| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
PR: 287709
|
| |
|
|
|
| |
Reported-by: poudriere bulk -t failure
Approved-by: portmgr blanket (trivial fix)
|
| |
|
|
|
|
| |
ChangeLog: https://www.sudo.ws/releases/stable/#1.9.16
PR: 281428
Approved by: garga (maintainer)
|
| |
|
|
| |
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
|
|
|
|
| |
While here:
- Prevent combination of SSSD and GSSAPI_HEIMDAL because sssd port
requires MIT kerberos and it will conflict with heimdal
- Removed SSSD_DEVEL option because sssd-devel port requires sudo and it
creates a circular dependency
- Fix OPIE on FreeBSD versions after it was removed from base
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major changes between sudo 1.9.13 and 1.9.12p2:
* Fixed a bug running relative commands via sudo when "log_subcmds"
is enabled. GitHub issue #194.
* Fixed a signal handling bug when running sudo commands in a shell
script. Signals were not being forwarded to the command when
the sudo process was not run in its own process group.
* Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
a newline and a backslash is the last character of the file.
* Fixed a potential use-after-free bug with cvtsudoers filtering.
GitHub issue #198.
* Added a reminder to the default lecture that the password will
not echo. This line is only displayed when the pwfeedback option
is disabled. GitHub issue #195.
* Fixed potential memory leaks in error paths. GitHub issues #199,
#202.
* Fixed potential NULL dereferences on memory allocation failure.
GitHub issues #204, #211.
* Sudo now uses C23-style attributes in function prototypes instead
of gcc-style attributes if supported.
* Added a new "list" pseudo-command in sudoers to allow a user to
list another user's privileges. Previously, only root or a user
with the ability to run any command as either root or the target
user on the current host could use the -U option. This also
includes a fix to the log entry when a user lacks permission to
run "sudo -U otheruser -l command". Previously, the logs would
indicate that the user tried to run the actual command, now the
log entry includes the list operation.
* JSON logging now escapes control characters if they happen to
appear in the command or environment.
* New Albanian translation from translationproject.org.
* Regular expressions in sudoers or logsrvd.conf may no longer
contain consecutive repetition operators. This is implementation-
specific behavior according to POSIX, but some implementations
will allocate excessive amounts of memory. This mainly affects
the fuzzers.
* Sudo now builds AIX-style shared libraries and dynamic shared
objects by default instead of svr4-style. This means that the
default sudo plugins are now .a (archive) files that contain a
.so shared object file instead of bare .so files. This was done
to improve compatibility with the AIX Freeware ecosystem,
specifically, the AIX Freeware build of OpenSSL. Sudo will still
load svr4-style .so plugins and if a .so file is requested,
either via sudo.conf or the sudoers file, and only the .a file
is present, sudo will convert the path from plugin.so to
plugin.a(plugin.so) when loading it. This ensures compatibility
with existing configurations. To restore the old, pre-1.9.13
behavior, run configure using the --with-aix-soname=svr4 option.
* Sudo no longer checks the ownership and mode of the plugins that
it loads. Plugins are configured via either the sudo.conf or
sudoers file which are trusted configuration files. These checks
suffered from time-of-check vs. time-of-use race conditions and
complicate loading plugins that are not simple paths. Ownership
and mode checks are still performed when loading the sudo.conf
and sudoers files, which do not suffer from race conditions.
The sudo.conf "developer_mode" setting is no longer used.
* Control characters in sudo log messages and "sudoreplay -l"
output are now escaped in octal format. Space characters in the
command path are also escaped. Command line arguments that
contain spaces are surrounded by single quotes and any literal
single quote or backslash characters are escaped with a backslash.
This makes it possible to distinguish multiple command line
arguments from a single argument that contains spaces.
* Improved support for DragonFly BSD which uses a different struct
procinfo than either FreeBSD or 4.4BSD.
* Fixed a compilation error on Linux arm systems running older
kernels that may not define EM_ARM in linux/elf-em.h.
GitHub issue #232.
* Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
Sudo will now link using -Wl,--no-undefined by default if possible.
GitHub issue #234.
* Fixed a bug executing a command with a very long argument vector
when "log_subcmds" or "intercept" is enabled on a system where
"intercept_type" is set to "trace". GitHub issue #194.
* When sudo is configured to run a command in a pseudo-terminal
but the standard input is not connected to a terminal, the command
will now be run as a background process. This works around a
problem running sudo commands in the background from a shell
script where changing the terminal to raw mode could interfere
with the interactive shell that ran the script.
GitHub issue #237.
* A missing include file in sudoers is no longer a fatal error
unless the error_recovery plugin argument has been set to false.
PR: 269563
Submitted by: cy
Reported by: cy
Approved by: garga
MFH: 2023Q1
|
| |
|
|
| |
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
|
| |
This a followup to commit 3ee710e0b22309a7e87c71b87bf5510aa8678ed8
sudo-1.9.11 have moved plugins manpages from section 8 to section 5
Pointy hat to: cy
Approved by: portmgr blanket
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major changes between sudo 1.9.11 and 1.9.10:
* Fixed a crash in the Python module with Python 3.9.10 on some
systems. Additionally, "make check" now passes for Python 3.9.10.
* Error messages sent via email now include more details, including
the file name and the line number and column of the error.
Multiple errors are sent in a single message. Previously, only
the first error was included.
* Fixed logging of parse errors in JSON format. Previously,
the JSON logger would not write entries unless the command and
runuser were set. These may not be known at the time a parse
error is encountered.
* Fixed a potential crash parsing sudoers lines larger than twice
the value of LINE_MAX on systems that lack the getdelim() function.
* The tests run by "make check" now unset the LANGUAGE environment
variable. Otherwise, localization strings will not match if
LANGUAGE is set to a non-English locale. Bug #1025.
* The "starttime" test now passed when run under Debian faketime.
Bug #1026.
* The Kerberos authentication module now honors the custom password
prompt if one has been specified.
* The embedded copy of zlib has been updated to version 1.2.12.
* Updated the version of libtool used by sudo to version 2.4.7.
* Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE
in the header files (currently only GNU libc). This is required
to allow the use of 64-bit time values on some 32-bit systems.
* Sudo's "intercept" and "log_subcmds" options no longer force the
command to run in its own pseudo-terminal. It is now also
possible to intercept the system(3) function.
* Fixed a bug in sudo_logsrvd when run in store-first relay mode
where the commit point messages sent by the server were incorrect
if the command was suspended or received a window size change
event.
* Fixed a potential crash in sudo_logsrvd when the "tls_dhparams"
configuration setting was used.
* The "intercept" and "log_subcmds" functionality can now use
ptrace(2) on Linux systems that support seccomp(2) filtering.
This has the advantage of working for both static and dynamic
binaries and can work with sudo's SELinux RBAC mode. The following
architectures are currently supported: i386, x86_64, aarch64,
arm, mips (log_subcmds only), powerpc, riscv, and s390x. The
default is to use ptrace(2) where possible; the new "intercept_type"
sudoers setting can be used to explicitly set the type.
* New Georgian translation from translationproject.org.
* Fixed creating packages on CentOS Stream.
* Fixed a bug in the intercept and log_subcmds support where
the execve(2) wrapper was using the current environment instead
of the passed environment pointer. Bug #1030.
* Added AppArmor integration for Linux. A sudoers rule can now
specify an APPARMOR_PROFILE option to run a command confined by
the named AppArmor profile.
* Fixed parsing of the "server_log" setting in sudo_logsrvd.conf.
Non-paths were being treated as paths and an actual path was
treated as an error.
PR: 264515
Approved by: garga (maintainer)
|
| |
|
|
|
| |
PR: 261529
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major changes between sudo 1.9.8 and 1.9.7p2:
* It is now possible to transparently intercepting sub-commands
executed by the original command run via sudo. Intercept support
is implemented using LD_PRELOAD (or the equivalent supported by
the system) and so has some limitations. The two main limitations
are that only dynamic executables are supported and only the
execl, execle, execlp, execv, execve, execvp, and execvpe library
functions are currently intercepted. Its main use case is to
support restricting privileged shells run via sudo.
