus.
138 2009-07-18 09:55 millert
140 * toke.c, toke.l: Fix expansion of %h in #include names. Fixes
143 2009-07-12 17:17 millert
145 * mkdefaults: If no arg assume def_data.in
147 2009-07-11 21:27 millert
149 * README, WHATSNEW: Update for 1.7.2
151 2009-07-11 21:12 millert
155 2009-06-30 08:41 millert
157 * sudoers.cat, sudoers.man.in, sudoers.pod: Add missing single
158 quotes around a colon in Runas_Spec definition. From Elias
161 2009-06-29 09:36 millert
163 * redblack.c: In rbrepair, re-color the root or the first non-block
164 node we find to be black. Re-coloring the root is probably not
165 needed but won't hurt.
167 2009-06-29 09:35 millert
169 * sudo.cat, sudoers.cat, sudo.man.in, sudoers.man.in: regen
171 2009-06-26 16:40 millert
173 * redblack.c: When repairing the tree, don't touch the root node.
175 2009-06-25 08:44 millert
177 * set_perms.c: Protect call to setegid in runas_setup with #ifdef
178 HAVE_SETEUID. Reported by Josef Schmid.
180 2009-06-23 14:29 millert
182 * sudoers.pod: Document that we accept env_pam-style environment
185 2009-06-23 14:24 millert
187 * env.c: Adapt to accept pam_env-style /etc/environment which
188 allows shell-style lines such as: export EDITOR="/usr/bin/vi"
190 2009-06-23 12:22 millert
192 * sudoers.pod: Make it clear that env_delete only works when
193 !env_reset. From Loïc Minier
195 2009-06-15 17:19 millert
197 * sudo.pod, sudoers.pod: Add non-unix group bits, adapted from
200 2009-06-15 17:18 millert
202 * Makefile.in: build the .cat page in the current working dir, not
205 2009-06-15 09:10 millert
207 * env.c: Return EINVAL in setenv() if var is NULL or the empty
208 string to match glibc behavior.
210 2009-06-13 16:52 millert
212 * configure, configure.in: Use AS_HELP_STRING for AC_ARG_WITH and
215 2009-06-11 16:29 millert
217 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
218 sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
221 2009-06-09 10:08 millert
223 * INSTALL: Document --with-libvas and --with-libvas-rpath
225 2009-05-29 09:43 millert
227 * ldap.c, sudoers.ldap.pod: For netscape-derived LDAP SDKs the cert
228 and key paths may be a directory or a file. However, version 5.0
229 of the SDK only seems to support using a directory. If
230 ldapssl_clientauth_init fails and the cert or key paths look like
231 they could be files, strip off the last path element and try
234 2009-05-29 09:40 millert
236 * Makefile.in: Add non-Unix group .o to COMMON_OBJS and substitute
239 2009-05-26 20:49 millert
241 * configure, configure.in, match.c, sudo.c, vasgroups.c: Update
242 non-Unix group support from Quest, as reworked by me.
244 2009-05-26 20:47 millert
248 2009-05-26 20:46 millert
250 * toke.l: Add support for escaped hex chars in names, e.g. \x20 for
253 2009-05-25 08:02 millert
255 * LICENSE, Makefile.in, aclocal.m4, alias.c, check.c, env.c,
256 fileops.c, glob.c, gram.y, interfaces.c, lbuf.c, ldap.c,
257 logging.c, logging.h, match.c, parse.c, parse.h, pathnames.h.in,
258 pwutil.c, set_perms.c, sudo.c, sudo.h, sudo.pod, sudo_nss.c,
259 sudo_nss.h, sudo_usage.h.in, sudoers.ldap.pod, sudoers.pod,
260 testsudoers.c, tgetpass.c, toke.l, visudo.c, auth/aix_auth.c,
261 auth/pam.c, auth/sudo_auth.c, auth/sudo_auth.h: Update copyright
264 2009-05-24 08:33 millert
266 * interfaces.c, lbuf.c: Minor fixes for Minix-3
268 2009-05-22 06:37 millert
270 * set_perms.c: Handle getgroups() returning 0. Also add missing
271 check for HAVE_GETGROUPS.
273 2009-05-19 17:24 millert
275 * Makefile.in, config.h.in, configure, configure.in, sudo.c,
276 version.h, visudo.c: Replace version.h with PACKAGE_VERSION set
277 via AC_INIT in configure.
279 2009-05-18 06:33 millert
281 * set_perms.c: Remove group setting code in setusercontext case, we
282 will do it ourselves later on in runas_setup. Set the gid after
283 initgroups/setgroups is called, since on Mac OS X it seems to
286 2009-05-17 18:19 millert
288 * LICENSE, Makefile.in, config.h.in, match.c, nonunix.h, sudo.c,
289 vasgroups.c: Initial bits of non-unix group support using Quest
290 Authentication Services
292 2009-05-17 16:52 millert
294 * toke.c, toke.l: Accept %:foo as a non-Unix group
296 2009-05-17 16:22 millert
298 * toke.c, toke.l: Allow user/group to be double quoted in the case
299 of non-Unix groups which contain spaces.
301 2009-05-11 12:47 millert
303 * match.c: Don't allow the user to specify the default runas user
304 if their sudoers entry only allows them to run as a group.
306 2009-05-10 07:59 millert
308 * sudo.c: Must call audit_success before we change uids.
310 2009-05-10 07:52 millert
312 * logging.c, set_perms.c, sudo.h, testsudoers.c: Add option for
313 set_perm to not exit on failure and use this in the logging
316 2009-05-10 07:33 millert
318 * parse.c: In -l mode, if the user is only allowed to run as a
319 group, display the user's name, not root's before the allowed
322 2009-05-09 21:00 millert
324 * sudo.c: Fix -g mode, broken by rev 1.503 which had the side
325 effect of setting the runas user to root unilaterally.
327 2009-05-08 16:19 millert
329 * fileops.c: When unlocking a file with fcntl, use F_SETLK, not
332 2009-05-08 13:07 millert
334 * pwutil.c: Only cache by the method we fetched for pwd and grp
335 lookups. Previously we cached both by namd and id but this can
336 cause problems for entries that share the same id. Also add more
337 info in the error message in case the insert fails (which should
340 2009-04-30 15:04 millert
342 * sudoers.pod: Add a clarification from Nick Sieger
344 2009-04-25 12:49 millert
346 * env.c: Inline the setting of the environment string.
348 2009-04-24 14:53 millert
350 * env.c: setenv(3) in Linux treats a NUL value as the empty string
351 setenv(3) in BSD doesn't return an error if the name has '=' in
352 it, it just treats the '=' as end of string.
354 2009-04-22 16:32 millert
356 * toke.c, toke.l: Not all systems have d_namlen
358 2009-04-20 13:53 millert
360 * sudoers.pod: Fix up some pod2html issues.
362 2009-04-19 14:09 millert
364 * interfaces.c: Check for NULL ifa_addr and ifa_netmask. Adapted
365 from a diff from Quest Software.
367 2009-04-19 09:01 millert
369 * sudoers.pod: Ignore files ending in '~' in sudo.d (emacs backup
372 2009-04-19 08:56 millert
374 * toke.c, toke.l: Ignore files ending in '~' in sudo.d (emacs
377 2009-04-18 19:37 millert
379 * sudoers.cat, sudoers.man.in, sudoers.pod, toke.c, toke.l: For
380 #includedir, ignore any file containing a dot
382 2009-04-18 19:25 millert
384 * Makefile.in, version.h: Bump version
386 2009-04-18 19:25 millert
388 * gram.c, gram.y, parse.c, parse.h, sudo.c, sudo.h, sudoers.cat,
389 sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, toke.l,
390 visudo.c: Implement #includedir directive. Files in an
391 includedir are not edited by visudo unless they contain a syntax
394 2009-04-18 12:06 millert
398 2009-04-18 10:27 millert
400 * WHATSNEW: Forgot umask_override
402 2009-04-18 09:25 millert
404 * ChangeLog, TODO: sync
406 2009-04-16 08:22 millert
408 * visudo.c: Rewind stream if we fdopen sudoers since it may not be
409 at the beginning. Set the keepopen flag on already-open files
410 too so the lexer doesn't close them out from under us.
412 2009-04-16 08:18 millert
414 * visudo.c: Print the proper file name when there is a parse error
417 2009-04-11 07:45 millert
421 2009-04-10 16:59 millert
423 * configure, configure.in: Fix a warning when --without-ldap is
426 2009-04-05 12:25 millert
428 * alias.c, parse.h, visudo.c: Store aliases that we remove during
429 check_aliases in a freelist and free them at the end so we don't
432 2009-03-28 09:30 millert
434 * visudo.c: Check aliases in -c mode too.
436 2009-03-28 09:09 millert
438 * alias.c, parse.h, visudo.c: Make alias_remove return the alias
439 struct instead of freeing it directly. Fixes a use after free in
440 alias_remove_recursive, the only consumer.
442 2009-03-28 09:07 millert
444 * alias.c, match.c, parse.c, parse.h, visudo.c: Rename find_alias
445 -> alias_find for consistency.
447 2009-03-27 19:29 millert
449 * visudo.c: When checking for unused aliases, recurse if the alias
450 points to another alias.
452 2009-03-16 12:11 millert
454 * ldap.c: Back out rev 1.105 for now. Real ldapux_client.conf
455 support will be done later after some refactoring.
457 2009-03-14 12:02 millert
459 * ldap.c: Treat ldap_hostport the same as "host" for ldapux.
461 2009-03-13 21:04 millert
463 * configure, configure.in: Only check for
464 ldap_sasl_interactive_bind_s if we can find sasl.h. Fixes
465 compilation with ldapux.
467 2009-03-11 20:03 millert
469 * fileops.c: fix char subscript
471 2009-03-11 19:19 millert
473 * Makefile.in: remove errant carriage returns
475 2009-03-11 19:01 millert
477 * audit.c, env.c: fix K&R compilation
479 2009-03-11 12:12 millert
481 * sudo.man.in, sudo.cat, sudoers.cat, sudoers.ldap.cat,
482 sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
485 2009-03-10 17:34 millert
487 * config.h.in: Add missing HAVE_BSM_AUDIT
489 2009-03-10 17:21 millert
491 * WHATSNEW: Add 1.7.1 features
493 2009-03-10 17:10 millert
495 * INSTALL: Mention --with-netsvc
497 2009-03-10 17:08 millert
499 * sudoers.ldap.pod: Document netsvc.conf support
501 2009-03-10 16:44 millert
503 * configure, configure.in, pathnames.h.in, sudo.c, sudo_nss.c,
504 sudo_nss.h: Add support for AIX netsvc.conf (like nsswitch.conf).
506 2009-03-08 16:57 millert
508 * configure, config.h.in, configure.in, env.c: Add
509 --enable-env-debug flag to enable environment sanity checks.
511 2009-03-08 11:51 millert
513 * sudoers.ldap.pod, sudoers.pod: Work around some pod2html issue.
515 2009-03-07 17:10 millert
517 * env.c: Only sync environ for putenv, setenv, and unsetenv. We
518 need to make sure that sudo_putenv and sudo_setenv only modify
519 env.envp, not environ.
521 2009-03-02 14:19 millert
523 * env.c: Really fix UNSETENV_VOID
525 2009-03-02 14:18 millert
527 * env.c: Fix unsetenv when UNSETENV_VOID
529 2009-03-02 08:00 millert
531 * aclocal.m4, configure: Fix SUDO_FUNC_PUTENV_CONST
533 2009-03-02 07:36 millert
535 * ldap.c: tivoli-based ldap does not have ldapssl_err2string
537 2009-03-02 07:30 millert
541 2009-03-01 16:20 millert
543 * config.h.in, configure, configure.in, ldap.c: Add support for
544 Tivoli-based LDAP start TLS as seen in AIX. Untested.
546 2009-03-01 08:52 millert
548 * env.c: Add sanity checks for setenv/unsetenv
550 2009-02-28 20:17 millert
552 * Makefile.in: Include bsm_audit.h in the tarball
554 2009-02-28 20:00 millert
556 * Makefile.in, version.h: bump version for sudo 1.7.1
558 2009-02-28 19:58 millert
560 * aclocal.m4, config.h.in, configure, configure.in, env.c, ldap.c,
561 sudo.h, auth/aix_auth.c: Replace sudo_setenv/sudo_unsetenv with
562 calls to setenv/unsetenv and provide our own
563 setenv/unsetenv/putenv that operates on own env pointer. Make
564 sync_env() inline in setenv/unsetenv/putenv functions.
566 2009-02-25 07:33 millert
568 * sudo.c: Make "sudoedit -h" work as expected
570 2009-02-25 07:21 millert
572 * auth/pam.c: Make sure def_prompt is always defined. This is a
573 workaround for pam configs that prompt for a password in the
574 session but don't have an auth line. A better fix is to expand
575 the sudo prompt earlier and set def_prompt to that when
578 2009-02-25 06:17 millert
580 * sudo.pod: Mention that the helper for -A may be graphical.
582 2009-02-25 06:16 millert
584 * TROUBLESHOOTING: Document what happens if there is no tty.
586 2009-02-25 06:05 millert
588 * sudo.c: cosmetic changes
590 2009-02-25 05:47 millert
592 * term.c: Fix term_restore
594 2009-02-24 20:23 millert
596 * sudo.c: Fix "sudo -k" with no other args
598 2009-02-24 08:04 millert
600 * check.c, sudo.c, sudo.pod, sudo_usage.h.in: Allow the -k flag to
601 be specified in conjunction with a command or another option that
602 may require authentication.
604 2009-02-23 09:18 millert
606 * configure, configure.in: Remove unneeded AC_CANONICAL_TARGET;
607 from Diego E. 'Flameeyes'
609 2009-02-23 09:15 millert
611 * Makefile.in: Parallel make fix. From Diego E. 'Flameeyes'
613 2009-02-21 17:03 millert
615 * def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod:
616 Implement umask_override
618 2009-02-21 16:51 millert
622 2009-02-21 16:49 millert
624 * sudoers.pod, toke.l, visudo.c: Implement %h escape in sudoers
627 2009-02-21 08:43 millert
629 * audit.c: Need to include compat.h
631 2009-02-21 08:37 millert
633 * Makefile.in, audit.c, bsm_audit.c, bsm_audit.h, logging.h,
634 sudo.c: Make audit_success and audit_failure generic functions in
635 preparation for integrating linux audit support.
637 2009-02-21 08:06 millert
639 * term.c: remove duplicate include
641 2009-02-20 16:13 millert
643 * bsm_audit.c: Add missing include
645 2009-02-20 15:55 millert
647 * sudo.c: May need to update the runas user after parsing
648 command-based defaults.
650 2009-02-18 10:53 millert
652 * glob.c: Add missing pair of braces introduced with character
655 2009-02-15 15:53 millert
657 * def_data.c, def_data.h, def_data.in, sudoers.pod, tgetpass.c:
658 Rename pwstars to pwfeedback
660 2009-02-10 20:25 millert
662 * bsm_audit.c, bsm_audit.h: Add const to make MacOS happy.
664 2009-02-10 20:18 millert
666 * Makefile.in, bsm_audit.c, bsm_audit.h, configure, configure.in,
667 sudo.c, auth/sudo_auth.c: Add bsm audit support from Christian
670 2009-02-10 19:58 millert
672 * term.c: This is new code, no DARPA notice.
674 2009-02-10 14:04 millert
676 * def_data.c, def_data.h, def_data.in, match.c, sudoers.pod: Rename
677 simple_glob -> fast_glob
679 2009-02-10 09:39 millert
681 * match.c: g/c unused var
683 2009-02-10 08:09 millert
685 * def_data.c, def_data.h, def_data.in, match.c, sudoers.pod: Add
686 simple_glob option to use fnmatch() instead of glob(). This is
687 useful when you need to specify patterns that reference network
690 2009-02-10 07:58 millert
692 * tgetpass.c: add term_* proto
694 2009-02-10 07:51 millert
696 * sudoers.pod: mention glob()
698 2009-02-09 07:59 millert
700 * tgetpass.c: Delete any pwstars we wrote after the user hits
701 return. That way there is no record on screen as to the user's
704 2009-02-08 10:27 millert
706 * term.c: Move terminal setting bits from tgetpass.c to term.c
708 2009-02-07 19:50 millert
710 * Makefile.in, def_data.c, def_data.h, def_data.in, sudoers.pod,
711 tgetpass.c: Add pwstars sudoers option that causes sudo to print
712 a star every time the user presses a key.
714 2009-02-03 10:10 millert
716 * Makefile.in: Fix up F<> brokenness for visudo.man.in and
719 2009-01-27 11:54 millert
721 * ldap.c: For ldap_search_ext_s() the sizelimit param should be 0,
722 not -1, to indicate no limit. From Mark Janssen.
724 2009-01-17 17:36 millert
726 * toke.c, toke.l: Comments that begin with #- should not be parsed
729 2009-01-08 19:13 millert
731 * sudo.c: Do not try to set the close on exec flag if we didn't
732 actually open sudoers.
734 2008-12-19 12:40 millert
738 2008-12-14 17:40 millert
742 2008-12-09 18:48 millert
744 * auth/pam.c: Return PAM_AUTH_ERR instead of PAM_CONV_ERR if user
745 enters ^C at the password prompt.
747 2008-12-09 16:13 millert
749 * configure.in, configure: Don't try to build sudo_noexec.so on
750 HP-UX with the bundled compiler as it cannot generate shared
753 2008-12-09 15:55 millert
755 * glob.c, lbuf.c, tgetpass.c, emul/charclass.h: K&R compilation
758 2008-12-09 08:49 millert
760 * parse.c: Use tq_foreach_fwd when checking pseudo-commands to make
761 it clear that we are not short-circuiting on last match. When
762 pwcheck is 'all', initialize nopass to TRUE and override it with
763 the first non-TRUE entry.
765 2008-12-08 10:02 millert
767 * parse.c: Do not short circuit pseudo commands when we get a match
768 since, depending on the settings, we may need to examine all
771 2008-12-03 15:58 millert
773 * sudoers.cat, sudoers.man.in: regen
775 2008-12-03 15:57 millert
777 * sudoers.pod: hostnames may also contain wildcards
779 2008-12-03 15:40 millert
781 * Makefile.in: remove stamp-* files and linux core files in clean
784 2008-12-02 12:30 millert
786 * config.h.in, configure, configure.in, auth/sudo_auth.h: Use
787 HAVE_SIA_SES_INIT instead of HAVE_SIA for Digital UNIX
789 2008-11-26 15:10 millert
791 * configure, configure.in: correctly enable SIA on Digital UNIX
793 2008-11-25 20:06 millert
797 2008-11-25 20:05 millert
801 2008-11-25 12:01 millert
803 * check.c, sudo.h, tgetpass.c: Even if neither stdin nor stdout are
804 ttys we may still have /dev/tty available to us.
806 2008-11-24 10:09 millert
808 * sudoers.cat, sudoers.man.in: regen
810 2008-11-24 10:08 millert
812 * sudoers.pod: fix typos; Markus Lude
814 2008-11-24 07:08 millert
818 2008-11-23 19:42 millert
822 2008-11-23 19:41 millert
824 * toke.l: Fix matching of a line that only consists of a comment
827 2008-11-22 13:17 millert
829 * auth/pam.c: MacOS pam will retry conversation function if it
830 fails so just treat ^C as an empty password.
832 2008-11-22 10:12 millert
834 * visudo.c: When checking for alias use, also check defaults
837 2008-11-22 10:01 millert
839 * redblack.c: unused var
841 2008-11-22 09:42 millert
843 * redblack.c: Replace my rbdelete with Emin's version (which
846 2008-11-19 12:01 millert
848 * testsudoers.c: malloc debugging
850 2008-11-19 07:37 millert
852 * visudo.c: malloc options in devel mode for visudo too
854 2008-11-18 10:57 millert
856 * sudo.c: fix compilation on non-C99; from Theo
858 2008-11-18 10:50 millert
860 * visudo.c: fix check_aliases
862 2008-11-18 08:29 millert
864 * alias.c: when destroying an alias, free the correct data pointer
866 2008-11-18 07:54 millert
868 * auth/sudo_auth.h: add proto for aixauth_cleanup; from Dale King
870 2008-11-15 13:34 millert
872 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
875 2008-11-15 13:34 millert
877 * sudo.pod, sudoers.pod, visudo.pod: standardize on the term
878 'option' for command line options (not flag)
880 2008-11-14 06:18 millert
882 * INSTALL: Add note on configuring HP-UX pam
884 2008-11-11 13:28 millert
886 * check.c, sudo.c: Move tty checks into check_user() so we only do
887 them if we actually need a password.
889 2008-11-11 12:34 millert
891 * sudo.c: Don't error out if no tty or askpass unless we actually
892 need to authenticate.
894 2008-11-10 15:20 millert
898 2008-11-10 08:07 millert
900 * pathnames.h.in, sudo.c: s/overriden/overridden/; from Tobias
903 2008-11-09 15:18 millert
905 * visudo.c, WHATSNEW: check sudoers owner and mode in strict mode
907 2008-11-09 09:15 millert
909 * gram.c, toke.c: regen
911 2008-11-09 09:13 millert
913 * alias.c, alloc.c, closefrom.c, compat.h, defaults.c, defaults.h,
914 env.c, fileops.c, gettime.c, gram.y, ins_csops.h, insults.h,
915 interfaces.c, interfaces.h, lbuf.c, license.pod, list.c,
916 logging.c, logging.h, parse.c, parse.h, pwutil.c, redblack.c,
917 redblack.h, snprintf.c, sudo.c, sudo.pod, sudo_edit.c,
918 sudo_nss.h, testsudoers.c, toke.l, tsgetgrpw.c, utimes.c,
919 version.h, visudo.c, zero_bytes.c, LICENSE, sudoers.pod,
920 visudo.pod, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
921 auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
922 auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h,
923 sudo.man.in, sudoers.man.in, visudo.man.in: Update copyright
926 2008-11-09 08:48 millert
928 * fnmatch.c, glob.c, emul/charclass.h: add my copyright
930 2008-11-08 10:40 millert
932 * toke.c, toke.l: The loop in fill_cmnd() was going one byte too
933 far past the end, resulting in a NUL being written immediately
934 after the buffer end.
936 2008-11-08 10:31 millert
938 * UPGRADE, WHATSNEW: add sections on tgetpass changes
940 2008-11-08 10:30 millert
942 * tgetpass.c: Treat EOF w/o newline as an error.
944 2008-11-07 17:42 millert
946 * parse.c: Fix "sudo -v" when NOPASSWD is set.
948 2008-11-07 12:45 millert
950 * auth/: bsdauth.c, fwtk.c, pam.c, sudo_auth.c, sudo_auth.h: No
951 longer treat an empty password at the prompt as special. To quit
952 out of sudo you now need to hit ^C at the password prompt.
954 2008-11-06 21:07 millert
956 * sudoers.cat, sudoers.man.in: regen
958 2008-11-06 21:06 millert
960 * def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod: Sudo
961 will now refuse to run if no tty is present unless the new
962 visiblepw sudoers flag is set.
964 2008-11-05 19:42 millert
966 * aix.c: just use RLIM_INFINITY for RLIM_SAVED_MAX if
967 RLIM_SAVED_MAX not defined
969 2008-11-05 19:40 millert
971 * aix.c: fix fallback value for RLIM_SAVED_MAX
973 2008-11-05 19:14 millert
975 * auth/: aix_auth.c, sudo_auth.h: Move clearing of AUTHSTATE into
978 2008-11-05 19:08 millert
980 * env.c, auth/aix_auth.c: Unset AUTHSTATE after calling
981 authenticate() as it may not be correct for the user we are
982 running the command as.
984 2008-11-05 19:05 millert
986 * isblank.c: Add isblank() function for systems without it. Needed
987 for POSIX character class matching in fnmatch.c and glob.c.
989 2008-11-05 11:02 millert
991 * TROUBLESHOOTING: expound on sudo and cd
993 2008-11-04 15:52 millert
997 2008-11-04 15:46 millert
999 * sudoers.cat, sudoers.man.in: regen
1001 2008-11-04 15:45 millert
1003 * sudoers.pod: mention defauts parse order
1005 2008-11-03 13:19 millert
1007 * Makefile.in, aclocal.m4, compat.h, configure: Add isblank()
1008 function for systems without it. Needed for POSIX character
1009 class matching in fnmatch.c and glob.c.
1011 2008-11-03 12:54 millert
1013 * Makefile.in: add emul/charclass.h to HDRS
1015 2008-11-02 14:08 millert
1019 2008-11-02 14:06 millert
1021 * parse.c, defaults.c, testsudoers.c, visudo.c: Move
1022 update_defaults into defaults.c and call it properly from visudo
1025 2008-11-02 09:51 millert
1027 * defaults.c, interfaces.c, pwutil.c, sudo.c, sudo_edit.c,
1028 tgetpass.c, tsgetgrpw.c: use zero_bytes() instead of memset() for
1031 2008-11-02 09:45 millert
1033 * logging.c, mon_systrace.c, parse.c, sudo.c, sudo_edit.c,
1034 tgetpass.c, visudo.c: Zero out sigaction_t before use in case it
1035 has non-standard entries.
1037 2008-11-02 09:35 millert
1039 * match.c: quiet gcc
1041 2008-11-02 09:28 millert
1043 * match.c: Short circuit glob() checks if basename(pattern) !=
1044 basename(command). Refactor code that checks for a command in a
1045 directory and use it in the glob case if the resolved pattern
1048 2008-11-01 09:20 millert
1050 * defaults.h, parse.c, sudo.c, testsudoers.c, visudo.c: Defer
1051 setting runas defaults until after runaspw/gr is setup.
1053 2008-10-29 13:26 millert
1055 * match.c, sudo.c, testsudoers.c: Use MAXHOSTNAMELEN+1 when
1056 allocating host/domain name since some systems do not include
1057 space for the NUL in the size. Also manually NUL-terminate
1058 buffer from gethostname() since POSIX is wishy-washy on this.
1060 2008-10-26 17:13 millert
1062 * sudo.c, sudoers.pod: When setting the umask, use the union of the
1063 user's umask and the default value set in sudoers so that we
1064 never lower the user's umask when running a command.
1066 2008-10-26 16:43 millert
1068 * sudo.c: Don't try to read from a zero-length sudoers file.
1069 Remove the bogus Solaris work-around for EAGAIN. Since we now
1070 use fgetc() it should not be a problem.
1072 2008-10-25 09:22 millert
1074 * parse.c: In update_defaults() check the return value of
1075 user*_matches against ALLOW so we don't inadvertantly match on
1078 2008-10-24 09:52 millert
1080 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
1081 sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
1082 regen man pages; no more hyphenation
1084 2008-10-24 09:49 millert
1086 * sudo.c: Don't error out on a zero-length sudoers file. With the
1087 advent of #include the user could create a situation where sudo
1090 2008-10-23 12:06 millert
1092 * config.h.in, configure, configure.in, auth/kerb5.c: Newer heimdal
1093 has 2-argument krb5_get_init_creds_opt_free() like MIT krb5.
1094 Really old heimdal has no krb5_get_init_creds_opt_alloc() at all.
1095 Add configure tests to handle all the cases.
1097 2008-10-08 17:28 millert
1099 * sudo.pod: resort ENVIRONMENT
1101 2008-10-08 17:09 millert
1103 * sudoers.pod: document sudoers_locale
1105 2008-10-08 16:56 millert
1107 * sudo.pod, sudo_edit.c: add SUDO_EDITOR variable that sudoedit
1108 uses in preference to VISUAL or EDITOR
1110 2008-10-08 14:27 millert
1112 * toke.c, toke.l: In fill_cmnd(), collapse any escaped
1113 sudo-specific characters. Allows character classes to be used in
1116 2008-10-03 16:02 millert
1118 * lbuf.c: fix typo in non-C89 function declaration
1120 2008-10-03 15:56 millert
1122 * sudoers.pod: Mention POSIX characters classes now that out
1123 fnmatch() and glob() support them.
1125 2008-10-03 15:55 millert
1127 * sample.sudoers, sudoers.pod: Replace [A-z] (which won't match in
1128 UTF8) with [A-Za-z] which is locale agnostic.
1130 2008-10-03 10:02 millert
1132 * parse.h: use __signed char if we are going to assign a negative
1133 value since on Power, char is unsigned by default
1135 2008-10-03 09:59 millert
1137 * configure, configure.in, config.h.in: Add tests for __signed char
1140 2008-10-03 09:19 millert
1142 * aix.c: Fix AIX limit setting. getuserattr() returns values in
1143 disk blocks rather than bytes. The default hard stack size in
1144 newer AIX is RLIM_SAVED_MAX. From Dale King.
1146 2008-09-26 17:13 millert
1148 * fnmatch.c, glob.c, emul/charclass.h: Add character class support
1149 to included glob(3) and fnmatch(3).
1151 2008-09-16 08:28 millert
1153 * emul/fnmatch.h: Remove UCB advertising clause and some
1154 compatibility defines.
1156 2008-09-14 16:07 millert
1158 * sudo_edit.c: Check EDITOR/VISUAL to make sure sudoedit is not
1159 re-invoking itself or sudo. This allows one to set EDITOR to
1160 sudoedit without getting into an infinite loop of sudoedit
1161 running itself until the path gets too big.
1163 2008-09-13 20:45 millert
1165 * def_data.c, def_data.h, def_data.in, defaults.c, sudo.c: Add
1166 sudoers_locale Defaults option to override the default sudoers
1169 2008-09-13 14:09 millert
1171 * sudo.c: Set locale to system default except for during sudoers
1174 2008-09-12 09:34 millert
1176 * match.c: Redo change in 1.34 to use pointer arithmetic.
1178 2008-09-11 07:06 millert
1180 * match.c: Fix a dereference (read) of a freed pointer. Reported
1181 by Patrick Williams.
1183 2008-08-23 19:09 millert
1185 * sudo.c: Set locale to "C" to avoid interpretation issues with
1186 character ranges in sudoers. May want to make the locale a
1187 sudoers option in the future.
1189 2008-08-20 07:45 millert
1191 * config.h.in: we no longer use setproctitle
1193 2008-08-20 07:41 millert
1195 * sudo.h: remove #if 1
1197 2008-08-20 07:40 millert
1199 * LICENSE, mkstemp.c: Use my replacement mkstemp() from the mktemp
1202 2008-07-12 08:53 millert
1204 * gram.c: regen with yacc skeleton bug fixed
1206 2008-07-12 08:48 millert
1208 * sudoers.pod: Remove duplicate "as root". From Martin Toft.
1210 2008-07-02 06:27 millert
1212 * pwutil.c, sudo.c, testsudoers.c, sudo.h: Flesh out the fake
1213 passwd entry used for running commands as a uid not listed in the
1214 passwd database. Fixes an issue with some PAM modules.
1216 2008-07-01 07:57 millert
1218 * sudo.c: Error out in -i mode if the user has no shell. This can
1219 happen when running commands as a uid with no password entry.
1221 2008-06-26 07:49 millert
1223 * toke.c, toke.l: Better fix for line continuation inside double
1224 quotes. Now accepts whitespace between the backslash and the
1225 newline like the main lexer.
1227 2008-06-25 14:31 millert
1229 * toke.c, toke.l: Fix line continuation in strings. It was only
1230 being honored if preceded by whitespace.
1232 2008-06-22 16:19 millert
1234 * config.h.in, configure, configure.in, logging.c: Replace the
1235 double fork with a fork + daemonize.
1237 2008-06-21 14:59 millert
1239 * env.c, sudo.c: The -i flag should imply env_reset. This got
1240 broken in sudo 1.6.9.
1242 2008-06-20 20:34 millert
1244 * logging.c, sudo.c, sudo_edit.c, visudo.c: Change how the mailer
1245 is waited for. Instead of having a SIGCHLD handler, use the
1246 double fork trick to orphan the child that opens the pipe to
1247 sendmail. Fixes a problem running su on some Linux distros.
1249 2008-06-20 17:16 millert
1251 * configure, configure.in: Fix configure test for dirfd() on Linux
1252 where DIR is opaque.
1254 2008-06-17 17:42 millert
1256 * tgetpass.c: Get rid of the QNX TCSAFLUSH -> TCSADRAIN hack. If
1257 QNX still has this problem we'll need to revisit this again.
1259 2008-06-10 21:13 millert
1261 * logging.c: Ignore SIGPIPE instead of blocking it when piping to
1262 the mailer. If we only block the signal it may be delivered
1263 later when we unblock. Also, there is no need to block SIGCHLD
1264 since we no longer do the double fork. The normal SIGCHLD
1265 handler is sufficient.
1267 2008-06-08 17:37 millert
1269 * configure, configure.in: Add description for NO_PAM_SESSION, from
1272 2008-06-06 09:36 millert
1274 * sudo.cat, sudo.man.in, sudo.pod: Fix typos in -i usage
1276 2008-05-18 13:54 millert
1278 * configure, configure.in: Redo the test for dgettext() in a way
1279 that hopefully will work around the libintl_dgettext() undefined
1282 2008-05-11 09:21 millert
1284 * schema.ActiveDirectory: change filename in comment
1286 2008-05-10 09:18 millert
1288 * Makefile.in, README.LDAP, sudoers.ldap.cat, sudoers.ldap.man.in,
1289 sudoers.ldap.pod: Reference schema.ActiveDirectory
1291 2008-05-09 14:49 millert
1293 * schema.OpenLDAP, schema.iPlanet: Mark sudoRunAs as deprecated.
1295 2008-05-09 14:48 millert
1297 * schema.ActiveDirectory: add sudoRunAsUser and sudoRunAsGroup
1299 2008-05-09 14:01 millert
1301 * schema.ActiveDirectory: Active Directory schema by Chantal
1302 Paradis and Eric Paquet
1304 2008-05-08 17:54 millert
1306 * parse.c: remove an XXX that was fixed
1308 2008-05-08 12:53 millert
1312 2008-05-08 12:49 millert
1314 * parse.c: Initialize tags to UNSPEC instead of def_* in "sudo -l"
1315 mode. This fixes a problem where the tag value printed was
1316 influenced by defaults set in the first pass through the parser.
1318 2008-05-03 21:29 millert
1320 * Makefile.in, sudo.psf: No point in packaging the TODO file
1322 2008-05-03 21:24 millert
1326 2008-05-02 20:53 millert
1328 * WHATSNEW, def_data.c, def_data.h, def_data.in, env.c, sudo.c,
1329 sudo.h, sudoers.cat, sudoers.man.in, sudoers.pod: Add env_file
1330 Defaults option that is similar to /etc/environment on some
1333 2008-05-02 16:38 millert
1335 * Makefile.in, README, TODO, WHATSNEW, sudo.cat, sudo.man.in,
1336 sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in,
1337 sudoers.man.in, version.h, visudo.cat, visudo.man.in: change
1340 2008-05-02 16:37 millert
1342 * UPGRADE: initial valgrind pass done
1344 2008-04-23 08:30 millert
1346 * ldap.c: Fix typo/think in sudo_ldap_read_secret() when storing
1349 2008-04-11 10:03 millert
1351 * ldap.c: define LDAPS_PORT if the system headers do not
1353 2008-04-10 14:54 millert
1355 * gram.c, gram.y: Fix another memory leak in init_parser().
1357 2008-04-10 12:51 millert
1359 * configure, configure.in: There was a missing space before the
1360 ldap libs in SUDO_LIBS for some configurations.
1362 2008-04-10 11:28 millert
1364 * alias.c, gram.c, gram.y, toke.c, toke.l: Clean up some memory
1365 leaks pointed out by valgrind.
1367 2008-04-07 14:39 millert
1369 * sudo.c: fix "sudo -s" broken by mode/flags breakout
1371 2008-04-07 14:26 millert
1373 * configure, configure.in: remove duplicate check for dgettext
1375 2008-04-05 15:54 millert
1377 * aix.c: Fall back to default stanza if no user-specific limit is
1380 2008-04-02 15:56 millert
1382 * snprintf.c: include stdint.h if present
1384 2008-04-02 15:28 millert
1386 * snprintf.c: Use LLONG_MAX, not the old QUAD_MAX
1388 2008-04-01 19:18 millert
1390 * sudoers.ldap.pod: fix cut and pasto
1392 2008-03-31 11:24 millert
1394 * pwutil.c: Add #ifdef PURITY
1396 2008-03-30 17:36 millert
1398 * auth/bsdauth.c: remove useless cast
1400 2008-03-27 19:07 millert
1404 2008-03-27 19:04 millert
1408 2008-03-27 19:01 millert
1410 * sudo.h: Split MODE_* defines into primary and flags.
1412 2008-03-26 13:11 millert
1414 * aix.c: It turns out the logic for getting AIX limits is more
1415 convoluted than I realized and differs depending on whether the
1416 soft and/or hard limits are defined.
1418 2008-03-23 10:18 millert
1420 * Makefile.in, configure, configure.in: Back out AIX-specific
1421 change to set the sudo_noexec path to the .a file, we do really
1422 want to use the .so file. Since libtool doesn't do that
1423 correctly, just install the .so file ourselves in the Makefile.
1425 2008-03-23 10:12 millert
1427 * install-sh: If the file given to install is a path, only use the
1428 basename of the file when building the destination path.
1430 2008-03-18 16:08 millert
1432 * sudo.c: parse_args() cleanup: Sort command line options in the
1433 getopt() switch The -U option requires a parameter Normalize a
1434 few ISSET calls Split mode into mode and flags and retire the
1435 now-obsolete excl variable
1437 2008-03-18 16:04 millert
1439 * WHATSNEW, check.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
1440 sudo.pod, sudo_usage.h.in: Add -n (non-interactive) flag.
1442 2008-03-18 15:59 millert
1444 * sudo.c: Move version printing, etc. into a separate function.
1446 2008-03-18 15:57 millert
1448 * sudo.c: Don't try to cleanup nsswitch if it has not been
1451 2008-03-17 11:09 millert
1453 * logging.c: Block SIGPIPE in send_mail() so sudo is not killed by
1454 a problem executing the mailer.
1456 2008-03-14 08:11 millert
1458 * configure.in, configure: AIX shared libs end in .a, not .so.
1460 2008-03-13 07:34 millert
1462 * env.c: Preserve HOME by default too. Matches documentation and
1465 2008-03-12 19:42 millert
1467 * sudo.c: Use getopt() to parse the command line. We need to be
1468 able to intersperse env variables and options yet still honor
1469 "--"" which complicates things slightly.
1471 2008-03-06 14:46 millert
1475 2008-03-06 14:43 millert
1477 * acsite.m4, configure, ltmain.sh: update to libtool-1.5.26
1479 2008-03-06 14:32 millert
1481 * config.guess, config.sub: update from libtool-1.5.26 distribution
1483 2008-03-06 13:18 millert
1485 * aix.c, sudo.h: attempt to fix compilation errors on AIX
1487 2008-03-06 13:08 millert
1489 * Makefile.in: fix typo in last commit
1491 2008-03-06 13:07 millert
1493 * Makefile.in: Add WHATSNEW file to the distribution
1495 2008-03-06 12:43 millert
1497 * visudo.c: use warningx instead of fprintf(stderr, ...)
1499 2008-03-06 12:31 millert
1501 * list.c: add DEBUG to list2tq
1503 2008-03-06 12:28 millert
1505 * ChangeLog, TODO: sync
1507 2008-03-06 12:21 millert
1509 * WHATSNEW: mention mailfrom
1511 2008-03-06 12:19 millert
1513 * Makefile.in, config.h.in, configure, configure.in, set_perms.c,
1514 sudo.h, aix.c: Add aix_setlimits() to set resource limits on AIX
1515 using a combination of getuserattr() and setrlimit(). Currently
1518 2008-03-05 16:52 millert
1520 * def_data.c, def_data.h, def_data.in, logging.c, sudoers.cat,
1521 sudoers.pod, sudoers.man.in: Add mailfrom Defaults option that
1522 sets the value of the From: field in the warning/error mail. If
1523 unset the login name of the invoking user is used.
1525 2008-03-05 16:18 millert
1527 * defaults.c: store a copy of _PATH_SUDO_ASKPASS in def_askpass
1530 2008-03-05 15:19 millert
1532 * gram.c, gram.y: When adding a default, only call list2tq() once
1533 to do the list to tq conversion. It is not legal to call list2tq
1534 multiple times on the same list since list2tq consumes and
1535 modifies the list argument.
1537 2008-03-05 09:38 millert
1539 * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod: comment
1542 2008-03-05 09:36 millert
1544 * WHATSNEW: mention askpass
1546 2008-03-04 17:20 millert
1548 * sudo.c: Error out if both -A and -S are specified Error out if -A
1549 is specified but no askpass is configured
1551 2008-03-04 17:16 millert
1553 * configure, configure.in: we are not going to ship a sudo-specific
1556 2008-03-03 14:30 millert
1558 * sudo.h: fix definition of TGP_ASKPASS
1560 2008-03-03 13:54 millert
1562 * def_data.c, def_data.in: make askpass boolean-capable
1564 2008-03-03 13:53 millert
1566 * INSTALL: document --with-askpass
1568 2008-03-02 19:27 millert
1570 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in,
1571 sudoers.ldap.cat, visudo.cat: regen
1573 2008-03-02 17:31 millert
1575 * sudo.pod, sudo_usage.h.in, sudoers.pod: document -A and askpass
1577 2008-03-02 09:31 millert
1579 * check.c, configure, configure.in, def_data.c, def_data.h,
1580 def_data.in, defaults.c, pathnames.h.in, sudo.c, sudo.h,
1581 sudo_usage.h.in, tgetpass.c, auth/sudo_auth.c: Add support for
1582 running a helper program to read the password when no tty is
1583 present (or when specified with the -A flag). TODO: docs.
1585 2008-03-02 08:38 millert
1587 * def_data.c, def_data.in: add missing printf format to SELinux
1588 role and type strings
1590 2008-02-27 09:26 millert
1592 * INSTALL, configure, configure.in: Disable use of
1593 gss_krb5_ccache_name() by default and add
1594 --enable-gss-krb5-ccache-name configure option to enable it. It
1595 seems that gss_krb5_ccache_name() doesn't work properly with some
1596 combinations of Heimdal and OpenLDAP.
1598 2008-02-22 15:33 millert
1600 * selinux.c: Ignore setexeccon() failing in permissive mode. Also
1601 add a call to setkeycreatecon() (though this is probably
1602 insufficient). From Dan Walsh.
1604 2008-02-22 15:19 millert
1606 * auth/pam.c: Only set std_prompt for the PAM_PROMPT_* cases. The
1607 conversation function may be called for non-password reading
1608 purposes so we must be careful not to use def_prompt in cases
1609 where it may not be set.
1611 2008-02-20 12:00 millert
1613 * selinux.c: Don't free the new tty context, we need to keep it
1614 around when we restore the tty context after the command
1617 2008-02-19 16:04 millert
1619 * selinux.c: s/newrole/sudo/
1621 2008-02-19 13:21 millert
1623 * sudo.man.pl, sudo.pod: Only put login_cap(3) in SEE ALSO section
1624 if we have login.conf support
1626 2008-02-18 11:05 millert
1628 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
1629 sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
1632 2008-02-18 10:53 millert
1634 * Makefile.in, configure, configure.in, sudo.man.pl, sudo.pod,
1635 sudoers.man.pl, sudoers.pod: Substitute in comment characters for
1636 lines partaining to login.conf, BSD auth and SELinux and only
1637 enable them if pertinent.
1639 2008-02-18 10:42 millert
1641 * Makefile.in, sudo.pod, sudoers.ldap.pod, sudoers.pod, visudo.pod:
1642 Remove the =cut on the first line (above the copyright notice) to
1643 quiet pod2man. Also remove the hackery in the FILES section and
1644 just deal with the fact that there will a newline between each
1647 2008-02-17 08:19 millert
1649 * Makefile.in: run sudo.man.pl when generating sudo.man.in
1651 2008-02-17 08:11 millert
1653 * configure, configure.in, sudo.man.pl: comment out SELinux manual
1654 bits unless --with-selinux was specified
1656 2008-02-17 08:04 millert
1658 * sudoers.pod: document role and type defaults for SELinux
1660 2008-02-16 20:26 millert
1662 * sudo.c, sudo.cat, sudo.man.in, sudo.pod, sudo_usage.h.in:
1663 Document "sudo -ll" and make "sudo -l -l" be equivalent.
1665 2008-02-15 15:23 millert
1667 * configure.in, configure: Treat k*bsd*-gnu like Linux, not BSD.
1668 Fixes compilation problems on Debian GNU/kFreeBSD.
1670 2008-02-13 17:17 millert
1672 * auth/kerb5.c: Avoid Heimdal'isms introduced in the rev 1.32
1673 rewrite of verify_krb_v5_tgt()
1675 2008-02-13 07:28 millert
1677 * logging.c, logging.h, sudo.c: Remove dependence on
1678 VALIDATE_NOT_OK in logging functions. Split log_auth() into
1679 log_allowed() and log_denial() Replace mail_auth() with
1680 should_mail() and a call to send_mail()
1682 2008-02-10 18:06 millert
1684 * ldap.c: Add debugging so we can tell if the krb5 ccache is
1687 2008-02-10 17:34 millert
1689 * INSTALL: mention --with-selinux
1691 2008-02-09 09:48 millert
1695 2008-02-09 09:43 millert
1697 * selinux.c: add Sudo tag
1699 2008-02-09 09:30 millert
1701 * Makefile.in, config.h.in, configure.in, def_data.c, def_data.h,
1702 def_data.in, gram.c, gram.h, gram.y, ldap.c, parse.c, parse.h,
1703 pathnames.h.in, selinux.c, sesh.c, sudo.c, sudo.cat, sudo.h,
1704 sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.ldap.cat,
1705 sudoers.ldap.man.in, sudoers.ldap.pod, testsudoers.c, toke.c,
1706 toke.l: Add support for SELinux RBAC. Sudoers entries may
1707 specify a role and type. There are also role and type defaults
1708 that may be used. To make sure a transition occurs, when using
1709 RBAC commands are executed via the new sesh binary. Based on
1710 initial changes from Dan Walsh.
1712 2008-02-08 08:18 millert
1714 * lbuf.c, ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.c: Add long
1715 list (sudo -ll) support for printing verbose LDAP and sudoers
1716 file entries. Still need to update manual.
1718 2008-02-03 10:43 millert
1720 * ldap.c, parse.c, sudo.h, sudo_nss.c, sudo_nss.h: Unify the -l
1721 output for file and ldap based sudoers and use lbufs for both.
1722 The ldap output does not currently include options that cannot be
1723 represented as tags. This will be remedied in a long list output
1726 2008-01-27 16:37 millert
1728 * set_perms.c: Use a specific error message for errno == EAGAIN
1729 when setuid() et al fails. On Linux systems setuid() will fail
1730 with errno set to EAGAIN if changing to the new uid would result
1731 in a resource limit violation.
1733 2008-01-27 16:34 millert
1735 * sudo.c: Unlimit nproc on Linux systems where calling the setuid()
1736 family of syscalls causes the nroc resource limit to be checked.
1737 The limits will be reset by pam_limits.so when PAM is used. In
1738 the non-PAM case the nproc limit will remain unlimited but there
1739 doesn't seem to be a way around that other than having sudo parse
1740 /etc/security/limits.conf directly.
1742 2008-01-27 16:31 millert
1744 * env.c, sudo.c, sudo.pod: Only read /etc/environment on Linux and
1747 2008-01-23 06:33 millert
1749 * configure, configure.in: Use SUDO_DEFINE_UNQUOTED instead of
1750 AC_DEFINE_UNQUOTED to prevent ldap.conf and ldap.secret paths
1751 from going into config.h. Avoid single quotes in variable
1752 expansion when using SUDO_DEFINE_UNQUOTED since in some versions
1753 of bash they will end up literally in the resulting define.
1755 2008-01-21 13:22 millert
1757 * README.LDAP: mention --with-nsswitch=no
1759 2008-01-21 11:43 millert
1761 * configure, configure.in: ldap_ssl.h depends on ldap.h being
1764 2008-01-21 11:07 millert
1766 * configure, configure.in, ldap.c, config.h.in: Include ldap_ssl.h
1767 if we can find it. Needed for the ldapssl_set_strength defines
1770 2008-01-21 10:02 millert
1772 * TODO, sudoers.ldap.pod: sync
1774 2008-01-21 10:01 millert
1776 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
1777 sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
1780 2008-01-21 10:00 millert
1782 * Makefile.in: Use 78n line length when formatting cat pages.
1784 2008-01-21 09:50 millert
1786 * README.LDAP: Remove redundant info that is now in
1789 2008-01-20 16:18 millert
1791 * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
1792 Reorganize the first section a bit. Substitute the proper path
1795 2008-01-20 10:17 millert
1797 * sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
1798 Substitute values for ldap.conf, ldap.secret and nsswitch.conf
1799 Move schema into EXAMPLES
1801 2008-01-20 10:15 millert
1803 * configure.in, configure: Substitute values for ldap.conf,
1804 ldap.secret and nsswitch.conf into sudoers.ldap.man.
1806 2008-01-19 20:35 millert
1808 * configure, configure.in: substitute for sudoers.ldap.man
1810 2008-01-19 20:34 millert
1812 * Makefile.in: Fix cut & pasto introduced when adding sudoers.ldap
1815 2008-01-19 20:25 millert
1817 * sudoers.ldap.pod, sudoers.ldap.cat, sudoers.ldap.man.in: Fill in
1818 some of the missing pieces. Still needs some reorganization and
1821 2008-01-19 15:06 millert
1823 * Makefile.in, sudoers.ldap.cat, sudoers.ldap.man.in,
1824 sudoers.ldap.pod: Beginnings of a sudoers.ldap man page.
1825 Currently, much of the information is adapted from README.LDAP.
1827 2008-01-18 17:32 millert
1829 * pwutil.c: When copying gr_mem we must guarantee that the storage
1830 space for gr_mem is properly aligned. The simplest way to do
1831 this is to simply store gr_mem directly after struct group. This
1832 is not a problem for gr_passwd or gr_name as they are simple
1835 2008-01-18 16:47 millert
1837 * ldap.c: Fix a typo/thinko in one of the calls to
1838 sudo_ldap_check_user_netgroup(). From Marco van Wieringen.
1840 2008-01-17 15:44 millert
1842 * config.h.in, configure, configure.in, ldap.c: include
1843 <mps/ldap_ssl.h> in ldap.c if available
1845 2008-01-16 18:20 millert
1847 * gram.c, gram.y: Make sure we define SIZE_MAX for yacc's
1850 2008-01-16 13:03 millert
1852 * tgetpass.c: Use TCSAFLUSH when restoring terminal settings (and
1853 echo) to guarantee that any pending output is discarded
1855 2008-01-15 17:18 millert
1857 * sudoers: no longer need to specify SETENV when user has sudo ALL
1859 2008-01-15 09:40 millert
1861 * testsudoers.c: sync user_args size calculation with sudo.c Add -g
1862 group option, renaming old -g to -G Add set_runasgr() and
1863 set_runaspw() and use them
1865 2008-01-15 09:23 millert
1867 * sudo.h, sudo.c: Make set_runaspw static void
1869 2008-01-15 09:17 millert
1871 * testsudoers.c, visudo.c: g/c set_runaspw stub
1873 2008-01-15 07:28 millert
1875 * configure, configure.in: Don't add -llber twice.
1877 2008-01-14 06:40 millert
1881 2008-01-13 15:39 millert
1885 2008-01-13 14:57 millert
1887 * configure, configure.in: Fix check that determines whether -llber
1890 2008-01-13 14:22 millert
1892 * config.h.in, configure, configure.in, README.LDAP, ldap.c: For
1893 netscape-based LDAP, use ldapssl_set_strength() to implement the
1894 checkpeer ldap.conf option.
1896 2008-01-13 09:49 millert
1898 * auth/kerb5.c: Delay krb5_cc_initialize() until we actually need
1899 to use the cred cache, which is what krb5_verify_user() does.
1900 Better cleanup on failure.
1902 2008-01-12 12:40 millert
1904 * auth/kerb5.c: Rewrite verify_krb_v5_tgt() based on what heimdal's
1905 krb5_verify_user() does.
1907 2008-01-09 14:58 millert
1909 * gram.c: The U suffix on constants is an ANSI feature
1911 2008-01-09 12:08 millert
1913 * configure.in, configure: Add check for ber_set_option() in -llber
1915 2008-01-06 19:02 millert
1917 * README.LDAP: default if no nsswitch.conf is files only
1919 2008-01-06 17:28 millert
1921 * README.LDAP: don't tell people to mail aaron about LDAP stuff
1923 2008-01-06 12:32 millert
1925 * README.LDAP: timelimit and bind_timelimit
1927 2008-01-06 08:54 millert
1931 2008-01-06 07:56 millert
1933 * ldap.c: Move ldap.secret reading into a separate function.
1935 2008-01-05 19:09 millert
1937 * check.c: user_runas -> runas_pw
1939 2008-01-05 18:59 millert
1943 2008-01-05 18:59 millert
1945 * check.c, sudo.pod, sudoers.pod: Add and document the %p escape in
1946 the password prompt. Based on a patch from Patrick Schoenfeld.
1948 2008-01-05 18:25 millert
1950 * ldap.c: Check strlcpy() return values.
1952 2008-01-05 18:12 millert
1954 * ldap.c: refactor ldap binding code into sudo_ldap_bind_s()
1956 2008-01-05 16:35 millert
1958 * README.LDAP: Make it clear that host and uri can take multiple
1959 parameters. URI is now supported for more than just openldap
1960 nsswitch.conf does't accept "compat"
1962 2008-01-05 16:27 millert
1964 * sudo.c: comment cleanup and update (c) year
1966 2008-01-05 16:25 millert
1968 * parse.c, sudo_nss.c: Move display_privs() and display_cmnd() from
1969 parse.c to sudo_nss.c. This should make it possible to build an
1970 LDAP-only sudo binary.
1972 2008-01-05 13:27 millert
1974 * ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.h: Improve chaining of
1975 multiple sudoers sources by passing in the previous return value
1976 to the next in the chain
1978 2008-01-05 13:26 millert
1980 * gram.y: Free up parser data structures in sudo_file_close().
1982 2008-01-05 08:13 millert
1984 * gram.c, parse.c: Free up parser data structures in
1987 2008-01-05 07:59 millert
1989 * ldap.c: Parse uri ourself if no ldap_initialize() is present Use
1990 ldap_create() instead of deprecated ldap_init() Use
1991 ldap_sasl_bind_s() instead of deprecated ldap_simple_bind_s()
1993 2008-01-05 07:56 millert
1995 * config.h.in, configure, configure.in: Add check for
1996 ldap_sasl_bind_s() Remove -DLDAP_DEPRECATED from CFLAGS
1998 2008-01-04 09:56 millert
2000 * configure.in, configure, config.h.in: add check for ldap_create
2002 2008-01-03 16:11 millert
2004 * config.h.in, configure, configure.in, ldap.c: Add
2005 sudo_ldap_get_first_rdn() to return the first rdn of an entry's
2006 dn using the mechanism appropriate for the LDAP SDK in use. Use
2007 ldap_unbind_ext_s() instead of deprecated ldap_unbind_s().
2008 Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's
2011 2008-01-03 16:02 millert
2013 * lbuf.c: include unistd.h
2015 2008-01-03 11:05 millert
2017 * config.h.in, configure.in: fix typo in mtim_getnsec
2019 2008-01-02 15:29 millert
2021 * config.h.in, configure.in, configure: add check for st__tim in
2022 struct stat as used by SCO
2024 2008-01-02 11:05 millert
2026 * ldap.c: use ldap_search_ext_s instead of deprecated ldap_search_s
2028 2008-01-02 10:09 millert
2030 * Makefile.in, TODO, sudo.cat, sudo.man.in: add sudo_nss.h to HDRS
2032 2008-01-01 19:04 millert
2034 * ldap.c: Replace deprecated ldap_explode_dn() with calls to
2035 ldap_str2dn() and ldap_rdn2str().
2037 2008-01-01 18:37 millert
2039 * ldap.c: Use ldap_get_values_len()/ldap_value_free_len() instead
2040 of the deprecated ldap_get_values()/ldap_value_free().
2042 2008-01-01 17:07 millert
2044 * TODO, ChangeLog: sync
2046 2008-01-01 17:06 millert
2048 * gettime.c, sudo.c: Remove some already fixed XXXs
2050 2008-01-01 17:03 millert
2052 * ldap.c: Same return value as non-existent sudoers if LDAP was
2055 2008-01-01 16:52 millert
2057 * sudo.pod: mention /etc/environment
2059 2008-01-01 16:42 millert
2061 * UPGRADE, WHATSNEW, README.LDAP: Update to reflect recent
2064 2008-01-01 16:42 millert
2066 * sudo.c: Print nsswitch.conf, ldap.conf and ldap.secret paths in
2069 2008-01-01 16:25 millert
2071 * ldap.c: When building up a query don't list groups in the aux
2072 group vector that are the same as the passwd file group. On most
2073 systems the first gid in the group vector is the same as the
2076 2008-01-01 14:01 millert
2078 * env.c, ldap.c: Define LDAPNOINIT before calling ldap_init(), etc.
2079 to disable user ldaprc and system defaults that could affect how
2082 2008-01-01 13:21 millert
2084 * INSTALL, configure, configure.in, pathnames.h.in, sudo.c,
2085 sudo_nss.c, sudo_nss.h: Rename read_nss -> sudo_read_nss Add
2086 --with-nsswitch to allow users to specify nsswitch.conf path or
2087 disable it. If --with-nsswitch=no but --with-ldap, order is
2088 LDAP, then sudoers. Fix --with-ldap-conf-file and
2089 --with-ldap-secret-file
2091 2008-01-01 13:12 millert
2093 * parse.c: Honor def_ignore_local_sudoers
2095 2007-12-31 16:44 millert
2097 * ldap.c: no longer need to check def_ignore_local_sudoers here
2099 2007-12-31 16:36 millert
2101 * parse.c: Refactor group vector resetting into a function and also
2102 call it from display_cmnd. Stop after the first sucessful match
2103 in display_cmnd. Print a newline between each display_privs
2106 2007-12-31 16:23 millert
2108 * parse.c: fix double free introduced in rev 1.218
2110 2007-12-31 16:10 millert
2112 * ldap.c: belt and suspenders; zero out result after freeing it
2114 2007-12-31 15:04 millert
2116 * env.c, fileops.c, ldap.c, sudo.h, sudo_nss.c: Refactor line
2117 reading into a separate function, sudo_parseln(), which removes
2118 comments, leading/trailing whitespace and newlines. May want to
2119 rethink the use of sudo_parseln() for /etc/ldap.secret
2121 2007-12-31 14:26 millert
2123 * parse.c, sudo.c: Make the inability to read the sudoers file a
2124 non-fatal error if there are other sudoers sources available.
2125 sudoers_file_lookup now returns "not OK" if sudoers was not
2128 2007-12-31 14:24 millert
2130 * ldap.c: make it clear that the global options are from LDAP
2132 2007-12-31 14:13 millert
2134 * logging.c: allocate proper amount of space for error string
2136 2007-12-31 10:24 millert
2138 * sudo_nss.c, sudo_nss.h: actual sudo nss code
2140 2007-12-31 10:08 millert
2142 * ldap.c, parse.c, sudo.c, sudo.h: nss-ify display_privs and
2145 2007-12-31 07:54 millert
2147 * defaults.c, parse.c, testsudoers.c, visudo.c: move
2148 update_defaults() to parse.c
2150 2007-12-31 07:39 millert
2152 * Makefile.in, ldap.c, list.c, parse.c, parse.h, sudo.c, sudo.h:
2153 Use nsswitch to hide some sudoers vs. ldap implementation details
2154 and reduce the number of #ifdef LDAP TODO: fix display routines
2157 2007-12-28 11:20 millert
2159 * Makefile.in, README.LDAP, ldap.c, pathnames.h.in, sudo.c, sudo.h:
2160 First cut at nsswitch.conf support. Further reorganizaton and
2161 related changes are forthcoming.
2163 2007-12-21 16:53 millert
2165 * env.c, pathnames.h.in, sudo.c, sudo.h: Add support for reading
2166 and /etc/environment file. Still needs to be documented and
2167 should probably only applies to OSes that have it (AIX and Linux,
2170 2007-12-21 16:20 millert
2172 * ldap.c: include limits.h
2174 2007-12-20 10:02 millert
2176 * WHATSNEW: reword LDAP SASL
2178 2007-12-19 16:40 millert
2182 2007-12-19 16:39 millert
2184 * README.LDAP: Add an example sudoRole, clarify netscape vs.
2187 2007-12-19 14:42 millert
2189 * README.LDAP: Be clear on what is OpenLDAP vs. Netscape-derived
2191 2007-12-19 14:28 millert
2193 * config.h.in, configure, configure.in, ldap.c: Use ldapssl_init()
2194 for ldaps support instead of trying to do it manually with
2195 ldap_init() + ldapssl_install_routines(). Use tls_cert and
2196 tls_key for cert7.db and key3.db respectively. Don't print
2197 debugging info for options that are not set. Add warning if
2198 start_tls specified when not supported.
2200 2007-12-19 14:25 millert
2202 * ldap.c: fix compilation on solaris
2204 2007-12-19 14:23 millert
2206 * Makefile.in: add missing .h and .c files for missing lib objs
2208 2007-12-18 09:54 millert
2210 * ldap.c: fix LDAP_OPT_NETWORK_TIMEOUT setting
2212 2007-12-17 20:10 millert
2214 * ldap.c: fix compilation on Solaris
2216 2007-12-17 10:14 millert
2218 * configure, configure.in: fix typo
2220 2007-12-17 08:08 millert
2222 * README.LDAP: try to clear up which variables are for OpenLDAP and
2223 which are for netscape-derived SDKs
2225 2007-12-17 07:31 millert
2227 * config.h.in, configure, configure.in, ldap.c: Add support for
2228 "ssl on" in both netscape and openldap flavors. Only the
2229 OpenLDAP flavor has been tested.
2231 2007-12-17 07:28 millert
2233 * logging.c, sudo.c, sudo.h: Call cleanup() before exit in
2234 log_error() instead of calling sudo_ldap_close() directly.
2235 ldap_conn can now be static to sudo.c
2237 2007-12-16 20:02 millert
2239 * sudo.c: ld -> ldap_conn
2241 2007-12-16 14:42 millert
2243 * logging.c, sudo.c, sudo.h: Better ldap cleanup.
2245 2007-12-16 14:08 millert
2247 * ldap.c: Distinguish between LDAP conf settings that are
2248 connection-specific (which take an ld pointer) and those that are
2249 default settings (which do not).
2251 2007-12-14 16:46 millert
2253 * ldap.c: Improved warnings on error.
2255 2007-12-14 15:59 millert
2257 * ldap.c: Make ldap config table driven and set the config *after*
2258 we open the connection.
2260 2007-12-13 16:41 millert
2262 * ldap.c: fix LDAP_OPT_X_CONNECT_TIMEOUT compat define
2264 2007-12-13 09:13 millert
2266 * configure, configure.in: some operating systems need to link with
2267 -lkrb5support when using krb5
2269 2007-12-10 17:12 millert
2271 * WHATSNEW: minor update
2273 2007-12-10 10:56 millert
2275 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
2277 2007-12-07 19:17 millert
2279 * TODO, ChangeLog: sync
2281 2007-12-07 19:09 millert
2283 * ldap.c, schema.OpenLDAP, schema.iPlanet, sudoers2ldif: add -g
2286 2007-12-03 11:36 millert
2288 * WHATSNEW, sudo.c, sudo.pod, sudo_usage.h.in: The -i and -s flags
2289 can now take an optional command.
2291 2007-12-02 12:13 millert
2293 * def_data.c, def_data.h, def_data.in, sudo.c, sudo.pod,
2294 sudoers.pod, auth/pam.c: Add passprompt_override flag to sudoers
2295 that will cause the prompt to be overridden in all cases. This
2296 flag is also set when the user specifies the -p flag.
2298 2007-12-01 19:51 millert
2300 * sudo.c: Move setting of login class until after sudoers has been
2301 parsed. Set NewArgv[0] for -i after runas_pw has been set.
2303 2007-12-01 19:34 millert
2305 * configure, configure.in: Move the dgettext check.
2307 2007-12-01 11:22 millert
2309 * config.h.in, configure, configure.in, auth/pam.c: Add basic
2310 support for looking up the string "Password: " in the PAM
2311 localized text db. This allows us to determine whether the PAM
2312 prompt is the default "Password: " one even if it has been
2315 TODO: concatenate non-std PAM prompts and user-specified sudo
2318 2007-11-27 18:40 millert
2320 * Makefile.in, config.h.in, configure.in, parse.c, set_perms.c,
2321 sudo.c, configure, sudo.h: Use AC_FUNC_GETGROUPS instead of a
2322 home-grown attempt that was insufficient.
2324 2007-11-27 12:13 millert
2326 * configure, acsite.m4, interfaces.c, memrchr.c: Fix typos;
2329 2007-11-25 19:26 millert
2331 * set_perms.c: Don't assume runas_pw is set; it may not be in the
2334 2007-11-25 08:07 millert
2336 * logging.c, set_perms.c: Set aux group vector for PERM_RUNAS and
2337 restore group vector for PERM_ROOT if we previously changed it.
2338 Stash the runas group vector so we don't have to call initgroups
2339 more than once. Also add no-op check to check_perms.
2341 2007-11-21 15:11 millert
2343 * WHATSNEW, check.c, def_data.in, defaults.c, gram.c, gram.h,
2344 gram.y, ldap.c, logging.c, match.c, mon_systrace.c, parse.c,
2345 parse.h, pwutil.c, set_perms.c, sudo.c, sudo.cat, sudo.h,
2346 sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.cat,
2347 sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, visudo.c,
2348 visudo.cat, visudo.man.in: Add support for runas groups. This
2349 allows the user to run a command with a different effective
2350 group. If the -g option is specified without -u the command will
2351 be run as the current user (only the group will change). the -g
2352 and -u options may be used together. TODO: implement runas group
2353 for ldap improve runas group documentation add
2356 2007-11-21 15:02 millert
2358 * configure, configure.in: fix setting of mandir
2360 2007-11-21 14:26 millert
2362 * sudo.pod, sudoers.pod: document that ALL implies SETENV
2364 2007-11-21 13:50 millert
2366 * ldap.c: s/setenv_ok/setenv_implied/g
2368 2007-11-21 13:44 millert
2370 * ldap.c: hostname_matches() returns TRUE on match in sudo 1.7.
2372 2007-11-21 13:26 millert
2374 * ldap.c: use strcmp, not strcasecmp when comparing ALL
2376 2007-11-21 11:41 millert
2378 * ldap.c: Make sudo ALL imply setenv. Note that unlike with
2379 file-based sudoers this does affect all the commands in the
2382 2007-11-21 11:05 millert
2384 * gram.c, gram.y, parse.c, parse.h: sudo "ALL" now implies the
2385 SETENV tag but, unlike an explicit tag, it is not passed on to
2386 other commands in the list.
2388 2007-11-21 11:02 millert
2390 * visudo.c: Add missing sudo_setpwent() and sudo_setgrent() calls.
2391 Also use sudo_getpwuid() instead of getpwuid().
2393 2007-11-15 11:16 millert
2395 * sudoers: Expand on the dangers of not using visudo to edit
2398 2007-11-08 07:24 millert
2400 * parse.c: Don't quote *?[]! on output since the lexer does not
2401 strip off the backslash when reading those in.
2403 2007-11-07 13:16 millert
2405 * glob.c: expand "u_foo" types to "unsigned foo" to avoid
2406 compatibility issues.
2408 2007-11-04 08:33 millert
2410 * logging.c: Refactor log line generation in to new_logline().
2412 2007-10-25 09:23 millert
2414 * TROUBLESHOOTING: fix typo
2416 2007-10-24 12:41 millert
2418 * config.h.in, configure, configure.in, interfaces.c, interfaces.h,
2419 match.c: Add configure check for struct in6_addr instead of
2420 relying on AF_INET6 since some systems define AF_INET6 but do not
2421 include IPv6 support.
2423 2007-10-21 09:29 millert
2425 * configure, configure.in: Fix block to add -lutil for FreeBSD and
2426 NetBSD when logincap is in use.
2428 2007-10-19 22:28 millert
2430 * configure, configure.in: POSIX states that struct timespec be
2431 declared in time.h so check there regardless of the value of
2434 2007-10-17 11:37 millert
2436 * tgetpass.c: Instead of defining a macro to call the appropriate
2437 method for turning on/off echo, just define tc[gs]etattr() and
2438 the related defines that use the correct terminal ioctls if
2439 needed. Also go back to using TCSAFLUSH instead of TCSADRAIN on
2442 2007-10-08 20:18 millert
2444 * Makefile.in: g/c @ALLOCA@
2446 2007-10-08 20:07 millert
2450 2007-10-08 20:04 millert
2452 * INSTALL, config.h.in, configure.in, auth/pam.c: Add
2453 --disable-pam-session configure option to disable calling
2454 pam_{open,close}_session. May work around bugs in some PAM
2457 2007-10-08 12:00 millert
2459 * tgetpass.c: quiet gcc warnings
2461 2007-10-08 08:41 millert
2463 * tgetpass.c: Avoid printing the prompt if we are already
2464 backgrounded. E.g. if the user runs "sudo foo &" from the shell.
2465 In this case, the call to tcsetattr() will cause SIGTTOU to be
2468 2007-09-15 16:07 millert
2470 * def_data.c, def_data.h, def_data.in: Reorder things such that the
2471 definition of env_reset come right before the env variable lists.
2473 2007-09-15 07:50 millert
2475 * parse.h: Shrink type and seqno in struct alias from int to
2478 2007-09-15 07:24 millert
2480 * alias.c, match.c, parse.c, parse.h: Add a sequence number in the
2481 aliases for loop detection. If we find an alias with the seqno
2482 already set to the current (global) value we know we've visited
2483 it before so ignore it.
2485 2007-09-13 19:05 millert
2487 * TODO, sudo.c, sudo.h, auth/pam.c: PAM wants the full tty path so
2488 add user_ttypath which holds the full path to the tty or is NULL
2489 if no tty was present.
2491 2007-09-13 18:42 millert
2493 * auth/pam.c: Set PAM_RHOST to work around a bug in Solaris 7 and
2494 lower that results in a segv.
2496 2007-09-11 15:43 millert
2500 2007-09-11 15:42 millert
2502 * alias.c, defaults.c, gram.y, list.c, list.h, match.c, parse.c,
2503 parse.h, testsudoers.c, visudo.c: rename lh_ -> tq_
2505 2007-09-10 17:33 millert
2507 * alloc.c: remove some useless casts
2509 2007-09-10 17:32 millert
2511 * alloc.c: pull in inttypes.h for SIZE_MAX; we avoid stdint.h since
2512 inttypes.h predates the final C99 spec and the standard specifies
2513 that it shall include stdint.h anyway
2515 2007-09-06 12:39 millert
2517 * Makefile.in, alloca.c, configure.in: Since we ship with a
2518 pre-generated parser there is no need to ship a bogus alloca
2521 2007-09-06 12:22 millert
2525 2007-09-06 12:19 millert
2527 * configure.in: remove initial setting of CHECKSIA, we require that
2528 it be unset if not used
2530 2007-09-06 11:55 millert
2532 * Makefile.in: add list.c to SRCS
2534 2007-09-06 07:18 millert
2538 2007-09-06 07:17 millert
2540 * configure.in: only do SIA checks on Digital Unix
2542 2007-09-05 18:50 millert
2544 * sudoers.cat, sudoers.man.in: regen
2546 2007-09-05 18:48 millert
2548 * ChangeLog, TODO: sync
2550 2007-09-05 18:39 millert
2552 * auth/kerb5.c: Remove call to krb5_cc_register() as it is not
2553 needed for modern kerb5.
