File: [local] / src / usr.bin / sudo / Attic / ChangeLog (download)
Revision 1.15, Thu Jul 8 21:11:31 2010 UTC (13 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE, OPENBSD_5_7, OPENBSD_5_6_BASE, OPENBSD_5_6, OPENBSD_5_5_BASE, OPENBSD_5_5, OPENBSD_5_4_BASE, OPENBSD_5_4, OPENBSD_5_3_BASE, OPENBSD_5_3, OPENBSD_5_2_BASE, OPENBSD_5_2, OPENBSD_5_1_BASE, OPENBSD_5_1, OPENBSD_5_0_BASE, OPENBSD_5_0, OPENBSD_4_9_BASE, OPENBSD_4_9, OPENBSD_4_8_BASE, OPENBSD_4_8 Changes since 1.14: +26 -0 lines
Update sudo to version 1.7.2p8
|
2010-06-29 Todd C. Miller <Todd.Miller@courtesan.com>
* env.c: In unsetenv() check for NULL or empty name as per
POSIX 1003.1-2008
* env.c: Do not rely on env.env_len when unsetting a variable,
just use the NULL terminator.
2010-06-25 Todd C. Miller <Todd.Miller@courtesan.com>
* env.c: In unsetenv(), do not assign ep early as we may
end up reallocating env.envp which could result in ep
pointing to freed memory if the environ pointer is out
of sync with env.envp.
* pwutil.c: Ignore case when matching user/group names in
the cache. From Quest sudo.
* sudo.c: Defer call to sudo_nonunix_groupcheck_cleanup()
until after we have closed the sudoers sources. From Quest
sudo.
* vasgroups.c: Use warningx() instead of log_error() since
the latter is not available to visudo or testsudoers. This
does mean that they don't end up in syslog.
2010-06-02 Todd C. Miller <Todd.Miller@courtesan.com>
* auth/pam.c: Fix OpenPAM detection for newer versions.
* vasgroups.c: Sync with Quest sudo git repo
* aclocal.m4, configure, configure.in: Adapted from Quest sudo.
HP-UX ld uses +b instead of -R or -rpath.
Fix typo in libvas check.
libvas may need libdl for dlopen().
Add missing template for ENV_DEBUG.
* README.LDAP:
Fix typos; from Quest Sudo
* Makefile.in, configure.in:
Use value of SHELL from configure in Makefile
2010-05-28 Todd C. Miller <Todd.Miller@courtesan.com>
* env.c: Handle duplicate variables in the environment.
For unsetenv(), keep looking even after remove the first instance.
For sudo_putenv(), check for and remove dupes after we replace an
existing value.
2010-04-29 Todd C. Miller <Todd.Miller@courtesan.com>
* visudo.c: Fix a crash when checking a sudoers file that has aliases
that reference themselves. Based on a diff from David Wood.
2010-04-15 Todd C. Miller <Todd.Miller@courtesan.com>
* alias.c: Fix use after free in error message when a duplicate
alias exists.
2010-04-14 Todd C. Miller <Todd.Miller@courtesan.com>
* visudo.c: Set errorfile to the sudoers path if we set parse_error
manually. This prevents a NULL dereference in printf() when
checking a sudoers file in strict mode when alias errors are present.
2010-04-09 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in: Fix installation of sudoers.ldap
in "make install" when --with-ldap was specified without a
directory. From Prof. Dr. Andreas Mueller
2010-04-09 Todd C. Miller <Todd.Miller@courtesan.com>
* find_path.c: Qualify the command even if it is in the
current working directory, e.g. "./foo" instead of just
returning "foo". This removes an ambiguity between real
commands and possible pseudo-commands in command matching.
2010-04-07 Todd C. Miller <Todd.Miller@courtesan.com>
* sudoers.cat, sudoers.man.in, sudoers.pod: Add a note about
the security implications of the fast_glob option.
* memrchr.c: Remove duplicate includes
2010-03-10 Todd C. Miller <Todd.Miller@courtesan.com>
* sudo.c: Fix a bug introduced with def_closefrom. The value
of def_closefrom already includes the +1.
2010-03-09 Todd C. Miller <Todd.Miller@courtesan.com>
* match.c: When doing a glob match, short circuit if
gl.gl_pathc is 0. From Mark Kettenis.
2010-02-22 Todd C. Miller <Todd.Miller@courtesan.com>
* match.c: Check for pseudo-command by looking at the first
character of the command in sudoers instead of checking the
user-supplied command for a slash.
2010-02-09 Todd C. Miller <Todd.Miller@courtesan.com>
* toke.l: Fix size arg when realloc()ing include stack.
From Daniel Kopecek
* toke.l: Avoid a duplicate fclose() of the sudoers file.
2010-02-06 Todd C. Miller <Todd.Miller@courtesan.com>
* aix.c, config.h.in, configure, configure.in: Use setrlimit64(),
if available, instead of setrlimit() when setting AIX resource
limits since rlim_t is 32bits.
* logging.c: Fix use after free when sending error messages.
From Timo Juhani Lindfors
2009-12-17 15:02 millert
* parse.c: Fix printing of entries with multiple host entries on
a single line.
2009-12-09 16:05 millert
* logging.c: fix typo in last commit
2009-12-08 22:19 millert
* logging.c: Convert fmt_first and fmt_confd into macros.
2009-11-23 10:56 millert
* match.c: cmnd_matches() already deals with negation so
_cmndlist_matches() does not need to do so itself. Fixes a bug
with negated entries in a Cmnd_List.
2009-11-22 11:12 millert
* sudo.c: Don't exit() from open_sudoers, just return NULL for all
errors.
2009-11-22 09:54 millert
* toke.c, toke.l: Add missing extern def for parse_error
2009-11-20 19:11 millert
* toke.c, toke.l: Avoid a parse error when #includedir doesn't find
any files. Closes bug #375
2009-11-20 19:03 millert
* Makefile.in: Include sudo.man.pl and sudoers.man.pl in the
distribution tarball.
2009-11-04 09:42 millert
* configure, configure.in: Fix a few typos in the descriptions;
from Jeff Makey Only do the check for
krb5_get_init_creds_opt_free() taking two arguments if we find
krb5_get_init_creds_opt_alloc(). Otherwise we will get a false
positive when using our own krb5_get_init_creds_opt_free which
takes only a single argument.
2009-11-03 09:58 millert
* configure, configure.in: Remove a spurious comma in the kerb5
bits.
2009-11-03 09:51 millert
* auth/kerb5.c: Call krb5_get_init_creds_opt_init() in our emulated
krb5_get_init_creds_opt_alloc() for MIT kerberos.
2009-09-30 09:50 millert
* sudo_edit.c: Always update the stashed mtime of the temp file
instead of using what we have for the original because the time
resolution of the filesystem the temporary is on may not match
that of the filesystem that holds the original. Should fix bz
#371 found by Philippe Levan.
2009-09-24 21:11 millert
* configure, configure.in, sudoers.man.pl, sudoers.pod: Substitute
in default value for secure_path
2009-09-24 20:31 millert
* sudo.pod: Mention that the password must be followed by a newline
with the -S option.
2009-08-07 10:21 millert
* auth/pam.c: Set PAM_RUSER and PAM_RHOST early so they can be used
during authentication. Based on a patch from Jamie Beverly.
2009-08-07 09:25 millert
* match.c: Close dir before returning if strlcpy() reports
overflow. From Martynas Venckus.
2009-07-18 09:55 millert
* toke.c, toke.l: Fix expansion of %h in #include names. Fixes
bugzilla 363
2009-07-12 17:17 millert
* mkdefaults: If no arg assume def_data.in
2009-07-11 21:27 millert
* README, WHATSNEW: Update for 1.7.2
2009-07-11 21:12 millert
* ChangeLog: sync
2009-06-30 08:41 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: Add missing single
quotes around a colon in Runas_Spec definition. From Elias
Benali.
2009-06-29 09:36 millert
* redblack.c: In rbrepair, re-color the root or the first non-block
node we find to be black. Re-coloring the root is probably not
needed but won't hurt.
2009-06-29 09:35 millert
* sudo.cat, sudoers.cat, sudo.man.in, sudoers.man.in: regen
2009-06-26 16:40 millert
* redblack.c: When repairing the tree, don't touch the root node.
2009-06-25 08:44 millert
* set_perms.c: Protect call to setegid in runas_setup with #ifdef
HAVE_SETEUID. Reported by Josef Schmid.
2009-06-23 14:29 millert
* sudoers.pod: Document that we accept env_pam-style environment
files
2009-06-23 14:24 millert
* env.c: Adapt to accept pam_env-style /etc/environment which
allows shell-style lines such as: export EDITOR="/usr/bin/vi"
2009-06-23 12:22 millert
* sudoers.pod: Make it clear that env_delete only works when
!env_reset. From Loïc Minier
2009-06-15 17:19 millert
* sudo.pod, sudoers.pod: Add non-unix group bits, adapted from
Quest
2009-06-15 17:18 millert
* Makefile.in: build the .cat page in the current working dir, not
the src dir
2009-06-15 09:10 millert
* env.c: Return EINVAL in setenv() if var is NULL or the empty
string to match glibc behavior.
2009-06-13 16:52 millert
* configure, configure.in: Use AS_HELP_STRING for AC_ARG_WITH and
AC_ARG_ENABLE
2009-06-11 16:29 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
regen
2009-06-09 10:08 millert
* INSTALL: Document --with-libvas and --with-libvas-rpath
2009-05-29 09:43 millert
* ldap.c, sudoers.ldap.pod: For netscape-derived LDAP SDKs the cert
and key paths may be a directory or a file. However, version 5.0
of the SDK only seems to support using a directory. If
ldapssl_clientauth_init fails and the cert or key paths look like
they could be files, strip off the last path element and try
again.
2009-05-29 09:40 millert
* Makefile.in: Add non-Unix group .o to COMMON_OBJS and substitute
in path to flex.
2009-05-26 20:49 millert
* configure, configure.in, match.c, sudo.c, vasgroups.c: Update
non-Unix group support from Quest, as reworked by me.
2009-05-26 20:47 millert
* toke.c: regen
2009-05-26 20:46 millert
* toke.l: Add support for escaped hex chars in names, e.g. \x20 for
space.
2009-05-25 08:02 millert
* LICENSE, Makefile.in, aclocal.m4, alias.c, check.c, env.c,
fileops.c, glob.c, gram.y, interfaces.c, lbuf.c, ldap.c,
logging.c, logging.h, match.c, parse.c, parse.h, pathnames.h.in,
pwutil.c, set_perms.c, sudo.c, sudo.h, sudo.pod, sudo_nss.c,
sudo_nss.h, sudo_usage.h.in, sudoers.ldap.pod, sudoers.pod,
testsudoers.c, tgetpass.c, toke.l, visudo.c, auth/aix_auth.c,
auth/pam.c, auth/sudo_auth.c, auth/sudo_auth.h: Update copyright
years.
2009-05-24 08:33 millert
* interfaces.c, lbuf.c: Minor fixes for Minix-3
2009-05-22 06:37 millert
* set_perms.c: Handle getgroups() returning 0. Also add missing
check for HAVE_GETGROUPS.
2009-05-19 17:24 millert
* Makefile.in, config.h.in, configure, configure.in, sudo.c,
version.h, visudo.c: Replace version.h with PACKAGE_VERSION set
via AC_INIT in configure.
2009-05-18 06:33 millert
* set_perms.c: Remove group setting code in setusercontext case, we
will do it ourselves later on in runas_setup. Set the gid after
initgroups/setgroups is called, since on Mac OS X it seems to
change the egid.
2009-05-17 18:19 millert
* LICENSE, Makefile.in, config.h.in, match.c, nonunix.h, sudo.c,
vasgroups.c: Initial bits of non-unix group support using Quest
Authentication Services
2009-05-17 16:52 millert
* toke.c, toke.l: Accept %:foo as a non-Unix group
2009-05-17 16:22 millert
* toke.c, toke.l: Allow user/group to be double quoted in the case
of non-Unix groups which contain spaces.
2009-05-11 12:47 millert
* match.c: Don't allow the user to specify the default runas user
if their sudoers entry only allows them to run as a group.
2009-05-10 07:59 millert
* sudo.c: Must call audit_success before we change uids.
2009-05-10 07:52 millert
* logging.c, set_perms.c, sudo.h, testsudoers.c: Add option for
set_perm to not exit on failure and use this in the logging
routines.
2009-05-10 07:33 millert
* parse.c: In -l mode, if the user is only allowed to run as a
group, display the user's name, not root's before the allowed
group.
2009-05-09 21:00 millert
* sudo.c: Fix -g mode, broken by rev 1.503 which had the side
effect of setting the runas user to root unilaterally.
2009-05-08 16:19 millert
* fileops.c: When unlocking a file with fcntl, use F_SETLK, not
F_SETLKW.
2009-05-08 13:07 millert
* pwutil.c: Only cache by the method we fetched for pwd and grp
lookups. Previously we cached both by namd and id but this can
cause problems for entries that share the same id. Also add more
info in the error message in case the insert fails (which should
now be impossible).
2009-04-30 15:04 millert
* sudoers.pod: Add a clarification from Nick Sieger
2009-04-25 12:49 millert
* env.c: Inline the setting of the environment string.
2009-04-24 14:53 millert
* env.c: setenv(3) in Linux treats a NUL value as the empty string
setenv(3) in BSD doesn't return an error if the name has '=' in
it, it just treats the '=' as end of string.
2009-04-22 16:32 millert
* toke.c, toke.l: Not all systems have d_namlen
2009-04-20 13:53 millert
* sudoers.pod: Fix up some pod2html issues.
2009-04-19 14:09 millert
* interfaces.c: Check for NULL ifa_addr and ifa_netmask. Adapted
from a diff from Quest Software.
2009-04-19 09:01 millert
* sudoers.pod: Ignore files ending in '~' in sudo.d (emacs backup
files)
2009-04-19 08:56 millert
* toke.c, toke.l: Ignore files ending in '~' in sudo.d (emacs
backup files)
2009-04-18 19:37 millert
* sudoers.cat, sudoers.man.in, sudoers.pod, toke.c, toke.l: For
#includedir, ignore any file containing a dot
2009-04-18 19:25 millert
* Makefile.in, version.h: Bump version
2009-04-18 19:25 millert
* gram.c, gram.y, parse.c, parse.h, sudo.c, sudo.h, sudoers.cat,
sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, toke.l,
visudo.c: Implement #includedir directive. Files in an
includedir are not edited by visudo unless they contain a syntax
error.
2009-04-18 12:06 millert
* ChangeLog: sync
2009-04-18 10:27 millert
* WHATSNEW: Forgot umask_override
2009-04-18 09:25 millert
* ChangeLog, TODO: sync
2009-04-16 08:22 millert
* visudo.c: Rewind stream if we fdopen sudoers since it may not be
at the beginning. Set the keepopen flag on already-open files
too so the lexer doesn't close them out from under us.
2009-04-16 08:18 millert
* visudo.c: Print the proper file name when there is a parse error
in an include file.
2009-04-11 07:45 millert
* WHATSNEW: Sync
2009-04-10 16:59 millert
* configure, configure.in: Fix a warning when --without-ldap is
specified.
2009-04-05 12:25 millert
* alias.c, parse.h, visudo.c: Store aliases that we remove during
check_aliases in a freelist and free them at the end so we don't
leak memory.
2009-03-28 09:30 millert
* visudo.c: Check aliases in -c mode too.
2009-03-28 09:09 millert
* alias.c, parse.h, visudo.c: Make alias_remove return the alias
struct instead of freeing it directly. Fixes a use after free in
alias_remove_recursive, the only consumer.
2009-03-28 09:07 millert
* alias.c, match.c, parse.c, parse.h, visudo.c: Rename find_alias
-> alias_find for consistency.
2009-03-27 19:29 millert
* visudo.c: When checking for unused aliases, recurse if the alias
points to another alias.
2009-03-16 12:11 millert
* ldap.c: Back out rev 1.105 for now. Real ldapux_client.conf
support will be done later after some refactoring.
2009-03-14 12:02 millert
* ldap.c: Treat ldap_hostport the same as "host" for ldapux.
2009-03-13 21:04 millert
* configure, configure.in: Only check for
ldap_sasl_interactive_bind_s if we can find sasl.h. Fixes
compilation with ldapux.
2009-03-11 20:03 millert
* fileops.c: fix char subscript
2009-03-11 19:19 millert
* Makefile.in: remove errant carriage returns
2009-03-11 19:01 millert
* audit.c, env.c: fix K&R compilation
2009-03-11 12:12 millert
* sudo.man.in, sudo.cat, sudoers.cat, sudoers.ldap.cat,
sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
regen
2009-03-10 17:34 millert
* config.h.in: Add missing HAVE_BSM_AUDIT
2009-03-10 17:21 millert
* WHATSNEW: Add 1.7.1 features
2009-03-10 17:10 millert
* INSTALL: Mention --with-netsvc
2009-03-10 17:08 millert
* sudoers.ldap.pod: Document netsvc.conf support
2009-03-10 16:44 millert
* configure, configure.in, pathnames.h.in, sudo.c, sudo_nss.c,
sudo_nss.h: Add support for AIX netsvc.conf (like nsswitch.conf).
2009-03-08 16:57 millert
* configure, config.h.in, configure.in, env.c: Add
--enable-env-debug flag to enable environment sanity checks.
2009-03-08 11:51 millert
* sudoers.ldap.pod, sudoers.pod: Work around some pod2html issue.
2009-03-07 17:10 millert
* env.c: Only sync environ for putenv, setenv, and unsetenv. We
need to make sure that sudo_putenv and sudo_setenv only modify
env.envp, not environ.
2009-03-02 14:19 millert
* env.c: Really fix UNSETENV_VOID
2009-03-02 14:18 millert
* env.c: Fix unsetenv when UNSETENV_VOID
2009-03-02 08:00 millert
* aclocal.m4, configure: Fix SUDO_FUNC_PUTENV_CONST
2009-03-02 07:36 millert
* ldap.c: tivoli-based ldap does not have ldapssl_err2string
2009-03-02 07:30 millert
* configure: regen
2009-03-01 16:20 millert
* config.h.in, configure, configure.in, ldap.c: Add support for
Tivoli-based LDAP start TLS as seen in AIX. Untested.
2009-03-01 08:52 millert
* env.c: Add sanity checks for setenv/unsetenv
2009-02-28 20:17 millert
* Makefile.in: Include bsm_audit.h in the tarball
2009-02-28 20:00 millert
* Makefile.in, version.h: bump version for sudo 1.7.1
2009-02-28 19:58 millert
* aclocal.m4, config.h.in, configure, configure.in, env.c, ldap.c,
sudo.h, auth/aix_auth.c: Replace sudo_setenv/sudo_unsetenv with
calls to setenv/unsetenv and provide our own
setenv/unsetenv/putenv that operates on own env pointer. Make
sync_env() inline in setenv/unsetenv/putenv functions.
2009-02-25 07:33 millert
* sudo.c: Make "sudoedit -h" work as expected
2009-02-25 07:21 millert
* auth/pam.c: Make sure def_prompt is always defined. This is a
workaround for pam configs that prompt for a password in the
session but don't have an auth line. A better fix is to expand
the sudo prompt earlier and set def_prompt to that when
initializing.
2009-02-25 06:17 millert
* sudo.pod: Mention that the helper for -A may be graphical.
2009-02-25 06:16 millert
* TROUBLESHOOTING: Document what happens if there is no tty.
2009-02-25 06:05 millert
* sudo.c: cosmetic changes
2009-02-25 05:47 millert
* term.c: Fix term_restore
2009-02-24 20:23 millert
* sudo.c: Fix "sudo -k" with no other args
2009-02-24 08:04 millert
* check.c, sudo.c, sudo.pod, sudo_usage.h.in: Allow the -k flag to
be specified in conjunction with a command or another option that
may require authentication.
2009-02-23 09:18 millert
* configure, configure.in: Remove unneeded AC_CANONICAL_TARGET;
from Diego E. 'Flameeyes'
2009-02-23 09:15 millert
* Makefile.in: Parallel make fix. From Diego E. 'Flameeyes'
2009-02-21 17:03 millert
* def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod:
Implement umask_override
2009-02-21 16:51 millert
* toke.c: regen
2009-02-21 16:49 millert
* sudoers.pod, toke.l, visudo.c: Implement %h escape in sudoers
include filenames.
2009-02-21 08:43 millert
* audit.c: Need to include compat.h
2009-02-21 08:37 millert
* Makefile.in, audit.c, bsm_audit.c, bsm_audit.h, logging.h,
sudo.c: Make audit_success and audit_failure generic functions in
preparation for integrating linux audit support.
2009-02-21 08:06 millert
* term.c: remove duplicate include
2009-02-20 16:13 millert
* bsm_audit.c: Add missing include
2009-02-20 15:55 millert
* sudo.c: May need to update the runas user after parsing
command-based defaults.
2009-02-18 10:53 millert
* glob.c: Add missing pair of braces introduced with character
class support.
2009-02-15 15:53 millert
* def_data.c, def_data.h, def_data.in, sudoers.pod, tgetpass.c:
Rename pwstars to pwfeedback
2009-02-10 20:25 millert
* bsm_audit.c, bsm_audit.h: Add const to make MacOS happy.
2009-02-10 20:18 millert
* Makefile.in, bsm_audit.c, bsm_audit.h, configure, configure.in,
sudo.c, auth/sudo_auth.c: Add bsm audit support from Christian
S.J. Peron
2009-02-10 19:58 millert
* term.c: This is new code, no DARPA notice.
2009-02-10 14:04 millert
* def_data.c, def_data.h, def_data.in, match.c, sudoers.pod: Rename
simple_glob -> fast_glob
2009-02-10 09:39 millert
* match.c: g/c unused var
2009-02-10 08:09 millert
* def_data.c, def_data.h, def_data.in, match.c, sudoers.pod: Add
simple_glob option to use fnmatch() instead of glob(). This is
useful when you need to specify patterns that reference network
file systems.
2009-02-10 07:58 millert
* tgetpass.c: add term_* proto
2009-02-10 07:51 millert
* sudoers.pod: mention glob()
2009-02-09 07:59 millert
* tgetpass.c: Delete any pwstars we wrote after the user hits
return. That way there is no record on screen as to the user's
password length.
2009-02-08 10:27 millert
* term.c: Move terminal setting bits from tgetpass.c to term.c
2009-02-07 19:50 millert
* Makefile.in, def_data.c, def_data.h, def_data.in, sudoers.pod,
tgetpass.c: Add pwstars sudoers option that causes sudo to print
a star every time the user presses a key.
2009-02-03 10:10 millert
* Makefile.in: Fix up F<> brokenness for visudo.man.in and
sudoers.ldap.man.in.
2009-01-27 11:54 millert
* ldap.c: For ldap_search_ext_s() the sizelimit param should be 0,
not -1, to indicate no limit. From Mark Janssen.
2009-01-17 17:36 millert
* toke.c, toke.l: Comments that begin with #- should not be parsed
as uids.
2009-01-08 19:13 millert
* sudo.c: Do not try to set the close on exec flag if we didn't
actually open sudoers.
2008-12-19 12:40 millert
* ChangeLog: regen
2008-12-14 17:40 millert
* TODO: sync
2008-12-09 18:48 millert
* auth/pam.c: Return PAM_AUTH_ERR instead of PAM_CONV_ERR if user
enters ^C at the password prompt.
2008-12-09 16:13 millert
* configure.in, configure: Don't try to build sudo_noexec.so on
HP-UX with the bundled compiler as it cannot generate shared
objects.
2008-12-09 15:55 millert
* glob.c, lbuf.c, tgetpass.c, emul/charclass.h: K&R compilation
fixes
2008-12-09 08:49 millert
* parse.c: Use tq_foreach_fwd when checking pseudo-commands to make
it clear that we are not short-circuiting on last match. When
pwcheck is 'all', initialize nopass to TRUE and override it with
the first non-TRUE entry.
2008-12-08 10:02 millert
* parse.c: Do not short circuit pseudo commands when we get a match
since, depending on the settings, we may need to examine all
commands for tags.
2008-12-03 15:58 millert
* sudoers.cat, sudoers.man.in: regen
2008-12-03 15:57 millert
* sudoers.pod: hostnames may also contain wildcards
2008-12-03 15:40 millert
* Makefile.in: remove stamp-* files and linux core files in clean
target
2008-12-02 12:30 millert
* config.h.in, configure, configure.in, auth/sudo_auth.h: Use
HAVE_SIA_SES_INIT instead of HAVE_SIA for Digital UNIX
2008-11-26 15:10 millert
* configure, configure.in: correctly enable SIA on Digital UNIX
2008-11-25 20:06 millert
* TODO: checkpoint
2008-11-25 20:05 millert
* ChangeLog: sync
2008-11-25 12:01 millert
* check.c, sudo.h, tgetpass.c: Even if neither stdin nor stdout are
ttys we may still have /dev/tty available to us.
2008-11-24 10:09 millert
* sudoers.cat, sudoers.man.in: regen
2008-11-24 10:08 millert
* sudoers.pod: fix typos; Markus Lude
2008-11-24 07:08 millert
* ChangeLog: sync
2008-11-23 19:42 millert
* toke.c: regen
2008-11-23 19:41 millert
* toke.l: Fix matching of a line that only consists of a comment
char
2008-11-22 13:17 millert
* auth/pam.c: MacOS pam will retry conversation function if it
fails so just treat ^C as an empty password.
2008-11-22 10:12 millert
* visudo.c: When checking for alias use, also check defaults
bindings.
2008-11-22 10:01 millert
* redblack.c: unused var
2008-11-22 09:42 millert
* redblack.c: Replace my rbdelete with Emin's version (which
actually works ;-)
2008-11-19 12:01 millert
* testsudoers.c: malloc debugging
2008-11-19 07:37 millert
* visudo.c: malloc options in devel mode for visudo too
2008-11-18 10:57 millert
* sudo.c: fix compilation on non-C99; from Theo
2008-11-18 10:50 millert
* visudo.c: fix check_aliases
2008-11-18 08:29 millert
* alias.c: when destroying an alias, free the correct data pointer
2008-11-18 07:54 millert
* auth/sudo_auth.h: add proto for aixauth_cleanup; from Dale King
2008-11-15 13:34 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: regen
2008-11-15 13:34 millert
* sudo.pod, sudoers.pod, visudo.pod: standardize on the term
'option' for command line options (not flag)
2008-11-14 06:18 millert
* INSTALL: Add note on configuring HP-UX pam
2008-11-11 13:28 millert
* check.c, sudo.c: Move tty checks into check_user() so we only do
them if we actually need a password.
2008-11-11 12:34 millert
* sudo.c: Don't error out if no tty or askpass unless we actually
need to authenticate.
2008-11-10 15:20 millert
* ChangeLog: regen
2008-11-10 08:07 millert
* pathnames.h.in, sudo.c: s/overriden/overridden/; from Tobias
Stoeckmann
2008-11-09 15:18 millert
* visudo.c, WHATSNEW: check sudoers owner and mode in strict mode
2008-11-09 09:15 millert
* gram.c, toke.c: regen
2008-11-09 09:13 millert
* alias.c, alloc.c, closefrom.c, compat.h, defaults.c, defaults.h,
env.c, fileops.c, gettime.c, gram.y, ins_csops.h, insults.h,
interfaces.c, interfaces.h, lbuf.c, license.pod, list.c,
logging.c, logging.h, parse.c, parse.h, pwutil.c, redblack.c,
redblack.h, snprintf.c, sudo.c, sudo.pod, sudo_edit.c,
sudo_nss.h, testsudoers.c, toke.l, tsgetgrpw.c, utimes.c,
version.h, visudo.c, zero_bytes.c, LICENSE, sudoers.pod,
visudo.pod, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h,
sudo.man.in, sudoers.man.in, visudo.man.in: Update copyright
years.
2008-11-09 08:48 millert
* fnmatch.c, glob.c, emul/charclass.h: add my copyright
2008-11-08 10:40 millert
* toke.c, toke.l: The loop in fill_cmnd() was going one byte too
far past the end, resulting in a NUL being written immediately
after the buffer end.
2008-11-08 10:31 millert
* UPGRADE, WHATSNEW: add sections on tgetpass changes
2008-11-08 10:30 millert
* tgetpass.c: Treat EOF w/o newline as an error.
2008-11-07 17:42 millert
* parse.c: Fix "sudo -v" when NOPASSWD is set.
2008-11-07 12:45 millert
* auth/: bsdauth.c, fwtk.c, pam.c, sudo_auth.c, sudo_auth.h: No
longer treat an empty password at the prompt as special. To quit
out of sudo you now need to hit ^C at the password prompt.
2008-11-06 21:07 millert
* sudoers.cat, sudoers.man.in: regen
2008-11-06 21:06 millert
* def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod: Sudo
will now refuse to run if no tty is present unless the new
visiblepw sudoers flag is set.
2008-11-05 19:42 millert
* aix.c: just use RLIM_INFINITY for RLIM_SAVED_MAX if
RLIM_SAVED_MAX not defined
2008-11-05 19:40 millert
* aix.c: fix fallback value for RLIM_SAVED_MAX
2008-11-05 19:14 millert
* auth/: aix_auth.c, sudo_auth.h: Move clearing of AUTHSTATE into
aixauth_cleanup.
2008-11-05 19:08 millert
* env.c, auth/aix_auth.c: Unset AUTHSTATE after calling
authenticate() as it may not be correct for the user we are
running the command as.
2008-11-05 19:05 millert
* isblank.c: Add isblank() function for systems without it. Needed
for POSIX character class matching in fnmatch.c and glob.c.
2008-11-05 11:02 millert
* TROUBLESHOOTING: expound on sudo and cd
2008-11-04 15:52 millert
* ChangeLog: regen
2008-11-04 15:46 millert
* sudoers.cat, sudoers.man.in: regen
2008-11-04 15:45 millert
* sudoers.pod: mention defauts parse order
2008-11-03 13:19 millert
* Makefile.in, aclocal.m4, compat.h, configure: Add isblank()
function for systems without it. Needed for POSIX character
class matching in fnmatch.c and glob.c.
2008-11-03 12:54 millert
* Makefile.in: add emul/charclass.h to HDRS
2008-11-02 14:08 millert
* TODO: checkpoint
2008-11-02 14:06 millert
* parse.c, defaults.c, testsudoers.c, visudo.c: Move
update_defaults into defaults.c and call it properly from visudo
and testsudoers.
2008-11-02 09:51 millert
* defaults.c, interfaces.c, pwutil.c, sudo.c, sudo_edit.c,
tgetpass.c, tsgetgrpw.c: use zero_bytes() instead of memset() for
consistency
2008-11-02 09:45 millert
* logging.c, mon_systrace.c, parse.c, sudo.c, sudo_edit.c,
tgetpass.c, visudo.c: Zero out sigaction_t before use in case it
has non-standard entries.
2008-11-02 09:35 millert
* match.c: quiet gcc
2008-11-02 09:28 millert
* match.c: Short circuit glob() checks if basename(pattern) !=
basename(command). Refactor code that checks for a command in a
directory and use it in the glob case if the resolved pattern
ends in a '/'.
2008-11-01 09:20 millert
* defaults.h, parse.c, sudo.c, testsudoers.c, visudo.c: Defer
setting runas defaults until after runaspw/gr is setup.
2008-10-29 13:26 millert
* match.c, sudo.c, testsudoers.c: Use MAXHOSTNAMELEN+1 when
allocating host/domain name since some systems do not include
space for the NUL in the size. Also manually NUL-terminate
buffer from gethostname() since POSIX is wishy-washy on this.
2008-10-26 17:13 millert
* sudo.c, sudoers.pod: When setting the umask, use the union of the
user's umask and the default value set in sudoers so that we
never lower the user's umask when running a command.
2008-10-26 16:43 millert
* sudo.c: Don't try to read from a zero-length sudoers file.
Remove the bogus Solaris work-around for EAGAIN. Since we now
use fgetc() it should not be a problem.
2008-10-25 09:22 millert
* parse.c: In update_defaults() check the return value of
user*_matches against ALLOW so we don't inadvertantly match on
UNSPEC.
2008-10-24 09:52 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
regen man pages; no more hyphenation
2008-10-24 09:49 millert
* sudo.c: Don't error out on a zero-length sudoers file. With the
advent of #include the user could create a situation where sudo
is unusable.
2008-10-23 12:06 millert
* config.h.in, configure, configure.in, auth/kerb5.c: Newer heimdal
has 2-argument krb5_get_init_creds_opt_free() like MIT krb5.
Really old heimdal has no krb5_get_init_creds_opt_alloc() at all.
Add configure tests to handle all the cases.
2008-10-08 17:28 millert
* sudo.pod: resort ENVIRONMENT
2008-10-08 17:09 millert
* sudoers.pod: document sudoers_locale
2008-10-08 16:56 millert
* sudo.pod, sudo_edit.c: add SUDO_EDITOR variable that sudoedit
uses in preference to VISUAL or EDITOR
2008-10-08 14:27 millert
* toke.c, toke.l: In fill_cmnd(), collapse any escaped
sudo-specific characters. Allows character classes to be used in
pathnames.
2008-10-03 16:02 millert
* lbuf.c: fix typo in non-C89 function declaration
2008-10-03 15:56 millert
* sudoers.pod: Mention POSIX characters classes now that out
fnmatch() and glob() support them.
2008-10-03 15:55 millert
* sample.sudoers, sudoers.pod: Replace [A-z] (which won't match in
UTF8) with [A-Za-z] which is locale agnostic.
2008-10-03 10:02 millert
* parse.h: use __signed char if we are going to assign a negative
value since on Power, char is unsigned by default
2008-10-03 09:59 millert
* configure, configure.in, config.h.in: Add tests for __signed char
and signed char.
2008-10-03 09:19 millert
* aix.c: Fix AIX limit setting. getuserattr() returns values in
disk blocks rather than bytes. The default hard stack size in
newer AIX is RLIM_SAVED_MAX. From Dale King.
2008-09-26 17:13 millert
* fnmatch.c, glob.c, emul/charclass.h: Add character class support
to included glob(3) and fnmatch(3).
2008-09-16 08:28 millert
* emul/fnmatch.h: Remove UCB advertising clause and some
compatibility defines.
2008-09-14 16:07 millert
* sudo_edit.c: Check EDITOR/VISUAL to make sure sudoedit is not
re-invoking itself or sudo. This allows one to set EDITOR to
sudoedit without getting into an infinite loop of sudoedit
running itself until the path gets too big.
2008-09-13 20:45 millert
* def_data.c, def_data.h, def_data.in, defaults.c, sudo.c: Add
sudoers_locale Defaults option to override the default sudoers
locale of "C".
2008-09-13 14:09 millert
* sudo.c: Set locale to system default except for during sudoers
parse.
2008-09-12 09:34 millert
* match.c: Redo change in 1.34 to use pointer arithmetic.
2008-09-11 07:06 millert
* match.c: Fix a dereference (read) of a freed pointer. Reported
by Patrick Williams.
2008-08-23 19:09 millert
* sudo.c: Set locale to "C" to avoid interpretation issues with
character ranges in sudoers. May want to make the locale a
sudoers option in the future.
2008-08-20 07:45 millert
* config.h.in: we no longer use setproctitle
2008-08-20 07:41 millert
* sudo.h: remove #if 1
2008-08-20 07:40 millert
* LICENSE, mkstemp.c: Use my replacement mkstemp() from the mktemp
package.
2008-07-12 08:53 millert
* gram.c: regen with yacc skeleton bug fixed
2008-07-12 08:48 millert
* sudoers.pod: Remove duplicate "as root". From Martin Toft.
2008-07-02 06:27 millert
* pwutil.c, sudo.c, testsudoers.c, sudo.h: Flesh out the fake
passwd entry used for running commands as a uid not listed in the
passwd database. Fixes an issue with some PAM modules.
2008-07-01 07:57 millert
* sudo.c: Error out in -i mode if the user has no shell. This can
happen when running commands as a uid with no password entry.
2008-06-26 07:49 millert
* toke.c, toke.l: Better fix for line continuation inside double
quotes. Now accepts whitespace between the backslash and the
newline like the main lexer.
2008-06-25 14:31 millert
* toke.c, toke.l: Fix line continuation in strings. It was only
being honored if preceded by whitespace.
