From: Bdale Garbee Date: Sun, 2 Apr 2006 21:26:20 +0000 (-0700) Subject: Imported Debian patch 1.6.8p12-2 X-Git-Tag: debian/1.6.8p12-2^0 X-Git-Url: https://git.gag.com/?a=commitdiff_plain;h=aaa1e0d3d6023e523c4a1578962279338397551a;p=debian%2Fsudo Imported Debian patch 1.6.8p12-2 --- diff --git a/Makefile.in b/Makefile.in index 893ac81..c832f22 100644 --- a/Makefile.in +++ b/Makefile.in @@ -187,9 +187,9 @@ sudo_noexec.la: sudo_noexec.lo @DEV@PARSESRCS = sudo.tab.h sudo.tab.c lex.yy.c def_data.c def_data.h # Uncomment the following if you intend to modify parse.yacc -@DEV@sudo.tab.c sudo.tab.h: parse.yacc -@DEV@ rm -f sudo.tab.h sudo.tab.c -@DEV@ $(YACC) -d -b sudo $(srcdir)/parse.yacc +sudo.tab.c sudo.tab.h: parse.yacc + rm -f sudo.tab.h sudo.tab.c + $(YACC) -d -b sudo $(srcdir)/parse.yacc # Uncomment the following if you intend to modify parse.lex @DEV@lex.yy.c: parse.lex diff --git a/config.guess b/config.guess index ad5281e..c38553d 100644 --- a/config.guess +++ b/config.guess @@ -3,7 +3,7 @@ # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. -timestamp='2005-08-03' +timestamp='2006-02-23' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -106,7 +106,7 @@ set_cc_for_build=' trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; : ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; @@ -206,6 +206,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:ekkoBSD:*:*) echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; macppc:MirBSD:*:*) echo powerppc-unknown-mirbsd${UNAME_RELEASE} exit ;; @@ -764,7 +767,12 @@ EOF echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + case ${UNAME_MACHINE} in + pc98) + echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + *) + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + esac exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin @@ -772,6 +780,9 @@ EOF i*:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; + i*:MSYS_NT-*:*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; i*:windows32*:*) # uname -m includes "-pc" on this system. echo ${UNAME_MACHINE}-mingw32 @@ -779,8 +790,11 @@ EOF i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; - x86:Interix*:[34]*) - echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' + x86:Interix*:[345]*) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + EM64T:Interix*:[345]*) + echo x86_64-unknown-interix${UNAME_RELEASE} exit ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks @@ -851,7 +865,11 @@ EOF #endif #endif EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' + /^CPU/{ + s: ::g + p + }'`" test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; mips64:Linux:*:*) @@ -870,7 +888,11 @@ EOF #endif #endif EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' + /^CPU/{ + s: ::g + p + }'`" test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; or32:Linux:*:*) @@ -919,6 +941,9 @@ EOF sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; + vax:Linux:*:*) + echo ${UNAME_MACHINE}-dec-linux-gnu + exit ;; x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu exit ;; @@ -964,7 +989,7 @@ EOF LIBC=gnulibc1 # endif #else - #ifdef __INTEL_COMPILER + #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__sun) LIBC=gnu #else LIBC=gnuaout @@ -974,7 +999,11 @@ EOF LIBC=dietlibc #endif EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` + eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' + /^LIBC/{ + s: ::g + p + }'`" test x"${LIBC}" != x && { echo "${UNAME_MACHINE}-pc-linux-${LIBC}" exit @@ -1185,7 +1214,6 @@ EOF *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown case $UNAME_PROCESSOR in - *86) UNAME_PROCESSOR=i686 ;; unknown) UNAME_PROCESSOR=powerpc ;; esac echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} @@ -1264,6 +1292,9 @@ EOF i*86:skyos:*:*) echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' exit ;; + i*86:rdos:*:*) + echo ${UNAME_MACHINE}-pc-rdos + exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 diff --git a/config.sub b/config.sub index 1c366df..ad9f395 100755 --- a/config.sub +++ b/config.sub @@ -3,7 +3,7 @@ # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. -timestamp='2005-07-08' +timestamp='2006-02-23' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -119,8 +119,9 @@ esac # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \ - kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) + nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ + uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; @@ -171,6 +172,10 @@ case $os in -hiux*) os=-hiuxwe2 ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; -sco5) os=-sco3.2v5 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` @@ -187,6 +192,10 @@ case $os in # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; -sco*) os=-sco3.2v2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` @@ -239,7 +248,7 @@ case $basic_machine in | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ - | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \ + | m32r | m32rle | m68000 | m68k | m88k | maxq | mb | microblaze | mcore \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -257,8 +266,9 @@ case $basic_machine in | mipsisa64sr71k | mipsisa64sr71kel \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ - | ms1 \ + | mt \ | msp430 \ + | nios | nios2 \ | ns16k | ns32k \ | or32 \ | pdp10 | pdp11 | pj | pjl \ @@ -286,6 +296,9 @@ case $basic_machine in ;; m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) ;; + ms1) + basic_machine=mt-unknown + ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and @@ -336,8 +349,9 @@ case $basic_machine in | mipsisa64sr71k-* | mipsisa64sr71kel-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ - | ms1-* \ + | mt-* \ | msp430-* \ + | nios-* | nios2-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ @@ -696,6 +710,9 @@ case $basic_machine in basic_machine=i386-pc os=-msdos ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; mvs) basic_machine=i370-ibm os=-mvs @@ -803,6 +820,12 @@ case $basic_machine in pc532 | pc532-*) basic_machine=ns32k-pc532 ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; @@ -859,6 +882,10 @@ case $basic_machine in basic_machine=i586-unknown os=-pw32 ;; + rdos) + basic_machine=i386-pc + os=-rdos + ;; rom68k) basic_machine=m68k-rom68k os=-coff @@ -1174,21 +1201,23 @@ case $os in | -aos* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ + | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \ + | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku*) + | -skyos* | -haiku* | -rdos*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..9f92f33 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,22 @@ +The version of sudo that ships with Debian by default resets the +environment, as described by the "env_reset" flag in the sudoers file. + +This implies that all environment variables are removed, except for +HOME, LOGNAME, PATH, SHELL, TERM, DISPLAY, XAUTHORITY, XAUTHORIZATION, +LANG, LANGUAGE, LC_*, and USER. + +In case you want sudo to preserve more environment variables, you must +specify the env_keep variable in the sudoers file. You should edit the +sudoers file using the visudo tool. + +Examples: +Preserve the default variables plus the EDITOR variable: + + Defaults env_keep+="EDITOR" + +Preserve the default variables plus all variables starting with LC_: + + Defaults env_keep+="LC_*" + +See the file OPTIONS in this directory for more information on the sudo +build options used in building the Debian package. diff --git a/debian/changelog b/debian/changelog index 65271b2..b7cb5e4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,32 @@ +sudo (1.6.8p12-2) unstable; urgency=low + + * fix typos in init scripts, closes: #346325 + * update to debhelper compat level 5 + * build depend on autotools-dev to