2555 2007-09-05 18:16 millert
2559 2007-09-05 18:16 millert
2561 * configure.in, aclocal.m4: New method for setting the default
2562 authentication type and avoiding conflicts in auth types.
2564 2007-09-05 14:45 millert
2566 * match.c, parse.c, testsudoers.c: Each entry in a cmndlist now has
2567 an associated runaslist so no need to keep track of the most
2568 recent non-NULL one.
2570 2007-09-04 18:51 millert
2572 * ldap.c: back out partial ldaps support mistakenly committed
2574 2007-09-04 10:57 millert
2576 * ldap.c: Add support for unix groups and netgroups in sudoRunas
2578 2007-09-03 16:28 millert
2580 * sudo_edit.c: Fix sudoedit of a non-existent file. From Tilo
2583 2007-09-02 17:05 millert
2587 2007-09-02 17:05 millert
2589 * INSTALL: update --passprompt escape info
2591 2007-09-02 17:03 millert
2593 * configure.in: remove now-bogus comment and update copyright date
2595 2007-09-02 16:35 millert
2597 * configure.in: Fix up use of with_passwd
2599 2007-09-02 16:25 millert
2601 * acsite.m4, config.guess, config.sub, configure.in, ltmain.sh:
2602 Update to autoconf-2.61 andf libtool-1.5.24
2604 2007-09-02 16:17 millert
2606 * Makefile.in: "cmp -s" not just cmp Add @datarootdir@ to quiet
2609 2007-09-01 17:39 millert
2613 2007-09-01 17:39 millert
2615 * gram.y: move tags and runaslist propagation to be earlier
2617 2007-09-01 09:34 millert
2619 * visudo.c: If -f flag given use the permissions of the original
2622 2007-09-01 08:45 millert
2624 * gram.y: prevent a double free() when re-initing the parser
2626 2007-08-31 19:30 millert
2630 2007-08-31 19:30 millert
2632 * aclocal.m4, alias.c, alloc.c, config.h.in, configure.in, env.c,
2633 ldap.c, list.c, list.h, memrchr.c, parse.c, parse.h, pwutil.c,
2634 redblack.c, redblack.h, snprintf.c, sudo.c, sudo.h,
2635 testsudoers.c, visudo.c, zero_bytes.c, auth/API, auth/afs.c,
2636 auth/bsdauth.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
2637 auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h:
2638 Remove support for compilers that don't support void *
2640 2007-08-31 19:14 millert
2644 2007-08-31 19:13 millert
2646 * Makefile.in, alias.c, defaults.c, gram.y, list.c, list.h,
2647 match.c, parse.c, parse.h, testsudoers.c, visudo.c: Move list
2648 manipulation macros to list.h and create C versions of the more
2649 complex ones in list.c. The names have been down-cased so they
2650 appear more like normal functions.
2652 2007-08-31 17:21 millert
2654 * Makefile.in: Fix cmp command when regenerating parser. Make
2655 gram.o the first dependency for all programs so gram.h will be
2656 generated before anything that needs it.
2658 2007-08-31 13:56 millert
2660 * parse.h, gram.y: Convert NEW_DEFAULT anf NEW_MEMBER into static
2663 2007-08-30 21:21 millert
2665 * match.c, parse.c, testsudoers.c: Use LH_FOREACH_REV when checking
2666 permission and short-circuit on the first non-UNSPEC hit we get
2667 for the command. This means that instead of cycling through the
2668 all the parsed sudoers entries we start at the end and work
2669 backwards and quit after the first positive or negative match.
2671 2007-08-30 21:13 millert
2675 2007-08-30 21:12 millert
2677 * defaults.c, gram.y, parse.c, parse.h, testsudoers.c, visudo.c:
2678 Change list head macros to take a pointer, not a struct.
2680 2007-08-30 20:46 millert
2684 2007-08-30 20:46 millert
2686 * gram.y: Propagate the runasspec from one command to the next in a
2689 2007-08-30 16:15 millert
2691 * match.c: Replace has_meta() with a macro that calls strpbrk().
2693 2007-08-30 16:04 millert
2697 2007-08-30 13:26 millert
2699 * alias.c, defaults.c, gram.y, match.c, parse.c, parse.h,
2700 testsudoers.c, visudo.c: Use a list head struct when storing the
2701 semi-circular lists and convert to tail queues in the process.
2702 This will allow us to reverse foreach loops more easily and it
2703 makes it clearer which functions expect a list as opposed to a
2706 Add macros for manipulating lists. Some of these should become
2709 When freeing up a list, just pop off the last item in the queue
2710 instead of going from head to tail. This is simpler since we
2711 don't have to stash a pointer to the next member, we always just
2712 use the last one in the queue until the queue is empty.
2714 Rename match functions that take a list to have list in the name.
2715 Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
2717 2007-08-30 13:12 millert
2719 * parse.c: Fix pasto, append "!" not negated (which is an int) for
2722 2007-08-30 12:45 millert
2724 * Makefile.in: Remove the dependency of gram .h on gram.y, the .c
2725 dependency is enough. Only move y.tab.h to gram.h if it is
2726 different; avoids needless rebuilding.
2728 2007-08-27 15:51 millert
2730 * sudoers.pod: Defaults lines may be associated with lists of
2731 users, hosts, commands and runas users, not just single entries.
2733 2007-08-26 17:42 millert
2735 * Makefile.in: Revert the "cmp" portion of the last diff, it
2738 2007-08-26 17:10 millert
2740 * Makefile.in: Remove *.lo for clean: When generating the parser,
2741 only move the generated files into place if they differ from the
2744 2007-08-24 22:47 millert
2746 * toke.c, toke.l: Replace IPV6 regexp with a much simpler
2747 (readable) one and add an extra check when it matches to make
2748 sure we have a valid address.
2750 2007-08-24 22:36 millert
2752 * match.c: Fix thinko introduced when merging IPV6 support.
2754 2007-08-24 14:23 millert
2756 * HISTORY, LICENSE: regen
2758 2007-08-24 14:23 millert
2760 * license.pod: add 2007
2762 2007-08-24 14:19 millert
2764 * UPGRADE: mention #uid vs. comment pitfall
2766 2007-08-24 09:50 millert
2768 * acsite.m4: Merge in a patch from the libtool cvs that fixes a
2769 problem with the latest autoconf. From Stepan Kasal.
2771 2007-08-23 20:28 millert
2773 * parse.h: Back out he XOR swap trick, it is slower than a temp
2774 variable on modern CPUs.
2776 2007-08-23 20:14 millert
2780 2007-08-23 20:14 millert
2782 * gram.y, parse.h: Convert the tail queue to a semi-circle queue
2783 and use the XOR swap trick to swap the prev pointers during
2786 2007-08-23 15:31 millert
2788 * parse.h: remove useless statement
2790 2007-08-23 07:47 millert
2792 * toke.c, toke.l: Refactor #include parsing into a separate
2793 function and return unparsed chars (such as newline or comment)
2796 2007-08-22 18:56 millert
2798 * WHATSNEW: mention better uid support
2800 2007-08-22 18:55 millert
2802 * sudoers.pod: Users may now consist of a uid.
2804 2007-08-22 18:39 millert
2806 * gram.c, gram.h, toke.c: regen
2808 2007-08-22 18:32 millert
2810 * parse.c: Use lbuf_append_quoted() for sudo -l output to quote
2811 characters that would require quoting in sudoers.
2813 2007-08-22 18:31 millert
2815 * lbuf.c, lbuf.h: Add lbuf_append_quoted() which takes a set of
2816 characters which should be quoted with a backslash when
2819 2007-08-22 18:28 millert
2821 * toke.l: Require that the first character after a comment not be a
2822 digit or a dash. This allows us to remove the GOTRUNAS state and
2823 treat uid/gids similar to other words. It also means that we can
2824 now specify uids in User_Lists and a User_Spec may now contain a
2827 2007-08-22 18:23 millert
2829 * gram.y, toke.l: Replace RUNAS token with '(' and ')' tokens to
2830 make the runas portion of the grammar more natural.
2832 2007-08-22 06:35 millert
2834 * Makefile.in, README, BUGS: The BUGS file is history
2836 2007-08-21 09:19 millert
2838 * toke.c, toke.l: Allow comments after a RunasAlias as long as the
2839 character after the pound sign isn't a digit or a dash.
2841 2007-08-20 20:43 millert
2843 * WHATSNEW: Glob support was back-ported to 1.6.9
2845 2007-08-20 19:59 millert
2847 * Makefile.in: remove sudo_usage.h in distclean
2849 2007-08-20 19:24 millert
2851 * parse.c: If a Defaults value contains a blank, double-quote the
2854 2007-08-20 19:19 millert
2856 * toke.c, toke.l: Properly deal with Defaults double-quoted strings
2857 that span multiple lines using the line continuation char.
2858 Previously, the entire thing, including the continuation char,
2859 newline, and spaces was stored as-is.
2861 2007-08-20 10:46 millert
2863 * sudo.c: Be consistent when using single quotes and backticks.
2865 2007-08-19 16:48 millert
2867 * Makefile.in, configure, configure.in, lbuf.c, lbuf.h, parse.c,
2868 sudo.c, sudo_usage.h.in: Add new linebuf code to do appends of
2869 dynamically allocated strings and word-wrapped output. Currently
2870 used for sudo's usage() and sudo -l output. Sudo usage strings
2871 are now in sudo_usage.h which is generated at configure time.
2873 2007-08-18 08:22 millert
2875 * sudo.h, parse.c, sudo.c: Fix line wrapping in usage() and use the
2876 actual tty width instead of assuming 80.
2878 2007-08-17 18:32 millert
2880 * history.pod: some more info
2882 2007-08-17 17:28 millert
2884 * history.pod: Mentioned Chris Jepeway's parser and also the new
2885 one that is in sudo 1.7.
2887 2007-08-16 09:38 millert
2889 * sudo.pod, visudo.pod: For the options list, add flag args where
2890 appropriate and increase the indent level so there is room for
2893 2007-08-15 13:49 millert
2895 * parse.c: Fix some spacing in "sudo -l" and add a comment about
2896 some bogosity in the line wrapping.
2898 2007-08-15 11:21 millert
2900 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in,
2901 visudo.man.in, visudo.cat: regen
2903 2007-08-15 11:20 millert
2905 * INSTALL, Makefile.in, WHATSNEW, config.h.in, configure.in,
2906 def_data.c, def_data.h, def_data.in, gram.c, gram.h, gram.y,
2907 parse.c, parse.h, pathnames.h.in, sudo.c, sudo.h, sudoers.pod,
2908 testsudoers.c, toke.c, toke.l: Remove monitor support until there
2909 is a versino of systrace that uses a lookaside buffer (or we have
2910 a better mechanism to use).
2912 2007-08-15 09:22 millert
2914 * configure.in, configure, config.h.in, sudo.c: use getaddrinfo()
2915 instead of gethostbyname() if it is available
2917 2007-08-14 15:27 millert
2919 * parse.c, sudo.c: Deal with OSes where sizeof(gid_t) <
2922 2007-08-14 11:19 millert
2924 * interfaces.c: repair non-getifaddrs() code after ipv6 integration
2926 2007-08-14 10:04 millert
2928 * sudo.c: If we can open sudoers but fail to read the first byte,
2929 close the file stream before trying again.
2931 2007-08-13 12:34 millert
2933 * gram.c, toke.c: regen
2935 2007-08-13 12:29 millert
2937 * gram.y, interfaces.c, interfaces.h, match.c, sudoers.pod, toke.l:
2938 Add IPv6 support; adapted from patches by YOSHIFUJI Hideaki
2940 2007-08-13 12:23 millert
2942 * sudo.pod, sudoers.pod, visudo.pod: Add some missing markup Update
2945 2007-08-12 18:55 millert
2947 * configure, configure.in: fix sudo_noexec extension which got
2948 broken in the libtool update
2950 2007-08-10 10:41 millert
2952 * Makefile.in: explicitly specify -Tascii to nroff
2954 2007-08-08 16:07 millert
2956 * logging.c: remove an ANSI-ism that crept in
2958 2007-08-06 20:37 millert
2960 * sudo.pod: Adjust list indents Prevent -- from being turned into
2961 an em dash Use a list for the environment instead of a literal
2964 2007-08-06 20:36 millert
2966 * visudo.pod: Use a list for the environment instead of an indented
2969 2007-08-06 20:33 millert
2971 * sudoers.pod: Adjust list indentation
2973 2007-08-06 20:31 millert
2975 * license.pod: add =head3
2977 2007-08-06 10:24 millert
2979 * sudo.pod: mention that when specifying a uid for the -u option
2980 the shell may require that the # be escaped
2982 2007-08-01 22:08 millert
2984 * match.c: Fix off by one in group matching.
2986 2007-07-31 14:04 millert
2988 * env.c: Fix typo: PYTHONINSPEC should be PYTHONINSPECT. From
2991 2007-07-30 10:45 millert
2993 * configure, configure.in: Add missing define of
2994 HAVE_GSS_KRB5_CCACHE_NAME for the -lgssapi_krb5 case.
2996 2007-07-30 09:29 millert
2998 * aclocal.m4, configure.in, configure: Fix link tests such that new
2999 gcc doesn't optimize away the test.
3001 2007-07-29 19:21 millert
3003 * sudo.pod, sudoers.pod, visudo.pod: add missing over/back
3005 2007-07-29 19:09 millert
3007 * sudo.pod, sudoers.pod, visudo.pod: Change FILES section to use
3010 2007-07-29 18:32 millert
3012 * env.c: Add back allocation of the env struct in rebuild_env but
3013 save a copy of the old pointer and free it before returning.
3015 2007-07-29 16:09 millert
3017 * env.c: Don't init the private environment in rebuild_env() since
3018 it may have already been done implicitly
3019 sudo_setenv/sudo_unsetenv.
3021 Multiply length by sizeof(char *) in memcpy/memmove when copying
3022 the environment so we copy the full thing.
3024 Add missing set of parens so we deref the right pointer in
3025 sudo_unsetenv when searching for a matching variable.
3027 2007-07-26 16:35 millert
3029 * sudo.pod, sudoers.pod, visudo.pod: Use file markup for paths in
3032 2007-07-26 10:04 millert
3034 * sudo.pod, sudoers.pod, visudo.pod: Don't capitalize sudo/visudo
3036 2007-07-26 07:28 millert
3038 * sudoers.pod: Sort sudoers options; based on a diff from Igor
3041 2007-07-25 16:19 millert
3043 * sudo.pod, sudoers.pod, visudo.pod: Use 8 and 5 instead of
3044 @mansectsu@ and @mansectform@ since the latter confuses pod2man.
3045 The Makefile rules for the .man.in file will add @mansectsu@ and
3046 @mansectform@ back in after pod2man is done anyway.
3048 2007-07-22 19:09 millert
3050 * LICENSE, Makefile.in, license.pod: Move license info to pod
3053 2007-07-22 18:43 millert
3055 * configure, configure.in, sudoers.pod: Substitute value of
3056 path_info into sudoers man page.
3058 2007-07-22 16:40 millert
3060 * WHATSNEW: remove features that were back-ported to 1.6.9
3062 2007-07-22 15:20 millert
3064 * sudo.c, sudo.pod, visudo.c, visudo.pod: Sort SYNOPSIS and sync
3065 usage. From Igor Sobrado.
3067 2007-07-22 15:19 millert
3069 * env.c: Only need sudo_setenv/sudo_unsetenv if we are going to use
3070 ldap_sasl_interactive_bind_s() but don't have
3071 gss_krb5_ccache_name().
3073 2007-07-22 08:23 millert
3075 * ChangeLog: rebuild without branch info
3077 2007-07-22 08:23 millert
3079 * Makefile.in: Add ChangeLog target
3081 2007-07-22 08:14 millert
3083 * auth/pam.c: Run cleanup code if the user hits ^C at the password
3086 2007-07-22 08:13 millert
3088 * auth/pam.c: Some versions of pam_lastlog have a bug that will
3089 cause a crash if PAM_TTY is not set so if there is no tty, set
3090 PAM_TTY to the empty string.
3092 2007-07-20 09:32 millert
3094 * Makefile.in: ChageLog not Changelog
3096 2007-07-20 09:31 millert
3100 2007-07-20 09:29 millert
3102 * Makefile.in: CHANGE -> Changelog
3104 2007-07-19 20:23 millert
3108 2007-07-19 19:53 millert
3110 * config.h.in, configure.in, configure, ldap.c: Add configure hooks
3111 for gss_krb5_ccache_name() and the gssapi headers.
3113 2007-07-18 12:57 millert
3115 * env.c, sudo.c: rebuild_env() and insert_env_vars() no longer
3116 return environment pointer, they set environ directly.
3118 No longer need to pass around an envp pointer since we just
3119 operate on environ now.
3121 Add dosync argument to insert_env() that indicates whether it
3122 should reset environ when realloc()ing env.envp.
3124 Use an initial size of 128 for the environment.
3126 2007-07-18 12:41 millert
3128 * env.c: Split sudo_setenv() into an external version and a version
3129 only for use by rebuild_env().
3131 2007-07-16 19:40 millert
3133 * ldap.c: Add support for using gss_krb5_ccache_name() instead of
3134 setting KRB5CCNAME. Also use sudo_unsetenv() in the
3135 non-gss_krb5_ccache_name() case if there was no KRB5CCNAME in the
3136 original environment. TODO: configure setup for
3137 gss_krb5_ccache_name()
3139 2007-07-16 18:44 millert
3141 * README.LDAP: add krb5_ccname
3143 2007-07-16 18:44 millert
3145 * README.LDAP, ldap.c: Add support for sasl_secprops in ldap.conf
3147 2007-07-16 18:39 millert
3149 * env.c, sudo.h: Add sudo_unsetenv() and refactor private env
3150 syncing code into sync_env().
3152 2007-07-16 07:27 millert
3154 * README.LDAP, ldap.c: The ldap.conf variable is sasl_auth_id not
3157 2007-07-15 15:44 millert
3159 * ldap.c, sudo.c, sudo.h: Add support for krb5_ccname in ldap.conf.
3160 If specified, it will override the default value of KRB5CCNAME
3161 in the environment for the duration of the call to
3162 ldap_sasl_interactive_bind_s().
3164 2007-07-15 15:41 millert
3166 * env.c, sudo.h: Remove format_env() Add sudo_setenv() to replace
3167 most format_env() + insert_env() combinations. insert_env() no
3168 longer takes a struct environment *
3170 2007-07-15 12:47 millert
3172 * ldap.c: Fix use_sasl vs. rootuse_sasl logic.
3174 2007-07-15 09:23 millert
3176 * README.LDAP, config.h.in, configure, configure.in, ldap.c: Add
3177 support for SASL auth when connecting to an LDAP server. Adapted
3178 from a diff by Tom McLaughlin.
3180 2007-07-14 16:32 millert
3182 * configure, configure.in: Only enable AIX or BSD auth if no other
3183 exclusive auth method has been chosen. Allows people to e.g.,
3184 use PAM on AIX without adding --without-aixauth. A better
3185 solution is needed to deal with default authentication since if a
3186 non-exclusive method is chosen we will still get an error.
3188 2007-07-11 11:23 millert
3190 * HISTORY, Makefile.in, history.pod: Generate HISTORY from
3191 history.pod (which is also used for web pages)
3193 2007-07-09 19:40 millert
3195 * sudo.man.in, sudoers.man.in: regen
3197 2007-07-09 19:25 millert
3199 * sudo.pod: Better explanation of environment handling in the sudo
3202 2007-07-09 15:13 millert
3204 * env.c, sudo.c: Defer setting user-specified env vars until after
3207 2007-07-09 13:25 millert
3209 * env.c: honor def_default_path for PATH set on the command line
3211 2007-07-09 13:22 millert
3213 * sudo.c, env.c, sudo.pod, sudoers.pod: Allow user to set
3214 environment variables on the command line as long as they are
3215 allowed by env_keep and env_check. Ie: apply the same
3216 restrictions as normal environment variables. TODO: deal with
3219 2007-07-08 14:44 millert
3221 * sudo.c, sudo_edit.c: Call rebuild_env() in call cases. Pass
3222 original envp to sudo_edit(). Don't allow -E or env var setting
3223 in sudoedit mode. More accurate usage() when called as sudoedit.
3225 2007-07-08 14:41 millert
3227 * ldap.c: warn -> warning
3229 2007-07-08 14:11 millert
3231 * sudo.pod: add -c option to sudoedit synopsis
3233 2007-07-08 10:27 millert
3235 * TODO: udpate to reality
3237 2007-07-08 09:43 millert
3239 * parse.c: Use ALLOW/DENY instead of TRUE/FALSE when dealing with
3240 the return value from {user,host,runas,cmnd}_matches(). Rename
3241 *matches variables -> *match. Purely cosmetic.
3243 2007-07-08 09:30 millert
3245 * parse.c: Move setting of FLAG_NO_CHECK into the if(pwflag) block.
3246 No change in behavior.
3248 2007-07-08 09:17 millert
3250 * sudoers: add SETENV tag
3252 2007-07-06 15:51 millert
3254 * parse.c: Make pwcheck local to the pwflag block. Use pwcheck
3255 even if user didn't match since Defaults options may still apply.
3257 2007-07-06 14:51 millert
3259 * check.c, sudo.c: Do not update timestamp if user not validated by
3262 2007-07-06 10:14 millert
3264 * set_perms.c: for PERM_RUNAS, set the egid to the runas user's gid
3265 and restore to the user's original in PERM_ROOT
3267 2007-07-06 10:04 millert
3269 * logging.c, mon_systrace.c, set_perms.c, sudo.h: PERM_FULL_ROOT is
3270 now no different than PERM_ROOT so remove PERM_FULL_ROOT
3272 2007-07-06 09:49 millert
3274 * check.c: don't check timestamp mtime if we are just going to
3277 2007-07-06 09:33 millert
3279 * sudoers.pod: Move sudoers defaults parameters into their own
3282 2007-07-05 20:21 millert
3284 * testsudoers.c: Reduce a level of indent by a few placed continue
3287 2007-07-05 20:20 millert
3289 * parse.c: Make matching but negated commands/hosts/runas entries
3290 override a previous match as expected. Also reduce some levels
3291 of indent by a few placed continue statements.
3293 2007-07-05 16:34 millert
3295 * parse.c: Print default runas in "sudo -l" if sudoers don't
3298 2007-07-05 15:46 millert
3300 * match.c: Less hacky way of testing whether the domain was set.
3302 2007-07-04 15:50 millert
3304 * INSTALL: Mention pam-devel and openldap-devel for Linux
3306 2007-07-03 19:38 millert
3308 * README.LDAP: or vs. are
3310 2007-07-01 16:55 millert
3312 * sudo.c: fix typo in Solaris project support
3314 2007-07-01 09:40 millert
3318 2007-07-01 09:07 millert
3320 * sudo.c: Make -- on the command line match the manual page. The
3321 implied shell case has been simplified as a result.
3323 2007-06-28 10:44 millert
3325 * sudoers2ldif: add simplistic support for sudoRunas; note that if
3326 a sudoers entry contains multiple Runas users, all will apply to
3329 2007-06-28 10:42 millert
3331 * sudoers2ldif: honor SETENV and NOSETENV tags
3333 2007-06-24 09:25 millert
3335 * mon_systrace.c: Redo setting of user_args. We now build up a
3336 private copy of argv first and then replace the NULs with spaces.
3338 2007-06-24 09:19 millert
3340 * mon_systrace.c: getcwd() returns NULL on failure, not 0 on
3343 2007-06-24 07:39 millert
3345 * mon_systrace.c: allow chunksiz to reach 1 before erroring out
3347 2007-06-23 20:00 millert
3349 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
3350 visudo.man.in: regen
3352 2007-06-23 19:58 millert
3354 * def_data.c, def_data.h, def_data.in, env.c, gram.c, gram.h,
3355 gram.y, logging.c, parse.c, parse.h, sudo.c, sudo.h, sudo.pod,
3356 sudoers.pod, toke.c, toke.l: Add support for setting environment
3357 variables on the command line. This is only allowed if the
3358 setenv sudoers options is enabled or if the command is prefixed
3359 with the SETENV tag.
3361 2007-06-23 19:57 millert
3363 * README.LDAP: replace Aaron's email address with the sudo-workers
3366 2007-06-23 19:55 millert
3370 2007-06-21 20:35 millert
3372 * Makefile.in, README.LDAP, schema.OpenLDAP, schema.iPlanet: Break
3373 schema out into separate files.
3375 2007-06-21 18:28 millert
3377 * auth/aix_auth.c: free message if set by authenticate()
3379 2007-06-21 13:03 millert
3381 * match.c: deal with NULL gr_mem
3383 2007-06-20 15:04 millert
3385 * config.h.in: regen
3387 2007-06-20 15:04 millert
3389 * configure.in: add template for HAVE_PROJECT_H
3391 2007-06-20 07:06 millert
3393 * closefrom.c: include fcntl.h
3395 2007-06-19 19:37 millert
3397 * INSTALL: mention --with-project
3399 2007-06-19 18:24 millert
3401 * config.h.in, configure.in, sudo.c: Add Solaris 10 "project"
3402 support. From Michael Brantley.
3404 2007-06-19 17:27 millert
3406 * sudoers.pod: fix typo
3408 2007-06-19 17:22 millert
3412 2007-06-19 17:21 millert
3414 * configure.in: Fix preservation of LDFLAGS in the LDAP case.
3416 2007-06-19 17:00 millert
3418 * memrchr.c: Remove dependecy on NULL
3420 2007-06-19 15:37 millert
3424 2007-06-19 15:37 millert
3426 * aclocal.m4, configure.in: Can't use the regular autoconf
3427 fnmatch() check since we need FNM_CASEFOLD so go back to our
3430 2007-06-19 12:52 millert
3432 * env.c: Fix preserving of variables in env_keep.
3434 2007-06-19 07:10 millert
3436 * env.c: add XAUTHORIZATION
3438 2007-06-18 20:41 millert
3440 * UPGRADE: expand upon env resetting and mention that it began in
3443 2007-06-18 20:33 millert
3445 * sudoers.pod: Update descriptions of env_keep and env_check to
3446 match current reality.
3448 2007-06-18 17:33 millert
3450 * env.c: Add LINGUAS to initial_checkenv_table. Add COLORS,
3451 HOSTNAME, LS_COLORS, MAIL, PS1, PS2, XAUTHORITY to
3452 intial_keepenv_table.
3454 2007-06-18 17:23 millert
3456 * env.c, logging.c: Treat USERNAME environemnt variable like
3459 2007-06-18 17:21 millert
3461 * env.c: Don't need to populate keepenv table with the contents of
3464 2007-06-18 08:57 millert
3466 * sudo.c: Don't force sudo into the C locale.
3468 2007-06-18 08:56 millert
3470 * env.c: Make env_check apply when env_reset it true. Environment
3471 variables are passed through unless they contain '/' or '%'.
3472 There is no need to have a variable in both env_check and
3475 2007-06-16 07:31 millert
3477 * visudo.c: Remove an duplicate lock_file() call and add a comment.
3479 2007-06-15 21:16 millert
3481 * UPGRADE: Add sudo 1.6.9 upgrade note.
3483 2007-06-14 12:23 millert
3485 * interfaces.c: Solaris will return EINVAL if the buffer used in
3486 SIOCGIFCONF is too small. From Klaus Wagner.
3488 2007-06-14 12:03 millert
3490 * Makefile.in, config.h.in, configure, configure.in, memrchr.c,
3491 logging.c, sudo.h: Redo the long syslog line splitting based on a
3492 patch from Eygene Ryabinkin. Include memrchr() for systems
3495 2007-06-14 07:09 millert
3497 * configure.in: Since we need to be able to convert timespec to
3498 timeval for utimes() the last 3 digits in the tv_nsec are not
3499 significant. This makes the sudoedit file date comparison work
3502 2007-06-13 13:41 millert
3504 * aclocal.m4, configure, configure.in: Add SUDO_ADD_AUTH macro to
3505 deal with adding things to AUTH_OBJS. This deals with exclusive
3506 authentication methods in a simple way.
3508 2007-06-12 13:08 millert
3510 * LICENSE: mkstemp.c is BSD code too.
3512 2007-06-12 09:21 millert
3514 * sudo.pod, sudoers.pod, visudo.pod: No commercial support for now.
3516 2007-06-11 18:27 millert
3518 * sudo.c: cleanenv() is no more.
3520 2007-06-10 18:37 millert
3522 * ChangeLog: Display branch info in Changelog
3524 2007-06-10 18:18 millert
3526 * utimes.c: Include config.h early so we have it for
3529 2007-06-10 18:00 millert
3531 * ChangeLog: Fix Changelog generation and update.
3533 2007-06-09 07:26 millert
3535 * closefrom.c: Use /proc/self/fd instead of /proc/$$/fd
3537 Move old-style fd closing into closefrom_fallback() and call that
3538 if /proc/self/fd doesn't exist or the F_CLOSEM fcntl() fails
3540 2007-06-09 07:24 millert
3542 * config.h.in, configure.in, auth/kerb5.c: o use
3543 krb5_verify_user() if available instead of doing it by hand
3544 o use krb5_init_secure_context() if we have it
3545 o pass an encryption type of 0 to krb5_kt_read_service_key()
3547 ENCTYPE_DES_CBC_MD5 to let kerberos choose.
3549 2007-06-09 07:20 millert
3551 * env.c: Check TERM and COLORTERM for '%' and '/' characters. From
3554 2007-06-09 07:17 millert
3556 * configure.in: Fix closefrom() substitution in the Makefile
3558 2007-06-09 07:15 millert
3560 * TROUBLESHOOTING: Mention alternate sudo pronunciation.
3562 2007-06-07 07:52 millert
3564 * env.c: Remove KRB5_KTNAME from environment. Allow COLORTERM.
3566 2007-06-07 07:22 millert
3568 * auth/kerb5.c: If we cannot get a valid service key using the
3569 default keytab it is a fatal error. Fixes a bug where sudo could
3570 be tricked into allowing access when it should not by a fake KDC.
3571 From Thor Lancelot Simon.
3573 2007-05-12 08:56 millert
3575 * aclocal.m4, configure, configure.in: Update long long checks to
3576 use AC_CHECK_TYPES and to cache values.
3578 2007-05-12 08:07 millert
3580 * aclocal.m4, configure.in: Use AC_FUNC_FNMATCH instead of a
3581 homebrew fnmatch checker. We can't use AC_REPLACE_FNMATCH since
3582 that assumes replacing with GNU fnmatch.
3584 2007-05-11 17:05 millert
3586 * configure, configure.in: Add closefrom() to LIB_OBJS not
3587 SUDO_OBJS if it is missing since we need it for visudo now too.
3589 2007-04-24 14:44 millert
3591 * sudoers.pod: Attempt to clarify the bit talking about network
3592 numbers w/o netmasks.
3594 2007-04-24 14:25 millert
3596 * sudo.pod: Clarify timestamp dir ownership sentence.
3598 2007-04-20 12:40 millert
3600 * auth/pam.c: Linux PAM now defines __LINUX_PAM__, not
3601 __LIBPAM_VERSION. From Dmitry V. Levin.
3603 2007-04-16 12:13 millert
3605 * sudo.c: -i is also one of the mutually exclusive options to list
3606 it in the warning message. Noted by Chris Pepper.
3608 2007-04-12 11:18 millert
3610 * visudo.pod: The sudoers variable is env_editor, not enveditor.
3611 From Jean-Francois Saucier.
3613 2007-03-29 13:30 millert
3615 * redblack.c: I tracked down the original author so credit him and
3616 include his license info.
3618 2007-02-06 13:25 millert
3620 * sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
3621 sudoers.pod: Fix typos; from Jason McIntyre.
3623 2007-02-06 13:23 millert
3625 * logging.c: Restore signal mask before calling reapchild(). Fixes
3626 a possible race condition that could prevent sudo from properly
3627 waiting for the child.
3629 2007-01-31 10:02 millert
3631 * pwutil.c: Don't declare pw_free() if we are not going to use it.
3633 2007-01-31 10:00 millert
3635 * env.c: Add NOEXEC support for AIX 5.3 which supports LDR_PRELOAD
3636 and LDR_PRELOAD64. The 64-bit version is not currently
3637 supported. Remove zero_env() prototype as it no longer exists.
3639 2006-12-11 13:21 millert
3641 * logging.c: Add "Auto-Submitted: auto-generated" line to sudo mail
3644 2006-09-29 10:53 millert
3646 * auth/pam.c: If the user enters ^C at the password prompt, abort
3647 instead of trying to authenticate with an empty password (which
3648 causes an annoying delay).
3650 2006-08-17 11:26 millert
3652 * closefrom.c, config.h.in, configure, configure.in: Add fcntl
3653 F_CLOSEM support to closefrom(); adapted from a diff by Darren
3656 2006-08-17 11:25 millert
3658 * pwutil.c: pw_free() is only used by sudo_freepwcache() so ifdef
3661 2006-08-04 11:34 millert
3663 * config.sub, config.guess: Update to latest versions from
3664 cvs.savannah.gnu.org
3666 2006-07-31 13:51 millert
3668 * pwutil.c, sudo_edit.c: Move password/group cache cleaning out of
3669 sudo_end{pw,grp}ent() so we can close the passwd/group files
3672 2006-07-31 13:50 millert
3674 * config.h.in, configure, configure.in, set_perms.c: Add seteuid()
3675 flavor of set_perms() for systems without setreuid() or
3676 setresuid() that have a working seteuid(). Tested on Darwin.
3678 2006-07-30 15:56 millert
3680 * mon_systrace.c: systrace_read() returns ssize_t
3682 2006-07-30 15:53 millert
3684 * configure, configure.in: Fix typo, -lldap vs. -ldap; from Tim
3687 2006-07-28 13:12 millert
3689 * HISTORY: Fix typo; Matt Ackeret
3691 2006-07-17 08:25 millert
3693 * sudo.c: Print sudoers path in -V mode for root.
3695 2006-06-15 14:44 millert
3697 * ldap.c: Do a sub tree search instead of a base search (one level
3698 in the tree only) for sudo right objects. This allows system
3699 administrators to categorize the rights in a tree to make them
3702 2005-12-28 13:52 millert
3704 * sudo.pod: fix typo
3706 2005-12-04 12:16 millert
3708 * ldap.c: Convert GET_OPT and GET_OPTI to use just 2 args. Add
3709 timelimit and bind_timelimit support; adapted from gentoo.
3711 2005-11-23 18:57 millert
3713 * ldap.c: Support comments that start in the middle of a line
3715 2005-11-23 18:56 millert
3717 * configure.in, configure: Define LDAP_DEPRECATED until we start
3718 using ldap_get_values_len()
3720 2005-11-18 09:55 millert
3722 * closefrom.c: Silence gcc -Wsign-compare; djm@openbsd.org
3724 2005-11-17 20:39 millert
3726 * error.c, sudo.c, sudo.h, testsudoers.c, visudo.c: cleanup() now
3727 takes an int as an arg so it can be used as a signal handler too.
3729 2005-11-17 20:38 millert
3731 * sudo.c: Make a copy of the shell field in the passwd struct for
3732 NewArgv to avoid a use after free situation after sudo_endpwent()
3735 2005-11-16 20:36 millert
3737 * Makefile.in, mkstemp.c, config.h.in, configure, configure.in: Add
3738 mkstemp() for those poor souls without it.
3740 2005-11-15 09:25 millert
3742 * env.c: Add PERL5DB to list of environment variables to remove.
3744 2005-11-13 15:49 millert
3746 * mon_systrace.c, mon_systrace.h: Instead of calling the check
3747 function twice with a state cookie use separate check/log
3750 Check more ioctl() calls for failure.
3752 systrace_{read,write} now return the number of bytes read/written
3755 2005-11-13 14:51 millert
3757 * env.c: Add more environment variables to remove; from gentoo
3758 linux Add some comments about what bad env variables go to what
3761 2005-11-11 17:23 millert
3763 * sudo.c, sudo_edit.c: Move sudo_end{gr,pw}ent() until just before
3764 the exec since they free up our cached copy of the passwd
3765 structs, including sudo_user and sudo_runas. Fixes a
3768 2005-11-11 17:19 millert
3770 * visudo.c: Close all fd's before executing editor.
3772 2005-11-11 17:17 millert
3774 * sudo.c: Enable malloc debugging on OpenBSD when SUDO_DEVEL is
3777 2005-11-11 11:22 millert
3779 * check.c: Fix fd leak when lecture file option is enabled. From
3782 2005-11-07 11:02 millert
3784 * env.c: Add PERLLIB, PERL5LIB and PERL5OPT to the default list of
3785 environment variables to remove. From Charles Morris
3787 2005-11-01 13:24 millert
3789 * env.c: add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5
3791 2005-10-27 20:35 millert
3793 * env.c: add PS4 and SHELLOPTS to initial_badenv_table for bash
3795 2005-08-14 20:32 millert
3797 * sudoers.pod: Fix typo; Toby Peterson
3799 2005-08-02 09:57 millert
3801 * tsgetgrpw.c: Make return buffers static so they don't get
3804 2005-07-27 21:14 millert
3806 * auth/securid5.c: Fix securid5 authentication, was not checking
3807 for ACM_OK. Also add default cases for the two switch()es.
3808 Problem noted by ccon at worldbank
3810 2005-06-26 20:10 millert
3812 * ldap.c: Remove ncat() in favor of just counting bytes and
3813 pre-allocating what is needed.
3815 2005-06-26 19:44 millert
3817 * ldap.c: Fix up some comments Add missing fclose() for the
3820 2005-06-26 19:38 millert
3822 * ldap.c: align struct ldap_config
3824 2005-06-26 19:37 millert
3826 * ldap.c: use LINE_MAX for max conf file line size
3828 2005-06-26 18:36 millert
3830 * pathnames.h.in: add _PATH_LDAP_SECRET
3832 2005-06-26 18:36 millert
3834 * README.LDAP: Mention rootbinddn Give example ou=SUDOers container
3836 2005-06-25 18:03 millert
3838 * configure, INSTALL, configure.in, ldap.c: Support rootbinddn in
3841 2005-06-25 17:46 millert
3843 * env.c, sudo.pod, sudoers.pod: Preserve DISPLAY environment
3844 variable by default.
3846 2005-06-25 16:39 millert
3848 * acsite.m4, configure: set need_lib_prefix=no for all cases; this
3849 is safe for LD_PRELOAD
3851 2005-06-25 16:15 millert
3853 * acsite.m4, configure: set need_version=no for all cases; this is
3856 2005-06-25 14:45 millert
3860 2005-06-25 14:33 millert
3862 * configure, configure.in: Add dragonfly
3864 2005-06-25 14:29 millert
3866 * auth/pam.c: Fix call to pam_end() when pam_open_session() fails.
3868 2005-06-25 14:21 millert
3872 2005-06-25 14:20 millert
3874 * acsite.m4: rebuild acsite.m4 from libtool 1.9f libtool.m4
3875 ltoptions.m4 ltsugar.m4 ltversion.m4
3877 2005-06-25 14:08 millert
3879 * config.guess, config.sub, ltmain.sh: merge in local changes:
3880 config.guess: o better openbsd support config.sub: o hiuxmpp
3881 support ltmain.sh o remove requirement that libs must begin with
3882 "lib" o don't print a bunch of crap about library installs o
3885 2005-06-25 14:05 millert
3887 * config.guess, config.sub, ltmain.sh: libtool 1.9f
3889 2005-06-25 14:04 millert
3891 * configure.in: Update with autoupdate and make minor changes for
3894 2005-06-22 23:19 millert
3896 * parse.c: don't call sudo_ldap_display_cmnd if ldap not setup
3898 2005-06-22 23:04 millert
3900 * check.c, compat.h, fileops.c, gettime.c, sudo_edit.c, visudo.c,
3901 emul/timespec.h: Move declatation of struct timespec to its own
3902 include files for systems without it since it needs time_t
3905 2005-06-22 22:57 millert
3907 * ldap.c: Don't set safe_cmnd for the "sudo ALL" case.
3909 2005-05-27 01:59 millert
3911 * auth/pam.c: Call pam_open_session() and pam_close_session() to
3912 give pam_limits a chance to run. Idea from Karel Zak.
3914 2005-04-24 19:24 millert
3916 * check.c, sudo.c: Add explicit cast from mode_t -> u_int in printf
3917 to silence warnings on Solaris
3919 2005-04-24 19:22 millert
3921 * parse.c: include grp.h to silence a warning on Solaris
3923 2005-04-23 15:10 millert
3925 * parse.c: Fix printing of += and -= defaults.
3927 2005-04-17 01:21 millert
3929 * mon_systrace.c: Sanity check number of syscall args with argsize.
3930 Not really needed but a little paranoia never hurts.
3932 2005-04-17 01:18 millert
3934 * mon_systrace.c, mon_systrace.h: Don't do pointer arithmetic on
3935 void * Use int, not size_t/ssize_t for systrace lengths (since it
3938 2005-04-16 03:14 millert
3940 * mon_systrace.c: Add some memsets for paranoia Fix namespace
3941 collsion w/ error Check rval of decode_args() and update_env()
3942 Remove improper setting of validated variable
3944 2005-04-11 21:37 millert
3946 * parse.c, sudo.c, sudo.h: In -l mode, only check local sudoers
3947 file if def_ignore_sudoers is not set and call LDAP versions from
3948 display_privs() and display_cmnd() instead of directly from
3949 main(). Because of this we need to defer closing the ldap
3950 connection until after -l processing has ocurred and we must pass
3951 in the ldap pointer to display_privs() and display_cmnd().
3953 2005-04-11 21:33 millert
3955 * ldap.c: Reorganize LDAP code to better match normal sudoers
3956 parsing. Instead of storing strings for later printing in -l
3957 mode we do another query since the authenticating user and the
3958 user being listed may not be the same (the new -U flag). Also
3959 add support for "sudo -l command".
3961 There is still a fair bit if duplicated code that can probably be
3964 2005-04-11 00:37 millert
3966 * ldap.c: Replace pass variable with do_netgr for better
3969 2005-04-10 23:49 millert
3971 * ldap.c: use DPRINTF macro
3973 2005-04-10 23:18 millert
3975 * ldap.c: estrdup, not strdup
3977 2005-04-10 17:44 millert
3979 * parse.c: Add macro to test if the tag changed to improve
3982 2005-04-10 17:40 millert
3984 * parse.c: Avoid printing defaults header if there are no defaults
3987 2005-04-10 15:29 millert
3989 * glob.c: Fix a warning on systems without strlcpy().
3991 2005-04-10 13:32 millert
3993 * pwutil.c: Use macros where possible for sudo_grdup() like
3996 2005-04-08 17:04 millert
3998 * utimes.c: It is possible for tv_usec to hold >= 1000000 usecs so
3999 add in tv_usec / 1000000.
4001 2005-03-29 23:38 millert
4003 * auth/kerb5.c: The component in krb5_principal_get_comp_string()
4004 should be 1, not 0 for Heimdal. From Alex Plotnick.
4006 2005-03-29 09:29 millert
4008 * alias.c, alloc.c, check.c, defaults.c, find_path.c, gram.c,
4009 gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c,
4010 pwutil.c, redblack.c, sudo.c, sudo.h, toke.c, toke.l, visudo.c:
4011 Add efree() for consistency with emalloc() et al. Allows us to
4012 rely on C89 behavior (free(NULL) is valid) even on K&R.
4014 2005-03-28 22:33 millert
4016 * parse.c, sudo.c: Move initgroups() for -U option into
4017 display_privs() so group matching in sudoers works correctly.
4019 2005-03-26 21:34 millert
4021 * ldap.c: Removed duplicate call to ldap_unbind_s introduced along
4022 with sudo_ldap_close.
4024 2005-03-26 20:01 millert
4026 * parse.c: Add missing space in Defaults printing
4028 2005-03-25 12:36 millert
4030 * pwutil.c: Sync sudo_pwdup with OpenBSD changes: use macros for
4031 size computaton and string copies.
4033 2005-03-18 22:08 millert
4035 * pwutil.c: Zero old pw_passwd before replacing with version from
4038 2005-03-18 22:07 millert
4040 * configure, configure.in: Only attempt shadow password detection
4041 if PAM is not being used Add shadow_* variables to make shadow
4042 password detection more generic.
4044 2005-03-18 21:46 millert
4046 * configure.in: Use OSDEFS for os-specific -D_FOO_BAR stuff rather
4049 2005-03-12 19:27 millert
4051 * sudoers.pod: use a non-breaking space to avoid a double space
4054 2005-03-12 19:26 millert
4056 * sudo.pod: commna, not colon after e.g.
4058 2005-03-12 18:43 millert
4060 * sudo_noexec.c: Add __ variants of the exec functions. GNU libc
4061 at least uses __execve() internally.
4063 2005-03-12 12:29 millert
4065 * indent.pro: Match reality a bit more.
4067 2005-03-12 12:27 millert
4069 * pwutil.c: Missed piece from rev. 1.6, fix sudo_getpwnam() too.
4071 2005-03-11 23:42 millert
4073 * pwutil.c: Store shadow password after making a local copy of
4074 struct passwd in case normal and shadow routines use the same
4075 internal buffer in libc.
4077 2005-03-10 20:57 millert
4079 * alloc.c, logging.c: Make varargs usage consistent with the rest
4082 2005-03-10 10:09 millert
4084 * sudo_noexec.c: Wrap more of the exec family since on Linux the
4085 others do not appear to go through the normal execve() path.
4087 2005-03-10 09:57 millert
4089 * visudo.c: make print_unused static like proto says
4091 2005-03-10 09:55 millert
4093 * glob.c: silence a warning on K&R systems
4095 2005-03-10 09:51 millert
4097 * parse.c, alias.c, error.c: make this build in K&R land
4099 2005-03-07 22:21 millert
4103 2005-03-05 22:46 millert
4105 * ldap.c: return(foo) not return foo optimize _atobool() slightly
4107 2005-03-05 22:40 millert
4109 * ldap.c: Use TRUE/FALSE
4111 2005-03-05 22:31 millert
4113 * ldap.c: Reformat to match the rest of sudo's code.
4115 2005-03-05 19:33 millert
4117 * sudo.pod: I am the primary author
4119 2005-02-22 22:28 millert
4121 * README, RUNSON, Makefile.in: The RUNSON file is toast--it
4122 confused too many people and really isn't needed in a
4123 configure-oriented world.
4125 2005-02-22 22:28 millert
4127 * INSTALL: alternate -> alternative
4129 2005-02-22 22:26 millert
4131 * tgetpass.c: Use TCSADRAIN instead of TCSAFLUSH since some OSes
4132 have issues with TCSAFLUSH.
4134 2005-02-22 22:16 millert
4136 * toke.l: Allow leading blanks before Defaults and Foo_Alias
4139 2005-02-22 22:14 millert
4141 * Makefile.in: fix rules to build toke.o and gram.o in devel mode
4143 2005-02-20 13:00 millert
4145 * sudoers.pod: env_keep overrides set_logname
4147 2005-02-20 12:57 millert
4149 * env.c: Fix disabling set_logname and make env_keep override
4152 2005-02-20 12:28 millert
4154 * compat.h, config.h.in, configure, configure.in: No longer need
4157 2005-02-20 11:48 millert
4159 * env.c, sudo.c: Just clean the environment once. This assumes
4160 that any further setenv/putenv will be able to handle the fact
4161 that we replaced environ with our own malloc'd copy but all the
4162 implementations I've checked do.
4164 2005-02-15 23:16 millert
4166 * env.c, sudo.c: In -i mode, base the value of insert_env()'s
4167 dupcheck flag on DID_FOO flags. Move checks for $HOME resetting
4170 2005-02-13 00:33 millert
4172 * env.c, sudo.c: Move setting of user_path, user_shell, user_prompt
4173 and prev_user into init_vars() since user_shell at least is
4176 2005-02-12 18:51 millert
4178 * Makefile.in: fix devel builds
4180 2005-02-12 18:46 millert
4182 * check.c, sudo.c: Fix some printf format mismatches on error.
4184 2005-02-12 18:33 millert
4186 * configure, gram.c, toke.c: regen
4188 2005-02-12 17:56 millert
4190 * LICENSE, Makefile.binary.in, Makefile.in, aclocal.m4, alias.c,
4191 alloc.c, check.c, closefrom.c, compat.h, configure.in,
4192 defaults.c, defaults.h, env.c, error.c, fileops.c, find_path.c,
4193 getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.y,
4194 interfaces.c, interfaces.h, ldap.c, logging.c, logging.h,
4195 match.c, mon_systrace.c, parse.c, redblack.c, redblack.h,
4196 set_perms.c, sigaction.c, snprintf.c, strcasecmp.c, strerror.c,
4197 strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.pod, sudo_edit.c,
4198 sudo_noexec.c, sudoers.pod, testsudoers.c, tgetpass.c, toke.l,
4199 utimes.c, version.h, visudo.c, visudo.pod, zero_bytes.c,
4200 auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, auth/dce.c,
4201 auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
4202 auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
4203 auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h,
4204 emul/utime.h: Update copyright years.
4206 2005-02-12 16:46 millert
4208 * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
4211 2005-02-12 16:16 millert
4213 * WHATSNEW: What's new in sudo 1.7, based on the 1.7 CHANGES
4216 2005-02-11 18:06 millert
4218 * compat.h, logging.h, sudo.h: Add __printflike and use it with gcc
4219 to warn about printf-like format mismatches
4221 2005-02-10 00:16 millert
4223 * CHANGES, ChangeLog: Replaced CHANGES file with ChangeLog
4224 generated from cvs logs
4226 2005-02-10 00:03 millert
4228 * set_perms.c: Use warning/error instead of perror/fatal.
4230 2005-02-09 23:13 millert
4232 * config.guess: Update OpenBSD section
4234 2005-02-09 23:10 millert
4236 * UPGRADE: Add upgrading noted for 1.7
4238 2005-02-09 23:00 millert
4240 * env.c, sudo.c, sudoers.pod: Instead of zeroing out the
4241 environment, just prune out entries based on the env_delete and
4242 env_check lists. Base building up the new environment on the
4243 current environment and the variables we removed initially.
4245 2005-02-09 22:23 millert
4247 * configure, configure.in, sudo.c, config.h.in: Set locale to "C"
4248 if locales are supported, just to be safe.
4250 2005-02-09 22:19 millert
4252 * toke.c, toke.l: Cast argument to ctype functions to unsigned
4255 2005-02-07 22:56 millert
4257 * env.c: correct value for DID_USER
4259 2005-02-07 22:55 millert
4261 * error.c, fnmatch.c, getcwd.c, glob.c, snprintf.c: #include
4262 <compat.h> not "compat.h"
4264 2005-02-07 22:51 millert
4266 * defaults.c: Reset the environment by default.
4268 2005-02-07 22:50 millert
4270 * sudo.c: Alloc an extra slot in NewArgv. Removes the need to
4271 malloc an new vector if execve() fails.
4273 2005-02-06 23:16 millert
4275 * INSTALL, config.h.in, configure, configure.in, sudo.c: Use
4276 execve(2) and wrap the command in sh if we get ENOEXEC.
4278 2005-02-05 23:01 millert
4280 * sudo_noexec.c: Only include time.h on systems that lack struct
4281 timespec which gets defind in compat.h (using time_t).
4283 2005-02-05 22:59 millert
4285 * sudo_noexec.c: Include time.h for time_t in compat.h for systems
4286 w/o struct timespec.
4288 2005-02-05 22:56 millert
4290 * configure, compat.h, config.h.in, configure.in: use bcopy on
4293 2005-02-05 22:31 millert
4295 * compat.h: __attribute__((__unused__)) doesn't work in gcc 2.7.2.1
4296 so limit its use to gcc >= 2.8.
4298 2005-02-05 21:21 millert
4300 * Makefile.in: Add explicit rule to build sudo_noexec.lo
4302 2005-02-05 17:56 millert
4304 * INSTALL.configure, Makefile.in: No longer depend on VPATH;
4305 pointed out a bunch of missed dependencies.
4307 2005-02-05 13:18 millert
4309 * TROUBLESHOOTING: Help for PAM when account section is missing
4311 2005-02-05 13:01 millert
4313 * auth/pam.c: Give user a clue when there is a missing "account"
4314 section in the PAM config.
4316 2005-02-05 10:22 millert
4318 * auth/pam.c: Better error handling.
4320 2005-02-05 09:57 millert
4322 * configure, config.h.in, configure.in: Move _FOO_SOURCE to
4323 CPPFLAGS so it takes effect as early as possible. Silences a
4324 warning about isblank() on linux.
4326 2005-02-04 21:49 millert
4328 * auth/pam.c: Fix typo (missing comma) that caused an incorrect
4329 number of args to be passed to log_error().
4331 2005-01-31 23:03 millert
4333 * pwutil.c: Don't try to destroy a tree we didn't create.
4335 2005-01-27 10:42 millert
4337 * alias.c, alloc.c, check.c, closefrom.c, compat.h, defaults.c,
4338 env.c, error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c,
4339 getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.c,
4340 gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c,
4341 parse.c, pwutil.c, set_perms.c, sigaction.c, snprintf.c,
4342 strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
4343 sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c,
4344 toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c,
4345 auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
4346 auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
4347 auth/rfc1938.c, auth/secureware.c, auth/securid.c,
4348 auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Add __unused to
4351 2005-01-21 10:34 millert
4353 * configure, configure.in: Fix error message when mixing invalid
4356 2005-01-21 10:32 millert
4358 * INSTALL: PAM, AIX auth, BSD auth and login_cap are now on by
4359 default if the OS supports them.
4361 2005-01-21 10:29 millert
4363 * config.h.in, auth/sudo_auth.h: s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g
4365 2005-01-21 10:29 millert
4367 * configure.in: Better checking for conflicting authentication
4368 methods Display the authentication methods used at the end of
4369 configure Rename --with-authenticate -> --with-aixauth Use
4370 --with-aixauth, --with-bsdauth, --with-pam, --with-logincap by
4371 default on systems that support them unless disabled. Add
4372 OSMAJOR variable that replaces old OSREV; now OSREV has full
4375 2005-01-17 19:40 millert
4377 * def_data.c, def_data.in, sudo.c, sudoers.pod: s/-O/-C/
4379 2005-01-14 13:35 millert
4381 * configure.in: Replace: test -n "$FOO" || FOO="bar"
4383 With: : ${FOO='bar'}
4385 2005-01-09 18:58 millert
4387 * pwutil.c, testsudoers.c, tsgetgrpw.c: Use function pointers to
4388 only call private passwd/group routines when using a nonstandard
4391 2005-01-06 10:34 millert
4395 2005-01-05 22:16 millert
4397 * tsgetgrpw.c: Can't use strtok() since it doesn't handle empty
4398 fields so add getpwent()/getgrent() functions and call those.
4400 2005-01-05 17:29 millert
4402 * Makefile.in: Fix dummied out toke.c and gram.c dependencies.
4404 2005-01-05 17:18 millert
4406 * Makefile.in: Rename PARSESRCS -> GENERATED since it is only used
4407 in the clean target Add devdir variable and use it to specify the
4408 path to parser sources
4410 2005-01-05 17:17 millert
4414 2005-01-05 17:17 millert
4416 * configure.in: Add a devdir variables that defaults to $(srcdir)
4417 and is set to . if --devel was specified. Allows for proper
4418 dependecies building the parser.
4420 2005-01-05 14:50 millert
4422 * testsudoers.c: Add support for custom passwd/group files.
4424 2005-01-05 14:47 millert
4426 * Makefile.in: Build private copy of pwutil.o for testsudoers with
4427 MYPW defined so it uses our own passwd/group routines.
4429 2005-01-05 14:46 millert
4431 * visudo.c: Remove sudo_*{pw,gr}* stubs and add
4432 sudo_setspent/sudo_endspent stubs instead. We can now just use
4433 the caching sudo_*{pw,gr}* functions in pwutil.c Add comment
4434 about wanting to call sudo_endpwent/sudo_endgrent in cleanup()
4436 2005-01-05 14:44 millert
4438 * tsgetgrpw.c: Remove caching; we will just use what is in pwutil.c
4439 Use global buffers for passwd/group structs Rename functions from
4442 2005-01-05 14:43 millert
4444 * logging.c, sudo.c: g/c pwcache_init/pwcache_destroy
4446 2005-01-05 14:42 millert
4448 * sudo.h: Undo last commit and add sudo_setspent and sudo_endspent
4451 2005-01-05 14:41 millert
4453 * getspwuid.c, pwutil.c: Move all but the shadow stuff from
4454 getspwuid.c to pwutil.c and pwcache_get and pwcache_put as they
4455 are no longer needed. Also add preprocessor magic to use private
4456 versions of the passwd and group routines if MYPW is defined (for
4457 use by testsudoers).
4459 2005-01-04 22:40 millert
4461 * tsgetgrpw.c: zero out struct passwd/group before filling it in so
4462 if there are fields we don't handle they end up as 0.
4464 2005-01-04 20:10 millert
4466 * logging.c, sudo.c, sudo.h, testsudoers.c, visudo.c: Adapt to
4469 2005-01-04 20:09 millert
4471 * Makefile.in: Add tsgetgrpw.c and pwutil.c Rename the *OBJ
4472 variables for better readability.
4474 2005-01-04 20:08 millert
4476 * tsgetgrpw.c: Passwd and group lookup routines for testsudoers
4477 that support alternate passwd and group files.
4479 2005-01-04 20:07 millert
4481 * getspwuid.c, pwutil.c: Split off pw/gr cache and dup code into
4482 its own file. This allows visudo and testsudoers to use the
4485 2005-01-01 19:31 millert
4487 * parse.c: Print Defaults info in "sudo -l" output and wrap lines
4488 based on the terminal width.
4490 2005-01-01 12:41 millert
4492 * match.c, visudo.c, testsudoers.c: Only check group vector in
4493 usergr_matches() if we are matching the invoking or list user.
4494 Always check the group members, even if there was a group vector.
4496 2004-12-17 17:24 millert
4498 * LICENSE, Makefile.in, fnmatch.3: No longer bundle fnmatch.3
4500 2004-12-17 13:12 millert
4502 * CHANGES, TODO: checkpoint
4504 2004-12-16 14:20 millert
4506 * sudo.c: sort usage
4508 2004-12-16 14:20 millert
4510 * sudo.pod: Sort command line options
4512 2004-12-16 13:33 millert
4514 * def_data.c, def_data.h, def_data.in, defaults.c, logging.c,
4515 sudo.c, sudo.pod, sudoers.pod: Add closefrom sudoers option to
4516 start closing at a point other than 3. Add closefrom_override
4517 sudoers option and -C sudo flag to allow the user to specify a
4518 different closefrom starting point.
4520 2004-12-16 13:25 millert
4522 * pathnames.h.in: Add _PATH_DEVNULL for those without it.
4524 2004-12-15 22:55 millert
4526 * LICENSE: no more UCB strcasecmp
4528 2004-12-15 22:54 millert
4530 * strcasecmp.c: replace BSD licensed one with version derived from
4533 2004-12-09 21:07 millert
4535 * sudo.c: Fix last commit.
4537 2004-12-09 19:26 millert
4539 * sudo.c: Make sure stdin, stdout and stderr are open and dup them
4540 to /dev/null if not.
4542 2004-12-03 13:57 millert
4544 * ldap.c, mon_systrace.c, sudo.c, sudo.h: add sudo_ldap_close
4546 2004-12-03 13:52 millert
4548 * fileops.c, gettime.c, sudo.c, sudo_edit.c, utimes.c, visudo.c:
4549 Use TIME_WITH_SYS_TIME
4551 2004-12-03 13:48 millert
4553 * configure, configure.in, config.h.in: Add TIME_WITH_SYS_TIME_H
4555 2004-12-02 11:18 millert
4557 * env.c: Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE
4558 being set unconditionally on darwin. From Toby Peterson.
4560 2004-12-02 10:40 millert
4562 * getspwuid.c: Check rbinsert() return value. In the case of faked
4563 up entries there is usually a negative response cached that we
4566 In pwfree() don't try to zero out a NULL pw_passwd pointer.
4568 2004-12-02 09:53 millert
4570 * mon_systrace.c: Use the double fork trick to avoid the monitor
4571 process being waited for by the main program run through sudo.
4573 2004-11-29 12:52 millert
4575 * sudo.c: Call initgroups() in -U mode so group matches work
4578 2004-11-29 12:34 millert
4580 * def_data.h, mkdefaults: Don't print a trailing comma for the last
4581 entry in enum def_tupple
4583 2004-11-28 16:08 millert
4585 * sudoers.cat, sudoers.man.in, sudoers.pod: Mention values when
4586 lecture, listpw and verifypw are used in boolean context.
4588 2004-11-28 16:05 millert
4590 * def_data.c, def_data.in: verifypw when used in a boolean TRUE
4591 context should be "all", not "any".
4593 2004-11-26 14:21 millert
4595 * def_data.in, defaults.c: Allow tuples that can be used as
4596 booleans to be used as boolean TRUE. In this case the 2nd
4597 possible value of the tuple is used for TRUE.
4599 2004-11-25 12:23 millert
4601 * configure, configure.in: Correct the test for 2-parameter
4604 2004-11-25 12:20 millert
4606 * sudo.h: Add strub struct definitions for passwd, timeval and
4609 2004-11-25 12:09 millert
4611 * configure, configure.in, config.h.in, sudo_edit.c, visudo.c: Add
4612 check for 2-argument form of timespecsub (FreeBSD and BSD/OS) and
4613 fix a typo in the gettimeofday check.
4615 2004-11-24 16:44 millert
4617 * match.c, testsudoers.c: Deal with user_stat being NULL as it is
4618 for visudo and testsudoers.
4620 2004-11-24 16:31 millert
4622 * parse.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod: Add -U
4623 option to use in conjunction with -l instead of -u. Add support
4624 for "sudo -l command" to test a specific command.
4626 2004-11-24 16:28 millert
4628 * gram.c, gram.y, sudo.c: Set safe_cmnd after sudoers_lookup() if
4629 it has not been set. Previously it was set by sudo "ALL" in the
4630 parser but at that point the fully-qualified pathname has not yet
4633 2004-11-23 18:18 millert
4635 * parse.c, testsudoers.c: Correctly handle multiple privileges per
4636 userspec and runas inheritence.
4638 2004-11-21 14:09 millert
4640 * defaults.c: Zero out sd_un for each entry in sudo_defs_table in
4643 2004-11-19 18:04 millert
4645 * toke.c, toke.l: make per-command defaults work with sudoedit
4647 2004-11-19 18:00 millert
4649 * ldap.c, parse.c, sudo.c, sudo.h: Remove the FLAG_NOPASS,
4650 FLAG_NOEXEC and FLAG_MONITOR flags. Instead, we just set the
4651 approriate defaults variable.
4653 2004-11-19 17:09 millert
4655 * sample.sudoers, sudoers.cat, sudoers.man.in, sudoers.pod:
4656 Document per-command Defaults.
4658 2004-11-19 16:35 millert
4660 * defaults.c, defaults.h, gram.c, gram.h, gram.y, mon_systrace.c,
4661 sudo.c, testsudoers.c, toke.c, toke.l, visudo.c: Add support for
4662 command-specific Defaults entries. E.g.
4663 Defaults!/usr/bin/vi noexec
4665 2004-11-19 15:03 millert
4667 * defaults.c, match.c, parse.c, parse.h, testsudoers.c: Change an
4668 occurence of user_matches() -> runas_matches() missed previously
4669 runas_matches(), host_matches() and cmnd_matches() only really
4670 need to pass in a list of members. user_matches() still needs to
4671 pass in a passwd struct because of "sudo -l"
4673 2004-11-19 14:46 millert
4675 * parse.c: Check def_authenticate, def_noexec and def_monitor when
4676 setting return flags. XXX May be better to just set the defaults
4677 directly and get rid of those flags.
4679 2004-11-19 13:39 millert
4681 * alias.c, alloc.c, check.c, closefrom.c, defaults.c, env.c,
4682 error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c,
4683 getprogname.c, getspwuid.c, gettime.c, glob.c, goodpath.c,
4684 gram.c, gram.y, interfaces.c, ldap.c, logging.c, match.c,
4685 mon_systrace.c, parse.c, redblack.c, set_perms.c, snprintf.c,
4686 strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
4687 sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c,
4688 toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c,
4689 auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
4690 auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
4691 auth/rfc1938.c, auth/secureware.c, auth/securid.c,
4692 auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Use: #include
4693 <config.h> Not: #include "config.h" That way we get the correct
4694 config.h when build dir != src dir
4696 2004-11-19 13:30 millert
4698 * Makefile.in: Back out part of rev 1.263; fix -I order
4700 2004-11-19 13:12 millert
4702 * toke.c, toke.l: More robust parsing if #include; could be much
4705 2004-11-19 12:55 millert
4707 * sudo_edit.c, visudo.c: Make arg splitting in visudo and sudoedit
4710 2004-11-19 12:35 millert
4712 * Makefile.in, alias.c, gram.c, gram.y, parse.h: Split alias
4713 routines out into their own file.
4715 2004-11-19 12:32 millert
4717 * error.h: __attribute__ is already defined in compat.h
4719 2004-11-19 12:30 millert
4721 * visudo.c: quit() should not be __noreturn__ as it is non-void on
4724 2004-11-19 12:24 millert
4726 * auth/: fwtk.c, rfc1938.c, securid.c, securid5.c: Add local
4727 error/warning functions like err/warn but that call an additional
4728 cleanup routine in the error case. This means we no longer need
4729 to compile a special version of alloc.o for visudo.
4731 2004-11-19 11:54 millert
4733 * parse.h: Clarify comments about the data structures
4735 2004-11-18 15:28 millert
4737 * visudo.c: Add support for VISUAL and EDITOR containing command
4738 line args. If env_editor is not set any args in VISUAL and
4739 EDITOR are ignored. Arguments are also now supported in
4742 2004-11-17 14:25 millert
4744 * parse.h: alias_matches() is no more
4746 2004-11-17 14:09 millert
4748 * CHANGES, TODO: sync
4750 2004-11-17 13:19 millert
4752 * Makefile.in: When regenerating the parser, don't replace gram.h
4753 unless it has changed.
4755 2004-11-17 11:56 millert
4757 * Makefile.in: remove Makefile.binary for distclean
4759 2004-11-17 11:18 millert
4761 * env.c: Preserve KRB5CCNAME in zero_env() and add a paranoia check
4762 to make sure we can't overflow new_env.
4764 2004-11-17 10:33 millert
4766 * sudo_edit.c: paranoia when stripping trailing slashes from
4769 2004-11-16 19:00 millert
4771 * sudo.c: Set user_ngroups to 0 if getgroups() returns an error.
4773 2004-11-16 18:59 millert
4775 * configure, configure.in, config.h.in, sudo.c: Add configure check
4778 2004-11-16 18:55 millert
4780 * ldap.c: Use supplementary group vector in struct sudo_user.
4782 2004-11-16 18:40 millert
4784 * match.c: Only do string comparisons on the group members if there
4785 is no supplemental group list.
4787 2004-11-16 16:10 millert
4789 * CHANGES, TODO: sync
4791 2004-11-16 15:54 millert
4793 * sudo_edit.c: On Digital UNIX _PATH_VAR_TMP doesn't end with a
4794 trailing slash so chop off any trailing slashes we see and add an
4797 2004-11-16 12:02 millert
4799 * match.c: remove bogus XXX comment
4801 2004-11-16 11:10 millert
4803 * match.c: Get rid of alias_matches and correctly fall through to
4804 the non-alias cases when there is no alias with the specified
4807 2004-11-16 10:47 millert
4809 * getspwuid.c: Cache non-existent passwd/group entries too.
4811 2004-11-16 10:45 millert
4815 2004-11-15 23:32 millert
4817 * getspwuid.c: fix typo
4819 2004-11-15 23:24 millert
4821 * check.c, getspwuid.c, glob.c, ldap.c, logging.c, match.c,
4822 mon_systrace.h, sudo.c, sudo.h, testsudoers.c, visudo.c:
4823 Implement group caching and use the passwd and group caches
4826 2004-11-15 14:43 millert
4828 * match.c: Properly negate the return value of alias_matches() when
4831 2004-11-15 14:38 millert
4833 * match.c: Make hostname_matches() return TRUE for a match, else
4834 FALSE like the caller expects.
4836 2004-11-15 13:24 millert
4838 * Makefile.in: Add missing dependencies on gram.h
4840 2004-11-15 13:06 millert
4842 * match.c: Use runas_matches in alias_matches() now that we have
4845 2004-11-15 13:00 millert
4847 * parse.c, parse.h: Expand aliases in "sudo -l" mode
4849 2004-11-15 12:33 millert
4851 * gram.y, match.c: Use ALIAS for the member type when storing an
4852 alias instead of HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since
4853 match.c relies on the more generic type. Expand runas_matches
4854 instead of calling user_matches() inside of it since
4855 user_matches() looks up USERALIASes, not RUNASALIASes.
4857 2004-11-15 12:05 millert
4859 * CHANGES, getspwuid.c: Paranoia; zero out pw_passwd before freeing
4862 2004-11-15 10:53 millert
4864 * LICENSE, Makefile.in, alloc.c, check.c, config.h.in, configure,
4865 configure.in, err.c, error.c, error.h, defaults.c, env.c,
4866 find_path.c, interfaces.c, logging.c, mon_systrace.c, sudo.c,
4867 sudo.h, sudo_edit.c, testsudoers.c, visudo.c, emul/err.h: Add
4868 local error/warning functions like err/warn but that call an
4869 additional cleanup routine in the error case. This means we no
4870 longer need to compile a special version of alloc.o for visudo.
4872 2004-11-15 09:59 millert
4874 * match.c: Use userpw_matches() to compare usernames, not strcmp(),
4875 since the latter checks for "#uid".
4877 2004-11-15 09:53 millert
4879 * getspwuid.c, mon_systrace.c, mon_systrace.h, sudo.c: Cache passwd
4880 db entries in 2 reb-black trees; one indexed by uid, the other by
4881 user name. The data returned from the cache should be considered
4882 read-only and is destroyed by sudo_endpwent().
4884 2004-11-15 09:50 millert
4886 * match.c: add cast to uid_t
4888 2004-11-15 09:49 millert
4890 * gram.y: missing free in alias_destroy
4892 2004-11-15 09:49 millert
4894 * redblack.c: Can't use rbapply() for rbdestroy since the
4895 destructor is passed a data pointer, not a node pointer.
4897 2004-11-14 23:06 millert
4899 * getspwuid.c, logging.c, sudo.c, sudo.h: Create and use private
4900 versions of setpwent() and endpwent() that set/end the shadow
4903 2004-11-14 22:55 millert
4905 * gram.c, gram.h, gram.y, match.c, parse.h, testsudoers.c,
4906 visudo.c: Store aliases in a red-black tree.