To support this, there is a new "intercept" Defaults setting and
an INTERCEPT command tag that can be used in sudoers. For example:
Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh
Defaults!SHELLS intercept
would cause sudo to run the listed shells in intercept mode.
This can also be set on a per-rule basis. For example:
Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh
chuck ALL = INTERCEPT: SHELLS
would only apply intercept mode to user "chuck" when running one
of the listed shells.
In intercept mode, sudo will not prompt for a password before
running a sub-command and will not allow a set-user-ID or
set-group-ID program to be run by default. The new
intercept_authenticate and intercept_allow_setid sudoers settings
can be used to change this behavior.
* The new "log_subcmds" sudoers setting can be used to log additional
commands run in a privileged shell. It uses the same mechanism as
the intercept support described above and has the same limitations.
* Support for logging sudo_logsrvd errors via syslog or to a file.
Previously, most sudo_logsrvd errors were only visible in the
debug log.
* Better diagnostics when there is a TLS certificate validation error.
* Using the "+=" or "-=" operators in a Defaults setting that takes
a string, not a list, now produces a warning from sudo and a
syntax error from inside visudo.
* Fixed a bug where the "iolog_mode" setting in sudoers and sudo_logsrvd
had no effect when creating I/O log parent directories if the I/O log
file name ended with the string "XXXXXX".
* Fixed a bug in the sudoers custom prompt code where the size
parameter that was passed to the strlcpy() function was incorrect.
No overflow was possible since the correct amount of memory was
already pre-allocated.
* The mksigname and mksiglist helper programs are now built with
the host compiler, not the target compiler, when cross-compiling.
Bug #989.
* Fixed compilation error when the --enable-static-sudoers configure
option was specified. This was due to a typo introduced in sudo
1.9.7. GitHub PR #113.
Submitted by: cy
PR: 258479
Approved by: garga (maintainer)
MFH: 2021Q3
|
| |
|
|
|
|
|
|
|
| |
PR: 249511
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=549590
|
| |
|
|
|
|
|
|
|
|
|
| |
* Add new option PYTHON that enables python plugin support
PR: 246472
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=539616
|
| |
|
|
|
|
|
| |
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=514465
|
| |
|
|
|
|
|
|
|
| |
PR: 233206 (based on)
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=484929
|
| |
|
|
|
|
|
|
|
| |
PR: 227926
Reported by: O. Hartmann
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=468922
|
| |
|
|
|
|
|
|
|
| |
PR: 227900
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=468828
|
| |
|
|
|
|
|
| |
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=459262
|
| |
|
|
|
|
|
|
|
|
| |
PR: 221874
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
bdrewery (SIGINFO fix)
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=448901
|
| |
|
|
|
|
|
|
|
|
|
| |
r260609 and using @dir
PR: 220234
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Sponsored by: Rubicon Communications (Netgate)
Notes:
svn path=/head/; revision=444464
|
| |
|
|
|
|
|
|
|
|
|
|
| |
once as sudoers.sample and once as sudoers.dist. Remove one of them.
