556) Invalid values for a tuple are now handled correctly.
Sudo 1.6.8p5 released.
+
+557) Added a set of missing braces needed for MacOS X / Darwin.
+
+558) Define LDAP_OPT_SUCCESS for those without it.
+
+Sudo 1.6.8p6 released.
+
+559) Warn if the user tries to use the -u option when not running a command.
+
+560) Better PAM error handling and messages.
+
+561) Fixed setting of $USER when env_reset is enabled.
+
+Sudo 1.6.8p7 released.
Sudo is distributed under the following ISC-style license:
- Copyright (c) 1994-1996,1998-2004 Todd C. Miller <Todd.Miller@courtesan.com>
+ Copyright (c) 1994-1996,1998-2005 Todd C. Miller <Todd.Miller@courtesan.com>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
LIBOBJS = @LIBOBJS@ @ALLOCA@
-VERSION = 1.6.8p5
+VERSION = 1.6.8p7
DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \
LICENSE Makefile.in PORTING README README.LDAP RUNSON TODO \
option and rebuild sudo.
Q) Sudo never gives me a chance to enter a password using PAM, it just
- says 'Sorry, try again.' three times and quits.
-A) You didn't setup PAM to work with sudo. On Linux this generally
- means installing sample.pam as /etc/pam.d/sudo.
+ says 'Sorry, try again.' three times and exits.
+A) You didn't setup PAM to work with sudo. On Redhat Linux or Fedora
+ Core this generally means installing sample.pam as /etc/pam.d/sudo.
+ See the sample.pam file for hints on what to use for other Linux
+ systems.
+
+Q) Sudo says 'Account expired or PAM config lacks an "account"
+ section for sudo, contact your system administrator' and exits
+ but I know my account has not expired.
+A) Your PAM config lacks an "account" specification. On Linux this
+ usually means you are missing a line like:
+ account required pam_unix.so
+ in /etc/pam.d/sudo.
Q) Sudo is setup to log via syslog(3) but I'm not getting any log
messages.
pam_conv.conv = sudo_conv;
pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
if (pam_status != PAM_SUCCESS) {
- log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
- "unable to initialize PAM");
+ log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
return(AUTH_FATAL);
}
if (strcmp(user_tty, "unknown"))
*pam_status);
return(AUTH_FAILURE);
case PAM_NEW_AUTHTOK_REQD:
- log_error(NO_EXIT|NO_MAIL, "%s, %s"
+ log_error(NO_EXIT|NO_MAIL, "%s, %s",
"Account or password is expired",
"reset your password and try again");
- *pam_status = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+ *pam_status = pam_chauthtok(pamh,
+ PAM_CHANGE_EXPIRED_AUTHTOK);
if (*pam_status == PAM_SUCCESS)
return(AUTH_SUCCESS);
if ((s = pam_strerror(pamh, *pam_status)))
- log_error(NO_EXIT|NO_MAIL, "pam_chauthtok: %s",s);
+ log_error(NO_EXIT|NO_MAIL, "pam_chauthtok: %s", s);
return(AUTH_FAILURE);
+ case PAM_AUTHTOK_EXPIRED:
+ log_error(NO_EXIT|NO_MAIL,
+ "Password expired, contact your system administrator");
+ return(AUTH_FATAL);
case PAM_ACCT_EXPIRED:
- log_error(NO_EXIT|NO_MAIL, "%s, %s"
- "Account or password is expired",
- "contact your system administrator");
- /* FALLTHROUGH */
- default:
- return(AUTH_FAILURE);
+ log_error(NO_EXIT|NO_MAIL, "%s %s",
+ "Account expired or PAM config lacks an \"account\"",
+ "section for sudo, contact your system administrator");
+ return(AUTH_FATAL);
}
+ /* FALLTHROUGH */
case PAM_AUTH_ERR:
case PAM_MAXTRIES:
+ case PAM_PERM_DENIED:
return(AUTH_FAILURE);
default:
if ((s = pam_strerror(pamh, *pam_status)))
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
+# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
-timestamp='2004-08-13'
+timestamp='2005-03-24'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
GNU config.guess ($timestamp)
Originally written by Per Bothner.