2008-06-22 16:19 millert
* config.h.in, configure, configure.in, logging.c: Replace the
double fork with a fork + daemonize.
2008-06-21 14:59 millert
* env.c, sudo.c: The -i flag should imply env_reset. This got
broken in sudo 1.6.9.
2008-06-20 20:34 millert
* logging.c, sudo.c, sudo_edit.c, visudo.c: Change how the mailer
is waited for. Instead of having a SIGCHLD handler, use the
double fork trick to orphan the child that opens the pipe to
sendmail. Fixes a problem running su on some Linux distros.
2008-06-20 17:16 millert
* configure, configure.in: Fix configure test for dirfd() on Linux
where DIR is opaque.
2008-06-17 17:42 millert
* tgetpass.c: Get rid of the QNX TCSAFLUSH -> TCSADRAIN hack. If
QNX still has this problem we'll need to revisit this again.
2008-06-10 21:13 millert
* logging.c: Ignore SIGPIPE instead of blocking it when piping to
the mailer. If we only block the signal it may be delivered
later when we unblock. Also, there is no need to block SIGCHLD
since we no longer do the double fork. The normal SIGCHLD
handler is sufficient.
2008-06-08 17:37 millert
* configure, configure.in: Add description for NO_PAM_SESSION, from
a redhat patch.
2008-06-06 09:36 millert
* sudo.cat, sudo.man.in, sudo.pod: Fix typos in -i usage
2008-05-18 13:54 millert
* configure, configure.in: Redo the test for dgettext() in a way
that hopefully will work around the libintl_dgettext() undefined
problem.
2008-05-11 09:21 millert
* schema.ActiveDirectory: change filename in comment
2008-05-10 09:18 millert
* Makefile.in, README.LDAP, sudoers.ldap.cat, sudoers.ldap.man.in,
sudoers.ldap.pod: Reference schema.ActiveDirectory
2008-05-09 14:49 millert
* schema.OpenLDAP, schema.iPlanet: Mark sudoRunAs as deprecated.
2008-05-09 14:48 millert
* schema.ActiveDirectory: add sudoRunAsUser and sudoRunAsGroup
2008-05-09 14:01 millert
* schema.ActiveDirectory: Active Directory schema by Chantal
Paradis and Eric Paquet
2008-05-08 17:54 millert
* parse.c: remove an XXX that was fixed
2008-05-08 12:53 millert
* ChangeLog: sync
2008-05-08 12:49 millert
* parse.c: Initialize tags to UNSPEC instead of def_* in "sudo -l"
mode. This fixes a problem where the tag value printed was
influenced by defaults set in the first pass through the parser.
2008-05-03 21:29 millert
* Makefile.in, sudo.psf: No point in packaging the TODO file
2008-05-03 21:24 millert
* ChangeLog: sync
2008-05-02 20:53 millert
* WHATSNEW, def_data.c, def_data.h, def_data.in, env.c, sudo.c,
sudo.h, sudoers.cat, sudoers.man.in, sudoers.pod: Add env_file
Defaults option that is similar to /etc/environment on some
systems.
2008-05-02 16:38 millert
* Makefile.in, README, TODO, WHATSNEW, sudo.cat, sudo.man.in,
sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in,
sudoers.man.in, version.h, visudo.cat, visudo.man.in: change
version to 1.7.0
2008-05-02 16:37 millert
* UPGRADE: initial valgrind pass done
2008-04-23 08:30 millert
* ldap.c: Fix typo/think in sudo_ldap_read_secret() when storing
the secret.
2008-04-11 10:03 millert
* ldap.c: define LDAPS_PORT if the system headers do not
2008-04-10 14:54 millert
* gram.c, gram.y: Fix another memory leak in init_parser().
2008-04-10 12:51 millert
* configure, configure.in: There was a missing space before the
ldap libs in SUDO_LIBS for some configurations.
2008-04-10 11:28 millert
* alias.c, gram.c, gram.y, toke.c, toke.l: Clean up some memory
leaks pointed out by valgrind.
2008-04-07 14:39 millert
* sudo.c: fix "sudo -s" broken by mode/flags breakout
2008-04-07 14:26 millert
* configure, configure.in: remove duplicate check for dgettext
2008-04-05 15:54 millert
* aix.c: Fall back to default stanza if no user-specific limit is
found.
2008-04-02 15:56 millert
* snprintf.c: include stdint.h if present
2008-04-02 15:28 millert
* snprintf.c: Use LLONG_MAX, not the old QUAD_MAX
2008-04-01 19:18 millert
* sudoers.ldap.pod: fix cut and pasto
2008-03-31 11:24 millert
* pwutil.c: Add #ifdef PURITY
2008-03-30 17:36 millert
* auth/bsdauth.c: remove useless cast
2008-03-27 19:07 millert
* ChangeLog: sync
2008-03-27 19:04 millert
* TODO: sync
2008-03-27 19:01 millert
* sudo.h: Split MODE_* defines into primary and flags.
2008-03-26 13:11 millert
* aix.c: It turns out the logic for getting AIX limits is more
convoluted than I realized and differs depending on whether the
soft and/or hard limits are defined.
2008-03-23 10:18 millert
* Makefile.in, configure, configure.in: Back out AIX-specific
change to set the sudo_noexec path to the .a file, we do really
want to use the .so file. Since libtool doesn't do that
correctly, just install the .so file ourselves in the Makefile.
2008-03-23 10:12 millert
* install-sh: If the file given to install is a path, only use the
basename of the file when building the destination path.
2008-03-18 16:08 millert
* sudo.c: parse_args() cleanup: Sort command line options in the
getopt() switch The -U option requires a parameter Normalize a
few ISSET calls Split mode into mode and flags and retire the
now-obsolete excl variable
2008-03-18 16:04 millert
* WHATSNEW, check.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
sudo.pod, sudo_usage.h.in: Add -n (non-interactive) flag.
2008-03-18 15:59 millert
* sudo.c: Move version printing, etc. into a separate function.
2008-03-18 15:57 millert
* sudo.c: Don't try to cleanup nsswitch if it has not been
initialized.
2008-03-17 11:09 millert
* logging.c: Block SIGPIPE in send_mail() so sudo is not killed by
a problem executing the mailer.
2008-03-14 08:11 millert
* configure.in, configure: AIX shared libs end in .a, not .so.
2008-03-13 07:34 millert
* env.c: Preserve HOME by default too. Matches documentation and
previous behavior.
2008-03-12 19:42 millert
* sudo.c: Use getopt() to parse the command line. We need to be
able to intersperse env variables and options yet still honor
"--"" which complicates things slightly.
2008-03-06 14:46 millert
* ChangeLog: sync
2008-03-06 14:43 millert
* acsite.m4, configure, ltmain.sh: update to libtool-1.5.26
2008-03-06 14:32 millert
* config.guess, config.sub: update from libtool-1.5.26 distribution
2008-03-06 13:18 millert
* aix.c, sudo.h: attempt to fix compilation errors on AIX
2008-03-06 13:08 millert
* Makefile.in: fix typo in last commit
2008-03-06 13:07 millert
* Makefile.in: Add WHATSNEW file to the distribution
2008-03-06 12:43 millert
* visudo.c: use warningx instead of fprintf(stderr, ...)
2008-03-06 12:31 millert
* list.c: add DEBUG to list2tq
2008-03-06 12:28 millert
* ChangeLog, TODO: sync
2008-03-06 12:21 millert
* WHATSNEW: mention mailfrom
2008-03-06 12:19 millert
* Makefile.in, config.h.in, configure, configure.in, set_perms.c,
sudo.h, aix.c: Add aix_setlimits() to set resource limits on AIX
using a combination of getuserattr() and setrlimit(). Currently
untested.
2008-03-05 16:52 millert
* def_data.c, def_data.h, def_data.in, logging.c, sudoers.cat,
sudoers.pod, sudoers.man.in: Add mailfrom Defaults option that
sets the value of the From: field in the warning/error mail. If
unset the login name of the invoking user is used.
2008-03-05 16:18 millert
* defaults.c: store a copy of _PATH_SUDO_ASKPASS in def_askpass
that is freeable
2008-03-05 15:19 millert
* gram.c, gram.y: When adding a default, only call list2tq() once
to do the list to tq conversion. It is not legal to call list2tq
multiple times on the same list since list2tq consumes and
modifies the list argument.
2008-03-05 09:38 millert
* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod: comment
out XXXs for now
2008-03-05 09:36 millert
* WHATSNEW: mention askpass
2008-03-04 17:20 millert
* sudo.c: Error out if both -A and -S are specified Error out if -A
is specified but no askpass is configured
2008-03-04 17:16 millert
* configure, configure.in: we are not going to ship a sudo-specific
askpass
2008-03-03 14:30 millert
* sudo.h: fix definition of TGP_ASKPASS
2008-03-03 13:54 millert
* def_data.c, def_data.in: make askpass boolean-capable
2008-03-03 13:53 millert
* INSTALL: document --with-askpass
2008-03-02 19:27 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in,
sudoers.ldap.cat, visudo.cat: regen
2008-03-02 17:31 millert
* sudo.pod, sudo_usage.h.in, sudoers.pod: document -A and askpass
2008-03-02 09:31 millert
* check.c, configure, configure.in, def_data.c, def_data.h,
def_data.in, defaults.c, pathnames.h.in, sudo.c, sudo.h,
sudo_usage.h.in, tgetpass.c, auth/sudo_auth.c: Add support for
running a helper program to read the password when no tty is
present (or when specified with the -A flag). TODO: docs.
2008-03-02 08:38 millert
* def_data.c, def_data.in: add missing printf format to SELinux
role and type strings
2008-02-27 09:26 millert
* INSTALL, configure, configure.in: Disable use of
gss_krb5_ccache_name() by default and add
--enable-gss-krb5-ccache-name configure option to enable it. It
seems that gss_krb5_ccache_name() doesn't work properly with some
combinations of Heimdal and OpenLDAP.
2008-02-22 15:33 millert
* selinux.c: Ignore setexeccon() failing in permissive mode. Also
add a call to setkeycreatecon() (though this is probably
insufficient). From Dan Walsh.
2008-02-22 15:19 millert
* auth/pam.c: Only set std_prompt for the PAM_PROMPT_* cases. The
conversation function may be called for non-password reading
purposes so we must be careful not to use def_prompt in cases
where it may not be set.
2008-02-20 12:00 millert
* selinux.c: Don't free the new tty context, we need to keep it
around when we restore the tty context after the command
completes
2008-02-19 16:04 millert
* selinux.c: s/newrole/sudo/
2008-02-19 13:21 millert
* sudo.man.pl, sudo.pod: Only put login_cap(3) in SEE ALSO section
if we have login.conf support
2008-02-18 11:05 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
regen
2008-02-18 10:53 millert
* Makefile.in, configure, configure.in, sudo.man.pl, sudo.pod,
sudoers.man.pl, sudoers.pod: Substitute in comment characters for
lines partaining to login.conf, BSD auth and SELinux and only
enable them if pertinent.
2008-02-18 10:42 millert
* Makefile.in, sudo.pod, sudoers.ldap.pod, sudoers.pod, visudo.pod:
Remove the =cut on the first line (above the copyright notice) to
quiet pod2man. Also remove the hackery in the FILES section and
just deal with the fact that there will a newline between each
pathname.
2008-02-17 08:19 millert
* Makefile.in: run sudo.man.pl when generating sudo.man.in
2008-02-17 08:11 millert
* configure, configure.in, sudo.man.pl: comment out SELinux manual
bits unless --with-selinux was specified
2008-02-17 08:04 millert
* sudoers.pod: document role and type defaults for SELinux
2008-02-16 20:26 millert
* sudo.c, sudo.cat, sudo.man.in, sudo.pod, sudo_usage.h.in:
Document "sudo -ll" and make "sudo -l -l" be equivalent.
2008-02-15 15:23 millert
* configure.in, configure: Treat k*bsd*-gnu like Linux, not BSD.
Fixes compilation problems on Debian GNU/kFreeBSD.
2008-02-13 17:17 millert
* auth/kerb5.c: Avoid Heimdal'isms introduced in the rev 1.32
rewrite of verify_krb_v5_tgt()
2008-02-13 07:28 millert
* logging.c, logging.h, sudo.c: Remove dependence on
VALIDATE_NOT_OK in logging functions. Split log_auth() into
log_allowed() and log_denial() Replace mail_auth() with
should_mail() and a call to send_mail()
2008-02-10 18:06 millert
* ldap.c: Add debugging so we can tell if the krb5 ccache is
accessible
2008-02-10 17:34 millert
* INSTALL: mention --with-selinux
2008-02-09 09:48 millert
* configure: regen
2008-02-09 09:43 millert
* selinux.c: add Sudo tag
2008-02-09 09:30 millert
* Makefile.in, config.h.in, configure.in, def_data.c, def_data.h,
def_data.in, gram.c, gram.h, gram.y, ldap.c, parse.c, parse.h,
pathnames.h.in, selinux.c, sesh.c, sudo.c, sudo.cat, sudo.h,
sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.ldap.cat,
sudoers.ldap.man.in, sudoers.ldap.pod, testsudoers.c, toke.c,
toke.l: Add support for SELinux RBAC. Sudoers entries may
specify a role and type. There are also role and type defaults
that may be used. To make sure a transition occurs, when using
RBAC commands are executed via the new sesh binary. Based on
initial changes from Dan Walsh.
2008-02-08 08:18 millert
* lbuf.c, ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.c: Add long
list (sudo -ll) support for printing verbose LDAP and sudoers
file entries. Still need to update manual.
2008-02-03 10:43 millert
* ldap.c, parse.c, sudo.h, sudo_nss.c, sudo_nss.h: Unify the -l
output for file and ldap based sudoers and use lbufs for both.
The ldap output does not currently include options that cannot be
represented as tags. This will be remedied in a long list output
mode to come.
2008-01-27 16:37 millert
* set_perms.c: Use a specific error message for errno == EAGAIN
when setuid() et al fails. On Linux systems setuid() will fail
with errno set to EAGAIN if changing to the new uid would result
in a resource limit violation.
2008-01-27 16:34 millert
* sudo.c: Unlimit nproc on Linux systems where calling the setuid()
family of syscalls causes the nroc resource limit to be checked.
The limits will be reset by pam_limits.so when PAM is used. In
the non-PAM case the nproc limit will remain unlimited but there
doesn't seem to be a way around that other than having sudo parse
/etc/security/limits.conf directly.
2008-01-27 16:31 millert
* env.c, sudo.c, sudo.pod: Only read /etc/environment on Linux and
AIX
2008-01-23 06:33 millert
* configure, configure.in: Use SUDO_DEFINE_UNQUOTED instead of
AC_DEFINE_UNQUOTED to prevent ldap.conf and ldap.secret paths
from going into config.h. Avoid single quotes in variable
expansion when using SUDO_DEFINE_UNQUOTED since in some versions
of bash they will end up literally in the resulting define.
2008-01-21 13:22 millert
* README.LDAP: mention --with-nsswitch=no
2008-01-21 11:43 millert
* configure, configure.in: ldap_ssl.h depends on ldap.h being
included first
2008-01-21 11:07 millert
* configure, configure.in, ldap.c, config.h.in: Include ldap_ssl.h
if we can find it. Needed for the ldapssl_set_strength defines
on HP-UX at least.
2008-01-21 10:02 millert
* TODO, sudoers.ldap.pod: sync
2008-01-21 10:01 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
regen
2008-01-21 10:00 millert
* Makefile.in: Use 78n line length when formatting cat pages.
2008-01-21 09:50 millert
* README.LDAP: Remove redundant info that is now in
sudoers.ldap.pod
2008-01-20 16:18 millert
* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
Reorganize the first section a bit. Substitute the proper path
for /etc/sudoers.
2008-01-20 10:17 millert
* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
Substitute values for ldap.conf, ldap.secret and nsswitch.conf
Move schema into EXAMPLES
2008-01-20 10:15 millert
* configure.in, configure: Substitute values for ldap.conf,
ldap.secret and nsswitch.conf into sudoers.ldap.man.
2008-01-19 20:35 millert
* configure, configure.in: substitute for sudoers.ldap.man
2008-01-19 20:34 millert
* Makefile.in: Fix cut & pasto introduced when adding sudoers.ldap
man page.
2008-01-19 20:25 millert
* sudoers.ldap.pod, sudoers.ldap.cat, sudoers.ldap.man.in: Fill in
some of the missing pieces. Still needs some reorganization and
editing.
2008-01-19 15:06 millert
* Makefile.in, sudoers.ldap.cat, sudoers.ldap.man.in,
sudoers.ldap.pod: Beginnings of a sudoers.ldap man page.
Currently, much of the information is adapted from README.LDAP.
2008-01-18 17:32 millert
* pwutil.c: When copying gr_mem we must guarantee that the storage
space for gr_mem is properly aligned. The simplest way to do
this is to simply store gr_mem directly after struct group. This
is not a problem for gr_passwd or gr_name as they are simple
strings.
2008-01-18 16:47 millert
* ldap.c: Fix a typo/thinko in one of the calls to
sudo_ldap_check_user_netgroup(). From Marco van Wieringen.
2008-01-17 15:44 millert
* config.h.in, configure, configure.in, ldap.c: include
<mps/ldap_ssl.h> in ldap.c if available
2008-01-16 18:20 millert
* gram.c, gram.y: Make sure we define SIZE_MAX for yacc's
skeleton.c
2008-01-16 13:03 millert
* tgetpass.c: Use TCSAFLUSH when restoring terminal settings (and
echo) to guarantee that any pending output is discarded
2008-01-15 17:18 millert
* sudoers: no longer need to specify SETENV when user has sudo ALL
2008-01-15 09:40 millert
* testsudoers.c: sync user_args size calculation with sudo.c Add -g
group option, renaming old -g to -G Add set_runasgr() and
set_runaspw() and use them
2008-01-15 09:23 millert
* sudo.h, sudo.c: Make set_runaspw static void
2008-01-15 09:17 millert
* testsudoers.c, visudo.c: g/c set_runaspw stub
2008-01-15 07:28 millert
* configure, configure.in: Don't add -llber twice.
2008-01-14 06:40 millert
* ldap.c: fix typo
2008-01-13 15:39 millert
* gram.c: regen
2008-01-13 14:57 millert
* configure, configure.in: Fix check that determines whether -llber
is required.
2008-01-13 14:22 millert
* config.h.in, configure, configure.in, README.LDAP, ldap.c: For
netscape-based LDAP, use ldapssl_set_strength() to implement the
checkpeer ldap.conf option.
2008-01-13 09:49 millert
* auth/kerb5.c: Delay krb5_cc_initialize() until we actually need
to use the cred cache, which is what krb5_verify_user() does.
Better cleanup on failure.
2008-01-12 12:40 millert
* auth/kerb5.c: Rewrite verify_krb_v5_tgt() based on what heimdal's
krb5_verify_user() does.
2008-01-09 14:58 millert
* gram.c: The U suffix on constants is an ANSI feature
2008-01-09 12:08 millert
* configure.in, configure: Add check for ber_set_option() in -llber
2008-01-06 19:02 millert
* README.LDAP: default if no nsswitch.conf is files only
2008-01-06 17:28 millert
* README.LDAP: don't tell people to mail aaron about LDAP stuff
2008-01-06 12:32 millert
* README.LDAP: timelimit and bind_timelimit
2008-01-06 08:54 millert
* ChangeLog: sync
2008-01-06 07:56 millert
* ldap.c: Move ldap.secret reading into a separate function.
2008-01-05 19:09 millert
* check.c: user_runas -> runas_pw
2008-01-05 18:59 millert
* TODO: sync
2008-01-05 18:59 millert
* check.c, sudo.pod, sudoers.pod: Add and document the %p escape in
the password prompt. Based on a patch from Patrick Schoenfeld.
2008-01-05 18:25 millert
* ldap.c: Check strlcpy() return values.
2008-01-05 18:12 millert
* ldap.c: refactor ldap binding code into sudo_ldap_bind_s()
2008-01-05 16:35 millert
* README.LDAP: Make it clear that host and uri can take multiple
parameters. URI is now supported for more than just openldap
nsswitch.conf does't accept "compat"
2008-01-05 16:27 millert
* sudo.c: comment cleanup and update (c) year
2008-01-05 16:25 millert
* parse.c, sudo_nss.c: Move display_privs() and display_cmnd() from
parse.c to sudo_nss.c. This should make it possible to build an
LDAP-only sudo binary.
2008-01-05 13:27 millert
* ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.h: Improve chaining of
multiple sudoers sources by passing in the previous return value
to the next in the chain
2008-01-05 13:26 millert
* gram.y: Free up parser data structures in sudo_file_close().
2008-01-05 08:13 millert
* gram.c, parse.c: Free up parser data structures in
sudo_file_close().
2008-01-05 07:59 millert
* ldap.c: Parse uri ourself if no ldap_initialize() is present Use
ldap_create() instead of deprecated ldap_init() Use
ldap_sasl_bind_s() instead of deprecated ldap_simple_bind_s()
2008-01-05 07:56 millert
* config.h.in, configure, configure.in: Add check for
ldap_sasl_bind_s() Remove -DLDAP_DEPRECATED from CFLAGS
2008-01-04 09:56 millert
* configure.in, configure, config.h.in: add check for ldap_create
2008-01-03 16:11 millert
* config.h.in, configure, configure.in, ldap.c: Add
sudo_ldap_get_first_rdn() to return the first rdn of an entry's
dn using the mechanism appropriate for the LDAP SDK in use. Use
ldap_unbind_ext_s() instead of deprecated ldap_unbind_s().
Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's
without them.
2008-01-03 16:02 millert
* lbuf.c: include unistd.h
2008-01-03 11:05 millert
* config.h.in, configure.in: fix typo in mtim_getnsec
2008-01-02 15:29 millert
* config.h.in, configure.in, configure: add check for st__tim in
struct stat as used by SCO
2008-01-02 11:05 millert
* ldap.c: use ldap_search_ext_s instead of deprecated ldap_search_s
2008-01-02 10:09 millert
* Makefile.in, TODO, sudo.cat, sudo.man.in: add sudo_nss.h to HDRS
2008-01-01 19:04 millert
* ldap.c: Replace deprecated ldap_explode_dn() with calls to
ldap_str2dn() and ldap_rdn2str().
2008-01-01 18:37 millert
* ldap.c: Use ldap_get_values_len()/ldap_value_free_len() instead
of the deprecated ldap_get_values()/ldap_value_free().
2008-01-01 17:07 millert
* TODO, ChangeLog: sync
2008-01-01 17:06 millert
* gettime.c, sudo.c: Remove some already fixed XXXs
2008-01-01 17:03 millert
* ldap.c: Same return value as non-existent sudoers if LDAP was
unable to connect.
2008-01-01 16:52 millert
* sudo.pod: mention /etc/environment
2008-01-01 16:42 millert
* UPGRADE, WHATSNEW, README.LDAP: Update to reflect recent
developments.
2008-01-01 16:42 millert
* sudo.c: Print nsswitch.conf, ldap.conf and ldap.secret paths in
-V output.
2008-01-01 16:25 millert
* ldap.c: When building up a query don't list groups in the aux
group vector that are the same as the passwd file group. On most
systems the first gid in the group vector is the same as the
passwd entry gid.
2008-01-01 14:01 millert
* env.c, ldap.c: Define LDAPNOINIT before calling ldap_init(), etc.
to disable user ldaprc and system defaults that could affect how
LDAP works.
2008-01-01 13:21 millert
* INSTALL, configure, configure.in, pathnames.h.in, sudo.c,
sudo_nss.c, sudo_nss.h: Rename read_nss -> sudo_read_nss Add
--with-nsswitch to allow users to specify nsswitch.conf path or
disable it. If --with-nsswitch=no but --with-ldap, order is
LDAP, then sudoers. Fix --with-ldap-conf-file and
--with-ldap-secret-file
2008-01-01 13:12 millert
* parse.c: Honor def_ignore_local_sudoers
2007-12-31 16:44 millert
* ldap.c: no longer need to check def_ignore_local_sudoers here
2007-12-31 16:36 millert
* parse.c: Refactor group vector resetting into a function and also
call it from display_cmnd. Stop after the first sucessful match
in display_cmnd. Print a newline between each display_privs
method.
2007-12-31 16:23 millert
* parse.c: fix double free introduced in rev 1.218
2007-12-31 16:10 millert
* ldap.c: belt and suspenders; zero out result after freeing it
2007-12-31 15:04 millert
* env.c, fileops.c, ldap.c, sudo.h, sudo_nss.c: Refactor line
reading into a separate function, sudo_parseln(), which removes
comments, leading/trailing whitespace and newlines. May want to
rethink the use of sudo_parseln() for /etc/ldap.secret
2007-12-31 14:26 millert
* parse.c, sudo.c: Make the inability to read the sudoers file a
non-fatal error if there are other sudoers sources available.
sudoers_file_lookup now returns "not OK" if sudoers was not
present
2007-12-31 14:24 millert
* ldap.c: make it clear that the global options are from LDAP
2007-12-31 14:13 millert
* logging.c: allocate proper amount of space for error string
2007-12-31 10:24 millert
* sudo_nss.c, sudo_nss.h: actual sudo nss code
2007-12-31 10:08 millert
* ldap.c, parse.c, sudo.c, sudo.h: nss-ify display_privs and
display_cmnd.
2007-12-31 07:54 millert
* defaults.c, parse.c, testsudoers.c, visudo.c: move
update_defaults() to parse.c
2007-12-31 07:39 millert
* Makefile.in, ldap.c, list.c, parse.c, parse.h, sudo.c, sudo.h:
Use nsswitch to hide some sudoers vs. ldap implementation details
and reduce the number of #ifdef LDAP TODO: fix display routines
and error handling
2007-12-28 11:20 millert
* Makefile.in, README.LDAP, ldap.c, pathnames.h.in, sudo.c, sudo.h:
First cut at nsswitch.conf support. Further reorganizaton and
related changes are forthcoming.
2007-12-21 16:53 millert
* env.c, pathnames.h.in, sudo.c, sudo.h: Add support for reading
and /etc/environment file. Still needs to be documented and
should probably only applies to OSes that have it (AIX and Linux,
maybe others).
2007-12-21 16:20 millert
* ldap.c: include limits.h
2007-12-20 10:02 millert
* WHATSNEW: reword LDAP SASL
2007-12-19 16:40 millert
* TODO: sync
2007-12-19 16:39 millert
* README.LDAP: Add an example sudoRole, clarify netscape vs.
openldap a bit more
2007-12-19 14:42 millert
* README.LDAP: Be clear on what is OpenLDAP vs. Netscape-derived
2007-12-19 14:28 millert
* config.h.in, configure, configure.in, ldap.c: Use ldapssl_init()
for ldaps support instead of trying to do it manually with
ldap_init() + ldapssl_install_routines(). Use tls_cert and
tls_key for cert7.db and key3.db respectively. Don't print
debugging info for options that are not set. Add warning if
start_tls specified when not supported.
2007-12-19 14:25 millert
* ldap.c: fix compilation on solaris
2007-12-19 14:23 millert
* Makefile.in: add missing .h and .c files for missing lib objs
2007-12-18 09:54 millert
* ldap.c: fix LDAP_OPT_NETWORK_TIMEOUT setting
2007-12-17 20:10 millert
* ldap.c: fix compilation on Solaris
2007-12-17 10:14 millert
* configure, configure.in: fix typo
2007-12-17 08:08 millert
* README.LDAP: try to clear up which variables are for OpenLDAP and
which are for netscape-derived SDKs
2007-12-17 07:31 millert
* config.h.in, configure, configure.in, ldap.c: Add support for
"ssl on" in both netscape and openldap flavors. Only the
OpenLDAP flavor has been tested.
2007-12-17 07:28 millert
* logging.c, sudo.c, sudo.h: Call cleanup() before exit in
log_error() instead of calling sudo_ldap_close() directly.
ldap_conn can now be static to sudo.c
2007-12-16 20:02 millert
* sudo.c: ld -> ldap_conn
2007-12-16 14:42 millert
* logging.c, sudo.c, sudo.h: Better ldap cleanup.
2007-12-16 14:08 millert
* ldap.c: Distinguish between LDAP conf settings that are
connection-specific (which take an ld pointer) and those that are
default settings (which do not).
2007-12-14 16:46 millert
* ldap.c: Improved warnings on error.
2007-12-14 15:59 millert
* ldap.c: Make ldap config table driven and set the config *after*
we open the connection.
2007-12-13 16:41 millert
* ldap.c: fix LDAP_OPT_X_CONNECT_TIMEOUT compat define
2007-12-13 09:13 millert
* configure, configure.in: some operating systems need to link with
-lkrb5support when using krb5
2007-12-10 17:12 millert
* WHATSNEW: minor update
2007-12-10 10:56 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
2007-12-07 19:17 millert
* TODO, ChangeLog: sync
2007-12-07 19:09 millert
* ldap.c, schema.OpenLDAP, schema.iPlanet, sudoers2ldif: add -g
support for LDAP
2007-12-03 11:36 millert
* WHATSNEW, sudo.c, sudo.pod, sudo_usage.h.in: The -i and -s flags
can now take an optional command.
2007-12-02 12:13 millert
* def_data.c, def_data.h, def_data.in, sudo.c, sudo.pod,
sudoers.pod, auth/pam.c: Add passprompt_override flag to sudoers
that will cause the prompt to be overridden in all cases. This
flag is also set when the user specifies the -p flag.
2007-12-01 19:51 millert
* sudo.c: Move setting of login class until after sudoers has been
parsed. Set NewArgv[0] for -i after runas_pw has been set.
2007-12-01 19:34 millert
* configure, configure.in: Move the dgettext check.
2007-12-01 11:22 millert
* config.h.in, configure, configure.in, auth/pam.c: Add basic
support for looking up the string "Password: " in the PAM
localized text db. This allows us to determine whether the PAM
prompt is the default "Password: " one even if it has been
localized.
TODO: concatenate non-std PAM prompts and user-specified sudo
prompts.
2007-11-27 18:40 millert
* Makefile.in, config.h.in, configure.in, parse.c, set_perms.c,
sudo.c, configure, sudo.h: Use AC_FUNC_GETGROUPS instead of a
home-grown attempt that was insufficient.
2007-11-27 12:13 millert
* configure, acsite.m4, interfaces.c, memrchr.c: Fix typos;
Martynas Venckus
2007-11-25 19:26 millert
* set_perms.c: Don't assume runas_pw is set; it may not be in the
-g case.
2007-11-25 08:07 millert
* logging.c, set_perms.c: Set aux group vector for PERM_RUNAS and
restore group vector for PERM_ROOT if we previously changed it.
Stash the runas group vector so we don't have to call initgroups
more than once. Also add no-op check to check_perms.
2007-11-21 15:11 millert
* WHATSNEW, check.c, def_data.in, defaults.c, gram.c, gram.h,
gram.y, ldap.c, logging.c, match.c, mon_systrace.c, parse.c,
parse.h, pwutil.c, set_perms.c, sudo.c, sudo.cat, sudo.h,
sudo.man.in, sudo.pod, sudo_usage.h.in, sudoers.cat,
sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, visudo.c,
visudo.cat, visudo.man.in: Add support for runas groups. This
allows the user to run a command with a different effective
group. If the -g option is specified without -u the command will
be run as the current user (only the group will change). the -g
and -u options may be used together. TODO: implement runas group
for ldap improve runas group documentation add
testsudoers support
2007-11-21 15:02 millert
* configure, configure.in: fix setting of mandir
2007-11-21 14:26 millert
* sudo.pod, sudoers.pod: document that ALL implies SETENV
2007-11-21 13:50 millert
* ldap.c: s/setenv_ok/setenv_implied/g
2007-11-21 13:44 millert
* ldap.c: hostname_matches() returns TRUE on match in sudo 1.7.
2007-11-21 13:26 millert
* ldap.c: use strcmp, not strcasecmp when comparing ALL
2007-11-21 11:41 millert
* ldap.c: Make sudo ALL imply setenv. Note that unlike with
file-based sudoers this does affect all the commands in the
sudoRole.
2007-11-21 11:05 millert
* gram.c, gram.y, parse.c, parse.h: sudo "ALL" now implies the
SETENV tag but, unlike an explicit tag, it is not passed on to
other commands in the list.
2007-11-21 11:02 millert
* visudo.c: Add missing sudo_setpwent() and sudo_setgrent() calls.
Also use sudo_getpwuid() instead of getpwuid().
2007-11-15 11:16 millert
* sudoers: Expand on the dangers of not using visudo to edit
sudoers.
2007-11-08 07:24 millert
* parse.c: Don't quote *?[]! on output since the lexer does not
strip off the backslash when reading those in.
2007-11-07 13:16 millert
* glob.c: expand "u_foo" types to "unsigned foo" to avoid
compatibility issues.
2007-11-04 08:33 millert
* logging.c: Refactor log line generation in to new_logline().
2007-10-25 09:23 millert
* TROUBLESHOOTING: fix typo
2007-10-24 12:41 millert
* config.h.in, configure, configure.in, interfaces.c, interfaces.h,
match.c: Add configure check for struct in6_addr instead of
relying on AF_INET6 since some systems define AF_INET6 but do not
include IPv6 support.
2007-10-21 09:29 millert
* configure, configure.in: Fix block to add -lutil for FreeBSD and
NetBSD when logincap is in use.
2007-10-19 22:28 millert
* configure, configure.in: POSIX states that struct timespec be
declared in time.h so check there regardless of the value of
TIME_WITH_SYS_TIME.
2007-10-17 11:37 millert
* tgetpass.c: Instead of defining a macro to call the appropriate
method for turning on/off echo, just define tc[gs]etattr() and
the related defines that use the correct terminal ioctls if
needed. Also go back to using TCSAFLUSH instead of TCSADRAIN on
all but QNX.
2007-10-08 20:18 millert
* Makefile.in: g/c @ALLOCA@
2007-10-08 20:07 millert
* configure: regen
2007-10-08 20:04 millert
* INSTALL, config.h.in, configure.in, auth/pam.c: Add
--disable-pam-session configure option to disable calling
pam_{open,close}_session. May work around bugs in some PAM
implementations.
2007-10-08 12:00 millert
* tgetpass.c: quiet gcc warnings
2007-10-08 08:41 millert
* tgetpass.c: Avoid printing the prompt if we are already
backgrounded. E.g. if the user runs "sudo foo &" from the shell.
In this case, the call to tcsetattr() will cause SIGTTOU to be
delivered.
2007-09-15 16:07 millert
* def_data.c, def_data.h, def_data.in: Reorder things such that the
definition of env_reset come right before the env variable lists.
2007-09-15 07:50 millert
* parse.h: Shrink type and seqno in struct alias from int to
u_short
2007-09-15 07:24 millert
* alias.c, match.c, parse.c, parse.h: Add a sequence number in the
aliases for loop detection. If we find an alias with the seqno
already set to the current (global) value we know we've visited
it before so ignore it.
2007-09-13 19:05 millert
* TODO, sudo.c, sudo.h, auth/pam.c: PAM wants the full tty path so
add user_ttypath which holds the full path to the tty or is NULL
if no tty was present.
2007-09-13 18:42 millert
* auth/pam.c: Set PAM_RHOST to work around a bug in Solaris 7 and
lower that results in a segv.
2007-09-11 15:43 millert
* gram.c: regen
2007-09-11 15:42 millert
* alias.c, defaults.c, gram.y, list.c, list.h, match.c, parse.c,
parse.h, testsudoers.c, visudo.c: rename lh_ -> tq_
2007-09-10 17:33 millert
* alloc.c: remove some useless casts
2007-09-10 17:32 millert
* alloc.c: pull in inttypes.h for SIZE_MAX; we avoid stdint.h since
inttypes.h predates the final C99 spec and the standard specifies
that it shall include stdint.h anyway
2007-09-06 12:39 millert
* Makefile.in, alloca.c, configure.in: Since we ship with a
pre-generated parser there is no need to ship a bogus alloca
implementation.
2007-09-06 12:22 millert
* configure: regen
2007-09-06 12:19 millert
* configure.in: remove initial setting of CHECKSIA, we require that
it be unset if not used
2007-09-06 11:55 millert
* Makefile.in: add list.c to SRCS
2007-09-06 07:18 millert
* configure: regen
2007-09-06 07:17 millert
* configure.in: only do SIA checks on Digital Unix
2007-09-05 18:50 millert
* sudoers.cat, sudoers.man.in: regen
2007-09-05 18:48 millert
* ChangeLog, TODO: sync
2007-09-05 18:39 millert
* auth/kerb5.c: Remove call to krb5_cc_register() as it is not
needed for modern kerb5.