ensure config.sub/guess are fresh + * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and + use it here as well. Thanks to Martin and the debian-security team. + closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085 + closes: #315115, #315718, #203874 + * Non-maintainer upload by the Security Team + * Reworked the former patch to limit environment variables from being + passed through, set env_reset as default instead [sudo.c, env.c, + sudoers.pod, Bug#342948, CVE-2005-4158] + * env_reset is now set by default + * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM, + DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER + (in addition to the SUDO_* variables) + * Rebuild sudoers.man.in from the POD file + * Added README.Debian + * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431 + * simplify rules file by using more of Makefile, despite having to override + default directories with more arguments to configure, closes: #292833 + * update sudo man page to reflect use of SECURE_PATH, closes: #228551 + * inconsistencies in sudoers man page resolved, closes: #220808, #161012 + * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are + unresolveable (requires adding bison as build dep), closes: #314949 + + -- Bdale Garbee Sun, 2 Apr 2006 14:26:20 -0700 + sudo (1.6.8p12-1) unstable; urgency=low * new upstream version, closes: #342948 (CVE-2005-4158) diff --git a/debian/compat b/debian/compat index b8626c4..7ed6ff8 100644 --- a/debian/compat +++ b/debian/compat @@ -1 +1 @@ -4 +5 diff --git a/debian/control b/debian/control index 85a29ca..2fd3895 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: sudo Section: admin Priority: optional Maintainer: Bdale Garbee -Build-Depends: debhelper (>= 5), libpam0g-dev, libldap2-dev +Build-Depends: debhelper (>= 5), libpam0g-dev, libldap2-dev, autotools-dev, bison Standards-Version: 3.6.2.1 Package: sudo diff --git a/debian/init.d b/debian/init.d index ba67255..3decdf2 100644 --- a/debian/init.d +++ b/debian/init.d @@ -1,7 +1,7 @@ #! /bin/sh ### BEGIN INIT INFO -# Provides: sudu +# Provides: sudo # Required-Start: $local_fs $remote_fs # Required-Stop: # Default-Start: S 1 2 3 4 5 diff --git a/debian/rules b/debian/rules index 2e5f18f..fca7b5f 100755 --- a/debian/rules +++ b/debian/rules @@ -8,7 +8,7 @@ CFLAGS += -g endif export CFLAGS -build: config-stamp +config: config-stamp config-stamp: dh_testdir @@ -22,6 +22,7 @@ config-stamp: --with-timeout=15 --with-password-timeout=0 \ --disable-root-mailer --disable-setresuid \ --with-sendmail=/usr/sbin/sendmail \ + --mandir=/usr/share/man --libexecdir=/usr/lib/sudo \ --with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin" # LDAP version @@ -35,6 +36,7 @@ config-stamp: --disable-root-mailer --disable-setresuid \ --with-sendmail=/usr/sbin/sendmail \ --with-ldap-conf-file=/etc/ldap/ldap.conf \ + --mandir=/usr/share/man --libexecdir=/usr/lib/sudo \ --with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin" touch config-stamp @@ -43,6 +45,10 @@ build: build-stamp build-stamp: config-stamp dh_testdir + # ensure our pod changes get picked up + -rm -f sudoers.man.in sudoers.man sudo.man.in sudo.man + -$(MAKE) sudoers.man.in sudo.man.in + -$(MAKE) -C build-simple -$(MAKE) -C build-ldap @@ -68,43 +74,22 @@ install: build-stamp dh_clean -k dh_installdirs - # simple version - install -o root -g root -m 4755 -s build-simple/sudo debian/sudo/usr/bin/sudo - ln -sf sudo debian/sudo/usr/bin/sudoedit - install -o root -g root -m 0755 -s build-simple/visudo \ - debian/sudo/usr/sbin/visudo - install -o root -g root -m 0644 build-simple/sudo.man \ - debian/sudo/usr/share/man/man8/sudo.8 - ln -sf sudo.8 debian/sudo/usr/share/man/man8/sudoedit.8 - install -o root -g root -m 0644 build-simple/visudo.man \ - debian/sudo/usr/share/man/man8/visudo.8 - install -o root -g root -m 0644 build-simple/sudoers.man \ - debian/sudo/usr/share/man/man5/sudoers.5 - install -o root -g root -m 0644 sample.sudoers \ - debian/sudo/usr/share/doc/sudo/examples/sudoers - install -o root -g root -m 0644 debian/sudo.pam \ - debian/sudo/etc/pam.d/sudo + $(MAKE) -C build-simple install DESTDIR=$(CURDIR)/debian/sudo + $(MAKE) -C build-ldap install DESTDIR=$(CURDIR)/debian/sudo-ldap - install -o root -g root -m 0644 debian/sudo.lintian \ - debian/sudo/usr/share/lintian/overrides/sudo + # remove stuff we don't want + rm -f $(CURDIR)/debian/sudo/etc/sudoers \ + $(CURDIR)/debian/sudo-ldap/etc/sudoers - # LDAP version - install -o root -g root -m 4755 -s build-ldap/sudo debian/sudo-ldap/usr/bin/sudo - ln -sf sudo debian/sudo-ldap/usr/bin/sudoedit - install -o root -g root -m 0755 -s build-ldap/visudo debian/sudo-ldap/usr/sbin/visudo - install -o root -g root -m 0644 build-ldap/sudo.man \ - debian/sudo-ldap/usr/share/man/man8/sudo.8 - ln -sf sudo.8 debian/sudo-ldap/usr/share/man/man8/sudoedit.8 - install -o root -g root -m 0644 build-ldap/visudo.man \ - debian/sudo-ldap/usr/share/man/man8/visudo.8 - install -o root -g root -m 0644 build-ldap/sudoers.man \ - debian/sudo-ldap/usr/share/man/man5/sudoers.5 - install -o root -g root -m 0644 sample.sudoers \ - debian/sudo-ldap/usr/share/doc/sudo-ldap/examples/sudoers - install -o root -g root -m 0644 debian/sudo.pam \ + # and install things we do want that make install doesn't know about + install -o root -g root -m 0644 $(CURDIR)/debian/sudo.pam \ + debian/sudo/etc/pam.d/sudo + install -o root -g root -m 0644 $(CURDIR)/debian/sudo.pam \ debian/sudo-ldap/etc/pam.d/sudo - install -o root -g root -m 0644 debian/sudo-ldap.lintian \ + install -o root -g root -m 0644 $(CURDIR)/debian/sudo.lintian \ + debian/sudo/usr/share/lintian/overrides/sudo + install -o root -g root -m 0644 $(CURDIR)/debian/sudo-ldap.lintian \ debian/sudo-ldap/usr/share/lintian/overrides/sudo-ldap binary-indep: build install diff --git a/debian/source.lintian-overrides b/debian/source.lintian-overrides index 3d77003..8fa42ca 100644 --- a/debian/source.lintian-overrides +++ b/debian/source.lintian-overrides @@ -1 +1,2 @@ sudo source: maintainer-script-lacks-debhelper-token debian/postinst +sudo source: maintainer-script-lacks-debhelper-token debian/sudo-ldap.postinst diff --git a/debian/sudo-ldap.init.d b/debian/sudo-ldap.init.d index ba67255..3decdf2 100644 --- a/debian/sudo-ldap.init.d +++ b/debian/sudo-ldap.init.d @@ -1,7 +1,7 @@ #! /bin/sh ### BEGIN INIT INFO -# Provides: sudu +# Provides: sudo # Required-Start: $local_fs $remote_fs # Required-Stop: # Default-Start: S 1 2 3 4 5 diff --git a/debian/sudo-ldap.lintian b/debian/sudo-ldap.lintian index eea5106..e968bd6 100644 --- a/debian/sudo-ldap.lintian +++ b/debian/sudo-ldap.lintian @@ -1,3 +1,4 @@ sudo-ldap: setuid-binary usr/bin/sudo 4755 root/root +sudo-ldap: setuid-binary usr/bin/sudoedit 4755 root/root sudo-ldap: postrm-contains-additional-updaterc.d-calls /etc/init.d/sudo-ldap sudo-ldap: script-in-etc-init.d-not-registered-via-update-rc.d /etc/init.d/sudo-ldap diff --git a/debian/sudo.lintian b/debian/sudo.lintian index a048056..afeee26 100644 --- a/debian/sudo.lintian +++ b/debian/sudo.lintian @@ -1,3 +1,4 @@ sudo: setuid-binary usr/bin/sudo 4755 root/root +sudo: setuid-binary usr/bin/sudoedit 4755 root/root sudo: postrm-contains-additional-updaterc.d-calls /etc/init.d/sudo sudo: script-in-etc-init.d-not-registered-via-update-rc.d /etc/init.d/sudo diff --git a/env.c b/env.c index ed738a8..ce6314b 100644 --- a/env.c +++ b/env.c @@ -142,6 +142,7 @@ static const char *initial_checkenv_table[] = { "LC_*", "LANG", "LANGUAGE", + "TERM", NULL }; @@ -368,6 +369,14 @@ rebuild_env(envp, sudo_mode, noexec) } } + if (!strncmp (*ep, "DISPLAY=",8) + || !strncmp (*ep, "XAUTHORITY=", 11) + || !strncmp (*ep, "XAUTHORIZATION=", 15) + || !strncmp (*ep, "LANG=", 5) + || !strncmp (*ep, "LANGUAGE=", 