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
*:OS/390:*:*)
echo i370-ibm-openedition
exit 0 ;;
+ *:z/VM:*:*)
+ echo s390-ibm-zvmoe
+ exit 0 ;;
*:OS400:*:*)
echo powerpc-ibm-os400
exit 0 ;;
DRS?6000:unix:4.0:6*)
echo sparc-icl-nx6
exit 0 ;;
- DRS?6000:UNIX_SV:4.2*:7*)
+ DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*)
case `/usr/bin/uname -p` in
sparc) echo sparc-icl-nx7 && exit 0 ;;
esac ;;
i*:UWIN*:*)
echo ${UNAME_MACHINE}-pc-uwin
exit 0 ;;
+ amd64:CYGWIN*:*:*)
+ echo x86_64-unknown-cygwin
+ exit 0 ;;
p*:CYGWIN*:*)
echo powerpcle-unknown-cygwin
exit 0 ;;
cris:Linux:*:*)
echo cris-axis-linux-gnu
exit 0 ;;
+ crisv32:Linux:*:*)
+ echo crisv32-axis-linux-gnu
+ exit 0 ;;
+ frv:Linux:*:*)
+ echo frv-unknown-linux-gnu
+ exit 0 ;;
ia64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit 0 ;;
*:QNX:*:4*)
echo i386-pc-qnx
exit 0 ;;
+ NSE-?:NONSTOP_KERNEL:*:*)
+ echo nse-tandem-nsk${UNAME_RELEASE}
+ exit 0 ;;
NSR-?:NONSTOP_KERNEL:*:*)
echo nsr-tandem-nsk${UNAME_RELEASE}
exit 0 ;;
A*) echo alpha-dec-vms && exit 0 ;;
I*) echo ia64-dec-vms && exit 0 ;;
V*) echo vax-dec-vms && exit 0 ;;
- esac
+ esac ;;
+ *:XENIX:*:SysV)
+ echo i386-pc-xenix
+ exit 0 ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2
the operating system you are using. It is advised that you
download the most up to date version of the config scripts from
- ftp://ftp.gnu.org/pub/gnu/config/
+ http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess
+and
+ http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub
If the version you run ($0) is already up to date, please
send the following data and any information you think might be
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
+# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
-timestamp='2004-06-24'
+timestamp='2005-02-10'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
version="\
GNU config.sub ($timestamp)
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
- | m32r | m32rle | m68000 | m68k | m88k | mcore \
+ | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
| tahoe | thumb | tic4x | tic80 | tron \
| v850 | v850e \
| we32k \
- | x86 | xscale | xstormy16 | xtensa \
+ | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \
| z8k)
basic_machine=$basic_machine-unknown
;;
| ip2k-* | iq2000-* \
| m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
- | m88110-* | m88k-* | mcore-* \
+ | m88110-* | m88k-* | maxq-* | mcore-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
| tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
- | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
- | xtensa-* \
+ | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \
+ | xstormy16-* | xtensa-* \
| ymp-* \
| z8k-*)
;;
crds | unos)
basic_machine=m68k-crds
;;
+ crisv32 | crisv32-* | etraxfs*)
+ basic_machine=crisv32-axis
+ ;;
cris | cris-* | etrax*)
basic_machine=cris-axis
;;
basic_machine=m88k-motorola
os=-sysv3
;;
+ djgpp)
+ basic_machine=i586-pc
+ os=-msdosdjgpp
+ ;;
dpx20 | dpx20-*)
basic_machine=rs6000-bull
os=-bosx
basic_machine=hppa1.1-winbond
os=-proelf
;;
+ xbox)
+ basic_machine=i686-pc
+ os=-mingw32
+ ;;
xps | xps100)
basic_machine=xps100-honeywell
;;
-kaos*)
os=-kaos
;;
+ -zvmoe)
+ os=-zvmoe
+ ;;
-none)
;;
*)
+sudo (1.6.8p7-1.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * High-urgency upload for sarge-targetted RC bugfix.