2007-09-05 18:16 millert
* configure: regen
2007-09-05 18:16 millert
* configure.in, aclocal.m4: New method for setting the default
authentication type and avoiding conflicts in auth types.
2007-09-05 14:45 millert
* match.c, parse.c, testsudoers.c: Each entry in a cmndlist now has
an associated runaslist so no need to keep track of the most
recent non-NULL one.
2007-09-04 18:51 millert
* ldap.c: back out partial ldaps support mistakenly committed
2007-09-04 10:57 millert
* ldap.c: Add support for unix groups and netgroups in sudoRunas
2007-09-03 16:28 millert
* sudo_edit.c: Fix sudoedit of a non-existent file. From Tilo
Stritzky.
2007-09-02 17:05 millert
* configure: regen
2007-09-02 17:05 millert
* INSTALL: update --passprompt escape info
2007-09-02 17:03 millert
* configure.in: remove now-bogus comment and update copyright date
2007-09-02 16:35 millert
* configure.in: Fix up use of with_passwd
2007-09-02 16:25 millert
* acsite.m4, config.guess, config.sub, configure.in, ltmain.sh:
Update to autoconf-2.61 andf libtool-1.5.24
2007-09-02 16:17 millert
* Makefile.in: "cmp -s" not just cmp Add @datarootdir@ to quiet
autoconf-2.61
2007-09-01 17:39 millert
* gram.c: regen
2007-09-01 17:39 millert
* gram.y: move tags and runaslist propagation to be earlier
2007-09-01 09:34 millert
* visudo.c: If -f flag given use the permissions of the original
file as a template
2007-09-01 08:45 millert
* gram.y: prevent a double free() when re-initing the parser
2007-08-31 19:30 millert
* configure: regen
2007-08-31 19:30 millert
* aclocal.m4, alias.c, alloc.c, config.h.in, configure.in, env.c,
ldap.c, list.c, list.h, memrchr.c, parse.c, parse.h, pwutil.c,
redblack.c, redblack.h, snprintf.c, sudo.c, sudo.h,
testsudoers.c, visudo.c, zero_bytes.c, auth/API, auth/afs.c,
auth/bsdauth.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h:
Remove support for compilers that don't support void *
2007-08-31 19:14 millert
* gram.c: regen
2007-08-31 19:13 millert
* Makefile.in, alias.c, defaults.c, gram.y, list.c, list.h,
match.c, parse.c, parse.h, testsudoers.c, visudo.c: Move list
manipulation macros to list.h and create C versions of the more
complex ones in list.c. The names have been down-cased so they
appear more like normal functions.
2007-08-31 17:21 millert
* Makefile.in: Fix cmp command when regenerating parser. Make
gram.o the first dependency for all programs so gram.h will be
generated before anything that needs it.
2007-08-31 13:56 millert
* parse.h, gram.y: Convert NEW_DEFAULT anf NEW_MEMBER into static
functions.
2007-08-30 21:21 millert
* match.c, parse.c, testsudoers.c: Use LH_FOREACH_REV when checking
permission and short-circuit on the first non-UNSPEC hit we get
for the command. This means that instead of cycling through the
all the parsed sudoers entries we start at the end and work
backwards and quit after the first positive or negative match.
2007-08-30 21:13 millert
* gram.c: regen
2007-08-30 21:12 millert
* defaults.c, gram.y, parse.c, parse.h, testsudoers.c, visudo.c:
Change list head macros to take a pointer, not a struct.
2007-08-30 20:46 millert
* gram.c: regen
2007-08-30 20:46 millert
* gram.y: Propagate the runasspec from one command to the next in a
cmndspec.
2007-08-30 16:15 millert
* match.c: Replace has_meta() with a macro that calls strpbrk().
2007-08-30 16:04 millert
* gram.c: regen
2007-08-30 13:26 millert
* alias.c, defaults.c, gram.y, match.c, parse.c, parse.h,
testsudoers.c, visudo.c: Use a list head struct when storing the
semi-circular lists and convert to tail queues in the process.
This will allow us to reverse foreach loops more easily and it
makes it clearer which functions expect a list as opposed to a
single member.
Add macros for manipulating lists. Some of these should become
functions.
When freeing up a list, just pop off the last item in the queue
instead of going from head to tail. This is simpler since we
don't have to stash a pointer to the next member, we always just
use the last one in the queue until the queue is empty.
Rename match functions that take a list to have list in the name.
Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
2007-08-30 13:12 millert
* parse.c: Fix pasto, append "!" not negated (which is an int) for
sudo -l output.
2007-08-30 12:45 millert
* Makefile.in: Remove the dependency of gram .h on gram.y, the .c
dependency is enough. Only move y.tab.h to gram.h if it is
different; avoids needless rebuilding.
2007-08-27 15:51 millert
* sudoers.pod: Defaults lines may be associated with lists of
users, hosts, commands and runas users, not just single entries.
2007-08-26 17:42 millert
* Makefile.in: Revert the "cmp" portion of the last diff, it
doesn't make sense.
2007-08-26 17:10 millert
* Makefile.in: Remove *.lo for clean: When generating the parser,
only move the generated files into place if they differ from the
existing ones.
2007-08-24 22:47 millert
* toke.c, toke.l: Replace IPV6 regexp with a much simpler
(readable) one and add an extra check when it matches to make
sure we have a valid address.
2007-08-24 22:36 millert
* match.c: Fix thinko introduced when merging IPV6 support.
2007-08-24 14:23 millert
* HISTORY, LICENSE: regen
2007-08-24 14:23 millert
* license.pod: add 2007
2007-08-24 14:19 millert
* UPGRADE: mention #uid vs. comment pitfall
2007-08-24 09:50 millert
* acsite.m4: Merge in a patch from the libtool cvs that fixes a
problem with the latest autoconf. From Stepan Kasal.
2007-08-23 20:28 millert
* parse.h: Back out he XOR swap trick, it is slower than a temp
variable on modern CPUs.
2007-08-23 20:14 millert
* gram.c: regen
2007-08-23 20:14 millert
* gram.y, parse.h: Convert the tail queue to a semi-circle queue
and use the XOR swap trick to swap the prev pointers during
append.
2007-08-23 15:31 millert
* parse.h: remove useless statement
2007-08-23 07:47 millert
* toke.c, toke.l: Refactor #include parsing into a separate
function and return unparsed chars (such as newline or comment)
back to the lexer.
2007-08-22 18:56 millert
* WHATSNEW: mention better uid support
2007-08-22 18:55 millert
* sudoers.pod: Users may now consist of a uid.
2007-08-22 18:39 millert
* gram.c, gram.h, toke.c: regen
2007-08-22 18:32 millert
* parse.c: Use lbuf_append_quoted() for sudo -l output to quote
characters that would require quoting in sudoers.
2007-08-22 18:31 millert
* lbuf.c, lbuf.h: Add lbuf_append_quoted() which takes a set of
characters which should be quoted with a backslash when
displayed.
2007-08-22 18:28 millert
* toke.l: Require that the first character after a comment not be a
digit or a dash. This allows us to remove the GOTRUNAS state and
treat uid/gids similar to other words. It also means that we can
now specify uids in User_Lists and a User_Spec may now contain a
uid.
2007-08-22 18:23 millert
* gram.y, toke.l: Replace RUNAS token with '(' and ')' tokens to
make the runas portion of the grammar more natural.
2007-08-22 06:35 millert
* Makefile.in, README, BUGS: The BUGS file is history
2007-08-21 09:19 millert
* toke.c, toke.l: Allow comments after a RunasAlias as long as the
character after the pound sign isn't a digit or a dash.
2007-08-20 20:43 millert
* WHATSNEW: Glob support was back-ported to 1.6.9
2007-08-20 19:59 millert
* Makefile.in: remove sudo_usage.h in distclean
2007-08-20 19:24 millert
* parse.c: If a Defaults value contains a blank, double-quote the
string.
2007-08-20 19:19 millert
* toke.c, toke.l: Properly deal with Defaults double-quoted strings
that span multiple lines using the line continuation char.
Previously, the entire thing, including the continuation char,
newline, and spaces was stored as-is.
2007-08-20 10:46 millert
* sudo.c: Be consistent when using single quotes and backticks.
2007-08-19 16:48 millert
* Makefile.in, configure, configure.in, lbuf.c, lbuf.h, parse.c,
sudo.c, sudo_usage.h.in: Add new linebuf code to do appends of
dynamically allocated strings and word-wrapped output. Currently
used for sudo's usage() and sudo -l output. Sudo usage strings
are now in sudo_usage.h which is generated at configure time.
2007-08-18 08:22 millert
* sudo.h, parse.c, sudo.c: Fix line wrapping in usage() and use the
actual tty width instead of assuming 80.
2007-08-17 18:32 millert
* history.pod: some more info
2007-08-17 17:28 millert
* history.pod: Mentioned Chris Jepeway's parser and also the new
one that is in sudo 1.7.
2007-08-16 09:38 millert
* sudo.pod, visudo.pod: For the options list, add flag args where
appropriate and increase the indent level so there is room for
them.
2007-08-15 13:49 millert
* parse.c: Fix some spacing in "sudo -l" and add a comment about
some bogosity in the line wrapping.
2007-08-15 11:21 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in,
visudo.man.in, visudo.cat: regen
2007-08-15 11:20 millert
* INSTALL, Makefile.in, WHATSNEW, config.h.in, configure.in,
def_data.c, def_data.h, def_data.in, gram.c, gram.h, gram.y,
parse.c, parse.h, pathnames.h.in, sudo.c, sudo.h, sudoers.pod,
testsudoers.c, toke.c, toke.l: Remove monitor support until there
is a versino of systrace that uses a lookaside buffer (or we have
a better mechanism to use).
2007-08-15 09:22 millert
* configure.in, configure, config.h.in, sudo.c: use getaddrinfo()
instead of gethostbyname() if it is available
2007-08-14 15:27 millert
* parse.c, sudo.c: Deal with OSes where sizeof(gid_t) <
sizeof(int).
2007-08-14 11:19 millert
* interfaces.c: repair non-getifaddrs() code after ipv6 integration
2007-08-14 10:04 millert
* sudo.c: If we can open sudoers but fail to read the first byte,
close the file stream before trying again.
2007-08-13 12:34 millert
* gram.c, toke.c: regen
2007-08-13 12:29 millert
* gram.y, interfaces.c, interfaces.h, match.c, sudoers.pod, toke.l:
Add IPv6 support; adapted from patches by YOSHIFUJI Hideaki
2007-08-13 12:23 millert
* sudo.pod, sudoers.pod, visudo.pod: Add some missing markup Update
copyright
2007-08-12 18:55 millert
* configure, configure.in: fix sudo_noexec extension which got
broken in the libtool update
2007-08-10 10:41 millert
* Makefile.in: explicitly specify -Tascii to nroff
2007-08-08 16:07 millert
* logging.c: remove an ANSI-ism that crept in
2007-08-06 20:37 millert
* sudo.pod: Adjust list indents Prevent -- from being turned into
an em dash Use a list for the environment instead of a literal
paragraph
2007-08-06 20:36 millert
* visudo.pod: Use a list for the environment instead of an indented
literal paragraph.
2007-08-06 20:33 millert
* sudoers.pod: Adjust list indentation
2007-08-06 20:31 millert
* license.pod: add =head3
2007-08-06 10:24 millert
* sudo.pod: mention that when specifying a uid for the -u option
the shell may require that the # be escaped
2007-08-01 22:08 millert
* match.c: Fix off by one in group matching.
2007-07-31 14:04 millert
* env.c: Fix typo: PYTHONINSPEC should be PYTHONINSPECT. From
David Krause.
2007-07-30 10:45 millert
* configure, configure.in: Add missing define of
HAVE_GSS_KRB5_CCACHE_NAME for the -lgssapi_krb5 case.
2007-07-30 09:29 millert
* aclocal.m4, configure.in, configure: Fix link tests such that new
gcc doesn't optimize away the test.
2007-07-29 19:21 millert
* sudo.pod, sudoers.pod, visudo.pod: add missing over/back
2007-07-29 19:09 millert
* sudo.pod, sudoers.pod, visudo.pod: Change FILES section to use
=item
2007-07-29 18:32 millert
* env.c: Add back allocation of the env struct in rebuild_env but
save a copy of the old pointer and free it before returning.
2007-07-29 16:09 millert
* env.c: Don't init the private environment in rebuild_env() since
it may have already been done implicitly
sudo_setenv/sudo_unsetenv.
Multiply length by sizeof(char *) in memcpy/memmove when copying
the environment so we copy the full thing.
Add missing set of parens so we deref the right pointer in
sudo_unsetenv when searching for a matching variable.
2007-07-26 16:35 millert
* sudo.pod, sudoers.pod, visudo.pod: Use file markup for paths in
the FILES section
2007-07-26 10:04 millert
* sudo.pod, sudoers.pod, visudo.pod: Don't capitalize sudo/visudo
2007-07-26 07:28 millert
* sudoers.pod: Sort sudoers options; based on a diff from Igor
Sobrado.
2007-07-25 16:19 millert
* sudo.pod, sudoers.pod, visudo.pod: Use 8 and 5 instead of
@mansectsu@ and @mansectform@ since the latter confuses pod2man.
The Makefile rules for the .man.in file will add @mansectsu@ and
@mansectform@ back in after pod2man is done anyway.
2007-07-22 19:09 millert
* LICENSE, Makefile.in, license.pod: Move license info to pod
format
2007-07-22 18:43 millert
* configure, configure.in, sudoers.pod: Substitute value of
path_info into sudoers man page.
2007-07-22 16:40 millert
* WHATSNEW: remove features that were back-ported to 1.6.9
2007-07-22 15:20 millert
* sudo.c, sudo.pod, visudo.c, visudo.pod: Sort SYNOPSIS and sync
usage. From Igor Sobrado.
2007-07-22 15:19 millert
* env.c: Only need sudo_setenv/sudo_unsetenv if we are going to use
ldap_sasl_interactive_bind_s() but don't have
gss_krb5_ccache_name().
2007-07-22 08:23 millert
* ChangeLog: rebuild without branch info
2007-07-22 08:23 millert
* Makefile.in: Add ChangeLog target
2007-07-22 08:14 millert
* auth/pam.c: Run cleanup code if the user hits ^C at the password
prompt.
2007-07-22 08:13 millert
* auth/pam.c: Some versions of pam_lastlog have a bug that will
cause a crash if PAM_TTY is not set so if there is no tty, set
PAM_TTY to the empty string.
2007-07-20 09:32 millert
* Makefile.in: ChageLog not Changelog
2007-07-20 09:31 millert
* ChangeLog: sync
2007-07-20 09:29 millert
* Makefile.in: CHANGE -> Changelog
2007-07-19 20:23 millert
* TODO: sync
2007-07-19 19:53 millert
* config.h.in, configure.in, configure, ldap.c: Add configure hooks
for gss_krb5_ccache_name() and the gssapi headers.
2007-07-18 12:57 millert
* env.c, sudo.c: rebuild_env() and insert_env_vars() no longer
return environment pointer, they set environ directly.
No longer need to pass around an envp pointer since we just
operate on environ now.
Add dosync argument to insert_env() that indicates whether it
should reset environ when realloc()ing env.envp.
Use an initial size of 128 for the environment.
2007-07-18 12:41 millert
* env.c: Split sudo_setenv() into an external version and a version
only for use by rebuild_env().
2007-07-16 19:40 millert
* ldap.c: Add support for using gss_krb5_ccache_name() instead of
setting KRB5CCNAME. Also use sudo_unsetenv() in the
non-gss_krb5_ccache_name() case if there was no KRB5CCNAME in the
original environment. TODO: configure setup for
gss_krb5_ccache_name()
2007-07-16 18:44 millert
* README.LDAP: add krb5_ccname
2007-07-16 18:44 millert
* README.LDAP, ldap.c: Add support for sasl_secprops in ldap.conf
2007-07-16 18:39 millert
* env.c, sudo.h: Add sudo_unsetenv() and refactor private env
syncing code into sync_env().
2007-07-16 07:27 millert
* README.LDAP, ldap.c: The ldap.conf variable is sasl_auth_id not
sasl_authid.
2007-07-15 15:44 millert
* ldap.c, sudo.c, sudo.h: Add support for krb5_ccname in ldap.conf.
If specified, it will override the default value of KRB5CCNAME
in the environment for the duration of the call to
ldap_sasl_interactive_bind_s().
2007-07-15 15:41 millert
* env.c, sudo.h: Remove format_env() Add sudo_setenv() to replace
most format_env() + insert_env() combinations. insert_env() no
longer takes a struct environment *
2007-07-15 12:47 millert
* ldap.c: Fix use_sasl vs. rootuse_sasl logic.
2007-07-15 09:23 millert
* README.LDAP, config.h.in, configure, configure.in, ldap.c: Add
support for SASL auth when connecting to an LDAP server. Adapted
from a diff by Tom McLaughlin.
2007-07-14 16:32 millert
* configure, configure.in: Only enable AIX or BSD auth if no other
exclusive auth method has been chosen. Allows people to e.g.,
use PAM on AIX without adding --without-aixauth. A better
solution is needed to deal with default authentication since if a
non-exclusive method is chosen we will still get an error.
2007-07-11 11:23 millert
* HISTORY, Makefile.in, history.pod: Generate HISTORY from
history.pod (which is also used for web pages)
2007-07-09 19:40 millert
* sudo.man.in, sudoers.man.in: regen
2007-07-09 19:25 millert
* sudo.pod: Better explanation of environment handling in the sudo
man page.
2007-07-09 15:13 millert
* env.c, sudo.c: Defer setting user-specified env vars until after
authentication.
2007-07-09 13:25 millert
* env.c: honor def_default_path for PATH set on the command line
2007-07-09 13:22 millert
* sudo.c, env.c, sudo.pod, sudoers.pod: Allow user to set
environment variables on the command line as long as they are
allowed by env_keep and env_check. Ie: apply the same
restrictions as normal environment variables. TODO: deal with
secure_path
2007-07-08 14:44 millert
* sudo.c, sudo_edit.c: Call rebuild_env() in call cases. Pass
original envp to sudo_edit(). Don't allow -E or env var setting
in sudoedit mode. More accurate usage() when called as sudoedit.
2007-07-08 14:41 millert
* ldap.c: warn -> warning
2007-07-08 14:11 millert
* sudo.pod: add -c option to sudoedit synopsis
2007-07-08 10:27 millert
* TODO: udpate to reality
2007-07-08 09:43 millert
* parse.c: Use ALLOW/DENY instead of TRUE/FALSE when dealing with
the return value from {user,host,runas,cmnd}_matches(). Rename
*matches variables -> *match. Purely cosmetic.
2007-07-08 09:30 millert
* parse.c: Move setting of FLAG_NO_CHECK into the if(pwflag) block.
No change in behavior.
2007-07-08 09:17 millert
* sudoers: add SETENV tag
2007-07-06 15:51 millert
* parse.c: Make pwcheck local to the pwflag block. Use pwcheck
even if user didn't match since Defaults options may still apply.
2007-07-06 14:51 millert
* check.c, sudo.c: Do not update timestamp if user not validated by
sudoers.
2007-07-06 10:14 millert
* set_perms.c: for PERM_RUNAS, set the egid to the runas user's gid
and restore to the user's original in PERM_ROOT
2007-07-06 10:04 millert
* logging.c, mon_systrace.c, set_perms.c, sudo.h: PERM_FULL_ROOT is
now no different than PERM_ROOT so remove PERM_FULL_ROOT
2007-07-06 09:49 millert
* check.c: don't check timestamp mtime if we are just going to
remove it
2007-07-06 09:33 millert
* sudoers.pod: Move sudoers defaults parameters into their own
section.
2007-07-05 20:21 millert
* testsudoers.c: Reduce a level of indent by a few placed continue
statements.
2007-07-05 20:20 millert
* parse.c: Make matching but negated commands/hosts/runas entries
override a previous match as expected. Also reduce some levels
of indent by a few placed continue statements.
2007-07-05 16:34 millert
* parse.c: Print default runas in "sudo -l" if sudoers don't
specify one.
2007-07-05 15:46 millert
* match.c: Less hacky way of testing whether the domain was set.
2007-07-04 15:50 millert
* INSTALL: Mention pam-devel and openldap-devel for Linux
2007-07-03 19:38 millert
* README.LDAP: or vs. are
2007-07-01 16:55 millert
* sudo.c: fix typo in Solaris project support
2007-07-01 09:40 millert
* HISTORY: update
2007-07-01 09:07 millert
* sudo.c: Make -- on the command line match the manual page. The
implied shell case has been simplified as a result.
2007-06-28 10:44 millert
* sudoers2ldif: add simplistic support for sudoRunas; note that if
a sudoers entry contains multiple Runas users, all will apply to
the sudoRole
2007-06-28 10:42 millert
* sudoers2ldif: honor SETENV and NOSETENV tags
2007-06-24 09:25 millert
* mon_systrace.c: Redo setting of user_args. We now build up a
private copy of argv first and then replace the NULs with spaces.
2007-06-24 09:19 millert
* mon_systrace.c: getcwd() returns NULL on failure, not 0 on
success
2007-06-24 07:39 millert
* mon_systrace.c: allow chunksiz to reach 1 before erroring out
2007-06-23 20:00 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: regen
2007-06-23 19:58 millert
* def_data.c, def_data.h, def_data.in, env.c, gram.c, gram.h,
gram.y, logging.c, parse.c, parse.h, sudo.c, sudo.h, sudo.pod,
sudoers.pod, toke.c, toke.l: Add support for setting environment
variables on the command line. This is only allowed if the
setenv sudoers options is enabled or if the command is prefixed
with the SETENV tag.
2007-06-23 19:57 millert
* README.LDAP: replace Aaron's email address with the sudo-workers
list
2007-06-23 19:55 millert
* configure: regen
2007-06-21 20:35 millert
* Makefile.in, README.LDAP, schema.OpenLDAP, schema.iPlanet: Break
schema out into separate files.
2007-06-21 18:28 millert
* auth/aix_auth.c: free message if set by authenticate()
2007-06-21 13:03 millert
* match.c: deal with NULL gr_mem
2007-06-20 15:04 millert
* config.h.in: regen
2007-06-20 15:04 millert
* configure.in: add template for HAVE_PROJECT_H
2007-06-20 07:06 millert
* closefrom.c: include fcntl.h
2007-06-19 19:37 millert
* INSTALL: mention --with-project
2007-06-19 18:24 millert
* config.h.in, configure.in, sudo.c: Add Solaris 10 "project"
support. From Michael Brantley.
2007-06-19 17:27 millert
* sudoers.pod: fix typo
2007-06-19 17:22 millert
* configure: regen
2007-06-19 17:21 millert
* configure.in: Fix preservation of LDFLAGS in the LDAP case.
2007-06-19 17:00 millert
* memrchr.c: Remove dependecy on NULL
2007-06-19 15:37 millert
* configure: regen
2007-06-19 15:37 millert
* aclocal.m4, configure.in: Can't use the regular autoconf
fnmatch() check since we need FNM_CASEFOLD so go back to our
custom one.
2007-06-19 12:52 millert
* env.c: Fix preserving of variables in env_keep.
2007-06-19 07:10 millert
* env.c: add XAUTHORIZATION
2007-06-18 20:41 millert
* UPGRADE: expand upon env resetting and mention that it began in
1.6.9 not 1.7.
2007-06-18 20:33 millert
* sudoers.pod: Update descriptions of env_keep and env_check to
match current reality.
2007-06-18 17:33 millert
* env.c: Add LINGUAS to initial_checkenv_table. Add COLORS,
HOSTNAME, LS_COLORS, MAIL, PS1, PS2, XAUTHORITY to
intial_keepenv_table.
2007-06-18 17:23 millert
* env.c, logging.c: Treat USERNAME environemnt variable like
LOGNAME/USER
2007-06-18 17:21 millert
* env.c: Don't need to populate keepenv table with the contents of
the checkenv table.
2007-06-18 08:57 millert
* sudo.c: Don't force sudo into the C locale.
2007-06-18 08:56 millert
* env.c: Make env_check apply when env_reset it true. Environment
variables are passed through unless they contain '/' or '%'.
There is no need to have a variable in both env_check and
env_keep.
2007-06-16 07:31 millert
* visudo.c: Remove an duplicate lock_file() call and add a comment.
2007-06-15 21:16 millert
* UPGRADE: Add sudo 1.6.9 upgrade note.
2007-06-14 12:23 millert
* interfaces.c: Solaris will return EINVAL if the buffer used in
SIOCGIFCONF is too small. From Klaus Wagner.
2007-06-14 12:03 millert
* Makefile.in, config.h.in, configure, configure.in, memrchr.c,
logging.c, sudo.h: Redo the long syslog line splitting based on a
patch from Eygene Ryabinkin. Include memrchr() for systems
without it.
2007-06-14 07:09 millert
* configure.in: Since we need to be able to convert timespec to
timeval for utimes() the last 3 digits in the tv_nsec are not
significant. This makes the sudoedit file date comparison work
again.
2007-06-13 13:41 millert
* aclocal.m4, configure, configure.in: Add SUDO_ADD_AUTH macro to
deal with adding things to AUTH_OBJS. This deals with exclusive
authentication methods in a simple way.
2007-06-12 13:08 millert
* LICENSE: mkstemp.c is BSD code too.
2007-06-12 09:21 millert
* sudo.pod, sudoers.pod, visudo.pod: No commercial support for now.
2007-06-11 18:27 millert
* sudo.c: cleanenv() is no more.
2007-06-10 18:37 millert
* ChangeLog: Display branch info in Changelog
2007-06-10 18:18 millert
* utimes.c: Include config.h early so we have it for
TIME_WITH_SYS_TIME
2007-06-10 18:00 millert
* ChangeLog: Fix Changelog generation and update.
2007-06-09 07:26 millert
* closefrom.c: Use /proc/self/fd instead of /proc/$$/fd
Move old-style fd closing into closefrom_fallback() and call that
if /proc/self/fd doesn't exist or the F_CLOSEM fcntl() fails
2007-06-09 07:24 millert
* config.h.in, configure.in, auth/kerb5.c: o use
krb5_verify_user() if available instead of doing it by hand
o use krb5_init_secure_context() if we have it
o pass an encryption type of 0 to krb5_kt_read_service_key()
instead of
ENCTYPE_DES_CBC_MD5 to let kerberos choose.
2007-06-09 07:20 millert
* env.c: Check TERM and COLORTERM for '%' and '/' characters. From
Debian.
2007-06-09 07:17 millert
* configure.in: Fix closefrom() substitution in the Makefile
2007-06-09 07:15 millert
* TROUBLESHOOTING: Mention alternate sudo pronunciation.
2007-06-07 07:52 millert
* env.c: Remove KRB5_KTNAME from environment. Allow COLORTERM.
2007-06-07 07:22 millert
* auth/kerb5.c: If we cannot get a valid service key using the
default keytab it is a fatal error. Fixes a bug where sudo could
be tricked into allowing access when it should not by a fake KDC.
From Thor Lancelot Simon.
2007-05-12 08:56 millert
* aclocal.m4, configure, configure.in: Update long long checks to
use AC_CHECK_TYPES and to cache values.
2007-05-12 08:07 millert
* aclocal.m4, configure.in: Use AC_FUNC_FNMATCH instead of a
homebrew fnmatch checker. We can't use AC_REPLACE_FNMATCH since
that assumes replacing with GNU fnmatch.
2007-05-11 17:05 millert
* configure, configure.in: Add closefrom() to LIB_OBJS not
SUDO_OBJS if it is missing since we need it for visudo now too.
2007-04-24 14:44 millert
* sudoers.pod: Attempt to clarify the bit talking about network
numbers w/o netmasks.
2007-04-24 14:25 millert
* sudo.pod: Clarify timestamp dir ownership sentence.
2007-04-20 12:40 millert
* auth/pam.c: Linux PAM now defines __LINUX_PAM__, not
__LIBPAM_VERSION. From Dmitry V. Levin.
2007-04-16 12:13 millert
* sudo.c: -i is also one of the mutually exclusive options to list
it in the warning message. Noted by Chris Pepper.
2007-04-12 11:18 millert
* visudo.pod: The sudoers variable is env_editor, not enveditor.
From Jean-Francois Saucier.
2007-03-29 13:30 millert
* redblack.c: I tracked down the original author so credit him and
include his license info.
2007-02-06 13:25 millert
* sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
sudoers.pod: Fix typos; from Jason McIntyre.
2007-02-06 13:23 millert
* logging.c: Restore signal mask before calling reapchild(). Fixes
a possible race condition that could prevent sudo from properly
waiting for the child.
2007-01-31 10:02 millert
* pwutil.c: Don't declare pw_free() if we are not going to use it.
2007-01-31 10:00 millert
* env.c: Add NOEXEC support for AIX 5.3 which supports LDR_PRELOAD
and LDR_PRELOAD64. The 64-bit version is not currently
supported. Remove zero_env() prototype as it no longer exists.
2006-12-11 13:21 millert
* logging.c: Add "Auto-Submitted: auto-generated" line to sudo mail
for rfc 3834.
2006-09-29 10:53 millert
* auth/pam.c: If the user enters ^C at the password prompt, abort
instead of trying to authenticate with an empty password (which
causes an annoying delay).
2006-08-17 11:26 millert
* closefrom.c, config.h.in, configure, configure.in: Add fcntl
F_CLOSEM support to closefrom(); adapted from a diff by Darren
Tucker.
2006-08-17 11:25 millert
* pwutil.c: pw_free() is only used by sudo_freepwcache() so ifdef
it out too.
2006-08-04 11:34 millert
* config.sub, config.guess: Update to latest versions from
cvs.savannah.gnu.org
2006-07-31 13:51 millert
* pwutil.c, sudo_edit.c: Move password/group cache cleaning out of
sudo_end{pw,grp}ent() so we can close the passwd/group files
early.
2006-07-31 13:50 millert
* config.h.in, configure, configure.in, set_perms.c: Add seteuid()
flavor of set_perms() for systems without setreuid() or
setresuid() that have a working seteuid(). Tested on Darwin.
2006-07-30 15:56 millert
* mon_systrace.c: systrace_read() returns ssize_t
2006-07-30 15:53 millert
* configure, configure.in: Fix typo, -lldap vs. -ldap; from Tim
Knox.
2006-07-28 13:12 millert
* HISTORY: Fix typo; Matt Ackeret
2006-07-17 08:25 millert
* sudo.c: Print sudoers path in -V mode for root.
2006-06-15 14:44 millert
* ldap.c: Do a sub tree search instead of a base search (one level
in the tree only) for sudo right objects. This allows system
administrators to categorize the rights in a tree to make them
easier to manage.
2005-12-28 13:52 millert
* sudo.pod: fix typo
2005-12-04 12:16 millert
* ldap.c: Convert GET_OPT and GET_OPTI to use just 2 args. Add
timelimit and bind_timelimit support; adapted from gentoo.
2005-11-23 18:57 millert
* ldap.c: Support comments that start in the middle of a line
2005-11-23 18:56 millert
* configure.in, configure: Define LDAP_DEPRECATED until we start
using ldap_get_values_len()
2005-11-18 09:55 millert
* closefrom.c: Silence gcc -Wsign-compare; djm@openbsd.org
2005-11-17 20:39 millert
* error.c, sudo.c, sudo.h, testsudoers.c, visudo.c: cleanup() now
takes an int as an arg so it can be used as a signal handler too.
2005-11-17 20:38 millert
* sudo.c: Make a copy of the shell field in the passwd struct for
NewArgv to avoid a use after free situation after sudo_endpwent()
is called.
2005-11-16 20:36 millert
* Makefile.in, mkstemp.c, config.h.in, configure, configure.in: Add
mkstemp() for those poor souls without it.
2005-11-15 09:25 millert
* env.c: Add PERL5DB to list of environment variables to remove.
2005-11-13 15:49 millert
* mon_systrace.c, mon_systrace.h: Instead of calling the check
function twice with a state cookie use separate check/log
functions.
Check more ioctl() calls for failure.
systrace_{read,write} now return the number of bytes read/written
or -1 on error.
2005-11-13 14:51 millert
* env.c: Add more environment variables to remove; from gentoo
linux Add some comments about what bad env variables go to what
(more to do)
2005-11-11 17:23 millert
* sudo.c, sudo_edit.c: Move sudo_end{gr,pw}ent() until just before
the exec since they free up our cached copy of the passwd
structs, including sudo_user and sudo_runas. Fixes a
use-after-free bug.
2005-11-11 17:19 millert
* visudo.c: Close all fd's before executing editor.
2005-11-11 17:17 millert
* sudo.c: Enable malloc debugging on OpenBSD when SUDO_DEVEL is
set.
2005-11-11 11:22 millert
* check.c: Fix fd leak when lecture file option is enabled. From
Jerry Brown
2005-11-07 11:02 millert
* env.c: Add PERLLIB, PERL5LIB and PERL5OPT to the default list of
environment variables to remove. From Charles Morris
2005-11-01 13:24 millert
* env.c: add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5
2005-10-27 20:35 millert
* env.c: add PS4 and SHELLOPTS to initial_badenv_table for bash
2005-08-14 20:32 millert
* sudoers.pod: Fix typo; Toby Peterson
2005-08-02 09:57 millert
* tsgetgrpw.c: Make return buffers static so they don't get
clobbered
2005-07-27 21:14 millert
* auth/securid5.c: Fix securid5 authentication, was not checking
for ACM_OK. Also add default cases for the two switch()es.
Problem noted by ccon at worldbank
2005-06-26 20:10 millert
* ldap.c: Remove ncat() in favor of just counting bytes and
pre-allocating what is needed.
2005-06-26 19:44 millert
* ldap.c: Fix up some comments Add missing fclose() for the
rootbinddn case
2005-06-26 19:38 millert
* ldap.c: align struct ldap_config
2005-06-26 19:37 millert
* ldap.c: use LINE_MAX for max conf file line size
2005-06-26 18:36 millert
* pathnames.h.in: add _PATH_LDAP_SECRET
2005-06-26 18:36 millert
* README.LDAP: Mention rootbinddn Give example ou=SUDOers container
2005-06-25 18:03 millert
* configure, INSTALL, configure.in, ldap.c: Support rootbinddn in
ldap.conf
2005-06-25 17:46 millert
* env.c, sudo.pod, sudoers.pod: Preserve DISPLAY environment
variable by default.
2005-06-25 16:39 millert
* acsite.m4, configure: set need_lib_prefix=no for all cases; this
is safe for LD_PRELOAD
2005-06-25 16:15 millert
* acsite.m4, configure: set need_version=no for all cases; this is
safe for LD_PRELOAD
2005-06-25 14:45 millert
* aclocal.m4: typo
2005-06-25 14:33 millert
* configure, configure.in: Add dragonfly
2005-06-25 14:29 millert
* auth/pam.c: Fix call to pam_end() when pam_open_session() fails.
2005-06-25 14:21 millert
* configure: regen
2005-06-25 14:20 millert
* acsite.m4: rebuild acsite.m4 from libtool 1.9f libtool.m4
ltoptions.m4 ltsugar.m4 ltversion.m4
2005-06-25 14:08 millert
* config.guess, config.sub, ltmain.sh: merge in local changes:
config.guess: o better openbsd support config.sub: o hiuxmpp
support ltmain.sh o remove requirement that libs must begin with
"lib" o don't print a bunch of crap about library installs o
don't run ldconfig
2005-06-25 14:05 millert
* config.guess, config.sub, ltmain.sh: libtool 1.9f
2005-06-25 14:04 millert
* configure.in: Update with autoupdate and make minor changes for
libtool 1.9f
2005-06-22 23:19 millert
* parse.c: don't call sudo_ldap_display_cmnd if ldap not setup
2005-06-22 23:04 millert
* check.c, compat.h, fileops.c, gettime.c, sudo_edit.c, visudo.c,
emul/timespec.h: Move declatation of struct timespec to its own
include files for systems without it since it needs time_t
defined.
2005-06-22 22:57 millert
* ldap.c: Don't set safe_cmnd for the "sudo ALL" case.
