| version 1.23, 2003/05/08 20:55:05 |
version 1.24, 2004/09/28 15:10:50 |
|
|
| |
|
| 172) interfaces.c should work on ISC UN*X again. |
172) interfaces.c should work on ISC UN*X again. |
| |
|
| 173) All source files are <= 14 characters for old SYSV filesystems. |
173) All source files are <= 14 characters for old SYSV file systems. |
| |
|
| CHANGES from sudo 1.3.7 GAMMA |
CHANGES from sudo 1.3.7 GAMMA |
| |
|
|
|
| |
|
| Sudo 1.6.4p1 released. |
Sudo 1.6.4p1 released. |
| |
|
| 460) Some special characters were not being escaped properly (e..g '\,') |
460) Some special characters were not being escaped properly (e.g. '\,') |
| in command line arguments and would cause a syntax error instead. |
in command line arguments and would cause a syntax error instead. |
| |
|
| 461) "sudo -l" would not work if the always_set_home option was set. |
461) "sudo -l" would not work if the always_set_home option was set. |
|
|
| |
|
| Sudo 1.6.7p5 released. |
Sudo 1.6.7p5 released. |
| |
|
| 512) BSD-style warn/err functions are now used throughout. |
512) Fixed a problem on FreeBSD when the user is only listed in NIS (not |
| |
master.passwd) and netgroups are used in the master.passwd file. |
| |
|
| |
513) BSD-style warn/err functions are now used throughout. |
| |
|
| |
514) Fixed the --with-stow configure option |
| |
|
| |
515) Added a "sudo_lecture" option that points to a file containing a custom |
| |
lecture. |
| |
|
| |
516) The username in a log entry is no longer truncated at 8 characters. |
| |
|
| |
517) A new tag, NOEXEC, will prevent a dynamically-linked program being run |
| |
by sudo from executing another program (think shell escapes). |
| |
Because this uses LD_PRELOAD it has no effect on static binaries. |
| |
Idea from Reznic Valery. |
| |
|
| |
518) TIS fwtk authentication now supports fwtk 2.0 and higher. |
| |
|
| |
519) Sudo will now try to stat the command to be run as the user |
| |
specified by the -u flag if the stat fails as root. Fixes |
| |
an NFS issue. |
| |
|
| |
520) Added Stan Lee / Uncle Ben quote to the lecture (from RedHat). |
| |
|
| |
521) Added a -i option to simulate an initial login similar to "su -". |
| |
Originally based on a patch from David J. MacKenzie. |
| |
|
| |
522) Added a -e option to edit files the with uid of the invoking user. |
| |
This prevents the user from editing other files or running commands |
| |
as the target user. If sudo is run as "sudoedit" the -e flag is implied. |
| |
|
| |
523) If sudo is used to run as root shell, further sudo commands will |
| |
be logged as run by the user specified by the SUDO_USER environment |
| |
variable. In -e mode (sudoedit), SUDO_USER is used to determine |
| |
what user to run the editor when the real uid is 0. |
| |
|
| |
524) Merged in LDAP support from Aaron Spangler. |
| |
|
| |
525) Added the --with-pc-insults configure to replace politically |
| |
incorrect insults with ones from Alek O. Komarnitsky. |
| |
|
| |
526) Added start_tls support from Gudleik Rasch <gudleik@rastamatra.org>. |
| |
|
| |
527) A uid specified in sudoers now matches the user specified by the |
| |
-u flag even if the -u flag specified a name, not a uid. |
| |
|
| |
528) /tmp/.odus is no longer used for timestamps by default. One of |
| |
/var/run/sudo, /var/adm/sudo or /usr/adm/sudo is used depending |
| |
on what directories exist. |
| |
|
| |
529) Quoting globbing characters with a backslash now works as documented. |
| |
|
| |
530) A negated user/uid in a runas list was not treated the same as a |
| |
negated command (it did not override a previously allowed entry). |
| |
Now it does. |
| |
|
| |
531) Added support for Tandem NSK and other systems w/o seteuid(). |
| |
|
| |
532) The timeout on password reading is now done via alarm(), not select(). |
| |
|
| |
533) Fixed several issues when closing all open descriptors. Sudo now uses |
| |
closefrom() if it exists, using /proc/$$/fd if possible. |
| |
|
| |
534) Use PATH_MAX, not MAXPATHLEN since the former is standardized. |
| |
|
| |
535) Added a check in visudo for runas_default being used before it |
| |
was set. |
| |
|
| |
536) If the target user == invoking user a password is no longer required. |
| |
|
| |
537) PAM support now uses Use pam_acct_mgmt() to check for disabled accounts |
| |
(from Brian Farrell). |
| |
|
| |
538) The sudoers file is now parsed as the runas user in all cases instead |
| |
of root. This fixes some issues with running NFS-mounted commands. |
| |
|
| |
539) Sudo now produces a sensible error message when the targetpw |
| |
Defaults option is set and a non-existent uid is specified via -u. |
| |
|
| |
Sudo 1.6.8 released. |
| |
|
| |
540) Now find the command base and fill in struct stat earlier. |
| |
|
| |
541) sudoedit now re-opens the temp file as the invoking user. |
| |
|
| |
542) struct timespec is used throughout the code base. |
| |
|
| |
543) Added --with-ldap-conf-file option to override /etc/ldap.conf |
| |
|
| |
544) Added SSL tls_* certificate checking options when using LDAP. |
| |
|
| |
545) Sudoedit will now only attempt to edit regular files or links. |
| |
|
| |
546) Sudo now uses futime() or futimes() where possible. |
| |
|
| |
547) Updated sample.pam to a current version. |
| |
|
| |
548) Better detection of unchanged files in sudoedit. |
![[BACK]](/icons/back.gif){kind=icon}
Return to CHANGES CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / sudo