4908 2004-11-14 22:52 millert
4910 * Makefile.in, redblack.c, redblack.h: red-black tree
4913 2004-11-14 22:37 millert
4915 * visudo.c: Edit all sudoers file if there were unused or undefined
4916 aliases and we are in strict mode.
4918 2004-11-12 11:19 millert
4920 * CHANGES, def_data.c, def_data.h, def_data.in, defaults.c, env.c,
4921 find_path.c, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.c:
4922 Bring back the "secure_path" Defaults option now that Defaults
4923 take effect before the path is searched.
4925 2004-11-11 12:22 millert
4927 * logging.c, parse.c: A user can always list their own entries,
4928 even with -u. Better error message when failing to list another
4931 2004-11-11 12:12 millert
4933 * parse.c, sudo.c, sudo.h: The syntax to list another user's
4934 entries is now "-u otheruser -l". Only root or users with sudo
4935 "ALL" may list other user's entries.
4937 2004-11-11 11:30 millert
4939 * sudo.cat, sudo.man.in, sudo.pod: Update env variable info in
4942 2004-11-11 11:25 millert
4944 * env.c: strip CDPATH too
4946 2004-11-11 11:20 millert
4948 * env.c: strip exported bash functions from the environment.
4950 2004-10-27 12:16 millert
4952 * sudo.c: Only reset sudo_user.pw based on SUDO_USER environment
4953 variables for real commands and sudoedit. This avoids a
4954 confusing message when a user tries "sudo -l" or "sudo -v" and is
4957 2004-10-27 12:06 millert
4959 * gram.c, gram.y, parse.h: Extend LIST_APPEND to deal with
4962 2004-10-26 18:39 millert
4964 * logging.c: Convert some bitwise AND to ISSET
4966 2004-10-26 18:29 millert
4968 * lex.yy.c, toke.c: toke.c replaces lex.yy.c
4970 2004-10-26 18:29 millert
4972 * CHANGES, TODO: sync
4974 2004-10-26 18:28 millert
4976 * BUGS: new parser fixes most of the outstanding bugs
4978 2004-10-26 18:27 millert
4982 2004-10-26 18:26 millert
4984 * visudo.c: Rework for the new parser. Now checks for unused
4987 2004-10-26 18:25 millert
4989 * testsudoers.c: Rewrite for the new parser. Now supports a -d
4990 flag (dump) and adds a -h flag (host). It now defaults to the
4991 local hostname unless otherwise specified.
4993 2004-10-26 18:23 millert
4995 * sudo.h: Add new prototypes. Remove NOMATCH/UNSPEC (now in
4998 2004-10-26 18:22 millert
5000 * sudo.c: Update for new parse. We now call find_path() *after* we
5001 have updated the global defaults based on sudoers. Also adds
5002 support for listing other user's privs if you are root.
5004 2004-10-26 18:21 millert
5006 * mon_systrace.c: Working LDAP support; also remove a now-unneeded
5009 2004-10-26 18:20 millert
5011 * logging.c, logging.h: Add NO_STDERR flag.
5013 2004-10-26 18:19 millert
5015 * ldap.c: Split sudo_ldap_check() into three pieces:
5016 sudo_ldap_open(), udo_ldap_update_defaults() and
5017 sudo_ldap_check(). This allows us to connecto to LDAP, apply the
5018 default options, find the command in the user's path, and then
5019 check whether the user is allowed to run it. The important thing
5020 here is that the default runas user may be specified as a default
5021 option and that needs to be set before we search for the command.
5023 2004-10-26 18:17 millert
5025 * ldap.c: Add casts to unsigned char for isspace() to quiet a gcc
5028 2004-10-26 18:16 millert
5030 * defaults.h: Add prototype for update_defaults()
5032 2004-10-26 18:16 millert
5034 * defaults.c: Don't warn about line numbers now that we operate on
5035 a set of data structures (or LDAP) and not a file.
5037 2004-10-26 18:15 millert
5039 * config.h.in: No long use lsearch()
5041 2004-10-26 18:14 millert
5043 * Makefile.in: Update for new and changed file names.
5045 2004-10-26 18:14 millert
5047 * LICENSE: no more BSD lsearch.c
5049 2004-10-26 18:14 millert
5051 * match.c: foo_matches() routines now live in match.c Added
5052 user_matches(), runas_matches(), host_matches(), cmnd_matches()
5053 and alias_matches() that operate on the parsed sudoers file.
5055 2004-10-26 18:12 millert
5057 * parse.lex, toke.l: Move parse.lex -> toke.l Rename buffer_frob()
5058 -> switch_buffer() WORD no longer needs to exclude '@' kill
5061 2004-10-26 18:10 millert
5063 * gram.c, gram.h, gram.y, parse.c, parse.h, parse.yacc, sudo.tab.h:
5064 Rewritten parser that converts sudoers into a set of data
5065 structures. This eliminates ordering issues and makes it
5066 possible to apply sudoers Defaults entries before searching for
5069 2004-10-26 18:09 millert
5071 * configure.in, lsearch.c, emul/search.h: We won't be using
5072 lsearch() any longer.
5074 2004-10-26 18:07 millert
5076 * ldap.c: sudo should not send mail if someone who runs 'sudo -l'
5079 2004-10-26 16:09 millert
5081 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
5082 visudo.man.in: regen
5084 2004-10-26 16:09 millert
5086 * visudo.pod: Update warnings to match new visudo
5088 2004-10-26 16:08 millert
5090 * sudoers.pod: The new parser doesn't have the old ordering
5093 2004-10-26 16:08 millert
5095 * sudo.pod: Document that -l now takes an optional username
5098 2004-10-25 13:44 millert
5100 * RUNSON: AIX 5.2.0.0 works
5102 2004-10-25 13:38 millert
5104 * ldap.c: If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS
5105 instead. Fixes a compilation problem with Solaris 9's native
5108 Set FLAG_MONITOR when needed.
5110 2004-10-23 13:32 millert
5112 * mon_systrace.c: Call sudo_goodpath() *after* changing the cwd to
5113 match the traced process. Fixes relative paths.
5115 2004-10-21 12:31 millert
5117 * testsudoers.c: Kill set_perms() stub--it is no longer needed.
5119 2004-10-13 12:52 millert
5121 * sudoers.cat, sudoers.man.in, sudoers.pod: stay_setuid now
5122 requires set_reuid() or setresuid()
5124 2004-10-13 12:46 millert
5126 * INSTALL, PORTING, TROUBLESHOOTING, config.h.in, configure,
5127 configure.in, set_perms.c, sudo.c, sudo.h: Kill use of POSIX
5128 saved uids; they aren't worth bothering with.
5130 2004-10-07 16:23 millert
5132 * glob.c: remove call to issetugid()
5134 2004-10-07 14:57 millert
5136 * sudoers.cat, sudoers.man.in, sudoers.pod: Remove warning about
5137 wildcards. Now that we use glob() the bug is fixed.
5139 2004-10-07 14:52 millert
5141 * parse.c: Use glob(3) instead of fnmatch(3) for matching pathnames
5142 and stat each result that matches the basename of the user's
5143 command. This makes "cd /usr/bin ; sudo ./blah" work when
5144 sudoers allows /usr/bin/blah. Fixes bug #143.
5146 2004-10-07 14:27 millert
5148 * configure, configure.in, config.h.in: Define HAVE_EXTENDED_GLOB
5149 for extended glob (GLOB_TILDE and GLOB_BRACE)
5151 2004-10-07 12:59 millert
5153 * config.h.in, configure, configure.in: Check for a glob() that
5154 supports GLOB_BRACE and GLOB_TILDE
5156 2004-10-07 12:51 millert
5158 * LICENSE: reference glob
5160 2004-10-07 12:50 millert
5162 * glob.c, emul/glob.h: 4.4BSD glob(3) with fixes from OpenBSD and
5163 some unneeded extensions removed.
5165 2004-10-05 17:26 millert
5167 * mon_systrace.c: Just return if STRIOCINJECT or STRIOCREPLACE
5168 fail. It probably means we are out of space in the stack gap...
5170 2004-10-05 17:20 millert
5174 2004-10-05 16:53 millert
5176 * mon_systrace.c: Take a stab at ldap sudoers support here.
5178 2004-10-05 15:13 millert
5180 * mon_systrace.c, mon_systrace.h: Detach from tracee on SIGHUP,
5181 SIGINT and SIGTERM. Now "sudo reboot" doesn't cause reboot to
5182 inadvertanly kill itself.
5184 2004-10-05 14:21 millert
5186 * mon_systrace.c: put "monitor" in the proctitle, not "systrace"
5188 2004-10-05 14:15 millert
5190 * mon_systrace.c: When modifying the environment, don't replace
5191 envp when we can get away with just rewriting pointers in the
5194 2004-10-05 13:46 millert
5196 * mon_systrace.c, mon_systrace.h: Add environment updating via
5197 STRIOCINJECT (if available).
5199 2004-10-05 10:22 millert
5201 * sudoers.cat, sudoers.man.in: regen
5203 2004-10-04 16:15 millert
5207 2004-10-04 16:15 millert
5209 * parse.lex: Fix bug introduced in unput() removal; want yyless(0)
5212 2004-10-04 12:09 millert
5214 * mon_systrace.c: Include file is now mon_systrace.h
5216 2004-10-04 12:07 millert
5218 * Makefile.in, configure, configure.in, def_data.c, def_data.h,
5219 def_data.in, lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc,
5220 sudo.c, sudo.h, sudo.tab.h, sudoers.pod: No longer call it
5221 tracing, it is now "monitoring" which should be more a obvious
5222 name to non-hackers.
5224 2004-10-01 15:06 millert
5226 * mon_systrace.c, mon_systrace.h: Fix some XXX
5228 2004-10-01 14:30 millert
5230 * mon_systrace.c, mon_systrace.h: No need to include syscall.h, use
5231 1024 as the max # of entries (the max that systrace(4) allows).
5233 Only need to use SYSTR_POLICY_ASSIGN once
5235 Change check_syscall() -> find_handler() and have it return the
5236 handler instead of just running it. We need this since handler
5237 now have two parts: one part that generates and answer and
5238 another that gets called after the answer is accepted (to do
5241 Add some missing check_exec for emul execv
5243 2004-10-01 10:58 millert
5245 * sample.pam, sample.sudoers, sample.syslog.conf, sudoers: Add
5248 2004-10-01 10:47 millert
5250 * config.h.in: Add missing HAVE_LINUX_SYSTRACE_H
5252 2004-09-30 20:46 millert
5254 * Makefile.in: add trace_systrace.o dependency
5256 2004-09-30 19:00 millert
5258 * configure, configure.in: Also look for systrace.h in
5261 2004-09-30 18:27 millert
5263 * mon_systrace.c, mon_systrace.h: Move all struct defs and
5264 prototypes into trace_systrace.h and mark all but
5265 systace_attach() static.
5267 2004-09-30 18:14 millert
5269 * mon_systrace.c, mon_systrace.h: Add support for tracing
5270 emulations. At the moment, all emulations are compiled in. It
5271 might make sense to #ifdef them in the future, though this
5272 impeeds readability.
5274 2004-09-30 17:07 millert
5276 * Makefile.in, configure.in, configure: rename systrace.c ->
5279 2004-09-30 15:58 millert
5281 * parse.yacc: Allow this to build with a K&R compiler again
5283 2004-09-30 13:58 millert
5287 2004-09-30 13:55 millert
5289 * sudo.c, compat.h, visudo.c: Use __attribute__((__noreturn__))
5291 2004-09-30 13:44 millert
5293 * visudo.c: Exit() takes a negative value to indicate it was not
5296 2004-09-30 13:25 millert
5298 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
5299 visudo.man.in: regen
5301 2004-09-30 13:22 millert
5303 * Makefile.in, visudo.c: Define Err() and Errx() that are like
5304 err() and errx() but call Exit() instead of exit(). Build
5305 private copy of alloc.o for visudo that calls Err() and Errx().
5307 2004-09-29 15:22 millert
5311 2004-09-29 15:22 millert
5315 2004-09-29 14:41 millert
5317 * visudo.c: Overhaul visudo for editing multiple files: o visudo
5318 has been broken out into functions (more work needed here) o
5319 each file is now edited before sudoers is re-parsed o if a
5320 #include line is added that file will be edited too
5322 TODO: o cleanup temp files when exiting via err() or errx() o
5323 continue breaking things out into separate functions
5325 2004-09-29 14:36 millert
5327 * parse.lex, sudo.c, sudo.h, testsudoers.c, visudo.c: Add keepopen
5328 arg to open_sudoers that open_sudoers can use to indicate to the
5329 caller that the fd should not be closed when it is done with it.
5330 To be used by visudo to keep locked fds from being closed
5331 prematurely (and thus losing the lock).
5333 2004-09-29 14:33 millert
5335 * parse.yacc, sudo.c: Add errorfile global that contains the name
5336 of the file that caused the error.
5338 2004-09-29 14:30 millert
5340 * parse.lex: return COMMENT to yacc grammar for a #include line
5342 2004-09-29 14:29 millert
5344 * parse.lex: Remove us of unput() in favor of yyless() which is
5347 2004-09-29 14:28 millert
5349 * parse.yacc: Allow an empty sudoers file.
5351 2004-09-28 16:50 millert
5353 * mon_systrace.c: Rewind sudoers_fp now that sudoers_lookup()
5354 doesn't do it for us.
5356 2004-09-28 14:37 millert
5360 2004-09-28 14:36 millert
5362 * visudo.c: Do signal setup before calling edit_sudoers(). Don't
5363 shadow the "quiet" global.
5365 2004-09-28 14:33 millert
5367 * visudo.c: If a sudoers file includes other files, edit those too.
5368 Does not yes deal with creating the new includes files itself.
5370 2004-09-28 14:31 millert
5372 * testsudoers.c: init_parser now takes a path
5374 2004-09-28 14:31 millert
5376 * parse.c, parse.h, parse.lex, parse.yacc: More scaffolding for
5377 dealing with multiple sudoers files: o init_parser() now takes a
5378 path used to populate the sudoers global o the sudoers global is
5379 used to print the correct file in yyerror() o when switching to
5380 a new sudoers file, perserve old file name and line number
5382 2004-09-28 14:29 millert
5384 * Makefile.in, pathnames.h.in: Kill _PATH_SUDOERS_TMP; it is not
5385 meaningful now that we can have multiple sudoers files.
5387 2004-09-28 13:52 millert
5389 * parse.c, sudo.c: Rewind sudoers_fp in open_sudoers() instead of
5390 sudoers_lookup() so we start at the right file position when
5391 reading include files.
5393 2004-09-27 21:04 millert
5395 * sudoers.pod: document #include
5397 2004-09-27 20:47 millert
5401 2004-09-27 20:47 millert
5403 * parse.lex: Add max depth of 128 for the include stack to avoid
5406 Since yyerror() doesn't stop parsing, pass return values back to
5407 yylex and call yyterminate() on error.
5409 2004-09-27 14:06 millert
5411 * sudoers.pod: document tracing
5413 2004-09-27 14:05 millert
5415 * sudo.pod: Mention PREVENTING SHELL ESCAPES section of sudoers man
5418 2004-09-27 12:08 millert
5422 2004-09-27 12:03 millert
5424 * parse.lex: Add support for #include in sudoers (visudo support
5427 2004-09-27 12:02 millert
5429 * parse.yacc: make yyerror()'s argument const
5431 2004-09-27 12:02 millert
5433 * testsudoers.c, visudo.c: Add open_sudoers() stubs.
5435 2004-09-27 12:01 millert
5437 * sudo.c, sudo.h: Rename check_sudoers() open_sudoers() and make it
5440 2004-09-26 12:35 millert
5442 * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in,
5443 version.h: Crank version
5445 2004-09-26 12:33 millert
5447 * Makefile.in, sudo.psf: Better HP-UX depot construction
5449 2004-09-25 17:08 millert
5451 * mon_systrace.c: o Made children global so check_exec() can lookup
5452 a child. o Replaced uid in struct childinfo with struct passwd *
5453 (for runas) o new_child() now takes a parent pid so the runas
5454 info can be inherited o Added find_child() to lookup a child by
5455 its pid o update_child() now fills in a struct passwd o Converted
5456 the big if/else mess in set_policy to a switch o Syscalls that
5457 change uid are now "ask" so we get SYSTR_MSG_UGID events
5459 2004-09-25 17:01 millert
5461 * getspwuid.c: Add flag to sudo_pwdup that indicates whether or not
5462 to lookup the shadow password. Will be used to a struct passwd
5463 that has the shadow password already filled in.
5465 2004-09-25 16:58 millert
5467 * mon_systrace.c: add missing increment of addr in read_string()
5469 2004-09-25 16:15 millert
5471 * mon_systrace.c: Remove bogus call to update_child() and some
5474 2004-09-25 16:11 millert
5476 * mon_systrace.c: Don't leak /dev/systrace fd to tracee Make
5477 initialized global for simplicity If STRIOCATTACH returns EBUSY
5478 we are already being traced Check for user_args == NULL in
5479 setproctitle() call Add missing calls to STRIOCANSWER
5481 2004-09-25 13:15 millert
5483 * sudo.c: g/c sudo_pwdup proto
5485 2004-09-24 20:21 millert
5487 * Makefile.in, sudo.psf: Add target for building a depot file
5489 2004-09-24 20:07 millert
5491 * mon_systrace.c: trim includes
5493 2004-09-24 14:11 millert
5495 * lex.yy.c, sudo.tab.h: regen
5497 2004-09-24 14:10 millert
5499 * INSTALL: document --with-systrace
5501 2004-09-24 14:10 millert
5503 * config.h.in, configure, configure.in: Add check for setproctitle
5505 2004-09-24 14:09 millert
5507 * mon_systrace.c: pass struct str_msg_ask in to syscall checker so
5508 it can set the error code
5510 2004-09-24 13:30 millert
5512 * mon_systrace.c: systrace(4) support for sudo. On systems with
5513 the systrace(4) kernel facility (OpenBSD, NetBSD, Linux w/
5514 patches) sudo can intercept exec calls and check the exec args
5515 against the sudoers file. In other words, sudo can now control
5516 subcommands and shell escapes.
5518 2004-09-24 13:17 millert
5520 * sudo.c, sudo.h: Call systrace_attach() if FLAG_TRACE is set.
5522 2004-09-24 13:15 millert
5524 * parse.c, parse.h, parse.lex, parse.yacc, sudo.h: Add trace
5525 Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE
5527 2004-09-24 13:13 millert
5529 * parse.c, sudo.c: Don't close sudoers_fp, keep it open and set
5530 close on exec flag instead.
5532 2004-09-24 13:11 millert
5534 * def_data.c, def_data.h, def_data.in: Add trace option
5536 2004-09-23 20:24 millert
5538 * Makefile.in: Add systrace
5540 2004-09-23 20:23 millert
5542 * INSTALL: SunOS /bin/sh blows up with configure
5544 2004-09-23 20:23 millert
5546 * configure, configure.in: Include sys/param.h before systrace.h
5548 2004-09-23 20:15 millert
5552 2004-09-23 20:15 millert
5554 * pathnames.h.in: _PATH_DEV_SYSTRACE
5556 2004-09-23 20:14 millert
5558 * configure.in: line up options in --help
5560 2004-09-23 20:11 millert
5562 * config.h.in, configure.in: Add --with-systrace
5564 2004-09-23 13:35 millert
5568 2004-09-23 13:35 millert
5570 * aclocal.m4, configure.in: make this work with autoconf-2.59
5572 2004-09-16 12:58 millert
5574 * sudo_edit.c: Simplify logic around open & stat of files and do
5575 sanity on edited file even if we lack fstat (still racable but
5578 2004-09-15 18:47 millert
5580 * HISTORY: Add support url
5582 2004-09-15 16:11 millert
5584 * Makefile.in: versino 1.6.8p1
5586 2004-09-15 15:20 millert
5588 * CHANGES: more changes for 1.6.8p1
5590 2004-09-15 15:18 millert
5592 * version.h: 1.6.8p1
5594 2004-09-15 12:16 millert
5596 * CHANGES, sudo_edit.c: Add sanity check so we don't try to edit
5597 something other than a regular file.
5599 2004-09-14 20:55 aaron
5603 2004-09-14 20:21 aaron
5605 * INSTALL: document --with-ldap-conf-file
5607 2004-09-14 17:43 millert
5609 * CHANGES, ins_csops.h: political correctness strikes again
5611 2004-09-14 15:09 millert
5615 2004-09-12 19:50 millert
5617 * Makefile.binary.in, Makefile.in: Install sudoedit man link
5619 2004-09-12 14:25 millert
5621 * INSTALL: Update PAM note and mention where HP-UX users can
5622 download gcc binaries.
5624 2004-09-12 12:08 millert
5626 * Makefile.in: libtool wants to install stuff from .libs so fake
5627 one up for binary installations.
5629 2004-09-12 11:53 millert
5631 * Makefile.binary.in: rm -f old sudoedit link instead of using ln
5632 -f set LIBTOOL correctly
5634 2004-09-12 11:53 millert
5636 * Makefile.in: Deal with "uname -m" having slashes in it rm -f old
5637 sudoedit link instead of using ln -f
5639 2004-09-12 10:22 millert
5641 * Makefile.binary, Makefile.binary.in: Makefile.binary ->
5642 Makefile.binary.in for config.status substitution Add support for
5643 installing noexec bits
5645 2004-09-12 10:21 millert
5647 * Makefile.in: Copy noexec bits into binary dists too No longer use
5648 my old arch script for making binary dists
5650 2004-09-12 09:36 millert
5652 * Makefile.binary: Install sudoedit link.
5654 2004-09-11 12:25 millert
5656 * emul/utime.h: avoid __P so there is no need for compat.h to be
5659 2004-09-11 12:24 millert
5661 * utimes.c: Don't use HAVE_UTIME_H before including config.h.
5663 2004-09-10 12:31 millert
5665 * compat.h: Fix Solatis futimes macro
5667 2004-09-09 11:02 millert
5669 * sudo_edit.c: Rename ots -> omtim for improved readability.
5671 2004-09-08 14:38 millert
5673 * sudo_edit.c: Redo changes in revision 1.7. Don't really need to
5674 keep the temp file open; re-opening it with the invoking user's
5677 2004-09-08 14:36 millert
5681 2004-09-08 14:35 millert
5683 * sudo.cat, sudo.man.in: regen
5685 2004-09-08 14:34 millert
5687 * sudo.pod: back out revision 1.70; it is no long applicable
5689 2004-09-08 11:57 millert
5691 * env.c: Let the loader initialize nep
5693 2004-09-08 11:49 millert
5695 * configure, configure.in, config.h.in: Removed unneed check for
5696 fchown Add check for gettimeofday Move autoheader template stuff
5697 into separate AH_TEMPLATE lines
5699 2004-09-08 11:48 millert
5701 * check.c, compat.h, fileops.c, sudo.h, sudo_edit.c, visudo.c: Use
5702 timespec throughout.
5704 2004-09-08 11:47 millert
5706 * Makefile.in: gettime.[co]
5708 2004-09-08 11:47 millert
5710 * gettime.c: function to return the current time in a struct
5713 2004-09-08 10:51 millert
5715 * utimes.c: Not a darpa-sponsored file.
5717 2004-09-07 16:36 millert
5719 * compat.h, config.h.in, configure, configure.in: Add a check for
5720 struct timespec and provide it for those without.
5722 2004-09-07 15:56 millert
5724 * config.h.in, configure, configure.in, sudo_edit.c: Add checks for
5725 st_mtim and st_mtimespec and add macros for pulling the mtime sec
5726 and nsec out of struct stat. These are used in sudo_edit() to
5727 better tell whether or not the file has changed.
5729 2004-09-07 15:55 millert
5731 * check.c, fileops.c, sudo.h, sudo_edit.c, visudo.c: Add an extra
5732 param to touch() for nsec
5734 2004-09-07 14:06 millert
5736 * sudo_edit.c: Call mkstemp() as the in invoking user so we don't
5737 have to chown the file later. Only touch() the temp file if we
5738 can do it via the file descriptor. Don't check for modification
5739 of the temp file if we lack fstat(). Catch errors read()ing the
5742 2004-09-07 14:04 millert
5744 * fileops.c: If path is NULL and fd == -1 return -1.
5746 2004-09-07 13:31 millert
5748 * sudo_edit.c: closefrom() is overkill, the only extra fds are the
5749 ones we opened so just close those in the child.
5751 2004-09-07 13:14 millert
5753 * Makefile.in, aclocal.m4, check.c, compat.h, config.h.in,
5754 configure, configure.in, fileops.c, sudo.h, sudo_edit.c, utime.c,
5755 utimes.c, visudo.c: Use utimes() and futimes() instead of utime()
5756 in touch(), emulating as needed. Not all systems are able to
5757 support setting the times of an fd so touch() takes both an fd
5758 and a file name as arguments.
5760 2004-09-06 21:12 aaron
5764 2004-09-06 16:46 millert
5766 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
5767 visudo.man.in: regen
5769 2004-09-06 16:45 millert
5771 * sudo.pod, sudoers.pod, visudo.pod: Add SUPPORT section and
5772 re-order some of the sections to match the order we use in
5775 2004-09-06 15:05 aaron
5777 * env.c: Openldap ~/.ldaprc fix
5779 2004-09-06 12:18 millert
5781 * sudo.pod: Talk about how the editor must write its changes to the
5782 original file and not just use rename(2).
5784 2004-09-06 12:12 millert
5788 2004-09-06 12:11 millert
5790 * sudo_edit.c: Keep the temp file open instead of re-opening after
5791 the editor has exited.
5793 2004-09-06 12:10 millert
5795 * sample.pam: Update for current redhat/fedora core.
5797 2004-09-02 21:56 aaron
5799 * README.LDAP: tls_ examples
5801 2004-09-02 00:03 aaron
5803 * ldap.c: config tls_* options
5805 2004-08-29 11:39 millert
5807 * configure, configure.in: No need for -lcrypt when using pam.
5809 2004-08-26 23:57 millert
5813 2004-08-26 23:44 aaron
5815 * configure.in, ldap.c, pathnames.h.in: Allow --with-ldap-conf-file
5816 option to override LDAP_CONF
5818 2004-08-26 22:08 aaron
5820 * ldap.c: cleanup debug message
5822 2004-08-26 19:29 aaron
5824 * README.LDAP: more config info
5826 2004-08-24 14:01 millert
5828 * TODO, find_path.c, goodpath.c, parse.c, sudo.c, sudo.h, visudo.c:
5829 Add cmnd_base to struct sudo_user and set it in init_vars(). Add
5830 cmnd_stat to struct sudo_user and set it in sudo_goodpath(). No
5831 longer use gross statics in command_matches(). Also rename some
5832 variables for improved clarity.
5834 2004-08-21 14:33 millert
5836 * INSTALL: document HP's crippled compiler deficiency.
5838 2004-08-21 14:25 millert
5840 * INSTALL: Fix some thinkos in --with-editor and --with-env-editor
5841 descriptions. Noticed by Norihiko Murase.
5843 2004-08-21 14:20 millert
5845 * configure, configure.in: --with-noexec takes an optional PATH
5848 2004-08-21 14:20 millert
5850 * INSTALL: document --with-noexec
5852 2004-08-17 16:21 millert
5854 * RUNSON, TODO: sync
5856 2004-08-17 15:11 millert
5858 * sudo_edit.c: Better warning message when sudoedit is unable to
5859 write to the destination file.
5861 2004-08-17 14:53 millert
5863 * sudo.cat, sudo.man.in: regen
5865 2004-08-17 14:53 millert
5867 * sudo.pod: Don't italicize the string "sudoedit"
5869 2004-08-16 18:45 millert
5871 * HISTORY: Mention GratiSoft.
5873 2004-08-11 14:29 millert
5875 * parse.yacc: Reset used_runas to FALSE when re-intializing the
5878 2004-08-09 19:04 millert
5880 * config.guess: Correct OpenBSD mips support
5882 2004-08-09 17:28 millert
5884 * config.guess: Add OpenBSD/mips
5886 2004-08-06 23:43 aaron
5888 * README.LDAP: More behavior notes
5890 2004-08-06 23:36 aaron
5892 * README.LDAP: Updates on current behavior
5894 2004-08-06 19:56 millert
5896 * sudo.pod, sudoers.pod: =back does not take an indentlevel (makes
5897 no difference to formatted files).
5899 2004-08-06 19:48 millert
5903 2004-08-06 19:42 millert
5905 * sudo.c: Consistency. Use same error for bad -u #uid when
5906 targetpw is set as we do when a bad -u username is specified.
5908 2004-08-06 19:33 millert
5910 * TODO: Add checksum idea from Steve Mancini
5912 2004-08-06 19:32 millert
5914 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
5916 2004-08-06 19:31 millert
5918 * sudo.pod, sudoers.pod: Document the restriction on uids specified
5919 via -u when targetpw is set.
5921 2004-08-06 19:24 millert
5923 * sudo.c: Error out when targetpw is enabled and sudo is run with
5924 -u #uid but #uid does not exist in the passwd database. We can't
5925 do target authentication when the target is not in passwd!
5927 2004-08-05 21:16 millert
5929 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
5931 2004-08-05 21:14 millert
5933 * TODO: Some more todo for the next release.
5935 2004-08-05 21:13 millert
5937 * INSTALL: Make it clear that PAM should be used for DCE support
5940 2004-08-05 21:13 millert
5942 * sudoers.pod: o Document problems with wildcards and relative
5943 paths. o Make the order requirements more prominent. o Change a
5944 "set" to "reset" for clarity.
5946 2004-08-05 14:29 millert
5948 * sudo.pod: Mention --with-secure-path, not SECURE_PATH.
5950 2004-08-02 22:34 aaron
5952 * ldap.c: reflect changes to parse.c
5954 2004-08-02 14:44 millert
5956 * parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c: Don't pass
5957 user_cmnd and user_args to command_matches(), just use the
5958 globals there. Since we keep state with statics anyway it is
5959 misleading to pretend that passing in different cmnd and
5960 cmnd_args will work.
5962 2004-08-02 14:40 millert
5964 * parse.c: Fix a bug introduced in rev. 1.149. When checking for
5965 pseudo-commands check for a '/' anywhere in cmnd, not just the
5968 2004-07-30 23:07 aaron
5970 * sudo.man.in, sudo.pod: Clarification thanks to Olivier Blin
5971 <oblin@mandrakesoft.com>
5973 2004-07-30 22:41 aaron
5975 * sudoers.man.in, sudoers.pod: Add ignore_local_sudoers
5977 2004-07-30 22:06 aaron
5979 * README.LDAP: Sun One schema definition by
5980 Andreas.Bussjaeger@t-systems.com and janth@moldung.no
5982 2004-07-29 11:57 millert
5986 2004-07-23 16:44 millert
5990 2004-07-23 16:43 millert
5992 * parse.c: Parse sudoers file as PERM_RUNAS not PERM_ROOT and
5993 remove a useless PERM_SUDOERS. Restore to PERM_ROOT upon exit of
5996 2004-07-08 10:20 millert
5998 * CHANGES: PAM change
6000 2004-07-07 21:04 aaron
6002 * ldap.c: Better debugging of ALL command
6004 2004-07-07 20:15 millert
6006 * parse.c: When matching for "sudoedit" in sudoers check both the
6007 command the user typed *and* the command that is listed in the
6010 2004-07-04 19:59 aaron
6012 * ldap.c: Added !command feature
6014 2004-06-28 10:51 millert
6016 * auth/pam.c: Use pam_acct_mgmt() to check for disabled accounts;
6019 2004-06-10 23:11 millert
6021 * LICENSE: License is ISC-style, not BSD-style
6023 2004-06-10 20:58 millert
6027 2004-06-10 16:54 millert
6029 * sudo.man.in, sudo.cat: regen
6031 2004-06-10 16:53 millert
6033 * sudo.pod: o Update some out of date bits to reality o Change the
6034 shell promt in examples to bourne-shell style o Clarify some
6035 details o Add a CAVEAT about "sudo cd /foo"
6037 2004-06-10 16:19 millert
6039 * check.c: Don't ask for a password if invoking user == target
6042 2004-06-10 12:32 millert
6044 * sudo.c: typo in comment
6046 2004-06-08 19:20 millert
6048 * sudoers.man.in, sudoers.cat: regen
6050 2004-06-08 19:19 millert
6052 * sudoers.pod: Expand on NOEXEC a little.
6054 2004-06-08 16:20 millert
6058 2004-06-08 15:58 millert
6060 * visudo.man.in, visudo.cat: regen
6062 2004-06-08 15:55 millert
6064 * CHANGES, parse.yacc, visudo.c, visudo.pod: Add a check in visudo
6065 for runas_default being set after it has already been used.
6067 2004-06-08 13:53 millert
6069 * parse.yacc: Add a MATCHED macro for testing whether foo_matches
6070 has been set to TRUE or FALSE. This is more readable than
6071 checking for >=0 or < 0. Doesn't change the actual code
6074 2004-06-06 20:11 millert
6076 * sudoers.man.in, sudoers.cat: regen
6078 2004-06-06 20:07 millert
6080 * sudoers, sudoers.pod: Correct description of where Defaults specs
6083 2004-06-06 20:02 millert
6085 * find_path.c, ldap.c, logging.h, testsudoers.c, visudo.c,
6086 auth/bsdauth.c, auth/kerb5.c, auth/pam.c: update (c) year
6088 2004-06-06 19:58 millert
6090 * check.c, compat.h, defaults.c, env.c, find_path.c, getcwd.c,
6091 ldap.c, logging.h, parse.c, parse.yacc, sudo.c, testsudoers.c,
6092 tgetpass.c, visudo.c, auth/bsdauth.c, auth/kerb5.c, auth/pam.c:
6093 Remove trailing spaces, no actual code changes.
6095 2004-06-06 16:22 millert
6097 * parse.yacc: Fix a >=0 that should be <0 that was improperly
6098 converted when UNSPEC was added.
6100 2004-06-06 15:54 millert
6102 * parse.yacc: Add do {} while(0) around pop macro Set cmnd_matches
6103 to UNSPEC, not NOMATCH when resetting it.
6105 2004-06-06 15:39 millert
6107 * parse.yacc: Fix pastos introduced in SETNMATCH addition.
6109 2004-06-05 13:55 millert
6111 * README.LDAP: Update for configure changes
6113 2004-06-05 13:42 millert
6115 * parse.yacc, sudo.h: Add NOMATCH and UNSPEC defines (-1 and -2
6116 respectively) and use these in parse.yacc. Also in parse.yacc
6117 initialize the *_matches vars to UNSPEC and add two macros,
6118 SETMATCH and SETNMATCH for use when setting *_matches to a value
6119 that may be NOMATCH/UNSPEC/TRUE/FALSE.
6121 2004-06-05 11:17 millert
6123 * parse.yacc: Initialize runas to -2, not -1 since we need to be
6124 able to distinguish between the initialized value and the value
6125 of a non-match when passing along the runas value to multiple
6128 The result of this is that an unmatched runas is now set to -1,
6129 not 0. This is required now that parse.c treats a FALSE value
6130 for runas as being explicitly denied.
6132 2004-06-03 16:21 millert
6134 * getprogname.c, sudo.c, visudo.c: Error out if argc < 1.
6136 2004-06-03 12:37 millert
6138 * configure, configure.in: Add tests for what libs we need to link
6139 with for ldap and for whether or not lber.h needs to be
6140 explicitly included.
6142 2004-06-02 20:30 aaron
6144 * ldap.c: Solaris native LDAP build fix
6146 2004-06-01 16:56 millert
6148 * ldap.c: Set edn to NULL is ldap_get_dn() fails to avoid potential
6149 use of an unset variable.
6151 2004-06-01 16:56 millert
6153 * sudo.h: Add prototype for sudo_ldap_list_matches
6155 2004-06-01 16:53 millert
6157 * compat.h, config.h.in, configure, configure.in: Better check for
6158 dirfd macro--we now set HAVE_DIRFD for the macro version too.
6159 Added check for dd_fd in `DIR' if no dirfd is found; this is now
6160 used to confitionally define the dirfd macro in compat.h.
6162 2004-06-01 16:51 millert
6164 * closefrom.c: Only check /proc/$$/fd if we have the dirfd
6167 2004-06-01 15:13 millert
6169 * compat.h, config.h.in, configure, configure.in: Add a check for a
6170 dirfd() function (like Linux) and add a dirfd macro in compat.h
6171 if there is no dirfd() function or macro.
6173 2004-06-01 14:59 millert
6175 * closefrom.c, getcwd.c: dirfd() is now defined in compat.h as
6178 2004-06-01 14:30 millert
6180 * CHANGES: Clarify closefrom() note.
6182 2004-06-01 12:51 millert
6184 * parse.c: When checking for a command in the directory, only copy
6187 2004-06-01 12:44 millert
6189 * closefrom.c: If there is a /proc/$$/fd directory, behave like the
6190 Solaris closefrom() and only close the descriptors listed
6193 2004-06-01 12:23 millert
6195 * alloc.c: compat.h guarantees INT_MAX is defined.
6197 2004-06-01 12:23 millert
6199 * compat.h: Add definitions of OPEN_MAX and INT_MAX for those
6200 without it and remove definition of RLIM_INFINITY (now unused).
6202 2004-05-31 21:22 millert
6204 * CHANGES, alloc.c, check.c, compat.h, find_path.c, getcwd.c,
6205 parse.c, sudo.c, sudo.h, visudo.c: Use PATH_MAX, not MAXPATHLEN
6206 since the former is standardized.
6208 2004-05-31 19:18 millert
6212 2004-05-31 19:10 millert
6214 * RUNSON: Add some entries that were mailed in a while ago
6216 2004-05-31 14:16 millert
6218 * closefrom.c: o sysconf returns a long, not an int. o check for
6219 negative return value from sysconf/getdtablesize and use
6220 OPEN_MAX in this case. o define OPEN_MAX to 256 for those
6221 without it (a fair guess...)
6223 2004-05-30 12:25 millert
6225 * UPGRADE: Mention change in parse order for RunAs entries.
6227 2004-05-30 12:15 millert
6231 2004-05-29 18:29 millert
6233 * config.h.in, configure.in, INSTALL, README.LDAP: o --with-ldap
6234 now takes an optional dir as a parameter
6235 o added check for ldap_initialize() and start_tls_s()
6237 2004-05-29 14:54 millert
6239 * README.LDAP: Fix some typos, word choice and formatting issues.
6241 2004-05-28 18:06 millert
6243 * tgetpass.c: Use SA_INTERRUPT so SunOS works correctly, avoid
6244 stdio and just use read/write as it is simpler.
6246 2004-05-28 16:27 millert
6248 * configure, configure.in: Remove hack overriding cross-compiler
6249 check. It should no longer be needed.
6251 2004-05-28 16:26 millert
6253 * compat.h: Remove select() compat bits since we no longer use
6256 2004-05-28 16:24 millert
6258 * CHANGES, tgetpass.c: Use alarm() instead of select() for the
6259 timeout for systems that don't fully/properly implement select().
6261 2004-05-27 19:14 millert
6265 2004-05-27 19:12 millert
6269 2004-05-27 19:12 millert
6271 * set_perms.c: Deal with systems that have no way of setting the
6272 effective uid such as nsr-tandem-nsk.
6274 2004-05-27 19:01 millert
6276 * configure, configure.in: Define NO_SAVED_IDS if we don't find
6279 2004-05-27 18:21 millert
6281 * config.h.in, configure, configure.in: Add back check for
6282 setreuid() since NSK doesn't have it.
6284 2004-05-27 15:57 millert
6286 * sudoers.cat, sudoers.man.in: regen
6288 2004-05-27 15:56 millert
6290 * BUGS, CHANGES: sync
6292 2004-05-27 15:55 millert
6294 * parse.c: In sudoers_lookup() return VALIDATE_NOT_OK if the runas
6295 user was explicitly denied and the command matched. This fixes a
6296 long-standing bug and makes: foo machine = (ALL)
6297 /usr/bin/blah foo machine = (!bar) /usr/bin/blah
6299 equivalent to: foo machine = (ALL, !bar) /usr/bin/blah
6301 2004-05-27 15:52 millert
6303 * sudoers.pod: Clarify mail_noperm
6305 2004-05-19 21:25 aaron
6307 * Makefile.in: Missing DESTDIR in make install for sudo_noexec.la
6309 2004-05-17 18:32 millert
6311 * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
6312 sudoers.cat, visudo.cat: regen
6314 2004-05-17 18:31 millert
6318 2004-05-17 18:31 millert
6320 * sample.sudoers, sudoers.pod: Remove fastboot/fasthalt (who still
6321 remembers these?) and add a minimal sudoedit example.
6323 2004-05-17 18:21 millert
6325 * CHANGES, INSTALL, TROUBLESHOOTING, UPGRADE, sudo.c, visudo.c:
6326 filesystem -> file system
6328 2004-05-17 18:19 millert
6330 * sudo.pod, sudoers.pod: Fix some minor typos and formatting goofs
6332 2004-05-17 18:10 millert
6336 2004-05-17 17:57 millert
6338 * visudo.pod: remove my email addr
6340 2004-05-17 17:55 millert
6342 * sudo.pod, sudoers.pod, visudo.pod: Use @mansectform@ and
6343 @mansectsu@ everywhere Make man page references links with L<>
6345 2004-05-17 16:51 millert
6347 * parse.lex: Accept quoted globbing characters and pass them
6348 verbatim for fnmatch()
6350 2004-05-17 16:50 millert
6352 * UPGRADE: Document that /tmp/.odus is gone.
6354 2004-05-17 16:28 millert
6356 * CHANGES, aclocal.m4, configure, pathnames.h.in: No longer use
6357 /tmp/.odus as a possible timestamp dir unless specifically
6358 configured to do so. Instead, if no /var/run exists, use
6359 /var/adm/sudo or /usr/adm/sudo.
6361 2004-05-17 16:08 millert
6363 * check.c, compat.h, logging.c, set_perms.c, sudo.c, tgetpass.c,
6364 visudo.c: Preliminary changes to support nsr-tandem-nsk. Based
6365 on patches from Tom Bates.
6367 2004-05-16 18:47 millert
6369 * CHANGES: There was no 1.6.7p6.
6371 2004-05-16 16:38 millert
6373 * BUGS, CHANGES: sync
6375 2004-05-16 16:36 millert
6377 * Makefile.in: add missing files to DISTFILES
6379 2004-05-16 16:23 millert
6381 * sudoers.man.in, sudo.cat, sudoers.cat, visudo.cat: regen
6383 2004-05-16 16:20 millert
6385 * Makefile.in: Fix some line wrap and update (c) year
6387 2004-04-28 15:05 aaron
6389 * README.LDAP: Build Note
6391 2004-04-06 22:03 aaron
6393 * Makefile.in: Fix install-dirs
6395 2004-04-04 20:27 millert
6397 * visudo.c: In Exit() when used as a signal handler, emsg is a
6398 pointer so sizeof() is wrong so make it a #define instead. Also
6399 avoid using a negative exit value. Found by Aaron Campbell
6401 2004-03-24 18:23 millert
6403 * sudoers.pod: Remove bogus sentence about uids in a User_List.
6404 Document usernames vs. uid parsing in a Runas_List.
6406 2004-03-24 18:06 millert
6408 * parse.c, parse.h, parse.yacc, sudo.c, testsudoers.c, visudo.c: If
6409 the user specified a uid with the -u flag and the uid exists in
6410 the passwd file, set runas_user to the name, not the uid.
6412 When comparing usernames in sudoers, if a name is really a uid
6413 (starts with '#') compare it numerically to pw_uid.
6415 2004-03-22 13:35 millert
6417 * auth/kerb5.c: krb5_mcc_ops should be const; Johnny C. Lam
6419 2004-02-28 18:54 aaron
6421 * CHANGES, config.h.in, ldap.c: Added start_tls support
6423 2004-02-14 18:04 millert
6425 * Makefile.in: Clean up libtool stuff for 'make distclean' and add
6426 def_data.c, def_data.h to PARSESRCS.
6428 2004-02-14 10:13 aaron
6430 * strlcat.c, strlcpy.c: Un-Fix last license munge
6432 2004-02-13 16:37 millert
6434 * CHANGES, RUNSON, TODO: checkpoint
6436 2004-02-13 16:37 millert
6438 * lex.yy.c, configure: regen
6440 2004-02-13 16:36 millert
6442 * LICENSE, Makefile.binary, Makefile.in, alloc.c, check.c,
6443 closefrom.c, compat.h, defaults.c, defaults.h, env.c, fileops.c,
6444 find_path.c, getprogname.c, getspwuid.c, goodpath.c, ins_2001.h,
6445 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
6446 interfaces.h, ldap.c, logging.c, logging.h, parse.c, parse.h,
6447 parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c,
6448 strerror.c, strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.man.in,
6449 sudo.pod, sudo_edit.c, sudo_noexec.c, sudoers.man.in,
6450 sudoers.pod, testsudoers.c, tgetpass.c, utime.c, version.h,
6451 visudo.c, visudo.man.in, visudo.pod, zero_bytes.c, auth/afs.c,
6452 auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
6453 auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
6454 auth/rfc1938.c, auth/secureware.c, auth/securid.c,
6455 auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h,
6456 emul/search.h, emul/utime.h: More to a less restrictive,
6459 2004-02-12 21:08 aaron
6461 * CHANGES, Makefile.in, README.LDAP, config.h.in, configure.in,
6462 def_data.c, def_data.h, def_data.in, ldap.c, sudo.c, sudo.h,
6463 sudoers2ldif: Merged in LDAP Support
6465 2004-02-08 15:53 millert
6467 * sudo.h, sudo_noexec.c: Only do "extern int errno" if errno is not
6470 2004-02-06 18:08 millert
6472 * set_perms.c: setreuid(0, 0) fails on QNX if the euid is not
6473 already 0 so set the euid first, then just call setuid(0) to set
6476 2004-02-06 14:52 millert
6478 * set_perms.c: Use setresuid() and setreuid() for PERM_RUNAS when
6479 appropriate instead of seteuid() which may not exist.
6481 2004-02-04 14:58 millert
6485 2004-02-03 23:38 millert
6487 * INSTALL, config.h.in, configure, configure.in, ins_classic.h: Add
6488 --with-pc-insults configure option
6490 2004-02-03 23:32 millert
6492 * visudo.man.in: Prefer VISUAL over EDITOR like old vipw did.
6494 2004-02-01 15:45 millert
6496 * sudo.man.in, sudoers.man.in: regen
6498 2004-02-01 15:44 millert
6500 * sudoers.pod: Add a note that noexec is not a cure-all.
6502 2004-02-01 15:20 millert
6504 * sudoers.pod: Mention that disabling "root_sudo" is pretty
6507 2004-02-01 15:20 millert
6509 * configure, configure.in: Substitute for root_sudo in sudoers.pod
6511 2004-02-01 15:03 millert
6513 * sudo.pod: Add sudoedit to the NAME section
6515 2004-02-01 15:00 millert
6517 * sudoers.pod: Document that fact that setting ignore_dot in
6518 sudoers has no effect due to the fact that find_path() is called
6519 *before* sudoers is read.
6521 2004-01-29 19:50 millert
6523 * sudo_edit.c: Do not require _PATH_USRTMP to be set.
6525 2004-01-29 19:42 millert
6527 * BUGS, CHANGES, TODO: sync
6529 2004-01-29 19:42 millert
6531 * sudo.man.in: regen
6533 2004-01-29 19:41 millert
6535 * sudo.pod: Clarify that when sudo is run by root with the
6536 SUDO_USER variable set, the sudoers lookup happens for root and
6537 not the SUDO_USER user.
6539 2004-01-29 17:33 millert
6541 * defaults.c, env.c, fnmatch.c, interfaces.c, logging.c, parse.c,
6542 set_perms.c, sigaction.c, sudo.c, tgetpass.c, auth/pam.c,
6543 auth/sudo_auth.c: Use the SET, CLR and ISSET macros.
6545 2004-01-29 16:22 millert
6547 * interfaces.h: MAIN was replaced with _SUDO_MAIN some time ago.
6549 2004-01-29 16:15 millert
6551 * sudo.c: Don't look at prev_user until after we've parsed sudoers
6552 and done the password check. That way, if sudo/sudoedit is run
6553 from a root process that was invoked by sudo, we check sudoers
6554 for root, not the previous user. This makes sudoedit much more
6555 useful and means that for the sudo case, we get correct logging
6556 on who actually ran the command.
6558 2004-01-22 19:22 millert
6560 * sudo_edit.c: Add a comment describing why we need to be notified
6561 about our child stopping.
6563 2004-01-22 16:06 millert
6565 * def_data.c, def_data.in: Update the noexec variable descriptions
6567 2004-01-22 14:18 millert
6569 * sudoers.man.in, sudoers.pod: noexec now replaces more than just
6572 2004-01-22 12:14 millert
6574 * sudo_noexec.c: Alas, all the world does not go through execve(2).
6575 Many systems still have an execv(2) system call, Linux 2.6
6576 provides fexecve(2) and it is not uncommon for libc to have
6577 underscore ('_') versions of the functions to be used internally
6578 by the library. Instead of stubbing all these out by hand,
6579 define a macro and let it do the work. Extra exec functions
6580 pointed out by Reznic Valery.
6582 2004-01-21 21:57 millert
6584 * sudo.c, sudo_edit.c: Fix suspending the editor in -e mode.
6585 Because we do a fork() first we need to be notified when the
6586 child has been stopped and then send that same signal to ourself
6587 so the shell can do its job control thing.
6589 2004-01-21 21:44 millert
6591 * visudo.c: Use WIFEXITED and WEXITSTATUS macros. If there are
6592 systems out there that want to run sudo that still don't support
6593 these we can try to deal with that later.
6595 2004-01-21 20:03 millert
6599 2004-01-21 20:00 millert
6601 * sudo.man.in, sudo.pod, sudoers.man.in, sudoers.pod: Document sudo
6604 2004-01-21 19:08 millert
6606 * configure, configure.in: fix typo
6608 2004-01-21 19:02 millert
6610 * config.h.in, configure.in: Add SET/CLR/ISSET
6612 2004-01-21 18:55 millert
6614 * sudo.c: Allow non-exclusive flags when invoked as sudoedit.
6615 Pretty print the long usage() line to not wrap (assumes 80 char
6618 2004-01-21 18:01 millert
6620 * Makefile.in, sudo.c: If sudo is invoked as "sudoedit" the -e flag
6621 is implied and no other flags are permitted.
6623 2004-01-21 18:00 millert
6625 * sudo.h: Add a new flag, -e, that makes it possible to give users
6626 the ability to edit files with the editor of their choice as the
6627 invoking user, not the runas user. Temporary files are used for
6628 the actual edit and the temp file is copied over the original
6629 after the editor is done.
6631 2004-01-21 17:25 millert
6633 * Makefile.in, parse.c, parse.lex, sudo.c, sudo_edit.c: Add a new
6634 flag, -e, that makes it possible to give users the ability to
6635 edit files with the editor of their choice as the invoking user,
6636 not the runas user. Temporary files are used for the actual edit
6637 and the temp file is copied over the original after the editor is
6640 2004-01-21 17:06 millert
6642 * sudo.c, env.c: If real uid == 0 and the SUDO_USER environment
6643 variables is set, use that to determine the invoking user's true
6644 identity. That way the proper info gets logged by someone who
6645 has done "sudo su" but still uses sudo to as root. We can't do
6646 this for non-root users since that would open up a security hole,
6647 though perhaps it would be acceptable to use getlogin(2) on OSes
6648 where this a system call (and doesn't just look in the utmp
6651 2004-01-21 16:58 millert
6653 * pathnames.h.in: Add _PATH_TMP, _PATH_VARTMP and _PATH_USRTMP
6655 2004-01-21 16:57 millert
6657 * configure, config.h.in, configure.in: Add check for fchown(2)
6659 2004-01-20 14:22 millert
6661 * sudo.c: Back out portions of the -i commit that set NewArgv[0] in
6662 set_runaspw. It is far to late to set NewArgv[0] there and will
6663 have no effect anyway as cmnd and safe_cmnd have already been
6666 2004-01-20 14:18 millert
6668 * visudo.c, visudo.pod: Prefer VISUAL over EDITOR like old vipw
6671 2004-01-18 20:17 millert
6673 * env.c, sudo.c: In -i mode always set new environment based on the
6674 runas user's passwd entry.
6676 2004-01-18 17:56 millert
6678 * sudo.man.in, sudo.pod: Document the new -i flag and sync SYNOPSIS
6679 section with usage() in sudo.c. Also sort the flags in the
6682 2004-01-18 17:55 millert
6684 * sudo.c, sudo.h: o Add -i that acts similar to "su -", based on
6685 patches from David J. MacKenzie o Sort the flags in the usage
6688 2004-01-18 17:22 millert
6690 * sudoers.man.in, sudoers.pod: Add a missing @runas_default@
6693 2004-01-17 16:34 millert
6695 * sudo.c: Change euid to runas user before calling find_path().
6696 Unfortunately, though runas_user can be modified in sudoers we
6697 haven't parsed sudoers yet.
6699 2004-01-17 16:25 millert
6701 * sudoers.man.in, sudoers.pod: Add missing defintion of
6702 Parameter_List and use single pipes in the Defaults EBNF
6705 2004-01-17 13:49 millert
6707 * sudo.c: Fix a bug when set_runaspw() is used as a callback. We
6708 don't want to reset the contents of runas_pw if the user
6709 specified a user via the -u flag.
6711 Avoid unnecessary passwd lookups in set_authpw(). In most cases
6712 we already have the info in runas_pw.
6714 2004-01-16 18:16 millert
6716 * check.c: Add Stan Lee / Uncle Ben quote to the lecture from
6719 2004-01-16 18:12 millert
6721 * sudo.h: Update sudo_getepw() proto and add one for set_runaspw()
6723 2004-01-16 18:10 millert
6725 * parse.c: If we can't stat the command as root, try as the runas
6728 2004-01-16 18:09 millert
6730 * testsudoers.c, visudo.c: Add stub set_runaspw() function
6732 2004-01-16 18:09 millert
6734 * sudo.c: Add set_runaspw() function to fill in runas_pw. This
6735 will be used as a callback to update runas_pw when the runas user
6738 2004-01-16 18:07 millert
6740 * env.c, sudo.c: PERM_RUNAS -> PERM_FULL_RUNAS
6742 2004-01-16 18:05 millert
6744 * set_perms.c, sudo.h: Rename PERM_RUNAS -> PERM_FULL_RUNAS and add
6745 a PERM_RUNAS that just changes the euid.
6747 2004-01-16 18:04 millert
6749 * getspwuid.c: Make sudo_pwdup() act like OpenBSD pw_dup() and
6750 allocate memory in one chunk for easy free()ing. Also change it
6751 from static to extern.
6753 2004-01-16 18:03 millert
6755 * defaults.c, defaults.h: Add callback support
6757 2004-01-16 18:02 millert
6759 * def_data.c, def_data.in, mkdefaults: Add a callback field and use
6760 it for runas_default
6762 2004-01-15 15:13 millert
6764 * auth/fwtk.c: Add support for chalnecho and display server
6765 responses used by fwtk >= 2.0
6767 2004-01-12 18:39 millert
6769 * sudoers.man.in, sudoers.pod: ld.so is ld.so.1 on solaris
6771 2004-01-12 14:03 millert
6773 * Makefile.in, config.h.in, configure, configure.in, sudo.c,
6774 sudo.h: Use closefrom() instead of doing the equivalent inline.
6776 2004-01-12 13:55 millert
6778 * closefrom.c: closefrom(3) for systems w/o it
6780 2004-01-09 16:29 millert
6782 * sudoers.man.in: Update from .pod file.
6784 2004-01-09 16:26 millert
6786 * configure, configure.in: Substitute noexec_file for the sudoers
6789 2004-01-09 16:24 millert
6791 * sudo.man.in, sudo.pod: Mention noexec
6793 2004-01-09 16:16 millert
6795 * sudoers.man.in, sudoers.pod: Document noexec
6797 2004-01-09 14:38 millert
6799 * config.h.in, configure.in, auth/pam.c: Move PAM_CONST macro
6800 definition from config.h to pam.c where it belongs. We can't
6801 have this in config.h since that gets included too early.
6803 2004-01-09 14:35 millert
6805 * config.h.in, configure, configure.in, auth/pam.c: Some PAM
6806 implementations put their headers in /usr/include/pam instead of
6807 /usr/include/security.
6809 2004-01-09 14:32 millert
6811 * configure.in: I missed changing the EXEC macro -> EXECV here when
6812 I changed this in config.h.in and sudo.c a while ago.
6814 2004-01-09 13:15 millert
6816 * acsite.m4: OpenBSD vax/m88k/hppa don't do shared libs
6818 2004-01-09 03:29 millert
6820 * configure, configure.in: o merge the hpux case entries into a
6821 single entry w/ its own sub-case statement. o HP-UX >= 11
6822 support getspnam(), use it in preference to getprpwuid()
6824 2004-01-09 02:58 millert
6826 * configure, configure.in: eval $shrext so that it expands nicely
6829 2004-01-09 02:50 millert
6831 * Makefile.in: Don't lie about making a module, it does the wrong
6834 2004-01-09 02:49 millert
6836 * ltmain.sh: Remove requirement that libs must begin with "lib".
6837 They don't when we point directly at the lib using LD_PRELOAD or
6840 2004-01-09 02:01 millert
6842 * acsite.m4: Disable support for c++, f77 and java. We don't need
6843 it, it takes a lot of time, and it hosed our check for shared lib
6846 2004-01-09 02:00 millert
6850 2004-01-09 02:00 millert
6852 * configure.in: Call AC_ENABLE_SHARED and check the status of
6853 enable_shared to know when shared libs are available.
6855 2004-01-09 01:37 millert
6857 * acsite.m4: Duh, OpenBSD suports shared libs too
6859 2004-01-09 01:18 millert
6861 * configure.in, config.h.in: Only OpenPAM and Linux PAM use const
6864 2004-01-09 01:15 millert
6866 * configure, configure.in: o No need to check for sed, libtool
6867 config does that for us o move check for --with-noexec until
6868 after libtool magic is run so we can use $can_build_shared and
6871 2004-01-09 01:14 millert
6873 * ltmain.sh: Don't print a bunch of crap about library installs
6874 since we are not really installing a library.
6876 2004-01-09 00:38 millert
6878 * env.c: Make format_env() varargs Add noexec support for Darwin,
6879 MacOS X, Irix, and Tru64
6881 2004-01-09 00:32 millert
6883 * acsite.m4, ltconfig, ltmain.sh: Update to libtool 1.5 with local
6884 changes: o no ldconfig in the finish step o assume no libprefix
6885 or version is needed
6887 2004-01-09 00:15 millert
6889 * sudo_noexec.c: Fix compilation under K&R
6891 2004-01-06 09:31 millert
6893 * CHANGES: checkpoint
6895 2004-01-06 09:28 millert
6897 * sudo_noexec.c: stub execve() that just returns EACCES; used for
6898 noexec functionality
6900 2004-01-06 01:42 millert
6902 * sudo.tab.h: Regen w/ updated byacc from OpenBSD; fixes a gcc 3.2
6903 issue with generated code.
6905 2004-01-05 16:10 millert
6907 * def_data.c, def_data.h, def_data.in: Move the environment
6908 defaults to the end and shorten a few of the descriptions.
6910 2004-01-05 15:05 millert
6912 * configure.in, configure: no shared libs on ultris or convexos
6914 2004-01-05 15:03 millert
6916 * Makefile.in, configure, configure.in: Build sudo_noexec shared
6917 object using libtool; could use some cleanup.
6919 2004-01-05 14:59 millert
6921 * acsite.m4, ltconfig, ltmain.sh: libtool scaffolding
6923 2004-01-05 14:56 millert
6925 * parse.yacc: Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so
6926 that order is not important.
6928 2004-01-05 12:15 millert
6930 * defaults.c, env.c, parse.c, parse.h, parse.lex, parse.yacc,
6931 pathnames.h.in, sudo.c, sudo.h, lex.yy.c: update copyright year
6933 2004-01-04 22:58 millert
6935 * configure, configure.in, defaults.c, env.c, pathnames.h.in: Add
6936 _PATH_SUDO_NOEXEC and corresponding --with-noexec configure
6937 option. The default value of noexec_file is set to this.
6939 2004-01-04 21:48 millert
6941 * def_data.c, def_data.h, def_data.in, env.c, lex.yy.c, parse.c,
6942 parse.h, parse.lex, parse.yacc, sudo.c, sudo.h, sudo.tab.h: Add
6943 support for preloading a shared object containing a dummy
6944 execve() function that just sets error and returns -1. This adds
6945 a "noexec_file" option to load the filename as well as a "noexec"
6946 flag to enable it unconditionally. There is also a NOEXEC tag
6947 that can be attached to specific commands and an EXEC tag to
6950 2004-01-04 21:40 millert
6952 * mkdefaults: add missing newline to usage statement
6954 2004-01-04 20:39 millert
6956 * config.h.in, sudo.c: Rename EXEC macro -> EXECV
6958 2004-01-04 20:16 millert
6960 * logging.c: Don't truncate usernames to 8 characters in the log
6963 2004-01-04 20:13 millert
6965 * check.c, sudoers.man.in, sudoers.pod: Update copyright year
6967 2004-01-04 20:12 millert
6969 * check.c, def_data.c, def_data.h, def_data.in, sudoers.man.in,
6970 sudoers.pod: Add a new option, lecture_file, that can be used to
6971 point to a custom sudo lecture.
6973 2003-12-31 17:46 millert
6975 * Makefile.in, sudo.h, zero_bytes.c, auth/aix_auth.c,
6976 auth/bsdauth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Add a
6977 zero_bytes() function to do the equivalent of bzero in such a way
6978 that will heopfully not be optimized away by sneaky compilers.
6980 2003-12-31 13:35 millert
6982 * err.c: Use #ifdef __STDC__, not #if __STDC__.
6984 2003-12-30 17:41 millert
6986 * mkdefaults: Always put at least one space between the def_* macro
6987 name and its definition.
6989 2003-12-30 17:34 millert
6991 * configure, configure.in: Adjust code for --without-lecture to
6994 2003-12-30 17:33 millert
6996 * visudo.man.in: regen after pasto fix
6998 2003-12-30 17:31 millert
7000 * sudoers.man.in, sudoers.pod: Document that "lecture" has changed
7001 from a flag to a tuple.
7003 2003-12-30 17:31 millert
7005 * check.c, def_data.c, def_data.h, def_data.in, defaults.c,
7006 defaults.h, logging.c, mkdefaults, parse.c, sudo.c, sudo.h: Add
7007 support for tuples in def_data.in; these are implemented as an
7008 enum type. Currently there is only a single tuple enum but in
7009 the future we may have one tuple enum per T_TUPLE entry in
7010 def_data.in. Currently listpw, verifypw and lecture are tuples.
7011 This avoids the need to have two entries (one ival, one str) for
7012 pwflags and syslog values.
7014 lecture is now a tuple with the following values: never, once,
7017 We no longer use both an int and string entry for syslog
7018 facilities and priorities. Instead, there are logfac2str() and
7019 logpri2str() functions that get used when we need to print the
7022 2003-12-30 17:20 millert
7024 * check.c, def_data.h, defaults.c, defaults.h, env.c, find_path.c,
7025 logging.c, mkdefaults, parse.c, parse.yacc, set_perms.c, sudo.c,
7026 visudo.c, auth/aix_auth.c, auth/bsdauth.c, auth/fwtk.c,
7027 auth/pam.c, auth/rfc1938.c, auth/securid5.c, auth/sia.c,
7028 auth/sudo_auth.c: Create def_* macros for each defaults value so
7029 we no longer need the def_{flag,ival,str,list,mode} macros (which
7030 have been removed). This is a step toward more flexible data
7031 types in def_data.in.
7033 2003-12-30 15:55 millert
7037 2003-12-22 21:18 millert
7039 * sudo.c: If we are in -k/-K mode, just spew to stderr. It is not
7040 unusual for users to place "sudo -k" in a .logout file which can
7041 cause sudo to be run during reboot after the YP/NIS/NIS+/LDAP/etc
7042 daemon has died. Previously, this would result in useless mail
7045 2003-12-16 13:51 millert
7047 * visudo.pod: fix pasto in VISUAL description
7049 2003-12-09 22:09 millert
7053 2003-12-09 22:08 millert
7055 * CHANGES: checkpoint
7057 2003-12-09 22:02 millert
7059 * TROUBLESHOOTING: Some OSes (like Solaris) allow export w/ nosuid
7062 2003-08-12 16:45 millert
7064 * compat.h: We don't use FD_ZERO anymore so just define FD_SET (if
7067 2003-06-28 21:31 millert
7069 * auth/pam.c: Fix a core dump on Solaris by preserving the
7070 pam_handle_t we used during authentication for pam_prep_user().
7071 If we didn't authenticate (ie: ticket still valid), we call
7072 pam_init() from pam_prep_user(). This is something of a hack; it
7073 may be better to change the auth API and add an auth_final()
7074 function that acts like pam_prep_user().
7076 2003-06-21 12:50 millert
7078 * set_perms.c: Add explicit declaration of printerr variable in
7079 function header (was defaulting to int which is OK but oh so K&R
7082 2003-06-09 19:00 millert
7084 * config.h.in, configure.in: s/HAVE_STOW/USE_STOW/
7086 2003-06-09 16:07 millert
7088 * logging.c: Also exit waitpid() loop when pid == 0. Fixes a
7089 problem where the sudo process would spin eating up CPU until
7090 sendmail finished when it has to send mail.
7092 2003-05-30 16:22 millert
7094 * fnmatch.3, fnmatch.c: Remove advertising clause, UCB has
7097 2003-05-21 21:53 millert
7099 * parse.c: Don't assume that getgrnam() calls don't modify contents
7100 of struct passwd returned by getpwnam(). On FreeBSD w/ NIS this
7101 can happen. Based on a patch from Kirk Webb.
7103 2003-05-06 11:25 millert
7105 * configure.in: missing ;;
7107 2003-05-06 00:53 millert
7109 * configure.in: darwin has a broken setreuid() in at least some
7112 2003-05-06 00:31 millert
7114 * env.c: Fix an off by one error when reallocating the environment;
7117 2003-04-30 14:04 millert
7119 * sudoers.pod: Fix User_Spec definition; SEKINE Tatsuo
7121 2003-04-28 19:30 millert
7123 * HISTORY: More info on the early days from Coggs.
7125 2003-04-21 14:47 millert
7127 * auth/kerb5.c: remove errant semicolon that prevented compilation
7130 2003-04-15 20:42 millert
7132 * Makefile.in, alloc.c, check.c, compat.h, defaults.c, defaults.h,
7133 env.c, fileops.c, find_path.c, getprogname.c, getspwuid.c,
7134 goodpath.c, interfaces.c, interfaces.h, logging.c, parse.c,
7135 parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c,
7136 strerror.c, sudo.c, sudo.h, sudo.man.in, sudo.pod,
7137 sudoers.man.in, sudoers.pod, testsudoers.c, tgetpass.c, utime.c,
7138 version.h, visudo.c, visudo.man.in, visudo.pod, auth/afs.c,
7139 auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
7140 auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
7141 auth/rfc1938.c, auth/secureware.c, auth/securid.c,
7142 auth/securid5.c, auth/sia.c, auth/sudo_auth.c: add DARPA credit
7145 2003-04-15 20:25 millert
7147 * LICENSE: slightly different wording for the darpa credit
7149 2003-04-15 14:37 millert
7151 * LICENSE: Add DARPA credit
7153 2003-04-14 16:49 millert
7155 * auth/kerb5.c: Use krb5_princ_component() instead of
7156 krb5_princ_realm() for MIT Kerberos like we did before I messed
7159 Use krb5_principal_get_comp_string() to do the same thing w/
7160 Heimdal. I'm not sure if the component should be 0 or 1 in this
7163 #define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 for Heimdal since
7164 older versions lack ENCTYPE_DES_CBC_MD5. This is gross and there
7165 should be a configure check for this I guess.
7167 2003-04-13 15:48 millert
7169 * TROUBLESHOOTING, config.h.in, configure, configure.in,
7170 sample.sudoers: builtin -> built-in; Jason McIntyre
7172 2003-04-13 15:45 millert
7174 * sudoers.pod: built in -> built-in; Jason McIntyre
7176 2003-04-09 16:14 millert
7178 * CHANGES: checkpoint for 1.6.7p3
7180 2003-04-09 16:14 millert
7182 * HISTORY: Update info on the early years @ SUNY-Buffalo from Cliff
7183 Spencer. Amazingly, sudo source from 1985 is available via
7186 2003-04-09 16:13 millert
7188 * sudo.c: Don't change rl.rlim_max for RLIMIT_CORE. We need only
7189 set rl.rlim_cur to 0 to turn off core dumps. This may be needed
7190 for the RLIMIT_CORE restoration on some OSes.
7192 2003-04-04 12:46 millert
7194 * auth/kerb5.c: Make this compile on Heimdal and MIT Kerberos 5
7196 2003-04-04 12:45 millert
7198 * config.h.in, configure, configure.in: Check for heimdal even if
7199 we found krb5-config and define HAVE_HEIMDAL.
7201 2003-04-03 22:04 millert
7203 * auth/kerb5.c: Replace ETYPE_DES_CBC_MD5 with ENCTYPE_DES_CBC_MD5.
7204 The former is no longer defined by MIT kerb5 (though it used to
7205 be and indeed remains so in Heimdal).
7207 2003-04-03 10:16 millert
7209 * mkinstalldirs: Remove newer stuff that passes multiple (possibly
7210 duplicate) directories to "mkdir -p" since that seems to break on
7211 Tru64 Unix at least. This basically brings back what shipped
7214 2003-04-02 13:57 millert
7216 * auth/kerb5.c: Correct number of args to
7217 krb5_principal_get_realm() and fix an unclosed comment that hid
7220 2003-04-02 13:45 millert
7224 2003-04-02 13:45 millert
7226 * BUGS, CHANGES, INSTALL, INSTALL.binary, Makefile.in, README,
7227 configure.in, version.h: ++version
7229 2003-04-02 13:44 millert
7231 * configure.in: use krb5-config to determine Kerberos V details if
7234 2003-04-02 13:25 millert
7236 * alloc.c, check.c, compat.h, defaults.c, env.c, find_path.c,
7237 interfaces.c, logging.c, parse.c, sudo.c, sudo.h, testsudoers.c,
7238 visudo.c, auth/fwtk.c, auth/rfc1938.c, auth/securid.c,
7239 auth/securid5.c, auth/sia.c: Use warn/err and getprogname()
7240 throughout. The main exception is openlog(). Since the admin
7241 may be filtering logs based on the program name in the log files,
7242 hard code this to "sudo".
7244 2003-04-02 13:16 millert
7246 * Makefile.in: Add getprogname.c and err.c
7248 2003-04-02 13:15 millert
7252 2003-04-02 13:15 millert
7254 * configure.in, config.h.in: Add checks for getprognam(),
7255 __progname and err.h
7257 2003-04-02 13:14 millert
7259 * err.c, emul/err.h: For systems withour err/warn functions.
7261 2003-04-02 13:14 millert
7263 * getprogname.c: For systems neither getprogname() nor __progname;
7266 2003-04-01 10:09 millert
7268 * CHANGES: checkpoint for 1.6.7p1
7270 2003-04-01 10:02 millert
7272 * sudo.c, testsudoers.c: fix strlcpy() rval check (innocuous)
7274 2003-04-01 09:58 millert
7276 * check.c: oflow detection in expand_prompt() was faulty (false
7277 positives). The count was based on strlcat() return value which
7278 includes the length of the entire string.