2005-05-27 01:59 millert
* auth/pam.c: Call pam_open_session() and pam_close_session() to
give pam_limits a chance to run. Idea from Karel Zak.
2005-04-24 19:24 millert
* check.c, sudo.c: Add explicit cast from mode_t -> u_int in printf
to silence warnings on Solaris
2005-04-24 19:22 millert
* parse.c: include grp.h to silence a warning on Solaris
2005-04-23 15:10 millert
* parse.c: Fix printing of += and -= defaults.
2005-04-17 01:21 millert
* mon_systrace.c: Sanity check number of syscall args with argsize.
Not really needed but a little paranoia never hurts.
2005-04-17 01:18 millert
* mon_systrace.c, mon_systrace.h: Don't do pointer arithmetic on
void * Use int, not size_t/ssize_t for systrace lengths (since it
uses int)
2005-04-16 03:14 millert
* mon_systrace.c: Add some memsets for paranoia Fix namespace
collsion w/ error Check rval of decode_args() and update_env()
Remove improper setting of validated variable
2005-04-11 21:37 millert
* parse.c, sudo.c, sudo.h: In -l mode, only check local sudoers
file if def_ignore_sudoers is not set and call LDAP versions from
display_privs() and display_cmnd() instead of directly from
main(). Because of this we need to defer closing the ldap
connection until after -l processing has ocurred and we must pass
in the ldap pointer to display_privs() and display_cmnd().
2005-04-11 21:33 millert
* ldap.c: Reorganize LDAP code to better match normal sudoers
parsing. Instead of storing strings for later printing in -l
mode we do another query since the authenticating user and the
user being listed may not be the same (the new -U flag). Also
add support for "sudo -l command".
There is still a fair bit if duplicated code that can probably be
refactored.
2005-04-11 00:37 millert
* ldap.c: Replace pass variable with do_netgr for better
readability.
2005-04-10 23:49 millert
* ldap.c: use DPRINTF macro
2005-04-10 23:18 millert
* ldap.c: estrdup, not strdup
2005-04-10 17:44 millert
* parse.c: Add macro to test if the tag changed to improve
readability.
2005-04-10 17:40 millert
* parse.c: Avoid printing defaults header if there are no defaults
to print...
2005-04-10 15:29 millert
* glob.c: Fix a warning on systems without strlcpy().
2005-04-10 13:32 millert
* pwutil.c: Use macros where possible for sudo_grdup() like
sudo_pwdup().
2005-04-08 17:04 millert
* utimes.c: It is possible for tv_usec to hold >= 1000000 usecs so
add in tv_usec / 1000000.
2005-03-29 23:38 millert
* auth/kerb5.c: The component in krb5_principal_get_comp_string()
should be 1, not 0 for Heimdal. From Alex Plotnick.
2005-03-29 09:29 millert
* alias.c, alloc.c, check.c, defaults.c, find_path.c, gram.c,
gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c,
pwutil.c, redblack.c, sudo.c, sudo.h, toke.c, toke.l, visudo.c:
Add efree() for consistency with emalloc() et al. Allows us to
rely on C89 behavior (free(NULL) is valid) even on K&R.
2005-03-28 22:33 millert
* parse.c, sudo.c: Move initgroups() for -U option into
display_privs() so group matching in sudoers works correctly.
2005-03-26 21:34 millert
* ldap.c: Removed duplicate call to ldap_unbind_s introduced along
with sudo_ldap_close.
2005-03-26 20:01 millert
* parse.c: Add missing space in Defaults printing
2005-03-25 12:36 millert
* pwutil.c: Sync sudo_pwdup with OpenBSD changes: use macros for
size computaton and string copies.
2005-03-18 22:08 millert
* pwutil.c: Zero old pw_passwd before replacing with version from
shadow file.
2005-03-18 22:07 millert
* configure, configure.in: Only attempt shadow password detection
if PAM is not being used Add shadow_* variables to make shadow
password detection more generic.
2005-03-18 21:46 millert
* configure.in: Use OSDEFS for os-specific -D_FOO_BAR stuff rather
than CPPFLAGS
2005-03-12 19:27 millert
* sudoers.pod: use a non-breaking space to avoid a double space
after e.g.
2005-03-12 19:26 millert
* sudo.pod: commna, not colon after e.g.
2005-03-12 18:43 millert
* sudo_noexec.c: Add __ variants of the exec functions. GNU libc
at least uses __execve() internally.
2005-03-12 12:29 millert
* indent.pro: Match reality a bit more.
2005-03-12 12:27 millert
* pwutil.c: Missed piece from rev. 1.6, fix sudo_getpwnam() too.
2005-03-11 23:42 millert
* pwutil.c: Store shadow password after making a local copy of
struct passwd in case normal and shadow routines use the same
internal buffer in libc.
2005-03-10 20:57 millert
* alloc.c, logging.c: Make varargs usage consistent with the rest
of the code.
2005-03-10 10:09 millert
* sudo_noexec.c: Wrap more of the exec family since on Linux the
others do not appear to go through the normal execve() path.
2005-03-10 09:57 millert
* visudo.c: make print_unused static like proto says
2005-03-10 09:55 millert
* glob.c: silence a warning on K&R systems
2005-03-10 09:51 millert
* parse.c, alias.c, error.c: make this build in K&R land
2005-03-07 22:21 millert
* toke.c: regen
2005-03-05 22:46 millert
* ldap.c: return(foo) not return foo optimize _atobool() slightly
2005-03-05 22:40 millert
* ldap.c: Use TRUE/FALSE
2005-03-05 22:31 millert
* ldap.c: Reformat to match the rest of sudo's code.
2005-03-05 19:33 millert
* sudo.pod: I am the primary author
2005-02-22 22:28 millert
* README, RUNSON, Makefile.in: The RUNSON file is toast--it
confused too many people and really isn't needed in a
configure-oriented world.
2005-02-22 22:28 millert
* INSTALL: alternate -> alternative
2005-02-22 22:26 millert
* tgetpass.c: Use TCSADRAIN instead of TCSAFLUSH since some OSes
have issues with TCSAFLUSH.
2005-02-22 22:16 millert
* toke.l: Allow leading blanks before Defaults and Foo_Alias
definitions
2005-02-22 22:14 millert
* Makefile.in: fix rules to build toke.o and gram.o in devel mode
2005-02-20 13:00 millert
* sudoers.pod: env_keep overrides set_logname
2005-02-20 12:57 millert
* env.c: Fix disabling set_logname and make env_keep override
set_logname.
2005-02-20 12:28 millert
* compat.h, config.h.in, configure, configure.in: No longer need
memmove()
2005-02-20 11:48 millert
* env.c, sudo.c: Just clean the environment once. This assumes
that any further setenv/putenv will be able to handle the fact
that we replaced environ with our own malloc'd copy but all the
implementations I've checked do.
2005-02-15 23:16 millert
* env.c, sudo.c: In -i mode, base the value of insert_env()'s
dupcheck flag on DID_FOO flags. Move checks for $HOME resetting
into rebuild_env()
2005-02-13 00:33 millert
* env.c, sudo.c: Move setting of user_path, user_shell, user_prompt
and prev_user into init_vars() since user_shell at least is
needed there.
2005-02-12 18:51 millert
* Makefile.in: fix devel builds
2005-02-12 18:46 millert
* check.c, sudo.c: Fix some printf format mismatches on error.
2005-02-12 18:33 millert
* configure, gram.c, toke.c: regen
2005-02-12 17:56 millert
* LICENSE, Makefile.binary.in, Makefile.in, aclocal.m4, alias.c,
alloc.c, check.c, closefrom.c, compat.h, configure.in,
defaults.c, defaults.h, env.c, error.c, fileops.c, find_path.c,
getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.y,
interfaces.c, interfaces.h, ldap.c, logging.c, logging.h,
match.c, mon_systrace.c, parse.c, redblack.c, redblack.h,
set_perms.c, sigaction.c, snprintf.c, strcasecmp.c, strerror.c,
strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.pod, sudo_edit.c,
sudo_noexec.c, sudoers.pod, testsudoers.c, tgetpass.c, toke.l,
utimes.c, version.h, visudo.c, visudo.pod, zero_bytes.c,
auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, auth/dce.c,
auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h,
emul/utime.h: Update copyright years.
2005-02-12 16:46 millert
* BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
version 1.7
2005-02-12 16:16 millert
* WHATSNEW: What's new in sudo 1.7, based on the 1.7 CHANGES
entries.
2005-02-11 18:06 millert
* compat.h, logging.h, sudo.h: Add __printflike and use it with gcc
to warn about printf-like format mismatches
2005-02-10 00:16 millert
* CHANGES, ChangeLog: Replaced CHANGES file with ChangeLog
generated from cvs logs
2005-02-10 00:03 millert
* set_perms.c: Use warning/error instead of perror/fatal.
2005-02-09 23:13 millert
* config.guess: Update OpenBSD section
2005-02-09 23:10 millert
* UPGRADE: Add upgrading noted for 1.7
2005-02-09 23:00 millert
* env.c, sudo.c, sudoers.pod: Instead of zeroing out the
environment, just prune out entries based on the env_delete and
env_check lists. Base building up the new environment on the
current environment and the variables we removed initially.
2005-02-09 22:23 millert
* configure, configure.in, sudo.c, config.h.in: Set locale to "C"
if locales are supported, just to be safe.
2005-02-09 22:19 millert
* toke.c, toke.l: Cast argument to ctype functions to unsigned
char.
2005-02-07 22:56 millert
* env.c: correct value for DID_USER
2005-02-07 22:55 millert
* error.c, fnmatch.c, getcwd.c, glob.c, snprintf.c: #include
<compat.h> not "compat.h"
2005-02-07 22:51 millert
* defaults.c: Reset the environment by default.
2005-02-07 22:50 millert
* sudo.c: Alloc an extra slot in NewArgv. Removes the need to
malloc an new vector if execve() fails.
2005-02-06 23:16 millert
* INSTALL, config.h.in, configure, configure.in, sudo.c: Use
execve(2) and wrap the command in sh if we get ENOEXEC.
2005-02-05 23:01 millert
* sudo_noexec.c: Only include time.h on systems that lack struct
timespec which gets defind in compat.h (using time_t).
2005-02-05 22:59 millert
* sudo_noexec.c: Include time.h for time_t in compat.h for systems
w/o struct timespec.
2005-02-05 22:56 millert
* configure, compat.h, config.h.in, configure.in: use bcopy on
systems w/o memmove
2005-02-05 22:31 millert
* compat.h: __attribute__((__unused__)) doesn't work in gcc 2.7.2.1
so limit its use to gcc >= 2.8.
2005-02-05 21:21 millert
* Makefile.in: Add explicit rule to build sudo_noexec.lo
2005-02-05 17:56 millert
* INSTALL.configure, Makefile.in: No longer depend on VPATH;
pointed out a bunch of missed dependencies.
2005-02-05 13:18 millert
* TROUBLESHOOTING: Help for PAM when account section is missing
2005-02-05 13:01 millert
* auth/pam.c: Give user a clue when there is a missing "account"
section in the PAM config.
2005-02-05 10:22 millert
* auth/pam.c: Better error handling.
2005-02-05 09:57 millert
* configure, config.h.in, configure.in: Move _FOO_SOURCE to
CPPFLAGS so it takes effect as early as possible. Silences a
warning about isblank() on linux.
2005-02-04 21:49 millert
* auth/pam.c: Fix typo (missing comma) that caused an incorrect
number of args to be passed to log_error().
2005-01-31 23:03 millert
* pwutil.c: Don't try to destroy a tree we didn't create.
2005-01-27 10:42 millert
* alias.c, alloc.c, check.c, closefrom.c, compat.h, defaults.c,
env.c, error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c,
getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.c,
gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c,
parse.c, pwutil.c, set_perms.c, sigaction.c, snprintf.c,
strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c,
toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c,
auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
auth/rfc1938.c, auth/secureware.c, auth/securid.c,
auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Add __unused to
rcsids
2005-01-21 10:34 millert
* configure, configure.in: Fix error message when mixing invalid
auth types
2005-01-21 10:32 millert
* INSTALL: PAM, AIX auth, BSD auth and login_cap are now on by
default if the OS supports them.
2005-01-21 10:29 millert
* config.h.in, auth/sudo_auth.h: s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g
2005-01-21 10:29 millert
* configure.in: Better checking for conflicting authentication
methods Display the authentication methods used at the end of
configure Rename --with-authenticate -> --with-aixauth Use
--with-aixauth, --with-bsdauth, --with-pam, --with-logincap by
default on systems that support them unless disabled. Add
OSMAJOR variable that replaces old OSREV; now OSREV has full
version number
2005-01-17 19:40 millert
* def_data.c, def_data.in, sudo.c, sudoers.pod: s/-O/-C/
2005-01-14 13:35 millert
* configure.in: Replace: test -n "$FOO" || FOO="bar"
With: : ${FOO='bar'}
2005-01-09 18:58 millert
* pwutil.c, testsudoers.c, tsgetgrpw.c: Use function pointers to
only call private passwd/group routines when using a nonstandard
passwd/group file.
2005-01-06 10:34 millert
* CHANGES: sync
2005-01-05 22:16 millert
* tsgetgrpw.c: Can't use strtok() since it doesn't handle empty
fields so add getpwent()/getgrent() functions and call those.
2005-01-05 17:29 millert
* Makefile.in: Fix dummied out toke.c and gram.c dependencies.
2005-01-05 17:18 millert
* Makefile.in: Rename PARSESRCS -> GENERATED since it is only used
in the clean target Add devdir variable and use it to specify the
path to parser sources
2005-01-05 17:17 millert
* configure: regen
2005-01-05 17:17 millert
* configure.in: Add a devdir variables that defaults to $(srcdir)
and is set to . if --devel was specified. Allows for proper
dependecies building the parser.
2005-01-05 14:50 millert
* testsudoers.c: Add support for custom passwd/group files.
2005-01-05 14:47 millert
* Makefile.in: Build private copy of pwutil.o for testsudoers with
MYPW defined so it uses our own passwd/group routines.
2005-01-05 14:46 millert
* visudo.c: Remove sudo_*{pw,gr}* stubs and add
sudo_setspent/sudo_endspent stubs instead. We can now just use
the caching sudo_*{pw,gr}* functions in pwutil.c Add comment
about wanting to call sudo_endpwent/sudo_endgrent in cleanup()
2005-01-05 14:44 millert
* tsgetgrpw.c: Remove caching; we will just use what is in pwutil.c
Use global buffers for passwd/group structs Rename functions from
sudo_* to my_*
2005-01-05 14:43 millert
* logging.c, sudo.c: g/c pwcache_init/pwcache_destroy
2005-01-05 14:42 millert
* sudo.h: Undo last commit and add sudo_setspent and sudo_endspent
instead.
2005-01-05 14:41 millert
* getspwuid.c, pwutil.c: Move all but the shadow stuff from
getspwuid.c to pwutil.c and pwcache_get and pwcache_put as they
are no longer needed. Also add preprocessor magic to use private
versions of the passwd and group routines if MYPW is defined (for
use by testsudoers).
2005-01-04 22:40 millert
* tsgetgrpw.c: zero out struct passwd/group before filling it in so
if there are fields we don't handle they end up as 0.
2005-01-04 20:10 millert
* logging.c, sudo.c, sudo.h, testsudoers.c, visudo.c: Adapt to
pwutil.c
2005-01-04 20:09 millert
* Makefile.in: Add tsgetgrpw.c and pwutil.c Rename the *OBJ
variables for better readability.
2005-01-04 20:08 millert
* tsgetgrpw.c: Passwd and group lookup routines for testsudoers
that support alternate passwd and group files.
2005-01-04 20:07 millert
* getspwuid.c, pwutil.c: Split off pw/gr cache and dup code into
its own file. This allows visudo and testsudoers to use the
pw/gr cache too.
2005-01-01 19:31 millert
* parse.c: Print Defaults info in "sudo -l" output and wrap lines
based on the terminal width.
2005-01-01 12:41 millert
* match.c, visudo.c, testsudoers.c: Only check group vector in
usergr_matches() if we are matching the invoking or list user.
Always check the group members, even if there was a group vector.
2004-12-17 17:24 millert
* LICENSE, Makefile.in, fnmatch.3: No longer bundle fnmatch.3
2004-12-17 13:12 millert
* CHANGES, TODO: checkpoint
2004-12-16 14:20 millert
* sudo.c: sort usage
2004-12-16 14:20 millert
* sudo.pod: Sort command line options
2004-12-16 13:33 millert
* def_data.c, def_data.h, def_data.in, defaults.c, logging.c,
sudo.c, sudo.pod, sudoers.pod: Add closefrom sudoers option to
start closing at a point other than 3. Add closefrom_override
sudoers option and -C sudo flag to allow the user to specify a
different closefrom starting point.
2004-12-16 13:25 millert
* pathnames.h.in: Add _PATH_DEVNULL for those without it.
2004-12-15 22:55 millert
* LICENSE: no more UCB strcasecmp
2004-12-15 22:54 millert
* strcasecmp.c: replace BSD licensed one with version derived from
pdksh
2004-12-09 21:07 millert
* sudo.c: Fix last commit.
2004-12-09 19:26 millert
* sudo.c: Make sure stdin, stdout and stderr are open and dup them
to /dev/null if not.
2004-12-03 13:57 millert
* ldap.c, mon_systrace.c, sudo.c, sudo.h: add sudo_ldap_close
2004-12-03 13:52 millert
* fileops.c, gettime.c, sudo.c, sudo_edit.c, utimes.c, visudo.c:
Use TIME_WITH_SYS_TIME
2004-12-03 13:48 millert
* configure, configure.in, config.h.in: Add TIME_WITH_SYS_TIME_H
2004-12-02 11:18 millert
* env.c: Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE
being set unconditionally on darwin. From Toby Peterson.
2004-12-02 10:40 millert
* getspwuid.c: Check rbinsert() return value. In the case of faked
up entries there is usually a negative response cached that we
need to overwrite.
In pwfree() don't try to zero out a NULL pw_passwd pointer.
2004-12-02 09:53 millert
* mon_systrace.c: Use the double fork trick to avoid the monitor
process being waited for by the main program run through sudo.
2004-11-29 12:52 millert
* sudo.c: Call initgroups() in -U mode so group matches work
normally.
2004-11-29 12:34 millert
* def_data.h, mkdefaults: Don't print a trailing comma for the last
entry in enum def_tupple
2004-11-28 16:08 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: Mention values when
lecture, listpw and verifypw are used in boolean context.
2004-11-28 16:05 millert
* def_data.c, def_data.in: verifypw when used in a boolean TRUE
context should be "all", not "any".
2004-11-26 14:21 millert
* def_data.in, defaults.c: Allow tuples that can be used as
booleans to be used as boolean TRUE. In this case the 2nd
possible value of the tuple is used for TRUE.
2004-11-25 12:23 millert
* configure, configure.in: Correct the test for 2-parameter
timespecsub
2004-11-25 12:20 millert
* sudo.h: Add strub struct definitions for passwd, timeval and
timespec
2004-11-25 12:09 millert
* configure, configure.in, config.h.in, sudo_edit.c, visudo.c: Add
check for 2-argument form of timespecsub (FreeBSD and BSD/OS) and
fix a typo in the gettimeofday check.
2004-11-24 16:44 millert
* match.c, testsudoers.c: Deal with user_stat being NULL as it is
for visudo and testsudoers.
2004-11-24 16:31 millert
* parse.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod: Add -U
option to use in conjunction with -l instead of -u. Add support
for "sudo -l command" to test a specific command.
2004-11-24 16:28 millert
* gram.c, gram.y, sudo.c: Set safe_cmnd after sudoers_lookup() if
it has not been set. Previously it was set by sudo "ALL" in the
parser but at that point the fully-qualified pathname has not yet
been found.
2004-11-23 18:18 millert
* parse.c, testsudoers.c: Correctly handle multiple privileges per
userspec and runas inheritence.
2004-11-21 14:09 millert
* defaults.c: Zero out sd_un for each entry in sudo_defs_table in
init_defaults.
2004-11-19 18:04 millert
* toke.c, toke.l: make per-command defaults work with sudoedit
2004-11-19 18:00 millert
* ldap.c, parse.c, sudo.c, sudo.h: Remove the FLAG_NOPASS,
FLAG_NOEXEC and FLAG_MONITOR flags. Instead, we just set the
approriate defaults variable.
2004-11-19 17:09 millert
* sample.sudoers, sudoers.cat, sudoers.man.in, sudoers.pod:
Document per-command Defaults.
2004-11-19 16:35 millert
* defaults.c, defaults.h, gram.c, gram.h, gram.y, mon_systrace.c,
sudo.c, testsudoers.c, toke.c, toke.l, visudo.c: Add support for
command-specific Defaults entries. E.g.
Defaults!/usr/bin/vi noexec
2004-11-19 15:03 millert
* defaults.c, match.c, parse.c, parse.h, testsudoers.c: Change an
occurence of user_matches() -> runas_matches() missed previously
runas_matches(), host_matches() and cmnd_matches() only really
need to pass in a list of members. user_matches() still needs to
pass in a passwd struct because of "sudo -l"
2004-11-19 14:46 millert
* parse.c: Check def_authenticate, def_noexec and def_monitor when
setting return flags. XXX May be better to just set the defaults
directly and get rid of those flags.
2004-11-19 13:39 millert
* alias.c, alloc.c, check.c, closefrom.c, defaults.c, env.c,
error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c,
getprogname.c, getspwuid.c, gettime.c, glob.c, goodpath.c,
gram.c, gram.y, interfaces.c, ldap.c, logging.c, match.c,
mon_systrace.c, parse.c, redblack.c, set_perms.c, snprintf.c,
strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
sudo_edit.c, sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c,
toke.l, utimes.c, visudo.c, zero_bytes.c, auth/afs.c,
auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
auth/rfc1938.c, auth/secureware.c, auth/securid.c,
auth/securid5.c, auth/sia.c, auth/sudo_auth.c: Use: #include
<config.h> Not: #include "config.h" That way we get the correct
config.h when build dir != src dir
2004-11-19 13:30 millert
* Makefile.in: Back out part of rev 1.263; fix -I order
2004-11-19 13:12 millert
* toke.c, toke.l: More robust parsing if #include; could be much
better still.
2004-11-19 12:55 millert
* sudo_edit.c, visudo.c: Make arg splitting in visudo and sudoedit
consistent.
2004-11-19 12:35 millert
* Makefile.in, alias.c, gram.c, gram.y, parse.h: Split alias
routines out into their own file.
2004-11-19 12:32 millert
* error.h: __attribute__ is already defined in compat.h
2004-11-19 12:30 millert
* visudo.c: quit() should not be __noreturn__ as it is non-void on
some platforms.
2004-11-19 12:24 millert
* auth/: fwtk.c, rfc1938.c, securid.c, securid5.c: Add local
error/warning functions like err/warn but that call an additional
cleanup routine in the error case. This means we no longer need
to compile a special version of alloc.o for visudo.
2004-11-19 11:54 millert
* parse.h: Clarify comments about the data structures
2004-11-18 15:28 millert
* visudo.c: Add support for VISUAL and EDITOR containing command
line args. If env_editor is not set any args in VISUAL and
EDITOR are ignored. Arguments are also now supported in
def_editor.
2004-11-17 14:25 millert
* parse.h: alias_matches() is no more
2004-11-17 14:09 millert
* CHANGES, TODO: sync
2004-11-17 13:19 millert
* Makefile.in: When regenerating the parser, don't replace gram.h
unless it has changed.
2004-11-17 11:56 millert
* Makefile.in: remove Makefile.binary for distclean
2004-11-17 11:18 millert
* env.c: Preserve KRB5CCNAME in zero_env() and add a paranoia check
to make sure we can't overflow new_env.
2004-11-17 10:33 millert
* sudo_edit.c: paranoia when stripping trailing slashes from
tempdir.
2004-11-16 19:00 millert
* sudo.c: Set user_ngroups to 0 if getgroups() returns an error.
2004-11-16 18:59 millert
* configure, configure.in, config.h.in, sudo.c: Add configure check
for getgroups()
2004-11-16 18:55 millert
* ldap.c: Use supplementary group vector in struct sudo_user.
2004-11-16 18:40 millert
* match.c: Only do string comparisons on the group members if there
is no supplemental group list.
2004-11-16 16:10 millert
* CHANGES, TODO: sync
2004-11-16 15:54 millert
* sudo_edit.c: On Digital UNIX _PATH_VAR_TMP doesn't end with a
trailing slash so chop off any trailing slashes we see and add an
explicit one.
2004-11-16 12:02 millert
* match.c: remove bogus XXX comment
2004-11-16 11:10 millert
* match.c: Get rid of alias_matches and correctly fall through to
the non-alias cases when there is no alias with the specified
name.
2004-11-16 10:47 millert
* getspwuid.c: Cache non-existent passwd/group entries too.
2004-11-16 10:45 millert
* gram.c: regen
2004-11-15 23:32 millert
* getspwuid.c: fix typo
2004-11-15 23:24 millert
* check.c, getspwuid.c, glob.c, ldap.c, logging.c, match.c,
mon_systrace.h, sudo.c, sudo.h, testsudoers.c, visudo.c:
Implement group caching and use the passwd and group caches
throughout.
2004-11-15 14:43 millert
* match.c: Properly negate the return value of alias_matches() when
appropriate.
2004-11-15 14:38 millert
* match.c: Make hostname_matches() return TRUE for a match, else
FALSE like the caller expects.
2004-11-15 13:24 millert
* Makefile.in: Add missing dependencies on gram.h
2004-11-15 13:06 millert
* match.c: Use runas_matches in alias_matches() now that we have
it.
2004-11-15 13:00 millert
* parse.c, parse.h: Expand aliases in "sudo -l" mode
2004-11-15 12:33 millert
* gram.y, match.c: Use ALIAS for the member type when storing an
alias instead of HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since
match.c relies on the more generic type. Expand runas_matches
instead of calling user_matches() inside of it since
user_matches() looks up USERALIASes, not RUNASALIASes.
2004-11-15 12:05 millert
* CHANGES, getspwuid.c: Paranoia; zero out pw_passwd before freeing
passwd entry.
2004-11-15 10:53 millert
* LICENSE, Makefile.in, alloc.c, check.c, config.h.in, configure,
configure.in, err.c, error.c, error.h, defaults.c, env.c,
find_path.c, interfaces.c, logging.c, mon_systrace.c, sudo.c,
sudo.h, sudo_edit.c, testsudoers.c, visudo.c, emul/err.h: Add
local error/warning functions like err/warn but that call an
additional cleanup routine in the error case. This means we no
longer need to compile a special version of alloc.o for visudo.
2004-11-15 09:59 millert
* match.c: Use userpw_matches() to compare usernames, not strcmp(),
since the latter checks for "#uid".
2004-11-15 09:53 millert
* getspwuid.c, mon_systrace.c, mon_systrace.h, sudo.c: Cache passwd
db entries in 2 reb-black trees; one indexed by uid, the other by
user name. The data returned from the cache should be considered
read-only and is destroyed by sudo_endpwent().
2004-11-15 09:50 millert
* match.c: add cast to uid_t
2004-11-15 09:49 millert
* gram.y: missing free in alias_destroy
2004-11-15 09:49 millert
* redblack.c: Can't use rbapply() for rbdestroy since the
destructor is passed a data pointer, not a node pointer.
2004-11-14 23:06 millert
* getspwuid.c, logging.c, sudo.c, sudo.h: Create and use private
versions of setpwent() and endpwent() that set/end the shadow
password file too.
2004-11-14 22:55 millert
* gram.c, gram.h, gram.y, match.c, parse.h, testsudoers.c,
visudo.c: Store aliases in a red-black tree.
2004-11-14 22:52 millert
* Makefile.in, redblack.c, redblack.h: red-black tree
implementation
2004-11-14 22:37 millert
* visudo.c: Edit all sudoers file if there were unused or undefined
aliases and we are in strict mode.
2004-11-12 11:19 millert
* CHANGES, def_data.c, def_data.h, def_data.in, defaults.c, env.c,
find_path.c, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.c:
Bring back the "secure_path" Defaults option now that Defaults
take effect before the path is searched.
2004-11-11 12:22 millert
* logging.c, parse.c: A user can always list their own entries,
even with -u. Better error message when failing to list another
user's entries.
2004-11-11 12:12 millert
* parse.c, sudo.c, sudo.h: The syntax to list another user's
entries is now "-u otheruser -l". Only root or users with sudo
"ALL" may list other user's entries.
2004-11-11 11:30 millert
* sudo.cat, sudo.man.in, sudo.pod: Update env variable info in
SECURITY NOTES
2004-11-11 11:25 millert
* env.c: strip CDPATH too
2004-11-11 11:20 millert
* env.c: strip exported bash functions from the environment.
2004-10-27 12:16 millert
* sudo.c: Only reset sudo_user.pw based on SUDO_USER environment
variables for real commands and sudoedit. This avoids a
confusing message when a user tries "sudo -l" or "sudo -v" and is
denied.
2004-10-27 12:06 millert
* gram.c, gram.y, parse.h: Extend LIST_APPEND to deal with
appending lists too
2004-10-26 18:39 millert
* logging.c: Convert some bitwise AND to ISSET
2004-10-26 18:29 millert
* lex.yy.c, toke.c: toke.c replaces lex.yy.c
2004-10-26 18:29 millert
* CHANGES, TODO: sync
2004-10-26 18:28 millert
* BUGS: new parser fixes most of the outstanding bugs
2004-10-26 18:27 millert
* configure: regen
2004-10-26 18:26 millert
* visudo.c: Rework for the new parser. Now checks for unused
aliases in sudoers.
2004-10-26 18:25 millert
* testsudoers.c: Rewrite for the new parser. Now supports a -d
flag (dump) and adds a -h flag (host). It now defaults to the
local hostname unless otherwise specified.
2004-10-26 18:23 millert
* sudo.h: Add new prototypes. Remove NOMATCH/UNSPEC (now in
parse.h)
2004-10-26 18:22 millert
* sudo.c: Update for new parse. We now call find_path() *after* we
have updated the global defaults based on sudoers. Also adds
support for listing other user's privs if you are root.
2004-10-26 18:21 millert
* mon_systrace.c: Working LDAP support; also remove a now-unneeded
rewind().
2004-10-26 18:20 millert
* logging.c, logging.h: Add NO_STDERR flag.
2004-10-26 18:19 millert
* ldap.c: Split sudo_ldap_check() into three pieces:
sudo_ldap_open(), udo_ldap_update_defaults() and
sudo_ldap_check(). This allows us to connecto to LDAP, apply the
default options, find the command in the user's path, and then
check whether the user is allowed to run it. The important thing
here is that the default runas user may be specified as a default
option and that needs to be set before we search for the command.
2004-10-26 18:17 millert
* ldap.c: Add casts to unsigned char for isspace() to quiet a gcc
warning.
2004-10-26 18:16 millert
* defaults.h: Add prototype for update_defaults()
2004-10-26 18:16 millert
* defaults.c: Don't warn about line numbers now that we operate on
a set of data structures (or LDAP) and not a file.
2004-10-26 18:15 millert
* config.h.in: No long use lsearch()
2004-10-26 18:14 millert
* Makefile.in: Update for new and changed file names.
2004-10-26 18:14 millert
* LICENSE: no more BSD lsearch.c
2004-10-26 18:14 millert
* match.c: foo_matches() routines now live in match.c Added
user_matches(), runas_matches(), host_matches(), cmnd_matches()
and alias_matches() that operate on the parsed sudoers file.
2004-10-26 18:12 millert
* parse.lex, toke.l: Move parse.lex -> toke.l Rename buffer_frob()
-> switch_buffer() WORD no longer needs to exclude '@' kill
yywrap()
2004-10-26 18:10 millert
* gram.c, gram.h, gram.y, parse.c, parse.h, parse.yacc, sudo.tab.h:
Rewritten parser that converts sudoers into a set of data
structures. This eliminates ordering issues and makes it
possible to apply sudoers Defaults entries before searching for
the command.
2004-10-26 18:09 millert
* configure.in, lsearch.c, emul/search.h: We won't be using
lsearch() any longer.
2004-10-26 18:07 millert
* ldap.c: sudo should not send mail if someone who runs 'sudo -l'
has no entry.
2004-10-26 16:09 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: regen
2004-10-26 16:09 millert
* visudo.pod: Update warnings to match new visudo
2004-10-26 16:08 millert
* sudoers.pod: The new parser doesn't have the old ordering
constraints.
2004-10-26 16:08 millert
* sudo.pod: Document that -l now takes an optional username
argument
2004-10-25 13:44 millert
* RUNSON: AIX 5.2.0.0 works
2004-10-25 13:38 millert
* ldap.c: If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS
instead. Fixes a compilation problem with Solaris 9's native
LDAP.
Set FLAG_MONITOR when needed.
2004-10-23 13:32 millert
* mon_systrace.c: Call sudo_goodpath() *after* changing the cwd to
match the traced process. Fixes relative paths.
2004-10-21 12:31 millert
* testsudoers.c: Kill set_perms() stub--it is no longer needed.
2004-10-13 12:52 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: stay_setuid now
requires set_reuid() or setresuid()
2004-10-13 12:46 millert
* INSTALL, PORTING, TROUBLESHOOTING, config.h.in, configure,
configure.in, set_perms.c, sudo.c, sudo.h: Kill use of POSIX
saved uids; they aren't worth bothering with.
2004-10-07 16:23 millert
* glob.c: remove call to issetugid()
2004-10-07 14:57 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: Remove warning about
wildcards. Now that we use glob() the bug is fixed.
2004-10-07 14:52 millert
* parse.c: Use glob(3) instead of fnmatch(3) for matching pathnames
and stat each result that matches the basename of the user's
command. This makes "cd /usr/bin ; sudo ./blah" work when
sudoers allows /usr/bin/blah. Fixes bug #143.
2004-10-07 14:27 millert
* configure, configure.in, config.h.in: Define HAVE_EXTENDED_GLOB
for extended glob (GLOB_TILDE and GLOB_BRACE)
2004-10-07 12:59 millert
* config.h.in, configure, configure.in: Check for a glob() that
supports GLOB_BRACE and GLOB_TILDE
2004-10-07 12:51 millert
* LICENSE: reference glob
2004-10-07 12:50 millert
* glob.c, emul/glob.h: 4.4BSD glob(3) with fixes from OpenBSD and
some unneeded extensions removed.
2004-10-05 17:26 millert
* mon_systrace.c: Just return if STRIOCINJECT or STRIOCREPLACE
fail. It probably means we are out of space in the stack gap...
2004-10-05 17:20 millert
* CHANGES: sync
2004-10-05 16:53 millert
* mon_systrace.c: Take a stab at ldap sudoers support here.
2004-10-05 15:13 millert
* mon_systrace.c, mon_systrace.h: Detach from tracee on SIGHUP,
SIGINT and SIGTERM. Now "sudo reboot" doesn't cause reboot to
inadvertanly kill itself.
2004-10-05 14:21 millert
* mon_systrace.c: put "monitor" in the proctitle, not "systrace"
2004-10-05 14:15 millert
* mon_systrace.c: When modifying the environment, don't replace
envp when we can get away with just rewriting pointers in the
traced process.
2004-10-05 13:46 millert
* mon_systrace.c, mon_systrace.h: Add environment updating via
STRIOCINJECT (if available).
2004-10-05 10:22 millert
* sudoers.cat, sudoers.man.in: regen
2004-10-04 16:15 millert
* lex.yy.c: regen
2004-10-04 16:15 millert
* parse.lex: Fix bug introduced in unput() removal; want yyless(0)
not yyless(1)
2004-10-04 12:09 millert
* mon_systrace.c: Include file is now mon_systrace.h
2004-10-04 12:07 millert
* Makefile.in, configure, configure.in, def_data.c, def_data.h,
def_data.in, lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc,
sudo.c, sudo.h, sudo.tab.h, sudoers.pod: No longer call it
tracing, it is now "monitoring" which should be more a obvious
name to non-hackers.
2004-10-01 15:06 millert
* mon_systrace.c, mon_systrace.h: Fix some XXX
2004-10-01 14:30 millert
* mon_systrace.c, mon_systrace.h: No need to include syscall.h, use
1024 as the max # of entries (the max that systrace(4) allows).
Only need to use SYSTR_POLICY_ASSIGN once
Change check_syscall() -> find_handler() and have it return the
handler instead of just running it. We need this since handler
now have two parts: one part that generates and answer and
another that gets called after the answer is accepted (to do
logging).