PR: 219708
Submitted by: mat
Approved by: maintainer timeout
Sponsored by: Absolight
Notes:
svn path=/head/; revision=443616
|
| |
|
|
|
|
|
| |
Sponsored by: Rubicon Communications (Netgate)
Notes:
svn path=/head/; revision=440636
|
| |
|
|
|
|
|
| |
Sponsored by: Rubicon Communications (Netgate)
Notes:
svn path=/head/; revision=422559
|
| |
|
|
|
|
|
|
| |
MFH: 2016Q2
Sponsored by: Rubicon Communications (Netgate)
Notes:
svn path=/head/; revision=417338
|
| |
|
|
|
|
|
|
|
|
| |
PR: 210407
Submitted by: cy@
Approved by: garga@
MFH: 2016Q2
Notes:
svn path=/head/; revision=417158
|
| |
|
|
|
|
|
|
|
|
|
| |
- Pet portlint using (pre|post)[un]exec items in plist
PR: 208111 [1]
Submitted by: cy [1]
Sponsored by: Rubicon Communications (Netgate)
Notes:
svn path=/head/; revision=411346
|
| |
|
|
|
|
|
|
|
|
|
| |
- Remove patch-plugins__sudoers__Makefile.in, unnecessary on stagedir days
- Remove patch-plugins__sudoers__audit.c, sudo_gettext.h is already included
by sudoers.h
- Rework patch-plugins__sudoers__sudoers.in to replace pkg_* utilities by
pkg on message
Notes:
svn path=/head/; revision=400688
|
| |
|
|
| |
Notes:
svn path=/head/; revision=381987
|
| |
|
|
| |
Notes:
svn path=/head/; revision=378779
|
| |
|
|
|
|
|
|
| |
PR: 194259
Submitted by: cy@ and Yasuhiro KIMURA <yasu@utahime.org>
Notes:
svn path=/head/; revision=370967
|
| |
|
|
| |
Notes:
svn path=/head/; revision=368965
|
| |
|
|
| |
Notes:
svn path=/head/; revision=367995
|
| |
|
|
|
|
|
|
| |
PR: ports/187567
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Notes:
svn path=/head/; revision=348496
|
| |
|
|
|
|
|
|
| |
PR: ports/185581
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Notes:
svn path=/head/; revision=343397
|
| |
|
|
|
|
|
|
|
|
|
| |
[2]: Switch logging to authpriv.
PR: [1] ports/182618
Submitted by: [1] Yasuhiro KIMURA <yasu@utahime.org>
[2] des@
Notes:
svn path=/head/; revision=329993
|
| |
|
|
|
|
|
| |
the package.
Notes:
svn path=/head/; revision=323166
|
| |
|
|
| |
Notes:
svn path=/head/; revision=321914
|
| |
|
|
|
|
|
|
| |
PR: ports/171837
Submitted by: cy@
Notes:
svn path=/head/; revision=304871
|
| |
|
|
|
|
|
| |
Changes: http://www.sudo.ws/sudo/stable.html#1.8.5p1
Notes:
svn path=/head/; revision=297123
|
| |
|
|
|
|
|
|
| |
PR: ports/165528
Submitted by: rea@
Notes:
svn path=/head/; revision=292464
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
left behind on install. The upstream Makefile would create the directory
and put sudoers2ldif there, but pkg-plist would not register it properly.
This fix moves sudoers2ldif to 'bin' since it isn't really documentation.
It's installation is still controlled by the LDAP knob though.
Spotted by: scheidell@
Notes:
svn path=/head/; revision=290456
|
| |
|
|
| |
Notes:
svn path=/head/; revision=284177
|
| |
|
|
|
|
|
|
| |
- Now depend on gettext
- While here, use DISTVERSION.
Notes:
svn path=/head/; revision=281313
|
| |
|
|
|
|
|
| |
the UPDATING entry as it no longer applies.
Notes:
svn path=/head/; revision=272530
|
| |
|
|
|
|
|
|
|
| |
including a plugin system now.
While here, do some whitespace fixes.
Notes:
svn path=/head/; revision=272455
|
| |
|
|
|
|
|
| |
defaults to off.
Notes:
svn path=/head/; revision=261152
|
| |
|
|
|
|
|
|
|
|
| |
to make sure the empty directory is created.
PR: ports/149912
Submitted by: Alexey V.Degtyarev <alexey@renatasystems.org>
Notes:
svn path=/head/; revision=260609
|
| |
|
|
|
|
|
| |
Install etc/pam.d/sudo and etc/pam.d/sudo.default
Notes:
svn path=/head/; revision=259711
|
| |
|
|
| |
Notes:
svn path=/head/; revision=259326
|
| |
|
|
|
|
|
| |
Feature safe: yes
Notes:
svn path=/head/; revision=257362
|