7280 2003-03-30 19:02 millert
7282 * CHANGES, RUNSON, TODO: checkpoint for the sudo 1.6.7 release
7284 2003-03-24 16:09 millert
7286 * logging.c: g/c unused variable
7288 2003-03-24 11:06 millert
7292 2003-03-24 11:05 millert
7294 * configure.in: use man sections 8 and 5 for csops
7296 2003-03-21 18:11 millert
7300 2003-03-21 15:10 millert
7302 * configure.in: Add -lskey or -lopie directly to SUDO_LIBS instead
7303 of having AC_CHECK_LIB() add them to LIBS. Fixes visudo linkage.
7305 2003-03-21 14:02 millert
7309 2003-03-21 14:01 millert
7311 * INSTALL, aclocal.m4, configure.in: Add --with-blibpath for AIX.
7312 An alternate libpath may be specified or -blibpath support can be
7313 disabled. Also change conifgure such that -blibpath is not
7314 specified if no -L libpaths were added to SUDO_LDFLAGS.
7316 2003-03-20 22:05 millert
7318 * configure.in: add AIX blibpath support
7320 2003-03-20 20:28 millert
7322 * INSTALL, configure.in: --with-skey and --with-opie now take an
7323 option directory argument This obsoletes a --with-csops hack
7326 Also remove the remaining direct uses of "echo"
7328 2003-03-20 17:44 millert
7330 * configure.in: Detect KTH Kerberos IV and deal with it. Also make
7331 -lroken optional for KTH Kerberos IV and V.
7333 2003-03-20 14:42 millert
7335 * aclocal.m4: Add SUDO_APPEND_LIBPATH function that add
7336 -L/path/to/dir (and -R/path/to/dir if $with_rpath) to the
7339 2003-03-20 14:40 millert
7341 * INSTALL, configure.in: Add -R/path/to/libs for Solaris and SVR4.
7342 There is a new configure option, --with-rpath to control this
7345 2003-03-19 23:50 millert
7347 * configure.in: for kerb4 put libdes after libkrb on the link line
7349 2003-03-19 23:49 millert
7351 * auth/kerb4.c: typo
7353 2003-03-19 23:33 millert
7355 * configure.in: fix kerberos lib check when a path is specified
7357 2003-03-19 21:04 millert
7359 * logging.c: Fix boolean thinko in SIGCHLD reaper and call
7360 reapchild after sending mail instead of doing a conditional
7363 2003-03-19 16:20 millert
7367 2003-03-19 16:19 millert
7369 * configure.in: replace =DIR with [=DIR] where sensible
7371 2003-03-19 16:16 millert
7373 * configure.in: o Use AC_MSG_* instead of "echo" o New Kerberos
7374 include/lib detection based on openssh's configure.in
7376 2003-03-19 15:58 millert
7378 * INSTALL: --with-kerb4 and --with-kerb5 now take an optional
7381 2003-03-15 22:03 millert
7383 * auth/securid.c: Kill remaining strcpy(), the programmer's guide
7384 says username is 32 bytes.
7386 2003-03-15 21:18 millert
7388 * auth/kerb4.c: trat uid_t as unsigned long for printf and use
7389 snprintf, not sprintf
7391 2003-03-15 21:18 millert
7393 * auth/rfc1938.c: use snprintf
7395 2003-03-15 15:37 millert
7397 * auth/: afs.c, aix_auth.c, bsdauth.c, dce.c, fwtk.c, kerb4.c,
7398 kerb5.c, pam.c, passwd.c, rfc1938.c, sudo_auth.c: update
7401 2003-03-15 15:31 millert
7403 * LICENSE, alloc.c, check.c, configure.in, env.c, sudo.c,
7404 Makefile.in, aclocal.m4, compat.h, find_path.c, interfaces.c,
7405 logging.c, parse.c, parse.lex, parse.yacc, set_perms.c, sudo.h,
7406 sudo.pod, sudoers.pod, testsudoers.c, version.h, visudo.c,
7407 visudo.pod, sudo.man.in, sudoers.man.in, visudo.man.in: update
7410 2003-03-15 15:19 millert
7412 * check.c, env.c, sudo.c: Cast [ug]ids to unsigned long and printf
7415 2003-03-15 15:17 millert
7419 2003-03-15 15:16 millert
7421 * configure.in: correct error messages for
7422 --with-sudoers-{mode,uid,gid}
7424 2003-03-15 15:10 millert
7426 * alloc.c: make the malloc(0) error specific to each function to
7427 aid tracking down bugs.
7429 2003-03-15 14:49 millert
7431 * alloc.c: deal with platforms where size_t is signed and there is
7432 no SIZE_MAX or SIZE_T_MAX
7434 2003-03-15 14:10 millert
7436 * auth/kerb5.c: Make this compile w/ Heimdal and fix some gcc
7439 2003-03-15 13:02 millert
7441 * sudo.c: Use stat_sudoers macro so --with-stow can work
7443 2003-03-15 13:01 millert
7445 * INSTALL, config.h.in, configure, configure.in: Add support for
7446 --with-stow based on patches from Robert Uhl
7448 2003-03-15 12:51 millert
7450 * env.c: fix indentation
7452 2003-03-15 00:21 millert
7454 * configure.in: back out rev 1.352
7456 2003-03-14 20:11 millert
7460 2003-03-14 20:11 millert
7462 * parse.lex: use strlcpy, not strncpy
7464 2003-03-14 19:48 millert
7466 * set_perms.c: Fix typo; check pw_uid, not pw_gid after
7467 setusercontext() failure.
7469 2003-03-14 19:43 millert
7471 * logging.c: use pid_t
7473 2003-03-14 10:43 millert
7475 * strlcat.c, strlcpy.c: Make gcc shutup about unused rcsid
7477 2003-03-14 10:35 millert
7479 * interfaces.c: Move the n == 0 check for the non-getifaddrs cas
7481 2003-03-13 21:47 millert
7483 * auth/rfc1938.c: skeychallenge() on NetBSD take a size parameter
7485 2003-03-13 21:38 millert
7489 2003-03-13 21:38 millert
7491 * configure.in: put -ldl after -lpam, not before; fixes static
7494 2003-03-13 21:17 millert
7496 * interfaces.c: Avoid malloc(0) and fix the loop invariant for the
7499 2003-03-13 20:24 millert
7501 * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
7502 sudoers.cat, visudo.cat: regen
7504 2003-03-13 20:23 millert
7506 * Makefile.in: Preserve copyright notice from .pod file in .man.in
7509 2003-03-13 20:01 millert
7511 * visudo.pod: Add sudoers(5) to SEE ALSO
7513 2003-03-13 15:27 millert
7517 2003-03-13 15:27 millert
7519 * parse.lex: Don't assume libc can realloc() a NULL string. If
7520 malloc/realloc fails, make sure we just return; yyerror() is not
7523 2003-03-13 15:17 millert
7527 2003-03-13 15:17 millert
7529 * parse.lex: simplify fill_args a little and use strlcpy for
7532 2003-03-13 15:00 millert
7534 * check.c, env.c, find_path.c, parse.c, parse.yacc, sudo.c,
7535 testsudoers.c: Use strlc{at,py} for paranoia's sake and exit on
7536 overflow. In all cases the strings were either pre-allocated to
7537 the correct size of length checks were done before the copy but a
7538 little paranoia can go a long way.
7540 2003-03-13 12:54 millert
7542 * sudo.h: Add strlc{at,py} protos
7544 2003-03-13 12:03 millert
7546 * env.c, interfaces.c: Use erealloc3()
7548 2003-03-13 12:00 millert
7552 2003-03-13 12:00 millert
7554 * alloc.c: Oflow test of nmemb > SIZE_MAX / size is fine (don't
7555 need >=). Use memcpy() instead of strcpy() in estrdup() so this
7558 2003-03-13 11:58 millert
7560 * sudo.c: snprintf() a uid as %lu, not %ld to match the
7561 MAX_UID_T_LEN test in configure.
7563 2003-03-13 11:56 millert
7565 * aclocal.m4: In MAX_UID_T_LEN test cast uid_t to unsigned long,
7568 2003-03-12 18:46 millert
7570 * sudo.c: Use snprintf() for paranoia
7572 2003-03-12 17:16 millert
7574 * parse.yacc: Use emalloc2 and erealloc3
7576 2003-03-12 17:08 millert
7578 * Makefile.in: strlc{at,py} for those w/o it
7580 2003-03-12 17:07 millert
7582 * strlcat.c, strlcpy.c: stlc{at,py} for those w/o it.
7584 2003-03-12 17:07 millert
7586 * config.h.in, configure, configure.in: Add stlc{at,py} for those
7589 2003-03-12 16:51 millert
7591 * alloc.c, sudo.h: Add erealloc3(), a realloc() version of
7594 2003-03-12 16:45 millert
7596 * interfaces.c, sudo.c: Use emalloc2() to allocate N things of a
7599 2003-03-12 16:41 millert
7601 * alloc.c, sudo.h: Add emalloc2() -- like calloc() but w/o the
7602 bzero and with error/oflow checking.
7604 2003-03-12 16:23 millert
7606 * alloc.c: Error out on malloc(0); suggested by theo
7608 2003-03-09 19:34 millert
7610 * configure, configure.in: fix a typo; David Krause
7612 2003-03-07 10:46 millert
7614 * sudo.pod: fix typo
7616 2003-03-03 21:47 millert
7618 * env.c: Remove DYLD_ from the environment for MacOS X; from bbraun
7620 2003-03-01 13:20 millert
7622 * configure.in, config.h.in: not not; Anil Madhavapeddy
7624 2003-01-23 03:03 millert
7626 * sudo.pod, sudoers.pod, visudo.pod: typos; jmc@openbsd.org
7628 2003-01-20 16:13 millert
7630 * parse.yacc: Add some missing ';' rule terminators that bison
7633 2003-01-20 16:07 millert
7635 * config.sub: fix typo I introduced in last merge
7637 2003-01-20 15:59 millert
7639 * configure: regenerate with autoconf 2.57
7641 2003-01-20 15:58 millert
7643 * config.h.in: Add missing "$HOME"
7645 2003-01-20 15:57 millert
7647 * configure.in: Add some more square backets to make autoconf 2.57
7650 2003-01-20 14:39 millert
7652 * config.guess, config.sub, mkinstalldirs: Updates from
7655 2003-01-17 18:10 millert
7657 * lex.yy.c, sudo.tab.h: regen
7659 2003-01-17 18:09 millert
7661 * parse.lex, parse.yacc, sudoers.pod: Add support for
7664 2003-01-06 19:10 millert
7666 * visudo.c: fclose() yyin after each yyparse() is done and use
7667 fopen() instead of using freopen().
7669 2003-01-06 19:02 millert
7671 * parse.lex: Better fix for sudoers files w/o a newline before EOF.
7672 It looks like the issue is that yyrestart() does not reset the
7673 start condition to INITIAL which is an issue since we parse
7674 sudoers multiple times.
7676 2003-01-06 18:47 millert
7678 * parse.lex: Work around what appears to be a flex bug when dealing
7679 with files that lack a final newline before EOF. This adds a
7680 rule to match EOF in the non-initial states which resets the
7681 state to INITIAL and throws an error.
7683 2003-01-06 15:06 millert
7685 * visudo.c: o The parser needs sudoers to end with a newline but
7686 some editors (emacs) may not add one. Check for a missing
7687 newline at EOF and add one if needed. o Set quiet flag during
7688 initial sudoers parse (to get options) o Move yyrestart() call
7689 and always use freopen() to open yyin after initial sudoers
7692 2002-12-15 11:24 millert
7694 * set_perms.c: Fix pasto/thinko in setresgid()/setregid() usage.
7695 Want to set effective gid, not real gid, when reading sudoers.
7697 2002-12-15 11:08 millert
7699 * set_perms.c: don't compile set_perms_posix if we have setreuid or
7702 2002-12-14 14:21 millert
7704 * sudo.pod, sudoers.pod: document new prompt escapes
7706 2002-12-14 14:15 millert
7708 * check.c: Add %U and %H escapes and redo prompt rewriting. "%%"
7709 now gets collapsed to "%" as was originally intended. This also
7710 gets rid of lastchar (does lookahead instead of lookback) which
7711 should simplify the logic slightly.
7713 2002-12-13 13:20 millert
7715 * tgetpass.c: Write the prompt *after* turning off echo to avoid
7716 some password characters being echoed on heavily-loaded machines
7719 2002-12-13 13:09 millert
7721 * config.sub: Add support for mipseb; wiz@danbala.tuwien.ac.at
7723 2002-12-13 12:48 millert
7725 * configure.in: Fix IRIX fallout from name changes in man dir/sect
7726 Makefile variables. Patch from erici AT motown DOT cc DOT utexas
7729 2002-12-13 11:33 millert
7731 * auth/pam.c: Keep a local copy of tgetpass_flags so we don't add
7732 in TGP_ECHO to the global copy. Problem noted by Peter Pentchev.
7734 2002-11-28 18:43 millert
7736 * parse.yacc: Add missing yyerror() calls; YYERROR does not seem to
7739 2002-11-26 12:09 millert
7741 * sudo.c: fix typo in comment; Pedro Bastos
7743 2002-11-22 14:41 millert
7745 * INSTALL: document --disable-setresuid
7747 2002-11-22 14:41 millert
7749 * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c:
7750 Sprinkle some volatile qualifiers to prevent over-enthusiastic
7751 optimizers from removing memset() calls.
7753 2002-11-22 14:11 millert
7755 * logging.c, parse.yacc: minor sign fixes pointed out by gcc
7758 2002-11-22 14:09 millert
7760 * set_perms.c, sudo.c, sudo.h: Revamp set_perms. We now use a
7761 version based on setresuid() or setreuid() when possible since
7762 that allows us to support the stay_setuid option and we always
7763 know exactly what the semantics will be (various Linux kernels
7764 have broken POSIX saved uid support).
7766 2002-11-22 14:08 millert
7768 * config.h.in, configure: regen from configure.in
7770 2002-11-22 14:07 millert
7772 * configure.in: Add checks for setresuid() and a way to disable
7775 2002-11-22 14:05 millert
7777 * compat.h: No long need to emulate set*[ug]id() via setres[ug]id()
7778 or setre[ug]id(). The new set_perms stuff only uses things it
7781 2002-11-22 13:33 millert
7783 * sudo.c: Before exec, restore state of signal handlers to be the
7784 same as when we were initialy invoked instead of just reseting to
7785 SIG_DFL. Fixes a problem when using sudo with nohup. Based on a
7786 patch from Paul Markham.
7788 2002-11-22 13:23 millert
7790 * sudo.c: o timestamp_uid should be uid_t, not int o clarify error
7791 message when sudo is run by root and no_root_sudo is set
7793 2002-09-19 17:27 millert
7795 * README: update ftp link for bison
7797 2002-07-20 08:30 millert
7799 * set_perms.c: Error out if setusercontext() fails and the runas
7802 2002-05-20 16:51 millert
7804 * auth/securid5.c: Fix rcsid
7806 2002-05-20 16:50 millert
7808 * configure.in: Fix SecurID API test
7810 2002-05-17 13:20 millert
7812 * env.c: typo in comment
7814 2002-05-17 13:20 millert
7816 * configure.in: securid5 stuff needs pthreads. Just adding
7817 -lpthread is suboptimal but I don't see a better way at the
7820 2002-05-17 13:04 millert
7822 * Makefile.in, auth/securid5.c: SecurID API version 5 support from
7825 2002-05-17 13:02 millert
7827 * configure.in: Add check for SecurID 5.0 API
7829 2002-05-08 16:46 millert
7831 * strerror.c: We actually do still need config.h to get the 'const'
7832 definition for K&R C.
7834 2002-05-05 16:43 millert
7836 * configure: regen with autoconf 2.5.3
7838 2002-05-05 16:25 millert
7840 * configure.in: Don't set sysconfdir to '/etc' if the user has
7841 specified a --prefix.
7843 2002-05-05 16:14 millert
7845 * configure.in: Some fixes for autoconf 2.53 from Robert Uhl o
7846 don't AC_SUBST LIBOBJS o force a 4th arg for AC_CHECK_HEADER()
7849 2002-05-05 15:58 millert
7851 * env.c, sudo.c, sudo.h: No need for dump_badenv() now that
7852 dump_defaults() knows how to dump lists.
7854 2002-05-04 21:31 millert
7856 * BUGS, INSTALL, Makefile.in, configure.in, version.h,
7857 INSTALL.binary, README: ++version
7859 2002-05-04 20:57 millert
7861 * sudoers.pod: document timestampowner
7863 2002-05-04 20:45 millert
7865 * check.c: Don't call set_perms() when doing timestamp stuff unless
7868 2002-05-04 20:43 millert
7870 * check.c, logging.c, parse.c, set_perms.c, sudo.c, sudo.h,
7871 testsudoers.c, auth/sudo_auth.c: g/c second arg to set_perms--it
7874 2002-05-03 18:48 millert
7876 * check.c, set_perms.c, sudo.c, sudo.h: Add support for non-root
7877 timestamp dirs. This allows the timestamp dir to be shared via
7878 NFS (though this is not recommended).
7880 2002-05-03 18:47 millert
7882 * def_data.c, def_data.h, def_data.in: Add timestampowner, "Owner
7883 of the authentication timestamp dir"
7885 2002-05-02 15:40 millert
7887 * env.c: Don't try to pre-compute the size of the new envp, just
7888 allocate space up front and realloc as needed. Changes to the
7889 new env pointer must all be made through insert_env() which now
7890 keeps track of spaced used and allocates as needed.
7892 2002-04-26 15:12 millert
7896 2002-04-26 15:12 millert
7898 * configure.in: Fix two typo/pastos; from jrj@purdue.edu
7900 2002-04-25 11:36 millert
7902 * INSTALL.binary, README: ++version
7904 2002-04-25 11:35 millert
7906 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
7907 visudo.man.in, configure: regen
7909 2002-04-25 11:31 millert
7911 * CHANGES, RUNSON, TODO: Sync with 1.6.6
7913 2002-04-25 11:30 millert
7915 * check.c: The the loop used to expand %h and %u, the lastchar
7916 variable was not being initialized. This means that if the last
7917 char in the prompt is '%' and the first char is 'h' or 'u' a
7918 extra copy of the host or user name would be copied, for which
7919 space had not been allocated.
7921 2002-04-18 11:41 millert
7923 * BUGS, INSTALL, Makefile.in, configure.in, version.h: crank
7926 2002-04-18 11:39 millert
7928 * auth/afs.c: #undef VOID to get rid of an AFS warning
7930 2002-04-18 11:38 millert
7932 * env.c: Use easprintf instead of emalloc + sprintf for some
7935 2002-03-15 19:45 millert
7939 2002-03-15 19:44 millert
7941 * parse.c, parse.lex, parse.yacc, testsudoers.c: Remove Chris
7942 Jepeway's email address so people don't bug him ;-)
7944 2002-03-11 22:19 millert
7946 * sudo.c: Move endpwent() to be after set_perms(PERM_RUNAS, ...)
7947 and also call endgrent() at the same time.
7949 2002-02-21 22:23 millert
7951 * INSTALL: Make it clear which configure options take arguments.
7953 2002-01-25 13:38 millert
7955 * compat.h: HP-UX 9.x has RLIMIT_* but no RLIM_INFINITY. If there
7956 is no RLIM_INFINITY, just pretend it is -1. This works because
7957 we only check for RLIM_INFINITY and do not set anything to that
7960 2002-01-22 11:43 millert
7962 * auth/pam.c: Zero and free allocated memory when there is a
7965 2002-01-21 22:37 millert
7967 * auth/bsdauth.c: Use sigaction() not signal()
7969 2002-01-21 22:26 millert
7971 * INSTALL: Mention that some linux kernels have broken POSIX saved
7974 2002-01-21 21:03 millert
7976 * CHANGES: checkpoint for 1.6.5p2
7978 2002-01-21 21:01 millert
7982 2002-01-21 21:01 millert
7984 * configure.in: Add --disable-setreuid flag
7986 2002-01-21 21:00 millert
7988 * INSTALL: Document new --disable-setreuid option and change
7989 description for --disable-saved-ids to match new error message.
7991 2002-01-21 21:00 millert
7993 * set_perms.c: fatal() now takes an argument that determines
7994 whether or not to call perror().
7996 2002-01-21 20:58 millert
7998 * PORTING, TROUBLESHOOTING: Update for new error messages from
8001 2002-01-21 17:46 millert
8003 * auth/pam.c: Make this compile w/o warnings
8005 2002-01-21 17:36 millert
8007 * auth/pam.c: Mention that we can't use pam_acct_mgmt()
8009 2002-01-21 17:25 millert
8011 * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c: The user's password
8012 was not zeroed after use when AIX authentication, BSD
8013 authentication, FWTK or PAM was in use.
8015 2002-01-20 14:21 millert
8017 * auth/pam.c: Avoid giving PAM a NULL password response, use the
8018 empty string instead. This avoids a log warning when the user
8019 hits ^C at the password prompt when PAM is in use.
8021 2002-01-19 19:46 millert
8023 * auth/pam.c: Don't check the return value of pam_setcred(). In
8024 Linux-PAM 0.75 pam_setcred() returns the last saved return code,
8025 not the return code for the setcred module. Because we haven't
8026 called pam_authenticate(), this is not set and so pam_setcred()
8027 returns PAM_PERM_DENIED.
8029 2002-01-19 19:43 millert
8031 * Makefile.binary, Makefile.in: Don't need a '/' between $(DESTDIR)
8034 2002-01-18 14:18 millert
8038 2002-01-18 14:18 millert
8040 * configure.in: o BSDi also has a bogus setreuid() o Old FreeBSD
8041 has a bogus setreuid() o new NetBSD has a real setreuid() o add
8042 check for freeifaddrs() if getifaddrs() exists.
8044 2002-01-18 14:17 millert
8046 * config.h.in, interfaces.c: Older BSDi releases lack freeifaddrs()
8047 so add a test for that and if it is not present just use free().
8049 2002-01-17 11:30 millert
8051 * CHANGES, RUNSON: Checkpoint for 1.6.5p1
8053 2002-01-17 10:56 millert
8055 * auth/passwd.c: Return AUTH_FAILURE in passwd_init() if
8056 skeyaccess() denies access to normal passwords, not AUTH_FATAL
8057 (which just causes an exit).
8059 2002-01-17 10:35 millert
8061 * visudo.c: Don't use memory after it has been freed.
8063 2002-01-17 00:24 millert
8065 * auth/passwd.c: skeyaccess() wants a struct passwd * not a char *;
8066 Patch from Phillip E. Lobbes
8068 2002-01-16 20:00 millert
8072 2002-01-16 19:53 millert
8074 * CHANGES, RUNSON, TODO: checkpoint for sudo 1.6.5
8076 2002-01-16 18:37 millert
8080 2002-01-16 18:37 millert
8082 * INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
8085 2002-01-16 18:37 millert
8087 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
8088 visudo.man.in: sudo version 1.6.5
8090 2002-01-16 16:28 millert
8092 * logging.c: o when invoking the mailer as root use a hard-coded
8093 environment that doesn't include any info from the user's
8094 environment. Basically paranoia.
8096 o Add support for the NO_ROOT_MAILER compile-time option and run
8097 the mailer as the user and not root if NO_ROOT_MAILER is
8100 2002-01-16 16:27 millert
8102 * set_perms.c, sudo.h: Bring back PERM_FULL_USER
8104 2002-01-16 16:26 millert
8108 2002-01-16 16:26 millert
8110 * version.h: version 1.6.5
8112 2002-01-16 16:26 millert
8114 * INSTALL, config.h.in, configure.in: Add --disable-root-mailer
8115 option to run the mailer as the user and not root.
8117 2002-01-16 12:44 millert
8119 * CHANGES: checkpoint for 1.6.4p2
8121 2002-01-15 19:22 millert
8123 * PORTING: Mention the "seteuid(0): Operation not permitted"
8124 problem here too just for good measure.
8126 2002-01-15 18:43 millert
8128 * env.c, getspwuid.c, sudo.c: The SHELL environment variable was
8129 preserved from the user's environment instead of being reset
8130 based on the passwd database when the "env_reset" option was
8131 used. Now it is reset as it should be.
8133 2002-01-15 17:47 millert
8137 2002-01-15 17:47 millert
8139 * INSTALL, TROUBLESHOOTING, config.h.in, configure.in, set_perms.c,
8140 sudo.c: Add a configure option to turn off use of POSIX saved IDs
8142 2002-01-15 15:48 millert
8146 2002-01-15 15:48 millert
8148 * configure.in: add --with-efence option
8150 2002-01-15 15:39 millert
8152 * sudo.c: Only OR in MODE_RESET_HOME if MODE_RUN is set. Fixes a
8153 problem where "sudo -l" would not work if always_set_home was
8156 2002-01-15 13:16 millert
8160 2002-01-15 13:16 millert
8162 * parse.lex: Quoted commas were not being treated correctly in
8163 command line arguments.
8165 2002-01-14 20:53 millert
8167 * sudo.c: o Move the call to rebuild_env() until after
8168 MODE_RESET_HOME is set. Otherwise, the set_home option has no
8171 o Fix use of freed memory when the "fqdn" flag is set. This was
8172 introduced by the fix for the "segv when gethostbynam() fails"
8173 bug. Also, we no longer call set_fqdn() if the "fqdn" flag is
8174 not set so there is no need to check the "fqdn" flag in
8177 2002-01-14 20:45 millert
8179 * env.c: Add 'continue' statements to optimize the switch
8180 statement. From Solar.
8182 2002-01-13 13:42 millert
8184 * sudoers.cat, sudoers.man.in: Regen from new sudoers.pod
8186 2002-01-13 13:36 millert
8188 * sudoers.pod: Add caveat about stay_setuid flag
8190 2002-01-13 13:29 millert
8192 * sudo.c: If set_perms == set_perms_posix and the stay_setuid flag
8193 is not set, set all uids to 0 and use set_perms_fallback().
8195 2002-01-13 13:28 millert
8197 * set_perms.c, sudo.h: Remove PERM_FULL_USER (which is no longer
8198 used) and add PERM_FULL_ROOT (used when exec'ing the mailer).
8200 2002-01-13 13:27 millert
8202 * logging.c: Use set_perms(PERM_FULL_ROOT, 0) before exec'ing the
8203 mailer since we never want to run the mailer setuid.
8205 2002-01-12 17:55 millert
8207 * sudo.cat, sudo.man.in, sudo.pod, visudo.cat, visudo.man.in,
8208 visudo.pod: Use sudo.ws instead of courtesan.com in URLs
8210 2002-01-12 14:00 millert
8212 * Makefile.in, Makefile.binary: Fix mansect substitution
8214 2002-01-12 13:15 millert
8216 * Makefile.in: Substitute man sections in Makefile.binary
8218 2002-01-12 13:15 millert
8220 * Makefile.binary: Sync install targets with Makefile.in and
8221 substitute in man sections.
8223 2002-01-12 13:09 millert
8225 * INSTALL, INSTALL.binary: version is 1.6.4
8227 2002-01-12 12:59 millert
8229 * Makefile.in: Repair bindist target
8231 2002-01-12 11:43 millert
8233 * CHANGES: sync for 1.6.4
8235 2002-01-10 13:00 millert
8237 * install-sh: Fix case where neither whoami nor id are found
8239 2002-01-09 12:35 millert
8241 * install-sh: If neither whoami nor id exists, just assume we are
8244 2002-01-09 11:56 millert
8246 * alloc.c: Add explicit cast to (VOID *) on malloc/realloc. Seems
8247 to be needed on AIX which for some reason isn't pulling in the
8250 2002-01-08 10:00 millert
8252 * Makefile.in, aclocal.m4, compat.h, parse.c, sudo.c: (c) 2002
8254 2002-01-08 09:21 millert
8256 * CHANGES: checkpoint
8258 2002-01-08 09:20 millert
8260 * sudo.c: Defer assigning new environment until right before the
8263 2002-01-08 09:08 millert
8265 * parse.c: kill extra blank line
8267 2002-01-07 13:59 millert
8271 2002-01-07 13:59 millert
8273 * configure.in: Use -O not -O2 for m88k-motorola-sysv* since
8274 motorola gcc-derived compiler doesn't recognise -O2.
8276 2002-01-06 23:02 millert
8278 * HISTORY: Clarify origins of Root Group sudo a bit based on info
8279 from billp@rootgroup.com
8281 2002-01-02 22:41 millert
8285 2002-01-02 22:26 millert
8287 * CHANGES: checkpoint for 1.6.4rc1
8289 2002-01-02 17:40 millert
8291 * config.h.in: now generated via autoheader
8293 2002-01-02 17:40 millert
8297 2002-01-02 17:37 millert
8299 * compat.h: Move in some stuff that was previously in config.h.
8301 2002-01-02 17:36 millert
8303 * configure.in, aclocal.m4: Add info for autoheader.
8305 2002-01-01 16:53 millert
8307 * Makefile.in: o Add DESTDIR support
8308 o Use -M, -O, and -G instead of -m, -o, and -g to facilitate
8311 2002-01-01 16:48 millert
8313 * install-sh: Add -M option (like -m but only for root) If we can't
8314 find "whoami", use "id" w/ some sed.
8316 2002-01-01 14:01 millert
8320 2002-01-01 14:00 millert
8322 * configure.in: allow user to always override mansectsu and
8325 2001-12-31 17:05 millert
8327 * mkinstalldirs: update from autoconf 2.52
8329 2001-12-31 17:03 millert
8331 * config.guess, config.sub: Update from autoconf 2.52
8333 2001-12-31 16:57 millert
8335 * configure: regen with autoconf 2.52
8337 2001-12-31 16:57 millert
8339 * configure.in: o Call AC_PROG_CC_STDC to find out how to run the
8340 compiler in ANSI mode
8341 o Remove compiler-specific checks for HP-UX now that we use
8344 2001-12-31 12:19 millert
8346 * RUNSON: Checkpoint
8348 2001-12-31 12:18 millert
8350 * auth/pam.c: o Add pam_prep_user function to call pam_setcred()
8351 for the target user; on Linux this often sets resource limits.
8352 o When calling pam_end(), try to convert the auth->result to a
8353 PAM_FOO value. This is a hack--we really need to stash the
8354 last PAM_FOO value received and use that instead.
8356 2001-12-31 12:18 millert
8358 * set_perms.c, sudo.h: o Add pam_prep_user function to call
8359 pam_setcred() for the target user; on Linux this often sets
8362 2001-12-31 00:53 millert
8364 * env.c: Fix off by one error in number of bytes allocated via
8365 malloc (does not affected any released version of sudo).
8367 2001-12-30 17:12 millert
8371 2001-12-30 17:12 millert
8373 * parse.lex: Allow '@', '(', ')', ':' in arguments to a defaults
8374 variable w/o requiring that they be quoted.
8376 2001-12-30 14:26 millert
8378 * sudoers.cat, sudoers.man.in, sudoers.pod: Mention that no double
8379 quotes are needed when adding/deleting/assigning a single value
8382 2001-12-30 13:58 millert
8384 * Makefile.in: Don't rely on mkdefaults being executable, call perl
8387 2001-12-30 13:41 millert
8389 * parse.yacc: Remove some XXX that are no longer relevant.
8391 2001-12-30 13:40 millert
8393 * defaults.c: o Roll our own loop instead of using strpbrk() for
8394 better grokability o When adding to a list we must malloc() and
8395 use memcpy(), not strdup() since we must only copy len bytes
8398 2001-12-21 16:49 millert
8400 * parse.yacc: typo in comment
8402 2001-12-19 11:50 millert
8404 * CHANGES: checkpoint
8406 2001-12-19 10:56 millert
8410 2001-12-19 10:56 millert
8412 * configure.in: avoid the -g flag unless --with-devel was specified
8414 2001-12-19 10:04 millert
8416 * Makefile.in: mkdefaults, def_data.in and sigaction.c were missing
8419 2001-12-19 09:46 millert
8421 * Makefile.in: def_data.c was missing
8423 2001-12-18 12:42 millert
8425 * env.c: Fix setting of $USER and $LOGNAME in the non-reset_env
8426 case. Also allow HOME, SHELL, LOGNAME, and USER to be specified
8429 2001-12-17 20:48 millert
8431 * TODO: Another TODO item
8433 2001-12-17 19:50 millert
8435 * sudoers: Add comment for Default section so folks know where it
8438 2001-12-17 18:56 millert
8440 * tgetpass.c: Use TCSETAF, not TCSETA to set terminal in termio
8443 2001-12-17 18:35 millert
8445 * sudoers.man.in, sudoers.cat: regen from sudoers.pod
8447 2001-12-17 18:33 millert
8449 * sudoers.pod: o Typo, Runas_User_List should be Runas_List
8450 o a User_List can not contain a uid
8451 o mention that the Defaults section should come after Alias
8452 definitions but before the user specifications
8454 2001-12-15 11:51 millert
8456 * sudoers.cat, sudoers.man.in: regen
8458 2001-12-15 11:51 millert
8460 * sudoers.pod: Fix listpw and verifypw sections, they were not
8461 being formatted properly.
8463 2001-12-15 11:39 millert
8465 * sudoers.cat, sudoers.man.in: regen
8467 2001-12-15 11:38 millert
8469 * sudoers.pod: fix typos
8471 2001-12-15 10:57 millert
8475 2001-12-15 10:57 millert
8477 * configure.in, config.h.in: use AC_SYS_POSIX_TERMIOS instead of
8480 2001-12-15 10:33 millert
8482 * README: Reference sudo.ws not courtesan.com
8484 2001-12-15 10:29 millert
8486 * PORTING: Add notes on shadow passwords
8488 2001-12-15 00:48 millert
8490 * BUGS: In list mode (sudo -l), characters escaped with a backslash
8491 are shown verbatim with the backslash.
8493 2001-12-15 00:44 millert
8495 * sudoers: Add simple examples from OpenBSD (Marc Espie)
8497 2001-12-15 00:40 millert
8499 * tgetpass.c: Catch SIGTTIN and SIGTTOU too and treat them like
8502 2001-12-14 21:53 millert
8504 * CHANGES: minor prettyification
8506 2001-12-14 21:43 millert
8508 * CHANGES: Updated change log
8510 2001-12-14 21:27 millert
8512 * testsudoers.c: Fix CIDR handling here too.
8514 2001-12-14 21:21 millert
8516 * auth/pam.c: Apparently a NULL response is OK
8518 2001-12-14 21:19 millert
8520 * TODO: Checkpoint for upcoming beta release
8522 2001-12-14 21:17 millert
8524 * TROUBLESHOOTING: Many people believe that adding a runas spec
8525 should obviate the need for the -u flag. It does not.
8527 2001-12-14 21:11 millert
8529 * RUNSON: checkpoint update for upcoming 1.6.4 beta
8531 2001-12-14 20:44 millert
8533 * config.h.in: o Add HAVE_STDLIB_H and HAVE_MEMORY_H o Define
8534 HAVE_STRINGS_H even if HAVE_STRING_H is defined -- this is safe
8537 2001-12-14 20:07 millert
8539 * PORTING: Add signals section
8541 2001-12-14 20:00 millert
8545 2001-12-14 20:00 millert
8547 * configure.in: Fix check for sigaction_t
8549 2001-12-14 19:45 millert
8551 * sudo.c: XXX - should call find_path() as runas user, not root.
8552 Can't do that until the parser changes though.
8554 2001-12-14 19:38 millert
8556 * sudo.c: If find_path() fails as root, try again as the invoking
8557 user (useful for NFS). Idea from Chip Capelik.
8559 2001-12-14 19:28 millert
8561 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: Regenerate
8562 after pod file changes
8564 2001-12-14 19:24 millert
8566 * def_data.c, def_data.h, def_data.in, set_perms.c, sudo.c, sudo.h,
8567 sudo.pod, sudoers.pod: Add new sudoers option "preserve_groups".
8568 Previously sudo would not call initgroups() if the target user
8569 was root. Now it always calls initgroups() unless the -P command
8570 line option or the "preserve_groups" sudoers option is set. Idea
8573 2001-12-14 18:38 millert
8575 * compat.h, config.h.in: Use new HAVE_SIGACTION_T define
8577 2001-12-14 18:33 millert
8579 * logging.c: Fix compilation on K&C
8581 2001-12-14 18:14 millert
8585 2001-12-14 18:14 millert
8587 * configure.in: Add check for sigaction_t -- IRIX already defines
8588 this so don't redefine it.
8590 2001-12-14 17:15 millert
8592 * snprintf.c: fix typo
8594 2001-12-14 17:12 millert
8596 * interfaces.c: need stdlib.h here too
8598 2001-12-14 15:31 millert
8602 2001-12-14 15:31 millert
8604 * configure.in: Remove redundant checks for string.h, strings.h and
8607 2001-12-14 15:29 millert
8609 * sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
8610 visudo.man.in: Regen from pod files
8612 2001-12-14 15:03 millert
8614 * BUGS: Update for 1.6.4
8616 2001-12-14 14:59 millert
8618 * configure, lex.yy.c: regen
8620 2001-12-14 14:56 millert
8622 * strerror.c: Return EINVAL if errnum > sys_nerr
8624 2001-12-14 14:54 millert
8626 * LICENSE, Makefile.binary, Makefile.in, aclocal.m4, compat.h,
8627 config.h.in, defaults.h, interfaces.h, pathnames.h.in, sudo.h,
8628 sudo.pod, auth/sudo_auth.h: o Update copyright year
8630 2001-12-14 14:54 millert
8632 * configure.in: o Don't define STDC_HEADERS unconditionally for
8633 IRIX o Update copyright year
8635 2001-12-14 14:53 millert
8637 * README: update version
8639 2001-12-14 14:52 millert
8641 * alloc.c, check.c, defaults.c, env.c, fileops.c, find_path.c,
8642 fnmatch.c, getcwd.c, getspwuid.c, goodpath.c, interfaces.c,
8643 logging.c, lsearch.c, parse.c, parse.lex, parse.yacc,
8644 set_perms.c, snprintf.c, sudo.c, testsudoers.c, tgetpass.c,
8645 utime.c, visudo.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
8646 auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
8647 auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
8648 auth/sia.c, auth/sudo_auth.c: o Reorder some headers and use
8649 STDC_HEADERS define properly o Update copyright year
8651 2001-12-14 01:53 millert
8655 2001-12-14 01:53 millert
8657 * tgetpass.c: flags set in signal handlers should be volatile
8660 2001-12-14 01:52 millert
8662 * config.h.in, configure.in: Add checks for volatile and
8665 2001-12-14 01:42 millert
8667 * lex.yy.c, configure: regen
8669 2001-12-14 01:40 millert
8671 * def_data.c, def_data.h, def_data.in, defaults.c, env.c,
8672 find_path.c, sudo.c, sudoers.pod: Remove "secure_path" Defaults
8673 option since it cannot work with the existing parser.
8675 2001-12-14 01:26 millert
8677 * find_path.c, sudo.c: Unset "secure_path" if user_is_exempt()
8679 2001-12-14 01:24 millert
8681 * env.c, pathnames.h.in: o Remove assumption that PATH and TERM are
8682 not listed in env_keep o If no PATH is in the environment use a
8683 default value o If TERM is not set in the non-reset case also
8684 give it a default value.
8686 2001-12-14 01:17 millert
8688 * aclocal.m4, configure.in, defaults.c, pathnames.h.in:
8689 _PATH_SENDMAIL -> _PATH_SUDO_SENDMAIL so --without-sendmail works
8690 on systems that define in paths.h
8692 2001-12-14 01:15 millert
8694 * auth/: passwd.c, sudo_auth.c, sudo_auth.h: Add support for
8695 skeyaccess(3) if it is present in libskey.
8697 2001-12-12 21:42 millert
8699 * sudo.c: Only need to do 'lc = login_getclass(NULL)' if lc == NULL
8701 2001-12-12 21:24 millert
8703 * parse.lex: '\\' is a perfectly legal character to have in a
8704 command line argument.
8706 2001-12-12 20:24 millert
8708 * sudo.c: o Defer call to set_fqdn() until it is safe to use
8709 log_error() o Don't print errno string value if gethostbyname
8710 fails, it is not relevant
8712 2001-12-12 20:07 millert
8714 * parse.c: Fix CIDR -> in_addr_t conversion.
8716 2001-12-12 16:21 millert
8718 * sudoers.pod: Remove an extra "User_List" in the User_Spec
8719 definition From ybertrand AT snoopymail.com
8721 2001-12-12 16:00 millert
8723 * parse.c: Make 'listpw=never' work for users who are not
8724 explicitly mentioned in sudoers.
8726 2001-12-12 15:40 millert
8728 * sudoers.pod: Remove gratuitous '=' in EBNF grammar; era AT iki.fi
8730 2001-12-12 15:34 millert
8732 * sudoers.pod: Document new list Defaults type and convert env_keep
8733 and env_delete to lists. Document new env_check option.
8735 2001-12-12 15:11 millert
8737 * lex.yy.c, sudo.tab.h: regen parser
8739 2001-12-12 14:56 millert
8741 * parse.lex: Don't let '#' appear in a {WORD} and restrict #foo in
8742 a Runas spec to #[0-9-]+.
8744 2001-12-12 14:55 millert
8748 2001-12-12 14:55 millert
8750 * aclocal.m4: Simpler SUDO_FUNC_ISBLANK that uses AC_TRY_LINK
8752 2001-12-12 14:43 millert
8754 * config.h.in, configure.in: Add check for skeyaccess(3)
8756 2001-12-11 19:47 millert
8758 * visudo.pod: Document new -c, -f, and -q options
8760 2001-12-11 19:41 millert
8762 * visudo.c: o Add -f option (alternate sudoers file) o Convert to
8765 2001-12-11 19:31 millert
8769 2001-12-11 19:31 millert
8771 * aclocal.m4, config.h.in, configure.in: Add check for isblank and
8772 a replacement macro if it doesn't exist.
8774 2001-12-11 18:22 millert
8776 * visudo.c: In check-only mode, don't create sudoers if it does not
8779 2001-12-11 18:06 millert
8781 * parse.yacc: o Add a new token, DEFVAR, to indicate a Defaults
8783 o Add support for "+=" and "-=" list operators
8784 o replace some 1 and 0 with TRUE and FALSE for greater
8787 2001-12-11 18:05 millert
8789 * parse.lex: o Use exclusive start conditions to remove some
8791 lexer. Also reorder some things for clarity.
8792 o Add support for "+=" and "-=" list operators.
8793 o Use the new DEFVAR token to denote a Defaults variable name.
8795 2001-12-11 18:03 millert
8797 * sudo.h: Prototype init_envtables()
8799 2001-12-11 18:02 millert
8801 * env.c: o Convert environment handling to use lists instead of
8803 This greatly simplifies routines that need to do "foreach"
8806 o Add new init_envtables() function to set env_check and
8808 defaults based on initial_badenv_table and
8809 initial_checkenv_table
8810 (formerly sudo_badenv_table).
8812 2001-12-11 18:00 millert
8814 * defaults.c, defaults.h: o Add a new LIST type and functions to
8816 o This is for use with environment handling variables.
8817 o Call new init_envtables() routine inside init_defaults() to
8818 initialize the environment lists.
8820 2001-12-11 17:57 millert
8822 * def_data.c, def_data.h, def_data.in: Convert environment options
8823 to use the new LIST type and add a new one, env_check that only
8824 deletes if the sanity check fails.
8826 2001-12-11 17:55 millert
8828 * testsudoers.c: Add dummy version of init_envtables()
8830 2001-12-11 17:53 millert
8832 * parse.yacc: honor quiet mode
8834 2001-12-11 17:51 millert
8836 * visudo.c: Add check-only mode
8838 2001-12-10 20:27 millert
8840 * mkdefaults: Fix generation of entries with NULL descriptions.
8842 2001-12-09 00:27 millert
8844 * tgetpass.c: Use sigaction_t and quiet a gcc warning.
8846 2001-12-09 00:20 millert
8848 * sudo.c: Must reset signal handlers before we exec
8850 2001-12-09 00:16 millert
8852 * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c: Be
8853 carefule now that tgetpass() can return NULL (user hit ^C). PAM
8854 version needs testing. Set SIGTSTP to SIG_DFL during password
8855 entry so user can suspend us.
8857 2001-12-09 00:14 millert
8859 * tgetpass.c: Add support for interrupting/suspending tgetpass via
8860 keyboard input. If you suspend sudo from the password prompt and
8861 resume it will re-prompt you.
8863 2001-12-09 00:09 millert
8865 * sudo.c: Don't block keyboard interrupt signals, just set them to
8868 2001-12-08 14:48 millert
8870 * config.h.in: add back HAVE_SIGACTION
8872 2001-12-08 14:44 millert
8876 2001-12-08 14:44 millert
8878 * config.h.in, configure.in, logging.c, sudo.c, visudo.c: Kill
8879 POSIX_SIGNALS define and old signal support now that we emulate
8880 POSIX ones Also be sure to correctly initialize struct sigaction.
8882 2001-12-08 14:42 millert
8884 * strerror.c: Don't need config.h or "#ifndef HAVE_STRERROR"
8887 2001-12-08 14:39 millert
8889 * compat.h: Add scaffolding for POSIX signal emulation
8891 2001-12-08 14:36 millert
8893 * sigaction.c: o Add missing ';' so this compiles o Can't use NULL
8894 since we don't include stdio.h
8896 2001-12-08 14:23 millert
8898 * sigaction.c: Emulate sigaction() using sigvec()
8900 2001-11-12 19:32 millert
8902 * sudoers.pod: Document new behavior of negative values of
8903 timestamp_timeout Fix a typo
8905 2001-11-12 19:31 millert
8907 * sudo.pod: Add security note about command not being logged after
8908 'sudo su' and friends.
8910 2001-11-12 19:19 millert
8912 * sudo.pod: Mention that -V prints default values when run as root,
8913 including the list of environment variables to clear.
8915 2001-11-12 19:14 millert
8917 * Makefile.in: Run pod2man with --quotes=none to avoid stupid
8918 quoting of C<> entries.
8920 2001-11-12 13:12 millert
8922 * def_data.c, def_data.h, def_data.in, sudoers.pod,
8923 auth/sudo_auth.c: Add mail_badpass option Also modify mail_always
8924 behavior to also send mail when the password is wrong
8926 2001-11-12 13:08 millert
8928 * env.c, sudo.c, sudo.h: Dump default bad env table when 'sudo -V'
8931 2001-11-11 23:52 millert
8933 * sudoers.pod: document env_delete
8935 2001-11-11 23:51 millert
8937 * env.c: Add support for '*' in env_keep when not resetting the
8938 environment (ie: the normal case).
8940 2001-11-11 23:47 millert
8942 * env.c: Add env_delete variable that lets the user replace/add to
8943 the bad_env_table. Allow '*' wildcard in env_keep entries.
8945 2001-11-06 13:59 millert
8947 * mkinstalldirs: Force umask to 022 to guarantee sane directory
8950 2001-11-02 18:09 millert
8952 * Makefile.in: add sudo.tab.h and sudo.tab.c to sudo.tab.o
8955 2001-11-02 17:25 millert
8957 * mkdefaults: fix breakage in last commit
8959 2001-11-02 17:18 millert
8961 * Makefile.in: acsite.m4 -> aclocal.m4
8963 2001-11-02 15:59 millert
8965 * check.c: fix I_TS_TIMEOUT vs. I_TIMESTAMP_TIMEOUT pasto in
8968 2001-11-02 15:57 millert
8970 * def_data.c: regenerated from def_data.in
8972 2001-11-02 15:56 millert
8974 * check.c, defaults.c, defaults.h: Add new T_UINT type that most
8975 things use instead of T_INT If timestamp_timeout is < 0 then
8976 treat the ticket as never expiring (to be expired manually by the
8979 2001-11-02 15:51 millert
8981 * def_data.in: change most T_INT -> T_UINT
8983 2001-11-02 15:51 millert
8985 * mkdefaults: fix warning when no args
8987 2001-11-02 12:52 millert
8989 * visudo.c: Change 2 Exit() -> exit() Avoid stdio in Exit() and
8990 call _exit() if we are a signal handler. We no longer print the
8991 signal number but the user can just check the exit value for
8994 2001-10-16 01:35 millert
8996 * logging.c: when setting up pipes in child process check for case
8997 where stdin == pipe fd 0
8999 2001-10-11 13:20 millert
9001 * visudo.c: Ignore editor exit value since XPG4 says vi's exit
9002 value is the count of editing errors made (failed searches, etc).
9004 2001-10-05 16:39 millert
9008 2001-10-05 16:39 millert
9010 * configure.in: sco now is identified by config.guess as *-sco-*
9012 2001-10-05 16:24 millert
9014 * configure.in: Check for getspnam() in -lgen if not in -lc for
9017 2001-09-17 21:48 millert
9019 * sudoers.pod, visudo.pod: "upper case" -> "uppercase"
9021 2001-09-17 21:32 millert
9023 * sudoers.pod: fix typos and grammar; pjanzen@foatdi.harvard.edu
9025 2001-08-28 10:26 millert
9027 * sudoers.pod: Missing word (specify); krapht@secureops.com
9029 2001-08-23 17:43 millert
9031 * sudo.c: If we fail to lookup a login class, apply the default
9034 2001-08-23 17:42 millert
9036 * logging.c: In log_error() free message, not logline
9037 unconditionally, then free logline if it is not the same as
9038 message. No function change but this mirrors how they are
9041 2001-07-16 23:33 millert
9043 * configure: regenerate
9045 2001-07-16 23:33 millert
9047 * configure.in: remove some backslash quotes that are unneeded
9049 2001-07-16 23:30 millert
9051 * configure.in: o Tweaks to make this work with autoconf-2.50 o Use
9052 AC_LIBOBJ instead of changing LIBOBJS directly o Use
9053 AC_REPLACE_FUNCS where we can o Use AC_CHECK_FUNCS instead of
9054 AC_CHECK_FUNC so we don't have to AC_DEFINE things manually.
9056 2001-07-16 23:28 millert
9058 * config.guess, config.sub: Updated from autoconf-2.50
9060 2001-05-22 19:11 millert
9062 * README: Update mailing list section. We use mailman now, not
9065 2001-05-10 14:55 millert
9067 * getspwuid.c, logging.c, sudo.c: Use setpwent()/endpwent() + all
9068 the shadow variants to make sure we don't inadvertantly leak an
9069 fd to the child. Apparently Linux's shadow routines leave the fd
9070 open even if you don't call setspent(). Reported by
9071 mike@gistnet.com; different patch used.
9073 2001-04-12 21:43 millert
9075 * sudoers.pod: s/eg./e.g./
9077 2001-04-12 21:42 millert
9079 * tgetpass.c: select() may return EAGAIN. If so, continue like we
9082 2001-04-12 21:41 millert
9084 * logging.c: Fix a non-exploitable buffer overflow in the word
9085 splitting code. This should really be rewritten.
9087 2001-04-12 21:41 millert
9089 * Makefile.in: FAQ link goes away
9091 2001-04-12 21:40 millert
9093 * INSTALL: Tell people to look in sample.syslog.conf for examples,
9096 2001-04-12 21:40 millert
9098 * TROUBLESHOOTING: Update list of env vars that are cleared
9100 2001-04-12 21:36 millert
9102 * sudo.c: remove struct env_table decl since that stuff has all
9105 2001-04-04 13:17 millert
9107 * fileops.c: Fix a pasto in flock-style unlocking and include
9108 <sys/file.h> for flock on older systems; twetzel@gwdg.de
9110 2001-04-04 13:14 millert
9112 * configure: regen to get NeXT lockf/flock fix
9114 2001-04-04 13:14 millert
9116 * configure.in: force NeXT to use flock since lockf is broken
9118 2001-03-30 08:54 millert
9120 * check.c: Use stashed user_gid when checking against exempt gid
9121 since sudo sets its gid to a a value that makes sudoers readable.
9122 Previously if you used gid 0 as the exempt group everyone would
9123 be exempt. From Paul Kranenburg <pk@cs.few.eur.nl>
9125 2001-03-29 13:14 millert
9129 2001-03-29 13:08 millert
9131 * aclocal.m4: #include stdio.h in SUDO_CHECK_TYPE since IRIX 6
9132 aparently defines some types (such as ssize_t) therein.
9134 2001-03-02 09:09 millert
9136 * defaults.c: Fix negation of paths in a boolean context. Problem
9139 2001-02-23 13:03 millert
9143 2001-02-17 16:11 millert
9145 * visudo.c: SA_RESETHAND means the opposite of what I was
9146 thinking--oops To block all signals in old-style signals use ~0,
9149 2001-02-04 11:16 millert
9151 * defaults.c: coerce difference of pointers to int when used in a
9152 string length printf format; deraadt@openbsd.org
9154 2001-01-17 11:34 millert
9156 * visudo.c: Block all signals in Exit() to avoid a signal race.
9157 There is still a tiny window but I'm not going to worry about it.
9159 2001-01-07 13:57 millert
9161 * env.c: glibc uses the LANGUAGE env var so clear that too; Solar
9164 2001-01-07 13:55 millert
9166 * lex.yy.c: Regenerate with a fix to flex.skl that preserves errno
9167 from clobbering by isatty().
9169 2000-12-30 20:39 millert
9171 * auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sia.c, sudo_auth.c:
9172 Some defaults I_ defines got renamed.
9174 2000-12-30 20:38 millert
9176 * Makefile.in, check.c, def_data.c, def_data.h, def_data.in,
9177 defaults.c, defaults.h, env.c, logging.c, mkdefaults, parse.yacc,
9178 set_perms.c, sudo.c: Move defaults info into its own files from
9179 which we generate .h and .c files. This makes adding or
9180 rearranging variables much simpler.
9182 2000-12-30 16:58 millert
9184 * configure, configure.in: fix typo in last commit
9186 2000-12-30 16:55 millert
9188 * compat.h, config.h.in, configure, configure.in: Add check +
9189 emulation for setegid (like seteuid).
9191 2000-12-30 16:22 millert
9193 * env.c: Make env_keep override badenv_table as documented Fix
9194 traversal of badenv_table (broken in last commit)
9196 2000-12-29 22:59 millert
9198 * set_perms.c, sudo.c, sudo.h: Don't try and build saved uid
9199 version of set_perms on systems w/o them. Rename
9200 set_perms_saved_uid() -> set_perms_posix() Make
9201 set_perms_setreuid simply be set_perms_fallback() and simply
9202 include the appropriate function at compile time (setreuid()
9205 2000-12-29 22:45 millert
9207 * sudoers.pod, sudoers.cat, sudoers.man.in: PATH is also preserved
9208 when env_reset is in effect
9210 2000-12-29 22:29 millert
9212 * CHANGES, env.c, Makefile.in, check.c, compat.h, config.h.in,
9213 configure, configure.in, defaults.c, defaults.h, find_path.c,
9214 getspwuid.c, set_perms.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
9215 sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod,
9216 testsudoers.c, visudo.c, visudo.cat, visudo.man.in: New Defaults
9217 options: o stay_setuid - sudo will remain setuid if system has
9218 saved uids or setreuid(2) o env_reset - reset the environment to
9219 a sane default o env_keep - preserve environment variables that
9220 would otherwise be cleared
9222 No longer use getenv/putenv/setenv functions--do environment
9223 munging by hand. Potentially dangerous environment variables can
9224 be cleared only if they contain '/' pr '%' characters to protect
9225 buggy programs. Moved environment routines into env.c (new file)
9227 2000-12-29 22:17 millert
9229 * INSTALL: Clear up --without-passwd description
9231 2000-12-29 19:39 millert
9233 * sudo_setenv.c, putenv.c: We now build up a new environment from
9234 scratch and assign it to "environ".
9236 2000-12-18 22:35 millert
9238 * sudo.pod, visudo.pod: Grammatical fixes from Paul Janzen
9240 2000-12-14 23:19 millert
9242 * visudo.c: If there was a syntax error and the user just wants to
9243 quit, unlink sudoers if it is zero length.
9245 2000-12-14 23:10 millert
9247 * visudo.c: 'Q' means ignore parse error, not 'q'
9249 2000-12-14 22:57 millert
9251 * visudo.c: Open sudoers for writing with mode SUDOERS_MODE From
9252 Dimitry Andric <dim@xs4all.nl>
9254 2000-12-13 12:23 millert
9256 * set_perms.c: Add missing #ifdef HAVE_LOGIN_CAP_H;
9259 2000-12-09 11:46 millert
9261 * config.guess, config.sub: Darwin / Mac OS X support from Wilfredo
9262 Sanchez <wsanchez@apple.com>
9264 2000-11-03 09:36 millert
9266 * sudo.c, visudo.c: Use exit(127), not exit(-1)
9268 2000-11-03 00:37 millert
9270 * defaults.h, set_perms.c, sudo.c, Makefile.in, defaults.c: Move
9271 set_perms() to its own file and use POSIX saved uid or setreuid()
9274 Added stay_setuid option for systems that have libraries that
9275 perform extra paranoia checks in system libraries for setuid
9276 programs (ie: anything with issetugid(2)).
9278 2000-11-02 20:28 millert
9280 * sudo.c: strip more bits from the environment and add a facility
9281 for stripping things only if they contain '/' or '%' to address
9282 printf format string vulnerabilities in other programs.
9284 2000-11-02 12:55 millert
9288 2000-11-02 12:55 millert
9290 * configure.in: For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache
9291 the existence of strcasecmp().
9293 2000-11-02 12:46 millert
9297 2000-11-02 12:46 millert
9299 * configure.in: Check for strcasecmp(3) in -lc89 for NCR Unix
9301 2000-11-01 10:22 millert
9303 * config.h.in: Define HAVE_INNETGR #ifdef HAVE__INNETGR
9305 2000-11-01 10:17 millert
9309 2000-11-01 10:17 millert
9311 * compat.h, config.h.in, configure.in: Add check for _innetgr(3)
9312 since NCR systems have that instead of innetgr(3).
9314 2000-10-31 14:16 millert
9316 * auth/securid.c: check return value of creadcfg() call sd_close()
9317 after sd_auth() store username in sd->username so we don't rely
9318 on the USER env variable
9320 2000-10-29 23:00 millert
9322 * INSTALL: document --with-bsdauth
9324 2000-10-29 22:57 millert
9328 2000-10-29 22:56 millert
9330 * configure.in: --with-bsdauth assumes --with-logincap
9332 2000-10-29 22:45 millert
9334 * auth/: bsdauth.c, fwtk.c: When prompting for a response to a
9335 challenge, if the user just hits return then reprompt with echo
9338 2000-10-29 17:31 millert
9340 * sudo.c: Remove debugging code that should not have been
9343 2000-10-29 17:31 millert
9345 * auth/bsdauth.c: Use lower-level routines and get the password
9346 ourselves. Checks for a challenge and if there is one echo is
9349 2000-10-29 17:30 millert
9351 * auth/: pam.c, sudo_auth.h: minor housekeeping, no real code
9354 2000-10-27 18:41 millert
9356 * sudo.c: Fix a coredump in the logging functions if gethostname(2)
9357 fails by deferring the call to log_error() until things are
9360 Fix return value of set_loginclass() in non-BSD-auth case.
9362 Hard-code 'sudo' in the usage message so we can fit more options
9365 2000-10-27 18:35 millert
9367 * logging.c: Fix errant ';' (typo) that broken MSG_ONLY
9369 2000-10-26 13:03 millert
9371 * sudo.cat, sudo.man.in: regen
9373 2000-10-26 13:01 millert
9375 * sudo.pod: Document -a flag
9377 2000-10-26 12:42 millert
9379 * Makefile.in, config.h.in, configure, configure.in, getspwuid.c,
9380 sudo.c, auth/sudo_auth.h, auth/bsdauth.c: Add support for BSD
9383 2000-10-19 10:09 millert
9385 * sudoers.pod: Fix typo; from sato@complex.eng.hokudai.ac.jp
9387 2000-10-12 09:49 millert
9389 * sudoers.pod: Mention negating umask
9391 2000-10-12 01:30 millert
9393 * defaults.c: Allow user to specify umask of 0777 (same as !umask)
9395 2000-10-08 21:46 millert
9397 * sudo.pod, visudo.pod: Fix a typo and give a URL for the sudo
9400 2000-10-08 12:25 millert
9402 * defaults.c, sudo.pod: fix typos; pepper@reppep.com
9404 2000-09-14 16:48 millert
9406 * sudo.c, sudo.h, sudo_setenv.c: sudo_setenv() now exits on memory
9407 alloc failure instead of returning -1.
9409 2000-09-07 17:41 millert
9411 * sudo.c: Strip out NLSPATH and PATH_LOCALE from the environment
9412 for FreeBSD and possibly others.
9414 2000-09-07 10:43 millert
9416 * logging.c: Don't use vsyslog(3) since HP-UX (and others?) lack
9417 it. This means that "%m" won't be expanded but we don't use that
9418 anyway since the logging routines may splat to stderr as well.
9420 2000-09-06 21:35 millert
9422 * defaults.c, defaults.h, sudo.c, sudoers.cat, sudoers.man.in,
9423 sudoers.pod: Add always_set_home variable
9425 2000-09-06 21:24 millert
9427 * configure, configure.in: Have to hard code default values in help
9428 since the defaults are set _after_ the help stuff.
9430 2000-08-31 13:08 millert
9432 * lex.yy.c, parse.lex: Allow special characters (including '#') to
9433 be embedded in pathnames if quoted by a '\\'. The quoted chars
9434 will be dealt with by fnmatch(). Unfortunately, 'sudo -l' still
9437 2000-08-13 17:10 millert
9439 * install-sh: Better path searching for programs we need.
9441 2000-08-13 17:10 millert
9443 * TROUBLESHOOTING: Add section on "C compiler cannot create
9444 executables" errors.
9446 2000-08-13 17:10 millert
9448 * Makefile.binary, Makefile.in, version.h: Crank version
9450 2000-08-13 17:09 millert
9452 * aclocal.m4, configure, configure.in, sudo.cat, sudo.man.in,
9453 sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.cat,
9454 visudo.man.in, visudo.pod: Substitute values from configure into
9457 2000-08-12 16:48 millert
9459 * parse.c, sudo.c: The listpw and verifypw sudoers options would
9460 not take effect because the value of the default was checked
9461 *before* sudoers was parsed. Instead of passing in the value of
9462 PWCHECK_* to sudoers_lookup(), pass in the arg for def_ival() so
9463 the check can be deferred until after sudoers is parsed.
9465 2000-08-11 15:41 millert
9467 * tgetpass.c: When writing prompt, no need to write the NUL as
9468 well; hag@linnaean.org
9470 2000-06-09 12:25 millert
9472 * install-sh: When looking for chown, check in /sbin too
9474 2000-06-04 22:57 millert
9476 * visudo.c: Remove extraneous call to init_defaults() and set
9477 runas_user to NULL betweem parses so init_defaults will reset it
9478 each time, thus avoiding a reference to free()d data.
9480 2000-06-04 19:57 millert
9482 * config.h.in, interfaces.c, interfaces.h, sudo.c: Add support for
9483 using getifaddrs() to get the list of ip addr / netmask pairs.
9484 Currently IPv4-only.
9486 2000-06-04 19:51 millert
9488 * visudo.c: Add a missing check for UserEditor == NULL Add missing
9489 '+' before line number when invoking editor to fix a syntax error
9491 2000-05-12 16:55 millert
9493 * sudo.c: Call clean_env very early in main() for paranoia's sake.
9494 Idea from Marc Esipovich.
9496 2000-05-10 01:11 millert
9498 * sudo.h: Update proto for evasprintf and easprintf
9500 2000-05-10 01:10 millert
9502 * alloc.c: Make easprintf() and evasprintf() return an int.
9504 2000-05-10 00:56 millert
9506 * check.c: If the targetpw flag is set, use target username as part
9507 of the timestamp path. If tty tickets are in effect cat the tty
9508 and the target username with a ':' as the separator.
9510 2000-05-09 12:05 millert
9512 * auth/pam.c: Backout part of last change; setting PAM_USER to the
9513 invoking user breaks things like targetpw.
9515 2000-05-09 11:52 millert
9517 * auth/pam.c: set tty and username via pam_set_item
9519 2000-05-09 11:42 millert
9521 * check.c, getspwuid.c, sudo.c, sudo.h, auth/sudo_auth.c: Fix root,
9522 runas, and target authentication for non-passwd file auth
9525 2000-04-22 14:15 millert
9527 * sudo.pod, sudo.man.in, sudoers.man.in, sudoers.pod, visudo.pod,
9528 sudo.cat, sudoers.cat, visudo.man.in, visudo.cat: Use B<-Z> not
9529 C<-Z> for command line flags in all places. This is more
9530 consistent and works around a bug in Pod::Man.
9532 2000-04-22 13:59 millert
9534 * sudoers.cat, sudoers.man.in, sudoers.pod: Fix an occurence of
9535 'semicolon' that should be 'colon'
9537 2000-04-19 15:30 millert
9539 * configure, configure.in: Fix --with-badpri help line
9541 2000-04-17 14:01 millert
9543 * defaults.c, logging.c, sudo.c: Bracket calls to syslog with an
9544 openlog() and closelog() since some authentication methods (like
9545 PAM) may do their own logging via syslog. Since we don't use
9546 syslog much (usually just once per session) this doesn't really
9547 incur a performance penalty. It also Fixes a SEGV with pam_kafs.
9549 2000-04-15 16:32 millert
9551 * sudo.c: Fix -H flag. runas_homedir is only valid after
9552 set_perms(PERM_RUNAS, mode)
9554 2000-04-12 18:56 millert
9556 * INSTALL: Clarify the fact that insults are not enabled just by
9557 including them in the binary.
9559 2000-04-07 10:39 millert
9561 * sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
9562 sudoers.cat, visudo.cat: Regenerated with perl 5.6.0 pod2man
9564 2000-04-07 10:38 millert
9566 * Makefile.in: Give date string to pod2man since its default is
9567 ugly and it ain't got no alibi.
9569 2000-04-07 10:27 millert
9571 * Makefile.in: Do section substitution on the output of pod2man and
9572 remove hack needed for old pod2man.
9574 2000-04-07 10:26 millert
9576 * sudo.pod, sudoers.pod, visudo.pod: Put back real man sections, we
9577 will do the substitution later.
9579 2000-04-02 11:44 millert
9581 * configure, configure.in: Don't bother checking for the path to vi
9582 if user specified --with-editor
9584 2000-04-01 17:25 millert
9586 * CHANGES, visudo.c: Visudo now does its own fork/exec instead of
9589 2000-04-01 16:23 millert
9591 * CHANGES, INSTALL, Makefile.in, sudoers.cat, sudoers.man.in,
9592 sudoers.pod, visudo.c: Visudo now checks for the existence of an
9593 editor and gives a sensible error if it does not exist.
9595 The path to the editor for visudo is now a colon-separated list
9596 of allowable editors. If the user has $EDITOR set and it matches
9597 one of the allowed editors that editor will be used. If not, the
9598 first editor in the list that actually exists is used.
9600 2000-04-01 16:22 millert
9602 * sudo.pod, sudo.cat, sudo.man.in: Clear up confusion wrt sudo's
9605 2000-03-27 12:08 millert
9607 * Makefile.in: Strip sudo and visudo for bindist target
9609 2000-03-26 22:26 millert
9611 * sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
9612 sudoers.pod, visudo.cat, visudo.man.in, visudo.pod: Use
9613 @mansectsu@ and @mansectform@ in the man page bodies as well.
9615 2000-03-26 22:07 millert
9617 * visudo.cat, visudo.man.in, visudo.pod: Typo: @sysconf@ ->
9620 2000-03-26 21:57 millert
9622 * Makefile.in: 'make dist' should not cause any files to be
9623 modified so remove its dependencies.
9625 2000-03-26 21:43 millert
9627 * CHANGES: Whoops, forgot to add release marker
9629 2000-03-26 11:57 millert
9631 * CHANGES: Final change for 1.6.3 (or so I hope)
9633 2000-03-26 11:57 millert
9635 * sudo.cat, sudoers.cat, visudo.cat: Use SYSV man sections since
9636 BSD systems will have nroff...
9638 2000-03-24 18:58 millert
9640 * parse.yacc: When checking to see if the host/user matches in a
9641 defaults spec, check against TRUE, not just non-zero since it
9644 2000-03-24 15:14 millert
9646 * configure.in, configure: OSF/1 puts file formats in section 4,
9649 2000-03-24 15:13 millert
9651 * CHANGES, INSTALL, sudo.c: Make login class support work on BSD/OS
9653 2000-03-23 20:24 millert
9655 * RUNSON: Update for 1.6.3
9657 2000-03-23 20:23 millert
9659 * configure, configure.in: If there is no inet_addr but there *is*
9660 an __inet_addr that's ok since inet_addr is probably just a macro
9661 then. The better thing to do would be to look for the macro, but
9662 this is fine for now.
9664 2000-03-23 19:50 millert
9666 * configure, configure.in: Don't use shlicc for BSD/OS 4.x
9668 2000-03-23 19:40 millert
9670 * Makefile.in, configure, configure.in: *.man lives in cwd, *.cat
9671 lives in $(srcdir), add a @mansrcdir@ configure variable so we
9672 can deal with this. Also, only remove *.man for 'distclean' not
9675 2000-03-23 19:16 millert
9677 * sudo.c: set_loginclass() should be static like the proto says
9679 2000-03-23 14:14 millert
9681 * fnmatch.c: Add #ifdef __STDC__ around the rangematch function
9682 header to avoid promotion of test to int, thus violating the
9683 prototype. Gcc handles this gracefully but more std ANSI
9684 compilers will complain.
9686 2000-03-23 10:11 millert
9688 * emul/fnmatch.h: Pull in newer fnmatch(3) that supports
9691 2000-03-23 10:11 millert
9693 * aclocal.m4, configure, fnmatch.3, fnmatch.c: Pull in newer
9694 fnmatch(3) that supports FNM_CASEFOLD Check for FNM_CASEFOLD in
9697 2000-03-22 23:41 millert
9699 * CHANGES, TODO: update for 1.6.3
9701 2000-03-22 23:38 millert
9703 * lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc, sudo.tab.h,
9704 testsudoers.c, visudo.c: Fully qualified hosts w/ wildcards were
9705 not matching the FQHOST token type. There's really no need for a
9706 separate token for fully-qualified vs. unqualified anymore so
9707 FQHOST is now history and hostname_matches now decides which
9708 hostname (short or long) to check based on whether or not the
9709 pattern contains a '.'.
9711 2000-03-22 23:09 millert
9713 * parse.c, parse.h, parse.yacc, sudoers.pod, testsudoers.c,
9714 visudo.c, sudoers.cat, sudoers.man.in: Add support for wildcards
9717 2000-03-22 22:50 millert
9719 * Makefile.in: Add targets for *.man.in, using config.status to
9720 generate *.man from *.man.in
9722 2000-03-22 22:20 millert
9724 * sudoers.cat, sudoers.man.in, sudoers.pod: Document set_logname
9725 option and enbolden refs to sudo and visudo.