Add some missing check_exec for emul execv
2004-10-01 10:58 millert
* sample.pam, sample.sudoers, sample.syslog.conf, sudoers: Add
$Sudo$ tags.
2004-10-01 10:47 millert
* config.h.in: Add missing HAVE_LINUX_SYSTRACE_H
2004-09-30 20:46 millert
* Makefile.in: add trace_systrace.o dependency
2004-09-30 19:00 millert
* configure, configure.in: Also look for systrace.h in
/usr/include/linux
2004-09-30 18:27 millert
* mon_systrace.c, mon_systrace.h: Move all struct defs and
prototypes into trace_systrace.h and mark all but
systace_attach() static.
2004-09-30 18:14 millert
* mon_systrace.c, mon_systrace.h: Add support for tracing
emulations. At the moment, all emulations are compiled in. It
might make sense to #ifdef them in the future, though this
impeeds readability.
2004-09-30 17:07 millert
* Makefile.in, configure.in, configure: rename systrace.c ->
trace_systrace.c
2004-09-30 15:58 millert
* parse.yacc: Allow this to build with a K&R compiler again
2004-09-30 13:58 millert
* TODO: sync
2004-09-30 13:55 millert
* sudo.c, compat.h, visudo.c: Use __attribute__((__noreturn__))
2004-09-30 13:44 millert
* visudo.c: Exit() takes a negative value to indicate it was not
called via signal.
2004-09-30 13:25 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: regen
2004-09-30 13:22 millert
* Makefile.in, visudo.c: Define Err() and Errx() that are like
err() and errx() but call Exit() instead of exit(). Build
private copy of alloc.o for visudo that calls Err() and Errx().
2004-09-29 15:22 millert
* lex.yy.c: regen
2004-09-29 15:22 millert
* CHANGES: sync
2004-09-29 14:41 millert
* visudo.c: Overhaul visudo for editing multiple files: o visudo
has been broken out into functions (more work needed here) o
each file is now edited before sudoers is re-parsed o if a
#include line is added that file will be edited too
TODO: o cleanup temp files when exiting via err() or errx() o
continue breaking things out into separate functions
2004-09-29 14:36 millert
* parse.lex, sudo.c, sudo.h, testsudoers.c, visudo.c: Add keepopen
arg to open_sudoers that open_sudoers can use to indicate to the
caller that the fd should not be closed when it is done with it.
To be used by visudo to keep locked fds from being closed
prematurely (and thus losing the lock).
2004-09-29 14:33 millert
* parse.yacc, sudo.c: Add errorfile global that contains the name
of the file that caused the error.
2004-09-29 14:30 millert
* parse.lex: return COMMENT to yacc grammar for a #include line
2004-09-29 14:29 millert
* parse.lex: Remove us of unput() in favor of yyless() which is
cheaper.
2004-09-29 14:28 millert
* parse.yacc: Allow an empty sudoers file.
2004-09-28 16:50 millert
* mon_systrace.c: Rewind sudoers_fp now that sudoers_lookup()
doesn't do it for us.
2004-09-28 14:37 millert
* lex.yy.c: regen
2004-09-28 14:36 millert
* visudo.c: Do signal setup before calling edit_sudoers(). Don't
shadow the "quiet" global.
2004-09-28 14:33 millert
* visudo.c: If a sudoers file includes other files, edit those too.
Does not yes deal with creating the new includes files itself.
2004-09-28 14:31 millert
* testsudoers.c: init_parser now takes a path
2004-09-28 14:31 millert
* parse.c, parse.h, parse.lex, parse.yacc: More scaffolding for
dealing with multiple sudoers files: o init_parser() now takes a
path used to populate the sudoers global o the sudoers global is
used to print the correct file in yyerror() o when switching to
a new sudoers file, perserve old file name and line number
2004-09-28 14:29 millert
* Makefile.in, pathnames.h.in: Kill _PATH_SUDOERS_TMP; it is not
meaningful now that we can have multiple sudoers files.
2004-09-28 13:52 millert
* parse.c, sudo.c: Rewind sudoers_fp in open_sudoers() instead of
sudoers_lookup() so we start at the right file position when
reading include files.
2004-09-27 21:04 millert
* sudoers.pod: document #include
2004-09-27 20:47 millert
* lex.yy.c: regen
2004-09-27 20:47 millert
* parse.lex: Add max depth of 128 for the include stack to avoid
loops.
Since yyerror() doesn't stop parsing, pass return values back to
yylex and call yyterminate() on error.
2004-09-27 14:06 millert
* sudoers.pod: document tracing
2004-09-27 14:05 millert
* sudo.pod: Mention PREVENTING SHELL ESCAPES section of sudoers man
page
2004-09-27 12:08 millert
* lex.yy.c: regen
2004-09-27 12:03 millert
* parse.lex: Add support for #include in sudoers (visudo support
TBD)
2004-09-27 12:02 millert
* parse.yacc: make yyerror()'s argument const
2004-09-27 12:02 millert
* testsudoers.c, visudo.c: Add open_sudoers() stubs.
2004-09-27 12:01 millert
* sudo.c, sudo.h: Rename check_sudoers() open_sudoers() and make it
return a FILE *
2004-09-26 12:35 millert
* BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in,
version.h: Crank version
2004-09-26 12:33 millert
* Makefile.in, sudo.psf: Better HP-UX depot construction
2004-09-25 17:08 millert
* mon_systrace.c: o Made children global so check_exec() can lookup
a child. o Replaced uid in struct childinfo with struct passwd *
(for runas) o new_child() now takes a parent pid so the runas
info can be inherited o Added find_child() to lookup a child by
its pid o update_child() now fills in a struct passwd o Converted
the big if/else mess in set_policy to a switch o Syscalls that
change uid are now "ask" so we get SYSTR_MSG_UGID events
2004-09-25 17:01 millert
* getspwuid.c: Add flag to sudo_pwdup that indicates whether or not
to lookup the shadow password. Will be used to a struct passwd
that has the shadow password already filled in.
2004-09-25 16:58 millert
* mon_systrace.c: add missing increment of addr in read_string()
2004-09-25 16:15 millert
* mon_systrace.c: Remove bogus call to update_child() and some
cosmetic fixes
2004-09-25 16:11 millert
* mon_systrace.c: Don't leak /dev/systrace fd to tracee Make
initialized global for simplicity If STRIOCATTACH returns EBUSY
we are already being traced Check for user_args == NULL in
setproctitle() call Add missing calls to STRIOCANSWER
2004-09-25 13:15 millert
* sudo.c: g/c sudo_pwdup proto
2004-09-24 20:21 millert
* Makefile.in, sudo.psf: Add target for building a depot file
2004-09-24 20:07 millert
* mon_systrace.c: trim includes
2004-09-24 14:11 millert
* lex.yy.c, sudo.tab.h: regen
2004-09-24 14:10 millert
* INSTALL: document --with-systrace
2004-09-24 14:10 millert
* config.h.in, configure, configure.in: Add check for setproctitle
2004-09-24 14:09 millert
* mon_systrace.c: pass struct str_msg_ask in to syscall checker so
it can set the error code
2004-09-24 13:30 millert
* mon_systrace.c: systrace(4) support for sudo. On systems with
the systrace(4) kernel facility (OpenBSD, NetBSD, Linux w/
patches) sudo can intercept exec calls and check the exec args
against the sudoers file. In other words, sudo can now control
subcommands and shell escapes.
2004-09-24 13:17 millert
* sudo.c, sudo.h: Call systrace_attach() if FLAG_TRACE is set.
2004-09-24 13:15 millert
* parse.c, parse.h, parse.lex, parse.yacc, sudo.h: Add trace
Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE
2004-09-24 13:13 millert
* parse.c, sudo.c: Don't close sudoers_fp, keep it open and set
close on exec flag instead.
2004-09-24 13:11 millert
* def_data.c, def_data.h, def_data.in: Add trace option
2004-09-23 20:24 millert
* Makefile.in: Add systrace
2004-09-23 20:23 millert
* INSTALL: SunOS /bin/sh blows up with configure
2004-09-23 20:23 millert
* configure, configure.in: Include sys/param.h before systrace.h
2004-09-23 20:15 millert
* configure: regen
2004-09-23 20:15 millert
* pathnames.h.in: _PATH_DEV_SYSTRACE
2004-09-23 20:14 millert
* configure.in: line up options in --help
2004-09-23 20:11 millert
* config.h.in, configure.in: Add --with-systrace
2004-09-23 13:35 millert
* configure: regen
2004-09-23 13:35 millert
* aclocal.m4, configure.in: make this work with autoconf-2.59
2004-09-16 12:58 millert
* sudo_edit.c: Simplify logic around open & stat of files and do
sanity on edited file even if we lack fstat (still racable but
worth doing).
2004-09-15 18:47 millert
* HISTORY: Add support url
2004-09-15 16:11 millert
* Makefile.in: versino 1.6.8p1
2004-09-15 15:20 millert
* CHANGES: more changes for 1.6.8p1
2004-09-15 15:18 millert
* version.h: 1.6.8p1
2004-09-15 12:16 millert
* CHANGES, sudo_edit.c: Add sanity check so we don't try to edit
something other than a regular file.
2004-09-14 20:55 aaron
* CHANGES: sync
2004-09-14 20:21 aaron
* INSTALL: document --with-ldap-conf-file
2004-09-14 17:43 millert
* CHANGES, ins_csops.h: political correctness strikes again
2004-09-14 15:09 millert
* RUNSON: sync
2004-09-12 19:50 millert
* Makefile.binary.in, Makefile.in: Install sudoedit man link
2004-09-12 14:25 millert
* INSTALL: Update PAM note and mention where HP-UX users can
download gcc binaries.
2004-09-12 12:08 millert
* Makefile.in: libtool wants to install stuff from .libs so fake
one up for binary installations.
2004-09-12 11:53 millert
* Makefile.binary.in: rm -f old sudoedit link instead of using ln
-f set LIBTOOL correctly
2004-09-12 11:53 millert
* Makefile.in: Deal with "uname -m" having slashes in it rm -f old
sudoedit link instead of using ln -f
2004-09-12 10:22 millert
* Makefile.binary, Makefile.binary.in: Makefile.binary ->
Makefile.binary.in for config.status substitution Add support for
installing noexec bits
2004-09-12 10:21 millert
* Makefile.in: Copy noexec bits into binary dists too No longer use
my old arch script for making binary dists
2004-09-12 09:36 millert
* Makefile.binary: Install sudoedit link.
2004-09-11 12:25 millert
* emul/utime.h: avoid __P so there is no need for compat.h to be
included
2004-09-11 12:24 millert
* utimes.c: Don't use HAVE_UTIME_H before including config.h.
2004-09-10 12:31 millert
* compat.h: Fix Solatis futimes macro
2004-09-09 11:02 millert
* sudo_edit.c: Rename ots -> omtim for improved readability.
2004-09-08 14:38 millert
* sudo_edit.c: Redo changes in revision 1.7. Don't really need to
keep the temp file open; re-opening it with the invoking user's
euid is sufficient.
2004-09-08 14:36 millert
* CHANGES: sync
2004-09-08 14:35 millert
* sudo.cat, sudo.man.in: regen
2004-09-08 14:34 millert
* sudo.pod: back out revision 1.70; it is no long applicable
2004-09-08 11:57 millert
* env.c: Let the loader initialize nep
2004-09-08 11:49 millert
* configure, configure.in, config.h.in: Removed unneed check for
fchown Add check for gettimeofday Move autoheader template stuff
into separate AH_TEMPLATE lines
2004-09-08 11:48 millert
* check.c, compat.h, fileops.c, sudo.h, sudo_edit.c, visudo.c: Use
timespec throughout.
2004-09-08 11:47 millert
* Makefile.in: gettime.[co]
2004-09-08 11:47 millert
* gettime.c: function to return the current time in a struct
timespec
2004-09-08 10:51 millert
* utimes.c: Not a darpa-sponsored file.
2004-09-07 16:36 millert
* compat.h, config.h.in, configure, configure.in: Add a check for
struct timespec and provide it for those without.
2004-09-07 15:56 millert
* config.h.in, configure, configure.in, sudo_edit.c: Add checks for
st_mtim and st_mtimespec and add macros for pulling the mtime sec
and nsec out of struct stat. These are used in sudo_edit() to
better tell whether or not the file has changed.
2004-09-07 15:55 millert
* check.c, fileops.c, sudo.h, sudo_edit.c, visudo.c: Add an extra
param to touch() for nsec
2004-09-07 14:06 millert
* sudo_edit.c: Call mkstemp() as the in invoking user so we don't
have to chown the file later. Only touch() the temp file if we
can do it via the file descriptor. Don't check for modification
of the temp file if we lack fstat(). Catch errors read()ing the
temp file.
2004-09-07 14:04 millert
* fileops.c: If path is NULL and fd == -1 return -1.
2004-09-07 13:31 millert
* sudo_edit.c: closefrom() is overkill, the only extra fds are the
ones we opened so just close those in the child.
2004-09-07 13:14 millert
* Makefile.in, aclocal.m4, check.c, compat.h, config.h.in,
configure, configure.in, fileops.c, sudo.h, sudo_edit.c, utime.c,
utimes.c, visudo.c: Use utimes() and futimes() instead of utime()
in touch(), emulating as needed. Not all systems are able to
support setting the times of an fd so touch() takes both an fd
and a file name as arguments.
2004-09-06 21:12 aaron
* env.c: Rare SEGV
2004-09-06 16:46 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: regen
2004-09-06 16:45 millert
* sudo.pod, sudoers.pod, visudo.pod: Add SUPPORT section and
re-order some of the sections to match the order we use in
OpenBSD.
2004-09-06 15:05 aaron
* env.c: Openldap ~/.ldaprc fix
2004-09-06 12:18 millert
* sudo.pod: Talk about how the editor must write its changes to the
original file and not just use rename(2).
2004-09-06 12:12 millert
* CHANGES: sync
2004-09-06 12:11 millert
* sudo_edit.c: Keep the temp file open instead of re-opening after
the editor has exited.
2004-09-06 12:10 millert
* sample.pam: Update for current redhat/fedora core.
2004-09-02 21:56 aaron
* README.LDAP: tls_ examples
2004-09-02 00:03 aaron
* ldap.c: config tls_* options
2004-08-29 11:39 millert
* configure, configure.in: No need for -lcrypt when using pam.
2004-08-26 23:57 millert
* configure: regen
2004-08-26 23:44 aaron
* configure.in, ldap.c, pathnames.h.in: Allow --with-ldap-conf-file
option to override LDAP_CONF
2004-08-26 22:08 aaron
* ldap.c: cleanup debug message
2004-08-26 19:29 aaron
* README.LDAP: more config info
2004-08-24 14:01 millert
* TODO, find_path.c, goodpath.c, parse.c, sudo.c, sudo.h, visudo.c:
Add cmnd_base to struct sudo_user and set it in init_vars(). Add
cmnd_stat to struct sudo_user and set it in sudo_goodpath(). No
longer use gross statics in command_matches(). Also rename some
variables for improved clarity.
2004-08-21 14:33 millert
* INSTALL: document HP's crippled compiler deficiency.
2004-08-21 14:25 millert
* INSTALL: Fix some thinkos in --with-editor and --with-env-editor
descriptions. Noticed by Norihiko Murase.
2004-08-21 14:20 millert
* configure, configure.in: --with-noexec takes an optional PATH
argument.
2004-08-21 14:20 millert
* INSTALL: document --with-noexec
2004-08-17 16:21 millert
* RUNSON, TODO: sync
2004-08-17 15:11 millert
* sudo_edit.c: Better warning message when sudoedit is unable to
write to the destination file.
2004-08-17 14:53 millert
* sudo.cat, sudo.man.in: regen
2004-08-17 14:53 millert
* sudo.pod: Don't italicize the string "sudoedit"
2004-08-16 18:45 millert
* HISTORY: Mention GratiSoft.
2004-08-11 14:29 millert
* parse.yacc: Reset used_runas to FALSE when re-intializing the
parser.
2004-08-09 19:04 millert
* config.guess: Correct OpenBSD mips support
2004-08-09 17:28 millert
* config.guess: Add OpenBSD/mips
2004-08-06 23:43 aaron
* README.LDAP: More behavior notes
2004-08-06 23:36 aaron
* README.LDAP: Updates on current behavior
2004-08-06 19:56 millert
* sudo.pod, sudoers.pod: =back does not take an indentlevel (makes
no difference to formatted files).
2004-08-06 19:48 millert
* CHANGES: new
2004-08-06 19:42 millert
* sudo.c: Consistency. Use same error for bad -u #uid when
targetpw is set as we do when a bad -u username is specified.
2004-08-06 19:33 millert
* TODO: Add checksum idea from Steve Mancini
2004-08-06 19:32 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
2004-08-06 19:31 millert
* sudo.pod, sudoers.pod: Document the restriction on uids specified
via -u when targetpw is set.
2004-08-06 19:24 millert
* sudo.c: Error out when targetpw is enabled and sudo is run with
-u #uid but #uid does not exist in the passwd database. We can't
do target authentication when the target is not in passwd!
2004-08-05 21:16 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: regen
2004-08-05 21:14 millert
* TODO: Some more todo for the next release.
2004-08-05 21:13 millert
* INSTALL: Make it clear that PAM should be used for DCE support
when possible.
2004-08-05 21:13 millert
* sudoers.pod: o Document problems with wildcards and relative
paths. o Make the order requirements more prominent. o Change a
"set" to "reset" for clarity.
2004-08-05 14:29 millert
* sudo.pod: Mention --with-secure-path, not SECURE_PATH.
2004-08-02 22:34 aaron
* ldap.c: reflect changes to parse.c
2004-08-02 14:44 millert
* parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c: Don't pass
user_cmnd and user_args to command_matches(), just use the
globals there. Since we keep state with statics anyway it is
misleading to pretend that passing in different cmnd and
cmnd_args will work.
2004-08-02 14:40 millert
* parse.c: Fix a bug introduced in rev. 1.149. When checking for
pseudo-commands check for a '/' anywhere in cmnd, not just the
first character.
2004-07-30 23:07 aaron
* sudo.man.in, sudo.pod: Clarification thanks to Olivier Blin
<oblin@mandrakesoft.com>
2004-07-30 22:41 aaron
* sudoers.man.in, sudoers.pod: Add ignore_local_sudoers
2004-07-30 22:06 aaron
* README.LDAP: Sun One schema definition by
Andreas.Bussjaeger@t-systems.com and janth@moldung.no
2004-07-29 11:57 millert
* CHANGES: typo
2004-07-23 16:44 millert
* CHANGES: sync
2004-07-23 16:43 millert
* parse.c: Parse sudoers file as PERM_RUNAS not PERM_ROOT and
remove a useless PERM_SUDOERS. Restore to PERM_ROOT upon exit of
the parse.
2004-07-08 10:20 millert
* CHANGES: PAM change
2004-07-07 21:04 aaron
* ldap.c: Better debugging of ALL command
2004-07-07 20:15 millert
* parse.c: When matching for "sudoedit" in sudoers check both the
command the user typed *and* the command that is listed in the
sudoers entry.
2004-07-04 19:59 aaron
* ldap.c: Added !command feature
2004-06-28 10:51 millert
* auth/pam.c: Use pam_acct_mgmt() to check for disabled accounts;
Brian Farrell
2004-06-10 23:11 millert
* LICENSE: License is ISC-style, not BSD-style
2004-06-10 20:58 millert
* CHANGES: sync
2004-06-10 16:54 millert
* sudo.man.in, sudo.cat: regen
2004-06-10 16:53 millert
* sudo.pod: o Update some out of date bits to reality o Change the
shell promt in examples to bourne-shell style o Clarify some
details o Add a CAVEAT about "sudo cd /foo"
2004-06-10 16:19 millert
* check.c: Don't ask for a password if invoking user == target
user.
2004-06-10 12:32 millert
* sudo.c: typo in comment
2004-06-08 19:20 millert
* sudoers.man.in, sudoers.cat: regen
2004-06-08 19:19 millert
* sudoers.pod: Expand on NOEXEC a little.
2004-06-08 16:20 millert
* TODO: sync
2004-06-08 15:58 millert
* visudo.man.in, visudo.cat: regen
2004-06-08 15:55 millert
* CHANGES, parse.yacc, visudo.c, visudo.pod: Add a check in visudo
for runas_default being set after it has already been used.
2004-06-08 13:53 millert
* parse.yacc: Add a MATCHED macro for testing whether foo_matches
has been set to TRUE or FALSE. This is more readable than
checking for >=0 or < 0. Doesn't change the actual code
generated.
2004-06-06 20:11 millert
* sudoers.man.in, sudoers.cat: regen
2004-06-06 20:07 millert
* sudoers, sudoers.pod: Correct description of where Defaults specs
should go.
2004-06-06 20:02 millert
* find_path.c, ldap.c, logging.h, testsudoers.c, visudo.c,
auth/bsdauth.c, auth/kerb5.c, auth/pam.c: update (c) year
2004-06-06 19:58 millert
* check.c, compat.h, defaults.c, env.c, find_path.c, getcwd.c,
ldap.c, logging.h, parse.c, parse.yacc, sudo.c, testsudoers.c,
tgetpass.c, visudo.c, auth/bsdauth.c, auth/kerb5.c, auth/pam.c:
Remove trailing spaces, no actual code changes.
2004-06-06 16:22 millert
* parse.yacc: Fix a >=0 that should be <0 that was improperly
converted when UNSPEC was added.
2004-06-06 15:54 millert
* parse.yacc: Add do {} while(0) around pop macro Set cmnd_matches
to UNSPEC, not NOMATCH when resetting it.
2004-06-06 15:39 millert
* parse.yacc: Fix pastos introduced in SETNMATCH addition.
2004-06-05 13:55 millert
* README.LDAP: Update for configure changes
2004-06-05 13:42 millert
* parse.yacc, sudo.h: Add NOMATCH and UNSPEC defines (-1 and -2
respectively) and use these in parse.yacc. Also in parse.yacc
initialize the *_matches vars to UNSPEC and add two macros,
SETMATCH and SETNMATCH for use when setting *_matches to a value
that may be NOMATCH/UNSPEC/TRUE/FALSE.
2004-06-05 11:17 millert
* parse.yacc: Initialize runas to -2, not -1 since we need to be
able to distinguish between the initialized value and the value
of a non-match when passing along the runas value to multiple
commands.
The result of this is that an unmatched runas is now set to -1,
not 0. This is required now that parse.c treats a FALSE value
for runas as being explicitly denied.
2004-06-03 16:21 millert
* getprogname.c, sudo.c, visudo.c: Error out if argc < 1.
2004-06-03 12:37 millert
* configure, configure.in: Add tests for what libs we need to link
with for ldap and for whether or not lber.h needs to be
explicitly included.
2004-06-02 20:30 aaron
* ldap.c: Solaris native LDAP build fix
2004-06-01 16:56 millert
* ldap.c: Set edn to NULL is ldap_get_dn() fails to avoid potential
use of an unset variable.
2004-06-01 16:56 millert
* sudo.h: Add prototype for sudo_ldap_list_matches
2004-06-01 16:53 millert
* compat.h, config.h.in, configure, configure.in: Better check for
dirfd macro--we now set HAVE_DIRFD for the macro version too.
Added check for dd_fd in `DIR' if no dirfd is found; this is now
used to confitionally define the dirfd macro in compat.h.
2004-06-01 16:51 millert
* closefrom.c: Only check /proc/$$/fd if we have the dirfd
function/macro.
2004-06-01 15:13 millert
* compat.h, config.h.in, configure, configure.in: Add a check for a
dirfd() function (like Linux) and add a dirfd macro in compat.h
if there is no dirfd() function or macro.
2004-06-01 14:59 millert
* closefrom.c, getcwd.c: dirfd() is now defined in compat.h as
needed.
2004-06-01 14:30 millert
* CHANGES: Clarify closefrom() note.
2004-06-01 12:51 millert
* parse.c: When checking for a command in the directory, only copy
the base dir once.
2004-06-01 12:44 millert
* closefrom.c: If there is a /proc/$$/fd directory, behave like the
Solaris closefrom() and only close the descriptors listed
therein.
2004-06-01 12:23 millert
* alloc.c: compat.h guarantees INT_MAX is defined.
2004-06-01 12:23 millert
* compat.h: Add definitions of OPEN_MAX and INT_MAX for those
without it and remove definition of RLIM_INFINITY (now unused).
2004-05-31 21:22 millert
* CHANGES, alloc.c, check.c, compat.h, find_path.c, getcwd.c,
parse.c, sudo.c, sudo.h, visudo.c: Use PATH_MAX, not MAXPATHLEN
since the former is standardized.
2004-05-31 19:18 millert
* CHANGES: sync
2004-05-31 19:10 millert
* RUNSON: Add some entries that were mailed in a while ago
2004-05-31 14:16 millert
* closefrom.c: o sysconf returns a long, not an int. o check for
negative return value from sysconf/getdtablesize and use
OPEN_MAX in this case. o define OPEN_MAX to 256 for those
without it (a fair guess...)
2004-05-30 12:25 millert
* UPGRADE: Mention change in parse order for RunAs entries.
2004-05-30 12:15 millert
* configure: regen
2004-05-29 18:29 millert
* config.h.in, configure.in, INSTALL, README.LDAP: o --with-ldap
now takes an optional dir as a parameter
o added check for ldap_initialize() and start_tls_s()
2004-05-29 14:54 millert
* README.LDAP: Fix some typos, word choice and formatting issues.
2004-05-28 18:06 millert
* tgetpass.c: Use SA_INTERRUPT so SunOS works correctly, avoid
stdio and just use read/write as it is simpler.
2004-05-28 16:27 millert
* configure, configure.in: Remove hack overriding cross-compiler
check. It should no longer be needed.
2004-05-28 16:26 millert
* compat.h: Remove select() compat bits since we no longer use
select().
2004-05-28 16:24 millert
* CHANGES, tgetpass.c: Use alarm() instead of select() for the
timeout for systems that don't fully/properly implement select().
2004-05-27 19:14 millert
* CHANGES: synbc
2004-05-27 19:12 millert
* RUNSON: update
2004-05-27 19:12 millert
* set_perms.c: Deal with systems that have no way of setting the
effective uid such as nsr-tandem-nsk.
2004-05-27 19:01 millert
* configure, configure.in: Define NO_SAVED_IDS if we don't find
seteuid()
2004-05-27 18:21 millert
* config.h.in, configure, configure.in: Add back check for
setreuid() since NSK doesn't have it.
2004-05-27 15:57 millert
* sudoers.cat, sudoers.man.in: regen
2004-05-27 15:56 millert
* BUGS, CHANGES: sync
2004-05-27 15:55 millert
* parse.c: In sudoers_lookup() return VALIDATE_NOT_OK if the runas
user was explicitly denied and the command matched. This fixes a
long-standing bug and makes: foo machine = (ALL)
/usr/bin/blah foo machine = (!bar) /usr/bin/blah
equivalent to: foo machine = (ALL, !bar) /usr/bin/blah
2004-05-27 15:52 millert
* sudoers.pod: Clarify mail_noperm
2004-05-19 21:25 aaron
* Makefile.in: Missing DESTDIR in make install for sudo_noexec.la
2004-05-17 18:32 millert
* sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
sudoers.cat, visudo.cat: regen
2004-05-17 18:31 millert
* TODO: sync
2004-05-17 18:31 millert
* sample.sudoers, sudoers.pod: Remove fastboot/fasthalt (who still
remembers these?) and add a minimal sudoedit example.
2004-05-17 18:21 millert
* CHANGES, INSTALL, TROUBLESHOOTING, UPGRADE, sudo.c, visudo.c:
filesystem -> file system
2004-05-17 18:19 millert
* sudo.pod, sudoers.pod: Fix some minor typos and formatting goofs
2004-05-17 18:10 millert
* lex.yy.c: regen
2004-05-17 17:57 millert
* visudo.pod: remove my email addr
2004-05-17 17:55 millert
* sudo.pod, sudoers.pod, visudo.pod: Use @mansectform@ and
@mansectsu@ everywhere Make man page references links with L<>
2004-05-17 16:51 millert
* parse.lex: Accept quoted globbing characters and pass them
verbatim for fnmatch()
2004-05-17 16:50 millert
* UPGRADE: Document that /tmp/.odus is gone.
2004-05-17 16:28 millert
* CHANGES, aclocal.m4, configure, pathnames.h.in: No longer use
/tmp/.odus as a possible timestamp dir unless specifically
configured to do so. Instead, if no /var/run exists, use
/var/adm/sudo or /usr/adm/sudo.
2004-05-17 16:08 millert
* check.c, compat.h, logging.c, set_perms.c, sudo.c, tgetpass.c,
visudo.c: Preliminary changes to support nsr-tandem-nsk. Based
on patches from Tom Bates.
2004-05-16 18:47 millert
* CHANGES: There was no 1.6.7p6.
2004-05-16 16:38 millert
* BUGS, CHANGES: sync
2004-05-16 16:36 millert
* Makefile.in: add missing files to DISTFILES
2004-05-16 16:23 millert
* sudoers.man.in, sudo.cat, sudoers.cat, visudo.cat: regen
2004-05-16 16:20 millert
* Makefile.in: Fix some line wrap and update (c) year
2004-04-28 15:05 aaron
* README.LDAP: Build Note
2004-04-06 22:03 aaron
* Makefile.in: Fix install-dirs
2004-04-04 20:27 millert
* visudo.c: In Exit() when used as a signal handler, emsg is a
pointer so sizeof() is wrong so make it a #define instead. Also
avoid using a negative exit value. Found by Aaron Campbell
2004-03-24 18:23 millert
* sudoers.pod: Remove bogus sentence about uids in a User_List.
Document usernames vs. uid parsing in a Runas_List.
2004-03-24 18:06 millert
* parse.c, parse.h, parse.yacc, sudo.c, testsudoers.c, visudo.c: If
the user specified a uid with the -u flag and the uid exists in
the passwd file, set runas_user to the name, not the uid.
When comparing usernames in sudoers, if a name is really a uid
(starts with '#') compare it numerically to pw_uid.
2004-03-22 13:35 millert
* auth/kerb5.c: krb5_mcc_ops should be const; Johnny C. Lam
2004-02-28 18:54 aaron
* CHANGES, config.h.in, ldap.c: Added start_tls support
2004-02-14 18:04 millert
* Makefile.in: Clean up libtool stuff for 'make distclean' and add
def_data.c, def_data.h to PARSESRCS.
2004-02-14 10:13 aaron
* strlcat.c, strlcpy.c: Un-Fix last license munge
2004-02-13 16:37 millert
* CHANGES, RUNSON, TODO: checkpoint
2004-02-13 16:37 millert
* lex.yy.c, configure: regen
2004-02-13 16:36 millert
* LICENSE, Makefile.binary, Makefile.in, alloc.c, check.c,
closefrom.c, compat.h, defaults.c, defaults.h, env.c, fileops.c,
find_path.c, getprogname.c, getspwuid.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
interfaces.h, ldap.c, logging.c, logging.h, parse.c, parse.h,
parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c,
strerror.c, strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.man.in,
sudo.pod, sudo_edit.c, sudo_noexec.c, sudoers.man.in,
sudoers.pod, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c, visudo.man.in, visudo.pod, zero_bytes.c, auth/afs.c,
auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
auth/rfc1938.c, auth/secureware.c, auth/securid.c,
auth/securid5.c, auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h,
emul/search.h, emul/utime.h: More to a less restrictive,
ISC-style license.
2004-02-12 21:08 aaron
* CHANGES, Makefile.in, README.LDAP, config.h.in, configure.in,
def_data.c, def_data.h, def_data.in, ldap.c, sudo.c, sudo.h,
sudoers2ldif: Merged in LDAP Support
2004-02-08 15:53 millert
* sudo.h, sudo_noexec.c: Only do "extern int errno" if errno is not
a macro.
2004-02-06 18:08 millert
* set_perms.c: setreuid(0, 0) fails on QNX if the euid is not
already 0 so set the euid first, then just call setuid(0) to set
the real uid too.
2004-02-06 14:52 millert
* set_perms.c: Use setresuid() and setreuid() for PERM_RUNAS when
appropriate instead of seteuid() which may not exist.
2004-02-04 14:58 millert
* LICENSE: 2004
2004-02-03 23:38 millert
* INSTALL, config.h.in, configure, configure.in, ins_classic.h: Add
--with-pc-insults configure option
2004-02-03 23:32 millert
* visudo.man.in: Prefer VISUAL over EDITOR like old vipw did.
2004-02-01 15:45 millert
* sudo.man.in, sudoers.man.in: regen
2004-02-01 15:44 millert
* sudoers.pod: Add a note that noexec is not a cure-all.
2004-02-01 15:20 millert
* sudoers.pod: Mention that disabling "root_sudo" is pretty
pointless.
2004-02-01 15:20 millert
* configure, configure.in: Substitute for root_sudo in sudoers.pod
2004-02-01 15:03 millert
* sudo.pod: Add sudoedit to the NAME section
2004-02-01 15:00 millert
* sudoers.pod: Document that fact that setting ignore_dot in
sudoers has no effect due to the fact that find_path() is called
*before* sudoers is read.
2004-01-29 19:50 millert
* sudo_edit.c: Do not require _PATH_USRTMP to be set.
2004-01-29 19:42 millert
* BUGS, CHANGES, TODO: sync
2004-01-29 19:42 millert
* sudo.man.in: regen
2004-01-29 19:41 millert
* sudo.pod: Clarify that when sudo is run by root with the
SUDO_USER variable set, the sudoers lookup happens for root and
not the SUDO_USER user.
2004-01-29 17:33 millert
* defaults.c, env.c, fnmatch.c, interfaces.c, logging.c, parse.c,
set_perms.c, sigaction.c, sudo.c, tgetpass.c, auth/pam.c,
auth/sudo_auth.c: Use the SET, CLR and ISSET macros.
2004-01-29 16:22 millert
* interfaces.h: MAIN was replaced with _SUDO_MAIN some time ago.
2004-01-29 16:15 millert
* sudo.c: Don't look at prev_user until after we've parsed sudoers
and done the password check. That way, if sudo/sudoedit is run
from a root process that was invoked by sudo, we check sudoers
for root, not the previous user. This makes sudoedit much more
useful and means that for the sudo case, we get correct logging
on who actually ran the command.
2004-01-22 19:22 millert
* sudo_edit.c: Add a comment describing why we need to be notified
about our child stopping.
2004-01-22 16:06 millert
* def_data.c, def_data.in: Update the noexec variable descriptions
2004-01-22 14:18 millert
* sudoers.man.in, sudoers.pod: noexec now replaces more than just
execve()
2004-01-22 12:14 millert
* sudo_noexec.c: Alas, all the world does not go through execve(2).
Many systems still have an execv(2) system call, Linux 2.6
provides fexecve(2) and it is not uncommon for libc to have
underscore ('_') versions of the functions to be used internally
by the library. Instead of stubbing all these out by hand,
define a macro and let it do the work. Extra exec functions
pointed out by Reznic Valery.
2004-01-21 21:57 millert
* sudo.c, sudo_edit.c: Fix suspending the editor in -e mode.
Because we do a fork() first we need to be notified when the
child has been stopped and then send that same signal to ourself
so the shell can do its job control thing.
2004-01-21 21:44 millert
* visudo.c: Use WIFEXITED and WEXITSTATUS macros. If there are
systems out there that want to run sudo that still don't support
these we can try to deal with that later.
2004-01-21 20:03 millert
* lex.yy.c: regen
2004-01-21 20:00 millert
* sudo.man.in, sudo.pod, sudoers.man.in, sudoers.pod: Document sudo
-e / sudoedit
2004-01-21 19:08 millert
* configure, configure.in: fix typo
2004-01-21 19:02 millert
* config.h.in, configure.in: Add SET/CLR/ISSET
2004-01-21 18:55 millert
* sudo.c: Allow non-exclusive flags when invoked as sudoedit.
Pretty print the long usage() line to not wrap (assumes 80 char
display)
2004-01-21 18:01 millert
* Makefile.in, sudo.c: If sudo is invoked as "sudoedit" the -e flag
is implied and no other flags are permitted.