+ * Fix up a broken symlink pointing to debian/sudo/usr/bin/sudo, so
+ that sudoedit is usable again. Closes: #305735.
+
+ -- Steve Langasek <vorlon@debian.org> Tue, 26 Apr 2005 22:59:06 -0700
+
+sudo (1.6.8p7-1) unstable; urgency=low
+
+ * new upstream version, closes: #299585
+ * update lintian overrides to squelch the postinst warning
+ * change sudoedit from a hard to a soft link, closes: #296896
+ * fix regex doc in sudoers man page, closes: #300361
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
+
sudo (1.6.8p5-1) unstable; urgency=high
* new upstream version
dh_installdirs
install -o root -g root -m 4755 -s sudo debian/sudo/usr/bin/sudo
- ln -f debian/sudo/usr/bin/sudo debian/sudo/usr/bin/sudoedit
+ ln -sf sudo debian/sudo/usr/bin/sudoedit
install -o root -g root -m 0755 -s visudo debian/sudo/usr/sbin/visudo
install -o root -g root -m 0644 sudo.man \
debian/sudo/usr/share/man/man8/sudo.8
--- /dev/null
+sudo source: maintainer-script-lacks-debhelper-token debian/postinst
#undef DID_LOGNAME
#define DID_LOGNAME 0x10
#undef DID_USER
-#define DID_USER 0x12
+#define DID_USER 0x20
#undef VNULL
#define VNULL (VOID *)NULL
* http://www.fortran-2000.com/ArnaudRecipes/sharedlib.html
* XXX - should prepend to original value, if any
*/
- if (noexec && def_noexec_file != NULL)
+ if (noexec && def_noexec_file != NULL) {
#if defined(__darwin__) || defined(__APPLE__)
insert_env(format_env("DYLD_INSERT_LIBRARIES", def_noexec_file, VNULL), 1);
insert_env(format_env("DYLD_FORCE_FLAT_NAMESPACE", VNULL), 1);
insert_env(format_env("LD_PRELOAD", def_noexec_file, VNULL), 1);
# endif
#endif
+ }
/* Set PS1 if SUDO_PS1 is set. */
if (ps1)
#define BUF_SIZ 1024
#endif
+#ifndef LDAP_OPT_SUCCESS
+#define LDAP_OPT_SUCCESS LDAP_SUCCESS
+#endif
+
extern int printmatches;
/* ldap configuration structure */
NewArgv++;
}
+ if (user_runas != NULL && !ISSET(rval, (MODE_EDIT|MODE_RUN))) {
+ if (excl != '\0')
+ warnx("the `-u' and '-%c' options may not be used together", excl);
+ usage(1);
+ }
+
if ((NewArgc == 0 && (rval & MODE_EDIT)) ||
(NewArgc > 0 && !(rval & (MODE_RUN | MODE_EDIT))))
usage(1);
-1.6.8p5 November 26, 2004 1
+1.6.8p7 February 5, 2005 1
-1.6.8p5 November 26, 2004 2
+1.6.8p7 February 5, 2005 2
-1.6.8p5 November 26, 2004 3
+1.6.8p7 February 5, 2005 3
-1.6.8p5 November 26, 2004 4
+1.6.8p7 February 5, 2005 4
-1.6.8p5 November 26, 2004 5
+1.6.8p7 February 5, 2005 5
-1.6.8p5 November 26, 2004 6
+1.6.8p7 February 5, 2005 6
-1.6.8p5 November 26, 2004 7
+1.6.8p7 February 5, 2005 7
-1.6.8p5 November 26, 2004 8
+1.6.8p7 February 5, 2005 8
-1.6.8p5 November 26, 2004 9