9727 2000-03-22 19:35 millert
9729 * INSTALL, Makefile.in, aclocal.m4, configure, configure.in,
9730 sudo.cat, sudo.pod, sudo.man.in, sudoers.cat, sudoers.pod,
9731 visudo.cat, visudo.pod, sudoers.man.in, visudo.man.in: Add
9732 FreeBSD login.conf support (untested on BSD/OS) based on a patch
9733 from Michael D. Marchionna. configure now does substitution on
9734 the man pages, allowing us to fix up the paths and set the
9735 section correctly. Based on an idea from Michael D. Marchionna.
9737 2000-03-22 19:27 millert
9739 * auth/passwd.c: Better fix for handling HP-UX aging info.
9741 2000-03-22 19:20 millert
9743 * sudo.c: Add support for set_logname run-time default
9745 2000-03-22 19:17 millert
9747 * sudo.man.in, sudoers.man.in, visudo.man.in: configure does
9748 substitution on these to produce *.man
9750 2000-03-22 19:16 millert
9752 * sudo.man, sudoers.man, visudo.man: These files now get generated
9753 from *.man.in at configure time.
9755 2000-03-22 18:40 millert
9757 * defaults.c, defaults.h: Add set_logname option so users can turn
9758 off setting of LOGNAME/USER environment variables.
9760 2000-03-22 10:53 millert
9762 * testsudoers.c, lsearch.c, parse.c: kill register
9764 2000-03-13 15:52 millert
9766 * auth/passwd.c: HP-UX adds extra info at the end for password
9767 aging so when comparing the result of crypt to pw_passwd we only
9768 compare the first len(epass) bytes *unless* the user entered an
9769 empty string for a password.
9771 2000-03-13 11:05 millert
9773 * logging.c: Get rid of grandchild hack, it was causing problems
9774 and there is really no need for it. This fixes a bug where we
9775 spin eating up CPU when the user runs a long-running process like
9778 2000-03-07 14:26 millert
9780 * sudo.c: User can always specify a login class if he/she is
9783 2000-03-06 23:29 millert
9785 * config.h.in, configure, configure.in, defaults.c, defaults.h,
9786 sudo.c, sudo.h: FreeBSD login class (login.conf) support.
9788 2000-03-06 14:42 millert
9790 * auth/sudo_auth.c: HAVE_SECUREWARE -> HAVE_GETPRPWNAM; fixes
9793 2000-03-03 18:04 millert
9795 * auth/passwd.c: Truncate unencrypted password to 8 chars if
9796 encrypted password is exactly 13 characters (indicateing standard
9797 a DES password). Many versions of crypt() do this for you, but
9798 not all (like HP-UX's).
9800 2000-03-01 21:01 millert
9802 * INSTALL, RUNSON: Mention that gcc on dynix may have problems
9804 2000-02-29 17:46 millert
9806 * Makefile.in: Link visudo with NET_LIBS since we now call syslog
9809 2000-02-29 17:41 millert
9811 * defaults.c: Use Argv[0] as the first arg to openlog() since
9812 visudo uses this too.
9814 2000-02-28 18:58 millert
9816 * sudo.c: Stash coredumpsize resource limit and retsore it before
9817 the exec() Otherwise the child ends up with a coredumpsize of 0.
9819 2000-02-26 22:56 millert
9821 * sudo.cat, sudo.man, sudo.pod: document -S flag
9823 2000-02-26 22:54 millert
9825 * sudo.c: fix usage string
9827 2000-02-26 22:48 millert
9829 * CHANGES, RUNSON, TODO, sudo.c, sudo.h, tgetpass.c,
9830 auth/aix_auth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Added
9831 -S flag (read passwd from stdin) and tgetpass_flags global that
9832 holds flags to be passed in to tgetpass(). Change echo_off param
9833 to tgetpass() into a flags field. There are currently 2 possible
9834 flags for tgetpass(): TGP_ECHO and TGP_STDIN. In tgetpass(),
9835 abstract the echo set/clear via macros and if (flags & TGP_ECHO)
9836 but echo is not set on the terminal, but sure to set it.
9838 2000-02-26 22:11 millert
9840 * tgetpass.c: Fixed a bug that caused an infinite loop when the
9841 password timeout was disabled.
9843 2000-02-18 12:56 millert
9845 * CHANGES, defaults.c, defaults.h, getspwuid.c, sudo.c, sudo.h,
9846 sudoers.cat, sudoers.man, sudoers.pod, visudo.c: Add rootpw,
9847 runaspw, and targetpw options.
9849 2000-02-18 12:11 millert
9851 * CHANGES, defaults.c, sudoers.cat, sudoers.man, sudoers.pod,
9852 visudo.c: enveditor -> env_editor
9854 2000-02-15 19:07 millert
9856 * BUGS, INSTALL, Makefile.in, README, configure, configure.in,
9857 sudo.cat, sudo.man, sudoers.cat, sudoers.man, version.h,
9858 visudo.cat, visudo.man: crank versino to 1.6.3
9860 2000-02-15 19:03 millert
9862 * INSTALL, TODO, defaults.c, defaults.h, sudoers.cat, sudoers.man,
9863 sudoers.pod, visudo.c: Add 'editor' and 'enveditor' sudoers
9864 defaults and make visudo honor them. This means that visudo will
9865 now parse the sudoers file *before* it is edited so a bogus
9866 sudoers file will cause a warning to go to stderr. Also, visudo
9867 checks the variables once--it does not check them after each
9868 editor run since that could be confusing.
9870 2000-02-15 18:49 millert
9872 * RUNSON: 1.6.2 -> 1.6.2p1
9874 2000-02-15 18:36 millert
9876 * check.c, sudo.c, sudo.h: Move user_is_exempt prototype into
9879 2000-02-13 13:38 millert
9881 * configure, configure.in: Fix thinko, some && should have been ||
9884 2000-02-13 13:28 millert
9886 * configure, configure.in: Don't initialized Makefile variables to
9887 be NULL since the user may want to import variables from their
9890 2000-02-03 21:09 millert
9892 * configure, configure.in: typo
9894 2000-01-27 15:01 millert
9896 * INSTALL, RUNSON, configure, configure.in: Make pam work on HP-UX
9897 11.0;jaearick@colby.edu
9899 2000-01-27 15:01 millert
9901 * CHANGES: recent changes; prepare for 1.6.2p1
9903 2000-01-26 23:31 millert
9905 * find_path.c: Don't apply SECURE_PATH if user is example;
9908 2000-01-26 16:21 millert
9910 * sudoers.cat, sudoers.man, sudoers.pod: Expanded docs on sudoers
9911 'defaults' options based on INSTALL file info.
9913 2000-01-26 16:21 millert
9915 * INSTALL: Fix some while lies
9917 2000-01-24 10:48 millert
9919 * Makefile.in: When making a bindist, link FAQ to TROUBLESHOOTING
9922 2000-01-23 22:57 millert
9924 * sudoers.cat, sudoers.man, sudoers.pod: Add netgroup caveat
9926 2000-01-23 22:42 millert
9928 * RUNSON: Last minute updates
9930 2000-01-23 22:26 millert
9932 * TROUBLESHOOTING: PAM entry
9934 2000-01-23 22:23 millert
9936 * auth/pam.c: correct a comment
9938 2000-01-23 22:03 millert
9940 * CHANGES, RUNSON: update for 1.6.2
9942 2000-01-23 21:59 millert
9944 * auth/pam.c: Better detection of PAM errors and fix custom prompts
9945 with PAM. Based on patches from "Cloyce D. Spradling"
9946 <cloyce@headgear.org>
9948 2000-01-20 11:15 millert
9950 * snprintf.c: Cast ULONG_MAX to unsigned long long when comparing
9951 to an unsigned long long value.
9953 2000-01-19 14:07 millert
9955 * CHANGES, config.h.in, configure, configure.in, visudo.c: Fix
9956 sudoers locking in visudo. We now lock the sudoers file itself,
9957 not the temp file (since locking the temp file can foul up
9958 editors). The previous locking scheme didn't work because the fd
9959 was closed too early.
9961 2000-01-19 13:37 millert
9963 * configure, config.h.in, configure.in: Don't need test for
9964 ftruncate() any more.
9966 2000-01-18 21:23 millert
9968 * configure, configure.in: Add a test for the -Aa flag w/ HP-UX's
9969 cc. Fixes compilation with the unbundled HP-UX cc.
9971 2000-01-18 17:00 millert
9973 * sudoers.cat, sudoers.man, sudoers.pod: "a a" -> "a"; Aaron
9974 Campbell <aaron@cs.dal.ca>
9976 2000-01-17 18:46 millert
9978 * LICENSE, Makefile.in, defaults.c, defaults.h, parse.c, parse.h,
9979 parse.yacc, sudo.c, sudo.h, sudoers.pod, testsudoers.c,
9980 tgetpass.c, version.h, visudo.c: update copyright year on changed
9983 2000-01-17 18:45 millert
9987 2000-01-17 18:45 millert
9991 2000-01-17 18:42 millert
9993 * INSTALL: Crank version to 1.6.2
9995 2000-01-17 18:11 millert
9997 * configure: Crank version to 1.6.2
9999 2000-01-17 17:46 millert
10001 * sudo.c: When using rlimit check for RLIM_INFINITY When computing
10002 the value of maxfd, use min(getdtablesize(), RLIMIT_NOFILE)
10004 2000-01-17 12:32 millert
10006 * CHANGES: recent changes
10008 2000-01-17 12:28 millert
10010 * BUGS, Makefile.in, README, configure.in, sudo.cat, sudo.man,
10011 sudoers.cat, sudoers.man, version.h, visudo.cat, visudo.man:
10012 Crank version to 1.6.2
10014 2000-01-17 12:25 millert
10016 * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.pod: Add
10017 'shell_noargs' runtime option back in. We have to defer checking
10018 until after the sudoers file has been parsed but since there are
10019 now other options that operate that way this one can too. Based
10020 on a patch from bguillory@email.com.
10022 2000-01-16 23:05 millert
10024 * defaults.c, defaults.h, parse.c, sudo.c, sudo.h: Add "listpw" and
10025 "verifypw" options.
10027 2000-01-16 22:57 millert
10029 * sudoers.cat, sudoers.man, sudoers.pod: o Fix some typos/omissions
10030 o Add section on verifypw and listpw o Define how NOPASSWD
10031 interacts with the -v and -l flags
10033 2000-01-14 12:39 millert
10035 * configure, configure.in: For HP-UX cc, add -Aa to CPPFLAGS. For
10036 HP-UX always add -D_HPUX_SOURCE to CPPFLAGS.
10038 2000-01-14 12:29 millert
10040 * defaults.c, defaults.h: In struct sudo_defs_types, move the union
10041 to the end and don't initialize the union member since that only
10042 works with an ANSI compiler. We set the value of the union by
10043 hand in init_defaults() anyway. This allows sudo to compile on a
10044 K&R compiler again.
10046 2000-01-11 13:20 millert
10048 * parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c:
10049 netgr_matches needs to check shost as well as host since they may
10052 2000-01-11 13:17 millert
10054 * tgetpass.c: End on \r as well as \n
10056 2000-01-02 23:53 millert
10058 * sudo.c: Update statbuf.st_mode based on SUDOERS_MODE when we are
10059 chaning from 0400 to whatever SUDOERS_MODE is (converting from
10060 the old sudoers mode). Assumes that SUDOERS_MODE is less
10061 restrictive than 0400 which should always be the case.
10063 2000-01-02 23:43 millert
10065 * parse.c, parse.yacc, sudo.c, sudo.h: Make treatment of -l and -v
10066 sane wrt NOPASSWD flags. Now allow -l w/o a passwd if there is
10067 *any* entry for the user on the host with a NOPASSWD flag. For
10068 -v, only allow w/o a passwd if *all* entries for the user on the
10069 host w/ the specified runas user have the NOPASSWD flag set.
10071 2000-01-02 23:26 millert
10073 * Makefile.in: add check target
10075 1999-12-16 13:02 millert
10077 * visudo.c: Treat EOF at whatnow prompt like 'x' instead of
10080 1999-12-10 00:09 millert
10082 * CHANGES: recent changes
10084 1999-12-08 23:04 millert
10086 * config.h.in, configure, configure.in, sudo.c: Add check for
10087 initgroups() since old SYSV lacks this.
10089 1999-12-08 22:54 millert
10091 * CHANGES, RUNSON, aclocal.m4, config.h.in, configure,
10092 configure.in, parse.c, testsudoers.c: o Kill HAVE_FNMATCH_H o
10093 Only define HAVE_FNMATCH if <fnmatch.h> exists.
10095 1999-12-06 01:47 millert
10097 * CHANGES, RUNSON, insults.h, auth/sudo_auth.c: Don't allow insults
10098 to be enabled if the insults[] array is empty. Otherwise there
10099 would be division by zero.
10101 1999-12-06 01:25 millert
10103 * insults.h: Don't care about USE_INSULTS #define since the insult
10104 stuff may be overridden at runtime.
10106 1999-12-06 01:23 millert
10108 * auth/sudo_auth.c: Honor insults flag.
10110 1999-12-05 19:14 millert
10112 * CHANGES, parse.c: Don't ask the user for a password if the user
10113 is not allowed to run the command and the authenticate flag (in
10116 1999-12-05 19:05 millert
10118 * CHANGES, RUNSON, lex.yy.c, parse.lex: o Whenever we get a bare
10119 newline we change to the INITIAL state. o Enter GOTRUNAS when we
10122 This allows #uid to work in a RunasAlias.
10124 1999-12-05 14:06 millert
10126 * CHANGES, parse.yacc: fix parsing of runas lists: o oprunasuser
10127 and runaslist now return a value o in a runasspec, if a runaslist
10128 does not return TRUE, set runas_matches to FALSE. Normally, a
10129 runaslist only returns FALSE for explicitly denied users. o
10130 since runaslist does not modify the stack there is no need for a
10131 push/pop in runasalias.
10133 1999-12-04 21:54 millert
10135 * check.c, sudo.c: Don't kill the user's tickets until after
10136 sudoers has been parsed since tty_tickets and ticket_dir could be
10139 1999-12-04 21:18 millert
10141 * BUGS, CHANGES, Makefile.binary, Makefile.in, README, RUNSON,
10142 configure, configure.in, sudo.cat, sudo.man, sudoers.cat,
10143 sudoers.man, tgetpass.c, version.h, visudo.cat, visudo.man: crank
10146 1999-12-04 21:18 millert
10148 * testsudoers.c: add set_fqdn() stub
10150 1999-12-02 15:31 millert
10152 * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.cat,
10153 sudoers.man, sudoers.pod, visudo.c: o Kill shell_noargs option,
10154 it cannot work since the command needs to be set before sudoers
10155 is parsed. o Fix the "set_home" sudoers option (only worked at
10156 compile time). o Fix "fqdn" sudoers option. We now set
10157 host/shost via set_fqdn which gets called when the "fqdn"
10158 option is set in sudoers. o Move the openlog() to
10159 store_syslogfac() so this gets overridden correctly from the
10162 1999-12-02 15:21 millert
10164 * auth/securid.c: SecurID support should compile now.
10166 1999-11-28 20:56 millert
10168 * sudo.pod, visudo.pod, sudo.cat, sudo.man, sudoers.man,
10169 visudo.man, sudoers.cat, visudo.cat: fix some syntactic goofs
10171 1999-11-28 18:51 millert
10173 * sudo.html, sudoers.html, Makefile.in, visudo.html: No longer need
10174 the .html files as they are generated automatically on the web
10177 1999-11-28 18:49 millert
10179 * CHANGES, LICENSE: kill characters that made wml unhappy
10181 1999-11-28 18:34 millert
10185 1999-11-25 12:05 millert
10187 * README: majordomo@cs.colorado.edu -> majordomo@courtesan.com
10189 1999-11-24 19:43 millert
10191 * Makefile.in, configure: Wrap script execution w/ /bin/sh for the
10194 1999-11-23 22:52 millert
10196 * sudo.c: Make the -s flag be exclusive too. Also reorder the
10197 flags in the exclusive usage message so they are alphabetical.
10199 1999-11-23 13:27 millert
10201 * auth/pam.c: make pam errors other than PAM_PERM_DENIED fatal
10203 1999-11-23 13:07 millert
10205 * auth/API: fix typo
10207 1999-11-23 13:07 millert
10209 * INSTALL: make it clear that /etc/pam.d/sudo is required on linux
10211 1999-11-23 13:06 millert
10213 * auth/pam.c: fix a warning on redhat and spew an error if
10214 pam_authenticate() returns an error other than AUTH_SUCCESS or
10217 1999-11-23 00:43 millert
10219 * sudo.cat, sudo.html, sudo.man, sudo.pod: Be very clear that the
10220 password required is the user's not root's
10222 1999-11-19 21:04 millert
10224 * Makefile.in: add sample.syslog.conf to DISTFILES and BINFILES
10226 1999-11-18 19:13 millert
10228 * RUNSON: updates from Brian Jackson + some formatting
10230 1999-11-17 21:39 millert
10232 * INSTALL.binary, Makefile.binary, README, RUNSON: o One RUNSon
10233 update o Changes for automating real binary releases
10235 1999-11-17 21:38 millert
10237 * Makefile.in: Add bindist target
10239 1999-11-16 16:26 millert
10241 * TROUBLESHOOTING: talk about run-time options in addition to
10242 compile-time options
10244 1999-11-16 01:16 millert
10246 * CHANGES: fix typos
10248 1999-11-16 01:09 millert
10250 * sudo.c: need sys/time.h if HAVE_SETRLIMIT
10252 1999-11-16 00:42 millert
10254 * PORTING, README, RUNSON, sudo.c, sudo.cat, sudo.html, sudo.man,
10255 sudo.pod, visudo.cat, visudo.html, visudo.man, visudo.pod: get
10256 rid of references to sudo-bugs. Now mention the web site or the
10259 1999-11-16 00:35 millert
10261 * sudoers.html: repair pod2html damage
10263 1999-11-16 00:28 millert
10265 * RUNSON, TODO: Update for 1.6 release
10267 1999-11-16 00:23 millert
10269 * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Add warning
10270 about using ALL in a command context.
10272 1999-11-09 15:12 millert
10274 * visudo.c: Call yyrestart() on a parse error to reset the lexer
10277 1999-11-09 15:06 millert
10279 * parse.lex, lex.yy.c: Don't need YY_FLUSH_BUFFER after all Move
10280 yyrestart() into visudo.c since it might not get called in yywrap
10281 if we get a parse error (and we only reread the file on error
10284 1999-11-09 14:32 millert
10286 * parse.lex, lex.yy.c: Call YY_FLUSH_BUFFER macro in yywrap() to
10287 clean up any buffers that might still exist. Call yyrestart()
10288 instead of using the deprecated YY_NEW_FILE macro.
10290 1999-11-09 12:13 millert
10292 * lex.yy.c, parse.lex: flex doesn't need %N table size declarations
10294 1999-11-08 19:00 millert
10296 * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Mention what
10297 characters need to be escaped in names.
10299 1999-11-08 18:59 millert
10303 1999-11-08 18:59 millert
10305 * INSTALL: clarify Mac OS X entry
10307 1999-11-08 18:59 millert
10311 1999-11-08 17:45 millert
10313 * configure.in: o Use AC_MSG_ERROR throughout o Check syslog
10314 configure options for danity
10316 1999-11-05 17:11 millert
10318 * defaults.c: Fix printing of type T_MODE in dump_defaults()
10320 1999-11-05 12:00 millert
10322 * strcasecmp.c: missing sys/types.h
10324 1999-11-05 00:42 millert
10326 * INSTALL: Break out options that may be overridden at run time
10327 into their own section. Add a not about Max OS X and correct
10330 1999-11-04 14:01 millert
10332 * CHANGES, config.h.in, configure, configure.in, sudo.c: o Now use
10333 getrlimit to find the highest fd when closing all non-std fd's o
10334 Turn off core dumps via setrlimit for the sake of paranoia
10336 1999-11-04 13:57 millert
10340 1999-11-01 10:59 millert
10344 1999-11-01 10:58 millert
10346 * tgetpass.c: When read()'ing, do a single character at a time to
10347 be sure we don't go oast the newline.
10349 1999-11-01 10:43 millert
10351 * sudo.c: For the sudo_root option, check against user_uid, not
10352 getuid() since at this point, ruid == euid == 0.
10354 1999-10-31 23:14 millert
10356 * RUNSON: some updates
10358 1999-10-31 23:14 millert
10360 * logging.h: Fix compilation problem when --with-logging=file was
10361 specified. This means that syslog is now required to build sudo
10362 but that should not be a problem. If it is it can be fixed
10363 trivially with a configure check for syslog() or syslog.h.
10365 1999-10-31 23:00 millert
10367 * tgetpass.c: Make this work again for things like "sudo echo hi |
10368 more" where the tty gets put into character at a time mode. We
10369 read until we read end of line or we run out of space (similar to
10372 1999-10-20 11:23 millert
10374 * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: change ital
10377 1999-10-20 11:23 millert
10381 1999-10-16 13:56 millert
10383 * defaults.c: Error out if syslog parameters are given without a
10384 value. For Ultrix or 4.2BSD "syslog" is allowed without a value
10385 since there are no facilities in the 4.2BSD syslog.
10387 1999-10-15 16:37 millert
10389 * defaults.c: Ignore the syslog facility for systems w/ old syslog
10392 1999-10-15 12:51 millert
10394 * TROUBLESHOOTING: people with "." early in their path can have
10395 problems running sudo from the build dir ;-)
10397 1999-10-13 00:18 millert
10399 * sudo.man, sudo.pod, sudo.cat, sudo.html: Remove -r realm option
10401 1999-10-12 22:34 millert
10403 * configure, configure.in, sudo.c, auth/kerb5.c, auth/sudo_auth.c,
10404 auth/sudo_auth.h: New krb5 code from Frank Cusack
10405 <fcusack@iconnet.net>.
10407 1999-10-12 22:33 millert
10409 * CHANGES: update to reality
10411 1999-10-11 20:53 millert
10413 * auth/fwtk.c: include <auth.h> to get function prototypes.
10415 1999-10-11 20:05 millert
10417 * sudo.cat, sudo.html, sudo.man, sudo.pod: document -L flag
10419 1999-10-11 19:42 millert
10421 * sudo.c: in set_perms(), always call setuid(0) before changing the
10422 ruid/euid so we always know it will succeed.
10424 1999-10-11 12:24 millert
10426 * defaults.h: #undef T_FOO to avoid conflicts with system defines
10429 1999-10-11 11:55 millert
10431 * TODO, sample.sudoers, sudoers.cat, sudoers.html, sudoers.man,
10432 sudoers.pod: Docuement "Defaults" lines in /etc/sudoers. Still
10433 needs some fleshing out but this is a start.
10435 1999-10-10 17:21 millert
10437 * defaults.c: use strtol, not strtoul since not everyone has not
10440 1999-10-10 15:01 millert
10442 * lex.yy.c, parse.lex: last {WORD} rule should only apply in the
10445 1999-10-10 14:38 millert
10447 * lex.yy.c, parse.lex: o Add support for escaped characters in the
10448 WORD macro o Modify fill() to squash escape chars
10450 1999-10-10 13:56 millert
10452 * defaults.c, defaults.h: o Add T_PATH flag to allow simple sanity
10453 checks for default values that are supposed to be pathnames. o
10454 Fix a duplicate free when visudo finds an error.
10456 1999-10-09 01:01 millert
10458 * defaults.c, defaults.h, logging.c: mail_if_foo -> mail_foo
10460 1999-10-07 21:12 millert
10462 * compat.h, defaults.c, defaults.h, sudo.c, tgetpass.c: o Add
10463 requiretty option o Move O_NOCTTY to compat.h
10465 1999-10-07 21:12 millert
10467 * logging.c: The exit() in log_error() was mistakenly removed in a
10468 previous version. Put it back...
10470 1999-10-07 17:20 millert
10472 * INSTALL, TODO, check.c, config.h.in, configure, configure.in,
10473 defaults.c, defaults.h, find_path.c, getspwuid.c, lex.yy.c,
10474 logging.c, parse.yacc, sudo.c, auth/aix_auth.c, auth/fwtk.c,
10475 auth/pam.c, auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: o
10476 Change defaults stuff to put the value right in the struct. o
10477 Implement mailer_flags o Store syslog stuff both in int and
10478 string form. Setting the string form magically updates the int
10479 version. o Add boolean attribute to strings where it makes sense
10482 1999-10-07 17:13 millert
10484 * tgetpass.c: add O_NOCTTY when opening /dev/tty just in case
10486 1999-10-06 00:48 millert
10488 * auth/API: cleanup function no longer takes a status arg
10490 1999-10-06 00:48 millert
10494 1999-09-15 05:15 millert
10496 * TODO, config.h.in, configure, configure.in, logging.c: Use
10497 strftime() instead of ctime() if it is available.
10499 1999-09-14 12:58 millert
10501 * defaults.c: fix copyright date
10503 1999-09-14 12:57 millert
10505 * RUNSON: update ReliantUNIX entry
10507 1999-09-14 12:56 millert
10509 * defaults.c, defaults.h, logging.c: add log_year option
10511 1999-09-14 04:01 millert
10513 * configure, configure.in: add --without-sendmail to help output
10515 1999-09-14 03:42 millert
10517 * configure, configure.in: enforce an otctal arg for
10518 --with-suoders-mode
10520 1999-09-08 04:06 millert
10522 * BUGS, INSTALL, Makefile.in, TODO, aclocal.m4, check.c,
10523 config.h.in, configure, configure.in, defaults.c, defaults.h,
10524 find_path.c, lex.yy.c, logging.c, parse.h, parse.lex, parse.yacc,
10525 sudo.c, sudo.h, sudo.tab.h, testsudoers.c, version.c, visudo.c,
10526 auth/aix_auth.c, auth/fwtk.c, auth/kerb5.c, auth/pam.c,
10527 auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: Add support for
10528 "Defaults" line in sudoers to make configuration variables
10529 changable at runtime (and on a global, per-host and per-user
10530 basis). Both the names and the internal representation are still
10531 subject to change. It was necessary to make sudo_user.runas but
10532 a char ** instead of a char * since this value can be changed by
10533 a Defaults line. There is a similar (but more complicated) issue
10534 with sudo_user.prompt but it is handled differently at the
10537 Add a "-L" flag to list the name of options with their
10538 descriptions. This may only be temporary.
10540 Move some prototypes to parse.h
10542 Be much less restrictive on what is allowed for a username.
10544 1999-09-08 04:01 millert
10546 * sample.syslog.conf: Add more info
10548 1999-09-04 03:09 millert
10550 * fnmatch.3, fnmatch.c, getcwd.c, lsearch.c, snprintf.c,
10551 strcasecmp.c, LICENSE: UCB has dropped the advertising clause
10552 from their license.
10554 1999-08-31 05:39 millert
10556 * auth/sudo_auth.h: move dce_verofy proto to correct section
10558 1999-08-31 05:39 millert
10560 * auth/dce.c: remove XXX
10562 1999-08-28 06:00 millert
10564 * emul/fnmatch.h: Add fnmatch() prototype
10566 1999-08-28 06:00 millert
10568 * fnmatch.c, parse.c, testsudoers.c: Move inclusion of
10569 emul/fnmatch.h to be after sudo.h for __P
10571 1999-08-28 05:59 millert
10573 * sudo.h: add strcasecmp proto
10575 1999-08-28 05:50 millert
10577 * auth/sudo_auth.c: add check for case where there are no auth
10580 1999-08-28 05:36 millert
10582 * configure, configure.in: Define _XOPEN_EXTENDED_SOURCE on AIX and
10583 __USE_FIXED_PROTOTYPES__ on SunOS4 w/ gcc
10585 1999-08-28 05:24 millert
10587 * getspwuid.c, lex.yy.c, parse.lex, parse.yacc: include strings.h
10588 everywhere we include string.h
10590 1999-08-28 05:22 millert
10592 * version.c: nicer output when showing auth methods
10594 1999-08-28 05:00 millert
10596 * version.c: Add support for SEND_MAIL_WHEN_NO_HOST
10598 1999-08-28 04:49 millert
10600 * config.h.in, configure.in, configure: Add _GNU_SOURCE for Linux
10602 1999-08-28 04:22 millert
10604 * parse.lex, lex.yy.c: fix definition of OCTECT
10606 1999-08-28 04:10 millert
10608 * configure, configure.in: aix_auth.o not authenticate.o
10610 1999-08-27 17:02 millert
10612 * sudo.c: Only block SIGINT, SIGQUIT, SIGTSTP (which can be
10613 generated from the keyboard). Since we run with ruid/euid == 0
10614 the user can't really signal us in nasty ways.
10616 1999-08-27 17:01 millert
10618 * visudo.c: Don't need to worry about catching too many signals
10619 since we do locking on the tmp file. If a lockfile is really
10620 stale, it will be detected and overwritten.
10622 1999-08-27 16:09 millert
10624 * INSTALL, Makefile.in: include auth/API in tarball
10626 1999-08-27 16:09 millert
10628 * auth/sudo_auth.c: move memset() of plaintext pw outside of verify
10629 loop and only do the memset if we are *not* in standalone mode.
10631 1999-08-27 13:46 millert
10633 * auth/: sudo_auth.c, sudo_auth.h: DCE is not a standalone method
10635 1999-08-27 11:53 millert
10637 * sudo.c: fix --enable-noargs-shell
10639 1999-08-27 11:06 millert
10641 * snprintf.c: "#ifdef __STDC__" not "#if __STDC__" (I missed one)
10643 1999-08-27 10:54 millert
10645 * auth/: fwtk.c, sia.c: _cleanup() function returns an int.
10647 1999-08-27 10:50 millert
10649 * auth/dce.c: there were still some return(0)'s hanging around,
10650 make them AUTH_FAILURE
10652 1999-08-27 10:39 millert
10654 * parse.c: typo in comment
10656 1999-08-27 10:03 millert
10658 * version.c: add missing semicolon
10660 1999-08-27 08:31 millert
10662 * auth/sudo_auth.h: missing backslash
10664 1999-08-26 17:24 millert
10666 * CHANGES, config.h.in, configure, configure.in: Kill
10667 _XOPEN_EXTENDED_SOURCE -- causes problems on some OSes
10669 1999-08-26 09:21 millert
10671 * Makefile.in: add parse.h to HDRS
10673 1999-08-26 09:16 millert
10675 * Makefile.in, configure, configure.in: Kill VISUDO_LIBS and
10676 VISUDO_LDFLAGS. Add LIBS, NET_LIBS, and LDFLAGS. Common libs go
10677 in LIBS, commong ld flags go in LDFLAGS and network libs like
10678 -lsocket, -lnsl go in NET_LIBS. This allows testsudoers to build
10679 on Solaris and is a bit cleaner in general.
10681 1999-08-26 06:56 millert
10683 * UPGRADE: mention ptmp -> sudoers.tmp
10685 1999-08-26 06:12 millert
10687 * configure.in, configure, config.h.in: Define
10688 _XOPEN_SOURCE_EXTENDED not _XOPEN_SOURCE
10690 1999-08-26 05:37 millert
10692 * RUNSON: add 2 reports
10694 1999-08-26 05:20 millert
10696 * auth/kerb5.c: Minor changes, mostly cosmetic.
10697 verify_krb_v5_tgt() changed to return a value more like a system
10700 1999-08-26 05:19 millert
10702 * auth/dce.c: Add an XXX
10704 1999-08-26 05:19 millert
10706 * TODO: more things todo!
10708 1999-08-26 05:18 millert
10710 * sample.sudoers: update based on what is in the man page
10712 1999-08-26 05:10 millert
10714 * parse.yacc: minor change to first line printed in -l mode
10716 1999-08-26 05:10 millert
10718 * sudo.cat, sudo.html, sudo.man, sudo.pod: rename "ENVIRONMENT
10719 VARIABLES" section to "ENVIRONMENT" to be more standard and add
10722 1999-08-26 05:08 millert
10724 * visudo.cat, visudo.html, visudo.man, visudo.pod: rename
10725 "ENVIRONMENT VARIABLES" section to "ENVIRONMENT" to be more
10728 1999-08-26 05:06 millert
10730 * logging.c, parse.c, sudo.h: add FLAG_NO_CHECK
10732 1999-08-26 05:05 millert
10734 * parse.lex, lex.yy.c: make an OCTET really be limited to 0-255
10736 1999-08-26 05:04 millert
10738 * UPGRADE: mention timestamp changes
10740 1999-08-26 05:04 millert
10742 * PORTING: cosmetic cleanup
10744 1999-08-26 05:00 millert
10746 * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: new
10747 sudoers(8) man page
10749 1999-08-24 13:45 millert
10751 * version.c: Update comments about syslog name tables
10753 1999-08-24 13:37 millert
10755 * CHANGES, LICENSE, Makefile.in, configure, strcasecmp.c,
10756 configure.in, parse.yacc: include strcasecmp() for those without
10759 1999-08-24 12:43 millert
10761 * sample.sudoers: Use the : operator some more and fix a typo
10763 1999-08-24 12:43 millert
10765 * HISTORY: update the history of sudo
10767 1999-08-24 12:42 millert
10769 * parse.c, parse.lex, testsudoers.c: CIDR-style netmask support
10771 1999-08-24 12:41 millert
10773 * CHANGES: recent changes
10775 1999-08-24 12:40 millert
10777 * sudo.tab.h: these should be generated with byacc, not bison
10779 1999-08-24 12:40 millert
10783 1999-08-24 11:58 millert
10785 * parse.h, parse.yacc, sudo.tab.h: In "sudo -l" mode, the type of
10786 the stored (expanded) alias was not stored with the contents.
10787 This could lead to incorrect output if the sudoers file had
10788 different alias types with the same name. Normal parsing (ie:
10789 not in '-l' mode) is unaffected.
10791 1999-08-23 12:47 millert
10793 * configure, configure.in: define _XOPEN_SOURCE to get at crypt()
10794 proto on some systems
10796 1999-08-22 13:10 millert
10798 * snprintf.c: fix comment
10800 1999-08-22 13:09 millert
10802 * tgetpass.c: don't need limits.h
10804 1999-08-22 07:36 millert
10806 * snprintf.c: kill bogus reference to vfprintf
10808 1999-08-22 07:26 millert
10810 * sample.sudoers, sudoers: better examples
10812 1999-08-22 07:23 millert
10814 * snprintf.c: Add some const in the K&R defs. This is safe since
10815 we define const away if the compiler doesn't grok it.
10817 1999-08-22 07:22 millert
10819 * aclocal.m4, configure: Better test for working long long support.
10820 Ultrix compiler supports basic long long but not all operations
10823 1999-08-22 05:59 millert
10825 * aclocal.m4, config.h.in, configure, getspwuid.c, snprintf.c,
10826 sudo.c, auth/secureware.c: Add check for LONG_IS_QUAD #undef
10827 MAXINT before including hpsecurity.h to silence an HP-UX warning
10828 Check for U?LONG_LONG_MAX in snprintf.c and use LONG_IS_QUAD
10830 1999-08-21 15:00 millert
10832 * LICENSE, aclocal.m4, config.h.in, configure, configure.in,
10833 snprintf.c: UCB-derived snprintf + asprintf support. Supports
10834 quads if the compiler does. No floating point yet, perhaps
10837 1999-08-20 16:37 millert
10839 * check.c, find_path.c, goodpath.c, logging.c, parse.c, sudo.c,
10840 auth/API, auth/sudo_auth.c, auth/sudo_auth.h: Run most of the
10841 code as root, not the invoking user. It doesn't really gain us
10842 anything to run as the user since an attacker can just have an
10843 setuid(0) in their egg. Running as root solves potential
10844 problems wrt signalling.
10846 1999-08-19 13:45 millert
10848 * logging.c, sudo.c: Don't wait for child to finish in log_error(),
10849 let the signal handler get it if we are still running, else let
10850 init reap it for us. The extra time it takes to wait lets the
10851 user know that mail is being sent.
10853 Install SIGCHLD handler in main() and for POSIX signals, block
10854 everything *except* SIGCHLD.
10856 1999-08-19 12:30 millert
10858 * logging.c, parse.c, parse.yacc, sudo.c, configure, sudo.h,
10859 INSTALL, config.h.in, configure.in: sudoers_lookup() now returns
10860 a bitmap instead of an int. This makes it possible to express
10861 things like "failed to validate because user not listed for this
10862 host". Some thigns that were previously VALIDATE_FOO are now
10863 FLAG_FOO. This may change later on.
10865 Reorganized code in log_auth() and sudo.c to deal with above
10868 Safer versions of push/pushcp with in the do { ... } while (0)
10871 parse.yacc now saves info on the stack to allow parse.c to
10872 determine if a user was listed, but not for the host he/she tried
10875 Added --with-mail-if-no-host option
10877 1999-08-17 11:29 millert
10879 * parse.yacc, sudo.h, visudo.c, visudo.cat, visudo.html,
10880 visudo.man, visudo.pod: o NewArgv and NewArgc don't need to be
10881 externally visible. o If pedantic > 1, it is a parse error. o
10882 Add -s (strict) option to visudo which sets pedantic to 2.
10884 1999-08-17 11:26 millert
10886 * HISTORY, INSTALL: Just have sudo-bugs contact info in one place
10888 1999-08-17 11:20 millert
10890 * sudo.cat, sudo.html, sudo.man, sudo.pod: Add BUGS section
10892 1999-08-17 10:29 millert
10894 * configure, configure.in, Makefile.in: Add testsudoers to default
10895 build target if --with-devel Don't clean generated parser files
10896 unless "distclean".
10898 1999-08-17 08:47 millert
10900 * parse.yacc: In pedantic mode we need to save *all* the aliases,
10901 not just those that match, or we get spurious warnings.
10903 1999-08-17 05:32 millert
10905 * TROUBLESHOOTING: reference samples.sylog.conf
10907 1999-08-14 11:50 millert
10909 * sample.syslog.conf: Sample entries for syslog.conf
10911 1999-08-14 11:40 millert
10913 * CHANGES: recent changes
10915 1999-08-14 11:36 millert
10917 * auth/: API, afs.c, aix_auth.c, dce.c, fwtk.c, kerb4.c, kerb5.c,
10918 pam.c, passwd.c, rfc1938.c, secureware.c, securid.c, sia.c,
10919 sudo_auth.c, sudo_auth.h: In struct sudo_auth, turn need_root and
10920 configured into flags and add a flag to specify an auth method is
10921 running alone (the only one). Pass auth methods their sudo_auth
10922 pointer, not the data pointer. This allows us to get at the
10923 flags and tell if we are the only auth method. That, in turn,
10924 allows the method to be able to decide what should/should not be
10925 a fatal error. Currently only rfc1938 uses it this way, which
10926 allows us to kill the OTP_ONLY define and te hackery that went
10927 with it. With access to the sudo_auth struct, methods can also
10928 get at a string holding their cannonical name (useful in error
10931 1999-08-14 11:34 millert
10933 * Makefile.in, INSTALL, README, config.h.in, configure,
10934 configure.in, getspwuid.c, lex.yy.c, parse.lex, parse.yacc,
10935 sudo.tab.h: o --with-otp deprecated, use --without-passwd instead
10936 o real dependencies in the Makefile o --with-devel option to
10937 enable yacc, lex, and -Wall o style -- "foo -> bar" becomes
10938 "foo->bar" o ALL goes back to being a token, not a string but
10939 don't leak memory o rename hsotspec -> host in parse.yacc
10941 1999-08-12 12:26 millert
10943 * BUGS, CHANGES: recent changes
10945 1999-08-12 12:24 millert
10947 * configure, configure.in, interfaces.c, snprintf.c, sudo.c,
10948 sudo.h, auth/sudo_auth.c: o Digital UNIX needs to check for
10949 *snprintf() before -ldb is added to LIBS since -ldb includes a
10950 bogus snprintf(). o Add forward refs for struct mbuf and struct
10951 rtentry for Digital UNIX. o Reorder some functions in snprintf.c
10952 to fix -Wall o Add missing includes to fix more -Wall
10954 1999-08-12 10:37 millert
10956 * INSTALL, check.c, config.h.in, configure, configure.in,
10957 parse.yacc, testsudoers.c, version.c, visudo.c, auth/sudo_auth.c:
10958 o Add a "pedentic" flag to the parser. This makes sudo warn in
10959 cases where an alias may be used before it is defined. Only
10960 turned on for visudo and testsudoers. o Add
10961 --disable-authentication option that makes sudo not require
10962 authentication by default. The PASSWD tag can be used to require
10963 authentication for an entry. We no longer overload
10966 1999-08-12 10:29 millert
10968 * lex.yy.c, parse.lex: Break 'WORD' regexp def into HOSTNAME and
10969 USERNAME. These days a username can contain just about anything
10970 so be very permissive. Also drop the unused \. punctuation.
10972 1999-08-09 18:25 millert
10974 * parse.yacc: o add a 'val' element to aliasinfo struct and move ->
10975 parse.h o find_alias() now returns an aliasinfo * instead of
10976 boolean o add_alias() now takes a value parameter to store in the
10977 aliasinfo.val o The cmnd, hostspec, runasuser, and user rules now
10978 return: 1) positive match 0) negative match (due to '!') -1) no
10979 match This means setting $$ explicitly in all cases, which I
10980 should have done in the first place. It also means that we
10981 always store a value that is != -1 and when we see a '!' we can
10982 set *_matches to !rv if rv != -1. The upshot of all of this is
10983 that '!' now works the way it should in lists and some of the
10984 rules are more uniform and sensible.
10986 1999-08-09 18:17 millert
10988 * Makefile.in: add parse.h dependency
10990 1999-08-09 18:17 millert
10992 * parse.h: kill unused *_matched macros
10994 1999-08-09 10:35 millert
10996 * parse.yacc: Allow a list of users as the first thing in a user
10997 spec, not just a single entry. This makes things more uniform,
10998 though it does allow you to write user specs that are hard to
11001 1999-08-09 10:08 millert
11005 1999-08-09 10:08 millert
11007 * configure.in: fix check for crypt() in libufc
11009 1999-08-07 14:03 millert
11011 * README: sudo-users list now exists
11013 1999-08-07 07:46 millert
11015 * INSTALL, PORTING, README, TODO, TROUBLESHOOTING: Update to
11018 1999-08-07 05:59 millert
11020 * CHANGES, Makefile.in, TODO, TROUBLESHOOTING, check.c, compat.h,
11021 config.h.in, configure.in, logging.c, sudo.h, version.c,
11022 visudo.c, configure, fileops.c: o Move lock_file() and touch()
11023 into fileops.c so visudo can use them o Visudo now locks the
11024 sudoers temp file instead of bailing when the temp file already
11025 exists. This fixes the problem of stale temp files but it does
11026 *require* that you not try to put the temp file in a
11027 world-writable directory. This shoud not be an issue as the temp
11028 file should live in the same dir as sudoers. o Visudo now only
11029 installs the temp file as sudoers if it changed.
11031 1999-08-06 09:49 millert
11033 * logging.c: add fcntl locking
11035 1999-08-06 09:33 millert
11037 * configure, config.h.in, configure.in, logging.c: Lock the log
11040 1999-08-06 05:36 millert
11042 * Makefile.in, TROUBLESHOOTING, parse.c, pathnames.h.in, sudo.c,
11043 visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod: o
11044 /etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow
11045 temp file o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and
11046 _PATH_SUDO_STMP -> _PATH_SUDOERS_TMP
11048 1999-08-05 17:38 millert
11050 * INSTALL, check.c, config.h.in, configure, configure.in,
11051 version.c: o Kill *_MESSAGE and replace with NO_LECTURE o Add
11052 more things to root sudo -V config reporting
11054 1999-08-05 10:56 millert
11056 * configure, configure.in: aix_auth.o not authenticate.o
11058 1999-08-05 10:48 millert
11060 * config.h.in: Add --with-goodpri and --with-badpri configure
11061 options to specify the syslog priority to use.
11063 1999-08-05 10:30 millert
11065 * INSTALL, configure.in, logging.h, configure: Add --with-goodpri
11066 and --with-badpri configure options to specify the syslog
11069 1999-08-05 10:25 millert
11071 * compat.h: kill crufty AIX stuff
11073 1999-08-05 06:55 millert
11075 * Makefile.in: Sigh, some versions of make (like Solaris's) don't
11076 deal with $< like I would expect. Both GNU and BSD makes get
11077 this right but... So, we just expand $< inline at the cost of
11080 1999-08-05 06:52 millert
11082 * version.c: If the invoking user is root, sudo will now print
11083 configure info in -V mode. Currently just prints logging info,
11084 to be expanded later.
11086 1999-08-05 06:51 millert
11088 * logging.c, logging.h, sudo.c, sudo.h: o new defines for syslog
11089 facility and priority o use new print_version() functino for -V
11092 1999-08-05 06:49 millert
11094 * check.c: Don't need version.c
11096 1999-08-05 06:21 millert
11098 * configure, configure.in, aclocal.m4, config.h.in: Add check for
11099 syslog facilities and priorities tables in syslog.h
11101 1999-08-05 05:23 millert
11103 * Makefile.in: o authenticate -> aix_auth o add version.c
11105 1999-08-05 05:21 millert
11107 * auth/sudo_auth.c: Missed a prompt -> user_prompt conversion
11109 1999-08-04 13:32 millert
11111 * TODO: sudo should lock its logfile
11113 1999-08-04 13:28 millert
11115 * parse.yacc: o Add '!' correctly when expanding Aliases. o Add
11116 shortcut macros for append() to make things more readable. o The
11117 separator in append() is now a string instead of a char. o In
11118 append(), only prepend the separator if the last char is not a
11119 '!'. This is a hack but it greatly simplifies '!' handling. o
11120 In -l mode, Runas lists and NOPASSWD/PASSWD tags are now
11121 inherited across entries in a list (matches current behavior).
11122 o Fix formatting in -l mode such that items in a list are
11123 separated by a space. Greatlt improves readability. o Space
11124 for name field in struct aliasinfo is now allocated dyanically
11125 instead of using a (big) buffer. o In add_alias(), only search
11126 the list once (lsearch instead of lfind + lsearch)
11128 1999-08-04 11:31 millert
11130 * lex.yy.c, sudo.tab.h: regen
11132 1999-08-04 10:54 millert
11134 * configure, configure.in: Solais pam doesn't require anye xtra
11137 1999-08-04 05:35 millert
11139 * parse.yacc: o Simpler '!' support now that the lexer deals with
11140 multiple !'s for us. o In the case of opFOO, have FOO give a
11141 boolean return value and set foo_matches in opFOO, not FOO. o
11142 Treat 'ALL' as a string since it gets fill()'d in
11143 parse.lex--fixes a small memory leak. In the long run it may
11144 be better to just fix parse.lex and make ALL back into a token.
11145 However, having it be a string is useful since it can be
11146 easily passed back to the parent rule if we so desire.
11148 1999-08-04 03:54 millert
11150 * parse.lex: o Remove some unnecessary backslashes o collapse
11151 multiple !'s by using !+ and checking if yyleng is even or odd.
11152 this allows us to simplify ! handling in parse.yacc
11154 1999-08-04 03:53 millert
11156 * sudo.c: -u flag was being ignored
11158 1999-08-01 13:04 millert
11160 * Makefile.in: correct fix
11162 1999-08-01 12:37 millert
11164 * Makefile.in: work around pod2man stupididy
11166 1999-08-01 12:35 millert
11168 * Makefile.in: correct dependencies for .cat
11170 1999-08-01 12:26 millert
11172 * sudo.cat, sudo.man, visudo.cat, visudo.man: regen
11174 1999-08-01 12:25 millert
11176 * sudo.pod, visudo.pod: Add copyright Update to reality
11178 1999-08-01 11:42 millert
11180 * parse.c, sudo.c, sudo.h: rename validate() to the more
11181 descriptive sudoers_lookup()
11183 1999-08-01 06:49 millert
11185 * auth/aix_auth.c: use tgetpass
11187 1999-07-31 12:32 millert
11191 1999-07-31 12:31 millert
11193 * HISTORY, INSTALL, Makefile.in, README, RUNSON, TROUBLESHOOTING,
11194 configure, configure.in, sudo.c: Sudo, not CU Sudo
11196 1999-07-31 12:19 millert
11198 * Makefile.in, alloc.c, check.c, compat.h, config.h.in,
11199 find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h,
11200 ins_csops.h, ins_goons.h, insults.h, interfaces.c, interfaces.h,
11201 lex.yy.c, logging.c, logging.h, parse.c, parse.h, parse.lex,
11202 parse.yacc, pathnames.h.in, putenv.c, strerror.c, sudo.c, sudo.h,
11203 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
11204 visudo.c, auth/afs.c, auth/aix_auth.c, auth/dce.c, auth/fwtk.c,
11205 auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
11206 auth/rfc1938.c, auth/secureware.c, auth/securid.c, auth/sia.c,
11207 auth/sudo_auth.c, auth/sudo_auth.h, emul/search.h, emul/utime.h,
11208 LICENSE: add 4th term to license similar to term 5 in the apache
11211 1999-07-31 12:02 millert
11213 * LICENSE, aclocal.m4, check.c, configure.in, insults.h, logging.c,
11214 sudo.c, sudo.h, auth/rfc1938.c: there was a 1995 release too
11216 1999-07-28 05:24 millert
11220 1999-07-28 05:21 millert
11222 * check.c: Use dirs instead of files for timestamp. This allows
11223 tty and non-tty schemes to coexist reasonably. Note, however,
11224 that when you update a tty ticket, the mtime on the user dir gets
11227 1999-07-28 05:17 millert
11229 * configure.in, configure: Fix getprpwnam() checking on SCO. Need
11230 to link with "-lprot -lx" when linking test program, not just
11231 -lprot. Also add check for getspnam(). The SCO docs indicate
11232 that /etc/shadow can be used but this may be a lie.
11234 1999-07-24 03:35 millert
11236 * auth/API: first cut at auth API description
11238 1999-07-22 15:48 millert
11240 * auth/: fwtk.c, kerb4.c, kerb5.c, pam.c, rfc1938.c, secureware.c,
11241 securid.c, sudo_auth.c, sudo_auth.h: auth API change. There is
11242 now an init method that gets run before the main loop. This
11243 allows auth routines to differentiate between initialization that
11244 happens once vs. setup that needs to run each time through the
11247 1999-07-22 12:23 millert
11249 * logging.c, auth/kerb5.c: use easprintf() and evasprintf()
11251 1999-07-22 12:22 millert
11253 * alloc.c, sudo.h: add easprintf() and evasprintf(), error checking
11254 versions of asprintf() and vasprintf()
11256 1999-07-22 09:14 millert
11258 * TODO: remove 2 items. One done, one won't do.
11260 1999-07-22 09:10 millert
11262 * sudo.man, visudo.man, sudo.cat, sudo.html, sudoers.html,
11263 visudo.cat, visudo.html, configure, lex.yy.c: regen
11265 1999-07-22 09:06 millert
11267 * CHANGES: new changes
11269 1999-07-22 09:01 millert
11271 * sudo.pod: o Document -K flag and update meaning of -k flag. o
11272 BSD-style copyright o Document clearing of BIND resolver
11273 environment variables o Clarify bit about shared libs o suggest
11274 rc files create /tmp/.odus if your OS gives away files
11276 1999-07-22 08:59 millert
11278 * visudo.pod: BSD license
11280 1999-07-22 08:58 millert
11282 * tgetpass.c: o BSD copyright o no need to block signals, we now do
11283 that in main() o cosmetic changes
11285 1999-07-22 08:57 millert
11287 * testsudoers.c, visudo.c: o BSD-style copyright o Use "struct
11288 sudo_user" instead of old globals. o some cometic cleanup
11290 1999-07-22 08:56 millert
11292 * sudo_setenv.c, version.h: BSD-style copyright
11294 1999-07-22 08:56 millert
11296 * sudo.h: o BSD copyright o logging and parser bits moved to their
11297 own .h files o new "struct sudo_user" to encapsulate many of the
11300 1999-07-22 08:55 millert
11302 * sudo.c: o no longer contains sudo 1.1/1.2 code o BSD copyright o
11303 use new logging routines o simplified flow of control o BIND
11304 resolver additions to badenv_table
11306 1999-07-22 08:53 millert
11308 * strerror.c: BSD-style copyright
11310 1999-07-22 08:53 millert
11312 * snprintf.c: Now compiles on more K&R compilers
11314 1999-07-22 08:52 millert
11316 * putenv.c: BSD-style copyright, cosmetic changes
11318 1999-07-22 08:51 millert
11320 * parse.c, parse.yacc, parse.h, parse.lex: BSD-style copyright.
11321 Move parser-specific defines and structs into parse.h + other
11324 1999-07-22 08:51 millert
11326 * logging.h: defines for logging routines
11328 1999-07-22 08:49 millert
11330 * ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
11331 interfaces.h, pathnames.h.in: BSD-style copyright
11333 1999-07-22 08:48 millert
11335 * find_path.c, getspwuid.c, goodpath.c, interfaces.c: BSD-style
11336 copyright, cosmetic changes
11338 1999-07-22 08:46 millert
11340 * configure.in: o tgetpass.c is no longer optional o kill DCE_OBJS,
11341 add AUTH_OBJS o kill --disable-tgetpass o add --without-passwd o
11342 changes to fill in AUTH_OBJS for new auth api o check for
11343 strerror(), v?snprintf() and v?asprintf() o replace
11344 --with-AuthSRV with --with-fwtk
11346 1999-07-22 08:43 millert
11348 * config.h.in: BSD-style copyright. Remove USE_GETPASS and
11349 HAVE_UTIME_NULL. Add HAVE_FWTK, HAVE_STRERROR, HAVE_SNPRINTF,
11350 HAVE_VSNPRINTF, HAVE_ASPRINTF, HAVE_VASPRINTF, WITHOUT_PASSWD and
11353 1999-07-22 08:42 millert
11355 * compat.h: BSD-style copyright; Add S_IFLNK and MIN/MAX id they
11358 1999-07-22 08:39 millert
11360 * alloc.c: BSD-style copyright
11362 1999-07-22 08:38 millert
11364 * TROUBLESHOOTING: no more --with-getpass
11366 1999-07-22 08:34 millert
11368 * TODO: Take out things I've done...
11370 1999-07-22 08:34 millert
11372 * README: Refer to LICENSE
11374 1999-07-22 08:34 millert
11376 * PORTING: --with-getpass no longer exists
11378 1999-07-22 08:33 millert
11380 * Makefile.in: BSD-style copyright. Update to reflect reality wrt
11381 new files and new auth modules.
11383 1999-07-22 08:32 millert
11385 * INSTALL: Remove --with-AuthSRV and --disable-tgetpass. Add
11386 --with-fwtk and --without-passwd.
11388 1999-07-22 08:31 millert
11390 * HISTORY: Update history a bit
11392 1999-07-22 08:29 millert
11394 * COPYING, LICENSE: Now distributed under a BSD-style license
11396 1999-07-22 08:28 millert
11398 * auth/sudo_auth.c: o BSD-style copyright o Add support for
11399 NO_PASSWD/WITHOUT_PASSWD options. o skey/opie replaced by
11400 rfc1938 code o new struct sudo_user global
11402 1999-07-22 08:25 millert
11404 * auth/: pam.c, sia.c: BSD-style copyright and use new log
11407 1999-07-22 08:24 millert
11409 * auth/kerb5.c: o BSD-style copyright o Use new log functiongs o
11410 Use asprintf() and snprintf() where sensible.
11412 1999-07-22 08:19 millert
11414 * check.c: Rewrote all the old sudo 1.1/1.2 code. Timestamp
11415 handling is now done more reasonably--better sanity checks and
11416 tty-based stamps are now done as files in a directory with the
11417 same name as the invoking user, eg. /var/run/sudo/millert/ttyp1.
11418 It is not currently possible to mix tty and non-tty based ticket
11419 schemes but this may change in the future (it requires sudo to
11420 use a directory instead of a file in the non-tty case). Also,
11421 ``sudo -k'' now sets the ticket back to the epoch and ``sudo -K''
11422 really deletes the file. That way you don't get the lecture
11423 again just because you killed your ticket in .logout. BSD-style
11426 1999-07-22 08:13 millert
11428 * logging.c: o rewritten logging routines. log_error() now takes
11429 printf-style varargs and log_auth() for the return value of
11430 validate(). o BSD-style copyright
11432 1999-07-22 07:04 millert
11434 * auth.c, check_sia.c, dce_pwent.c, secureware.c: superceded by new
11437 1999-07-22 07:02 millert
11439 * auth/fwtk.c: Use snprintf() where it makes sense and add a
11440 BSD-style copyright
11442 1999-07-22 07:00 millert
11444 * auth/: afs.c, aix_auth.c, dce.c, passwd.c, rfc1938.c,
11445 secureware.c, securid.c, sudo_auth.h, kerb4.c: BSD-style
11448 1999-07-22 06:57 millert
11450 * emul/utime.h, utime.c: BSD-style copyright
11452 1999-07-22 06:57 millert
11454 * emul/search.h: this has been rewritten so use my BSD-style
11457 1999-07-15 11:21 millert
11459 * snprintf.c: include malloc.h if no stdlib.h
11461 1999-07-15 10:21 millert
11463 * snprintf.c: KTH snprintf()/asprintf() for systems w/o them
11465 1999-07-15 10:20 millert
11467 * strerror.c: strerror() for systems w/o it
11469 1999-07-12 06:53 millert
11471 * visudo.c: stylistic changes
11473 1999-07-12 06:25 millert
11475 * parse.c, parse.lex, parse.yacc: Add contribution info in the main
11478 1999-07-11 16:10 millert
11480 * auth/pam.c: remove missed ref to PAM_nullpw
11482 1999-07-11 16:10 millert
11484 * auth/sudo_auth.h: pasto
11486 1999-07-11 15:19 millert
11488 * auth/kerb5.c: more or less complete now--still untested
11490 1999-07-11 15:09 millert
11492 * auth/: afs.c, pam.c: don't use user_name macro, it will go away
11494 1999-07-11 14:42 millert
11496 * auth/: opie.c, rfc1938.c, sudo_auth.h, skey.c: combine skey/opie
11497 code into rfc1938.c
11499 1999-07-11 07:22 millert
11501 * auth/: dce.c, sudo_auth.h: DCE authentication method; basically
11502 unchanged from dce_pwent.c
11504 1999-07-11 06:44 millert
11506 * auth/: aix_auth.c, sudo_auth.h: AIX authenticate() support.
11507 Could probably be much better
11509 1999-07-11 06:43 millert
11511 * auth/sia.c: Fix an uninitialized variable and some cleanup. Now
11514 1999-07-11 05:37 millert
11516 * auth/: sia.c, sudo_auth.h: SIA support for digital unix
11518 1999-07-11 05:33 millert
11520 * auth/pam.c: don't use prompt global, it will go away
11522 1999-07-11 05:32 millert
11524 * auth/secureware.c: correct copyright years
11526 1999-07-10 20:32 millert
11528 * auth/: afs.c, fwtk.c, kerb4.c, sudo_auth.h, kerb5.c, opie.c,
11529 pam.c, passwd.c, secureware.c, securid.c, skey.c, sudo_auth.c:
11530 New authentication API and methods
11532 1999-07-08 06:46 millert
11534 * parse.yacc: only save an entry if user_matches && host_matches,
11535 even if the stack is empty (fix for previous commit)
11537 1999-07-08 06:35 millert
11539 * parse.yacc: 1) Always save an entry on the stack if it is empty.
11540 This fixes the -l and -v flags that were broken by earlier parser
11543 2) In a Runas list, don't negate FALSE -> TRUE since that would
11544 make !foo match any time the user specified a runas user (via -u)
11547 1999-07-08 05:45 millert
11549 * testsudoers.c: interfaces and num_interfaces are now auto, not
11552 1999-07-07 14:09 millert
11554 * auth.c: use a static global to keep stae about empty passwords
11556 1999-07-07 14:08 millert
11558 * check_sia.c: make PASSWORD_NOT_CORRECT logging consistent with
11561 1999-07-05 16:53 millert
11563 * auth.c: PAM prompt code was wrong, looks like we have to kludge
11566 1999-07-05 16:35 millert
11568 * auth.c: In the PAM code, when a user hits return at the first
11569 password prompt, exit without a warning just like the normal auth
11572 1999-07-05 16:15 millert
11574 * configure, configure.in: kludge around cross-compiler false
11577 1999-07-05 16:14 millert
11579 * auth.c, check.c, check_sia.c, logging.c, sudo.h, tgetpass.c: New
11580 (correct) PAM code Tgetpass now takes an echo flag for use with
11581 PAM_PROMPT_ECHO_ON Block SIGINT and SIGTSTP during auth remove a
11582 useless umask setting Change error from BAD_ALLOCATION ->
11583 BAD_AUTH_INIT (for use with sia/PAM) Some cosmetic changes to
11584 auth.c for consistency
11586 1999-07-05 16:11 millert
11588 * sudo.c: Some -Wall and kill some trailing spaces
11590 1999-07-05 16:10 millert
11592 * configure.in: define -D__EXTENSIONS__ for solaris so we get
11595 1999-06-22 09:42 millert
11597 * RUNSON: add Dynix 4.4.4
11599 1999-06-22 09:30 millert
11601 * INSTALL, config.h.in, configure.in, configure: for kerberos V <
11602 version, fall back on old kerb4 auth code
11604 1999-06-22 06:41 millert
11606 * INSTALL: clarify some things
11608 1999-06-22 06:38 millert
11610 * UPGRADE, sudoers.cat, sudoers.man, sudoers.pod: typos
11612 1999-06-14 19:47 millert
11614 * sudo.c: mention why DONT_LEAK_PATH_INFO is not the default
11616 1999-06-03 12:34 millert
11618 * tgetpass.c: Fix open(2) return value checking, was NULL for
11619 fopen, should be -1 for open
11621 1999-06-03 12:06 millert
11625 1999-06-03 12:06 millert
11627 * configure.in: better wording for solaris pam notice
11629 1999-06-03 11:52 millert
11631 * CHANGES: document recent changes
11633 1999-06-03 11:52 millert
11635 * TROUBLESHOOTING: Update shadow password section
11637 1999-06-03 11:51 millert
11639 * auth.c: move authentication code from check.c to auth.c
11641 1999-06-03 11:51 millert
11643 * Makefile.in, check.c, sudo.h: move authentication code to auth.c
11645 1999-05-16 21:36 millert
11647 * Makefile.in, check.c, check_sia.c, compat.h, find_path.c,
11648 getspwuid.c, goodpath.c, interfaces.c, interfaces.h, lex.yy.c,
11649 logging.c, parse.c, parse.lex, parse.yacc, secureware.c, sudo.c,
11650 sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, visudo.c: Move
11651 interface-related defines to interfaces.h so we don't have to
11652 include <netinet/in.h> everywhere.
11654 1999-05-14 12:30 millert
11656 * CHANGES, INSTALL, TODO, check.c, compat.h, getspwuid.c,
11657 logging.c, parse.yacc, sudo.c, tgetpass.c: o Replace _PASSWD_LEN
11658 braindeath with our own SUDO_MAX_PASS.
11659 It turns out the old DES crypt does the right thing with
11661 longert than 8 characters.
11662 o Fix common typo (necesary -> necessary)
11665 1999-05-03 12:00 millert
11667 * sudo.c: set $LOGNAME when we set $USER
11669 1999-04-27 00:00 millert
11671 * INSTALL: add comment about digital unix and interfaces.c warning
11674 1999-04-15 01:12 millert
11676 * sample.sudoers: use modern paths and give examples for some of
11677 the new parser features
11679 1999-04-10 13:03 millert
11681 * parse.c: fix comment
11683 1999-04-10 00:49 millert
11685 * alloc.c, check.c, check_sia.c, dce_pwent.c, find_path.c,
11686 getspwuid.c, goodpath.c, interfaces.c, lex.yy.c, logging.c,
11687 parse.c, parse.lex, parse.yacc, putenv.c, secureware.c, sudo.c,
11688 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
11689 Function names should be flush with the start of the line so they
11690 can be found trivially in an editor and with grep
11692 1999-04-10 00:40 millert
11694 * find_path.c, interfaces.c, lex.yy.c, parse.c, parse.lex,
11695 parse.yacc, sudo.c, testsudoers.c, tgetpass.c, visudo.c: free(3)
11696 is already void, no need to cast it
11698 1999-04-10 00:37 millert
11700 * logging.c, sudo.c, sudo.h: catch case where cmnd_safe is not set
11701 (this should not be possible)
11703 1999-04-10 00:10 millert
11705 * CHANGES, logging.c, parse.c, parse.yacc, sudo.c, sudo.h,
11706 testsudoers.c, visudo.c: Stash the "safe" path (ie: the one
11707 listed in sudoers) to the command instead of stashing the struct
11708 stat. Should be safer.
11710 1999-04-08 19:56 millert
11712 * INSTALL, Makefile.in, UPGRADE: notes on updating from an earlier
11715 1999-04-07 20:20 millert
11719 1999-04-07 19:18 millert
11721 * parse.yacc, sudo.tab.h, sudoers.cat, sudoers.html, sudoers.man,
11722 sudoers.pod: You can now specifiy a host list instead of just a
11723 host or alias. Ie: user = host1,host2,ALIAS,!host3 my_command
11726 1999-04-07 02:59 millert
11728 * testsudoers.c: Quiet -Wall
11730 1999-04-07 02:50 millert
11732 * parse.yacc: Move the push from the beginning of cmndspec to the
11733 end. This means we no longer have to do a push at the end of
11734 privilege, just reset some values.
11736 1999-04-06 20:24 millert
11738 * sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: runas-lists
11739 and NOPASSWD/PASSWD modifiers are now sticky and you can use "!"
11742 1999-04-06 14:12 millert
11744 * sudoers.pod: modernize paths and update su example based on
11747 1999-04-06 14:06 millert
11749 * sample.sudoers: New runas semantics
11751 1999-04-06 13:54 millert
11753 * CHANGES, Makefile.in, alloc.c, config.h.in, configure,
11754 configure.in, strdup.c, sudo.h: In estrdup(), do the malloc
11755 ourselves so we don't need to rely on the system strdup(3) which
11756 may or may not exist. There is now no need to provide strdup()
11757 for those w/o it. Also, the prototype for estrdup() was wrong,
11758 it returns char * and its param is const.
11760 1999-04-06 13:40 millert
11762 * getcwd.c: $Sudo tag
11764 1999-04-06 13:20 millert
11766 * check.c: buf should be prompt; Michael Robokoff
11767 <mrobo@networkcs.com>
11769 1999-04-06 01:40 millert
11771 * CHANGES, TODO, parse.yacc: It is now possible to use the '!'
11772 operator in a runas list as well as in a Cmnd_Alias, Host_Alias
11775 1999-04-06 01:38 millert
11777 * logging.c, sudo.h: Kill GLOBAL_NO_SPW_ENT (not used) and crank
11780 1999-04-06 01:08 millert
11782 * sudo.h: Definitions of *_matched were wrong--user top, not top-2
11785 1999-04-06 01:00 millert
11787 * logging.c, parse.c, parse.yacc, sudo.c, sudo.h: Add
11788 VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a
11789 command but the NOPASSWD flag was set. Make runasspec,
11790 runaslist, runasuser, and nopasswd typeless in parse.yacc Add
11791 support for '!' in the runas list Fix double printing of '%' and
11792 '+' for groups and netgroups respectively Add *_matched macros
11793 (no need for local stack variable). Should only be used directly
11794 after a pop (since top must be >= 2).
11796 1999-04-05 23:25 millert
11798 * aclocal.m4, configure.in: Add copyright, somewhat silly
11800 1999-04-05 16:57 millert
11802 * BUGS, INSTALL, Makefile.in, README, alloc.c, check.c,
11803 check_sia.c, compat.h, config.h.in, configure, configure.in,
11804 dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
11805 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
11806 lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc,
11807 pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c,
11808 sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat,
11809 sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h,
11810 visudo.c, visudo.cat, visudo.man, emul/utime.h: Crank version to
11811 1.6 and combine copyright statements
11813 1999-04-05 16:30 millert
11815 * sample.sudoers: Use ! not ^ to do negation
11817 1999-04-05 16:29 millert
11821 1999-04-05 16:28 millert
11823 * parse.yacc, parse.lex: Make runas and NOPASSWD tags persistent
11824 across entris in a command list. Add a PASSWD tag to reverse
11825 NOPASSWD. When you override a runas or *PASSWD tag the value
11826 given becomes the new default for the rest of the command list.
11828 1999-04-02 16:03 millert
11830 * CHANGES, RUNSON: update for 1.5.9
11832 1999-04-02 16:02 millert
11834 * visudo.c: Shift return value of system(3) by 8 to get real exit
11835 value and if it is not 1 or 0 print the retval along with the
11838 1999-03-30 16:45 millert
11840 * Makefile.in: testsudoers needs LIBOBJS too
11842 1999-03-30 12:17 millert
11844 * parse.c, parse.yacc: Fix another parser bug. For a sudoers entry
11845 like this: millert ALL=/bin/ls,(daemon) !/bin/ls sudo
11846 would not allow millert to run ls as root.
11848 1999-03-30 01:08 millert
11850 * CHANGES: new change
11852 1999-03-30 01:03 millert
11854 * parse.yacc: Save entries that match a ! command on the matching
11857 1999-03-30 01:01 millert
11859 * sudo.c: Make sudo's usage info better when mutually exclusive
11860 args are given and don't rely on argument order to detect this;
11863 1999-03-29 15:03 millert
11865 * CHANGES, Makefile.in, RUNSON: updates from CU
11867 1999-03-28 23:38 millert
11869 * Makefile.in: use gzip
11871 1999-03-28 23:31 millert
11873 * parse.yacc: Fix off by one error introduced in *alloc changes
11875 1999-03-28 23:05 millert
11877 * BUGS, CHANGES, INSTALL, Makefile.in, README, alloc.c, check.c,
11878 check_sia.c, compat.h, config.h.in, configure, configure.in,
11879 dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
11880 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
11881 lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc,
11882 pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c,
11883 sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat,
11884 sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h,
11885 visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod,
11886 emul/utime.h: ++version
11888 1999-03-28 21:59 millert
11890 * Makefile.in, check.c, find_path.c, getspwuid.c, goodpath.c,
11891 interfaces.c, lex.yy.c, logging.c, parse.c, parse.lex,
11892 parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c, sudo.h,
11893 sudo_setenv.c, testsudoers.c, utime.c, visudo.c: Use
11894 emalloc/erealloc/estrdup
11896 1999-03-28 20:29 millert
11898 * alloc.c: error checking memory allocation routines
11900 1999-03-28 19:23 millert
11902 * parse.yacc: Still not right, this fixes it for real
11904 1999-03-28 19:08 millert
11906 * parse.yacc: Fix for previous commit
11908 1999-03-28 19:05 millert
11910 * CHANGES, INSTALL, parse.yacc: Fix a parser bug that was exposed
11911 when mixing different runas specs and ! commands. For example:
11912 millert ALL=(daemon) /usr/bin/whoami,!/bin/ls would
11913 allow millert to run whoami as root as well as daemon when it
11914 should just allow daemon. The problem was that comma-separated
11915 commands in a list shared the same entry on the matching stack.
11916 Now they get their own entry iff there is a full match. It may
11917 be better to just make the runas spec persistent across all
11918 commands in a list like the user and host entries of the matching
11919 stack. However, since that is a fairly major change it should
11920 gets its own minor rev increase.