2004-01-21 18:00 millert
* sudo.h: Add a new flag, -e, that makes it possible to give users
the ability to edit files with the editor of their choice as the
invoking user, not the runas user. Temporary files are used for
the actual edit and the temp file is copied over the original
after the editor is done.
2004-01-21 17:25 millert
* Makefile.in, parse.c, parse.lex, sudo.c, sudo_edit.c: Add a new
flag, -e, that makes it possible to give users the ability to
edit files with the editor of their choice as the invoking user,
not the runas user. Temporary files are used for the actual edit
and the temp file is copied over the original after the editor is
done.
2004-01-21 17:06 millert
* sudo.c, env.c: If real uid == 0 and the SUDO_USER environment
variables is set, use that to determine the invoking user's true
identity. That way the proper info gets logged by someone who
has done "sudo su" but still uses sudo to as root. We can't do
this for non-root users since that would open up a security hole,
though perhaps it would be acceptable to use getlogin(2) on OSes
where this a system call (and doesn't just look in the utmp
file).
2004-01-21 16:58 millert
* pathnames.h.in: Add _PATH_TMP, _PATH_VARTMP and _PATH_USRTMP
2004-01-21 16:57 millert
* configure, config.h.in, configure.in: Add check for fchown(2)
2004-01-20 14:22 millert
* sudo.c: Back out portions of the -i commit that set NewArgv[0] in
set_runaspw. It is far to late to set NewArgv[0] there and will
have no effect anyway as cmnd and safe_cmnd have already been
set.
2004-01-20 14:18 millert
* visudo.c, visudo.pod: Prefer VISUAL over EDITOR like old vipw
did.
2004-01-18 20:17 millert
* env.c, sudo.c: In -i mode always set new environment based on the
runas user's passwd entry.
2004-01-18 17:56 millert
* sudo.man.in, sudo.pod: Document the new -i flag and sync SYNOPSIS
section with usage() in sudo.c. Also sort the flags in the
OPTIONS section.
2004-01-18 17:55 millert
* sudo.c, sudo.h: o Add -i that acts similar to "su -", based on
patches from David J. MacKenzie o Sort the flags in the usage
message
2004-01-18 17:22 millert
* sudoers.man.in, sudoers.pod: Add a missing @runas_default@
substitution.
2004-01-17 16:34 millert
* sudo.c: Change euid to runas user before calling find_path().
Unfortunately, though runas_user can be modified in sudoers we
haven't parsed sudoers yet.
2004-01-17 16:25 millert
* sudoers.man.in, sudoers.pod: Add missing defintion of
Parameter_List and use single pipes in the Defaults EBNF
definition.
2004-01-17 13:49 millert
* sudo.c: Fix a bug when set_runaspw() is used as a callback. We
don't want to reset the contents of runas_pw if the user
specified a user via the -u flag.
Avoid unnecessary passwd lookups in set_authpw(). In most cases
we already have the info in runas_pw.
2004-01-16 18:16 millert
* check.c: Add Stan Lee / Uncle Ben quote to the lecture from
RedHat
2004-01-16 18:12 millert
* sudo.h: Update sudo_getepw() proto and add one for set_runaspw()
2004-01-16 18:10 millert
* parse.c: If we can't stat the command as root, try as the runas
user instead.
2004-01-16 18:09 millert
* testsudoers.c, visudo.c: Add stub set_runaspw() function
2004-01-16 18:09 millert
* sudo.c: Add set_runaspw() function to fill in runas_pw. This
will be used as a callback to update runas_pw when the runas user
changes.
2004-01-16 18:07 millert
* env.c, sudo.c: PERM_RUNAS -> PERM_FULL_RUNAS
2004-01-16 18:05 millert
* set_perms.c, sudo.h: Rename PERM_RUNAS -> PERM_FULL_RUNAS and add
a PERM_RUNAS that just changes the euid.
2004-01-16 18:04 millert
* getspwuid.c: Make sudo_pwdup() act like OpenBSD pw_dup() and
allocate memory in one chunk for easy free()ing. Also change it
from static to extern.
2004-01-16 18:03 millert
* defaults.c, defaults.h: Add callback support
2004-01-16 18:02 millert
* def_data.c, def_data.in, mkdefaults: Add a callback field and use
it for runas_default
2004-01-15 15:13 millert
* auth/fwtk.c: Add support for chalnecho and display server
responses used by fwtk >= 2.0
2004-01-12 18:39 millert
* sudoers.man.in, sudoers.pod: ld.so is ld.so.1 on solaris
2004-01-12 14:03 millert
* Makefile.in, config.h.in, configure, configure.in, sudo.c,
sudo.h: Use closefrom() instead of doing the equivalent inline.
2004-01-12 13:55 millert
* closefrom.c: closefrom(3) for systems w/o it
2004-01-09 16:29 millert
* sudoers.man.in: Update from .pod file.
2004-01-09 16:26 millert
* configure, configure.in: Substitute noexec_file for the sudoers
man page
2004-01-09 16:24 millert
* sudo.man.in, sudo.pod: Mention noexec
2004-01-09 16:16 millert
* sudoers.man.in, sudoers.pod: Document noexec
2004-01-09 14:38 millert
* config.h.in, configure.in, auth/pam.c: Move PAM_CONST macro
definition from config.h to pam.c where it belongs. We can't
have this in config.h since that gets included too early.
2004-01-09 14:35 millert
* config.h.in, configure, configure.in, auth/pam.c: Some PAM
implementations put their headers in /usr/include/pam instead of
/usr/include/security.
2004-01-09 14:32 millert
* configure.in: I missed changing the EXEC macro -> EXECV here when
I changed this in config.h.in and sudo.c a while ago.
2004-01-09 13:15 millert
* acsite.m4: OpenBSD vax/m88k/hppa don't do shared libs
2004-01-09 03:29 millert
* configure, configure.in: o merge the hpux case entries into a
single entry w/ its own sub-case statement. o HP-UX >= 11
support getspnam(), use it in preference to getprpwuid()
2004-01-09 02:58 millert
* configure, configure.in: eval $shrext so that it expands nicely
on MacOS X
2004-01-09 02:50 millert
* Makefile.in: Don't lie about making a module, it does the wrong
thing on mach
2004-01-09 02:49 millert
* ltmain.sh: Remove requirement that libs must begin with "lib".
They don't when we point directly at the lib using LD_PRELOAD or
its equivalent.
2004-01-09 02:01 millert
* acsite.m4: Disable support for c++, f77 and java. We don't need
it, it takes a lot of time, and it hosed our check for shared lib
support.
2004-01-09 02:00 millert
* configure: regen
2004-01-09 02:00 millert
* configure.in: Call AC_ENABLE_SHARED and check the status of
enable_shared to know when shared libs are available.
2004-01-09 01:37 millert
* acsite.m4: Duh, OpenBSD suports shared libs too
2004-01-09 01:18 millert
* configure.in, config.h.in: Only OpenPAM and Linux PAM use const
qualifiers.
2004-01-09 01:15 millert
* configure, configure.in: o No need to check for sed, libtool
config does that for us o move check for --with-noexec until
after libtool magic is run so we can use $can_build_shared and
$shrext
2004-01-09 01:14 millert
* ltmain.sh: Don't print a bunch of crap about library installs
since we are not really installing a library.
2004-01-09 00:38 millert
* env.c: Make format_env() varargs Add noexec support for Darwin,
MacOS X, Irix, and Tru64
2004-01-09 00:32 millert
* acsite.m4, ltconfig, ltmain.sh: Update to libtool 1.5 with local
changes: o no ldconfig in the finish step o assume no libprefix
or version is needed
2004-01-09 00:15 millert
* sudo_noexec.c: Fix compilation under K&R
2004-01-06 09:31 millert
* CHANGES: checkpoint
2004-01-06 09:28 millert
* sudo_noexec.c: stub execve() that just returns EACCES; used for
noexec functionality
2004-01-06 01:42 millert
* sudo.tab.h: Regen w/ updated byacc from OpenBSD; fixes a gcc 3.2
issue with generated code.
2004-01-05 16:10 millert
* def_data.c, def_data.h, def_data.in: Move the environment
defaults to the end and shorten a few of the descriptions.
2004-01-05 15:05 millert
* configure.in, configure: no shared libs on ultris or convexos
2004-01-05 15:03 millert
* Makefile.in, configure, configure.in: Build sudo_noexec shared
object using libtool; could use some cleanup.
2004-01-05 14:59 millert
* acsite.m4, ltconfig, ltmain.sh: libtool scaffolding
2004-01-05 14:56 millert
* parse.yacc: Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so
that order is not important.
2004-01-05 12:15 millert
* defaults.c, env.c, parse.c, parse.h, parse.lex, parse.yacc,
pathnames.h.in, sudo.c, sudo.h, lex.yy.c: update copyright year
2004-01-04 22:58 millert
* configure, configure.in, defaults.c, env.c, pathnames.h.in: Add
_PATH_SUDO_NOEXEC and corresponding --with-noexec configure
option. The default value of noexec_file is set to this.
2004-01-04 21:48 millert
* def_data.c, def_data.h, def_data.in, env.c, lex.yy.c, parse.c,
parse.h, parse.lex, parse.yacc, sudo.c, sudo.h, sudo.tab.h: Add
support for preloading a shared object containing a dummy
execve() function that just sets error and returns -1. This adds
a "noexec_file" option to load the filename as well as a "noexec"
flag to enable it unconditionally. There is also a NOEXEC tag
that can be attached to specific commands and an EXEC tag to
disable it.
2004-01-04 21:40 millert
* mkdefaults: add missing newline to usage statement
2004-01-04 20:39 millert
* config.h.in, sudo.c: Rename EXEC macro -> EXECV
2004-01-04 20:16 millert
* logging.c: Don't truncate usernames to 8 characters in the log
message.
2004-01-04 20:13 millert
* check.c, sudoers.man.in, sudoers.pod: Update copyright year
2004-01-04 20:12 millert
* check.c, def_data.c, def_data.h, def_data.in, sudoers.man.in,
sudoers.pod: Add a new option, lecture_file, that can be used to
point to a custom sudo lecture.
2003-12-31 17:46 millert
* Makefile.in, sudo.h, zero_bytes.c, auth/aix_auth.c,
auth/bsdauth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Add a
zero_bytes() function to do the equivalent of bzero in such a way
that will heopfully not be optimized away by sneaky compilers.
2003-12-31 13:35 millert
* err.c: Use #ifdef __STDC__, not #if __STDC__.
2003-12-30 17:41 millert
* mkdefaults: Always put at least one space between the def_* macro
name and its definition.
2003-12-30 17:34 millert
* configure, configure.in: Adjust code for --without-lecture to
match new values.
2003-12-30 17:33 millert
* visudo.man.in: regen after pasto fix
2003-12-30 17:31 millert
* sudoers.man.in, sudoers.pod: Document that "lecture" has changed
from a flag to a tuple.
2003-12-30 17:31 millert
* check.c, def_data.c, def_data.h, def_data.in, defaults.c,
defaults.h, logging.c, mkdefaults, parse.c, sudo.c, sudo.h: Add
support for tuples in def_data.in; these are implemented as an
enum type. Currently there is only a single tuple enum but in
the future we may have one tuple enum per T_TUPLE entry in
def_data.in. Currently listpw, verifypw and lecture are tuples.
This avoids the need to have two entries (one ival, one str) for
pwflags and syslog values.
lecture is now a tuple with the following values: never, once,
always
We no longer use both an int and string entry for syslog
facilities and priorities. Instead, there are logfac2str() and
logpri2str() functions that get used when we need to print the
string values.
2003-12-30 17:20 millert
* check.c, def_data.h, defaults.c, defaults.h, env.c, find_path.c,
logging.c, mkdefaults, parse.c, parse.yacc, set_perms.c, sudo.c,
visudo.c, auth/aix_auth.c, auth/bsdauth.c, auth/fwtk.c,
auth/pam.c, auth/rfc1938.c, auth/securid5.c, auth/sia.c,
auth/sudo_auth.c: Create def_* macros for each defaults value so
we no longer need the def_{flag,ival,str,list,mode} macros (which
have been removed). This is a step toward more flexible data
types in def_data.in.
2003-12-30 15:55 millert
* TODO: checkpoint
2003-12-22 21:18 millert
* sudo.c: If we are in -k/-K mode, just spew to stderr. It is not
unusual for users to place "sudo -k" in a .logout file which can
cause sudo to be run during reboot after the YP/NIS/NIS+/LDAP/etc
daemon has died. Previously, this would result in useless mail
and logging.
2003-12-16 13:51 millert
* visudo.pod: fix pasto in VISUAL description
2003-12-09 22:09 millert
* configure: regen
2003-12-09 22:08 millert
* CHANGES: checkpoint
2003-12-09 22:02 millert
* TROUBLESHOOTING: Some OSes (like Solaris) allow export w/ nosuid
too
2003-08-12 16:45 millert
* compat.h: We don't use FD_ZERO anymore so just define FD_SET (if
not already there).
2003-06-28 21:31 millert
* auth/pam.c: Fix a core dump on Solaris by preserving the
pam_handle_t we used during authentication for pam_prep_user().
If we didn't authenticate (ie: ticket still valid), we call
pam_init() from pam_prep_user(). This is something of a hack; it
may be better to change the auth API and add an auth_final()
function that acts like pam_prep_user().
2003-06-21 12:50 millert
* set_perms.c: Add explicit declaration of printerr variable in
function header (was defaulting to int which is OK but oh so K&R
:-). From Theo.
2003-06-09 19:00 millert
* config.h.in, configure.in: s/HAVE_STOW/USE_STOW/
2003-06-09 16:07 millert
* logging.c: Also exit waitpid() loop when pid == 0. Fixes a
problem where the sudo process would spin eating up CPU until
sendmail finished when it has to send mail.
2003-05-30 16:22 millert
* fnmatch.3, fnmatch.c: Remove advertising clause, UCB has
disavowed it
2003-05-21 21:53 millert
* parse.c: Don't assume that getgrnam() calls don't modify contents
of struct passwd returned by getpwnam(). On FreeBSD w/ NIS this
can happen. Based on a patch from Kirk Webb.
2003-05-06 11:25 millert
* configure.in: missing ;;
2003-05-06 00:53 millert
* configure.in: darwin has a broken setreuid() in at least some
versions
2003-05-06 00:31 millert
* env.c: Fix an off by one error when reallocating the environment;
Kevin Pye
2003-04-30 14:04 millert
* sudoers.pod: Fix User_Spec definition; SEKINE Tatsuo
2003-04-28 19:30 millert
* HISTORY: More info on the early days from Coggs.
2003-04-21 14:47 millert
* auth/kerb5.c: remove errant semicolon that prevented compilation
under heimdal
2003-04-15 20:42 millert
* Makefile.in, alloc.c, check.c, compat.h, defaults.c, defaults.h,
env.c, fileops.c, find_path.c, getprogname.c, getspwuid.c,
goodpath.c, interfaces.c, interfaces.h, logging.c, parse.c,
parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c,
strerror.c, sudo.c, sudo.h, sudo.man.in, sudo.pod,
sudoers.man.in, sudoers.pod, testsudoers.c, tgetpass.c, utime.c,
version.h, visudo.c, visudo.man.in, visudo.pod, auth/afs.c,
auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
auth/rfc1938.c, auth/secureware.c, auth/securid.c,
auth/securid5.c, auth/sia.c, auth/sudo_auth.c: add DARPA credit
on affected files
2003-04-15 20:25 millert
* LICENSE: slightly different wording for the darpa credit
2003-04-15 14:37 millert
* LICENSE: Add DARPA credit
2003-04-14 16:49 millert
* auth/kerb5.c: Use krb5_princ_component() instead of
krb5_princ_realm() for MIT Kerberos like we did before I messed
things up ;-)
Use krb5_principal_get_comp_string() to do the same thing w/
Heimdal. I'm not sure if the component should be 0 or 1 in this
case.
#define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 for Heimdal since
older versions lack ENCTYPE_DES_CBC_MD5. This is gross and there
should be a configure check for this I guess.
2003-04-13 15:48 millert
* TROUBLESHOOTING, config.h.in, configure, configure.in,
sample.sudoers: builtin -> built-in; Jason McIntyre
2003-04-13 15:45 millert
* sudoers.pod: built in -> built-in; Jason McIntyre
2003-04-09 16:14 millert
* CHANGES: checkpoint for 1.6.7p3
2003-04-09 16:14 millert
* HISTORY: Update info on the early years @ SUNY-Buffalo from Cliff
Spencer. Amazingly, sudo source from 1985 is available via
groups.google.com
2003-04-09 16:13 millert
* sudo.c: Don't change rl.rlim_max for RLIMIT_CORE. We need only
set rl.rlim_cur to 0 to turn off core dumps. This may be needed
for the RLIMIT_CORE restoration on some OSes.
2003-04-04 12:46 millert
* auth/kerb5.c: Make this compile on Heimdal and MIT Kerberos 5
2003-04-04 12:45 millert
* config.h.in, configure, configure.in: Check for heimdal even if
we found krb5-config and define HAVE_HEIMDAL.
2003-04-03 22:04 millert
* auth/kerb5.c: Replace ETYPE_DES_CBC_MD5 with ENCTYPE_DES_CBC_MD5.
The former is no longer defined by MIT kerb5 (though it used to
be and indeed remains so in Heimdal).
2003-04-03 10:16 millert
* mkinstalldirs: Remove newer stuff that passes multiple (possibly
duplicate) directories to "mkdir -p" since that seems to break on
Tru64 Unix at least. This basically brings back what shipped
with sudo 1.6.6.
2003-04-02 13:57 millert
* auth/kerb5.c: Correct number of args to
krb5_principal_get_realm() and fix an unclosed comment that hid
the bug.
2003-04-02 13:45 millert
* configure: regen
2003-04-02 13:45 millert
* BUGS, CHANGES, INSTALL, INSTALL.binary, Makefile.in, README,
configure.in, version.h: ++version
2003-04-02 13:44 millert
* configure.in: use krb5-config to determine Kerberos V details if
it exists
2003-04-02 13:25 millert
* alloc.c, check.c, compat.h, defaults.c, env.c, find_path.c,
interfaces.c, logging.c, parse.c, sudo.c, sudo.h, testsudoers.c,
visudo.c, auth/fwtk.c, auth/rfc1938.c, auth/securid.c,
auth/securid5.c, auth/sia.c: Use warn/err and getprogname()
throughout. The main exception is openlog(). Since the admin
may be filtering logs based on the program name in the log files,
hard code this to "sudo".
2003-04-02 13:16 millert
* Makefile.in: Add getprogname.c and err.c
2003-04-02 13:15 millert
* configure: regen
2003-04-02 13:15 millert
* configure.in, config.h.in: Add checks for getprognam(),
__progname and err.h
2003-04-02 13:14 millert
* err.c, emul/err.h: For systems withour err/warn functions.
2003-04-02 13:14 millert
* getprogname.c: For systems neither getprogname() nor __progname;
uses Argv[0].
2003-04-01 10:09 millert
* CHANGES: checkpoint for 1.6.7p1
2003-04-01 10:02 millert
* sudo.c, testsudoers.c: fix strlcpy() rval check (innocuous)
2003-04-01 09:58 millert
* check.c: oflow detection in expand_prompt() was faulty (false
positives). The count was based on strlcat() return value which
includes the length of the entire string.
2003-03-30 19:02 millert
* CHANGES, RUNSON, TODO: checkpoint for the sudo 1.6.7 release
2003-03-24 16:09 millert
* logging.c: g/c unused variable
2003-03-24 11:06 millert
* configure: regen
2003-03-24 11:05 millert
* configure.in: use man sections 8 and 5 for csops
2003-03-21 18:11 millert
* configure: regen
2003-03-21 15:10 millert
* configure.in: Add -lskey or -lopie directly to SUDO_LIBS instead
of having AC_CHECK_LIB() add them to LIBS. Fixes visudo linkage.
2003-03-21 14:02 millert
* configure: regen
2003-03-21 14:01 millert
* INSTALL, aclocal.m4, configure.in: Add --with-blibpath for AIX.
An alternate libpath may be specified or -blibpath support can be
disabled. Also change conifgure such that -blibpath is not
specified if no -L libpaths were added to SUDO_LDFLAGS.
2003-03-20 22:05 millert
* configure.in: add AIX blibpath support
2003-03-20 20:28 millert
* INSTALL, configure.in: --with-skey and --with-opie now take an
option directory argument This obsoletes a --with-csops hack
(/tools/cs/skey)
Also remove the remaining direct uses of "echo"
2003-03-20 17:44 millert
* configure.in: Detect KTH Kerberos IV and deal with it. Also make
-lroken optional for KTH Kerberos IV and V.
2003-03-20 14:42 millert
* aclocal.m4: Add SUDO_APPEND_LIBPATH function that add
-L/path/to/dir (and -R/path/to/dir if $with_rpath) to the
specified variable.
2003-03-20 14:40 millert
* INSTALL, configure.in: Add -R/path/to/libs for Solaris and SVR4.
There is a new configure option, --with-rpath to control this
behavior.
2003-03-19 23:50 millert
* configure.in: for kerb4 put libdes after libkrb on the link line
2003-03-19 23:49 millert
* auth/kerb4.c: typo
2003-03-19 23:33 millert
* configure.in: fix kerberos lib check when a path is specified
2003-03-19 21:04 millert
* logging.c: Fix boolean thinko in SIGCHLD reaper and call
reapchild after sending mail instead of doing a conditional
sudo_waitpid.
2003-03-19 16:20 millert
* configure: regen
2003-03-19 16:19 millert
* configure.in: replace =DIR with [=DIR] where sensible
2003-03-19 16:16 millert
* configure.in: o Use AC_MSG_* instead of "echo" o New Kerberos
include/lib detection based on openssh's configure.in
2003-03-19 15:58 millert
* INSTALL: --with-kerb4 and --with-kerb5 now take an optional
argument.
2003-03-15 22:03 millert
* auth/securid.c: Kill remaining strcpy(), the programmer's guide
says username is 32 bytes.
2003-03-15 21:18 millert
* auth/kerb4.c: trat uid_t as unsigned long for printf and use
snprintf, not sprintf
2003-03-15 21:18 millert
* auth/rfc1938.c: use snprintf
2003-03-15 15:37 millert
* auth/: afs.c, aix_auth.c, bsdauth.c, dce.c, fwtk.c, kerb4.c,
kerb5.c, pam.c, passwd.c, rfc1938.c, sudo_auth.c: update
copyright year
2003-03-15 15:31 millert
* LICENSE, alloc.c, check.c, configure.in, env.c, sudo.c,
Makefile.in, aclocal.m4, compat.h, find_path.c, interfaces.c,
logging.c, parse.c, parse.lex, parse.yacc, set_perms.c, sudo.h,
sudo.pod, sudoers.pod, testsudoers.c, version.h, visudo.c,
visudo.pod, sudo.man.in, sudoers.man.in, visudo.man.in: update
copyright year
2003-03-15 15:19 millert
* check.c, env.c, sudo.c: Cast [ug]ids to unsigned long and printf
with %lu
2003-03-15 15:17 millert
* configure: regen
2003-03-15 15:16 millert
* configure.in: correct error messages for
--with-sudoers-{mode,uid,gid}
2003-03-15 15:10 millert
* alloc.c: make the malloc(0) error specific to each function to
aid tracking down bugs.
2003-03-15 14:49 millert
* alloc.c: deal with platforms where size_t is signed and there is
no SIZE_MAX or SIZE_T_MAX
2003-03-15 14:10 millert
* auth/kerb5.c: Make this compile w/ Heimdal and fix some gcc
warnings.
2003-03-15 13:02 millert
* sudo.c: Use stat_sudoers macro so --with-stow can work
2003-03-15 13:01 millert
* INSTALL, config.h.in, configure, configure.in: Add support for
--with-stow based on patches from Robert Uhl
2003-03-15 12:51 millert
* env.c: fix indentation
2003-03-15 00:21 millert
* configure.in: back out rev 1.352
2003-03-14 20:11 millert
* lex.yy.c: regen
2003-03-14 20:11 millert
* parse.lex: use strlcpy, not strncpy
2003-03-14 19:48 millert
* set_perms.c: Fix typo; check pw_uid, not pw_gid after
setusercontext() failure.
2003-03-14 19:43 millert
* logging.c: use pid_t
2003-03-14 10:43 millert
* strlcat.c, strlcpy.c: Make gcc shutup about unused rcsid
2003-03-14 10:35 millert
* interfaces.c: Move the n == 0 check for the non-getifaddrs cas
2003-03-13 21:47 millert
* auth/rfc1938.c: skeychallenge() on NetBSD take a size parameter
2003-03-13 21:38 millert
* configure: regen
2003-03-13 21:38 millert
* configure.in: put -ldl after -lpam, not before; fixes static
linking on Linux
2003-03-13 21:17 millert
* interfaces.c: Avoid malloc(0) and fix the loop invariant for the
getifaddrs() case.
2003-03-13 20:24 millert
* sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
sudoers.cat, visudo.cat: regen
2003-03-13 20:23 millert
* Makefile.in: Preserve copyright notice from .pod file in .man.in
file
2003-03-13 20:01 millert
* visudo.pod: Add sudoers(5) to SEE ALSO
2003-03-13 15:27 millert
* lex.yy.c: regen
2003-03-13 15:27 millert
* parse.lex: Don't assume libc can realloc() a NULL string. If
malloc/realloc fails, make sure we just return; yyerror() is not
terminal.
2003-03-13 15:17 millert
* lex.yy.c: regen
2003-03-13 15:17 millert
* parse.lex: simplify fill_args a little and use strlcpy for
paranoia
2003-03-13 15:00 millert
* check.c, env.c, find_path.c, parse.c, parse.yacc, sudo.c,
testsudoers.c: Use strlc{at,py} for paranoia's sake and exit on
overflow. In all cases the strings were either pre-allocated to
the correct size of length checks were done before the copy but a
little paranoia can go a long way.
2003-03-13 12:54 millert
* sudo.h: Add strlc{at,py} protos
2003-03-13 12:03 millert
* env.c, interfaces.c: Use erealloc3()
2003-03-13 12:00 millert
* configure: regen
2003-03-13 12:00 millert
* alloc.c: Oflow test of nmemb > SIZE_MAX / size is fine (don't
need >=). Use memcpy() instead of strcpy() in estrdup() so this
is strcpy()-free.
2003-03-13 11:58 millert
* sudo.c: snprintf() a uid as %lu, not %ld to match the
MAX_UID_T_LEN test in configure.
2003-03-13 11:56 millert
* aclocal.m4: In MAX_UID_T_LEN test cast uid_t to unsigned long,
just unsigned.
2003-03-12 18:46 millert
* sudo.c: Use snprintf() for paranoia
2003-03-12 17:16 millert
* parse.yacc: Use emalloc2 and erealloc3
2003-03-12 17:08 millert
* Makefile.in: strlc{at,py} for those w/o it
2003-03-12 17:07 millert
* strlcat.c, strlcpy.c: stlc{at,py} for those w/o it.
2003-03-12 17:07 millert
* config.h.in, configure, configure.in: Add stlc{at,py} for those
w/o it.
2003-03-12 16:51 millert
* alloc.c, sudo.h: Add erealloc3(), a realloc() version of
emalloc2().
2003-03-12 16:45 millert
* interfaces.c, sudo.c: Use emalloc2() to allocate N things of a
certain size.
2003-03-12 16:41 millert
* alloc.c, sudo.h: Add emalloc2() -- like calloc() but w/o the
bzero and with error/oflow checking.
2003-03-12 16:23 millert
* alloc.c: Error out on malloc(0); suggested by theo
2003-03-09 19:34 millert
* configure, configure.in: fix a typo; David Krause
2003-03-07 10:46 millert
* sudo.pod: fix typo
2003-03-03 21:47 millert
* env.c: Remove DYLD_ from the environment for MacOS X; from bbraun
2003-03-01 13:20 millert
* configure.in, config.h.in: not not; Anil Madhavapeddy
2003-01-23 03:03 millert
* sudo.pod, sudoers.pod, visudo.pod: typos; jmc@openbsd.org
2003-01-20 16:13 millert
* parse.yacc: Add some missing ';' rule terminators that bison
warns about.
2003-01-20 16:07 millert
* config.sub: fix typo I introduced in last merge
2003-01-20 15:59 millert
* configure: regenerate with autoconf 2.57
2003-01-20 15:58 millert
* config.h.in: Add missing "$HOME"
2003-01-20 15:57 millert
* configure.in: Add some more square backets to make autoconf 2.57
happy
2003-01-20 14:39 millert
* config.guess, config.sub, mkinstalldirs: Updates from
autoconf-2.57
2003-01-17 18:10 millert
* lex.yy.c, sudo.tab.h: regen
2003-01-17 18:09 millert
* parse.lex, parse.yacc, sudoers.pod: Add support for
Defaults>RunasUser
2003-01-06 19:10 millert
* visudo.c: fclose() yyin after each yyparse() is done and use
fopen() instead of using freopen().
2003-01-06 19:02 millert
* parse.lex: Better fix for sudoers files w/o a newline before EOF.
It looks like the issue is that yyrestart() does not reset the
start condition to INITIAL which is an issue since we parse
sudoers multiple times.
2003-01-06 18:47 millert
* parse.lex: Work around what appears to be a flex bug when dealing
with files that lack a final newline before EOF. This adds a
rule to match EOF in the non-initial states which resets the
state to INITIAL and throws an error.
2003-01-06 15:06 millert
* visudo.c: o The parser needs sudoers to end with a newline but
some editors (emacs) may not add one. Check for a missing
newline at EOF and add one if needed. o Set quiet flag during
initial sudoers parse (to get options) o Move yyrestart() call
and always use freopen() to open yyin after initial sudoers
parse.
2002-12-15 11:24 millert
* set_perms.c: Fix pasto/thinko in setresgid()/setregid() usage.
Want to set effective gid, not real gid, when reading sudoers.
2002-12-15 11:08 millert
* set_perms.c: don't compile set_perms_posix if we have setreuid or
setresuid
2002-12-14 14:21 millert
* sudo.pod, sudoers.pod: document new prompt escapes
2002-12-14 14:15 millert
* check.c: Add %U and %H escapes and redo prompt rewriting. "%%"
now gets collapsed to "%" as was originally intended. This also
gets rid of lastchar (does lookahead instead of lookback) which
should simplify the logic slightly.
2002-12-13 13:20 millert
* tgetpass.c: Write the prompt *after* turning off echo to avoid
some password characters being echoed on heavily-loaded machines
with fast typists.
2002-12-13 13:09 millert
* config.sub: Add support for mipseb; wiz@danbala.tuwien.ac.at
2002-12-13 12:48 millert
* configure.in: Fix IRIX fallout from name changes in man dir/sect
Makefile variables. Patch from erici AT motown DOT cc DOT utexas
DOT edu
2002-12-13 11:33 millert
* auth/pam.c: Keep a local copy of tgetpass_flags so we don't add
in TGP_ECHO to the global copy. Problem noted by Peter Pentchev.
2002-11-28 18:43 millert
* parse.yacc: Add missing yyerror() calls; YYERROR does not seem to
call this for us.
2002-11-26 12:09 millert
* sudo.c: fix typo in comment; Pedro Bastos
2002-11-22 14:41 millert
* INSTALL: document --disable-setresuid
2002-11-22 14:41 millert
* auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c:
Sprinkle some volatile qualifiers to prevent over-enthusiastic
optimizers from removing memset() calls.
2002-11-22 14:11 millert
* logging.c, parse.yacc: minor sign fixes pointed out by gcc
-Wsign-compare
2002-11-22 14:09 millert
* set_perms.c, sudo.c, sudo.h: Revamp set_perms. We now use a
version based on setresuid() or setreuid() when possible since
that allows us to support the stay_setuid option and we always
know exactly what the semantics will be (various Linux kernels
have broken POSIX saved uid support).
2002-11-22 14:08 millert
* config.h.in, configure: regen from configure.in
2002-11-22 14:07 millert
* configure.in: Add checks for setresuid() and a way to disable
using it
2002-11-22 14:05 millert
* compat.h: No long need to emulate set*[ug]id() via setres[ug]id()
or setre[ug]id(). The new set_perms stuff only uses things it
knows are there.
2002-11-22 13:33 millert
* sudo.c: Before exec, restore state of signal handlers to be the
same as when we were initialy invoked instead of just reseting to
SIG_DFL. Fixes a problem when using sudo with nohup. Based on a
patch from Paul Markham.
2002-11-22 13:23 millert
* sudo.c: o timestamp_uid should be uid_t, not int o clarify error
message when sudo is run by root and no_root_sudo is set
2002-09-19 17:27 millert
* README: update ftp link for bison
2002-07-20 08:30 millert
* set_perms.c: Error out if setusercontext() fails and the runas
user is not root.
2002-05-20 16:51 millert
* auth/securid5.c: Fix rcsid
2002-05-20 16:50 millert
* configure.in: Fix SecurID API test
2002-05-17 13:20 millert
* env.c: typo in comment
2002-05-17 13:20 millert
* configure.in: securid5 stuff needs pthreads. Just adding
-lpthread is suboptimal but I don't see a better way at the
moment.
2002-05-17 13:04 millert
* Makefile.in, auth/securid5.c: SecurID API version 5 support from
Michael Stroucken
2002-05-17 13:02 millert
* configure.in: Add check for SecurID 5.0 API
2002-05-08 16:46 millert
* strerror.c: We actually do still need config.h to get the 'const'
definition for K&R C.
2002-05-05 16:43 millert
* configure: regen with autoconf 2.5.3
2002-05-05 16:25 millert
* configure.in: Don't set sysconfdir to '/etc' if the user has
specified a --prefix.
2002-05-05 16:14 millert
* configure.in: Some fixes for autoconf 2.53 from Robert Uhl o
don't AC_SUBST LIBOBJS o force a 4th arg for AC_CHECK_HEADER()
to workaround a bug
2002-05-05 15:58 millert
* env.c, sudo.c, sudo.h: No need for dump_badenv() now that
dump_defaults() knows how to dump lists.
2002-05-04 21:31 millert
* BUGS, INSTALL, Makefile.in, configure.in, version.h,
INSTALL.binary, README: ++version
2002-05-04 20:57 millert
* sudoers.pod: document timestampowner
2002-05-04 20:45 millert
* check.c: Don't call set_perms() when doing timestamp stuff unless
timestamp_uid != 0.
2002-05-04 20:43 millert
* check.c, logging.c, parse.c, set_perms.c, sudo.c, sudo.h,
testsudoers.c, auth/sudo_auth.c: g/c second arg to set_perms--it
is no longer used
2002-05-03 18:48 millert
* check.c, set_perms.c, sudo.c, sudo.h: Add support for non-root
timestamp dirs. This allows the timestamp dir to be shared via
NFS (though this is not recommended).
2002-05-03 18:47 millert
* def_data.c, def_data.h, def_data.in: Add timestampowner, "Owner
of the authentication timestamp dir"
2002-05-02 15:40 millert
* env.c: Don't try to pre-compute the size of the new envp, just
allocate space up front and realloc as needed. Changes to the
new env pointer must all be made through insert_env() which now
keeps track of spaced used and allocates as needed.
2002-04-26 15:12 millert
* configure: regen
2002-04-26 15:12 millert
* configure.in: Fix two typo/pastos; from jrj@purdue.edu
2002-04-25 11:36 millert
* INSTALL.binary, README: ++version
2002-04-25 11:35 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in, configure: regen
2002-04-25 11:31 millert
* CHANGES, RUNSON, TODO: Sync with 1.6.6
2002-04-25 11:30 millert
* check.c: The the loop used to expand %h and %u, the lastchar
variable was not being initialized. This means that if the last
char in the prompt is '%' and the first char is 'h' or 'u' a
extra copy of the host or user name would be copied, for which
space had not been allocated.
2002-04-18 11:41 millert
* BUGS, INSTALL, Makefile.in, configure.in, version.h: crank
version to 1.6.6
2002-04-18 11:39 millert
* auth/afs.c: #undef VOID to get rid of an AFS warning
2002-04-18 11:38 millert
* env.c: Use easprintf instead of emalloc + sprintf for some
things.
2002-03-15 19:45 millert
* lex.yy.c: regen
2002-03-15 19:44 millert
* parse.c, parse.lex, parse.yacc, testsudoers.c: Remove Chris
Jepeway's email address so people don't bug him ;-)
2002-03-11 22:19 millert
* sudo.c: Move endpwent() to be after set_perms(PERM_RUNAS, ...)
and also call endgrent() at the same time.