9) + || !strncmp (*ep, "LC_", 3)) + keepit = 1; + /* For SUDO_PS1 -> PS1 conversion. */ if (strncmp(*ep, "SUDO_PS1=", 8) == 0) ps1 = *ep + 5; @@ -391,6 +400,10 @@ rebuild_env(envp, sudo_mode, noexec) if (strncmp(*ep, "USER=", 5) == 0) SET(didvar, DID_USER); break; + case 'P': + if (strncmp("PATH=", *ep, 5) == 0) + SET(didvar,DID_PATH); + break; } insert_env(*ep, 0); } else { diff --git a/parse.yacc b/parse.yacc index 46dce22..7a3819e 100644 --- a/parse.yacc +++ b/parse.yacc @@ -396,6 +396,7 @@ host : ALL { free($1); } | NETGROUP { + set_fqdn(); if (netgr_matches($1, user_host, user_shost, NULL)) $$ = TRUE; else @@ -403,6 +404,7 @@ host : ALL { free($1); } | WORD { + set_fqdn(); if (hostname_matches(user_shost, user_host, $1) == 0) $$ = TRUE; else @@ -412,6 +414,7 @@ host : ALL { | ALIAS { aliasinfo *aip = find_alias($1, HOST_ALIAS); + set_fqdn(); /* could be an all-caps hostname */ if (aip) $$ = aip->val; diff --git a/sudo.c b/sudo.c index 3313b00..52adaf1 100644 --- a/sudo.c +++ b/sudo.c @@ -510,22 +510,18 @@ init_vars(sudo_mode) * "host" is the (possibly fully-qualified) hostname and * "shost" is the unqualified form of the hostname. */ + sudo_user.host_fqdn_queried = FALSE; nohostname = gethostname(thost, sizeof(thost)); if (nohostname) user_host = user_shost = "localhost"; else { user_host = estrdup(thost); - if (def_fqdn) { - /* Defer call to set_fqdn() until log_error() is safe. */ - user_shost = user_host; + if ((p = strchr(user_host, '.'))) { + *p = '\0'; + user_shost = estrdup(user_host); + *p = '.'; } else { - if ((p = strchr(user_host, '.'))) { - *p = '\0'; - user_shost = estrdup(user_host); - *p = '.'; - } else { - user_shost = user_host; - } + user_shost = user_host; } } @@ -566,12 +562,12 @@ init_vars(sudo_mode) /* It is now safe to use log_error() and set_perms() */ - if (def_fqdn) - set_fqdn(); /* may call log_error() */ - if (nohostname) log_error(USE_ERRNO|MSG_ONLY, "can't get hostname"); + /* We don't query FQDN yet, it might get disabled later. Querying is done + * when host matching is executed and def_fqdn still true */ + set_runaspw(*user_runas); /* may call log_error() */ if (*user_runas[0] == '#' && runas_pw->pw_name && runas_pw->pw_name[0]) *user_runas = estrdup(runas_pw->pw_name); @@ -691,6 +687,8 @@ parse_args(argc, argv) return(rval); } + /* New default: reset the environment */ + def_env_reset = TRUE; while (NewArgc > 0 && NewArgv[0][0] == '-') { if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') warnx("please use single character options"); @@ -1010,6 +1008,11 @@ set_fqdn() struct hostent *hp; char *p; + if (!def_fqdn || sudo_user.host_fqdn_queried) { + /* Only querying just once is good enough */ + return; + } + if (!(hp = gethostbyname(user_host))) { log_error(MSG_ONLY|NO_EXIT, "unable to lookup %s via gethostbyname()", user_host); @@ -1026,6 +1029,7 @@ set_fqdn() } else { user_shost = user_host; } + sudo_user.host_fqdn_queried = TRUE; } /* diff --git a/sudo.h b/sudo.h index 51dc51f..6a6d46a 100644 --- a/sudo.h +++ b/sudo.h @@ -42,6 +42,7 @@ struct sudo_user { char cwd[PATH_MAX]; char *host; char *shost; + int host_fqdn_queried; char **runas; char *prompt; char *cmnd; diff --git a/sudo.pod b/sudo.pod index 3b913d4..6321380 100644 --- a/sudo.pod +++ b/sudo.pod @@ -330,8 +330,8 @@ C when run as root. To prevent command spoofing, B checks "." and "" (both denoting current directory) last when searching for a command in the user's PATH (if one or both are in the PATH). Note, however, that the -actual C environment variable is I modified and is passed -unchanged to the program that B executes. +C environment variable is further modified in Debian because of +the use of the I build option. For security reasons, if your OS supports shared libraries and does not disable user-defined library search paths for setuid programs @@ -382,7 +382,7 @@ B utilizes the following