11922 1999-03-28 13:50 millert
11924 * check.c, config.h.in: Simplify PAM code and fix a PAM-related
11927 1999-03-26 13:17 millert
11931 1999-03-26 13:12 millert
11933 * sample.sudoers: better su entry
11935 1999-03-26 13:10 millert
11939 1999-03-26 13:09 millert
11941 * check.c, configure.in: new pam code that works on solaris, should
11942 work on linux too; aelberg@home.com
11944 1999-03-19 14:44 millert
11946 * RUNSON: more entries
11948 1999-03-19 14:43 millert
11950 * config.h.in: only include strings.h if there is no string.h
11952 1999-03-17 15:25 millert
11954 * config.guess: Sinix is now being called ReliantUNIX;
11955 bjjackso@us.oracle.com
11957 1999-03-13 13:37 millert
11959 * sudo.c: shost must be set before log functions are called #ifdef
11962 1999-03-07 18:34 millert
11964 * CHANGES, lex.yy.c, parse.lex: Fix a bug wrt quoting characters in
11965 command args. Stop processing an arg when you hit a backslash so
11966 the quoted-character detection can catch it.
11968 1999-02-26 01:19 millert
11970 * interfaces.c: include sys/time.h; aparently AIX needs it.
11973 1999-02-23 19:43 millert
11975 * configure, configure.in: add missing case statement so
11976 --without-sendmail works
11978 1999-02-22 21:51 millert
11982 1999-02-22 15:10 millert
11984 * configure, configure.in: only search for -lsun in irix <= 4.x
11986 1999-02-22 15:01 millert
11988 * configure, configure.in: back out last configure.in change now
11989 that I've hacked autoconf to fix the real problem and add a
11992 1999-02-22 14:32 millert
11996 1999-02-22 14:05 millert
11998 * getcwd.c: add def of dirfd() for those without it
12000 1999-02-22 10:58 millert
12002 * configure.in, configure: When falling back to checking for
12003 socket() when linking with "-lsocket -lnsl" check for main()
12004 instead since autoconf has already cached the results of checking
12005 for socket() in -lsocket. This is really an autoconf bug as it
12006 should use the extra libs as part of the cache variable name.
12008 1999-02-22 10:47 millert
12010 * configure.in: typo
12012 1999-02-21 15:18 millert
12014 * configure.in: fix occurrence of $with_timeout that should be
12015 $with_password_timeout;
12016 Michael.Neef@neuroinformatik.ruhr-uni-bochum.de
12018 1999-02-17 11:40 millert
12020 * sudo.cat, sudo.html, sudo.man, sudo.pod: fix grammar;
12023 1999-02-11 01:41 millert
12025 * parse.yacc, sudo.c, testsudoers.c: add cast for strdup in places
12026 it does not have it
12028 1999-02-09 13:11 millert
12030 * configure, configure.in: define for_BSD_TYPES irix
12032 1999-02-06 19:47 millert
12034 * Makefile.in, sudo.cat, sudo.html, sudo.man, sudo.pod: Make it
12035 clear that it is the user's password, not root's, that we want.
12037 1999-02-06 19:43 millert
12039 * check.c, sudo.h: If the user enters an empty password and really
12040 has no password, accept the empty password they entered.
12041 Perviously, they could enter anything *but* an empty password.
12042 Also, add GETPASS macro that calls either tgetpass() or getpass()
12043 depending on how sudo was configured. Problem noted by
12044 jdg@maths.qmw.ac.uk
12046 1999-02-02 23:32 millert
12048 * Makefile.in, check.c, check_sia.c, compat.h, config.h.in,
12049 dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
12050 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
12051 logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in,
12052 putenv.c, secureware.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c,
12053 testsudoers.c, tgetpass.c, utime.c, version.h, visudo.c,
12054 emul/utime.h: add explicate copyright
12056 1999-02-02 23:16 millert
12058 * CHANGES: mention -lsocket, -lnsl configure changes
12060 1999-02-02 17:54 millert
12062 * sudo.c: Don't clobber errno after calling check_sudoers().
12064 1999-01-31 19:46 millert
12066 * configure.in, configure: When linking with both -lsocket and
12067 -lnsl be sure to do so in that order. Also, when we can't find
12068 socket() or inet_addr() and have to try linking with both libs,
12071 1999-01-31 19:45 millert
12073 * sudo.cat, sudo.man, sudo.pod: clarify bad timestamp and fmt
12075 1999-01-23 12:18 millert
12077 * INSTALL, RUNSON: be clear that pam is linux-only and add a RUNSON
12080 1999-01-22 13:13 millert
12082 * configure, CHANGES, INSTALL, configure.in: fix and correctly
12083 document --with-umask; problem noted by adap@adap.org
12085 1999-01-19 20:38 millert
12087 * configure.in, configure: only use /usr/{man,catman}/local to
12088 store man pages if suer didn't override prefix or mandir
12090 1999-01-19 20:24 millert
12092 * configure, INSTALL, configure.in: fix typo, make --with-SecurID
12095 1999-01-18 21:53 millert
12097 * RUNSON: updates from users
12099 1999-01-18 21:04 millert
12101 * CHANGES, INSTALL, check.c, configure, configure.in: FWTK
12102 'authsrv' support from Kevin Kadow <kadow@MSG.NET>
12104 1999-01-18 20:00 millert
12106 * configure, configure.in: better fix for the problem of unresolved
12107 symbols in -lnsl or -lsocket
12109 1999-01-18 19:39 millert
12111 * configure, configure.in: when checking for functions in -lnsl and
12112 -lsocket link with both of them to avoid unresolved symbols on
12113 some weirdo systems
12115 1999-01-17 20:49 millert
12117 * BUGS, CHANGES, RUNSON, TODO: old changes that didn't make it into
12118 RCS before the RCS->CVS switch
12120 1999-01-17 18:16 millert
12122 * Makefile.in, check.c, check_sia.c, compat.h, config.h.in,
12123 configure.in, dce_pwent.c, find_path.c, getspwuid.c, goodpath.c,
12124 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
12125 interfaces.c, lex.yy.c, logging.c, lsearch.c, parse.c, parse.lex,
12126 parse.yacc, pathnames.h.in, putenv.c, secureware.c, strdup.c,
12127 sudo.c, sudo.pod, sudo_setenv.c, sudoers.pod, testsudoers.c,
12128 tgetpass.c, utime.c, visudo.c, visudo.pod, emul/search.h,
12129 emul/utime.h: add sudo tags
12131 1999-01-17 17:53 millert
12133 * version.h, sudo.h: testing Sudo tag
12135 1999-01-17 17:40 millert
12137 * BUGS, INSTALL, Makefile.in, README, check.c, check_sia.c,
12138 compat.h, config.h.in, configure, configure.in, dce_pwent.c,
12139 find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h,
12140 ins_csops.h, ins_goons.h, insults.h, interfaces.c, lex.yy.c,
12141 logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in,
12142 putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, sudo.h,
12143 sudo.man, sudo_setenv.c, sudoers.cat, sudoers.man, testsudoers.c,
12144 tgetpass.c, utime.c, version.h, visudo.c, visudo.cat, visudo.man,
12145 emul/utime.h: crank version and regen files
12147 1999-01-17 17:27 millert
12149 * Makefile.in: kill rcs goop in update_version and fix now that
12152 1999-01-17 17:08 millert
12154 * INSTALL, check.c, config.h.in, configure, configure.in,
12155 logging.c, sudo.c, sudo.h, sudo.pod: kerb5 support from
12156 fcusack@iconnet.net
12158 1999-01-17 16:45 millert
12160 * realpath.c, sudo_realpath.c: we no longer use realpath
12162 1999-01-17 16:44 millert
12164 * qualify.c: replaced by find_path.c
12166 1999-01-17 16:43 millert
12168 * options.h: all options are now configure flags
12170 1999-01-17 16:42 millert
12174 1999-01-17 16:41 millert
12176 * getwd.c: superceded by getcwd.c
12178 1999-01-17 16:36 millert
12180 * getpass.c: superceded by tgetpass.c
12182 1999-01-17 16:36 millert
12184 * SUPPORTED: superceded by RUNSON
12186 1999-01-17 16:33 millert
12188 * OPTIONS: No longer used now that we have configure options for
12191 1999-01-17 16:32 millert
12193 * configure: regen based on configure.in
12195 1999-01-17 16:31 millert
12197 * sudo.man, sudoers.man, visudo.man, sudo.cat, sudo.html,
12198 sudoers.cat, visudo.cat, sudoers.html, visudo.html: regen based
12199 on sudo.pod, sudoers.pod, and visudo.pod
12201 1998-12-11 12:16 millert
12203 * check.c: fix tty tickets in remove_timestamp (didn't use ':')
12205 1998-12-07 16:16 millert
12207 * interfaces.c: close sock when we are done with it
12209 1998-11-27 19:37 millert
12211 * parse.yacc: never say "error on line -1"
12213 1998-11-23 23:38 millert
12215 * configure.in: check for -lnsl before -lsocket
12217 1998-11-23 23:29 millert
12219 * configure.in: quote '[', ']' used in ranges correctly
12221 1998-11-21 17:54 millert
12223 * config.h.in: add missing NO_ROOT_SUDO noted by drno@tsd.edu
12225 1998-11-20 18:33 millert
12229 1998-11-20 18:33 millert
12231 * INSTALL: more info for 1.5.7
12233 1998-11-20 18:30 millert
12235 * README: update for 1.5.7
12237 1998-11-20 14:26 millert
12239 * parse.yacc: make increases of cm_list_size and ga_list_size be
12240 similar to increases of stacksize (ie: >= not > in initial
12243 1998-11-20 14:22 millert
12245 * parse.yacc: when we get a syntax error, report it for the
12246 previous line since that's generally where the error occurred.
12248 1998-11-18 15:31 millert
12250 * config.h.in, configure.in, interfaces.c: add back check for
12251 sys/sockio.h but only use it if SIOCGIFCONF is not defined
12253 1998-11-18 15:25 millert
12255 * config.h.in: define BSD_COMP for svr4
12257 1998-11-17 23:16 millert
12259 * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c,
12260 goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c,
12261 parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c,
12262 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: more
12265 1998-11-17 23:10 millert
12267 * configure.in: kill check for sockio,h
12269 1998-11-17 23:10 millert
12271 * config.h.in: no more HAVE_SYS_SOCKIO_H
12273 1998-11-17 22:51 millert
12275 * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c,
12276 goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c,
12277 parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c,
12278 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
12281 1998-11-16 17:38 millert
12283 * sudo.c: add missing inform_user()
12285 1998-11-13 19:21 millert
12287 * find_path.c: return NOT_FOUND if given fully qualified path and
12288 it does not exist previously it would perror(ENOENT) which
12289 bypasses the option to not leak path info
12291 1998-11-13 19:20 millert
12293 * configure.in: for kerb5, check for -lkerb4, fall back on -lkrb
12294 for kerb, check for -ldes
12296 1998-11-13 14:19 millert
12298 * INSTALL: tty tickets are user:tty now
12300 1998-11-13 14:10 millert
12302 * check.c: when using tty tickets make it user:tty not user.tty as
12303 a username could have a '.' in it
12305 1998-11-09 19:15 millert
12307 * sudo.c: add "ignoring foo found in ." for auth successful case
12309 1998-11-09 17:57 millert
12311 * sudo.c: add missing printf param
12313 1998-11-08 15:56 millert
12315 * INSTALL, config.h.in, configure.in, find_path.c, sudo.c, sudo.h:
12316 go back to printing "command not found" unless
12317 --disable-path-info specified. Also, tell user when we ignore
12318 '.' in their path and it would have been used but for
12321 1998-11-08 13:51 millert
12323 * check.c, sudo.c: Only one space after a colon, not two, in
12326 1998-11-05 12:59 millert
12328 * sudo.pod: document setting $USER
12330 1998-11-04 22:24 millert
12332 * check.c: fix bugs with prompt expansion
12334 1998-11-04 21:21 millert
12336 * sudo.c: set $USER for root too
12338 1998-11-04 17:13 millert
12340 * getspwuid.c: typo
12342 1998-11-04 17:07 millert
12344 * configure.in: HP-UX's iscomsec is in -lsec, not libc
12346 1998-11-03 22:24 millert
12348 * configure.in: remove some entries in the OS case statement that
12351 1998-11-03 22:19 millert
12353 * TROUBLESHOOTING: add "cd" section and flush out syslog section
12355 1998-11-03 20:51 millert
12357 * Makefile.in: no more sudo-lex.yy.c
12359 1998-11-03 20:50 millert
12361 * check_sia.c: add custom prompt support
12363 1998-11-03 20:40 millert
12365 * sudo.c: kill perror("malloc") since we already have a good error
12366 messages pw_ent -> pw for brevity set $USER if -u specified
12368 1998-11-03 20:39 millert
12370 * parse.c: kill perror("malloc") since we already have a good error
12371 messages pw_ent -> pw for brevity when checking if %group
12372 matches, look up user in password file so that %groups works in a
12375 1998-11-03 20:39 millert
12377 * logging.c, parse.yacc: kill perror("malloc") since we already
12378 have a good error messages
12380 1998-11-03 20:38 millert
12382 * check.c, getspwuid.c, interfaces.c, testsudoers.c: kill
12383 perror("malloc") since we already have a good error messages
12384 pw_ent -> pw for brevity
12386 1998-11-03 15:03 millert
12388 * tgetpass.c: the prompt is expanded before tgetpass is called
12390 1998-11-03 15:03 millert
12392 * sudo.h: tgetpass now has the same args as getpass again
12394 1998-11-03 15:02 millert
12396 * getspwuid.c: add iscomsec, issecure support
12398 1998-11-03 15:02 millert
12400 * check.c: we now expand any %h or %u in the prompt before passing
12403 1998-11-03 14:58 millert
12405 * configure.in: add check for syslog(3) in -lsocket, -lnsl, -linet
12407 1998-11-03 14:56 millert
12409 * config.h.in: add HAVE_ISCOMSEC and HAVE_ISSECURE
12411 1998-11-03 14:55 millert
12413 * configure.in: add check for iscomsec in HP-UX
12415 1998-11-03 14:51 millert
12417 * configure.in: check for issecure if we have getpwanam on SunOS
12418 some options are incompatible with DUNIX SIA check for dispcrypt
12421 1998-10-25 15:21 millert
12423 * config.h.in: add HAVE_DISPCRYPT
12425 1998-10-25 15:21 millert
12427 * secureware.c: add back support for non-dispcrypt based checking
12430 1998-10-25 00:51 millert
12432 * INSTALL: sia changes
12434 1998-10-25 00:48 millert
12436 * configure.in: SIA becomes the default on Digital UNIX now havbe
12437 --disable-sia to turn it off...
12439 1998-10-24 23:52 millert
12441 * check.c: move local includes after system ones
12443 1998-10-24 19:28 millert
12445 * check.c, check_sia.c, sudo.h: add pass_warn() which prints out
12446 INCORRECT_PASSWORD or an insult to stderr
12448 1998-10-24 19:07 millert
12450 * check_sia.c: fix while loop in sia_attempt_auth() that checks the
12451 password. Only the first iteration was working.
12453 1998-10-21 21:00 millert
12455 * aclocal.m4: don't trust UID_MAX or MAXUID
12457 1998-10-21 20:35 millert
12459 * configure.in: fix two pastos
12461 1998-10-21 20:30 millert
12463 * configure.in: fix typo
12465 1998-10-21 20:19 millert
12467 * getspwuid.c, secureware.c: init crypt_type to INT_MAX since it is
12468 legal to be negative in DUNX 5.0
12470 1998-10-21 20:15 millert
12472 * configure.in: for secureware on dunix, use -lsecurity -ldb -laud
12473 -lm but check for -ldb since DUNX < 4.0 lacks it
12475 1998-10-21 19:50 millert
12477 * check.c, compat.h, config.h.in, configure.in, getspwuid.c,
12478 secureware.c, sudo.c, tgetpass.c: getprpwuid is broken in HP-UX
12479 10.20 at least (it sleeps for 2 minutes if the shadow files don't
12482 1998-10-20 17:22 millert
12484 * INSTALL: updated --with-editor blurb
12486 1998-10-20 17:21 millert
12488 * TROUBLESHOOTING: tell how to put sudoers in a different dir
12490 1998-10-20 16:22 millert
12492 * configure.in: add missing quotes around $with_editor
12494 1998-10-20 14:00 millert
12496 * configure.in: typo in --with-editor bits
12498 1998-10-20 01:24 millert
12500 * INSTALL: I don't expect it to work on Solaris
12502 1998-10-20 01:24 millert
12504 * check.c: add back security/pam_misc.h
12506 1998-10-19 17:13 millert
12508 * INSTALL: remove dunix note since configure checks for this now
12510 1998-10-19 16:30 millert
12512 * configure.in: add check for broken dunix prot.h (4.0 < 4.0D is
12515 1998-10-19 14:32 millert
12517 * getspwuid.c, secureware.c, tgetpass.c: new dunix shadow code, use
12520 1998-10-19 14:32 millert
12522 * config.h.in: add HAVE_INITPRIVS
12524 1998-10-19 14:31 millert
12526 * sudo.c: call initprivs() if we have it for getprpwuid later on
12528 1998-10-19 14:30 millert
12530 * Makefile.in: clean pathnames.h too
12532 1998-10-19 14:28 millert
12534 * configure.in: quote "Sorry, try again." with [] since it has a
12535 comma in it set LIBS when we add stuff to SUDO_LIBS set
12536 SECUREWARE when we find getprpwuid() so we can check for
12537 bigcrypt, set_auth_parameters, and initprivs later.
12539 1998-10-19 13:48 millert
12541 * INSTALL: update Digital UNIX note about acl.h
12543 1998-10-18 20:26 millert
12545 * INSTALL: add --with-sia --without-root-sudo ->
12546 --disable-root-sudo some reordering
12548 1998-10-18 20:22 millert
12550 * secureware.c: add whitespace
12552 1998-10-18 20:22 millert
12554 * Makefile.in, check.c, config.h.in, configure.in, logging.c,
12555 sudo.h: add SIA support
12557 1998-10-18 20:21 millert
12559 * check_sia.c: Initial revision
12561 1998-10-18 19:42 millert
12563 * configure.in: when checking for -lsocket, -lnsl, and -linet,
12564 check for the specific functions we need from them.
12566 1998-10-18 19:10 millert
12568 * config.h.in, sudo.h: move Syslog_* defs into sudo.h
12570 1998-10-18 18:15 millert
12572 * sudo.h, Makefile.in: added check_secureware
12574 1998-10-18 18:12 millert
12576 * configure.in: finished adding AC_MSG_CHECKING and AC_MSG_RESULT
12579 1998-10-18 18:00 millert
12581 * insults.h: don't define CLASSIC_INSULTS and CSOPS_INSULTS if no
12582 other sets defined. configure now does that for us
12584 1998-10-18 17:45 millert
12586 * configure.in: move some --with options around change a bunch of
12587 echo's to AC_MSG_CHECKING, AC_MSG_RESULT pairs
12589 1998-10-18 01:09 millert
12591 * configure.in: change $with_foo-bar -> $with_foo_bar kill extra "
12592 that caused a syntax error add some echo verbage
12594 1998-10-17 18:08 millert
12596 * check.c: moved SecureWare stuff into secureware.c
12598 1998-10-17 18:07 millert
12600 * secureware.c: Initial revision
12602 1998-10-17 17:02 millert
12604 * INSTALL: update url to solaris gcc bins
12606 1998-10-17 16:39 millert
12608 * INSTALL: change option formatter and flesh out someentries
12610 1998-10-17 16:18 millert
12612 * sudo.pod, visudo.pod, TROUBLESHOOTING: environmental variable ->
12613 environment variable
12615 1998-10-17 16:01 millert
12617 * BUGS: everything is now done via configure
12619 1998-10-17 16:00 millert
12621 * README: prev rev was 1.5.6
12623 1998-10-17 00:33 millert
12625 * Makefile.in: passing SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID
12628 1998-10-17 00:32 millert
12630 * config.h.in: SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID now come from
12633 1998-10-17 00:31 millert
12635 * Makefile.in: merge OSDEFS and OPTIONS into DEFS get sudoers_uid,
12636 sudoers_gid, sudoers_mode from configure
12638 1998-10-17 00:30 millert
12640 * configure.in: SUDOERS_MODE, SUDOERS_UID, and SUDOERS_GID now get
12641 substituted into the Makefile, not config.h
12643 1998-10-17 00:30 millert
12645 * INSTALL: document all --with/--enable options
12647 1998-10-15 02:25 millert
12649 * insults.h: options.h is no more
12651 1998-10-15 02:25 millert
12653 * config.h.in: assimilated options.h
12655 1998-10-15 02:24 millert
12657 * configure.in: moved options from options.h to configure
12659 1998-10-15 01:41 millert
12661 * check.c, find_path.c, getspwuid.c, goodpath.c, interfaces.c,
12662 logging.c, parse.c, parse.lex, parse.yacc, sudo.c, sudo.pod,
12663 sudo_setenv.c, visudo.c: no more options.h
12665 1998-10-15 01:39 millert
12667 * INSTALL, Makefile.in, PORTING, TROUBLESHOOTING: remove references
12670 1998-10-15 01:32 millert
12672 * interfaces.c, dce_pwent.c, sudo.c: kill sys/time.h
12674 1998-10-15 00:10 millert
12676 * tgetpass.c: if select return < -1 still prompt for pw
12678 1998-10-15 00:03 millert
12680 * options.h: convert LOGGING, LOGFAC, MAXLOGFILELEN,
12681 IGNORE_DOT_PATH into configure options
12683 1998-10-14 23:57 millert
12685 * parse.c: FAST_MATCH is no longer an optino
12687 1998-10-14 23:52 millert
12689 * check.c: remove_timestamp() if timestamp is preposterous
12691 1998-10-14 23:36 millert
12693 * options.h: convert more options to --with/--enable
12695 1998-10-14 23:36 millert
12697 * INSTALL, aclocal.m4: logfile -> logpath
12699 1998-10-14 23:31 millert
12701 * configure.in: convert more options into --with and --enable
12703 1998-10-14 23:28 millert
12705 * tgetpass.c: catch EINTR in select and restart
12707 1998-10-14 23:15 millert
12709 * logging.c: sys/errno -> errno
12711 1998-09-24 11:40 millert
12713 * sudo.c: UMASK -> SUDO_UMASK.
12715 1998-09-24 11:36 millert
12717 * check.c, logging.c: time.h, not sys/time.h
12719 1998-09-21 19:52 millert
12721 * logging.c: MAILER -> _PATH_SENDMAIL
12723 1998-09-21 00:06 millert
12725 * INSTALL, configure.in: no more --with-C2, now it is
12728 1998-09-21 00:00 millert
12730 * aclocal.m4, check.c, compat.h, config.h.in, configure.in,
12731 getspwuid.c, sudo.c, tgetpass.c: new shadow password scheme.
12732 Always include shadow support if the platform supports it and the
12733 user did not disable it via configure
12735 1998-09-20 19:48 millert
12737 * configure.in: --with-getpass -> --{enable,disable}-tgetpass
12739 1998-09-20 19:16 millert
12741 * Makefile.in: pathnames.h -> pathnames.h.in
12743 1998-09-20 19:14 millert
12745 * check.c: fix version string
12747 1998-09-20 19:12 millert
12749 * check.c: move pam_conv to be static to auth function remove
12750 pam_misc.h (solaris doesn't have one)
12752 1998-09-20 19:10 millert
12754 * aclocal.m4: _CONFIG_PATH_* -> _PATH_* or _PATH_SUDO_* kill
12757 1998-09-20 19:10 millert
12759 * configure.in: munge pathnames.h.in -> pathnames.h kill
12762 1998-09-20 19:10 millert
12764 * pathnames.h.in: convert to pathnames.h.in
12766 1998-09-18 20:20 millert
12768 * configure.in: fix typo in sysv4 matching case /.
12770 1998-09-18 01:29 millert
12772 * check.c: pam stuff needs to run as root, not user, for shadow
12775 1998-09-17 12:26 millert
12777 * Makefile.in, emul/utime.h, check.c, compat.h, config.h.in,
12778 dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
12779 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
12780 logging.c, options.h, parse.c, parse.lex, parse.yacc,
12781 pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
12782 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c,
12783 BUGS, INSTALL, README, configure.in: updated version
12785 1998-09-17 12:13 millert
12787 * check.c: user version.h for long message
12789 1998-09-17 11:53 millert
12791 * check.c: this is version 1.5.6
12793 1998-09-16 13:42 millert
12795 * Makefile.in: remove errant backslash
12797 1998-09-14 22:25 millert
12799 * options.h, parse.yacc, pathnames.h.in: fix version string
12801 1998-09-14 22:02 millert
12803 * BUGS, CHANGES, TODO: updtaed for 1.5.6
12805 1998-09-14 22:02 millert
12807 * RUNSON: updated for 1.5.6
12809 1998-09-14 11:48 millert
12811 * interfaces.c: kill unused localhost_mask var copy if name to
12812 ifr_tmp after we zero it
12814 1998-09-13 15:50 millert
12816 * INSTALL: Better description of new vs. old sudoers modes fix some
12817 typos better description of /usr/ucb/cc gotchas on slowaris
12819 1998-09-13 15:49 millert
12821 * Makefile.in: add sample.pam
12823 1998-09-13 15:32 millert
12825 * sudo.c: set NewArgv[0] to user_shell, not basename(user_shell)
12827 1998-09-12 11:10 millert
12829 * README: mention TROUBLESHOOTING more fix some typos
12831 1998-09-11 20:30 millert
12833 * configure.in: move --enable/--disable to be after --with
12835 1998-09-11 20:30 millert
12837 * INSTALL: document --enable/--disable
12839 1998-09-11 20:26 millert
12841 * INSTALL: document --with-pam
12843 1998-09-11 19:47 millert
12845 * configure.in: Add message for pam users
12847 1998-09-11 19:27 millert
12849 * sample.pam: Initial revision
12851 1998-09-11 19:23 millert
12853 * config.h.in: fix HAVE_PAM
12855 1998-09-11 19:19 millert
12857 * check.c, config.h.in, configure.in: pam support, from Gary Calvin
12858 <GCalvin@kenwoodusa.com>
12860 1998-09-10 18:51 millert
12862 * config.h.in: add HOST_IN_LOG and WRAP_LOG
12864 1998-09-10 18:51 millert
12866 * logging.c: add WRAP_LOG and HOST_IN_LOG
12868 1998-09-10 18:37 millert
12870 * configure.in: add --enable-log-host and --enable-log-wrap
12872 1998-09-10 18:32 millert
12874 * aclocal.m4: use AC_DEFINE_UNQUOTED for --with-logfile and
12877 1998-09-08 20:45 millert
12879 * compat.h: add howmany macro
12881 1998-09-08 20:43 millert
12883 * tgetpass.c: include sys/param.h to get howmany macro
12885 1998-09-07 20:42 millert
12887 * OPTIONS, options.h, parse.yacc, sudo.c, testsudoers.c, visudo.c:
12890 1998-09-07 12:51 millert
12892 * fnmatch.c: bring in stdio.h for NULL
12894 1998-09-07 12:50 millert
12896 * aclocal.m4: allow /bin/{ksh,bach} and /usr/bin/{ksh,bash} as sh
12898 1998-09-07 12:43 millert
12900 * sudo.c: use HAVE_SET_AUTH_PARAMETERS
12902 1998-09-07 12:42 millert
12904 * config.h.in: add HAVE_SET_AUTH_PARAMETERS
12906 1998-09-07 12:41 millert
12908 * configure.in: add *-*-hiuxmpp* add test for set_auth_parameters()
12911 1998-09-07 12:39 millert
12913 * config.sub: add support for HI-UX/MPP SR220001 02-03 0 SR2201
12915 1998-09-07 12:06 millert
12917 * interfaces.c: initialize previfname
12919 1998-09-07 11:51 millert
12921 * interfaces.c: Don't use SIOCGIFADDR, we don't need it Use
12922 SIOCGIFFLAGS if we have it check ifr_flags against IFF_UP and
12923 IFF_LOOPBACK instead of kludging it
12925 1998-09-07 11:49 millert
12927 * configure.in: typo
12929 1998-09-07 00:01 millert
12931 * Makefile.in: don't need special build line for sudo.tab.o
12933 1998-09-06 23:58 millert
12935 * Makefile.in: don't clean sudo.tab.[ch]
12937 1998-09-06 23:48 millert
12939 * sudo.c: Sudo should prompt for a password before telling the user
12940 that a command could not be found.
12942 1998-09-06 23:47 millert
12946 1998-09-06 23:25 millert
12948 * INSTALL, README: no longer require yacc
12950 1998-09-06 23:19 millert
12952 * Makefile.in: typo
12954 1998-09-06 23:18 millert
12956 * Makefile.in: y.tab -> sudo.tab include pre-yacc'd parse.yacc
12958 1998-09-06 23:09 millert
12960 * parse.lex: include sudo.tab.h, not y.tab.h don't break out of
12961 command args if you get a '='
12963 1998-09-06 22:59 millert
12965 * insults.h: fix version ,
12967 1998-09-06 22:57 millert
12969 * compat.h, ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h:
12972 1998-09-06 22:55 millert
12974 * getcwd.c: getcwd(3) from OpenBSD for those without it.
12976 1998-09-06 22:51 millert
12978 * sudo.h: HAVE_GETWD -> HAVE_GETCWD
12980 1998-09-06 22:49 millert
12982 * configure.in: pretend sunos doesn't have getcwd(3) since it opens
12985 1998-09-06 22:41 millert
12987 * parse.c: use NAMLEN() macro
12989 1998-09-06 22:34 millert
12991 * fnmatch.c: remove duplicate include of string.h
12993 1998-09-06 22:28 millert
12995 * configure.in: call SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T
12997 1998-09-06 22:28 millert
12999 * aclocal.m4: add SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T
13001 1998-09-06 22:28 millert
13003 * config.h.in: add dev_t and ino_t
13005 1998-07-28 12:44 millert
13007 * check.c: fix OTP_ONLY for opie
13009 1998-06-24 12:22 millert
13011 * testsudoers.c, tgetpass.c: include stdlib.h for malloc proto
13013 1998-05-19 00:10 millert
13015 * Makefile.in: make update_version saner
13017 1998-05-18 23:32 millert
13019 * config.h.in: add HAVE_WAITPID, HAVE_WAIT3, and sudo_waitpid()
13021 1998-05-18 23:32 millert
13023 * configure.in: check for waitpid and wait3 or no waitpid
13025 1998-05-18 23:31 millert
13027 * logging.c: used waitpid or wait3 if we have 'em
13029 1998-05-02 14:16 millert
13031 * visudo.c: fix some fprintf args, ariel@oz.engr.sgi.com (Ariel
13034 1998-04-27 20:09 millert
13036 * configure.in: don't need to explicately mention -lsocket -lnsl
13039 1998-04-25 01:56 millert
13041 * configure.in: dynix should not link with -linet
13043 1998-04-10 15:32 millert
13045 * INSTALL: mention that HP-UX doesn't ship with yacc
13047 1998-04-06 22:35 millert
13049 * check.c: ignore kerberos if we can't get the local realm
13051 1998-04-05 23:37 millert
13053 * configure.in, BUGS, INSTALL, README: ++version
13055 1998-04-05 23:36 millert
13059 1998-04-05 23:35 millert
13061 * Makefile.in, emul/utime.h, check.c, config.h.in, dce_pwent.c,
13062 find_path.c, getspwuid.c, getcwd.c, goodpath.c, interfaces.c,
13063 logging.c, parse.c, parse.lex, putenv.c, strdup.c, sudo.c,
13064 sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c,
13065 visudo.c: updated version
13067 1998-04-05 23:34 millert
13069 * check.c, sudo.h: fix version
13071 1998-04-05 23:33 millert
13073 * getcwd.c: don't use popen/pclose. Do it inline.
13075 1998-04-05 23:25 millert
13077 * lsearch.c: add rcsid
13079 1998-04-05 23:21 millert
13083 1998-04-05 23:17 millert
13085 * sudo.h, pathnames.h.in, compat.h, options.h, ins_2001.h,
13086 insults.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc,
13087 check.c: updated version
13089 1998-04-05 23:15 millert
13091 * check.c, find_path.c, parse.c, sudo.c, testsudoers.c: MAX* + 1 ->
13094 1998-04-05 23:14 millert
13096 * Makefile.in: getwd.c -> getcwd.c
13098 1998-04-05 22:49 millert
13100 * config.h.in: kill HAVE_GETWD
13102 1998-04-05 22:49 millert
13104 * configure.in: getcwd, not getwd
13106 1998-04-05 22:48 millert
13108 * getcwd.c: use MAX* not MAX* + 1 always run pwd as using getwd()
13109 defeats the purpose
13111 1998-03-31 00:15 millert
13113 * OPTIONS, options.h: add STUB_LOAD_INTERFACES
13115 1998-03-31 00:05 millert
13117 * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
13118 dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
13119 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
13120 interfaces.c, logging.c, options.h, parse.c, parse.lex,
13121 parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13122 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
13125 1998-03-30 23:54 millert
13127 * configure.in: support *-ccur-sysv4 and fix two typos
13129 1998-03-27 19:52 millert
13131 * configure.in: don't echo about with_logfile and with_timedir
13133 1998-03-27 19:49 millert
13135 * INSTALL: document --with-logfile and --with-timedir
13137 1998-03-27 19:46 millert
13139 * aclocal.m4: support --with-logfile and --with-timedir
13141 1998-03-27 19:46 millert
13143 * configure.in: Add --with-logfile and --with-timedir
13145 1998-03-27 19:27 millert
13147 * sudo.c: change size computation of NewArgv for UNICOS
13149 1998-02-18 20:10 millert
13151 * configure.in: treate -*-sysv4* like *-*-svr4
13153 1998-02-18 18:19 millert
13155 * configure.in: fix spacing for --with-authenticate help
13157 1998-02-18 16:39 millert
13159 * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
13160 dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
13161 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
13162 interfaces.c, logging.c, options.h, parse.c, parse.lex,
13163 parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13164 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
13167 1998-02-18 16:23 millert
13169 * parse.yacc: fix off by one error in push macro
13171 1998-02-17 01:15 millert
13173 * configure.in: removed bogus alloca hack
13175 1998-02-17 01:15 millert
13177 * check.c: added AIX 4.x authenticate() support
13179 1998-02-17 01:11 millert
13181 * parse.yacc: include alloca.h if using bison and not gcc and it
13182 exists. fixes an alloca problem on hpux 10.x
13184 1998-02-17 00:39 millert
13186 * INSTALL: mention --with-authenticate
13188 1998-02-17 00:37 millert
13190 * configure.in: added AIX authenticate() support
13192 1998-02-17 00:22 millert
13194 * config.h.in: add HAVE_AUTHENTICATE
13196 1998-02-16 23:58 millert
13198 * interfaces.c: dynamically size ifconf buffer
13200 1998-02-16 23:56 millert
13202 * configure.in: quote '[' and ']'
13204 1998-02-16 21:42 millert
13206 * Makefile.in, emul/utime.h, check.c, compat.h, config.h.in,
13207 dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
13208 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
13209 logging.c, options.h, parse.c, parse.lex, parse.yacc,
13210 pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13211 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
13214 1998-02-16 19:06 millert
13216 * visudo.pod: add ERRORS section
13218 1998-02-16 18:57 millert
13220 * TROUBLESHOOTING: add busy stmp file explanation
13222 1998-02-15 18:49 millert
13224 * configure.in: the name of the cached var that signals whether or
13225 not you are cross compiling changed. It is now
13226 ac_cv_prog_cc_cross
13228 1998-02-11 16:26 millert
13230 * INSTALL: mention glibc 2.07 is fixed wrt lsearch()\.
13232 1998-02-06 21:55 millert
13234 * sample.sudoers, sudoers.pod: better example of su but not root su
13236 1998-02-06 15:49 millert
13238 * Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
13239 dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
13240 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
13241 interfaces.c, logging.c, options.h, parse.c, parse.lex,
13242 parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13243 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
13246 1998-02-06 15:48 millert
13248 * Makefile.in: correct regexp for updating version
13250 1998-02-06 14:05 millert
13252 * tgetpass.c: remove bogus flush of stderr spew prompt before
13253 turning off echo. Seems to fix a weird problem where if sudo
13254 complained about a bogus stamp file the user would sometimes not
13255 have a chance to enter a password
13257 1998-02-06 14:05 millert
13259 * check.c: fix bogus flush of stderr
13261 1998-02-05 19:19 millert
13263 * sudo.c: close fd's <=2 not <=3 and move that chunk of code up
13265 1998-02-05 19:18 millert
13267 * configure.in: support hpux1[0-9] not just hpux10
13269 1998-01-30 14:59 millert
13271 * parse.c: set sudoers_fp to nil after closing
13273 1998-01-24 01:05 millert
13275 * config.guess, config.sub: updated from autoconf 2.12
13277 1998-01-24 00:50 millert
13279 * configure.in: add *-*-svr4 rule
13281 1998-01-22 22:53 millert
13283 * tgetpass.c: fix select usage for high fd's (dynamically allocate
13286 1998-01-22 22:49 millert
13288 * check.c: kill extra whitespace
13290 1998-01-22 19:28 millert
13292 * sudo.c: do an initgroups() before running a command, unless the
13293 target user is root.
13295 1998-01-22 12:22 millert
13297 * TROUBLESHOOTING: tell people to use tabs, not spaces, in
13300 1998-01-21 01:56 millert
13302 * parse.lex, Makefile.in, config.h.in, getwd.c, strdup.c, putenv.c,
13303 emul/utime.h, testsudoers.c, utime.c, dce_pwent.c: updated
13306 1998-01-21 01:32 millert
13308 * goodpath.c, sudo_setenv.c, interfaces.c, tgetpass.c, visudo.c:
13311 1998-01-21 01:29 millert
13313 * sudo.h, pathnames.h.in, options.h, compat.h, insults.h,
13314 ins_2001.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc,
13315 check.c, getspwuid.c, find_path.c, logging.c, parse.c, sudo.c:
13318 1998-01-21 01:20 millert
13320 * Makefile.in: more tweaks to update_version
13322 1998-01-21 01:19 millert
13324 * Makefile.in: fixed up update_version rule
13326 1998-01-21 00:55 millert
13328 * configure.in: ++version
13330 1998-01-21 00:53 millert
13332 * Makefile.in: removed supe of check.c
13334 1998-01-21 00:51 millert
13336 * INSTALL: ++version I missed
13338 1998-01-21 00:51 millert
13342 1998-01-21 00:48 millert
13344 * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c,
13345 find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h,
13346 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
13347 logging.c, options.h, parse.c, parse.lex, parse.yacc,
13348 pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13349 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
13350 visudo.c, emul/utime.h, BUGS, INSTALL, README: updated version
13352 1998-01-21 00:47 millert
13354 * CHANGES: updated for 1.5.5
13356 1998-01-21 00:35 millert
13358 * Makefile.in: add rules to update version stuff in files so I
13359 don't need to do it by hand
13361 1998-01-21 00:04 millert
13363 * sudo.h: sudoers_fp is now extern
13365 1998-01-21 00:03 millert
13367 * sudo.c: in check_sudoers, cache the sudoers file handle in
13368 sudoers_fp so we don't have to open it again in the parse. This
13369 may help with weird solaris problems where EAGAIN sometime
13372 1998-01-21 00:02 millert
13374 * parse.c: sudoers file open is now done only in check_sudoers() so
13375 we just do a rewind() instead of an open. May help people on
13376 solaris who were getting EAGAIN.
13378 1998-01-16 11:43 millert
13380 * INSTALL: mention that newer glibc is fixed
13382 1998-01-13 12:58 millert
13384 * sudo.c: newer irix uses _RLDN32_* envariables for 32-bit binaries
13385 so ignore _RLD* instead of _RLD_*
13387 1998-01-13 10:32 millert
13391 1998-01-13 10:19 millert
13393 * parse.c: fix that bug for real
13395 1998-01-13 02:39 millert
13397 * INSTALL: document Linux's libc6 brokenness.
13399 1998-01-13 02:00 millert
13401 * parse.yacc: -Wall
13403 1998-01-13 01:22 millert
13407 1998-01-13 00:50 millert
13409 * TROUBLESHOOTING: remind people to HUP syslogd
13411 1998-01-13 00:05 millert
13413 * Makefile.in: add -O flag to tar
13415 1998-01-13 00:00 millert
13417 * TODO, RUNSON: updated
13419 1998-01-12 23:59 millert
13421 * sudo.pod: remove author's email addr. people should mail
13424 1998-01-12 23:49 millert
13426 * INSTALL: fix version
13428 1998-01-12 23:48 millert
13430 * README, check.c, compat.h, config.h.in, configure.in,
13431 dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
13432 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
13433 interfaces.c, logging.c, options.h, parse.c, parse.lex,
13434 parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13435 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
13436 visudo.c: ++version
13438 1998-01-12 23:44 millert
13442 1998-01-12 23:42 millert
13444 * INSTALL, Makefile.in: ++version
13446 1998-01-12 23:41 millert
13448 * CHANGES: updated fort 1.5.4
13450 1998-01-12 23:41 millert
13452 * check.c: exit(1) if user enters no passwd
13454 1998-01-12 23:37 millert
13458 1998-01-12 23:10 millert
13460 * parse.c: commands can start with ./* not just /* -- fixes a
13461 serious security hole.
13463 1997-12-21 18:17 millert
13465 * sudo.c: Don't set the tty variable to NULL when we lack a tty,
13466 leave it as "unknown".
13468 1997-11-23 13:29 millert
13470 * sample.sudoers: fix usage of (username) in conjunction with , and
13473 1997-11-23 13:28 millert
13475 * visudo.c: catch the case where the user is not in the passwd file
13477 1997-11-23 13:24 millert
13479 * tgetpass.c: use fileno(input) + 1 instead of getdtablesize() as
13480 the nfds arg to select(2)
13482 1997-11-23 01:53 millert
13484 * sudo.c: define tty global to an initial value to avoid dumping
13485 core in logging functions when passwd file is unavailable.
13487 1997-11-23 01:51 millert
13489 * sudo.c: do the set_perms(PERM_USER, sudo_mode) after we have
13490 gotten the passwd entry
13492 1997-11-23 00:21 millert
13494 * sudo.pod: talk about problem of ALL
13496 1997-10-10 00:54 millert
13498 * README: new web location
13500 1997-10-10 00:54 millert
13502 * INSTALL: fdesc bug is fixed in Open/Net BSD
13504 1997-10-10 00:52 millert
13506 * HISTORY: updates from Nieusma
13508 1997-10-09 18:37 millert
13510 * dce_pwent.c: move compat.h after the system includes
13512 1997-08-06 14:58 millert
13514 * logging.c: save errno from being clobbered by wait(). From Theo
13516 1997-05-21 11:57 millert
13518 * compat.h: fix an occurence of setresuid -> setreuid (typo)
13520 1997-03-19 17:45 millert
13522 * install-sh: check for path to strip
13524 1997-01-15 19:05 millert
13526 * logging.c: deal with maxfilelen < 0 case
13528 1997-01-15 19:05 millert
13530 * OPTIONS: fixed descriptin
13532 1996-12-11 23:10 millert
13534 * sudo.c: correct error message if mode/owner wrong and not
13535 statable by owner but is statable by root.
13537 1996-11-23 02:18 millert
13539 * config.guess, config.sub: autoconf 2.11
13541 1996-11-16 14:42 millert
13543 * CHANGES, RUNSON, TODO: sudo 1.5.3.
13545 1996-11-14 15:08 millert
13547 * sudo.h, parse.yacc: command_alias -> generic_alias
13549 1996-11-13 22:50 millert
13551 * sample.sudoers: added Runas_Alias example and fixed syntax errors
13553 1996-11-13 22:50 millert
13555 * OPTIONS, options.h: updated MAILSUBJECT
13557 1996-11-13 22:49 millert
13559 * logging.c: added %h expansion
13561 1996-11-13 21:37 millert
13563 * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c,
13564 find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h,
13565 ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
13566 logging.c, options.h, parse.c, parse.lex, parse.yacc,
13567 pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13568 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
13569 visudo.c, INSTALL, README, configure.in: ++version
13571 1996-11-13 20:01 millert
13573 * emul/utime.h, BUGS: ++version
13575 1996-11-13 19:45 millert
13577 * sudoers.pod: document Runas_Alias
13579 1996-11-13 19:22 millert
13581 * visudo.pod: q (uid) -> Q
13583 1996-11-13 19:21 millert
13585 * visudo.c: buffer oflow checking q (uit) -> Q if yyparse() fails
13588 1996-11-13 19:05 millert
13590 * parse.yacc: add size params to sprintf
13592 1996-11-13 19:04 millert
13594 * parse.lex: allow trailing space after '\\' but before '\n'
13596 1996-11-13 19:04 millert
13598 * find_path.c: off by one error in path size check
13600 1996-11-13 19:03 millert
13602 * check.c: sprintf paranoia
13604 1996-11-12 11:59 millert
13606 * parse.yacc: fixed more_aliases
13608 1996-11-12 11:58 millert
13610 * visudo.c: now warns if killed by signal ./
13612 1996-11-11 10:49 millert
13614 * parse.yacc: fix Runas_Alias stuff Alias's in runas list now get
13615 expanded (but it is gross)
13617 1996-11-10 20:32 millert
13619 * sudo.c: Can now deal with SUDOERS_UID == 0 and SUDOERS_MODE ==
13622 1996-11-10 20:08 millert
13624 * parse.yacc: add Runas_Alias support change FOO to FOO_ALIAS (ie:
13627 1996-11-10 20:02 millert
13629 * parse.lex: Add Runas_Alias and simplify a rule.
13631 1996-11-10 19:15 millert
13633 * parse.yacc: always store User_Alias's since they can be used
13634 inside of a runas list. Sigh. Really need a Runas_Alias
13637 1996-10-30 18:04 millert
13639 * visudo.c: deal with case where there is no sudoers file
13641 1996-10-11 23:01 millert
13643 * TROUBLESHOOTING: added one
13645 1996-10-10 22:11 millert
13647 * HISTORY, testsudoers.c: developement -> development
13649 1996-10-10 22:08 millert
13651 * INSTALL: added a note
13653 1996-10-10 20:36 millert
13655 * RUNSON: for 1.5.2
13657 1996-10-10 20:36 millert
13661 1996-10-10 00:56 millert
13663 * PORTING: removed seteuid() notes
13665 1996-10-09 13:37 millert
13667 * compat.h: better seteuid() emulatino
13669 1996-10-09 13:36 millert
13671 * configure.in: added check for seteuid
13673 1996-10-09 13:36 millert
13675 * config.h.in: added HAVE_SETEUID
13677 1996-10-08 19:22 millert
13679 * configure.in: first stab at sequent support
13681 1996-10-08 19:21 millert
13683 * config.h.in: added HAVE_SYS_SELECT_H
13685 1996-10-08 19:21 millert
13687 * compat.h: sequent -> _SEQUENT_
13689 1996-10-08 19:11 millert
13691 * compat.h: added seteuid() macro for DYNIX
13693 1996-10-08 18:54 millert
13695 * tgetpass.c: _AIX -> HAVE_SYS_SELECT_H
13697 1996-10-07 01:05 millert
13699 * emul/utime.h, check.c, compat.h, dce_pwent.c, find_path.c,
13700 getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
13701 ins_csops.h, ins_goons.h, insults.h, interfaces.c, options.h,
13702 pathnames.h.in, version.h, BUGS, INSTALL, Makefile.in, OPTIONS,
13703 README, config.h.in, logging.c, parse.c, parse.lex, parse.yacc,
13704 putenv.c, strdup.c, sudo_setenv.c, testsudoers.c, utime.c,
13705 visudo.c, tgetpass.c: ++version
13707 1996-10-07 00:59 millert
13709 * sudo.pod: added -H and SUDO_PS1
13711 1996-10-07 00:55 millert
13713 * configure.in: use SUDO_FUNC_FNMATCH
13715 1996-10-07 00:54 millert
13717 * aclocal.m4: added SUDO_FUNC_FNMATCH
13719 1996-10-07 00:53 millert
13721 * sudo.c: added -H flag
13723 1996-10-07 00:53 millert
13725 * sudo.h: added MODE_RESET_HOME /
13727 1996-10-05 00:00 millert
13729 * INSTALL: mention OPIE
13731 1996-10-04 23:59 millert
13733 * configure.in: added opie support
13735 1996-10-04 23:59 millert
13737 * check.c: added HAVE_OPIE and changed to *_OTP_*
13739 1996-10-04 23:58 millert
13741 * compat.h, config.h.in: added HAVE_OPIE
13743 1996-10-04 23:58 millert
13745 * OPTIONS, options.h: SKEY -> OTP
13747 1996-10-03 23:27 millert
13749 * check.c: moved fclose() in skey stuff.
13751 1996-10-03 19:53 millert
13753 * putenv.c: index -> strchr remove unnecesary stuff
13755 1996-10-03 19:43 millert
13757 * check.c: now call skeychallenge() to get challenge instead of
13758 making one up ourselves. this way, we get extra goodies in the
13761 1996-09-10 00:32 millert
13763 * CHANGES: added one
13765 1996-09-10 00:18 millert
13767 * parse.lex: allow logins to start with a number (YUCK!)
13769 1996-09-08 15:18 millert
13771 * TROUBLESHOOTING: added soalris 2.5 vs 2.4 note
13773 1996-09-08 15:15 millert
13775 * configure.in: DUNIX doesn't need -lnsl
13777 1996-09-07 20:22 millert
13779 * CHANGES: [no log message]
13781 1996-09-07 20:21 millert
13783 * check.c, compat.h, config.h.in, dce_pwent.c, find_path.c,
13784 getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
13785 ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c,
13786 options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in,
13787 putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
13788 tgetpass.c, utime.c, version.h, visudo.c: courtesan
13790 1996-09-07 20:13 millert
13792 * TROUBLESHOOTING, INSTALL, Makefile.in, PORTING, RUNSON, README:
13795 1996-09-07 20:12 millert
13797 * visudo.pod: [no log message]
13799 1996-09-07 20:00 millert
13801 * sudo.pod, visudo.pod: courtesan
13803 1996-09-07 19:45 millert
13805 * HISTORY: added courtesan ./
13807 1996-09-06 00:12 millert
13809 * sudo.c: added $SUDO_PROMPT support
13811 1996-09-04 17:19 millert
13813 * check.c: print long skey challemged to stderr, not stdout
13815 1996-08-31 23:10 millert
13817 * CHANGES: updated for 1.5.1
13819 1996-08-31 23:07 millert
13821 * emul/utime.h: ++version
13823 1996-08-31 12:34 millert
13825 * RUNSON: updated for 1.5.1
13827 1996-08-30 10:49 millert
13829 * check.c: use shost, not host for tgetpass
13831 1996-08-30 00:21 millert
13833 * OPTIONS, sudo.pod: documented %u and %h
13835 1996-08-29 20:40 millert
13837 * configure.in: fixed typo
13839 1996-08-29 20:37 millert
13841 * INSTALL, Makefile.in, README, check.c, compat.h, config.h.in,
13842 dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
13843 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
13844 interfaces.c, logging.c, options.h, parse.c, parse.lex,
13845 parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
13846 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
13847 visudo.c: ++version
13849 1996-08-29 20:30 millert
13853 1996-08-29 18:32 millert
13855 * configure.in, Makefile.in, version.h: ++version
13857 1996-08-29 17:58 millert
13859 * sudo.h: new tgetpass() params
13861 1996-08-29 17:58 millert
13863 * check.c: pass use and host to tgetpass
13865 1996-08-29 17:57 millert
13867 * tgetpass.c: added %u and %h escapes
13869 1996-08-29 16:56 millert
13871 * OPTIONS, options.h, check.c: added NO_MESSAGE
13873 1996-08-29 16:23 millert
13875 * configure.in: added cray (unicos) support
13877 1996-08-27 11:36 millert
13879 * OPTIONS, options.h, sudo.c: added SHELL_SETS_HOME
13881 1996-08-25 17:56 millert
13883 * INSTALL: added note about "make install"
13885 1996-08-25 17:50 millert
13887 * parse.yacc: changed length/size params from int to size_t
13889 1996-08-25 13:35 millert
13891 * OPTIONS: now get CSOPS insults as well by default
13893 1996-08-25 13:33 millert
13895 * insults.h: use csops insults too by default
13897 1996-08-25 13:31 millert
13899 * INSTALL, Makefile.in, README, config.h.in, configure.in,
13900 version.h: version = 1.5
13902 1996-08-25 13:27 millert
13904 * sudo.c: added runas_homedir
13906 1996-08-25 13:27 millert
13908 * TODO: updated for 1.5
13910 1996-08-25 13:23 millert
13912 * RUNSON: updated for 1.5
13914 1996-08-25 13:19 millert
13916 * CHANGES: 1.5 release
13918 1996-08-25 13:17 millert
13920 * INSTALL: added "upgrading" notes
13922 1996-08-22 14:00 millert
13924 * visudo.c: now do chmod and chown after edit of temp file and
13927 1996-08-18 12:52 millert
13929 * Makefile.in: ++version added INSTALL.configure
13931 1996-08-18 12:52 millert
13933 * version.h, configure.in: ++version
13935 1996-08-18 12:51 millert
13937 * TROUBLESHOOTING: [no log message]
13939 1996-08-18 12:50 millert
13941 * parse.yacc: added missing cast
13943 1996-08-17 20:37 millert
13945 * sudo.c: sets $HOME to pw_dir of runas user
13947 1996-08-17 20:02 millert
13949 * sudo.pod: document $HOME change
13951 1996-08-17 19:43 millert
13953 * sudo.pod: fixed up some wording
13955 1996-08-17 19:25 millert
13957 * check.c, dce_pwent.c, find_path.c, getspwuid.c, getwd.c,
13958 goodpath.c, interfaces.c, logging.c, parse.c, parse.lex,
13959 parse.yacc, putenv.c, strdup.c, sudo.c, sudo_setenv.c,
13960 testsudoers.c, tgetpass.c, utime.c, visudo.c: ++version
13962 1996-08-17 19:19 millert
13964 * emul/utime.h, compat.h, ins_2001.h, ins_classic.h, ins_csops.h,
13965 ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h:
13968 1996-08-17 19:18 millert
13970 * sudo.h: name nad type changes
13972 1996-08-17 19:17 millert
13974 * testsudoers.c: now works with new sudo
13976 1996-08-17 19:07 millert
13978 * parse.yacc: fixed some XXX
13980 1996-08-17 18:52 millert
13982 * parse.yacc: some variable name changes + comment headers for
13985 1996-08-17 18:41 millert
13987 * tgetpass.c: added extra paren's to make compilers happy
13989 1996-08-17 18:34 millert
13991 * sudo.c: [no log message]
13993 1996-08-17 18:30 millert
13995 * parse.c: now uses init_parser() if not in sudoers and tries
13996 "list" or "validate" scold but don't be nasty.
13998 1996-08-17 18:29 millert
14000 * TROUBLESHOOTING: now can use upper case login names
14002 1996-08-17 18:29 millert
14004 * visudo.c: now uses init_parser()
14006 1996-08-17 18:28 millert
14008 * PORTING: added info about PASSWORD_TIMEOUT
14010 1996-08-17 18:28 millert
14012 * INSTALL, README: updated
14014 1996-08-17 18:28 millert
14016 * INSTALL.configure: Initial revision
14018 1996-08-17 18:27 millert
14020 * BUGS: fixed a bug ,
14022 1996-08-17 18:27 millert
14024 * parse.yacc: now dynamically allocates memory for the stacks -- no
14027 1996-08-17 18:26 millert
14029 * sudo.pod: -l now explands command aliases
14031 1996-08-17 13:22 millert
14033 * parse.yacc: hacks to expand command aliases for `sudo -l'
14035 1996-08-17 13:22 millert
14037 * sudo.c: remove $ENV and $BASH_ENV (dangerous in ksh, posix sh,
14040 1996-08-17 13:22 millert
14042 * sudo.h: added struct command_alias
14044 1996-08-17 13:20 millert
14046 * sudo.pod: fixed a bug
14048 1996-08-17 13:15 millert
14050 * lsearch.c: in compar() key should be first arg
14052 1996-08-15 15:48 millert
14054 * BUGS: fixed some bugs
14056 1996-08-15 15:47 millert
14058 * parse.yacc: can now deal with upcase HOST and USER names
14060 1996-08-15 15:47 millert
14062 * sudo.c: don't yell too loudly at non-sudoers if they do "sudo -l"
14064 1996-08-15 15:46 millert
14066 * sudo.pod: fixed thinko
14068 1996-08-15 15:46 millert
14070 * parse.c: fix comment
14072 1996-08-09 18:07 millert
14074 * parse.c, parse.yacc: added support for new `sudo -l' stuff
14076 1996-08-09 18:06 millert
14078 * sudo.c: now uses list_matches()
14080 1996-08-09 18:06 millert
14082 * sudo.h: added struct sudo_match
14084 1996-08-09 17:37 millert
14086 * configure.in: now more -lgnumalloc
14088 1996-08-01 13:12 millert
14090 * install-sh: added more paths for chown and whoami
14092 1996-07-31 10:41 millert
14096 1996-07-30 13:45 millert
14098 * aclocal.m4: fixed DUNIX check for shadow pw
14100 1996-07-30 13:41 millert
14102 * tgetpass.c: now only turn off echo if it is already on. this
14103 fixes a race when you use sudo in a pipelin
14105 1996-07-30 12:53 millert
14109 1996-07-29 22:29 millert
14111 * configure.in: changed "test -z $foo && do_this" to if; then
14114 1996-07-28 22:47 millert
14116 * configure.in: added missing defines of SHADOW_TYPE
14118 1996-07-26 14:10 millert
14120 * check.c: protect AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT since
14121 they are only in dunix 4.x
14123 1996-07-26 14:09 millert
14125 * getspwuid.c: added AUTH_CRYPT_C1CRYPT support
14127 1996-07-26 13:23 millert
14129 * parse.c: no longer return VALIDATE_NOT_OK if there was a runas
14130 that didn't match. Now we can have runas stuff on more than one
14133 1996-07-25 23:45 millert
14135 * configure.in: got rid of HAVE_C2_SECURITY SHADOW_TYPE is always
14136 defined to something
14138 1996-07-25 23:45 millert
14140 * config.h.in: removed HAVE_C2_SECURITY added SPW_BSD
14142 1996-07-25 23:44 millert
14144 * compat.h, getspwuid.c, sudo.c, tgetpass.c: use SHADOW_TYPE
14145 instead of HAVE_C2_SECURITY
14147 1996-07-25 23:44 millert
14149 * check.c: SHADOW_TYPE is always defined so just against its value
14151 1996-07-25 23:44 millert
14153 * aclocal.m4: added SUDO_CHECK_SHADOW_DUNIX
14155 1996-07-25 18:47 millert
14157 * sudoers.pod: * -> ?* in one example added another instance of
14158 (runas) and one of NOPASSWD:
14160 1996-07-24 13:02 millert
14162 * configure.in: added back check for config.cache from other host
14165 1996-07-24 12:49 millert
14167 * parse.lex: removed an instance of \"
14169 1996-07-24 12:49 millert
14171 * sample.sudoers: added an example
14173 1996-07-24 12:44 millert
14175 * sudoers.pod: updated wrt new wildcard matching
14177 1996-07-24 10:28 millert
14179 * configure.in: new check for shadow passwords if we don't know
14182 1996-07-24 10:28 millert
14184 * aclocal.m4: new SUDO_CHECK_SHADOW_GENERIC
14186 1996-07-24 02:19 millert
14188 * configure.in: added back check for -lsocket (oops)
14190 1996-07-24 02:16 millert
14192 * configure.in: better (working) check for shadow passwd type if we
14195 1996-07-24 01:59 millert
14197 * configure.in: now uses AC_CANONICAL_HOST to figure out os type
14199 1996-07-24 01:59 millert
14201 * Makefile.in: added config.{guess,sub}
14203 1996-07-24 01:58 millert
14205 * aclocal.m4: removed unused stuff to figure out os type
14207 1996-07-23 22:58 millert
14209 * config.sub: added openbsd
14211 1996-07-23 22:54 millert
14213 * config.sub: Initial revision
14215 1996-07-23 22:40 millert
14217 * config.guess: Initial revision
14219 1996-07-23 21:18 millert
14221 * testsudoers.c: don't call fnmatch() with FNM_PATHNAME flag unless
14222 it can only be a pathname. need to check against sudoers_args
14223 even if user_args is nil
14225 1996-07-23 21:18 millert
14227 * parse.c: don't call fnmatch() with FNM_PATHNAME flag unless it
14228 can only be a pathname need to check against sudoers_args even if
14231 1996-07-23 18:52 millert
14233 * check.c: added support for AUTH_CRYPT_OLDCRYPT w/ DUNIX C2
14235 1996-07-23 01:18 millert
14237 * testsudoers.c: now takes command line args and uses cmnd_args
14239 1996-07-23 01:10 millert
14241 * parse.lex: fill_args was adding an extra leading space
14243 1996-07-22 15:50 millert
14245 * visudo.c: fixed dummy command_matches()
14247 1996-07-22 15:50 millert
14249 * parse.yacc: fixed prototype
14251 1996-07-22 15:31 millert
14253 * sudo.h: added cmnd_args
14255 1996-07-22 15:31 millert
14257 * parse.yacc: now uses flat args string
14259 1996-07-22 15:30 millert
14261 * parse.c, parse.lex: now uses flat arg string
14263 1996-07-22 15:29 millert
14265 * visudo.c: added cmnd_args def
14267 1996-07-22 14:30 millert
14269 * sudo.c: now sets cmnd_args global
14271 1996-07-22 14:30 millert
14273 * logging.c: cmnd_args is now exported from sudo.[ch]
14275 1996-07-21 18:41 millert
14277 * parse.yacc: can't rely on cmnd_matches as much as I thought --
14278 added some $$ stuff back in to prevent namespace pollution
14281 1996-07-21 18:01 millert
14283 * parse.yacc: Simplified parse rules wrt runas and NOPASSWD (more
14286 1996-07-20 00:45 millert
14288 * parse.lex: NOPASSWD may now have blanks before the ':' '(' only
14289 starts a 'runas' if in the initial state to avoid collision with
14292 1996-07-20 00:23 millert
14294 * configure.in: added checks for specific shadow passwd schemes
14296 1996-07-20 00:18 millert
14298 * aclocal.m4: added routines to check for specific shadow passwd
14301 1996-07-18 18:27 millert
14303 * configure.in: added support for ncr boxen
14305 1996-07-18 18:26 millert
14307 * aclocal.m4: added support for detecting ncr boxen
14309 1996-07-16 14:57 millert
14311 * configure.in: added sinix support
14313 1996-07-13 22:29 millert
14315 * TROUBLESHOOTING: added info about "config.cache from other other"
14318 1996-07-13 22:22 millert
14320 * aclocal.m4: now makes sure you don't have a config.cache file
14323 1996-07-13 21:36 millert
14325 * configure.in: now sets $LIBS when needed to configure links with
14326 libs when doing tests hpux10 now uses SPW_SECUREWARE for C2 added
14327 check for bigcrypt(3) if SPW_SECUREWARE
14329 1996-07-13 21:30 millert
14331 * getspwuid.c: fixed typo
14333 1996-07-13 21:05 millert
14335 * tgetpass.c: now include stuff for SPW_SECUREWARE to get
14336 AUTH_MAX_PASSWD_LENGTH
14338 1996-07-13 21:05 millert
14340 * getspwuid.c: no more SPW_HPUX10
14342 1996-07-13 21:04 millert
14344 * config.h.in: no more SPW_HPUX10 added HAVE_BIGCRYPT
14346 1996-07-13 21:04 millert
14348 * compat.h: now uses AUTH_MAX_PASSWD_LENGTH if SPW_SECUREWARE
14350 1996-07-13 21:04 millert
14352 * check.c: SPW_SECUREWARE now uses bigcrypt
14354 1996-07-13 18:24 millert
14356 * sample.sudoers: fixed 2 syntax errors
14358 1996-07-13 18:24 millert
14360 * sudoers: root may now run ALL as ALL
14362 1996-07-11 20:59 millert
14364 * interfaces.c: fixed a typo/thinko that broke BSD's with sa_len
14366 1996-07-08 16:08 millert
14368 * check.c, configure.in: updated AFS support
14370 1996-07-08 16:07 millert
14372 * TROUBLESHOOTING: added entry about /usr/ucb/cc
14374 1996-07-08 16:06 millert
14376 * INSTALL: prep no longer holds gcc binaries
14378 1996-07-08 15:48 millert
14380 * INSTALL: updated AFS note
14382 1996-07-08 15:43 millert
14384 * Makefile.in: added @AFS_LIBS@
14386 1996-07-08 15:33 millert
14388 * compat.h: AFS allows long passwords
14390 1996-07-08 14:16 millert
14392 * testsudoers.c: fixed -u user support
14394 1996-07-08 14:16 millert
14396 * parse.c: sudo -v now groks VALIDATE_OK_NOPASS
14398 1996-07-08 13:30 millert
14400 * parse.yacc: fixed no_passwd vs. runas_matched
14402 1996-07-08 10:30 millert
14404 * TROUBLESHOOTING: took out stuff about NFS-mounting since it is no
14407 1996-07-08 10:30 millert
14409 * INSTALL: added --with-libraries > --with-libpath --with-incpath
14411 1996-07-08 10:21 millert
14413 * parse.yacc: was setting runas_matches to -1 in wrong place
14415 1996-07-08 09:58 millert
14417 * check.c: removed usersec.h which is not present in new AFS
14420 1996-07-08 09:55 millert
14422 * tgetpass.c: now deals with timeout <= 0
14424 1996-07-08 09:51 millert
14428 1996-07-08 00:04 millert
14430 * configure.in: BSD/OS >= 2.0 now uses shlicc instead of just gcc
14432 1996-07-07 22:30 millert
14434 * sudo.c: fixed backwards compatibility with sudo 1.4 sudoers mode
14435 for root readable/writable filesystems
14437 1996-07-07 20:49 millert
14439 * Makefile.in: now gives INSTALL -c flag
14441 1996-07-07 20:34 millert
14443 * parse.yacc: slightly simpler initialization of no_passwd and
14446 1996-07-07 20:33 millert
14448 * testsudoers.c: added -u username support
14450 1996-07-07 20:32 millert
14452 * configure.in: improved --with-libraries support
14454 1996-07-07 16:27 millert
14456 * configure.in: added --with-incpath, --with-libpath,
14459 1996-07-07 16:01 millert
14461 * parse.yacc: now initializes some fields that weren't getting set
14462 to -1 pretty gross -- need a rewrite.
14464 1996-06-25 23:19 millert
14466 * alloca.c: removed emacs'isms
14468 1996-06-25 22:29 millert
14470 * configure.in: no longer add -lPW to *_LIBS since we include
14473 1996-06-25 22:29 millert
14475 * config.h.in: added HAVE_ALLOCA_H
14477 1996-06-25 22:28 millert
14479 * Makefile.in: added alloca.c
14481 1996-06-25 22:18 millert
14483 * alloca.c: Initial revision
14485 1996-06-25 21:58 millert
14487 * configure.in: ++version
14489 1996-06-25 19:32 millert
14491 * sudo.c: now set uid to 1 instead of nobody for PERM_SUDOERS since
14492 nobody is not always set to a valid uid.
14494 1996-06-25 19:31 millert
14496 * OPTIONS: fixed entry for SUDO_MODE
14498 1996-06-25 18:02 millert
14500 * sudo.c: Fixed NFS-mounted sudoers file under solaris both uid
14501 *and* gid were being set to -2. Now beat NFS to the punch and
14502 set uid to "nobody" ourselves, preserving group 0 to read
14505 1996-06-25 18:02 millert
14507 * parse.c: moved set_perms(PERM_ROOT) to be before yyparse()
14509 1996-06-25 18:00 millert
14511 * logging.c: fixed a typo
14513 1996-06-25 18:00 millert
14515 * configure.in: no longer need AC_PROG_INSTALL
14517 1996-06-25 17:59 millert
14519 * Makefile.in: always use install-sh to avoid install(1)'s that use
14522 1996-06-25 16:07 millert
14524 * INSTALL: make clean -> make distclean
14526 1996-06-20 01:17 millert
14528 * parse.yacc: removed some unnecsary if's
14530 1996-06-20 01:16 millert
14532 * Makefile.in, version.h: ++version
14534 1996-06-20 01:16 millert
14536 * parse.c, testsudoers.c: now includes netgroup.h
14538 1996-06-20 00:45 millert
14540 * interfaces.c: removed cats of ioctl to int since they didn't shut
14543 1996-06-20 00:43 millert
14545 * interfaces.c: explicately cast ioctl() to int since it it not
14548 1996-06-20 00:41 millert
14550 * sudo.h: added declarations for yyparse() and yylex()
14552 1996-06-20 00:27 millert
14554 * parse.yacc: fixed an occurence of '==' -> '='
14556 1996-06-20 00:22 millert
14558 * config.h.in, configure.in: added check for netgroup.h
14560 1996-06-20 00:20 millert
14562 * sudo.c: fixed 2 compiler warnings
14564 1996-06-20 00:08 millert
14566 * sudo.c: SHELL_IF_NO_ARGS caused core dump since NewArg[cv]
14567 weren't being initialized
14569 1996-06-19 13:53 millert
14571 * sudo.pod: fixed a typo
14573 1996-06-17 12:19 millert
14575 * parse.yacc: fixed a formatting thingie
14577 1996-06-17 12:16 millert
14579 * parse.c, parse.yacc: fixed -u support with multiple user lists on
14582 1996-06-17 10:23 millert
14584 * configure.in: unixware needs -lgen
14586 1996-06-17 10:23 millert
14588 * README: updated ftp location
14590 1996-06-17 00:08 millert
14592 * sudoers.pod: add net_addr/netmask support
14594 1996-06-17 00:07 millert
14596 * sample.sudoers: added net_addr/mask example
14598 1996-06-17 00:02 millert
14600 * parse.lex, parse.c: added support for net_addr/netmask
14602 1996-06-15 20:13 millert
14604 * sudoers.pod: ^ -> !