2002-02-21 22:23 millert
* INSTALL: Make it clear which configure options take arguments.
2002-01-25 13:38 millert
* compat.h: HP-UX 9.x has RLIMIT_* but no RLIM_INFINITY. If there
is no RLIM_INFINITY, just pretend it is -1. This works because
we only check for RLIM_INFINITY and do not set anything to that
value.
2002-01-22 11:43 millert
* auth/pam.c: Zero and free allocated memory when there is a
conversation error.
2002-01-21 22:37 millert
* auth/bsdauth.c: Use sigaction() not signal()
2002-01-21 22:26 millert
* INSTALL: Mention that some linux kernels have broken POSIX saved
ID support
2002-01-21 21:03 millert
* CHANGES: checkpoint for 1.6.5p2
2002-01-21 21:01 millert
* configure: regen
2002-01-21 21:01 millert
* configure.in: Add --disable-setreuid flag
2002-01-21 21:00 millert
* INSTALL: Document new --disable-setreuid option and change
description for --disable-saved-ids to match new error message.
2002-01-21 21:00 millert
* set_perms.c: fatal() now takes an argument that determines
whether or not to call perror().
2002-01-21 20:58 millert
* PORTING, TROUBLESHOOTING: Update for new error messages from
set_perms()
2002-01-21 17:46 millert
* auth/pam.c: Make this compile w/o warnings
2002-01-21 17:36 millert
* auth/pam.c: Mention that we can't use pam_acct_mgmt()
2002-01-21 17:25 millert
* auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c: The user's password
was not zeroed after use when AIX authentication, BSD
authentication, FWTK or PAM was in use.
2002-01-20 14:21 millert
* auth/pam.c: Avoid giving PAM a NULL password response, use the
empty string instead. This avoids a log warning when the user
hits ^C at the password prompt when PAM is in use.
2002-01-19 19:46 millert
* auth/pam.c: Don't check the return value of pam_setcred(). In
Linux-PAM 0.75 pam_setcred() returns the last saved return code,
not the return code for the setcred module. Because we haven't
called pam_authenticate(), this is not set and so pam_setcred()
returns PAM_PERM_DENIED.
2002-01-19 19:43 millert
* Makefile.binary, Makefile.in: Don't need a '/' between $(DESTDIR)
and a directory.
2002-01-18 14:18 millert
* configure: regen
2002-01-18 14:18 millert
* configure.in: o BSDi also has a bogus setreuid() o Old FreeBSD
has a bogus setreuid() o new NetBSD has a real setreuid() o add
check for freeifaddrs() if getifaddrs() exists.
2002-01-18 14:17 millert
* config.h.in, interfaces.c: Older BSDi releases lack freeifaddrs()
so add a test for that and if it is not present just use free().
2002-01-17 11:30 millert
* CHANGES, RUNSON: Checkpoint for 1.6.5p1
2002-01-17 10:56 millert
* auth/passwd.c: Return AUTH_FAILURE in passwd_init() if
skeyaccess() denies access to normal passwords, not AUTH_FATAL
(which just causes an exit).
2002-01-17 10:35 millert
* visudo.c: Don't use memory after it has been freed.
2002-01-17 00:24 millert
* auth/passwd.c: skeyaccess() wants a struct passwd * not a char *;
Patch from Phillip E. Lobbes
2002-01-16 20:00 millert
* BUGS: ++version
2002-01-16 19:53 millert
* CHANGES, RUNSON, TODO: checkpoint for sudo 1.6.5
2002-01-16 18:37 millert
* configure: regen
2002-01-16 18:37 millert
* INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
version 1.6.5
2002-01-16 18:37 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: sudo version 1.6.5
2002-01-16 16:28 millert
* logging.c: o when invoking the mailer as root use a hard-coded
environment that doesn't include any info from the user's
environment. Basically paranoia.
o Add support for the NO_ROOT_MAILER compile-time option and run
the mailer as the user and not root if NO_ROOT_MAILER is
defined.
2002-01-16 16:27 millert
* set_perms.c, sudo.h: Bring back PERM_FULL_USER
2002-01-16 16:26 millert
* configure: regen
2002-01-16 16:26 millert
* version.h: version 1.6.5
2002-01-16 16:26 millert
* INSTALL, config.h.in, configure.in: Add --disable-root-mailer
option to run the mailer as the user and not root.
2002-01-16 12:44 millert
* CHANGES: checkpoint for 1.6.4p2
2002-01-15 19:22 millert
* PORTING: Mention the "seteuid(0): Operation not permitted"
problem here too just for good measure.
2002-01-15 18:43 millert
* env.c, getspwuid.c, sudo.c: The SHELL environment variable was
preserved from the user's environment instead of being reset
based on the passwd database when the "env_reset" option was
used. Now it is reset as it should be.
2002-01-15 17:47 millert
* configure: regen
2002-01-15 17:47 millert
* INSTALL, TROUBLESHOOTING, config.h.in, configure.in, set_perms.c,
sudo.c: Add a configure option to turn off use of POSIX saved IDs
2002-01-15 15:48 millert
* configure: regen
2002-01-15 15:48 millert
* configure.in: add --with-efence option
2002-01-15 15:39 millert
* sudo.c: Only OR in MODE_RESET_HOME if MODE_RUN is set. Fixes a
problem where "sudo -l" would not work if always_set_home was
set.
2002-01-15 13:16 millert
* lex.yy.c: regen
2002-01-15 13:16 millert
* parse.lex: Quoted commas were not being treated correctly in
command line arguments.
2002-01-14 20:53 millert
* sudo.c: o Move the call to rebuild_env() until after
MODE_RESET_HOME is set. Otherwise, the set_home option has no
effect.
o Fix use of freed memory when the "fqdn" flag is set. This was
introduced by the fix for the "segv when gethostbynam() fails"
bug. Also, we no longer call set_fqdn() if the "fqdn" flag is
not set so there is no need to check the "fqdn" flag in
set_fqdn() itself.
2002-01-14 20:45 millert
* env.c: Add 'continue' statements to optimize the switch
statement. From Solar.
2002-01-13 13:42 millert
* sudoers.cat, sudoers.man.in: Regen from new sudoers.pod
2002-01-13 13:36 millert
* sudoers.pod: Add caveat about stay_setuid flag
2002-01-13 13:29 millert
* sudo.c: If set_perms == set_perms_posix and the stay_setuid flag
is not set, set all uids to 0 and use set_perms_fallback().
2002-01-13 13:28 millert
* set_perms.c, sudo.h: Remove PERM_FULL_USER (which is no longer
used) and add PERM_FULL_ROOT (used when exec'ing the mailer).
2002-01-13 13:27 millert
* logging.c: Use set_perms(PERM_FULL_ROOT, 0) before exec'ing the
mailer since we never want to run the mailer setuid.
2002-01-12 17:55 millert
* sudo.cat, sudo.man.in, sudo.pod, visudo.cat, visudo.man.in,
visudo.pod: Use sudo.ws instead of courtesan.com in URLs
2002-01-12 14:00 millert
* Makefile.in, Makefile.binary: Fix mansect substitution
2002-01-12 13:15 millert
* Makefile.in: Substitute man sections in Makefile.binary
2002-01-12 13:15 millert
* Makefile.binary: Sync install targets with Makefile.in and
substitute in man sections.
2002-01-12 13:09 millert
* INSTALL, INSTALL.binary: version is 1.6.4
2002-01-12 12:59 millert
* Makefile.in: Repair bindist target
2002-01-12 11:43 millert
* CHANGES: sync for 1.6.4
2002-01-10 13:00 millert
* install-sh: Fix case where neither whoami nor id are found
2002-01-09 12:35 millert
* install-sh: If neither whoami nor id exists, just assume we are
root.
2002-01-09 11:56 millert
* alloc.c: Add explicit cast to (VOID *) on malloc/realloc. Seems
to be needed on AIX which for some reason isn't pulling in the
malloc prototype.
2002-01-08 10:00 millert
* Makefile.in, aclocal.m4, compat.h, parse.c, sudo.c: (c) 2002
2002-01-08 09:21 millert
* CHANGES: checkpoint
2002-01-08 09:20 millert
* sudo.c: Defer assigning new environment until right before the
exec.
2002-01-08 09:08 millert
* parse.c: kill extra blank line
2002-01-07 13:59 millert
* configure: regen
2002-01-07 13:59 millert
* configure.in: Use -O not -O2 for m88k-motorola-sysv* since
motorola gcc-derived compiler doesn't recognise -O2.
2002-01-06 23:02 millert
* HISTORY: Clarify origins of Root Group sudo a bit based on info
from billp@rootgroup.com
2002-01-02 22:41 millert
* LICENSE: 2002
2002-01-02 22:26 millert
* CHANGES: checkpoint for 1.6.4rc1
2002-01-02 17:40 millert
* config.h.in: now generated via autoheader
2002-01-02 17:40 millert
* configure: regen
2002-01-02 17:37 millert
* compat.h: Move in some stuff that was previously in config.h.
2002-01-02 17:36 millert
* configure.in, aclocal.m4: Add info for autoheader.
2002-01-01 16:53 millert
* Makefile.in: o Add DESTDIR support
o Use -M, -O, and -G instead of -m, -o, and -g to facilitate
non-root installs
2002-01-01 16:48 millert
* install-sh: Add -M option (like -m but only for root) If we can't
find "whoami", use "id" w/ some sed.
2002-01-01 14:01 millert
* configure: regen
2002-01-01 14:00 millert
* configure.in: allow user to always override mansectsu and
mansectform
2001-12-31 17:05 millert
* mkinstalldirs: update from autoconf 2.52
2001-12-31 17:03 millert
* config.guess, config.sub: Update from autoconf 2.52
2001-12-31 16:57 millert
* configure: regen with autoconf 2.52
2001-12-31 16:57 millert
* configure.in: o Call AC_PROG_CC_STDC to find out how to run the
compiler in ANSI mode
o Remove compiler-specific checks for HP-UX now that we use
AC_PROG_CC_STDC
2001-12-31 12:19 millert
* RUNSON: Checkpoint
2001-12-31 12:18 millert
* auth/pam.c: o Add pam_prep_user function to call pam_setcred()
for the target user; on Linux this often sets resource limits.
o When calling pam_end(), try to convert the auth->result to a
PAM_FOO value. This is a hack--we really need to stash the
last PAM_FOO value received and use that instead.
2001-12-31 12:18 millert
* set_perms.c, sudo.h: o Add pam_prep_user function to call
pam_setcred() for the target user; on Linux this often sets
resource limits.
2001-12-31 00:53 millert
* env.c: Fix off by one error in number of bytes allocated via
malloc (does not affected any released version of sudo).
2001-12-30 17:12 millert
* lex.yy.c: regen
2001-12-30 17:12 millert
* parse.lex: Allow '@', '(', ')', ':' in arguments to a defaults
variable w/o requiring that they be quoted.
2001-12-30 14:26 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: Mention that no double
quotes are needed when adding/deleting/assigning a single value
to a list.
2001-12-30 13:58 millert
* Makefile.in: Don't rely on mkdefaults being executable, call perl
explicitly.
2001-12-30 13:41 millert
* parse.yacc: Remove some XXX that are no longer relevant.
2001-12-30 13:40 millert
* defaults.c: o Roll our own loop instead of using strpbrk() for
better grokability o When adding to a list we must malloc() and
use memcpy(), not strdup() since we must only copy len bytes
from str.
2001-12-21 16:49 millert
* parse.yacc: typo in comment
2001-12-19 11:50 millert
* CHANGES: checkpoint
2001-12-19 10:56 millert
* configure: regen
2001-12-19 10:56 millert
* configure.in: avoid the -g flag unless --with-devel was specified
2001-12-19 10:04 millert
* Makefile.in: mkdefaults, def_data.in and sigaction.c were missing
from the tarball
2001-12-19 09:46 millert
* Makefile.in: def_data.c was missing
2001-12-18 12:42 millert
* env.c: Fix setting of $USER and $LOGNAME in the non-reset_env
case. Also allow HOME, SHELL, LOGNAME, and USER to be specified
in keep_env
2001-12-17 20:48 millert
* TODO: Another TODO item
2001-12-17 19:50 millert
* sudoers: Add comment for Default section so folks know where it
should go.
2001-12-17 18:56 millert
* tgetpass.c: Use TCSETAF, not TCSETA to set terminal in termio
case
2001-12-17 18:35 millert
* sudoers.man.in, sudoers.cat: regen from sudoers.pod
2001-12-17 18:33 millert
* sudoers.pod: o Typo, Runas_User_List should be Runas_List
o a User_List can not contain a uid
o mention that the Defaults section should come after Alias
definitions but before the user specifications
2001-12-15 11:51 millert
* sudoers.cat, sudoers.man.in: regen
2001-12-15 11:51 millert
* sudoers.pod: Fix listpw and verifypw sections, they were not
being formatted properly.
2001-12-15 11:39 millert
* sudoers.cat, sudoers.man.in: regen
2001-12-15 11:38 millert
* sudoers.pod: fix typos
2001-12-15 10:57 millert
* configure: regen
2001-12-15 10:57 millert
* configure.in, config.h.in: use AC_SYS_POSIX_TERMIOS instead of
rolling our own
2001-12-15 10:33 millert
* README: Reference sudo.ws not courtesan.com
2001-12-15 10:29 millert
* PORTING: Add notes on shadow passwords
2001-12-15 00:48 millert
* BUGS: In list mode (sudo -l), characters escaped with a backslash
are shown verbatim with the backslash.
2001-12-15 00:44 millert
* sudoers: Add simple examples from OpenBSD (Marc Espie)
2001-12-15 00:40 millert
* tgetpass.c: Catch SIGTTIN and SIGTTOU too and treat them like
SIGTSTP.
2001-12-14 21:53 millert
* CHANGES: minor prettyification
2001-12-14 21:43 millert
* CHANGES: Updated change log
2001-12-14 21:27 millert
* testsudoers.c: Fix CIDR handling here too.
2001-12-14 21:21 millert
* auth/pam.c: Apparently a NULL response is OK
2001-12-14 21:19 millert
* TODO: Checkpoint for upcoming beta release
2001-12-14 21:17 millert
* TROUBLESHOOTING: Many people believe that adding a runas spec
should obviate the need for the -u flag. It does not.
2001-12-14 21:11 millert
* RUNSON: checkpoint update for upcoming 1.6.4 beta
2001-12-14 20:44 millert
* config.h.in: o Add HAVE_STDLIB_H and HAVE_MEMORY_H o Define
HAVE_STRINGS_H even if HAVE_STRING_H is defined -- this is safe
now
2001-12-14 20:07 millert
* PORTING: Add signals section
2001-12-14 20:00 millert
* configure: regen
2001-12-14 20:00 millert
* configure.in: Fix check for sigaction_t
2001-12-14 19:45 millert
* sudo.c: XXX - should call find_path() as runas user, not root.
Can't do that until the parser changes though.
2001-12-14 19:38 millert
* sudo.c: If find_path() fails as root, try again as the invoking
user (useful for NFS). Idea from Chip Capelik.
2001-12-14 19:28 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in: Regenerate
after pod file changes
2001-12-14 19:24 millert
* def_data.c, def_data.h, def_data.in, set_perms.c, sudo.c, sudo.h,
sudo.pod, sudoers.pod: Add new sudoers option "preserve_groups".
Previously sudo would not call initgroups() if the target user
was root. Now it always calls initgroups() unless the -P command
line option or the "preserve_groups" sudoers option is set. Idea
from TJ Saunders.
2001-12-14 18:38 millert
* compat.h, config.h.in: Use new HAVE_SIGACTION_T define
2001-12-14 18:33 millert
* logging.c: Fix compilation on K&C
2001-12-14 18:14 millert
* configure: regen
2001-12-14 18:14 millert
* configure.in: Add check for sigaction_t -- IRIX already defines
this so don't redefine it.
2001-12-14 17:15 millert
* snprintf.c: fix typo
2001-12-14 17:12 millert
* interfaces.c: need stdlib.h here too
2001-12-14 15:31 millert
* configure: regen
2001-12-14 15:31 millert
* configure.in: Remove redundant checks for string.h, strings.h and
unistd.h
2001-12-14 15:29 millert
* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
visudo.man.in: Regen from pod files
2001-12-14 15:03 millert
* BUGS: Update for 1.6.4
2001-12-14 14:59 millert
* configure, lex.yy.c: regen
2001-12-14 14:56 millert
* strerror.c: Return EINVAL if errnum > sys_nerr
2001-12-14 14:54 millert
* LICENSE, Makefile.binary, Makefile.in, aclocal.m4, compat.h,
config.h.in, defaults.h, interfaces.h, pathnames.h.in, sudo.h,
sudo.pod, auth/sudo_auth.h: o Update copyright year
2001-12-14 14:54 millert
* configure.in: o Don't define STDC_HEADERS unconditionally for
IRIX o Update copyright year
2001-12-14 14:53 millert
* README: update version
2001-12-14 14:52 millert
* alloc.c, check.c, defaults.c, env.c, fileops.c, find_path.c,
fnmatch.c, getcwd.c, getspwuid.c, goodpath.c, interfaces.c,
logging.c, lsearch.c, parse.c, parse.lex, parse.yacc,
set_perms.c, snprintf.c, sudo.c, testsudoers.c, tgetpass.c,
utime.c, visudo.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
auth/sia.c, auth/sudo_auth.c: o Reorder some headers and use
STDC_HEADERS define properly o Update copyright year
2001-12-14 01:53 millert
* configure: regen
2001-12-14 01:53 millert
* tgetpass.c: flags set in signal handlers should be volatile
sig_atomic_t
2001-12-14 01:52 millert
* config.h.in, configure.in: Add checks for volatile and
sig_atomic_t
2001-12-14 01:42 millert
* lex.yy.c, configure: regen
2001-12-14 01:40 millert
* def_data.c, def_data.h, def_data.in, defaults.c, env.c,
find_path.c, sudo.c, sudoers.pod: Remove "secure_path" Defaults
option since it cannot work with the existing parser.
2001-12-14 01:26 millert
* find_path.c, sudo.c: Unset "secure_path" if user_is_exempt()
2001-12-14 01:24 millert
* env.c, pathnames.h.in: o Remove assumption that PATH and TERM are
not listed in env_keep o If no PATH is in the environment use a
default value o If TERM is not set in the non-reset case also
give it a default value.
2001-12-14 01:17 millert
* aclocal.m4, configure.in, defaults.c, pathnames.h.in:
_PATH_SENDMAIL -> _PATH_SUDO_SENDMAIL so --without-sendmail works
on systems that define in paths.h
2001-12-14 01:15 millert
* auth/: passwd.c, sudo_auth.c, sudo_auth.h: Add support for
skeyaccess(3) if it is present in libskey.
2001-12-12 21:42 millert
* sudo.c: Only need to do 'lc = login_getclass(NULL)' if lc == NULL
2001-12-12 21:24 millert
* parse.lex: '\\' is a perfectly legal character to have in a
command line argument.
2001-12-12 20:24 millert
* sudo.c: o Defer call to set_fqdn() until it is safe to use
log_error() o Don't print errno string value if gethostbyname
fails, it is not relevant
2001-12-12 20:07 millert
* parse.c: Fix CIDR -> in_addr_t conversion.
2001-12-12 16:21 millert
* sudoers.pod: Remove an extra "User_List" in the User_Spec
definition From ybertrand AT snoopymail.com
2001-12-12 16:00 millert
* parse.c: Make 'listpw=never' work for users who are not
explicitly mentioned in sudoers.
2001-12-12 15:40 millert
* sudoers.pod: Remove gratuitous '=' in EBNF grammar; era AT iki.fi
2001-12-12 15:34 millert
* sudoers.pod: Document new list Defaults type and convert env_keep
and env_delete to lists. Document new env_check option.
2001-12-12 15:11 millert
* lex.yy.c, sudo.tab.h: regen parser
2001-12-12 14:56 millert
* parse.lex: Don't let '#' appear in a {WORD} and restrict #foo in
a Runas spec to #[0-9-]+.
2001-12-12 14:55 millert
* configure: regen
2001-12-12 14:55 millert
* aclocal.m4: Simpler SUDO_FUNC_ISBLANK that uses AC_TRY_LINK
2001-12-12 14:43 millert
* config.h.in, configure.in: Add check for skeyaccess(3)
2001-12-11 19:47 millert
* visudo.pod: Document new -c, -f, and -q options
2001-12-11 19:41 millert
* visudo.c: o Add -f option (alternate sudoers file) o Convert to
use getopt(3)
2001-12-11 19:31 millert
* configure: regen
2001-12-11 19:31 millert
* aclocal.m4, config.h.in, configure.in: Add check for isblank and
a replacement macro if it doesn't exist.
2001-12-11 18:22 millert
* visudo.c: In check-only mode, don't create sudoers if it does not
already exist.
2001-12-11 18:06 millert
* parse.yacc: o Add a new token, DEFVAR, to indicate a Defaults
variable name
o Add support for "+=" and "-=" list operators
o replace some 1 and 0 with TRUE and FALSE for greater
legibility.
2001-12-11 18:05 millert
* parse.lex: o Use exclusive start conditions to remove some
ambiguity in the
lexer. Also reorder some things for clarity.
o Add support for "+=" and "-=" list operators.
o Use the new DEFVAR token to denote a Defaults variable name.
2001-12-11 18:03 millert
* sudo.h: Prototype init_envtables()
2001-12-11 18:02 millert
* env.c: o Convert environment handling to use lists instead of
strings.
This greatly simplifies routines that need to do "foreach"
type
operations.
o Add new init_envtables() function to set env_check and
env_delete
defaults based on initial_badenv_table and
initial_checkenv_table
(formerly sudo_badenv_table).
2001-12-11 18:00 millert
* defaults.c, defaults.h: o Add a new LIST type and functions to
manipulate it.
o This is for use with environment handling variables.
o Call new init_envtables() routine inside init_defaults() to
initialize the environment lists.
2001-12-11 17:57 millert
* def_data.c, def_data.h, def_data.in: Convert environment options
to use the new LIST type and add a new one, env_check that only
deletes if the sanity check fails.
2001-12-11 17:55 millert
* testsudoers.c: Add dummy version of init_envtables()
2001-12-11 17:53 millert
* parse.yacc: honor quiet mode
2001-12-11 17:51 millert
* visudo.c: Add check-only mode
2001-12-10 20:27 millert
* mkdefaults: Fix generation of entries with NULL descriptions.
2001-12-09 00:27 millert
* tgetpass.c: Use sigaction_t and quiet a gcc warning.
2001-12-09 00:20 millert
* sudo.c: Must reset signal handlers before we exec
2001-12-09 00:16 millert
* auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sudo_auth.c: Be
carefule now that tgetpass() can return NULL (user hit ^C). PAM
version needs testing. Set SIGTSTP to SIG_DFL during password
entry so user can suspend us.
2001-12-09 00:14 millert
* tgetpass.c: Add support for interrupting/suspending tgetpass via
keyboard input. If you suspend sudo from the password prompt and
resume it will re-prompt you.
2001-12-09 00:09 millert
* sudo.c: Don't block keyboard interrupt signals, just set them to
SIG_IGN.
2001-12-08 14:48 millert
* config.h.in: add back HAVE_SIGACTION
2001-12-08 14:44 millert
* configure: regen
2001-12-08 14:44 millert
* config.h.in, configure.in, logging.c, sudo.c, visudo.c: Kill
POSIX_SIGNALS define and old signal support now that we emulate
POSIX ones Also be sure to correctly initialize struct sigaction.
2001-12-08 14:42 millert
* strerror.c: Don't need config.h or "#ifndef HAVE_STRERROR"
wrapper.
2001-12-08 14:39 millert
* compat.h: Add scaffolding for POSIX signal emulation
2001-12-08 14:36 millert
* sigaction.c: o Add missing ';' so this compiles o Can't use NULL
since we don't include stdio.h
2001-12-08 14:23 millert
* sigaction.c: Emulate sigaction() using sigvec()
2001-11-12 19:32 millert
* sudoers.pod: Document new behavior of negative values of
timestamp_timeout Fix a typo
2001-11-12 19:31 millert
* sudo.pod: Add security note about command not being logged after
'sudo su' and friends.
2001-11-12 19:19 millert
* sudo.pod: Mention that -V prints default values when run as root,
including the list of environment variables to clear.
2001-11-12 19:14 millert
* Makefile.in: Run pod2man with --quotes=none to avoid stupid
quoting of C<> entries.
2001-11-12 13:12 millert
* def_data.c, def_data.h, def_data.in, sudoers.pod,
auth/sudo_auth.c: Add mail_badpass option Also modify mail_always
behavior to also send mail when the password is wrong
2001-11-12 13:08 millert
* env.c, sudo.c, sudo.h: Dump default bad env table when 'sudo -V'
is run by root.
2001-11-11 23:52 millert
* sudoers.pod: document env_delete
2001-11-11 23:51 millert
* env.c: Add support for '*' in env_keep when not resetting the
environment (ie: the normal case).
2001-11-11 23:47 millert
* env.c: Add env_delete variable that lets the user replace/add to
the bad_env_table. Allow '*' wildcard in env_keep entries.
2001-11-06 13:59 millert
* mkinstalldirs: Force umask to 022 to guarantee sane directory
permissions.
2001-11-02 18:09 millert
* Makefile.in: add sudo.tab.h and sudo.tab.c to sudo.tab.o
dependency
2001-11-02 17:25 millert
* mkdefaults: fix breakage in last commit
2001-11-02 17:18 millert
* Makefile.in: acsite.m4 -> aclocal.m4
2001-11-02 15:59 millert
* check.c: fix I_TS_TIMEOUT vs. I_TIMESTAMP_TIMEOUT pasto in
previous commit
2001-11-02 15:57 millert
* def_data.c: regenerated from def_data.in
2001-11-02 15:56 millert
* check.c, defaults.c, defaults.h: Add new T_UINT type that most
things use instead of T_INT If timestamp_timeout is < 0 then
treat the ticket as never expiring (to be expired manually by the
user).
2001-11-02 15:51 millert
* def_data.in: change most T_INT -> T_UINT
2001-11-02 15:51 millert
* mkdefaults: fix warning when no args
2001-11-02 12:52 millert
* visudo.c: Change 2 Exit() -> exit() Avoid stdio in Exit() and
call _exit() if we are a signal handler. We no longer print the
signal number but the user can just check the exit value for
that.
2001-10-16 01:35 millert
* logging.c: when setting up pipes in child process check for case
where stdin == pipe fd 0
2001-10-11 13:20 millert
* visudo.c: Ignore editor exit value since XPG4 says vi's exit
value is the count of editing errors made (failed searches, etc).
2001-10-05 16:39 millert
* configure: regen
2001-10-05 16:39 millert
* configure.in: sco now is identified by config.guess as *-sco-*
2001-10-05 16:24 millert
* configure.in: Check for getspnam() in -lgen if not in -lc for
UnixWare.
2001-09-17 21:48 millert
* sudoers.pod, visudo.pod: "upper case" -> "uppercase"
2001-09-17 21:32 millert
* sudoers.pod: fix typos and grammar; pjanzen@foatdi.harvard.edu
2001-08-28 10:26 millert
* sudoers.pod: Missing word (specify); krapht@secureops.com
2001-08-23 17:43 millert
* sudo.c: If we fail to lookup a login class, apply the default
one.
2001-08-23 17:42 millert
* logging.c: In log_error() free message, not logline
unconditionally, then free logline if it is not the same as
message. No function change but this mirrors how they are
allocated.
2001-07-16 23:33 millert
* configure: regenerate
2001-07-16 23:33 millert
* configure.in: remove some backslash quotes that are unneeded
2001-07-16 23:30 millert
* configure.in: o Tweaks to make this work with autoconf-2.50 o Use
AC_LIBOBJ instead of changing LIBOBJS directly o Use
AC_REPLACE_FUNCS where we can o Use AC_CHECK_FUNCS instead of
AC_CHECK_FUNC so we don't have to AC_DEFINE things manually.
2001-07-16 23:28 millert
* config.guess, config.sub: Updated from autoconf-2.50
2001-05-22 19:11 millert
* README: Update mailing list section. We use mailman now, not
majordomo.
2001-05-10 14:55 millert
* getspwuid.c, logging.c, sudo.c: Use setpwent()/endpwent() + all
the shadow variants to make sure we don't inadvertantly leak an
fd to the child. Apparently Linux's shadow routines leave the fd
open even if you don't call setspent(). Reported by
mike@gistnet.com; different patch used.
2001-04-12 21:43 millert
* sudoers.pod: s/eg./e.g./
2001-04-12 21:42 millert
* tgetpass.c: select() may return EAGAIN. If so, continue like we
do for EINTR.
2001-04-12 21:41 millert
* logging.c: Fix a non-exploitable buffer overflow in the word
splitting code. This should really be rewritten.
2001-04-12 21:41 millert
* Makefile.in: FAQ link goes away
2001-04-12 21:40 millert
* INSTALL: Tell people to look in sample.syslog.conf for examples,
not FAQ
2001-04-12 21:40 millert
* TROUBLESHOOTING: Update list of env vars that are cleared
2001-04-12 21:36 millert
* sudo.c: remove struct env_table decl since that stuff has all
moved to env.c
2001-04-04 13:17 millert
* fileops.c: Fix a pasto in flock-style unlocking and include
<sys/file.h> for flock on older systems; twetzel@gwdg.de
2001-04-04 13:14 millert
* configure: regen to get NeXT lockf/flock fix
2001-04-04 13:14 millert
* configure.in: force NeXT to use flock since lockf is broken
2001-03-30 08:54 millert
* check.c: Use stashed user_gid when checking against exempt gid
since sudo sets its gid to a a value that makes sudoers readable.
Previously if you used gid 0 as the exempt group everyone would
be exempt. From Paul Kranenburg <pk@cs.few.eur.nl>
2001-03-29 13:14 millert
* configure: regen
2001-03-29 13:08 millert
* aclocal.m4: #include stdio.h in SUDO_CHECK_TYPE since IRIX 6
aparently defines some types (such as ssize_t) therein.
2001-03-02 09:09 millert
* defaults.c: Fix negation of paths in a boolean context. Problem
found by apt@UH.EDU
2001-02-23 13:03 millert
* visudo.c: pasto
2001-02-17 16:11 millert
* visudo.c: SA_RESETHAND means the opposite of what I was
thinking--oops To block all signals in old-style signals use ~0,
not 0xffffffff
2001-02-04 11:16 millert
* defaults.c: coerce difference of pointers to int when used in a
string length printf format; deraadt@openbsd.org
2001-01-17 11:34 millert
* visudo.c: Block all signals in Exit() to avoid a signal race.
There is still a tiny window but I'm not going to worry about it.
2001-01-07 13:57 millert
* env.c: glibc uses the LANGUAGE env var so clear that too; Solar
Designer
2001-01-07 13:55 millert
* lex.yy.c: Regenerate with a fix to flex.skl that preserves errno
from clobbering by isatty().
2000-12-30 20:39 millert
* auth/: aix_auth.c, bsdauth.c, fwtk.c, pam.c, sia.c, sudo_auth.c:
Some defaults I_ defines got renamed.
2000-12-30 20:38 millert
* Makefile.in, check.c, def_data.c, def_data.h, def_data.in,
defaults.c, defaults.h, env.c, logging.c, mkdefaults, parse.yacc,
set_perms.c, sudo.c: Move defaults info into its own files from
which we generate .h and .c files. This makes adding or
rearranging variables much simpler.
2000-12-30 16:58 millert
* configure, configure.in: fix typo in last commit
2000-12-30 16:55 millert
* compat.h, config.h.in, configure, configure.in: Add check +
emulation for setegid (like seteuid).
2000-12-30 16:22 millert
* env.c: Make env_keep override badenv_table as documented Fix
traversal of badenv_table (broken in last commit)
2000-12-29 22:59 millert
* set_perms.c, sudo.c, sudo.h: Don't try and build saved uid
version of set_perms on systems w/o them. Rename
set_perms_saved_uid() -> set_perms_posix() Make
set_perms_setreuid simply be set_perms_fallback() and simply
include the appropriate function at compile time (setreuid()
vs. setuid()).
2000-12-29 22:45 millert
* sudoers.pod, sudoers.cat, sudoers.man.in: PATH is also preserved
when env_reset is in effect
2000-12-29 22:29 millert
* CHANGES, env.c, Makefile.in, check.c, compat.h, config.h.in,
configure, configure.in, defaults.c, defaults.h, find_path.c,
getspwuid.c, set_perms.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod,
testsudoers.c, visudo.c, visudo.cat, visudo.man.in: New Defaults
options: o stay_setuid - sudo will remain setuid if system has
saved uids or setreuid(2) o env_reset - reset the environment to
a sane default o env_keep - preserve environment variables that
would otherwise be cleared
No longer use getenv/putenv/setenv functions--do environment
munging by hand. Potentially dangerous environment variables can
be cleared only if they contain '/' pr '%' characters to protect
buggy programs. Moved environment routines into env.c (new file)
2000-12-29 22:17 millert
* INSTALL: Clear up --without-passwd description
2000-12-29 19:39 millert
* sudo_setenv.c, putenv.c: We now build up a new environment from
scratch and assign it to "environ".
2000-12-18 22:35 millert
* sudo.pod, visudo.pod: Grammatical fixes from Paul Janzen
2000-12-14 23:19 millert
* visudo.c: If there was a syntax error and the user just wants to
quit, unlink sudoers if it is zero length.
2000-12-14 23:10 millert
* visudo.c: 'Q' means ignore parse error, not 'q'
2000-12-14 22:57 millert
* visudo.c: Open sudoers for writing with mode SUDOERS_MODE From
Dimitry Andric <dim@xs4all.nl>
2000-12-13 12:23 millert
* set_perms.c: Add missing #ifdef HAVE_LOGIN_CAP_H;
ayamura@ayamura.org
2000-12-09 11:46 millert
* config.guess, config.sub: Darwin / Mac OS X support from Wilfredo
Sanchez <wsanchez@apple.com>
2000-11-03 09:36 millert
* sudo.c, visudo.c: Use exit(127), not exit(-1)
2000-11-03 00:37 millert
* defaults.h, set_perms.c, sudo.c, Makefile.in, defaults.c: Move
set_perms() to its own file and use POSIX saved uid or setreuid()
if available.
Added stay_setuid option for systems that have libraries that
perform extra paranoia checks in system libraries for setuid
programs (ie: anything with issetugid(2)).
2000-11-02 20:28 millert
* sudo.c: strip more bits from the environment and add a facility
for stripping things only if they contain '/' or '%' to address
printf format string vulnerabilities in other programs.
2000-11-02 12:55 millert
* configure: regen
2000-11-02 12:55 millert
* configure.in: For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache
the existence of strcasecmp().
2000-11-02 12:46 millert
* configure: regen
2000-11-02 12:46 millert
* configure.in: Check for strcasecmp(3) in -lc89 for NCR Unix
2000-11-01 10:22 millert
* config.h.in: Define HAVE_INNETGR #ifdef HAVE__INNETGR
2000-11-01 10:17 millert
* configure: regen
2000-11-01 10:17 millert
* compat.h, config.h.in, configure.in: Add check for _innetgr(3)
since NCR systems have that instead of innetgr(3).
2000-10-31 14:16 millert
* auth/securid.c: check return value of creadcfg() call sd_close()
after sd_auth() store username in sd->username so we don't rely
on the USER env variable
2000-10-29 23:00 millert
* INSTALL: document --with-bsdauth
2000-10-29 22:57 millert
* configure: regen
2000-10-29 22:56 millert
* configure.in: --with-bsdauth assumes --with-logincap
2000-10-29 22:45 millert
* auth/: bsdauth.c, fwtk.c: When prompting for a response to a
challenge, if the user just hits return then reprompt with echo
turned on.
2000-10-29 17:31 millert
* sudo.c: Remove debugging code that should not have been
committed, oops.
2000-10-29 17:31 millert
* auth/bsdauth.c: Use lower-level routines and get the password
ourselves. Checks for a challenge and if there is one echo is
not turned off.
2000-10-29 17:30 millert
* auth/: pam.c, sudo_auth.h: minor housekeeping, no real code
changes
2000-10-27 18:41 millert
* sudo.c: Fix a coredump in the logging functions if gethostname(2)
fails by deferring the call to log_error() until things are
better setup.