environment variables: homedir of the target user PATH Set to a sane value if sudo was configured with - the --with-secure-path option + the --with-secure-path option (true for Debian) SHELL Used to determine shell to run with -s option diff --git a/sudoers.pod b/sudoers.pod index 4b592eb..726f405 100644 --- a/sudoers.pod +++ b/sudoers.pod @@ -359,8 +359,11 @@ Set this flag if you want to put fully qualified hostnames in the I file. I.e., instead of myhost you would use myhost.mydomain.edu. You may still use the short form if you wish (and even mix the two). Beware that turning on I requires B to make DNS lookups -which may make B unusable if DNS stops working (for example -if the machine is not plugged into the network). Also note that +which may make affect B performance if DNS stops working (for example +if the machine is not plugged into the network). The default behavior for +Debian has been modified to minimize the potential of a problem, but there +may still be some cases in which lack of working DNS might make sudo work +very slowly. Also note that you must use the host's official name as DNS knows it. That is, you may not use a host alias (C entry) due to performance issues and the fact that there is no way to get all aliases from @@ -437,12 +440,19 @@ signals and setuid processes. If set, B will reset the environment to only contain the following variables: C, C, C, C, C, +C, C, C, +C, C, C, and C (in addition to the C variables). -Of these, only C is copied unaltered from the old environment. + +Of these, only C, C, C, C, +C, C, and C are copied unaltered from the old environment. The other variables are set to default values (possibly modified by the value of the I option). If B was compiled with the C option, its value will be used for the C environment variable. + +This option is enabled by default. + Other variables may be preserved with the I option. =item use_loginclass @@ -742,8 +752,8 @@ B: =item env_check -Environment variables to be removed from the user's environment if -the variable's value contains C<%> or C characters. This can +Like I, but listed environment variables are taken from the user's environment if +the variable's value does B contain C<%> or C characters. This can be used to guard against printf-style format vulnerabilities in poorly-written programs. The argument may be a double-quoted, space-separated list or a single value without double-quotes. The @@ -754,7 +764,10 @@ run by root with the I<-V> option. =item env_delete -Environment variables to be removed from the user's environment. + +Not effective due to security issues: only variables listed in +I or I can be passed through B! + The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added to, deleted from, or disabled by using the C<=>, C<+=>, C<-=>, and @@ -766,8 +779,8 @@ as B). =item env_keep -Environment variables to be preserved in the user's environment -when the I option is in effect. This allows fine-grained +Environment variables to be preserved in the user's environment. +This allows fine-grained control over the environment B-spawned processes will receive. The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added @@ -1004,8 +1017,14 @@ C and user specifications. The basic rule of thumb is you cannot reference an Alias that has not already been defined. Below are example I entries. Admittedly, some of -these are a bit contrived. First, we define our I: - +these are a bit contrived. First, we allow a few environment +variables to pass and then define our I: + + # Run X applications through sudo; HOME is used to find .Xauthority file + # Note that some programs may use HOME for other purposes too and + # this may lead to privilege escalation! + Defaults env_keep = "DISPLAY HOME" + # User alias specification User_Alias FULLTIMERS = millert, mikef, dowdy User_Alias PARTTIMERS = bostley, jwfox, crawl