14606 1996-06-15 18:12 millert
14608 * RUNSON: updated for 1.4.3
14610 1996-06-15 18:12 millert
14612 * CHANGES: udpated for 1.4.3
14614 1996-06-15 18:11 millert
14616 * TROUBLESHOOTING, TODO, BUGS: updated
14618 1996-06-15 18:11 millert
14620 * sample.sudoers: updated with examples of new stuff
14622 1996-06-15 18:10 millert
14624 * INSTALL, README: ++version
14626 1996-06-15 18:01 millert
14628 * sudoers.pod: updated wrt -u and NOPASSWD
14630 1996-06-15 17:58 millert
14632 * sudo.pod: updated wrt -u and CAVEATS
14634 1996-06-08 23:15 millert
14636 * sudo.c: fixed usage()
14638 1996-06-08 22:57 millert
14640 * parse.lex: now use :foo: character classes (makes no diff for
14643 1996-06-07 14:33 millert
14645 * check.c: fixed LONG_SKEY_PROMPT stuff
14647 1996-06-06 15:35 millert
14649 * visudo.c: fixed a comment
14651 1996-06-06 15:03 millert
14653 * lsearch.c: make more like NetBSD one -- now compiles w/o warnings
14655 1996-06-06 15:02 millert
14657 * emul/search.h: fixed decls of lsearch()
14659 1996-06-05 22:20 millert
14661 * config.h.in, configure.in, getspwuid.c: added SPW_HPUX10
14663 1996-06-05 22:20 millert
14665 * check.c: hpux 10 uses bigcrypt() if C2
14667 1996-06-04 19:57 millert
14669 * parse.c: now always uses fnmatch to match args
14671 1996-06-04 19:40 millert
14673 * tgetpass.c: back to using stdio instead of raw i/o since that
14674 caused some problems
14676 1996-05-28 22:14 millert
14678 * sudo.c: now give usage warning if use -l,-v,-k with args
14680 1996-05-28 18:22 millert
14682 * sudo.c: NewArgc is now set to 1 for -l, -v, -k
14684 1996-05-28 12:50 millert
14686 * sudo.c: now sets sudoers to correct group if mode is 0400
14688 1996-05-28 12:02 millert
14690 * install-sh: updated to version used by inn and bind
14692 1996-05-28 00:08 millert
14694 * configure.in: now uses -lgnumalloc if it exists
14696 1996-05-28 00:02 millert
14698 * Makefile.in: "make install" now sets uid/gid and mode on sudoers
14701 1996-05-28 00:01 millert
14703 * sudo.c: rmeoved debugging statements
14705 1996-05-28 00:00 millert
14707 * parse.yacc: added a missing free()
14709 1996-05-27 23:58 millert
14711 * sudo.c: now uses user_gid instead of getegid (which was wrong
14712 anyway) to set SUDO_GID Now sets command line args in
14713 SUDO_COMMAND envariabled (logging.c depends on args being in the
14716 1996-05-27 23:57 millert
14718 * logging.c: now uses SUDO_COMMAND envariable to get command args
14719 rather than building it up again.
14721 1996-05-27 22:42 millert
14723 * parse.c: now uses user_gid
14725 1996-05-27 20:02 millert
14727 * sudo.c: fixed off by one error in allocation NewArgv
14729 1996-05-27 20:01 millert
14731 * parse.c: in sudoers, 'command ""' now means command with no args
14733 1996-05-27 20:01 millert
14735 * configure.in: added check for fnmatch(3) and fnmatch.h
14737 1996-05-27 20:01 millert
14739 * config.h.in: added HAVE_FNMATCH
14741 1996-05-27 20:00 millert
14743 * Makefile.in: replaced wildcat.* with fnmatch.*
14745 1996-05-27 20:00 millert
14747 * testsudoers.c: now uses fnmatch()
14749 1996-05-27 19:38 millert
14751 * parse.c: now uses fnmatch() instead of wildmat a trailing star
14752 (*) by itself now matches multiple args added support for
14753 wildcards in the pathname in sudoers
14755 1996-05-25 19:23 millert
14757 * fnmatch.c: now includes compat.h and config.h
14759 1996-05-25 18:09 millert
14761 * config.h.in: added HAVE_FNMATCH_H
14763 1996-05-25 18:07 millert
14765 * configure.in: now checks for alloca() (if needed by bison or dce)
14766 and links with -lPW if it contains alloca() and libv and compiler
14769 1996-05-25 18:03 millert
14771 * fnmatch.3, fnmatch.c, emul/fnmatch.h: Initial revision
14773 1996-04-28 22:38 millert
14775 * sudo.c: now fixes mode on sudoers if set to 0400 to aid in
14778 1996-04-28 17:44 millert
14780 * Makefile.in: fixed pod2man usage
14782 1996-04-28 17:40 millert
14784 * configure.in, Makefile.in, version.h: ++version
14786 1996-04-28 17:20 millert
14788 * testsudoers.c, visudo.c: runas_user is now initialized to "root"
14790 1996-04-28 17:20 millert
14792 * sudo.h: removed PERM_FULL_ROOT
14794 1996-04-28 17:18 millert
14796 * sudo.c: runas_user defaults to "root" so no more need to
14799 1996-04-28 17:16 millert
14801 * parse.c: will now only running commands as root if there was no
14802 runas list (or if root is in the runas list)
14804 1996-04-28 17:15 millert
14806 * logging.c: now logs "USER=%s"
14808 1996-04-28 17:12 millert
14810 * parse.yacc: runas_matches is now set to false if we get a
14813 1996-04-28 15:01 millert
14815 * parse.lex: make #uid work + some minor cleanup
14817 1996-04-27 21:04 millert
14819 * sample.sudoers: added support for NOPASSWD and "runas" from
14822 1996-04-27 21:03 millert
14824 * visudo.c: added support for "runas" from garp@opustel.com
14825 replaced SUDOERS_OWNER with SUDOERS_UID, SUDOERS_GID added
14826 support for SUDOERS_MODE
14828 1996-04-27 21:03 millert
14830 * testsudoers.c: added support for "runas" from garp@opustel.com
14832 1996-04-27 21:02 millert
14834 * sudo.h: added support for NO_PASSWD and runas from
14835 garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and
14836 SUDOERS_GID and added support fro SUDOERS_MODE
14838 1996-04-27 21:00 millert
14840 * sudo.c: added support for NO_PASSWD and runas from
14841 garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and
14842 SUDOERS_GID and added support fro SUDOERS_MODE
14844 1996-04-27 21:00 millert
14846 * parse.yacc: added support for NO_PASSWD and runas from
14849 1996-04-27 20:58 millert
14851 * parse.c, parse.lex: added support for NO_PASSWD and runas from
14854 1996-04-27 20:56 millert
14856 * logging.c: added support for SUDOERS_WRONG_MODE and "runas"
14858 1996-04-27 20:40 millert
14860 * configure.in: added --with-CC only link with -lshadow on linux
14861 (with shadow pw) if libc lacks getspnam()
14863 1996-04-27 20:39 millert
14865 * OPTIONS, options.h: removed NO_PASSWD since it is not possible to
14866 do this in the sudoers file itself. Replaced SUDOERS_OWNER with
14867 SUDOERS_UID and SUDOERS_GID. Added SUDOERS_MODE.
14869 1996-04-27 20:26 millert
14871 * Makefile.in: now uses SUDOERS_UID and SUDOERS_GID
14873 1996-04-27 11:20 millert
14875 * INSTALL: added --with-CC
14877 1996-04-06 16:31 millert
14879 * parse.lex: added double quote support
14881 1996-04-06 16:29 millert
14883 * sudoers.pod: documented double quoting
14885 1996-04-05 16:53 millert
14887 * mkinstalldirs: Initial revision
14889 1996-04-05 16:53 millert
14891 * check.c: fixed some indentation
14893 1996-04-05 16:48 millert
14895 * Makefile.in: fixed a typo
14897 1996-04-04 19:39 millert
14899 * Makefile.in: added install-dirs .
14901 1996-04-04 14:16 millert
14903 * dce_pwent.c: new version from "Jeff A. Earickson"
14904 <jaearick@colby.edu>
14906 1996-04-03 13:40 millert
14908 * configure.in: $CSOPS -> $with_csops (whoops, missed one)
14910 1996-04-03 13:40 millert
14914 1996-04-03 13:36 millert
14916 * parse.lex: FQHOST now has same constraints as non-FQHOST
14918 1996-04-02 19:00 millert
14920 * INSTALL: added note about OS's w/ shadow passwords turned on by
14923 1996-04-02 18:58 millert
14925 * configure.in: fixed a typo
14927 1996-04-02 18:48 millert
14929 * configure.in: added support for --without-THING sanitized shadow
14930 pw situtation by adding support for --without-C2
14932 1996-04-02 16:42 millert
14934 * tgetpass.c: fixed a typo wrt placement of an end paren
14936 1996-04-02 14:57 millert
14938 * check.c: was closing an fd that may not have been opened
14940 1996-03-21 19:55 millert
14942 * sudo.c, OPTIONS, options.h: added NO_PASSWD
14944 1996-03-19 19:40 millert
14946 * configure.in: now always use shadow pw on some arches
14948 1996-03-19 17:07 millert
14950 * configure.in: added pyramid support
14952 1996-03-19 17:04 millert
14954 * configure.in: no longer check for C2 if alternate passwd method
14955 is used no longer check for some libs twice
14957 1996-03-19 17:00 millert
14959 * parse.yacc: moved fqdn stuff into parse.lex (FQHOST)
14961 1996-03-19 17:00 millert
14963 * parse.lex: added FQHOST rules
14965 1996-03-18 20:57 millert
14967 * tgetpass.c: now define TCSASOFT in necesary
14969 1996-03-18 20:31 millert
14971 * tgetpass.c: now uses read/write instead of stdio string goop to
14972 avoid problems with select(2)
14974 1996-03-18 19:37 millert
14976 * OPTIONS, find_path.c, options.h: -DNO_DOT_PATH ->
14979 1996-03-17 16:18 millert
14981 * INSTALL: added note about no shadow auto-detect if using
14982 alternate auth schemes
14984 1996-03-17 15:33 millert
14986 * configure.in: don't check for C2 if AFS or DCE (unless they said
14989 1996-03-17 15:08 millert
14991 * testsudoers.c: now groks shost
14993 1996-03-17 15:01 millert
14995 * options.h, OPTIONS, find_path.c: added NO_DOT_PATH
14997 1996-03-16 14:43 millert
14999 * find_path.c: checkdot now works correctly
15001 1996-03-12 18:01 millert
15003 * configure.in: can't have DCE and C2 passwords both...
15005 1996-03-11 14:05 millert
15007 * parse.yacc, sudo.c, sudo.h, visudo.c: now uses shost even if not
15010 1996-03-11 14:04 millert
15012 * configure.in: now looks for skey in /usr/lib and doesn't require
15013 libskey to be in /usr/local/lib just because skey.h is (for my
15016 1996-03-11 02:00 millert
15018 * aclocal.m4, config.h.in, pathnames.h.in: _SUDO_PATH_ ->
15021 1996-03-10 21:01 millert
15023 * aclocal.m4, sudo.pod: /var/run/.odus -> /var/run/sudo
15025 1996-03-10 20:59 millert
15027 * pathnames.h.in: now uses _SUDO_PATH_TIMEDIR
15029 1996-03-10 20:59 millert
15031 * OPTIONS: udpated FQDN
15033 1996-03-10 20:58 millert
15035 * config.h.in: added _SUDO_PATH_TIMEDIR
15037 1996-03-10 20:58 millert
15039 * aclocal.m4, configure.in: added SUDO_TIMEDIR
15041 1996-03-10 20:58 millert
15043 * sudo.pod: updated wrt /var/run/sudo
15045 1996-03-10 20:16 millert
15047 * sudo.c, sudo.h: added support for shost if FQDN
15049 1996-03-10 20:14 millert
15051 * parse.yacc, visudo.c: now uses shost if FQDN
15053 1996-03-10 20:12 millert
15055 * check.c: Now use skeylookup() instead off skeychallenge()
15057 1996-02-27 20:41 millert
15059 * logging.c: mail_argv should not contain ALERTMAIL as it includes
15062 1996-02-22 17:06 millert
15064 * INSTALL, Makefile.in, README, version.h, configure.in: ++version
15066 1996-02-22 16:27 millert
15068 * compat.h: added more _PASSWD_LEN stuff -- now uses PASS_MAX too
15070 1996-02-22 16:27 millert
15072 * tgetpass.c: now includes limits.h moved _PASSWD_LEN -> compat.h
15074 1996-02-05 19:20 millert
15076 * README, INSTALL: ++version
15078 1996-02-05 19:20 millert
15080 * Makefile.in: ++versoin
15082 1996-02-05 19:16 millert
15084 * Makefile.in: fixed a typo
15086 1996-02-05 19:16 millert
15088 * configure.in: ++version
15090 1996-02-05 18:53 millert
15094 1996-02-05 18:47 millert
15096 * CHANGES: done for 1.4.1 (I hope)
15098 1996-02-05 18:45 millert
15100 * sudoers.pod: added info on wildcards
15102 1996-02-05 18:39 millert
15104 * sample.sudoers: added wildcard example
15106 1996-02-05 17:03 millert
15108 * Makefile.in: now uses *.pod to build *.man and *.cat & *.html
15110 1996-02-05 17:03 millert
15112 * configure.in: addedSUDO_PROG_BSHELL !ll
15114 1996-02-05 16:10 millert
15116 * visudo.pod: fixed up some formatting
15118 1996-02-05 16:10 millert
15120 * sudoers.pod: redid section describing sample sudoers stuff
15122 1996-02-05 16:10 millert
15124 * sudo.pod: fixed some formatting
15126 1996-02-04 22:50 millert
15128 * getspwuid.c: now treats "" as bourne shell
15130 1996-02-04 22:49 millert
15132 * Makefile.in: TESTOBJS nwo includes wildmat.o
15134 1996-02-04 22:48 millert
15136 * testsudoers.c: now works with NewArg[cv]
15138 1996-02-04 21:59 millert
15140 * sudo.c: removed an XXX (fixed it in getspwuid.c)
15142 1996-02-04 21:58 millert
15144 * aclocal.m4: added check for bourne shell
15146 1996-02-04 21:58 millert
15148 * pathnames.h.in: added _PATH_BSHELL
15150 1996-02-04 21:58 millert
15152 * config.h.in: added _SUDO_PATH_BSHELL
15154 1996-02-04 16:36 millert
15156 * visudo.c: unixware vi returns 256 instead of 0
15158 1996-02-04 16:24 millert
15160 * INSTALL: added Linux note
15162 1996-02-04 16:13 millert
15164 * logging.c: fixed up some XXX's. file log format now looks a
15165 little more like real syslog(3) format.
15167 1996-02-04 16:13 millert
15169 * README, TROUBLESHOOTING: updated wrt lex/flex
15171 1996-02-04 16:11 millert
15173 * Makefile.in: commented out rule to build lex.yy.c from parse.lex
15174 since we ship with a pre-flex'd parser
15176 1996-02-04 16:09 millert
15178 * parse.c, parse.yacc, visudo.c: path_matches -> command_matches
15180 1996-02-04 02:28 millert
15182 * logging.c: eliminated some strcat()'s
15184 1996-02-04 02:10 millert
15186 * configure.in: no longer checks for lex/flex (now assumes flex)
15188 1996-02-04 02:08 millert
15190 * configure.in: now checks for $kerb_dir_candidate/krb.h instead of
15191 just kerb_dir_candidate
15193 1996-02-02 20:48 millert
15195 * parse.yacc: now use a 'hook' expression instead of an iffy one
15198 1996-02-02 01:14 millert
15200 * visudo.c: now works with new sudo arg stuff
15202 1996-02-02 01:14 millert
15204 * parse.yacc: fixed dereferencing deadbeef
15206 1996-02-01 23:53 millert
15208 * sudo.c: changed an occurrence of Argv to NewArgv
15210 1996-02-01 23:53 millert
15212 * parse.lex: took out support for quoted commands since there is no
15215 1996-02-01 23:52 millert
15217 * parse.c: fixed a typo in a for() loop
15219 1996-02-01 23:52 millert
15221 * logging.c: protected against dereferencing rogue pointers
15223 1996-02-01 22:34 millert
15225 * sudo.c: now uses NewArgv amd NewArgc so cmnd_aegs is no longer
15226 needed this also allows us to eliminate some kludges in
15227 parse_args() and eliminate superfluous code.
15229 1996-02-01 22:34 millert
15231 * logging.c: no longer uses cmnd_args, now uses NewArgv instead.
15233 1996-02-01 22:32 millert
15235 * sudo.h: added struct sudo_command, NewArgc, and NewArgv removed
15236 cmnd_args (no longer used)
15238 1996-02-01 22:31 millert
15240 * Makefile.in: added wildmat.c to SRCS & SUDOBJS
15242 1996-02-01 22:30 millert
15244 * parse.yacc: COMMAND is now a struct containing the path and args
15246 1996-02-01 22:30 millert
15248 * parse.lex: replaced append() with fill_cmnd() and fill_args.
15249 command args from a sudoers entry are now stored in an arrary for
15252 1996-02-01 22:28 millert
15254 * parse.c: command line args from sudoers file are now in an array
15255 like ones passed in from the command line
15257 1996-01-31 20:59 millert
15259 * parse.c: wildwat stuff now works
15261 1996-01-29 00:44 millert
15263 * version.h: ++version
15265 1996-01-29 00:44 millert
15267 * Makefile.in: ++version added wildmat.*
15269 1996-01-28 17:55 millert
15271 * parse.lex: added support for quoted commands (w/ or w/o args)
15273 1996-01-22 01:55 millert
15275 * sudo.pod, visudo.pod: cleaned up formatting
15277 1996-01-21 20:53 millert
15279 * sudo.pod, visudo.pod: Initial revision
15281 1996-01-21 02:07 millert
15283 * sudoers.pod: looks reasonable, could be mroe readable
15285 1996-01-20 23:47 millert
15287 * sudoers.pod: Initial revision
15289 1996-01-16 14:38 millert
15293 1996-01-16 14:37 millert
15295 * OPTIONS: updated NO_ROOT_SUDO entry
15297 1996-01-15 11:37 millert
15299 * RUNSON: [no log message]
15301 1996-01-15 11:34 millert
15303 * sudo.c: fixed SECURE_PATH
15305 1996-01-14 20:55 millert
15307 * RUNSON: udpa`ted for 1.4
15309 1996-01-14 20:52 millert
15311 * configure.in: AIX aixcrypt.exp now uses $(srcdir)
15313 1996-01-14 20:32 millert
15315 * TROUBLESHOOTING: added entry for anal ansi compilers
15317 1996-01-14 16:13 millert
15319 * INSTALL: added info on libcrypt_i for SCO
15321 1996-01-14 16:05 millert
15323 * TODO: [no log message]
15325 1996-01-14 15:39 millert
15327 * sample.sudoers: added comments
15329 1996-01-14 15:25 millert
15331 * TODO: 1.4 release
15333 1996-01-14 15:22 millert
15335 * README, config.h.in, configure.in, CHANGES: ++version
15337 1996-01-14 15:21 millert
15339 * BUGS: ++version and fixed ISC
15341 1996-01-14 15:19 millert
15343 * check.c, compat.h, dce_pwent.c, find_path.c, getspwuid.c,
15344 getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h,
15345 ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h,
15346 logging.c, putenv.c, strdup.c, sudo.c, sudo_setenv.c,
15347 testsudoers.c, tgetpass.c, utime.c, visudo.c, INSTALL, OPTIONS:
15350 1996-01-14 15:16 millert
15352 * interfaces.c: added STUB_LOAD_INTERFACES ++version
15354 1996-01-14 15:14 millert
15356 * Makefile.in, version.h, parse.c, parse.lex, parse.yacc,
15357 emul/utime.h: ++version
15359 1996-01-14 15:13 millert
15361 * PORTING: added info about fd_set in tgetpass added info on
15364 1996-01-11 13:22 millert
15366 * dce_pwent.c: added sudo header
15368 1996-01-11 13:04 millert
15370 * tgetpass.c: fixed a typo
15372 1996-01-11 13:01 millert
15374 * Makefile.in: tgetpass.o is now only linked in with sudo (not
15377 1996-01-09 12:56 millert
15379 * BUGS, INSTALL, OPTIONS, README, Makefile.in, config.h.in,
15380 configure.in: ++version
15382 1996-01-09 12:54 millert
15384 * emul/utime.h: added copyright notice
15386 1996-01-09 12:52 millert
15388 * check.c, compat.h, find_path.c, getspwuid.c, getwd.c, goodpath.c,
15389 ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
15390 interfaces.c, logging.c, options.h, parse.c, parse.lex,
15391 parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
15392 sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
15393 visudo.c: ++version
15395 1996-01-09 12:46 millert
15397 * tgetpass.c: minor cleanup and now includes sys/bsdtypes for
15400 1996-01-09 12:42 millert
15402 * configure.in: ISC now gets -lcrypt now check for sys/bsdtypes.h
15404 1996-01-09 12:41 millert
15406 * config.h.in: added check for sys/bsdtypes.h
15408 1996-01-07 16:00 millert
15410 * parse.yacc: removed debugging stuff (setting freed ptr to NULL)
15412 1996-01-07 15:55 millert
15414 * TROUBLESHOOTING: added 2 entries
15416 1996-01-07 15:55 millert
15418 * Makefile.in: added FAQ
15420 1996-01-07 14:26 millert
15422 * TROUBLESHOOTING: added section on syslog
15424 1996-01-07 14:25 millert
15426 * configure.in: added AC_ISC_POSIX for better ISC support
15428 1996-01-07 14:25 millert
15430 * config.h.in: fixed typo
15432 1996-01-07 14:25 millert
15434 * config.h.in: added define for _POSIX_SOURCE
15436 1996-01-04 00:41 millert
15438 * configure.in: fixed check for lsearch()
15440 1995-12-21 21:53 millert
15442 * interfaces.c: fixed for AIX now deal if num_interfaces == 0
15443 (should not happen)
15445 1995-12-20 17:02 millert
15447 * configure.in: now only define HAVE_LSEARCH if there is a
15448 corresponding search.h
15450 1995-12-20 15:52 millert
15452 * interfaces.c: works on ISC again
15454 1995-12-18 17:36 millert
15456 * configure.in: now define HAVE_LSEARCH if we find lsearch() in
15459 1995-12-18 17:32 millert
15461 * lsearch.c: char * -> const char *
15463 1995-12-18 17:29 millert
15465 * configure.in: now looks in -lcompat for lsearch()
15467 1995-12-18 17:23 millert
15469 * Makefile.in: remove sudo.core visudo.core for clan target
15471 1995-12-17 22:53 millert
15473 * aclocal.m4: added UID_MAX support in check for MAX_UID_T_LEN
15475 1995-12-17 22:36 millert
15477 * Makefile.in: fixed another occurence of sudo_getpwuid.*
15479 1995-12-17 22:30 millert
15481 * getspwuid.c, Makefile.in: sudo_getpwuid.c -> getspwuid.c
15483 1995-12-17 22:22 millert
15485 * configure.in: moved the "echo"
15487 1995-12-17 22:09 millert
15489 * CHANGES, BUGS, INSTALL, Makefile.in, OPTIONS, README, check.c,
15490 compat.h, config.h.in, configure.in, find_path.c, getspwuid.c,
15491 getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h,
15492 ins_goons.h, insults.h, interfaces.c, logging.c, options.h,
15493 parse.c, parse.lex, parse.yacc, pathnames.h.in, putenv.c,
15494 strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
15495 tgetpass.c, utime.c, version.h, visudo.c: ++version
15497 1995-12-17 22:04 millert
15499 * testsudoers.c: added group support
15501 1995-12-17 22:00 millert
15503 * sample.sudoers: added group entry
15505 1995-12-17 21:59 millert
15507 * sudoers.man: documented group support
15509 1995-12-17 21:50 millert
15511 * parse.c, parse.lex, visudo.c, parse.yacc: added group support
15513 1995-12-15 17:45 millert
15515 * check.c: tkfile was too short and overflowed the kerberos realm
15517 1995-12-11 17:09 millert
15519 * sudo.c: now copy command args directly from Argv
15521 1995-12-11 15:55 millert
15523 * sudo.c: replaced code to copy cmnd_args so that is does not use
15524 realloc since most realloc()'s really stink
15526 1995-12-08 14:11 millert
15528 * configure.in: syslog() fixed in hpux 10.01
15530 1995-12-06 17:45 millert
15532 * configure.in: AC_CHECK_LIB() now sets SUDO_LIBS (and VISUDO_LIBS
15535 1995-12-06 17:30 millert
15537 * configure.in: better error if cannot find skey incs or libs
15539 1995-12-06 17:26 millert
15541 * aclocal.m4: now use a temp file for determining max len of uid_t
15542 in string form. the old hacky way broke on netbsd
15544 1995-12-05 19:02 millert
15546 * sudo.c: added set of parens and a space
15548 1995-12-05 18:58 millert
15550 * dce_pwent.c: fixes from Jeff Earickson <jaearick@colby.edu> ,
15552 1995-12-05 18:58 millert
15554 * check.c: modified a comment
15556 1995-12-05 18:57 millert
15558 * Makefile.in: fixed up testsudoers target
15560 1995-12-05 18:56 millert
15562 * configure.in: DCE changes from Jeff Earickson
15563 <jaearick@colby.edu> LIBS -> SUDO_LIBS and VISUDO_LIBS LDFLAGS ->
15564 SUDO_FDFLAGS and VISUDO_LDFLAGS
15566 1995-12-05 18:17 millert
15568 * Makefile.in: LIBS -> SUDO_LIBS , VISUDO_LIBS LDFLAGS ->
15569 SUDO_LDFLAGS, VISUDO_LDFLAGS
15571 1995-11-27 23:32 millert
15573 * configure.in: fix for C2 on hpux 10 now uses -linet if it exists
15575 1995-11-27 23:17 millert
15577 * check.c: LONG_SKEY_PROMPT is less of a klusge /
15579 1995-11-27 23:17 millert
15581 * configure.in: fixed typos w/ dce stuff
15583 1995-11-27 23:14 millert
15585 * Makefile.in: added dce_pwent.c
15587 1995-11-26 13:48 millert
15589 * INSTALL: amended section on combining authentication mechanisms
15591 1995-11-26 13:48 millert
15593 * PORTING: minor updates for 1.3.6
15595 1995-11-26 13:47 millert
15597 * TROUBLESHOOTING: added 2 more entries
15599 1995-11-26 13:39 millert
15601 * BUGS: updated for 1.3.6
15603 1995-11-26 13:39 millert
15605 * README: overhauled
15607 1995-11-25 21:23 millert
15609 * INSTALL: rewrote for sudo 1.3.6
15611 1995-11-25 21:23 millert
15613 * TROUBLESHOOTING: added 3 entries
15615 1995-11-25 13:53 millert
15617 * find_path.c, getspwuid.c, sudo.c: added explict casts for strdup
15618 since many includes don't prototype it. gag me.
15620 1995-11-25 13:23 millert
15622 * sudo.h: removed prototype for sudo_getpwuid() since convex C
15623 compiler choked on it.
15625 1995-11-25 13:23 millert
15627 * sudo.c: added prototype for sudo_getpwuid()
15629 1995-11-25 13:23 millert
15631 * lsearch.c: now compiles on strict ANSI compilers
15633 1995-11-24 23:56 millert
15635 * check.c: added LONG_SKEY_PROMPT support
15637 1995-11-24 23:55 millert
15639 * Makefile.in: added extra $'s for make to eat up, yum.
15641 1995-11-24 23:38 millert
15643 * OPTIONS, options.h: added LONG_SKEY_PROMPT
15645 1995-11-24 18:48 millert
15647 * check.c: s/key support now works with normal s/key as well as
15650 1995-11-24 18:46 millert
15652 * options.h, OPTIONS: added SKEY_ONLY
15654 1995-11-24 18:46 millert
15656 * compat.h: set _PASSWD_LEN to 256 for any of KERB4, DCE, SKEY
15658 1995-11-24 00:42 millert
15660 * INSTALL: added DCE note added more AIX notes
15662 1995-11-24 00:39 millert
15664 * sudo.c: now include pthread.h for DCE support
15666 1995-11-23 22:22 millert
15668 * check.c: dce_pwent() is ok after all .,
15670 1995-11-23 22:21 millert
15672 * logging.c: now uses SYSLOG() macro that equates to either
15673 syslog() or syslog_wrapper
15675 1995-11-23 21:44 millert
15677 * dce_pwent.c: minor formatting changes. renamed check() to
15678 somthing less generic
15680 1995-11-23 21:27 millert
15682 * check.c, logging.c, parse.yacc, sudo.c, sudo.h, testsudoers.c,
15683 visudo.c: now uses user_pw_ent and simple macros to get at the
15686 1995-11-22 20:35 millert
15688 * check.c: simpler dec unix C2 support
15690 1995-11-22 20:35 millert
15692 * getspwuid.c: now sets crypt_type for DEC unix C2
15694 1995-11-21 18:00 millert
15696 * configure.in: added csops paths for skey
15698 1995-11-21 16:27 millert
15700 * getspwuid.c: now includes string.h for strdup() prototype
15702 1995-11-21 01:47 millert
15704 * getspwuid.c: fixed a few typos
15706 1995-11-20 22:59 millert
15708 * check.c: now includes skey.h
15710 1995-11-20 22:10 millert
15712 * getspwuid.c: fixed up comments
15714 1995-11-20 22:04 millert
15716 * check.c: moved a lot of the shadow passwd crap to sudo_getpwuid()
15718 1995-11-20 22:01 millert
15720 * sudo.c: now uses sudo_pw_ent
15722 1995-11-20 21:50 millert
15724 * testsudoers.c: now uses sudo_pw_ent
15726 1995-11-20 21:40 millert
15728 * visudo.c: now sets sudo_pw_ent
15730 1995-11-20 21:28 millert
15732 * getspwuid.c: Initial revision
15734 1995-11-20 21:28 millert
15736 * tgetpass.c: moved dce stuff into compat.h
15738 1995-11-20 21:27 millert
15740 * sudo.h, logging.c: now uses sudo_pw_ent
15742 1995-11-20 21:27 millert
15744 * Makefile.in: added sudo_getpwuid.c
15746 1995-11-20 21:25 millert
15748 * compat.h: added dce support
15750 1995-11-20 21:13 millert
15752 * parse.yacc: now uses sudo_pw_ent
15754 1995-11-20 14:40 millert
15756 * check.c: fixed exempt_group stuff for OS's that don't put base
15757 gid in group vector
15759 1995-11-20 01:39 millert
15761 * check.c: S/Key support now works with sunos4 shadow passwords
15763 1995-11-19 22:31 millert
15765 * Makefile.in: fixed clean rule
15767 1995-11-19 22:31 millert
15769 * config.h.in, configure.in: added DCE support
15771 1995-11-19 22:30 millert
15773 * tgetpass.c: DCE & KERB support
15775 1995-11-19 22:30 millert
15777 * check.c: first stab at dce support
15779 1995-11-19 22:24 millert
15781 * dce_pwent.c: now smells like sudo
15783 1995-11-19 22:11 millert
15785 * dce_pwent.c: Initial revision
15787 1995-11-19 21:36 millert
15789 * check.c: skey'd sudo now works w/ normal password as well
15791 1995-11-19 18:37 millert
15793 * Makefile.in, OPTIONS, check.c, compat.h, config.h.in,
15794 find_path.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
15795 ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c,
15796 options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in,
15797 putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
15798 tgetpass.c, utime.c, version.h, visudo.c: updated version number
15800 1995-11-19 18:32 millert
15802 * README: updated to reflect version change
15804 1995-11-19 18:27 millert
15806 * configure.in: --with options now line up ++version
15808 1995-11-19 18:26 millert
15810 * sudo.h: removed unecesary S/Key stuff
15812 1995-11-19 18:25 millert
15814 * configure.in: fixed S/Key support
15816 1995-11-19 18:24 millert
15818 * Makefile.in: -I stuff now goes in CPPFLAGS
15820 1995-11-19 18:23 millert
15822 * check.c: fixed SKey support
15824 1995-11-19 15:23 millert
15826 * README: updated version
15828 1995-11-19 13:59 millert
15830 * OPTIONS: fixed description of EXEMPTGROUP
15832 1995-11-19 10:47 millert
15834 * sudo.c: more people use _RLD_ than just alphas...
15836 1995-11-18 21:35 millert
15838 * Makefile.in: replaced $man_prefix with $mandir
15840 1995-11-18 21:30 millert
15842 * configure.in: fixed a typo
15844 1995-11-18 21:28 millert
15846 * Makefile.in: now use more GNU'ish dir names
15848 1995-11-18 21:27 millert
15850 * configure.in: now set *dir correctly (can override from command
15853 1995-11-18 19:17 millert
15855 * sudo.c: now deal with situations where we getwd() fails
15857 1995-11-17 00:37 millert
15859 * Makefile.in: added etc_dir, bin_dir, sbin_dir
15861 1995-11-17 00:37 millert
15863 * configure.in: added sbin_dir
15865 1995-11-16 21:28 millert
15867 * Makefile.in: now ship a flex-generated lex.yy.c
15869 1995-11-16 21:09 millert
15871 * Makefile.in: now sets _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP,
15874 1995-11-16 21:06 millert
15876 * pathnames.h.in: _PATH_SUDO_SUDOERS & _PATH_SUDO_STMP are now
15877 overridden via Makefile
15879 1995-11-16 21:05 millert
15881 * options.h: no more error for redefining SUDOERS_OWNER
15883 1995-11-16 21:05 millert
15885 * OPTIONS: expanded SUDOERS_OWNER section
15887 1995-11-16 03:05 millert
15889 * visudo.c: now warn if chown(2) failed
15891 1995-11-16 02:55 millert
15893 * logging.c: better default warning for NO_SUDOERS_FILE
15895 1995-11-16 02:54 millert
15897 * sudo.c: added missing set_perms() no more cryptic message if the
15898 sudoers file is zero length, now just give a parse error
15900 1995-11-16 02:42 millert
15902 * logging.c: better diagnostics if NO_SUDOERS_FILE
15904 1995-11-16 02:41 millert
15906 * sudo.c: check_sudoers() now catches sudoers files that are not
15907 readable (but are stat'able).
15909 1995-11-13 01:12 millert
15911 * configure.in: now add -D__STDC__ for convex cc (not gcc)
15913 1995-11-13 00:52 millert
15915 * configure.in: MAN_PREFIX -> man_prefix now sets prefix and
15918 1995-11-13 00:52 millert
15920 * Makefile.in: now uses exec_prefix & prefix from configure
15922 1995-11-13 00:16 millert
15924 * find_path.c, getwd.c, goodpath.c, interfaces.c, logging.c,
15925 parse.c, parse.lex, parse.yacc, sudo.c, sudo.h, sudo_setenv.c,
15926 tgetpass.c, utime.c, visudo.c: options.h is now <> instead of ""
15927 so shadow build trees can have a custom copy of options.h
15929 1995-11-13 00:15 millert
15931 * check.c: user_is_exempt() is no longer a hack, it now uses
15934 1995-11-12 23:56 millert
15936 * options.h: EXEMPTGROUP is now "sudo"
15938 1995-11-12 22:25 millert
15940 * configure.in: MAN_POSTINSTALL now contains a leading space
15942 1995-11-12 22:25 millert
15944 * Makefile.in: removed leading tab if @MAN_POSTINSTALL@ not defined
15945 now removes testsudoers in clean:
15947 1995-11-12 22:24 millert
15949 * tgetpass.c: includes pwd.h to get _PASSWD_LEN definition
15951 1995-10-30 15:51 millert
15953 * sudo.c: unset the KRB_CONF envariable if using kerberos so we
15954 don't get spoofed into using a bogus server
15956 1995-09-29 17:50 millert
15958 * parse.yacc: now explicately initialize match[] tp be FALSE
15960 1995-09-23 16:48 millert
15962 * sudo.c: removed unused variable now passes -Wall
15964 1995-09-23 16:48 millert
15966 * parse.yacc: yyerror and dumpaliases are now void's now passes
15969 1995-09-23 16:48 millert
15971 * parse.lex: added prototype for yyerror
15973 1995-09-23 16:47 millert
15975 * interfaces.c: rmeoved unused cruft now passes -Wall
15977 1995-09-23 16:47 millert
15979 * check.c, logging.c, parse.c: now passes -Wall
15981 1995-09-23 16:46 millert
15983 * Makefile.in: fixed headers that moved to emul dir
15985 1995-09-23 12:05 millert
15987 * logging.c: fixed deref of nil pointer if no args
15989 1995-09-15 19:18 millert
15991 * OPTIONS: added a caveat to FQDN section
15993 1995-09-13 19:48 millert
15995 * Makefile.in: more $srcdir support for install targets
15997 1995-09-13 17:17 millert
15999 * find_path.c, interfaces.c, parse.c, parse.lex, parse.yacc,
16000 putenv.c, strdup.c, sudo.c, sudo_setenv.c, testsudoers.c,
16001 visudo.c: don't include malloc.h if we include stdlib.h
16003 1995-09-12 21:44 millert
16005 * parse.yacc: local search.h now lives in emul
16007 1995-09-12 21:41 millert
16009 * lsearch.c: local search.h now lives in emul
16011 1995-09-12 21:41 millert
16013 * check.c, utime.c: local utime.h now lives in emul dir
16015 1995-09-12 21:38 millert
16017 * Makefile.in: added support for building in other than the
16020 1995-09-10 14:01 millert
16022 * OPTIONS: annotated CSOPS_INSULTS option
16024 1995-09-10 13:56 millert
16026 * TROUBLESHOOTING: updated shadow passwords blurb
16028 1995-09-09 21:00 millert
16030 * sudo.c: if SHELL_IF_NO_ARGS is set, "sudo -- foo" now runs a
16031 shell and passes along foo as the arguments
16033 1995-09-09 18:52 millert
16035 * parse.lex: collapsed pathname and dir sections into one -- its
16038 1995-09-09 18:34 millert
16040 * parse.lex: fixed spacing quoting [,:\\=] now works correctly
16041 append() and fill() now take args to make the above work
16043 1995-09-08 20:51 millert
16045 * sudo.c: fixed a typo that caused commands with no tty on fd 0 but
16046 a tty on fd 1 to erroneously have "none" as their tty
16048 1995-09-04 15:35 millert
16050 * check.c: timestampfile is now a global static removed decl of
16051 timestampfile in remove_timestamp since we can just use the
16054 1995-09-04 15:28 millert
16056 * check.c: created touch() to update timestamps added
16057 USE_TTY_TICKETS support (bit of a kludge)
16059 1995-09-04 15:28 millert
16061 * compat.h: added _S_IFDIR and S_ISDIR
16063 1995-09-04 15:22 millert
16065 * OPTIONS, options.h: added USE_TTY_TICKETS
16067 1995-09-04 00:38 millert
16069 * parse.yacc: removed const from casts for lsearch() & lfind() to
16070 placate irix 4.x C compiler
16072 1995-09-03 14:12 millert
16074 * sudo.c: now only strip '/dev/' off of a tty if it starts with
16077 1995-09-03 14:12 millert
16079 * pathnames.h.in: added _PATH_DEV
16081 1995-09-03 14:11 millert
16083 * configure.in: AC_HAVE_HEADERS -> AC_CHECK_HEADERS now check for
16084 tcgetattr only if have termios.h
16086 1995-09-03 14:09 millert
16088 * tgetpass.c: fixed incorrect #ifdef termio uses "unsigned short"
16089 not int for c_?flag
16091 1995-09-03 13:19 millert
16093 * parse.lex, parse.yacc: fixed a spelling error
16095 1995-09-03 13:17 millert
16097 * Makefile.in: fixed typo
16099 1995-09-02 12:55 millert
16101 * Makefile.in: fixed a comment
16103 1995-09-02 12:54 millert
16105 * parse.yacc: added dotcat() to cat 2 strings w/ a dot effeciently
16106 now that we dynamically allocate strings they need to be free()'d
16108 1995-09-02 12:46 millert
16110 * parse.lex: dynamically allocates space for strings
16112 1995-09-02 12:34 millert
16114 * sudo.h: no more MAXCOMMANDLENGTH
16116 1995-09-01 22:25 millert
16118 * sudo.h: added decl of tty
16120 1995-09-01 22:25 millert
16122 * logging.c, sudo.c: moved tty stuff into sudo.c
16124 1995-09-01 14:18 millert
16126 * parse.c: fixed a logic bug. Was denying a command if user gave
16127 command line args but there were none in the sudoers file which
16130 1995-09-01 01:18 millert
16132 * sudo.h: MAXCOMMMANDLEN dropped down to 1K
16134 1995-09-01 01:13 millert
16136 * parse.lex: return foo; -> return(foo);
16138 1995-09-01 01:03 millert
16140 * parse.yacc: fixed netgr_matches() prototype
16142 1995-09-01 01:02 millert
16144 * parse.lex: added support for escaping "termination" characters
16146 1995-09-01 00:55 millert
16148 * parse.c: buf is now of size MAXPATHLEN+1 since it never holds
16151 1995-09-01 00:50 millert
16153 * sudo.c: fixed comments
16155 1995-09-01 00:49 millert
16157 * goodpath.c: fixed negation problem (doh!)
16159 1995-09-01 00:25 millert
16161 * parse.yacc: fixed 2nd parameter to lfind()
16163 1995-09-01 00:24 millert
16165 * parse.lex: now do bounds checking in fill() and append()
16167 1995-09-01 00:23 millert
16169 * sudo.c: include netdb.h as we should added a missing void cast
16170 added SHELL_IF_NO_ARGS support now use realloc() properly. would
16171 fail if realloc actually moved the string instead of shrinking it
16173 1995-09-01 00:17 millert
16175 * sample.sudoers: updated with examples of new features
16177 1995-09-01 00:05 millert
16179 * goodpath.c: now set errno to EACCES if not a regular file or not
16182 1995-09-01 00:04 millert
16184 * find_path.c: if given a fully-qualified or relative path we now
16185 check it with sudo_goodpath() and error out with the appropriate
16186 error message if the file does not exist or is not executable
16188 1995-09-01 00:03 millert
16190 * lsearch.c, emul/search.h: now use correct args for lfind
16192 1995-09-01 00:03 millert
16194 * logging.c: added a comment
16196 1995-08-31 23:52 millert
16198 * insults.h: added in CSOps insults
16200 1995-08-31 23:51 millert
16202 * ins_csops.h: Initial revision
16204 1995-08-31 23:35 millert
16206 * tgetpass.c: added RCS id
16208 1995-08-31 22:56 millert
16210 * sudo.h: increased MAXCOMMANDLENGTH to 8k HAVE_GETCWD ->
16213 1995-08-31 22:55 millert
16215 * OPTIONS: added CLASSIC_INSULTS, CSOPS_INSULTS, SHELL_IF_NO_ARGS
16217 1995-08-31 22:54 millert
16219 * sudo.c: fixed -k load_interfaces() now gets called if FQDN is set
16220 -p now works with -s
16222 1995-08-31 22:54 millert
16224 * parse.c: don't try to stat() "pseudo commands" like "validate"
16226 1995-08-31 22:53 millert
16228 * options.h: added CLASSIC_INSULTS added CSOPS_INSULTS added
16231 1995-08-31 22:53 millert
16233 * configure.in: added SecurID support added other insults to
16236 1995-08-31 22:52 millert
16238 * config.h.in: added HAVE_SECURID
16240 1995-08-31 22:52 millert
16242 * Makefile.in: added clobber target added ins_csops.h now gets
16243 CFLAGS from configure
16245 1995-08-31 22:46 millert
16247 * aclocal.m4: relaxed SUDO_FULL_VOID
16249 1995-08-31 22:44 millert
16251 * visudo.c: function comment blocks are now in same style as rest
16254 1995-08-31 22:44 millert
16256 * testsudoers.c: added support for command line args in
16259 1995-08-31 22:43 millert
16261 * sudoers.man: updated to have command args in the sudoers file
16263 1995-08-31 22:42 millert
16265 * sudo.man: added -s and -- flags added SHELL to ENVIRONMENT
16268 1995-08-19 19:32 millert
16270 * parse.yacc: PATH renamed to COMMAND
16272 1995-08-19 19:31 millert
16274 * parse.lex: it is now a parse error for directories to have args
16277 1995-08-19 19:30 millert
16279 * logging.c: now say command args if telling user to buzz off
16281 1995-08-19 19:30 millert
16283 * sudo.c: -s no longer indicates end of args sped up loading on
16284 cmnd_args in load_cmnd()
16286 1995-08-19 19:29 millert
16288 * parse.c: removed an unreachable statement
16290 1995-08-19 17:53 millert
16292 * parse.lex: made more efficient by pulling out the terminators
16293 when in GOTCMND state and making them their own rule
16295 1995-08-14 00:07 millert
16297 * sudo.h: removed MAXLOGLEN since it is no longer used
16299 1995-08-14 00:07 millert
16301 * parse.lex: now allows command args
16303 1995-08-14 00:06 millert
16305 * parse.c: now groks command arguments
16307 1995-08-13 23:39 millert
16309 * logging.c: now sets tty correctly when piped input
16311 1995-08-13 23:35 millert
16313 * sudo.c: fixed loading of cmnd_args (was including command name
16316 1995-08-13 23:34 millert
16318 * logging.c: fixed a core dump due to incorrect if construct
16320 1995-08-13 00:33 millert
16322 * configure.in: only add -lsun is irix < 5 don't look for -lnsl or
16325 1995-08-13 00:33 millert
16327 * aclocal.m4: fixed check for ISC
16329 1995-08-13 00:32 millert
16331 * sudo.c: now sets cmnd_args used by log_error() and that will be
16332 used by the parse to check against command args
16334 1995-08-13 00:32 millert
16336 * sudo.h: added cmnd_args
16338 1995-08-13 00:31 millert
16340 * logging.c: now dynamically allocate logline since we can guess at
16343 1995-08-05 13:52 millert
16345 * logging.c: cleaned up a bunch of unnecesary #ifdef's eliminated a
16346 buffer remove "register" since the compiler knows more than I do
16347 now do a "basename" of the tty
16349 1995-07-31 18:20 millert
16351 * configure.in: ++version
16353 1995-07-30 22:37 millert
16355 * sudo.h: added shell extern changed MODE_* to be bit masks to
16356 allow for several options together
16358 1995-07-30 22:36 millert
16360 * sudo.c: added -s (shell) option made MODE_* masks so we can do
16361 bitwise & and | to see if multiple flags are set.
16363 1995-07-30 22:01 millert
16365 * check.c: added securid support
16367 1995-07-30 14:38 millert
16369 * logging.c: removed a bunch of unnecesary strncpy()'s and replaced
16372 1995-07-29 17:17 millert
16374 * Makefile.in, version.h: ++version
16376 1995-07-27 06:52 millert
16378 * parse.yacc: fixed free() of an uninitialized pointer (yuck)
16380 1995-07-26 22:00 millert
16382 * testsudoers.c: added netgr_matches
16384 1995-07-26 21:29 millert
16386 * parse.c: cleaned up netgr_matches
16388 1995-07-26 00:26 millert
16390 * RUNSON: updated for 1.3.4
16392 1995-07-24 21:51 millert
16394 * Makefile.in: now installs sudoers.man -- really should clean this
16397 1995-07-24 21:18 millert
16399 * Makefile.in: added sudoers.cat and sudoers.man
16401 1995-07-24 21:15 millert
16403 * sudo.man: pulled out stuff on the sudoers file format into a
16406 1995-07-24 21:14 millert
16408 * sudoers.man: Initial revision
16410 1995-07-24 21:04 millert
16412 * HISTORY: fixed up my email address
16414 1995-07-24 20:03 millert
16416 * configure.in: added checks for innetgr and getdomainname
16418 1995-07-24 20:02 millert
16420 * visudo.c: added dummy netgr_matches function
16422 1995-07-24 20:01 millert
16424 * parse.c: added netgr_matches
16426 1995-07-24 20:01 millert
16428 * parse.lex, parse.yacc: added NETGROUP support
16430 1995-07-24 20:01 millert
16432 * config.h.in: added HAVE_INNETGR & HAVE_GETDOMAINNAME
16434 1995-07-24 18:07 millert
16436 * sudo.c: rewrote clean_env() that has rm_env() builtin
16438 1995-07-23 19:58 millert
16440 * check.c: now cast uid to long in sprintf
16442 1995-07-23 19:58 millert
16444 * OPTIONS: added _INSULTS suffix to HAL & GOONS end
16446 1995-07-23 19:57 millert
16448 * options.h: added _INSULTS suffix to HAL & GOONS
16450 1995-07-23 19:35 millert
16452 * ins_2001.h, ins_classic.h, ins_goons.h, insults.h: converted to
16453 new scheme of insult "unions" end
16455 1995-07-23 17:48 millert
16457 * sudo.c: now uses MAX_UID_T_LEN
16459 1995-07-23 17:48 millert
16461 * configure.in: added SUDO_UID_T_LEN !l
16463 1995-07-23 17:48 millert
16465 * config.h.in: added MAX_UID_T_LEN
16467 1995-07-23 17:47 millert
16469 * check.c: now use MAX_UID_T_LEN
16471 1995-07-23 17:47 millert
16473 * aclocal.m4: added check for max len of uid_t fixed sco vs. isc
16476 1995-07-19 19:05 millert
16478 * configure.in: corrected version
16480 1995-07-19 17:29 millert
16482 * configure.in: added sco support
16484 1995-07-19 17:29 millert
16486 * aclocal.m4: hack to check for sco
16488 1995-07-18 21:27 millert
16490 * interfaces.c: removed #include <net/route.h> since it was hosing
16493 1995-07-18 13:35 millert
16495 * find_path.c: fixed prreadlink() prototype
16497 1995-07-17 23:54 millert
16499 * check.c: added parens in #if's
16501 1995-07-17 23:53 millert
16503 * configure.in: added SPW_ prefix
16505 1995-07-17 23:20 millert
16507 * sudo.h: moved SPW_* to config.h.in
16509 1995-07-17 23:19 millert
16511 * sudo.c: added a set of parens
16513 1995-07-17 23:19 millert
16515 * config.h.in: added SPW_*
16517 1995-07-17 22:50 millert
16519 * sudo.h: added SPW_* reordered error codes
16521 1995-07-17 22:49 millert
16523 * check.c: moved SPW_* to sudo.h
16525 1995-07-17 14:29 millert
16527 * logging.c: GLOBAL_NO_AUTH_ENT -> GLOBAL_NO_SPW_ENT
16529 1995-07-17 14:29 millert
16531 * configure.in: AUTH -> SECUREWARE
16533 1995-07-17 14:29 millert
16535 * check.c, sudo.c: SPW_AUTH -> SPW_SECUREWARE
16537 1995-07-17 00:22 millert
16539 * check.c: now uses SHADOW_TYPE to make shadow pw support more
16540 readable and modular. It's a start...
16542 1995-07-17 00:21 millert
16544 * configure.in: added autodetection of shadow passwords
16546 1995-07-17 00:20 millert
16548 * sudo.c: now uses SHADOW_TYPE define
16550 1995-07-17 00:19 millert
16552 * config.h.in: added SHADOW_TYPE which replaces SUNOS4 & __svr4__
16555 1995-07-17 00:19 millert
16557 * aclocal.m4: added SUDO_CHECK_SHADOW
16559 1995-07-12 17:09 millert
16561 * configure.in: define SVR4 for ISC define BROKEN_SYSLOG for hpux
16562 took out test for memmove() since we dno longer use it...
16564 1995-07-12 17:08 millert
16568 1995-07-12 17:05 millert
16570 * logging.c: added BROKEN_SYSLOG support
16572 1995-07-12 17:05 millert
16574 * config.h.in: added BROKEN_SYSLOG
16576 1995-07-12 17:04 millert
16578 * check.c: now only bitch it timestamp > time_now + 2 * timeout to
16579 allow for a machine udpating its time from a server
16581 1995-07-12 17:04 millert
16583 * sudo.man: added 2 security notes updated Nieusma's email addr
16585 1995-07-12 14:18 millert
16587 * lsearch.c: changed a memmove() to memcpy() since we don't have to
16588 worry about overlapping segments.
16590 1995-07-11 15:41 millert
16592 * interfaces.c: cleanup up the loop when interfaces are groped in
16593 so that it is readable
16595 1995-07-11 14:52 millert
16597 * Makefile.in, version.h: ++version
16599 1995-07-09 18:17 millert
16601 * CHANGES: annotated 124-126
16603 1995-07-07 16:06 millert
16605 * check.c: fixed permissions check on /tmp/.odus
16607 1995-07-06 19:35 millert
16609 * check.c: fixed some comments
16611 1995-07-06 14:49 millert
16613 * check.c: now checks owner & mode of timedir also checks for bogus
16614 dates on timestamp file
16616 1995-07-06 14:49 millert
16618 * OPTIONS: updated TIMEOUT info
16620 1995-07-06 14:48 millert
16622 * logging.c, sudo.h: added BAD_STAMPDIR and BAD_STAMPFILE
16624 1995-07-06 14:47 millert
16626 * compat.h: added definition of S_IRWXU
16628 1995-07-06 14:47 millert
16632 1995-07-03 14:16 millert
16634 * interfaces.c: added #ifdef to make it compile on strange arches
16636 1995-07-02 18:13 millert
16638 * aclocal.m4: fixed check for fulkl void impl.
16640 1995-07-02 09:56 millert
16642 * check.c: added mssing "static"
16644 1995-07-01 20:41 millert
16646 * insults.h: replaced #elif with #else #if constructs for ancient C
16649 1995-07-01 20:18 millert
16651 * INSTALL: updated irix c2 & kerb5 info
16653 1995-07-01 20:15 millert
16655 * configure.in: added shadow pw support for irix
16657 1995-07-01 16:07 millert
16659 * CHANGES: last changes for sudo 1.3.3
16661 1995-07-01 16:07 millert
16663 * TODO, BUGS: updated
16665 1995-07-01 16:04 millert
16667 * configure.in: now calls SUDO_SOCK_SA_LEN
16669 1995-07-01 16:04 millert
16671 * config.h.in: added HAVE_SA_LEN
16673 1995-07-01 16:04 millert
16675 * aclocal.m4: added SUDO_SOCK_SA_LEN
16677 1995-07-01 15:49 millert
16679 * interfaces.c: now works with ip implementations that use sa_len
16682 1995-07-01 14:26 millert
16684 * INSTALL: added note about buggy AIX compiler
16686 1995-07-01 14:24 millert
16688 * interfaces.c: now include sys/time.h for AIX
16690 1995-06-27 22:35 millert
16692 * Makefile.in: getcwd -> getwd
16694 1995-06-27 21:28 millert
16696 * interfaces.c: now works for ISC and others. yay.
16698 1995-06-26 14:24 millert
16700 * Makefile.in, version.h: version++
16702 1995-06-22 20:26 millert
16704 * aclocal.m4: fixed test for full void impl
16706 1995-06-22 20:25 millert
16708 * sudo.c: now check to see that st_dev is non-zero before assuming
16709 that we are being spoofed
16711 1995-06-20 16:56 millert
16713 * aclocal.m4, configure.in: SUDO_FUNC_UTIME_NULL ->
16716 1995-06-19 16:32 millert
16718 * aclocal.m4: fixed include file order for SUDO_FUNC_UTIME_POSIX
16720 1995-06-19 16:10 millert
16722 * logging.c: added cast for ttyname()
16724 1995-06-19 15:23 millert
16726 * configure.in: fixed typo
16728 1995-06-19 15:19 millert
16730 * check.c: now deal correctly with all known variation of utime()
16733 1995-06-19 15:19 millert
16735 * configure.in: added SUDO_FUNC_UTIME_POSIX
16737 1995-06-19 15:19 millert
16739 * aclocal.m4: added SUDO_FUNC_UTIME_NULL and SUDO_FUNC_UTIME_POSIX
16741 1995-06-19 15:14 millert
16743 * config.h.in: added HAVE_UTIME_POSIX
16745 1995-06-19 13:38 millert
16747 * check.c: fixed a typo
16749 1995-06-19 13:29 millert
16751 * check.c: no longer assume !HAVE_UTIME_NULL means old BSD utime()
16753 1995-06-19 13:20 millert
16755 * check.c: fixed fascist C compiler warning
16757 1995-06-18 23:14 millert
16759 * interfaces.c: now set strioctl.ic_timout in STRSET() now
16760 initialize num_interfaces to 0 (just to be anal)
16762 1995-06-18 18:06 millert
16764 * sudo.h: increaed MAXLOGLEN by MAXPATHLEN to account for ttyname
16766 1995-06-18 18:05 millert
16768 * logging.c: added tty logging
16770 1995-06-18 16:04 millert
16772 * interfaces.c: reworked the ISC code
16774 1995-06-18 15:27 millert
16776 * Makefile.in, version.h: updated version
16778 1995-06-18 15:24 millert
16780 * check.c: now expect old-style utime(3) if utime() can't take NULL
16783 1995-06-18 15:08 millert
16785 * configure.in: added check for utime.h
16787 1995-06-18 15:08 millert
16789 * config.h.in: added HAVE_UTIME_H
16791 1995-06-18 14:48 millert
16793 * Makefile.in: added CPPFLAGS STATIC_FLAGS -> LDFLAGS
16795 1995-06-18 13:58 millert
16797 * configure.in: now search for kerb libs and includes
16799 1995-06-18 13:03 millert
16801 * check.c: added support for utime(2)'s that can't take a NULL
16804 1995-06-18 13:03 millert
16806 * utime.c: moved HAVE_UTIME_NULL stuff to update_timestamp() where
16809 1995-06-17 20:46 millert
16811 * configure.in: added utime(s) stuff
16813 1995-06-17 20:46 millert
16815 * check.c: now use utime()
16817 1995-06-17 20:46 millert
16819 * config.h.in: added HAVE_UTIME and HAVE_UTIME_NULL
16821 1995-06-17 19:12 millert
16823 * utime.c: now use HAVE_UTIME_NULL
16825 1995-06-17 19:02 millert
16827 * utime.c, emul/utime.h: Initial revision
16829 1995-06-17 18:24 millert
16831 * check.c: need to setuid(0) to make kerb4 stuff work.
16833 1995-06-17 18:14 millert
16835 * tgetpass.c: no more special case for kerberos
16837 1995-06-17 18:13 millert
16839 * config.h.in: took out setreuid and setresuid stuff added kerb5
16840 stuff (use kerb4 emulation)
16842 1995-06-17 18:13 millert
16844 * compat.h: no longer need setreuid() emulation now set _PASSWD_LEN
16847 1995-06-17 18:12 millert
16849 * check.c: now use private ticket file for kerberos support to
16850 avoid trouncing on system one
16852 1995-06-15 00:48 millert
16854 * sudo.h: added SPOOF_ATTEMPT & cmnd_st
16856 1995-06-15 00:47 millert
16858 * sudo.c: added anti-spoofing support
16860 1995-06-15 00:47 millert
16862 * parse.c: now use global cmnd_st
16864 1995-06-15 00:47 millert
16866 * logging.c: added SPOOF_ATTEMPT suypport
16868 1995-06-14 23:41 millert
16870 * testsudoers.c, visudo.c: added void casts where appropriate
16872 1995-06-14 23:40 millert
16874 * parse.yacc: fixed up spacing and added void casts where
16877 1995-06-14 23:27 millert
16879 * sudo.c: fixed problem with "-p prompt" but no args
16881 1995-06-14 04:43 millert
16883 * sudo.man: added BUGS and annotated -l description
16885 1995-06-14 04:43 millert
16887 * sudo.h: validate() now takes a flag
16889 1995-06-14 04:43 millert
16891 * sudo.c: validate() now takes a flag added -l
16893 1995-06-14 04:42 millert
16895 * parse.yacc: added support for -l
16897 1995-06-14 04:41 millert
16899 * parse.c: validate() now takes a flag that says whether or not to
16902 1995-06-07 21:36 millert
16904 * logging.c: now deals with Argv == 1
16906 1995-06-07 21:34 millert
16908 * sudo.man: added -p option
16910 1995-06-07 21:27 millert
16912 * sudo.c: added prompt support reworked parse_args()
16914 1995-06-07 20:49 millert
16916 * sudo.h: added prompt
16918 1995-06-07 20:49 millert
16920 * options.h: added PASSPROMPT
16922 1995-06-07 20:48 millert
16924 * check.c: now use BUFSIZ as length of kerb password added kpass so
16925 pass is always a char * now use prompt global when asking for a
16928 1995-06-07 20:47 millert
16930 * tgetpass.c: now use BUFSIZ as _PASSWD_LEN if using kerberos
16932 1995-06-07 20:43 millert
16934 * OPTIONS: added PASSPROMPT
16936 1995-06-07 01:44 millert
16938 * configure.in: only look for -lufc or -lcrypt if crypt() not in
16941 1995-06-07 01:43 millert
16943 * check.c: don't exit on kerb error, just warn if k_errno ==
16944 KDC_PR_UNKNOWN (unknown user) silently fail
16946 1995-06-06 22:44 millert
16948 * INSTALL: added kerb4 note
16950 1995-06-06 22:43 millert
16952 * tgetpass.c: HAVE_KERBEROS -> HAVE_KERB4
16954 1995-06-06 22:41 millert
16956 * check.c: removed debugging printf
16958 1995-06-06 22:33 millert
16960 * configure.in: KERBEROS -> KERB4 added checks for setreuid &
16963 1995-06-06 22:32 millert
16965 * config.h.in: HAVE_KERBEROS -> HAVE_KERB4 added HAVE_SETREUID and
16968 1995-06-06 22:32 millert
16970 * compat.h: added deif of UID_NO_CHANGE & GID_NO_CHANGE added
16971 setreuid emulation with setresuid if applic
16973 1995-06-06 22:31 millert
16975 * check.c: HAVE_KERBEROS -> HAVE_KERB4 now only do the stupid
16976 chown() hack if no setreuid() or a broken one
16978 1995-06-05 23:44 millert
16980 * config.h.in: added HAVE_KERBEROS
16982 1995-06-05 23:43 millert
16984 * tgetpass.c: added KERBEROS support (long passwords)
16986 1995-06-05 23:42 millert
16988 * check.c, configure.in: added kerberos support
16990 1995-06-03 19:36 millert
16992 * sudo.h: added MODE_BACKGROUND
16994 1995-06-03 19:36 millert
16996 * sudo.man: escaped dashes added -b option
16998 1995-06-03 19:34 millert
17000 * sudo.c: added -b option
17002 1995-06-03 18:52 millert
17004 * check.c: added crypt() for osf/1 3.x enhanced secuiry
17006 1995-06-03 18:18 millert
17008 * configure.in: now check for -lcrypt
17010 1995-06-03 18:00 millert
17012 * interfaces.c: added ENXIO like EADDRNOTAVAIL
17014 1995-05-07 23:14 millert
17016 * configure.in: now emulate getwd(), not getcwd()
17018 1995-05-07 23:13 millert
17020 * sudo.c: getcwd() -> getwd()
17022 1995-05-07 23:12 millert
17024 * getwd.c: getcwd -> getwd
17026 1995-05-02 01:34 millert
17028 * ins_2001.h, ins_classic.h, ins_goons.h: Initial revision
17030 1995-05-02 01:34 millert
17032 * insults.h: broke out insults into separate include files
17034 1995-05-02 01:32 millert
17036 * options.h, OPTIONS: added GOONS
17038 1995-05-02 01:32 millert
17040 * Makefile.in: added ins_2001.h ins_classic.h ins_goons.h
17042 1995-05-01 23:34 millert
17044 * Makefile.in, version.h: ++version
17046 1995-05-01 23:34 millert
17048 * visudo.c: moved signal handler setup to setup_signals()
17050 1995-05-01 23:33 millert
17052 * sudo.h: added load_interfaces()
17054 1995-05-01 23:33 millert
17056 * sudo.c: moved load_interfaces to interfaces.c
17058 1995-05-01 23:33 millert
17060 * parse.yacc: added clearaliases
17062 1995-05-01 23:33 millert
17064 * OPTIONS, options.h: added FAST_MATCH
17066 1995-05-01 23:32 millert
17068 * parse.lex: now uses clearaliases variable
17070 1995-05-01 23:31 millert
17072 * interfaces.c: Initial revision
17074 1995-05-01 23:31 millert
17076 * Makefile.in: added interfaces.[co]
17078 1995-05-01 23:30 millert
17080 * testsudoers.c: now uses ip addrs and netmasks via
17083 1995-05-01 22:47 millert
17085 * sudo.c: now remove IFS instead of setting to "sane" value
17087 1995-05-01 16:30 millert
17089 * parse.c: added FAST_MATCH
17091 1995-04-29 20:19 millert
17093 * Makefile.in: sudo_goodpath.c-> goodpath.c
17095 1995-04-29 20:15 millert
17097 * sudo.c: added Andy's new ISC changes
17099 1995-04-14 14:06 millert
17101 * OPTIONS: added a sentence to SECURE_PATH info
17103 1995-04-14 13:57 millert
17107 1995-04-14 13:54 millert
17109 * RUNSON, CHANGES: updated
17111 1995-04-13 17:04 millert
17113 * RUNSON: updated for beta3
17115 1995-04-13 14:32 millert
17117 * Makefile.in, version.h: ++version
17119 1995-04-13 13:56 millert
17121 * aclocal.m4: sendmail is now looked for in
\17/usr/ucblib
17123 1995-04-13 13:54 millert
17125 * sudo.c: fixed indentation
17127 1995-04-13 13:35 millert
17129 * aclocal.m4: fixed a typo
17131 1995-04-13 13:19 millert
17133 * sudo.c: updated ISC mods
17135 1995-04-13 13:19 millert
17137 * configure.in: added unixware case
17139 1995-04-13 13:19 millert
17141 * check.c: user_is_exempt is no longer hidden
17143 1995-04-13 13:19 millert
17147 1995-04-13 13:19 millert
17149 * aclocal.m4: isc and riscos changes
17151 1995-04-13 13:18 millert
17153 * OPTIONS: added NOTE about new interaction of EXEMPTGROUP and
17156 1995-04-13 13:18 millert
17158 * Makefile.in: fixed a typo and added testsudoers stuff
17160 1995-04-13 12:34 millert
17162 * testsudoers.c: Initial revision
17164 1995-04-12 19:31 millert
17166 * parse.yacc: applied fixed patch from Chris
17168 1995-04-11 14:30 millert
17170 * Makefile.in: fixed a typo
17172 1995-04-11 14:14 millert
17174 * parse.yacc: added a set of braces for bison
17176 1995-04-11 14:01 millert
17178 * parse.yacc: merged in Chris' changes to dekludge the parser.
17180 1995-04-11 00:38 millert
17182 * logging.c: send_mail() was calling find_path() which is wrong
17183 since find_path() stores cmnd in a static var. Anyhow, it
17184 doesn't make much sense since MAILER should always be fully
17187 1995-04-10 19:51 millert
17189 * sample.sudoers: added User_Alias stuff
17191 1995-04-10 19:50 millert
17193 * aclocal.m4: SUDO_NEXT now looks for
17194 /usr/lib/NextStep/software_version
17196 1995-04-10 19:50 millert
17198 * RUNSON: added DEC UNIX 3.0 w/ gcc
17200 1995-04-10 19:49 millert
17202 * visudo.c: Exit was being used in places where exit should be used
17204 1995-04-10 19:44 millert
17206 * sudoers: added "User alias specification"
17208 1995-04-10 18:04 millert
17210 * parse.yacc: fixed probs caused by making nslots and naliases a
17213 1995-04-10 15:09 millert
17215 * RUNSON: added KSR, upped rev to 1.3.1b2
17217 1995-04-10 15:07 millert
17219 * logging.c, parse.yacc: 1024 -> BUFSIZ
17221 1995-04-10 15:05 millert
17223 * parse.yacc: void * -> VOID * naliases and nslots are now size_t
17224 to appease lsearch on 64-bit machines
17226 1995-04-09 19:30 millert
17228 * TODO: did a bunch of things and added a bunch :-)
17230 1995-04-09 19:30 millert
17234 1995-04-09 19:24 millert
17236 * visudo.man: closer to BSD manpage style
17238 1995-04-09 19:15 millert
17240 * sudo.man: closer to standard BSD man format
17242 1995-04-09 18:58 millert
17244 * compat.h, config.h.in, insults.h, options.h, pathnames.h.in,
17245 sudo.h, version.h, emul/search.h: added RCS id
17247 1995-04-09 17:35 millert
17249 * sudo.h: removed crufty #defines that are no longer used
17251 1995-04-09 17:13 millert
17253 * BUGS: fixed a bug
17255 1995-04-09 17:12 millert
17257 * sudo.man: updated based on sudo changes
17259 1995-04-09 17:11 millert
17261 * parse.yacc: now allow ALL keyword in User_Aliases now allow ALL
17262 keyword as well as a NAME or ALIAS
17264 1995-04-09 17:11 millert
17268 1995-04-09 17:04 millert
17270 * sudo.c: now sets SUDO_COMMAND and SUDO_GID envariables.
17272 1995-04-09 15:24 millert
17274 * aclocal.m4: fixed bug with full void impl check
17276 1995-04-08 23:11 millert
17278 * parse.yacc: fixed User_Alias supoprt
17280 1995-04-08 22:27 millert
17282 * parse.yacc: added stubs for User_Alias support
17284 1995-04-08 22:27 millert
17286 * sudo.c: now sets removes # bogus interfaces from num_interfaces
17288 1995-04-08 22:26 millert
17290 * parse.lex: added User_Alias support
17292 1995-04-07 21:10 millert
17294 * Makefile.in: removed extraneous TODO
17296 1995-04-07 19:48 millert
17298 * visudo.c: ntwk_matches -> addr_matches
17300 1995-04-07 15:38 millert
17302 * parse.yacc: ntwk_matches -> addr_matches
17304 1995-04-07 15:37 millert
17306 * parse.c: ntwk_matches -> addr_matches now use inet_addr() not
17307 inet_network() (which expects octet boundaries) fixes for OSF
17308 (sizeof(int) != sizeof(long))
17310 1995-04-07 15:08 millert
17312 * sudo.c: took out debugging info
17314 1995-04-06 23:45 millert
17316 * aclocal.m4: OS was being set to unknown before non-uname based
17317 host checks. This caused no checks to happen since $OS was not
17320 1995-04-06 23:30 millert
17322 * sudo.c: fixed loading of interfaces struct still has debugging
17325 1995-04-06 22:23 millert
17327 * parse.c: fixed typo
17329 1995-04-06 16:17 millert
17331 * Makefile.in: ++version
17333 1995-04-06 16:16 millert
17337 1995-04-06 16:16 millert
17339 * visudo.c: removed extraneous extern decl of "top
17341 1995-04-06 16:14 millert
17343 * visudo.c: now zeros "top"
17345 1995-04-06 16:13 millert
17347 * parse.yacc: removed parser_cleanup (no need for it now)
17349 1995-04-06 16:13 millert
17351 * parse.lex: now calls reset_aliases() directly
17353 1995-04-04 18:21 millert
17355 * OPTIONS: added a sentence to SECURE_PATH description
17357 1995-04-04 18:17 millert
17359 * parse.c: fixed my stupid bug where I used NAMLEN on something I
17360 wanted to just get the name from. argh.
17362 1995-04-03 16:58 millert
17364 * lsearch.c: fixed argument order of memmove() that i hosed when
17365 converting from bcopy(). arghh.