+1.6.8p7 February 5, 2005 9
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "November 26, 2004" "1.6.8p5" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "February 5, 2005" "1.6.8p7" "MAINTENANCE COMMANDS"
.SH "NAME"
sudo, sudoedit \- execute a command as another user
.SH "SYNOPSIS"
-1.6.8p5 November 28, 2004 1
+1.6.8p7 February 5, 2005 1
-1.6.8p5 November 28, 2004 2
+1.6.8p7 February 5, 2005 2
-1.6.8p5 November 28, 2004 3
+1.6.8p7 February 5, 2005 3
-1.6.8p5 November 28, 2004 4
+1.6.8p7 February 5, 2005 4
-1.6.8p5 November 28, 2004 5
+1.6.8p7 February 5, 2005 5
-1.6.8p5 November 28, 2004 6
+1.6.8p7 February 5, 2005 6
-1.6.8p5 November 28, 2004 7
+1.6.8p7 February 5, 2005 7
-1.6.8p5 November 28, 2004 8
+1.6.8p7 February 5, 2005 8
-1.6.8p5 November 28, 2004 9
+1.6.8p7 February 5, 2005 9
-1.6.8p5 November 28, 2004 10
+1.6.8p7 February 5, 2005 10
-1.6.8p5 November 28, 2004 11
+1.6.8p7 February 5, 2005 11
-1.6.8p5 November 28, 2004 12
+1.6.8p7 February 5, 2005 12
-1.6.8p5 November 28, 2004 13
+1.6.8p7 February 5, 2005 13
-1.6.8p5 November 28, 2004 14
+1.6.8p7 February 5, 2005 14
-1.6.8p5 November 28, 2004 15
+1.6.8p7 February 5, 2005 15
-1.6.8p5 November 28, 2004 16
+1.6.8p7 February 5, 2005 16
-1.6.8p5 November 28, 2004 17
+1.6.8p7 February 5, 2005 17
-1.6.8p5 November 28, 2004 18
+1.6.8p7 February 5, 2005 18
-1.6.8p5 November 28, 2004 19
+1.6.8p7 February 5, 2005 19
-1.6.8p5 November 28, 2004 20
+1.6.8p7 February 5, 2005 20
-1.6.8p5 November 28, 2004 21
+1.6.8p7 February 5, 2005 21
-1.6.8p5 November 28, 2004 22
+1.6.8p7 February 5, 2005 22
-1.6.8p5 November 28, 2004 23
+1.6.8p7 February 5, 2005 23
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "November 28, 2004" "1.6.8p5" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "February 5, 2005" "1.6.8p7" "MAINTENANCE COMMANDS"
.SH "NAME"
sudoers \- list of which users may execute what
.SH "DESCRIPTION"
Cmnd_Alias ::= NAME '=' Cmnd_List
- NAME ::= [A-Z]([A-Z][0-9]_)*
+ NAME ::= [A-Z]([a-z][A-Z][0-9]_)*
Each I<alias> definition is of the form
#ifndef _SUDO_VERSION_H
#define _SUDO_VERSION_H
-static const char version[] = "1.6.8p5";
+static const char version[] = "1.6.8p7";
#endif /* _SUDO_VERSION_H */
-1.6.8p5 November 26, 2004 1
+1.6.8p7 February 5, 2005 1
-1.6.8p5 November 26, 2004 2
+1.6.8p7 February 5, 2005 2
-1.6.8p5 November 26, 2004 3
+1.6.8p7 February 5, 2005 3
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "November 26, 2004" "1.6.8p5" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "February 5, 2005" "1.6.8p7" "MAINTENANCE COMMANDS"
.SH "NAME"
visudo \- edit the sudoers file
.SH "SYNOPSIS"