17367 1995-04-03 15:33 millert
17369 * Makefile.in: finally fixed DISTFILES line
17371 1995-04-03 15:21 millert
17373 * Makefile.in: tabs -> spaces
17375 1995-04-03 15:15 millert
17377 * Makefile.in: added missing files to DISTFILES
17379 1995-04-03 14:50 millert
17381 * Makefile.in: SUPPORTED -> RUNSON
17383 1995-04-01 03:12 millert
17387 1995-04-01 01:54 millert
17389 * RUNSON: updated for pl5b1 release
17391 1995-04-01 01:53 millert
17393 * BUGS, TODO: updated
17395 1995-04-01 01:52 millert
17397 * check.c: fixed bug where if you hit return at first sudo prompt
17398 it would still log as a failure
17400 1995-04-01 01:29 millert
17404 1995-04-01 01:25 millert
17406 * aclocal.m4: better test for bogus void * implementation
17408 1995-03-31 20:33 millert
17410 * logging.c: added PASSWORDS_NOT_CORRECT
17412 1995-03-31 20:32 millert
17414 * check.c: added PASSWORDS_NOT_CORRECT stuff]
17416 1995-03-31 20:30 millert
17418 * sudo.h: added PASSWORDS_NOT_CORRECT
17420 1995-03-31 19:16 millert
17422 * tgetpass.c: moved pathnames.h
17424 1995-03-31 19:16 millert
17426 * sudo.c: removed some unused vars and fixed up uid2str
17428 1995-03-31 19:15 millert
17430 * putenv.c: moved compat.h
17432 1995-03-31 19:14 millert
17434 * getcwd.c, getwd.c: added pathnames.h
17436 1995-03-31 18:18 millert
17438 * parse.yacc: fixed a typo I introduced in the last checkin :-(
17440 1995-03-31 18:11 millert
17442 * parse.lex: can't have #ifdef's where N is defined so just do this
17443 the broken way for AIX
17445 1995-03-31 18:08 millert
17447 * parse.yacc: better hack from Chris (but still a hack)
17449 1995-03-31 18:05 millert
17451 * parse.lex: stupid hack for broken aix lex
17453 1995-03-31 17:47 millert
17455 * tgetpass.c: now includes compat.h
\ 6
17457 1995-03-31 17:27 millert
17459 * visudo.c: now includes fcntl.h
17461 1995-03-31 17:27 millert
17463 * compat.h: added FD_SET and FD_ZERO for 4.2BSD
17465 1995-03-31 16:12 millert
17467 * parse.yacc: dirty hack to fix parser bug. i don't really like
17468 this but it works for now...
17470 1995-03-31 16:12 millert
17472 * sudo.c: uid2str is now static like the prototype says
17474 1995-03-29 23:48 millert
17476 * RUNSON: Initial revision
17478 1995-03-29 23:47 millert
17480 * TODO, CHANGES, SUPPORTED, TROUBLESHOOTING: updated
17482 1995-03-29 23:46 millert
17484 * sudo.c: check_sudoers now returns an error code and sudo calls
17485 inform_user and log_error based on the return value.
17487 1995-03-29 23:45 millert
17489 * logging.c, sudo.h: added entries for new errors
17491 1995-03-29 23:03 millert
17493 * parse.c: now set uid to that of SUDOERS_OWNER while parsing
17496 1995-03-29 22:52 millert
17498 * Makefile.in: took out testsudoers
\ 6
17500 1995-03-29 22:36 millert
17502 * sudo.c: now explicately checks that it is setuid root
17504 1995-03-29 22:28 millert
17506 * sudo.c: If a user has no passwd entry sudo would segv (writing to
17507 a garbage pointer). Now allocate space before writing :-)
17509 1995-03-29 22:06 millert
17511 * configure.in: reordered AC_CHECK_FUNCS
17513 1995-03-29 22:06 millert
17515 * config.h.in: fixed memset macro
17517 1995-03-29 21:47 millert
17519 * logging.c: bzero -> memset when a parse error is logged the line
17520 number of the error is now logged too
17522 1995-03-29 21:46 millert
17524 * tgetpass.c, visudo.c: bzero -> memset
17526 1995-03-29 21:46 millert
17528 * INSTALL: added Sunos to blurb about c2 security
17530 1995-03-29 21:45 millert
17532 * configure.in: added a SUN4 define for C2 security
17534 1995-03-29 21:44 millert
17536 * config.h.in: bcopy -> memmove bzero -> memset
17538 1995-03-29 21:43 millert
17540 * lsearch.c: bcopy -> memmove char * -> VOID *
17542 1995-03-29 21:30 millert
17544 * check.c: added support for sunos with C2 security
17546 1995-03-29 21:12 millert
17548 * OPTIONS, options.h: reordered
17550 1995-03-29 21:12 millert
17552 * pathnames.h.in: _PATH_SUDO_LOGFILE now set based on configure
17554 1995-03-29 21:12 millert
17556 * configure.in: added SUDO_LOGFILE and SUDO_TYPE_SIZE_T
17558 1995-03-29 21:12 millert
17560 * config.h.in: added _SUDO_PATH_LOGFILE
17562 1995-03-29 21:11 millert
17564 * aclocal.m4: added SUDO_LOGFILE to find where to put sudo.log
17565 added SUDO_CHECK_TYPE (just AC_CHECK_TYPE but checks unistd.h
17566 too) added SUDO_TYPE_SIZE_T (calls SUDO_CHECK_TYPE)
17568 1995-03-29 18:17 millert
17570 * TROUBLESHOOTING: Initial revision
17572 1995-03-29 17:59 millert
17574 * sudo.c: now do set_perms(PERM_ROOT) before the getpwuid() in
17575 load_global() to work around a problem is trusted hpux shadow
17578 1995-03-29 17:41 millert
17580 * parse.yacc: backed out a change in malloc/realloc
17582 1995-03-29 17:38 millert
17584 * parse.yacc: now include stdlib.h
17586 1995-03-29 17:22 millert
17588 * visudo.c: now do an freopen() of the stmp file so that yyin will
17589 always point to the same thing. This is important for flex since
17590 we are doing a YY_NEWFILE
17592 1995-03-29 17:20 millert
17594 * parse.yacc: replaced yywrap() with parser_cleanup() since
17595 yywrap() needs to be in parse.lex to be able to use YY_NEW_FILE.
17598 1995-03-29 17:18 millert
17600 * parse.lex: now have a rule that matches anything that doesn't
17601 match an explicite rule. well, you know what i mean (. matches
17602 anything not yet matched). However, this means that there is
17603 input still queued up so we need to do a YY_NEW_FILE; in yywrap.
17604 So, yywrap has moved into parse.lex and it calls parser_cleanup()
17605 which is most of the old yywrap() sigh.
17607 1995-03-29 17:17 millert
17609 * SUPPORTED: no longer used
17611 1995-03-29 16:13 millert
17613 * getcwd.c, getwd.c: moved compat.h to be the last include file
17615 1995-03-29 16:11 millert
17617 * parse.yacc: fixed type of aliascmp() args
17619 1995-03-29 15:58 millert
17621 * find_path.c: NULL -> '\0'
17623 1995-03-29 15:42 millert
17625 * parse.yacc: added casts to lfind and lsearch args for irix
17627 1995-03-29 08:20 millert
17629 * Makefile.in: bsdinstall -> install-sh
17631 1995-03-29 08:20 millert
17633 * INSTALL: added info about make realclean
17635 1995-03-29 08:17 millert
17637 * Makefile.in: updated VERSION added dependencies for visudo.cat
17639 1995-03-29 08:17 millert
17641 * version.h: -> pl5b1
17643 1995-03-29 08:16 millert
17645 * sudo.c: took out -l
17647 1995-03-29 00:03 millert
17649 * Makefile.in: now there is a real visudo.man and visudo.cat
17651 1995-03-28 23:54 millert
17653 * sudo.man: took out visudo stuff
17655 1995-03-28 23:54 millert
17657 * visudo.man: Initial revision
17659 1995-03-28 23:12 millert
17661 * parse.c, parse.lex, parse.yacc: updated copyright
17663 1995-03-28 23:05 millert
17665 * README: updated for pl5
17667 1995-03-28 20:02 millert
17669 * sudo.man: updated Nieusma & Hieb email addresses
17671 1995-03-28 19:57 millert
17673 * INSTALL: updated to include options.h and OPTIONS
17675 1995-03-28 19:35 millert
17677 * CHANGES, TODO: updated
17679 1995-03-28 19:35 millert
17681 * BUGS: eliminated bug #1 (yay)
17683 1995-03-28 19:31 millert
17685 * configure.in: sunos no longer gets linked statically
17687 1995-03-28 18:58 millert
17689 * parse.lex: prototype now uses __P()
17691 1995-03-28 18:49 millert
17693 * parse.lex: make fill() non-ansi
17695 1995-03-28 15:26 millert
17697 * parse.c: made -v (validate) work
17699 1995-03-28 15:26 millert
17701 * logging.c: now gives host
17703 1995-03-28 10:34 millert
17705 * find_path.c: don't check for execute/statable if fq or relative
17708 1995-03-28 01:07 millert
17710 * parse.c: added a cast
17712 1995-03-28 00:49 millert
17714 * visudo.c: now include ctype.h for islower and tolower macros
17716 1995-03-28 00:48 millert
17718 * goodpath.c: moved _S_IFMT & _S_ISREG to compat.h
17720 1995-03-28 00:48 millert
17722 * sudo.c: moved a set of parens
17724 1995-03-28 00:48 millert
17726 * strdup.c: now include compat.h
17728 1995-03-28 00:47 millert
17730 * parse.yacc: now cast malloc & realloc return vals added search
17731 for HAVE_LSEARCH now use strcmp if no strcasecmp available
17733 1995-03-28 00:46 millert
17735 * lsearch.c, emul/search.h: void * -> VOID *
17737 1995-03-28 00:45 millert
17739 * config.h.in: removed HAVE_FLEX added VOID added HAVE_DIRENT_H,
17740 HAVE_SYS_NDIR_H, HAVE_SYS_DIR_H, HAVE_NDIR_H added HAVE_LSEARCH
17742 1995-03-28 00:44 millert
17744 * compat.h: added _S_IFMT, _S_IFREG, and S_ISREG
17746 1995-03-28 00:44 millert
17748 * aclocal.m4: took out SUDO_PROG_INSTALL 1.x to 2.x changes added
17749 echo and results to most SUDO_* macros
17751 1995-03-28 00:43 millert
17753 * Makefile.in: no more -I.
17755 1995-03-28 00:22 millert
17757 * configure.in: various 1.x ro 2.x autoconf changes now check for
17758 strcasecmp now use AC_INSTALL_PROG instead of custom one added
17759 check for fully woorking void implementation
17761 1995-03-28 00:02 millert
17763 * Makefile.in: added lsearch & search.h visudo links into
17766 1995-03-27 23:43 millert
17768 * aclocal.m4: partial 1.x to 2.x changes added SUDO_FULL_VOID
17770 1995-03-27 23:40 millert
17772 * visudo.c: whatnow_help was prototyped to be static be was not
17775 1995-03-27 21:15 millert
17777 * configure.in: autoconf 2.x changes took out HAVE_FLEX (no longer
17778 used) added check for dirent/dir/ndir.h
17780 1995-03-27 21:09 millert
17782 * parse.c: now use groovy gnu autoconf macro AC_HEADER_DIRENT
17784 1995-03-27 20:38 millert
17786 * getcwd.c, getwd.c: MAXPATHLEN -> MAXPATHLEN+1
17788 1995-03-27 20:23 millert
17790 * emul/search.h, lsearch.c: Initial revision
17792 1995-03-27 18:26 millert
17794 * parse.yacc: eliminated bison warnings
17796 1995-03-27 17:10 millert
17798 * parse.lex: added missing case
17800 1995-03-27 17:04 millert
17802 * visudo.c: now iincludes signal.h
17804 1995-03-27 15:16 millert
17806 * parse.yacc: only clear data structures on a parse error
17808 1995-03-27 15:01 millert
17810 * visudo.c: whatnow() now gives help on invalid input
17812 1995-03-27 14:54 millert
17814 * visudo.c: added a whatnow() function (sort of like mh)
17816 1995-03-27 14:53 millert
17818 * parse.yacc: kill_aliases -> reset_aliases yywrap() now cleans up
17819 by calling reset_aliases() and clearing top took reset stuff out
17820 of yyerror() since it doesn't beling there (and doesn't work
17821 anyway). errorlineno is now initially set to -1 so we can set it
17822 to the first error that occurrs (it was getting set to the last)
17824 1995-03-27 14:53 millert
17826 * parse.lex: added a void cast
17828 1995-03-27 13:26 millert
17830 * visudo.c: rewrote from scratch based on 4.3BSD vipw.c
17832 1995-03-26 01:33 millert
17834 * sudo.c, sudo.h: removed ocmnd
17836 1995-03-26 01:19 millert
17838 * sudo.h: no more sudo_realpath() and find_path() changed params
17840 1995-03-26 01:19 millert
17842 * sudo.c: find_path() changed since no more realpath()
17844 1995-03-26 01:18 millert
17846 * parse.yacc: on error, errorlineno is set to the line where the
17847 error occurred added kill_aliases() to free the aliases struct
17848 now clean up in yyerror() so we can reparse cleanly
17850 1995-03-26 01:17 millert
17852 * logging.c: changed to use new find_path()
17854 1995-03-26 01:17 millert
17856 * options.h, parse.c: no more USE_REALPATH
17858 1995-03-26 01:16 millert
17860 * find_path.c: removed all the realpath() stuff
17862 1995-03-26 01:16 millert
17864 * Makefile.in: sudo_realpath.c -> sudo_goodpath.c
17866 1995-03-26 01:12 millert
17868 * visudo.c: now works correctly with utk parser
17870 1995-03-26 00:04 millert
17872 * goodpath.c: Initial revision
17874 1995-03-25 23:23 millert
17876 * sudo_realpath.c: eliminated a compiler warning
17878 1995-03-25 21:56 millert
17880 * sudo.c: elinated compiler warning
17882 1995-03-25 20:40 millert
17884 * sudo_realpath.c: added sudo_goodpath()
17886 1995-03-25 20:40 millert
17888 * sudo.h: added prototype for sudo_goodpath
17890 1995-03-25 20:39 millert
17892 * parse.c: added support for /sys/dir.h
17894 1995-03-25 20:39 millert
17896 * options.h: USE_REALPATH turned off
17898 1995-03-25 20:39 millert
17900 * find_path.c: added calls to sudo_goodpath()
17902 1995-03-25 20:39 millert
17904 * configure.in: added check for dirent.h
17906 1995-03-25 20:38 millert
17908 * config.h.in: added HAVE_DIRENT_H
17910 1995-03-25 19:27 millert
17912 * configure.in: added in linux shadow pass stuff
\ 6
17914 1995-03-24 14:43 millert
17916 * visudo.c: added back host, user, cmnd, parse_error
17918 1995-03-24 14:19 millert
17920 * visudo.c: added in utk changes plus some minor cosmetic changes
17922 1995-03-24 14:17 millert
17924 * sudo.c, sudo_realpath.c: added void casts for printf's
17926 1995-03-24 14:17 millert
17928 * options.h: added a define of USE_REALPATH
17930 1995-03-24 14:17 millert
17932 * configure.in: there is no more visudoers/Makefile
17934 1995-03-24 14:16 millert
17936 * Makefile.in: added in utk changes (visudo is now built from the
17939 1995-03-24 14:15 millert
17941 * find_path.c: added (void) casts to printf's
17943 1995-03-23 22:32 millert
17945 * parse.c, parse.lex, parse.yacc, sudo.h, sudo_realpath.c: merged
17948 1995-03-22 23:13 millert
17950 * find_path.c: now check to see that what we are trying to run is a
17951 file (or a link to a file, we do a stat(2) so there is no diff)
17953 1995-03-13 15:56 millert
17957 1995-03-13 15:56 millert
17959 * Makefile.in: aclocal.m4 -> acsite.m4 make realclean updated for
17962 1995-03-13 15:11 millert
17964 * sudo.man: added myself as maintainer
17966 1995-02-16 23:31 millert
17968 * sudo.c: changed setegid -> setgid
17970 1995-02-06 17:43 millert
17972 * configure.in: fixed the test for irix 5.x to skip bad libs
17974 1995-02-06 17:43 millert
17976 * aclocal.m4: now initialize OS and OSREV
17978 1995-01-26 20:52 millert
17980 * configure.in: irix5 changes
17982 1995-01-26 20:28 millert
17984 * configure.in: AC_WITH -> AC_ARG_WITH changes other misc changes
17985 for autoconf 2.1 compatibility
17987 1995-01-18 19:49 millert
17989 * visudo.c: use YY_NEW_FILE, not yyrestart since OSF flex doesn't
17990 do the righ thing wrt yyrestart (grrrr)
17992 1995-01-16 18:44 millert
17994 * Makefile.in: added visudoers/compat.h to DISTFILES
17996 1995-01-16 17:01 millert
17998 * configure.in: fixed an echo
18000 1995-01-16 16:36 millert
18002 * sudo.c: added ocmnd declaration adjusted for find_path()'s new
18005 1995-01-16 16:35 millert
18007 * sudo.h: added ocmnd extern adjusted find_path() prototype
18009 1995-01-16 16:34 millert
18011 * parse.c: cmndcmp() now takes 3 arguments and checks against the
18012 qualified as well as the unqualified pathname. more code that
18013 should use cmndcmp() but did not, now does
18015 1995-01-16 16:34 millert
18017 * options.h: added to a comment
18019 1995-01-16 16:33 millert
18021 * logging.c: changed to use new find_path() parameter passing
18023 1995-01-16 16:32 millert
18025 * find_path.c: find_path() now takes 2 copyout parameters (one for
18026 the qualified pathname and one for the unqualified pathname).
18027 The third parameter may be NULL.
18029 1995-01-16 16:31 millert
18031 * configure.in: no longer munge pathnames.h
18033 1995-01-16 16:30 millert
18035 * pathnames.h.in: changed _PATH_* to use _SUDO_PATH_* (which are
18036 defined in config.h) as a result, pathnames.h does not need to be
18037 run through configure and the user can override the configured
18040 1995-01-16 16:30 millert
18042 * config.h.in: added _SUDO_PATH_* entries
18044 1995-01-16 16:30 millert
18046 * aclocal.m4: _PATH* -> _SUDO_PATH_*
18048 1995-01-16 16:28 millert
18050 * Makefile.in: updated DISTFILES and HDRS .o's now depend on
18053 1995-01-13 12:52 millert
18055 * compat.h: removed extraneous #endif
18057 1995-01-13 12:48 millert
18059 * aclocal.m4: added SUDO_PROG_MV
18061 1995-01-13 12:47 millert
18063 * configure.in: added SUDO_PROG_MV added riscos and isc os types
18064 took out -DSHORT_MESSAGE from --with-csops since it is now the
18067 1995-01-13 12:46 millert
18069 * sudo.c: move the include of id.h to compat.h now includes
18072 1995-01-13 12:45 millert
18074 * sudo.h: moved compatibility #defines to compat.h
18076 1995-01-13 12:45 millert
18078 * pathnames.h.in: added _PATH_MV
18080 1995-01-13 12:43 millert
18082 * config.h.in: move __P to compat.h
18084 1995-01-13 12:39 millert
18086 * getcwd.c, getwd.c, putenv.c: now includes compat.h
18088 1995-01-13 12:39 millert
18090 * compat.h: Initial revision
18092 1995-01-11 19:11 millert
18094 * sudo.h: pull user-configurable stuff out and put in options.h
18096 1995-01-11 18:43 millert
18098 * check.c, find_path.c, logging.c, parse.c, sudo_realpath.c,
18099 sudo_setenv.c, parse.lex, parse.yacc, visudo.c: now includes
18102 1995-01-11 18:41 millert
18104 * Makefile.in: added visudoers/options.h
18106 1995-01-11 18:40 millert
18108 * options.h, OPTIONS: Initial revision
18110 1995-01-11 18:39 millert
18112 * Makefile.in: added OPTIONS and options.h
18114 1995-01-11 18:36 millert
18116 * logging.c: changed #ifdef's to use LOGGING and
18117 SLOG_SYSLOG/SLOG_FILE
18119 1995-01-11 11:02 millert
18121 * check.c, sudo.h: changed PASSWORD_TIMEOUT to minutes
18123 1994-12-17 18:18 millert
18125 * visudo.c: now only do Editor +line_num if line_num != 0
18127 1994-12-15 21:06 millert
18129 * visudo.c: now use mv if rename(2) fails
18131 1994-12-15 20:32 millert
18133 * BUGS: added a visudo bug
18135 1994-12-15 19:46 millert
18137 * check.c: expanded comment
18139 1994-11-12 18:33 millert
18141 * check.c: fixed user_is_exempt to return 0 if EXEMPTGROUP is not
18144 1994-11-09 19:49 millert
18146 * sudo.c: added mips & isc support
18148 1994-11-09 19:49 millert
18150 * parse.c: added support for non-root owned sudoers file
18152 1994-11-09 19:48 millert
18154 * check.c: added exempt group support
18156 1994-11-09 19:47 millert
18158 * sudo.h: added set_perms() support added SUDOERS_OWNER so can have
18159 non-root own sudoers file added exempt group support added isc
18162 1994-11-09 19:46 millert
18164 * visudo.c: now copy sudoers to temp file via read/write (not
18165 stdio) now chown new sudoers file to SUDOERS_OWNER
18167 1994-11-07 20:40 millert
18169 * configure.in: added skey support
18171 1994-11-07 20:39 millert
18173 * sudo.h: fixed typo added set_perms support added skey support
18174 added seteuid()/setegid() emulation for AIX
18176 1994-11-07 20:38 millert
18178 * sudo.c: be_* -> setperms() now check to make sure sudoers file is
18179 owned by root nread/write by only root
18181 1994-11-07 20:38 millert
18183 * logging.c, parse.c, sudo_realpath.c: be_* -> setperms()
18185 1994-11-07 20:38 millert
18187 * check.c: be_* -> set_perms() added skey support
18189 1994-11-06 18:59 millert
18191 * Makefile.in: ++version
18193 1994-11-06 18:59 millert
18197 1994-10-21 13:16 millert
18199 * sudo.c: now sets IFS
18201 1994-10-21 12:02 millert
18203 * insults.h: fixed typo
18205 1994-10-15 15:48 millert
18207 * config.h.in: added HAVE_SKEY
18209 1994-10-04 13:00 millert
18213 1994-10-04 12:57 millert
18215 * Makefile.in: ++version
18217 1994-10-04 12:57 millert
18221 1994-10-04 12:56 millert
18223 * sudo.c: now bail if ARgv[1] > MAXPATHLEN
18225 1994-10-04 12:56 millert
18227 * configure.in: added function check for tcgetattr(3)
18229 1994-10-04 12:55 millert
18231 * config.h.in: only define HAVE_TERMIOS_H if you have tcgetattr(3)
18233 1994-10-04 12:53 millert
18235 * config.h.in: added check for tcgetattr
18237 1994-09-26 17:38 millert
18241 1994-09-22 13:30 millert
18243 * parse.lex: now only include unistd.h for linux
18245 1994-09-21 14:29 millert
18247 * Makefile.in: added visudo.8 generation
18249 1994-09-21 14:07 millert
18251 * configure.in: added -Wl,-bI:./aixcrypt.exp to aix flags
18253 1994-09-20 19:39 millert
18257 1994-09-20 19:39 millert
18261 1994-09-20 19:38 millert
18263 * README: added mailing list info
18265 1994-09-20 19:37 millert
18267 * parse.yacc: now use sudolineno instead of yylineno fixed bison
18270 1994-09-20 19:37 millert
18272 * configure.in: now use -no_library_replacement for osf don't make
18273 a static binary for hpux >= 9.0
18275 1994-09-20 19:21 millert
18277 * tgetpass.c: added string.h/strings.h inclusion
18279 1994-09-20 19:21 millert
18281 * config.h.in: added ssize_t def
18283 1994-09-20 19:18 millert
18285 * parse.lex: added inclusion of string.h/strings.h
18287 1994-09-20 18:48 millert
18289 * aclocal.m4: fixed uname | sed (needed to quote the '[')
18291 1994-09-20 18:42 millert
18293 * parse.lex: replaced yylineno with sudolineno fixed bison syntax
18296 1994-09-20 18:13 millert
18298 * visudo.c: changed yylineno to sudolineno since yylineno cannot be
18301 1994-09-20 18:10 millert
18305 1994-09-20 17:52 millert
18307 * parse.c: added code to support command listings
18309 1994-09-20 17:36 millert
18311 * sudo.c: added code for -l flag
18313 1994-09-20 17:35 millert
18315 * sudo.man: fixed typo added info for -l flag
18317 1994-09-20 14:45 millert
18319 * configure.in: AC_SSIZE_T -> SUDO_SSIZE_T
18321 1994-09-20 14:45 millert
18323 * aclocal.m4: added SUDO_SSIZE_T
18325 1994-09-20 14:44 millert
18327 * sudo.h: added MODE_LIST
18329 1994-09-20 14:43 millert
18331 * configure.in: added AC_SSIZE_T
18333 1994-09-19 20:53 millert
18335 * find_path.c, sudo_realpath.c: readlink() is now declared as
18338 1994-09-19 20:44 millert
18340 * configure.in: added -laud for OSF c2
18342 1994-09-02 15:55 millert
18344 * config.h.in, parse.lex, parse.yacc, pathnames.h.in, visudo.c,
18345 Makefile.in: changed sudo-bugs.cs.colorado.edu ->
18346 sudo-bugs@cs.colorado.edu
18348 1994-09-02 15:54 millert
18350 * check.c, find_path.c, getcwd.c, getwd.c, insults.h, logging.c,
18351 parse.c, putenv.c, strdup.c, sudo.c, sudo.h, sudo_realpath.c,
18352 sudo_setenv.c, tgetpass.c, version.h: changed
18353 sudo-bugs.cs.colorado.edu -> sudo-bugs@cs.colorado.ed
18355 1994-09-01 15:56 millert
18357 * Makefile.in: ++version
18359 1994-09-01 15:55 millert
18363 1994-09-01 15:55 millert
18365 * logging.c: added host to alertmail messages
18367 1994-09-01 15:55 millert
18369 * CHANGES, TODO: udpated
18371 1994-09-01 15:26 millert
18373 * logging.c: fixed logging problem where mail would not say which
18376 1994-09-01 13:45 millert
18378 * configure.in: added -laud for gcc if osf & c2
18380 1994-09-01 13:39 millert
18382 * check.c: moved set_auth_parameters to sudo.c
18384 1994-09-01 13:38 millert
18386 * sudo.c: added set_auth_parameters for osf
18388 1994-09-01 13:22 millert
18390 * configure.in: cleaned up -static stuff
18392 1994-09-01 13:15 millert
18394 * Makefile.in: ++version
18396 1994-09-01 13:15 millert
18400 1994-09-01 13:15 millert
18402 * sudo.c: changed setenv() to sudo_setenv()
18404 1994-09-01 13:12 millert
18406 * check.c: fixed osf problem
18408 1994-08-31 22:17 millert
18410 * configure.in: added OSF C2 stuff
18412 1994-08-31 22:00 millert
18416 1994-08-31 21:56 millert
18418 * check.c: added osf auth support & removed some extra spaces
18420 1994-08-31 21:52 millert
18422 * INSTALL, SUPPORTED: added osf C2 stuff
18424 1994-08-31 19:52 millert
18426 * TODO: added 2 suggestions
18428 1994-08-31 19:33 millert
18430 * Makefile.in: removed README.v1.3.1 and added VERSION stuff
18432 1994-08-31 18:48 millert
18436 1994-08-30 18:31 millert
18438 * version.h: 1.3.1final
18440 1994-08-30 18:30 millert
18442 * Makefile.in: added HISTORY
18444 1994-08-30 18:30 millert
18446 * sudo.man: mention HISTPRY file
18448 1994-08-30 18:30 millert
18450 * sudo.c: use sizeof instead of a constant in 1 place
18452 1994-08-30 18:30 millert
18454 * parse.yacc: added unistd.h
18456 1994-08-30 18:29 millert
18458 * parse.lex: added unistd.h
18460 1994-08-30 18:27 millert
18464 1994-08-30 18:15 millert
18466 * HISTORY: Initial revision
18468 1994-08-17 12:45 millert
18472 1994-08-17 12:39 millert
18476 1994-08-17 12:36 millert
18478 * sudo_setenv.c: added unistd.h include
18480 1994-08-16 15:46 millert
18482 * sudo.c: added sys/time.h for AIX
18484 1994-08-14 21:22 millert
18486 * configure.in: added check for -lsocket and sys/sockio.h
18488 1994-08-14 21:21 millert
18490 * config.h.in: took out libshadow check and added in sys/sockio.h
18493 1994-08-14 21:21 millert
18495 * sudo.c: now include sockio.h instead of ioctl.h if it exists
18496 "sudo -" now gets a better error message
18498 1994-08-14 20:47 millert
18500 * sample.sudoers: now has a dir and subnet entry
18502 1994-08-13 18:15 millert
18504 * sudo.c: removed if_ether.h
18506 1994-08-13 17:16 millert
18508 * TODO: added an item
18510 1994-08-13 17:15 millert
18512 * sudo.man: added network and ip addresses to man page
18514 1994-08-13 17:09 millert
18516 * sudo.c: no error if can't get interfaces or netmask since
18517 networking may not be in the kernel.
18519 1994-08-13 17:08 millert
18521 * parse.c: nwo check for interfaces == NULL
18523 1994-08-12 21:22 millert
18525 * parse.c: fixed a bug that caused directory specs in a Cmnd_Alias
18526 to fail if the last entry in the spec failed (ie: it was only
18527 looking at the last entry). CLeaned things up by adding the
18528 cmndcmp() function--all neat & tidy
18530 1994-08-12 21:21 millert
18532 * CHANGES: added one
18534 1994-08-11 23:42 millert
18536 * sudo.c: now do two passes to skip bogus interfaces (lo0, etc)
18538 1994-08-11 21:58 millert
18540 * logging.c, sudo_realpath.c, sudo_setenv.c: added ninclude of
18543 1994-08-11 21:58 millert
18545 * check.c, find_path.c, getcwd.c, getwd.c, parse.lex, parse.yacc,
18546 visudo.c: added include of netinet/in.h
18548 1994-08-11 21:57 millert
18552 1994-08-11 21:57 millert
18554 * sudo.h: added interfaces global
18556 1994-08-11 21:56 millert
18558 * parse.c: now uses new interfaces global
18560 1994-08-11 21:56 millert
18562 * sudo.c: now ip addresses are gleaned fw/o dns
18564 1994-08-10 19:21 millert
18566 * sudo.c: added load_ip_addrs() to load the ip_addrs global var
18568 1994-08-10 19:21 millert
18570 * parse.c: added hostcmp() to compare hostnames, ip addrs, and
18573 1994-08-10 19:20 millert
18575 * sudo.h: added ip_addrs def added load_ip_addrs prototype
18577 1994-08-08 16:03 millert
18581 1994-08-08 15:57 millert
18583 * Makefile.in: removed multiple entries in DISTFILES
18585 1994-08-08 13:05 millert
18587 * visudo.c: ansified the !STDC_HEADERS decls
18589 1994-08-08 13:05 millert
18591 * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c: don't do
18592 malloc decl if gnuc
18594 1994-08-08 13:04 millert
18596 * sudo.c: can't use getopt(3) since it munges args to the command
18597 to be run as root don't do malloc decl if gnuc
18599 1994-08-08 00:41 millert
18601 * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c, sudo.c,
18602 sudo_realpath.c, sudo_setenv.c: ansi-fied !STDC_HEADER function
18605 1994-08-08 00:27 millert
18607 * getcwd.c, getwd.c: added missing paren
18609 1994-08-08 00:23 millert
18611 * Makefile.in: added putenv.c to DISTFILES
18613 1994-08-08 00:08 millert
18615 * sudo_setenv.c: added params to func decls when STDC_HEADERS is
18616 not defined now can count on putenv() being there
18618 1994-08-08 00:08 millert
18620 * sudo_realpath.c: took out errno decl since sudo.h does it for us
18621 fixed up a next cc warning added params to func decls when
18622 STDC_HEADERS is not defined
18624 1994-08-08 00:07 millert
18626 * sudo.h: took out environ extern added local declaratio of
18627 putenv() if local version is needed
18629 1994-08-08 00:05 millert
18631 * find_path.c, getcwd.c, getwd.c, strdup.c, sudo.c: added params to
18632 func decls when STDC_HEADERS is not defined
18634 1994-08-08 00:04 millert
18636 * config.h.in: added memcpy check check to see that ansi vs bsd
18637 macros are ntot already defiend before defining (ie: avoid
18640 1994-08-08 00:03 millert
18642 * configure.in: removed fluff setenv check plus check w/ replace
18643 for putenv if also no setenv
18645 1994-08-08 00:01 millert
18647 * putenv.c: Initial revision
18649 1994-08-06 19:19 millert
18651 * sudo_setenv.c: Initial revision
18653 1994-08-06 19:19 millert
18655 * sudo.h: rm'd s realp[ath added sudo_realpath and sudo_setenv
18657 1994-08-06 19:19 millert
18659 * sudo.c: now use sudo_setenvc
18661 1994-08-06 19:18 millert
18663 * configure.in: added puteenv and setenv, removed realpath
18665 1994-08-06 19:18 millert
18667 * config.h.in: added putenv & setenv
18669 1994-08-06 19:18 millert
18671 * Makefile.in: added sudo_setenv
18673 1994-08-06 19:16 millert
18677 1994-08-05 19:43 millert
18679 * configure.in: added MAN_POSTINSTALL and /usr/share/catman for
18682 1994-08-05 19:43 millert
18684 * Makefile.in: added MAN_POSTINSTALL
18686 1994-08-05 19:43 millert
18690 1994-08-05 19:10 millert
18692 * sudo.man: added SUDO_* plus new options
18694 1994-08-05 19:10 millert
18696 * CHANGES: added one
18698 1994-08-05 19:07 millert
18700 * configure.in: took out shadow lib
18702 1994-08-05 18:35 millert
18706 1994-08-05 17:52 millert
18708 * visudo.c: now use yyrestart() if flex now reset yylineno to 0
18710 1994-08-05 17:49 millert
18712 * Makefile.in: support for installing a cat page instead of a man
18715 1994-08-05 17:48 millert
18717 * configure.in: now defines HAVE_FLEX fixed up man stuff so that it
18718 looks for nroff to determine whether or not to install a cat or
18721 1994-08-05 17:48 millert
18723 * config.h.in: added HAVE_FLEX
18725 1994-08-05 16:14 millert
18727 * sudo.c: not set ret to MODE_RUN initially
18729 1994-08-05 16:12 millert
18731 * find_path.c: made command (and therefor cmnd dynamically
18734 1994-08-04 20:25 millert
18738 1994-08-04 20:24 millert
18742 1994-08-04 20:24 millert
18744 * sudo_realpath.c: changed bufs from MAXPATHLEN to MAXPATHLEN+1
18746 1994-08-04 20:24 millert
18748 * sudo.h: added MODE_ removed validate_only and added
18751 1994-08-04 20:22 millert
18753 * sudo.c: usage() now takes an int (exit value) added parse_args()
18754 to parse command line arguments moved call to find_path() from
18755 load_globals to new function load_cmnd() removed validate_only
18756 global -- now use the concept of "modes" added -h and -k options
18758 1994-08-04 20:21 millert
18760 * parse.c: no longer use global validate_only now checks for
18761 command called "validate" removed check for non-fully qualified
18762 commands since that is done by find_path
18764 1994-08-04 20:20 millert
18766 * find_path.c: changed MAXPATHLEN r to MAXPATHLEN+1
18768 1994-08-04 20:17 millert
18770 * find_path.c: fixed off by one error with MAXPATHLEN and fixed a
18773 1994-08-04 20:17 millert
18775 * check.c: check_timestamp no longer runs reminder(), it is implied
18776 in the return val added remove_timestamp()
18778 1994-08-04 20:16 millert
18782 1994-08-04 16:38 millert
18786 1994-08-04 16:38 millert
18788 * sudo_realpath.c: took out old_errno
18790 1994-08-04 16:37 millert
18794 1994-08-03 12:08 millert
18796 * logging.c: moved send_mail to after syslog
18798 1994-08-02 22:41 millert
18800 * sudo.c: now set SUDO_ envariables
18802 1994-08-01 13:40 millert
18806 1994-08-01 13:39 millert
18808 * sudo_realpath.c: now print error if chdir fails
18810 1994-08-01 13:39 millert
18812 * find_path.c: removed an XXX
18814 1994-07-25 20:40 millert
18818 1994-07-25 20:36 millert
18820 * configure.in: no more static binaries for aix
18822 1994-07-25 18:37 millert
18824 * INSTALL: fixed typo
18826 1994-07-25 18:33 millert
18828 * sudo_realpath.c: took out stuff not needed for sudo now does
18829 be_root/be_user itself now uses cwd global
18831 1994-07-25 18:32 millert
18835 1994-07-25 18:31 millert
18837 * logging.c, sudo.c: be_root/be_user is now down in sudo_realpath()
18839 1994-07-25 18:26 millert
18841 * logging.c, sudo.h: now works with 4.2BSD syslog (blech)
18843 1994-07-25 18:25 millert
18845 * find_path.c: now use sudo_realpath()
18847 1994-07-25 18:25 millert
18849 * config.h.in: took out realpth() stuff since we now use
18852 1994-07-25 18:25 millert
18854 * configure.in: ultrix enhanced sec
18856 1994-07-25 18:25 millert
18858 * SUPPORTED: added ultrix enhanced sec.
18860 1994-07-25 18:24 millert
18864 1994-07-25 18:21 millert
18866 * check.c: ultrix enhanced security suport
18868 1994-07-25 18:20 millert
18870 * Makefile.in: added sudo_realpath.c
18872 1994-07-25 18:18 millert
18876 1994-07-25 14:28 millert
18878 * tgetpass.c: increased passwd len to 24 for c2 security
18880 1994-07-25 13:17 millert
18882 * BUGS: updated BUGS
18884 1994-07-15 11:49 millert
18886 * check.c: now use user global var
18888 1994-07-15 11:48 millert
18890 * configure.in: took out -ls
18892 1994-07-14 19:11 millert
18894 * configure.in: added AFS libs
18896 1994-07-14 17:45 millert
18898 * sudo.h: user is now a char * added epasswd
18900 1994-07-14 17:43 millert
18902 * sudo.c: added tzset() to load_globals added epasswd (encrypted
18903 password) global made user dynamically allocated
18905 1994-07-14 17:43 millert
18907 * configure.in: added tzset test
18909 1994-07-14 17:43 millert
18911 * config.h.in: added HAVE_TZSET
18913 1994-07-14 17:42 millert
18915 * check.c: cleaned up encrypted passwd grab somewhat
18917 1994-07-14 12:34 millert
18919 * configure.in: fixed AFS typo
18921 1994-07-14 12:34 millert
18923 * INSTALL: added AFS not
18925 1994-07-14 12:34 millert
18929 1994-07-14 12:33 millert
18931 * logging.c: can now log to both syslog & a file
18933 1994-07-14 12:12 millert
18935 * sudo.h: added BOTH_LOGS
18937 1994-07-14 11:34 millert
18941 1994-07-14 11:32 millert
18943 * configure.in: --with-AFS
18945 1994-07-14 11:32 millert
18947 * config.h.in: added HAVE_AFS
18949 1994-07-14 11:31 millert
18951 * check.c: added afs changes
18953 1994-07-14 11:21 millert
18955 * sudo.h: removed AFS stuff :-)
18957 1994-07-14 11:19 millert
18959 * tgetpass.c: include sys/select for AIX
18961 1994-07-14 11:17 millert
18963 * sudo.h: added AFS
18965 1994-07-14 11:16 millert
18969 1994-07-07 14:45 millert
18971 * SUPPORTED, CHANGES: updated
18973 1994-07-07 14:44 millert
18975 * logging.c: can now have MAILER undefined
18977 1994-07-07 14:37 millert
18979 * INSTALL: new sub-note about MAILER
18981 1994-07-06 23:11 millert
18983 * sudo.man: added blurb about password timeout
18985 1994-07-06 20:52 millert
18987 * configure.in: convex c2 changes
18989 1994-07-06 20:52 millert
18991 * aclocal.m4: took out duplicate define of _CONVEX_SOURCE
18993 1994-07-06 20:51 millert
18995 * Makefile.in: added OSDEFS
18997 1994-07-06 20:46 millert
18999 * config.h.in: added spaces
19001 1994-07-06 20:08 millert
19003 * tgetpass.c: added a goto if fgets fails
19005 1994-07-06 20:08 millert
19007 * sudo.h: use __hpux not hpux convex c2 stuff
19009 1994-07-06 20:08 millert
19011 * sudo.c: use __hpux not hpux
19013 1994-07-06 20:08 millert
19015 * logging.c: convex c2 stuff
19017 1994-07-06 20:07 millert
19019 * config.h.in: define ansi-ish cpp os defines if non-ansi are
19020 defined for hpux & convex
19022 1994-07-06 20:07 millert
19024 * INSTALL: updated to say we support sonvex C2
19026 1994-07-06 20:05 millert
19028 * check.c: added convex c2 support
19030 1994-07-01 12:06 millert
19032 * tgetpass.c: no more ioctl never returns NULL uses fgets() and
19033 select() to timeout
19035 1994-06-29 17:04 millert
19037 * configure.in: things were testing -n "$GCC" instead of -z "$GCC"
19039 1994-06-29 16:39 millert
19041 * tgetpass.c: now works + uses fgets()
19043 1994-06-28 18:25 millert
19045 * tgetpass.c: select doesn't seem to recognize a single '\n' as
19046 input waiting so we can;t use it, sigh.
19048 1994-06-26 16:38 millert
19050 * PORTING: updated tgetpass() blurb
19052 1994-06-26 16:35 millert
19054 * configure.in: added --with-getpass
19056 1994-06-26 16:35 millert
19058 * Makefile.in: added tgetpass stuff
19060 1994-06-26 15:25 millert
19062 * tgetpass.c: now uses stdio
19064 1994-06-26 15:17 millert
19068 1994-06-24 19:48 millert
19070 * PORTING: updated ,.
19072 1994-06-24 19:46 millert
19074 * config.h.in: added USE_GETPASS && HAVE_C2_SECURITY
19076 1994-06-24 19:45 millert
19078 * configure.in: fixed a test aded --with-C2 and --with-tgetpass
19080 1994-06-24 19:45 millert
19082 * check.c: added hpux C2 shit
19084 1994-06-24 19:45 millert
19086 * Makefile.in: took out tgetpass.*
19088 1994-06-24 19:45 millert
19090 * INSTALL: added C2 blurb
19092 1994-06-13 15:54 millert
19094 * configure.in: no termio(s) for ultrix since it is broken
19096 1994-06-13 15:41 millert
19098 * check.c: added a space (yeah, anal)
19100 1994-06-13 15:17 millert
19102 * realpath.c, sudo_realpath.c: fixed it (duh, rtfm)
19104 1994-06-08 14:34 millert
19106 * config.h.in: took out bsd signal stuff for irix
19108 1994-06-08 14:26 millert
19110 * visudo.c: comments in #endif
19112 1994-06-08 14:09 millert
19114 * configure.in: don't define BSD signals for irix
19116 1994-06-08 12:57 millert
19118 * TODO: did some...
19120 1994-06-08 12:57 millert
19124 1994-06-08 12:56 millert
19126 * realpath.c, sudo_realpath.c: took out unneeded code by changing
19127 where a strings was terminated
19129 1994-06-07 19:21 millert
19131 * realpath.c, sudo_realpath.c: fix bug where /dirname would return
19134 1994-06-07 17:40 millert
19136 * sudo.h: move __P to config.h
19138 1994-06-07 17:40 millert
19140 * getcwd.c, getwd.c, realpath.c, sudo_realpath.c: added errno
19143 1994-06-07 17:40 millert
19145 * config.h.in: added __P
19147 1994-06-07 17:21 millert
19149 * config.h.in: added HAVE_FCHDIR
19151 1994-06-07 17:18 millert
19153 * strdup.c: now include stdio
19155 1994-06-07 14:55 millert
19157 * realpath.c, sudo_realpath.c: now works if no fchdir
19159 1994-06-07 14:55 millert
19161 * visudo.c: define SA_RESETHAND to null if not defined
19163 1994-06-07 14:54 millert
19165 * configure.in: added check & replace
19167 1994-06-06 20:05 millert
19169 * configure.in: took out -static for nextstep -- it doesn't work
19171 1994-06-06 19:59 millert
19173 * logging.c: moved #endif to where it belongs
19175 1994-06-06 19:54 millert
19177 * SUPPORTED: correction
19179 1994-06-06 19:42 millert
19181 * configure.in: now checks for strdup realpath getcwd bzero
19183 1994-06-06 19:31 millert
19185 * config.h.in: emulate bzero
19187 1994-06-06 16:57 millert
19189 * visudo.c: added posic signals
19191 1994-06-06 16:57 millert
19193 * tgetpass.c: bzero cast
19195 1994-06-06 16:57 millert
19197 * logging.c: added posix signals
19199 1994-06-06 16:56 millert
19201 * configure.in: removed BROKEN_GETPASS added new srcs toreplace
19204 1994-06-06 16:56 millert
19206 * config.h.in: added posix signal stuff
19208 1994-06-06 16:56 millert
19210 * Makefile.in: added new srcs
19212 1994-06-06 12:53 millert
19214 * visudo.c: updated useag
19216 1994-06-06 12:39 millert
19218 * tgetpass.c: now uses posix signals
19220 1994-06-05 20:17 millert
19222 * PORTING: updated sto reflect major changes
19224 1994-06-05 20:05 millert
19226 * TODO, CHANGES: updated
19228 1994-06-05 20:04 millert
19230 * tgetpass.c: uses sysconf() if available
19232 1994-06-05 20:04 millert
19234 * sudo.h: added PASSWORD_TIMEOUT + prototypes for new functions
19236 1994-06-05 20:04 millert
19238 * realpath.c, sudo_realpath.c: for those w/o this in libc
19240 1994-06-05 20:03 millert
19242 * getcwd.c, getwd.c: Initial revision
19244 1994-06-05 20:03 millert
19246 * find_path.c: rewrote to use realpath(3) - nis now all my code
19248 1994-06-05 20:02 millert
19250 * config.h.in: added HAVE_REALPATH
19252 1994-06-05 20:02 millert
19254 * check.c: now use tgetpass
19256 1994-06-05 20:02 millert
19258 * Makefile.in: added LIBOBJS use tgetpass.c
19260 1994-06-05 18:55 millert
19262 * tgetpass.c: works now :-)
19264 1994-06-05 18:27 millert
19266 * tgetpass.c: Initial revision
19268 1994-06-05 17:17 millert
19270 * pathnames.h.in: added /dev/tty
19272 1994-06-04 17:12 millert
19274 * version.h: incremented
19276 1994-06-04 15:29 millert
19278 * sudo.c: always use getcwd
19280 1994-06-04 14:49 millert
19282 * config.h.in: added check for getwd
19284 1994-06-04 14:48 millert
19286 * configure.in: replace strdup & realpath & getcwd if missing
19288 1994-06-04 14:47 millert
19290 * pathnames.h.in: added _PATH_PWD
19292 1994-06-04 14:46 millert
19294 * aclocal.m4: added SUDO_PROG_PWD
19296 1994-06-04 14:37 millert
19298 * realpath.c, sudo_realpath.c, strdup.c: Initial revision
19300 1994-06-03 11:31 millert
19302 * configure.in: quoted quare brackets
19304 1994-06-02 17:49 millert
19306 * sudo.c: no need to strdup() a constant
19308 1994-06-02 15:45 millert
19312 1994-06-02 15:44 millert
19314 * sudo.man: added validate
19316 1994-06-02 15:42 millert
19318 * sudo.c: added -v to usage
19320 1994-06-02 15:41 millert
19322 * parse.c, sudo.c, sudo.h: added validate_only stuff
19324 1994-05-29 21:29 millert
19326 * configure.in: now finds sed
19328 1994-05-29 21:28 millert
19330 * aclocal.m4: $OSREV is now an int
19332 1994-05-29 19:13 millert
19334 * configure.in: added mtxinu to caser
19336 1994-05-29 18:37 millert
19338 * sudo.h: added EXEC macro
19340 1994-05-29 18:36 millert
19342 * sudo.c: now use the EXEC nmacro now only do a gethostbyname() if
19345 1994-05-29 18:36 millert
19347 * logging.c: changed mail_argv[] def now use EXEC() macro
19349 1994-05-29 18:35 millert
19351 * check.c: took out crypt() definition
19353 1994-05-29 17:23 millert
19355 * version.h: upped the version
19357 1994-05-29 15:52 millert
19359 * configure.in: always look for -lnsl
19361 1994-05-29 15:29 millert
19363 * aclocal.m4: added an echo
19365 1994-05-29 15:25 millert
19367 * sudo.h: SHORT_MESSAGE is now the default
19369 1994-05-29 15:18 millert
19371 * config.h.in: fixed typo
19373 1994-05-29 01:29 millert
19375 * configure.in: added missing AC_DEFINE(SVR4) for solaris
19377 1994-05-28 20:42 millert
19379 * sudo.man: documented the -v flag
19381 1994-05-28 20:34 millert
19383 * SUPPORTED: updated
19385 1994-05-28 20:31 millert
19387 * check.c: proto-ized crypt()
19389 1994-05-28 20:28 millert
19391 * config.h.in: added LIBSHADOW undef
19393 1994-05-28 20:18 millert
19395 * configure.in: nwo set OS to be lowercase
19397 1994-05-28 19:36 millert
19399 * configure.in: now use SUDO_OSTYPE to set $OS
19401 1994-05-28 19:36 millert
19403 * aclocal.m4: now use uname to determine os
19405 1994-05-28 16:23 millert
19407 * visudo.c: added prototypes & moved sig handler around
19409 1994-05-28 15:13 millert
19411 * sudo.h: added prototyppes
19413 1994-05-28 15:13 millert
19415 * parse.c: added comment
19417 1994-05-28 15:12 millert
19419 * config.h.in: nwo use _BSD_SIGNALS not _BSD_COMPAT
19421 1994-05-28 15:11 millert
19423 * check.c, logging.c, sudo.c: added prototypes
19425 1994-05-28 15:11 millert
19427 * aixcrypt.exp: Initial revision
19429 1994-05-28 15:11 millert
19431 * Makefile.in: added aixcrypt.exp
19433 1994-05-28 13:21 millert
19435 * parse.lex, parse.yacc: moved config.h to top of includes
19437 1994-05-25 15:48 millert
19439 * find_path.c: now don't bitch if get EACCESS (treat like EPERM)
19441 1994-05-24 23:08 millert
19443 * visudo.c: added -v flag and usage()
19445 1994-05-24 23:08 millert
19447 * version.h: fixed a typo
19449 1994-05-24 23:08 millert
19451 * sudo.c: cast Argv to a const for exec added -v flag
19453 1994-05-24 23:07 millert
19455 * logging.c: mail_argv is now a const
19457 1994-05-24 23:07 millert
19459 * configure.in: only set RETSIGTYPE if it is not set already
19461 1994-05-24 23:07 millert
19463 * aclocal.m4: now defines & STDC_HEADERS for Irix
19465 1994-05-24 23:07 millert
19467 * Makefile.in: added version.h
19469 1994-05-24 21:25 millert
19471 * insults.h, sudo.h: prevent multiple inclusion
19473 1994-05-24 21:20 millert
19475 * version.h: Initial revision
19477 1994-05-24 21:09 millert
19479 * parse.lex, parse.yacc: now includes config.h
19481 1994-05-24 20:54 millert
19483 * aclocal.m4: now talks about sunos 4.x
19485 1994-05-24 20:23 millert
19487 * visudo.c: calls to Exit now pass an arg
19489 1994-05-24 18:00 millert
19491 * visudo.c: signal handler now takes an int argument
19493 1994-05-24 18:00 millert
19497 1994-05-24 17:44 millert
19499 * sudo.c: ok, the getcwd() is now *really* done as the user
19501 1994-05-24 17:44 millert
19503 * configure.in: changed AIX STATIC_FLAGS
19505 1994-05-24 16:27 millert
19507 * aclocal.m4: solaris now defines SVR4
19509 1994-05-24 16:18 millert
19511 * sudo.h: added cwd and fixed stupid core dump that makes no sense.
19514 1994-05-24 16:18 millert
19516 * sudo.c: moved getcwd stuff into load_globals
19518 1994-05-24 16:18 millert
19520 * parse.c: took out externs that are in suod.h
19522 1994-05-24 16:18 millert
19524 * logging.c: moved cwd into load_globals
19526 1994-05-24 16:17 millert
19528 * find_path.c: moved cwd stuff
19530 1994-05-24 15:55 millert
19532 * Makefile.in: fixed make distclean & realclean
19534 1994-05-24 12:51 millert
19538 1994-05-24 12:51 millert
19540 * CHANGES: added solaris changes
19542 1994-05-24 12:51 millert
19544 * aclocal.m4: added solaris changes, need to rework
19546 1994-05-24 12:50 millert
19548 * configure.in: cleaned up for solaris
19550 1994-05-24 12:13 millert
19552 * logging.c: reinstall reapchild signal handler for non-bsd signals
19554 1994-05-24 12:03 millert
19556 * sudo.h: took out getdtablesize() emulation for HP-UX (no longer
19559 1994-05-24 12:03 millert
19561 * sudo.c: support for HAVE_SYSCONF
19563 1994-05-24 12:02 millert
19565 * visudo.c: added <fcntl.h> for solaris & reorg'd the includes +
19566 minor prettying up /
19568 1994-05-23 20:26 millert
19570 * config.h.in: added HAVE_SYSCONF
19572 1994-05-16 18:57 millert
19574 * configure.in: now tells you what os you are running /.
19576 1994-05-16 18:56 millert
19578 * aclocal.m4: took out extra ','
19580 1994-05-14 17:56 millert
19582 * config.h.in: added _BSD_COMPAT
19584 1994-05-14 17:56 millert
19586 * aclocal.m4: fixed for irix5
19588 1994-05-14 17:55 millert
19592 1994-05-14 17:27 millert
19594 * sudo.c: uid seinitialized to -2
19596 1994-04-28 12:36 millert
19598 * sudo.c: now removes LIBPATH for AIX
19600 1994-03-12 20:41 millert
19602 * configure.in: now uses ufc if it finds it
19604 1994-03-12 17:42 millert
19606 * sudo.h: no longer define yyval & yylval since yacc does it
19608 1994-03-12 17:42 millert
19610 * parse.lex: now defines yylval as extenr
19612 1994-03-12 17:41 millert
19614 * configure.in: BROKEN_GETPASS is now an OPTION
19616 1994-03-12 17:41 millert
19618 * config.h.in: took out BROKEN_GETPASS
19620 1994-03-12 17:20 millert
19622 * Makefile.in: took out big comment
19624 1994-03-12 16:24 millert
19628 1994-03-12 16:20 millert
19630 * Makefile.in: took out README.beta
19632 1994-03-12 16:19 millert
19634 * SUPPORTED: Initial revision
19636 1994-03-12 16:19 millert
19638 * INSTALL: now reference SUPPORTED .,
19640 1994-03-12 16:17 millert
19642 * config.h.in: now check for convex OR __convex__
19644 1994-03-12 16:16 millert
19646 * aclocal.m4: now check for convex or __convex__
19648 1994-03-12 16:15 millert
19650 * Makefile.in: added dist target
19652 1994-03-12 15:19 millert
19654 * aclocal.m4: use __convex__
19656 1994-03-12 14:33 millert
19658 * find_path.c: now use _S_* stat stuff to be ansi-like
19660 1994-03-12 14:11 millert
19662 * INSTALL: updated for configure directions
19664 1994-03-12 14:05 millert
19666 * Makefile.in: distclean now removes config.h and pathnames.h
19668 1994-03-12 14:03 millert
19672 1994-03-12 14:00 millert
19674 * TODO: fixed typoe
19676 1994-03-12 13:57 millert
19678 * Makefile.in, visudo.c: updated version
19680 1994-03-12 13:57 millert
19682 * config.h.in, pathnames.h.in: added copyright header
19684 1994-03-12 13:55 millert
19686 * check.c, find_path.c, insults.h, logging.c, parse.c, parse.lex,
19687 parse.yacc, sudo.c, sudo.h: udpated version
19689 1994-03-12 13:39 millert
19691 * visudo.c: udpated to use configure + pathnames.h
19693 1994-03-12 13:37 millert
19695 * Makefile.in, config.h.in, configure.in, aclocal.m4: updated
19697 1994-03-12 13:37 millert
19699 * sudo.h: now works with configure
19701 1994-03-12 13:36 millert
19703 * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c:
19704 updated to work with configure + pathnames.h
19706 1994-03-12 10:40 millert
19708 * Makefile.in: added LEXLIB
19710 1994-03-10 03:18 millert
19712 * COPYING: updated gnu general licence to versio 2
19714 1994-03-10 02:44 millert
19716 * pathnames.h.in, config.h.in: Initial revision
19718 1994-03-10 01:43 millert
19720 * sudo.h: changed to work with configure
19722 1994-03-09 18:51 millert
19724 * Makefile.in, aclocal.m4, configure.in: Initial revision
19726 1994-03-09 17:36 millert
19728 * visudo.c: now uses defines used by configure
19730 1994-03-01 16:31 millert
19732 * find_path.c: sudo won't bitch about EPERM now, for real
19734 1994-02-28 00:36 millert
19736 * logging.c: renamed exec_argv to eliminate a libc name clash with
19739 1994-02-28 00:28 millert
19741 * CHANGES: corrected
19743 1994-02-28 00:27 millert
19745 * logging.c, sudo.c, sudo.h: execve -> execv
19747 1994-02-27 23:27 millert
19751 1994-02-27 23:19 millert
19753 * PORTING: added 2 mroe items
19755 1994-02-27 23:12 millert
19759 1994-02-27 23:11 millert
19761 * sudo.h: added UMASK and mode_t declaration
19763 1994-02-27 23:11 millert
19765 * sudo.c: added UMASK
19767 1994-02-27 20:55 millert
19769 * logging.c: now opens log file with mode 077
19771 1994-02-27 20:55 millert
19773 * check.c: saved current umask ans restores it
19775 1994-02-27 20:36 millert
19777 * sudo.h: added MAXLOGFILELEN
19779 1994-02-27 20:35 millert
19781 * logging.c: split long log lines. FOr syslog, split into multiple
19782 entries, for a log file, indent the extra for readability
19784 1994-02-27 17:22 millert
19786 * CHANGES: added changes
19788 1994-02-27 17:18 millert
19790 * sudo.h: MAXLOGLEN & MAXSYSLOGLEN are now different (as they
19793 1994-02-25 16:04 millert
19795 * TODO: added input from Brett M Hogden <hogden@rge.com>
19797 1994-02-16 13:35 millert
19799 * sudo.c: added rmenv() to remove stuff from environ. can now uses
19800 execvp() OR execve() becuase of this.
19802 1994-02-16 13:35 millert
19804 * logging.c: now uses execvp() OR execve()
19806 1994-02-16 13:31 millert
19808 * sudo.h: added USE_EXECVE
19810 1994-02-16 13:27 millert
19812 * sudo.h: added environ
19814 1994-02-16 12:53 millert
19816 * find_path.c: now ignore EPERM
19818 1994-02-15 23:52 millert
19820 * sudo.h: moved some func decls out of sudo.h and into sudo.c as
19823 1994-02-15 23:52 millert
19827 1994-02-15 23:40 millert
19829 * sudo.h: took out Envp
19831 1994-02-14 12:28 millert
19833 * BUGS: Initial revision
19835 1994-02-10 14:29 millert
19837 * sudo.c, sudo.h, CHANGES: added SECURE_PATH
19839 1994-02-10 14:05 millert
19841 * sudo.h: added SECURE_PATH
19843 1994-02-10 13:50 millert
19845 * INSTALL: added sample.sudoers note
19847 1994-02-10 13:47 millert
19849 * sudoers: Initial revision
19851 1994-02-09 14:54 millert
19853 * find_path.c: fixed typo
19855 1994-02-08 23:06 millert
19857 * PORTING: took out SAVED_UID garbage
19859 1994-02-08 22:55 millert
19861 * INSTALL: mentioned HAL
19863 1994-02-08 22:50 millert
19865 * sudo.h: added HAL line
19867 1994-02-08 22:48 millert
19869 * insults.h: added HAL insults
19871 1994-02-08 22:48 millert
19875 1994-02-08 22:02 millert
19877 * logging.c: more verbose error if mailer not found
19879 1994-02-08 22:02 millert
19881 * check.c: now do getpwent as root for soem shadow password systems
19884 1994-02-08 13:22 millert
19886 * sudo.h: took out SAVED_UID garbade
19888 1994-02-08 13:21 millert
19890 * sudo.c: took out SAVED_UID garbage since it don't work
19892 1994-02-06 17:43 millert
19896 1994-02-06 17:40 millert
19898 * insults.h: added a missing space :-)
19900 1994-02-05 19:48 millert
19902 * sudo.c, sudo.h: took out multimax cruft
19904 1994-02-05 19:30 millert
19906 * INSTALL: minor update
19908 1994-02-05 19:30 millert
19910 * PORTING: finished
19912 1994-02-05 19:19 millert
19914 * sudo.c: fixed a typo + indentation
19916 1994-02-05 18:43 millert
19918 * sudo.h: took outumoved some defines to the config file ,. ,.
19920 1994-02-05 15:17 millert
19922 * PORTING: Initial revision
19924 1994-02-05 15:17 millert
19928 1994-02-05 15:16 millert
19930 * sudo.h: added HAS_SAVED_UID
19932 1994-02-05 15:16 millert
19934 * sudo.c: put back AIX cruft
19936 1994-02-03 00:44 millert
19938 * sudo.c: aix changes
19940 1994-02-02 01:31 millert
19944 1994-02-02 01:30 millert
19946 * check.c, logging.c, parse.c, sudo.c, sudo.h: now is only root
19949 1994-02-01 22:21 millert
19951 * check.c: added missing %s\n
19953 1994-01-31 02:06 millert
19955 * install-sh: Initial revision
19957 1994-01-31 01:58 millert
19959 * CHANGES, TODO: updated
19961 1994-01-31 01:56 millert
19963 * sudo.c: now removed _RLD_* for alphas
19965 1994-01-31 01:50 millert
19967 * INSTALL: updated for new config scheme
19969 1994-01-30 19:42 millert
19971 * find_path.c: more verbose eror messages
19973 1994-01-27 14:08 millert
19975 * TODO: now have solaris
19977 1994-01-27 14:07 millert
19979 * sudo.h: define __svr4__ for SOLARIS
19981 1994-01-27 14:07 millert
19983 * check.c: added svr4 junk for shadow pws for solaris 2.x
19985 1994-01-27 13:19 millert
19987 * check.c, sudo.c: took out setuid(0) and setreuid(udi) garbage.
19988 Its not needed since we start out setuid with the correct perms.
19990 1994-01-26 19:51 millert
19992 * check.c, sudo.c, sudo.h: now use setreuid()
19994 1994-01-26 18:58 millert
19996 * sudo.man: revised AUTHORS secrtion & added ENV_EDITOR stuff to
19999 1994-01-26 18:52 millert
20001 * visudo.c: now uses ENV_EDITOR if you want to use the EDITOR envar
20003 1994-01-26 18:52 millert
20005 * sudo.h: now uses ENV_EDITOR if you want to use the EDITOR envar
20008 1993-12-07 01:33 millert
20010 * README: minor update + spell fix
20012 1993-12-07 01:33 millert
20014 * INSTALL: rewrote most of this
20016 1993-12-07 01:13 millert
20018 * sudo.h: added all options that are in the Makefile
20020 1993-12-07 00:23 millert
20022 * getpass.c: now use USE_TERMIO #define for sgi & hpux
20024 1993-12-06 23:19 millert
20026 * TODO: todo: posix sigs
20028 1993-12-06 01:12 millert
20030 * check.c, find_path.c: always include strings.h
20032 1993-12-05 20:34 millert
20034 * visudo.c: added STATICEDITOR
20036 1993-12-05 20:30 millert
20038 * sudo.h: sgi has vi in /usr/bin too
20040 1993-12-05 20:23 millert
20042 * sudo.man: added VISUAL
20044 1993-12-02 22:20 millert
20046 * sudo.h: sue /usr/bin/vi on some systems
20048 1993-12-02 22:19 millert
20050 * sudo.c: fixed warning (include strings.h)
20052 1993-12-02 22:06 millert
20054 * sudo.man: added John_Rouillard@dl5000.bc.edu's changes (new
20057 1993-12-02 21:38 millert
20059 * CHANGES: changes from John_Rouillard@dl5000.bc.edu
20061 1993-12-02 21:35 millert
20063 * visudo.c: added EDITOR envar
20065 1993-12-02 21:34 millert
20067 * check.c, find_path.c, parse.c, sudo.c: added patches from
20068 John_Rouillard directory spec uses EDITOR
20070 1993-12-01 19:32 millert
20072 * getpass.c: added flush for hpux
20074 1993-11-30 13:37 millert
20076 * sudo.c: no longer assume malloc returns a char *
20078 1993-11-29 20:35 millert
20080 * sudo.c: alpha change to remove LD_-like thing fixed SHLIB_PATH
20081 stuff -- now gets removed correctly
20083 1993-11-29 19:31 millert
20085 * sudo.h: added STD_HEADERS macro
20087 1993-11-29 19:14 millert
20089 * sudo.c: now uses STD_HEADERS macor for ansi
20091 1993-11-29 19:14 millert
20093 * find_path.c: now uses STD_HEADERS macro
20095 1993-11-29 19:13 millert
20097 * check.c: niceties for C compiler bitches -- no real change
20099 1993-11-29 13:04 millert
20101 * visudo.c: now doesn't fclose a file never opened.
20103 1993-11-28 16:35 millert
20105 * sudo.man: added visudo line
20107 1993-11-28 16:31 millert
20109 * sudo.man: added error stuff added me in there...
20111 1993-11-28 03:12 millert
20113 * CHANGES: noted insults
20115 1993-11-28 03:01 millert
20117 * INSTALL: added blurb about reading stuff
20119 1993-11-28 03:00 millert
20121 * sudo.h: added insults
20123 1993-11-28 03:00 millert
20125 * insults.h: corrected somments and removed newlines
20127 1993-11-28 03:00 millert
20129 * check.c: now uses insults
20131 1993-11-28 02:45 millert
20133 * insults.h: Initial revision
20135 1993-11-27 19:46 millert
20137 * INSTALL: added dec syslog note
20139 1993-11-27 19:25 millert
20141 * sample.sudoers: added real stuff in there
20143 1993-11-27 19:24 millert
20145 * TODO: added a todo
20147 1993-11-27 19:10 millert
20151 1993-11-27 18:59 millert
20153 * sample.sudoers: Initial revision
20155 1993-11-27 18:59 millert
20157 * sudo.man: updated with changes
20159 1993-11-27 18:52 millert
20161 * sudo.man: Initial revision
20163 1993-11-27 18:48 millert
20165 * CHANGES, COPYING, INSTALL, README, TODO, indent.pro: Initial
20168 1993-11-27 18:46 millert
20170 * visudo.c: updated version number and took out jeff's old addr
20171 since it is no good
20173 1993-11-27 18:42 millert
20175 * sudo.h, check.c, find_path.c, logging.c, parse.c, parse.lex,
20176 parse.yacc, sudo.c: updated version number and took out jeff's
20177 email (since it is invalid)
20179 1993-10-28 09:36 millert
20181 * check.c: added fflush()
20183 1993-10-22 20:46 millert
20185 * find_path.c: now return NULL instead pf
\b\bof exiting for
20186 nopn
\b\bn-fatal errors
20188 1993-10-21 16:57 millert
20190 * check.c: new banner
20192 1993-10-21 16:42 millert
20194 * parse.lex: now sudo.h gets included first
20196 1993-10-17 20:31 millert
20198 * parse.lex: now can use flex
20200 1993-10-17 20:31 millert
20202 * sudo.h: linux patch
20204 1993-10-17 20:30 millert
20206 * sudo.c: hpux 9 fix, removes SHLIB_PATH linux patch
20208 1993-10-17 20:30 millert
20210 * check.c: linux diff
20212 1993-10-15 16:03 millert
20214 * find_path.c: stat now ignores EINVAL
20216 1993-10-05 21:48 millert
20218 * find_path.c, sudo.c: now declare strdup as extern
20220 1993-10-04 15:23 millert
20222 * visudo.c: reformatted with indent + by hand
20224 1993-10-04 15:10 millert
20226 * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c,
20227 sudo.h: used indent to "fix" coding style
20229 1993-10-03 20:12 millert
20231 * find_path.c: now checks '.' or '.' or '' in PATH -- but does it
20232 LAST should maybe move the code that does this into the loop
20233 body. makes it messier tho. hmmm.
20235 1993-09-08 11:53 millert
20237 * find_path.c: redid the fix for non-executable files in an easier
20238 to read way plus some minor aethetic changes
20240 1993-09-08 11:39 millert
20242 * find_path.c: fixed bug with non-executable tings of same name in
20243 path introduced by checkig errno after stat(2).
20245 1993-09-05 10:02 millert
20247 * sudo.c: fixed off by one error
20249 1993-09-05 09:55 millert
20251 * find_path.c: now handles decending below '/' correctly
20253 1993-09-05 08:35 millert
20255 * sudo.c: now actually builds Envp instead of munging envp
20257 1993-09-04 15:42 millert
20259 * parse.yacc: now includes sys/param.h
20261 1993-09-04 15:41 millert
20263 * visudo.c: now includes sys/param.h
20265 1993-09-04 15:30 millert
20267 * sudo.h: fixed ifndef -> ifdef
20269 1993-09-04 15:19 millert
20271 * qualify.c: make more like find_path.c
20273 1993-09-04 15:18 millert
20275 * find_path.c: rewritten by millert
20277 1993-09-04 15:17 millert
20279 * sudo.h: fixed MAXCOMMANDLENGTH now uses USE_CWD and NEED_STRDUP
20280 added info about new defines in the comment
20282 1993-09-04 15:15 millert
20284 * logging.c: now uses USE_CWD
20286 1993-09-04 14:10 millert
20288 * sudo.h: added delc for clean_envp() and Envp
20290 1993-09-04 14:09 millert
20292 * sudo.c: now rips LD_* env vars out of envp and passed sanitized
20295 1993-09-04 14:09 millert
20297 * logging.c: now uses execve()
20299 1993-09-04 14:08 millert
20301 * find_path.c: ENOTDIR is ok now too (in case part of the path is
20304 1993-09-04 08:17 millert
20306 * qualify.c: now works correctly (ttaltotal rewrite)
20308 1993-09-04 07:59 millert
20310 * parse.lex: now includes sys/param.h didn't match trailing / --
20311 fix from rouilj@cs.umb.edu
20313 1993-06-11 18:04 millert
20315 * sudo.c: moved around the #ifndef _AIX
20317 1993-06-11 18:03 millert
20319 * check.c, logging.c, parse.c: Initial revision
20321 1993-03-20 07:57 millert
20323 * qualify.c: Initial revision
20325 1993-03-13 15:09 millert
20327 * find_path.c: now works if you do sudo bin/test
20329 1993-03-13 14:20 millert
20331 * find_path.c: works
20333 1993-03-02 18:28 millert
20335 * sudo.h: Initial revision
20337 1993-03-02 11:35 millert
20339 * visudo.c: Initial revision
20341 1993-03-02 11:32 millert
20343 * parse.lex, parse.yacc: Initial revision
20345 1993-02-16 13:24 millert
20347 * sudo.c: took out errno.h
20349 1993-02-16 13:22 millert
20351 * sudo.c: now spews error if exec fails and exits with -1
20353 1993-02-16 12:07 millert
20355 * sudo.c: Initial revision
20357 1993-02-15 22:27 millert
20359 * find_path.c: now only execs files with (an) executable bit set.
20361 1993-02-15 22:01 millert
20363 * find_path.c: Initial revision
20365 1993-02-15 14:32 millert
20367 * getpass.c: added nice comment
20369 1993-02-15 14:19 millert
20371 * getpass.c: now works on sgi's
20373 1993-02-15 13:57 millert
20375 * getpass.c: Initial revision
projects / debian / sudo / blob