Fix return value of set_loginclass() in non-BSD-auth case.
Hard-code 'sudo' in the usage message so we can fit more options
on a line
2000-10-27 18:35 millert
* logging.c: Fix errant ';' (typo) that broken MSG_ONLY
2000-10-26 13:03 millert
* sudo.cat, sudo.man.in: regen
2000-10-26 13:01 millert
* sudo.pod: Document -a flag
2000-10-26 12:42 millert
* Makefile.in, config.h.in, configure, configure.in, getspwuid.c,
sudo.c, auth/sudo_auth.h, auth/bsdauth.c: Add support for BSD
authentication.
2000-10-19 10:09 millert
* sudoers.pod: Fix typo; from sato@complex.eng.hokudai.ac.jp
2000-10-12 09:49 millert
* sudoers.pod: Mention negating umask
2000-10-12 01:30 millert
* defaults.c: Allow user to specify umask of 0777 (same as !umask)
2000-10-08 21:46 millert
* sudo.pod, visudo.pod: Fix a typo and give a URL for the sudo
history.
2000-10-08 12:25 millert
* defaults.c, sudo.pod: fix typos; pepper@reppep.com
2000-09-14 16:48 millert
* sudo.c, sudo.h, sudo_setenv.c: sudo_setenv() now exits on memory
alloc failure instead of returning -1.
2000-09-07 17:41 millert
* sudo.c: Strip out NLSPATH and PATH_LOCALE from the environment
for FreeBSD and possibly others.
2000-09-07 10:43 millert
* logging.c: Don't use vsyslog(3) since HP-UX (and others?) lack
it. This means that "%m" won't be expanded but we don't use that
anyway since the logging routines may splat to stderr as well.
2000-09-06 21:35 millert
* defaults.c, defaults.h, sudo.c, sudoers.cat, sudoers.man.in,
sudoers.pod: Add always_set_home variable
2000-09-06 21:24 millert
* configure, configure.in: Have to hard code default values in help
since the defaults are set _after_ the help stuff.
2000-08-31 13:08 millert
* lex.yy.c, parse.lex: Allow special characters (including '#') to
be embedded in pathnames if quoted by a '\\'. The quoted chars
will be dealt with by fnmatch(). Unfortunately, 'sudo -l' still
prints the '\\'.
2000-08-13 17:10 millert
* install-sh: Better path searching for programs we need.
2000-08-13 17:10 millert
* TROUBLESHOOTING: Add section on "C compiler cannot create
executables" errors.
2000-08-13 17:10 millert
* Makefile.binary, Makefile.in, version.h: Crank version
2000-08-13 17:09 millert
* aclocal.m4, configure, configure.in, sudo.cat, sudo.man.in,
sudo.pod, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.cat,
visudo.man.in, visudo.pod: Substitute values from configure into
man pages.
2000-08-12 16:48 millert
* parse.c, sudo.c: The listpw and verifypw sudoers options would
not take effect because the value of the default was checked
*before* sudoers was parsed. Instead of passing in the value of
PWCHECK_* to sudoers_lookup(), pass in the arg for def_ival() so
the check can be deferred until after sudoers is parsed.
2000-08-11 15:41 millert
* tgetpass.c: When writing prompt, no need to write the NUL as
well; hag@linnaean.org
2000-06-09 12:25 millert
* install-sh: When looking for chown, check in /sbin too
2000-06-04 22:57 millert
* visudo.c: Remove extraneous call to init_defaults() and set
runas_user to NULL betweem parses so init_defaults will reset it
each time, thus avoiding a reference to free()d data.
2000-06-04 19:57 millert
* config.h.in, interfaces.c, interfaces.h, sudo.c: Add support for
using getifaddrs() to get the list of ip addr / netmask pairs.
Currently IPv4-only.
2000-06-04 19:51 millert
* visudo.c: Add a missing check for UserEditor == NULL Add missing
'+' before line number when invoking editor to fix a syntax error
2000-05-12 16:55 millert
* sudo.c: Call clean_env very early in main() for paranoia's sake.
Idea from Marc Esipovich.
2000-05-10 01:11 millert
* sudo.h: Update proto for evasprintf and easprintf
2000-05-10 01:10 millert
* alloc.c: Make easprintf() and evasprintf() return an int.
2000-05-10 00:56 millert
* check.c: If the targetpw flag is set, use target username as part
of the timestamp path. If tty tickets are in effect cat the tty
and the target username with a ':' as the separator.
2000-05-09 12:05 millert
* auth/pam.c: Backout part of last change; setting PAM_USER to the
invoking user breaks things like targetpw.
2000-05-09 11:52 millert
* auth/pam.c: set tty and username via pam_set_item
2000-05-09 11:42 millert
* check.c, getspwuid.c, sudo.c, sudo.h, auth/sudo_auth.c: Fix root,
runas, and target authentication for non-passwd file auth
methods.
2000-04-22 14:15 millert
* sudo.pod, sudo.man.in, sudoers.man.in, sudoers.pod, visudo.pod,
sudo.cat, sudoers.cat, visudo.man.in, visudo.cat: Use B<-Z> not
C<-Z> for command line flags in all places. This is more
consistent and works around a bug in Pod::Man.
2000-04-22 13:59 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: Fix an occurence of
'semicolon' that should be 'colon'
2000-04-19 15:30 millert
* configure, configure.in: Fix --with-badpri help line
2000-04-17 14:01 millert
* defaults.c, logging.c, sudo.c: Bracket calls to syslog with an
openlog() and closelog() since some authentication methods (like
PAM) may do their own logging via syslog. Since we don't use
syslog much (usually just once per session) this doesn't really
incur a performance penalty. It also Fixes a SEGV with pam_kafs.
2000-04-15 16:32 millert
* sudo.c: Fix -H flag. runas_homedir is only valid after
set_perms(PERM_RUNAS, mode)
2000-04-12 18:56 millert
* INSTALL: Clarify the fact that insults are not enabled just by
including them in the binary.
2000-04-07 10:39 millert
* sudo.man.in, sudoers.man.in, visudo.man.in, sudo.cat,
sudoers.cat, visudo.cat: Regenerated with perl 5.6.0 pod2man
2000-04-07 10:38 millert
* Makefile.in: Give date string to pod2man since its default is
ugly and it ain't got no alibi.
2000-04-07 10:27 millert
* Makefile.in: Do section substitution on the output of pod2man and
remove hack needed for old pod2man.
2000-04-07 10:26 millert
* sudo.pod, sudoers.pod, visudo.pod: Put back real man sections, we
will do the substitution later.
2000-04-02 11:44 millert
* configure, configure.in: Don't bother checking for the path to vi
if user specified --with-editor
2000-04-01 17:25 millert
* CHANGES, visudo.c: Visudo now does its own fork/exec instead of
calling system(3).
2000-04-01 16:23 millert
* CHANGES, INSTALL, Makefile.in, sudoers.cat, sudoers.man.in,
sudoers.pod, visudo.c: Visudo now checks for the existence of an
editor and gives a sensible error if it does not exist.
The path to the editor for visudo is now a colon-separated list
of allowable editors. If the user has $EDITOR set and it matches
one of the allowed editors that editor will be used. If not, the
first editor in the list that actually exists is used.
2000-04-01 16:22 millert
* sudo.pod, sudo.cat, sudo.man.in: Clear up confusion wrt sudo's
return value.
2000-03-27 12:08 millert
* Makefile.in: Strip sudo and visudo for bindist target
2000-03-26 22:26 millert
* sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
sudoers.pod, visudo.cat, visudo.man.in, visudo.pod: Use
@mansectsu@ and @mansectform@ in the man page bodies as well.
2000-03-26 22:07 millert
* visudo.cat, visudo.man.in, visudo.pod: Typo: @sysconf@ ->
@sysconfdir@
2000-03-26 21:57 millert
* Makefile.in: 'make dist' should not cause any files to be
modified so remove its dependencies.
2000-03-26 21:43 millert
* CHANGES: Whoops, forgot to add release marker
2000-03-26 11:57 millert
* CHANGES: Final change for 1.6.3 (or so I hope)
2000-03-26 11:57 millert
* sudo.cat, sudoers.cat, visudo.cat: Use SYSV man sections since
BSD systems will have nroff...
2000-03-24 18:58 millert
* parse.yacc: When checking to see if the host/user matches in a
defaults spec, check against TRUE, not just non-zero since it
might be -1.
2000-03-24 15:14 millert
* configure.in, configure: OSF/1 puts file formats in section 4,
not 5.
2000-03-24 15:13 millert
* CHANGES, INSTALL, sudo.c: Make login class support work on BSD/OS
2000-03-23 20:24 millert
* RUNSON: Update for 1.6.3
2000-03-23 20:23 millert
* configure, configure.in: If there is no inet_addr but there *is*
an __inet_addr that's ok since inet_addr is probably just a macro
then. The better thing to do would be to look for the macro, but
this is fine for now.
2000-03-23 19:50 millert
* configure, configure.in: Don't use shlicc for BSD/OS 4.x
2000-03-23 19:40 millert
* Makefile.in, configure, configure.in: *.man lives in cwd, *.cat
lives in $(srcdir), add a @mansrcdir@ configure variable so we
can deal with this. Also, only remove *.man for 'distclean' not
'clean'.
2000-03-23 19:16 millert
* sudo.c: set_loginclass() should be static like the proto says
2000-03-23 14:14 millert
* fnmatch.c: Add #ifdef __STDC__ around the rangematch function
header to avoid promotion of test to int, thus violating the
prototype. Gcc handles this gracefully but more std ANSI
compilers will complain.
2000-03-23 10:11 millert
* emul/fnmatch.h: Pull in newer fnmatch(3) that supports
FNM_CASEFOLD
2000-03-23 10:11 millert
* aclocal.m4, configure, fnmatch.3, fnmatch.c: Pull in newer
fnmatch(3) that supports FNM_CASEFOLD Check for FNM_CASEFOLD in
configure
2000-03-22 23:41 millert
* CHANGES, TODO: update for 1.6.3
2000-03-22 23:38 millert
* lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc, sudo.tab.h,
testsudoers.c, visudo.c: Fully qualified hosts w/ wildcards were
not matching the FQHOST token type. There's really no need for a
separate token for fully-qualified vs. unqualified anymore so
FQHOST is now history and hostname_matches now decides which
hostname (short or long) to check based on whether or not the
pattern contains a '.'.
2000-03-22 23:09 millert
* parse.c, parse.h, parse.yacc, sudoers.pod, testsudoers.c,
visudo.c, sudoers.cat, sudoers.man.in: Add support for wildcards
in the hostname.
2000-03-22 22:50 millert
* Makefile.in: Add targets for *.man.in, using config.status to
generate *.man from *.man.in
2000-03-22 22:20 millert
* sudoers.cat, sudoers.man.in, sudoers.pod: Document set_logname
option and enbolden refs to sudo and visudo.
2000-03-22 19:35 millert
* INSTALL, Makefile.in, aclocal.m4, configure, configure.in,
sudo.cat, sudo.pod, sudo.man.in, sudoers.cat, sudoers.pod,
visudo.cat, visudo.pod, sudoers.man.in, visudo.man.in: Add
FreeBSD login.conf support (untested on BSD/OS) based on a patch
from Michael D. Marchionna. configure now does substitution on
the man pages, allowing us to fix up the paths and set the
section correctly. Based on an idea from Michael D. Marchionna.
2000-03-22 19:27 millert
* auth/passwd.c: Better fix for handling HP-UX aging info.
2000-03-22 19:20 millert
* sudo.c: Add support for set_logname run-time default
2000-03-22 19:17 millert
* sudo.man.in, sudoers.man.in, visudo.man.in: configure does
substitution on these to produce *.man
2000-03-22 19:16 millert
* sudo.man, sudoers.man, visudo.man: These files now get generated
from *.man.in at configure time.
2000-03-22 18:40 millert
* defaults.c, defaults.h: Add set_logname option so users can turn
off setting of LOGNAME/USER environment variables.
2000-03-22 10:53 millert
* testsudoers.c, lsearch.c, parse.c: kill register
2000-03-13 15:52 millert
* auth/passwd.c: HP-UX adds extra info at the end for password
aging so when comparing the result of crypt to pw_passwd we only
compare the first len(epass) bytes *unless* the user entered an
empty string for a password.
2000-03-13 11:05 millert
* logging.c: Get rid of grandchild hack, it was causing problems
and there is really no need for it. This fixes a bug where we
spin eating up CPU when the user runs a long-running process like
a shell.
2000-03-07 14:26 millert
* sudo.c: User can always specify a login class if he/she is
already root.
2000-03-06 23:29 millert
* config.h.in, configure, configure.in, defaults.c, defaults.h,
sudo.c, sudo.h: FreeBSD login class (login.conf) support.
2000-03-06 14:42 millert
* auth/sudo_auth.c: HAVE_SECUREWARE -> HAVE_GETPRPWNAM; fixes
secureware support
2000-03-03 18:04 millert
* auth/passwd.c: Truncate unencrypted password to 8 chars if
encrypted password is exactly 13 characters (indicateing standard
a DES password). Many versions of crypt() do this for you, but
not all (like HP-UX's).
2000-03-01 21:01 millert
* INSTALL, RUNSON: Mention that gcc on dynix may have problems
2000-02-29 17:46 millert
* Makefile.in: Link visudo with NET_LIBS since we now call syslog
via defaults.c
2000-02-29 17:41 millert
* defaults.c: Use Argv[0] as the first arg to openlog() since
visudo uses this too.
2000-02-28 18:58 millert
* sudo.c: Stash coredumpsize resource limit and retsore it before
the exec() Otherwise the child ends up with a coredumpsize of 0.
2000-02-26 22:56 millert
* sudo.cat, sudo.man, sudo.pod: document -S flag
2000-02-26 22:54 millert
* sudo.c: fix usage string
2000-02-26 22:48 millert
* CHANGES, RUNSON, TODO, sudo.c, sudo.h, tgetpass.c,
auth/aix_auth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c: Added
-S flag (read passwd from stdin) and tgetpass_flags global that
holds flags to be passed in to tgetpass(). Change echo_off param
to tgetpass() into a flags field. There are currently 2 possible
flags for tgetpass(): TGP_ECHO and TGP_STDIN. In tgetpass(),
abstract the echo set/clear via macros and if (flags & TGP_ECHO)
but echo is not set on the terminal, but sure to set it.
2000-02-26 22:11 millert
* tgetpass.c: Fixed a bug that caused an infinite loop when the
password timeout was disabled.
2000-02-18 12:56 millert
* CHANGES, defaults.c, defaults.h, getspwuid.c, sudo.c, sudo.h,
sudoers.cat, sudoers.man, sudoers.pod, visudo.c: Add rootpw,
runaspw, and targetpw options.
2000-02-18 12:11 millert
* CHANGES, defaults.c, sudoers.cat, sudoers.man, sudoers.pod,
visudo.c: enveditor -> env_editor
2000-02-15 19:07 millert
* BUGS, INSTALL, Makefile.in, README, configure, configure.in,
sudo.cat, sudo.man, sudoers.cat, sudoers.man, version.h,
visudo.cat, visudo.man: crank versino to 1.6.3
2000-02-15 19:03 millert
* INSTALL, TODO, defaults.c, defaults.h, sudoers.cat, sudoers.man,
sudoers.pod, visudo.c: Add 'editor' and 'enveditor' sudoers
defaults and make visudo honor them. This means that visudo will
now parse the sudoers file *before* it is edited so a bogus
sudoers file will cause a warning to go to stderr. Also, visudo
checks the variables once--it does not check them after each
editor run since that could be confusing.
2000-02-15 18:49 millert
* RUNSON: 1.6.2 -> 1.6.2p1
2000-02-15 18:36 millert
* check.c, sudo.c, sudo.h: Move user_is_exempt prototype into
sudo.h
2000-02-13 13:38 millert
* configure, configure.in: Fix thinko, some && should have been ||
in the last commit
2000-02-13 13:28 millert
* configure, configure.in: Don't initialized Makefile variables to
be NULL since the user may want to import variables from their
environment.
2000-02-03 21:09 millert
* configure, configure.in: typo
2000-01-27 15:01 millert
* INSTALL, RUNSON, configure, configure.in: Make pam work on HP-UX
11.0;jaearick@colby.edu
2000-01-27 15:01 millert
* CHANGES: recent changes; prepare for 1.6.2p1
2000-01-26 23:31 millert
* find_path.c: Don't apply SECURE_PATH if user is example;
jmknoble@pobox.com
2000-01-26 16:21 millert
* sudoers.cat, sudoers.man, sudoers.pod: Expanded docs on sudoers
'defaults' options based on INSTALL file info.
2000-01-26 16:21 millert
* INSTALL: Fix some while lies
2000-01-24 10:48 millert
* Makefile.in: When making a bindist, link FAQ to TROUBLESHOOTING
instead of copying.
2000-01-23 22:57 millert
* sudoers.cat, sudoers.man, sudoers.pod: Add netgroup caveat
2000-01-23 22:42 millert
* RUNSON: Last minute updates
2000-01-23 22:26 millert
* TROUBLESHOOTING: PAM entry
2000-01-23 22:23 millert
* auth/pam.c: correct a comment
2000-01-23 22:03 millert
* CHANGES, RUNSON: update for 1.6.2
2000-01-23 21:59 millert
* auth/pam.c: Better detection of PAM errors and fix custom prompts
with PAM. Based on patches from "Cloyce D. Spradling"
<cloyce@headgear.org>
2000-01-20 11:15 millert
* snprintf.c: Cast ULONG_MAX to unsigned long long when comparing
to an unsigned long long value.
2000-01-19 14:07 millert
* CHANGES, config.h.in, configure, configure.in, visudo.c: Fix
sudoers locking in visudo. We now lock the sudoers file itself,
not the temp file (since locking the temp file can foul up
editors). The previous locking scheme didn't work because the fd
was closed too early.
2000-01-19 13:37 millert
* configure, config.h.in, configure.in: Don't need test for
ftruncate() any more.
2000-01-18 21:23 millert
* configure, configure.in: Add a test for the -Aa flag w/ HP-UX's
cc. Fixes compilation with the unbundled HP-UX cc.
2000-01-18 17:00 millert
* sudoers.cat, sudoers.man, sudoers.pod: "a a" -> "a"; Aaron
Campbell <aaron@cs.dal.ca>
2000-01-17 18:46 millert
* LICENSE, Makefile.in, defaults.c, defaults.h, parse.c, parse.h,
parse.yacc, sudo.c, sudo.h, sudoers.pod, testsudoers.c,
tgetpass.c, version.h, visudo.c: update copyright year on changed
files
2000-01-17 18:45 millert
* RUNSON: updates
2000-01-17 18:45 millert
* CHANGES: aix fix
2000-01-17 18:42 millert
* INSTALL: Crank version to 1.6.2
2000-01-17 18:11 millert
* configure: Crank version to 1.6.2
2000-01-17 17:46 millert
* sudo.c: When using rlimit check for RLIM_INFINITY When computing
the value of maxfd, use min(getdtablesize(), RLIMIT_NOFILE)
2000-01-17 12:32 millert
* CHANGES: recent changes
2000-01-17 12:28 millert
* BUGS, Makefile.in, README, configure.in, sudo.cat, sudo.man,
sudoers.cat, sudoers.man, version.h, visudo.cat, visudo.man:
Crank version to 1.6.2
2000-01-17 12:25 millert
* INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.pod: Add
'shell_noargs' runtime option back in. We have to defer checking
until after the sudoers file has been parsed but since there are
now other options that operate that way this one can too. Based
on a patch from bguillory@email.com.
2000-01-16 23:05 millert
* defaults.c, defaults.h, parse.c, sudo.c, sudo.h: Add "listpw" and
"verifypw" options.
2000-01-16 22:57 millert
* sudoers.cat, sudoers.man, sudoers.pod: o Fix some typos/omissions
o Add section on verifypw and listpw o Define how NOPASSWD
interacts with the -v and -l flags
2000-01-14 12:39 millert
* configure, configure.in: For HP-UX cc, add -Aa to CPPFLAGS. For
HP-UX always add -D_HPUX_SOURCE to CPPFLAGS.
2000-01-14 12:29 millert
* defaults.c, defaults.h: In struct sudo_defs_types, move the union
to the end and don't initialize the union member since that only
works with an ANSI compiler. We set the value of the union by
hand in init_defaults() anyway. This allows sudo to compile on a
K&R compiler again.
2000-01-11 13:20 millert
* parse.c, parse.h, parse.yacc, testsudoers.c, visudo.c:
netgr_matches needs to check shost as well as host since they may
be different.
2000-01-11 13:17 millert
* tgetpass.c: End on \r as well as \n
2000-01-02 23:53 millert
* sudo.c: Update statbuf.st_mode based on SUDOERS_MODE when we are
chaning from 0400 to whatever SUDOERS_MODE is (converting from
the old sudoers mode). Assumes that SUDOERS_MODE is less
restrictive than 0400 which should always be the case.
2000-01-02 23:43 millert
* parse.c, parse.yacc, sudo.c, sudo.h: Make treatment of -l and -v
sane wrt NOPASSWD flags. Now allow -l w/o a passwd if there is
*any* entry for the user on the host with a NOPASSWD flag. For
-v, only allow w/o a passwd if *all* entries for the user on the
host w/ the specified runas user have the NOPASSWD flag set.
2000-01-02 23:26 millert
* Makefile.in: add check target
1999-12-16 13:02 millert
* visudo.c: Treat EOF at whatnow prompt like 'x' instead of
looping.
1999-12-10 00:09 millert
* CHANGES: recent changes
1999-12-08 23:04 millert
* config.h.in, configure, configure.in, sudo.c: Add check for
initgroups() since old SYSV lacks this.
1999-12-08 22:54 millert
* CHANGES, RUNSON, aclocal.m4, config.h.in, configure,
configure.in, parse.c, testsudoers.c: o Kill HAVE_FNMATCH_H o
Only define HAVE_FNMATCH if <fnmatch.h> exists.
1999-12-06 01:47 millert
* CHANGES, RUNSON, insults.h, auth/sudo_auth.c: Don't allow insults
to be enabled if the insults[] array is empty. Otherwise there
would be division by zero.
1999-12-06 01:25 millert
* insults.h: Don't care about USE_INSULTS #define since the insult
stuff may be overridden at runtime.
1999-12-06 01:23 millert
* auth/sudo_auth.c: Honor insults flag.
1999-12-05 19:14 millert
* CHANGES, parse.c: Don't ask the user for a password if the user
is not allowed to run the command and the authenticate flag (in
sudoers) is false.
1999-12-05 19:05 millert
* CHANGES, RUNSON, lex.yy.c, parse.lex: o Whenever we get a bare
newline we change to the INITIAL state. o Enter GOTRUNAS when we
see Runas_Alias
This allows #uid to work in a RunasAlias.
1999-12-05 14:06 millert
* CHANGES, parse.yacc: fix parsing of runas lists: o oprunasuser
and runaslist now return a value o in a runasspec, if a runaslist
does not return TRUE, set runas_matches to FALSE. Normally, a
runaslist only returns FALSE for explicitly denied users. o
since runaslist does not modify the stack there is no need for a
push/pop in runasalias.
1999-12-04 21:54 millert
* check.c, sudo.c: Don't kill the user's tickets until after
sudoers has been parsed since tty_tickets and ticket_dir could be
set in sudoers.
1999-12-04 21:18 millert
* BUGS, CHANGES, Makefile.binary, Makefile.in, README, RUNSON,
configure, configure.in, sudo.cat, sudo.man, sudoers.cat,
sudoers.man, tgetpass.c, version.h, visudo.cat, visudo.man: crank
version to 1.6
1999-12-04 21:18 millert
* testsudoers.c: add set_fqdn() stub
1999-12-02 15:31 millert
* INSTALL, defaults.c, defaults.h, sudo.c, sudo.h, sudoers.cat,
sudoers.man, sudoers.pod, visudo.c: o Kill shell_noargs option,
it cannot work since the command needs to be set before sudoers
is parsed. o Fix the "set_home" sudoers option (only worked at
compile time). o Fix "fqdn" sudoers option. We now set
host/shost via set_fqdn which gets called when the "fqdn"
option is set in sudoers. o Move the openlog() to
store_syslogfac() so this gets overridden correctly from the
sudoers file.
1999-12-02 15:21 millert
* auth/securid.c: SecurID support should compile now.
1999-11-28 20:56 millert
* sudo.pod, visudo.pod, sudo.cat, sudo.man, sudoers.man,
visudo.man, sudoers.cat, visudo.cat: fix some syntactic goofs
1999-11-28 18:51 millert
* sudo.html, sudoers.html, Makefile.in, visudo.html: No longer need
the .html files as they are generated automatically on the web
site.
1999-11-28 18:49 millert
* CHANGES, LICENSE: kill characters that made wml unhappy
1999-11-28 18:34 millert
* HISTORY: typo
1999-11-25 12:05 millert
* README: majordomo@cs.colorado.edu -> majordomo@courtesan.com
1999-11-24 19:43 millert
* Makefile.in, configure: Wrap script execution w/ /bin/sh for the
benefit of ctm
1999-11-23 22:52 millert
* sudo.c: Make the -s flag be exclusive too. Also reorder the
flags in the exclusive usage message so they are alphabetical.
1999-11-23 13:27 millert
* auth/pam.c: make pam errors other than PAM_PERM_DENIED fatal
1999-11-23 13:07 millert
* auth/API: fix typo
1999-11-23 13:07 millert
* INSTALL: make it clear that /etc/pam.d/sudo is required on linux
1999-11-23 13:06 millert
* auth/pam.c: fix a warning on redhat and spew an error if
pam_authenticate() returns an error other than AUTH_SUCCESS or
PAM_PERM_DENIED
1999-11-23 00:43 millert
* sudo.cat, sudo.html, sudo.man, sudo.pod: Be very clear that the
password required is the user's not root's
1999-11-19 21:04 millert
* Makefile.in: add sample.syslog.conf to DISTFILES and BINFILES
1999-11-18 19:13 millert
* RUNSON: updates from Brian Jackson + some formatting
1999-11-17 21:39 millert
* INSTALL.binary, Makefile.binary, README, RUNSON: o One RUNSon
update o Changes for automating real binary releases
1999-11-17 21:38 millert
* Makefile.in: Add bindist target
1999-11-16 16:26 millert
* TROUBLESHOOTING: talk about run-time options in addition to
compile-time options
1999-11-16 01:16 millert
* CHANGES: fix typos
1999-11-16 01:09 millert
* sudo.c: need sys/time.h if HAVE_SETRLIMIT
1999-11-16 00:42 millert
* PORTING, README, RUNSON, sudo.c, sudo.cat, sudo.html, sudo.man,
sudo.pod, visudo.cat, visudo.html, visudo.man, visudo.pod: get
rid of references to sudo-bugs. Now mention the web site or the
sudo@ alias
1999-11-16 00:35 millert
* sudoers.html: repair pod2html damage
1999-11-16 00:28 millert
* RUNSON, TODO: Update for 1.6 release
1999-11-16 00:23 millert
* sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Add warning
about using ALL in a command context.
1999-11-09 15:12 millert
* visudo.c: Call yyrestart() on a parse error to reset the lexer
state.
1999-11-09 15:06 millert
* parse.lex, lex.yy.c: Don't need YY_FLUSH_BUFFER after all Move
yyrestart() into visudo.c since it might not get called in yywrap
if we get a parse error (and we only reread the file on error
anyway).
1999-11-09 14:32 millert
* parse.lex, lex.yy.c: Call YY_FLUSH_BUFFER macro in yywrap() to
clean up any buffers that might still exist. Call yyrestart()
instead of using the deprecated YY_NEW_FILE macro.
1999-11-09 12:13 millert
* lex.yy.c, parse.lex: flex doesn't need %N table size declarations
1999-11-08 19:00 millert
* sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: Mention what
characters need to be escaped in names.
1999-11-08 18:59 millert
* configure: regen
1999-11-08 18:59 millert
* INSTALL: clarify Mac OS X entry
1999-11-08 18:59 millert
* RUNSON: update
1999-11-08 17:45 millert
* configure.in: o Use AC_MSG_ERROR throughout o Check syslog
configure options for danity
1999-11-05 17:11 millert
* defaults.c: Fix printing of type T_MODE in dump_defaults()
1999-11-05 12:00 millert
* strcasecmp.c: missing sys/types.h
1999-11-05 00:42 millert
* INSTALL: Break out options that may be overridden at run time
into their own section. Add a not about Max OS X and correct
some lies.
1999-11-04 14:01 millert
* CHANGES, config.h.in, configure, configure.in, sudo.c: o Now use
getrlimit to find the highest fd when closing all non-std fd's o
Turn off core dumps via setrlimit for the sake of paranoia
1999-11-04 13:57 millert
* RUNSON: updates
1999-11-01 10:59 millert
* CHANGES: updates
1999-11-01 10:58 millert
* tgetpass.c: When read()'ing, do a single character at a time to
be sure we don't go oast the newline.
1999-11-01 10:43 millert
* sudo.c: For the sudo_root option, check against user_uid, not
getuid() since at this point, ruid == euid == 0.
1999-10-31 23:14 millert
* RUNSON: some updates
1999-10-31 23:14 millert
* logging.h: Fix compilation problem when --with-logging=file was
specified. This means that syslog is now required to build sudo
but that should not be a problem. If it is it can be fixed
trivially with a configure check for syslog() or syslog.h.
1999-10-31 23:00 millert
* tgetpass.c: Make this work again for things like "sudo echo hi |
more" where the tty gets put into character at a time mode. We
read until we read end of line or we run out of space (similar to
fgets(3)).
1999-10-20 11:23 millert
* sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: change ital
to bold
1999-10-20 11:23 millert
* RUNSON: update
1999-10-16 13:56 millert
* defaults.c: Error out if syslog parameters are given without a
value. For Ultrix or 4.2BSD "syslog" is allowed without a value
since there are no facilities in the 4.2BSD syslog.
1999-10-15 16:37 millert
* defaults.c: Ignore the syslog facility for systems w/ old syslog
like Ultrix.
1999-10-15 12:51 millert
* TROUBLESHOOTING: people with "." early in their path can have
problems running sudo from the build dir ;-)
1999-10-13 00:18 millert
* sudo.man, sudo.pod, sudo.cat, sudo.html: Remove -r realm option
1999-10-12 22:34 millert
* configure, configure.in, sudo.c, auth/kerb5.c, auth/sudo_auth.c,
auth/sudo_auth.h: New krb5 code from Frank Cusack
<fcusack@iconnet.net>.
1999-10-12 22:33 millert
* CHANGES: update to reality
1999-10-11 20:53 millert
* auth/fwtk.c: include <auth.h> to get function prototypes.
1999-10-11 20:05 millert
* sudo.cat, sudo.html, sudo.man, sudo.pod: document -L flag
1999-10-11 19:42 millert
* sudo.c: in set_perms(), always call setuid(0) before changing the
ruid/euid so we always know it will succeed.
1999-10-11 12:24 millert
* defaults.h: #undef T_FOO to avoid conflicts with system defines
(like on ULTRIX).
1999-10-11 11:55 millert
* TODO, sample.sudoers, sudoers.cat, sudoers.html, sudoers.man,
sudoers.pod: Docuement "Defaults" lines in /etc/sudoers. Still
needs some fleshing out but this is a start.
1999-10-10 17:21 millert
* defaults.c: use strtol, not strtoul since not everyone has not
strtoul
1999-10-10 15:01 millert
* lex.yy.c, parse.lex: last {WORD} rule should only apply in the
INITIAL state
1999-10-10 14:38 millert
* lex.yy.c, parse.lex: o Add support for escaped characters in the
WORD macro o Modify fill() to squash escape chars
1999-10-10 13:56 millert
* defaults.c, defaults.h: o Add T_PATH flag to allow simple sanity
checks for default values that are supposed to be pathnames. o
Fix a duplicate free when visudo finds an error.
1999-10-09 01:01 millert
* defaults.c, defaults.h, logging.c: mail_if_foo -> mail_foo
1999-10-07 21:12 millert
* compat.h, defaults.c, defaults.h, sudo.c, tgetpass.c: o Add
requiretty option o Move O_NOCTTY to compat.h
1999-10-07 21:12 millert
* logging.c: The exit() in log_error() was mistakenly removed in a
previous version. Put it back...
1999-10-07 17:20 millert
* INSTALL, TODO, check.c, config.h.in, configure, configure.in,
defaults.c, defaults.h, find_path.c, getspwuid.c, lex.yy.c,
logging.c, parse.yacc, sudo.c, auth/aix_auth.c, auth/fwtk.c,
auth/pam.c, auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: o
Change defaults stuff to put the value right in the struct. o
Implement mailer_flags o Store syslog stuff both in int and
string form. Setting the string form magically updates the int
version. o Add boolean attribute to strings where it makes sense
to say !foo
1999-10-07 17:13 millert
* tgetpass.c: add O_NOCTTY when opening /dev/tty just in case
1999-10-06 00:48 millert
* auth/API: cleanup function no longer takes a status arg
1999-10-06 00:48 millert
* INSTALL: the the
1999-09-15 05:15 millert
* TODO, config.h.in, configure, configure.in, logging.c: Use
strftime() instead of ctime() if it is available.
1999-09-14 12:58 millert
* defaults.c: fix copyright date
1999-09-14 12:57 millert
* RUNSON: update ReliantUNIX entry
1999-09-14 12:56 millert
* defaults.c, defaults.h, logging.c: add log_year option
1999-09-14 04:01 millert
* configure, configure.in: add --without-sendmail to help output
1999-09-14 03:42 millert
* configure, configure.in: enforce an otctal arg for
--with-suoders-mode
1999-09-08 04:06 millert
* BUGS, INSTALL, Makefile.in, TODO, aclocal.m4, check.c,
config.h.in, configure, configure.in, defaults.c, defaults.h,
find_path.c, lex.yy.c, logging.c, parse.h, parse.lex, parse.yacc,
sudo.c, sudo.h, sudo.tab.h, testsudoers.c, version.c, visudo.c,
auth/aix_auth.c, auth/fwtk.c, auth/kerb5.c, auth/pam.c,
auth/rfc1938.c, auth/sia.c, auth/sudo_auth.c: Add support for
"Defaults" line in sudoers to make configuration variables
changable at runtime (and on a global, per-host and per-user
basis). Both the names and the internal representation are still
subject to change. It was necessary to make sudo_user.runas but
a char ** instead of a char * since this value can be changed by
a Defaults line. There is a similar (but more complicated) issue
with sudo_user.prompt but it is handled differently at the
moment.
Add a "-L" flag to list the name of options with their
descriptions. This may only be temporary.
Move some prototypes to parse.h
Be much less restrictive on what is allowed for a username.
1999-09-08 04:01 millert
* sample.syslog.conf: Add more info
1999-09-04 03:09 millert
* fnmatch.3, fnmatch.c, getcwd.c, lsearch.c, snprintf.c,
strcasecmp.c, LICENSE: UCB has dropped the advertising clause
from their license.
1999-08-31 05:39 millert
* auth/sudo_auth.h: move dce_verofy proto to correct section
1999-08-31 05:39 millert
* auth/dce.c: remove XXX
1999-08-28 06:00 millert
* emul/fnmatch.h: Add fnmatch() prototype
1999-08-28 06:00 millert
* fnmatch.c, parse.c, testsudoers.c: Move inclusion of
emul/fnmatch.h to be after sudo.h for __P
1999-08-28 05:59 millert
* sudo.h: add strcasecmp proto
1999-08-28 05:50 millert
* auth/sudo_auth.c: add check for case where there are no auth
methods
1999-08-28 05:36 millert
* configure, configure.in: Define _XOPEN_EXTENDED_SOURCE on AIX and
__USE_FIXED_PROTOTYPES__ on SunOS4 w/ gcc
1999-08-28 05:24 millert
* getspwuid.c, lex.yy.c, parse.lex, parse.yacc: include strings.h
everywhere we include string.h
1999-08-28 05:22 millert
* version.c: nicer output when showing auth methods
1999-08-28 05:00 millert
* version.c: Add support for SEND_MAIL_WHEN_NO_HOST
1999-08-28 04:49 millert
* config.h.in, configure.in, configure: Add _GNU_SOURCE for Linux
1999-08-28 04:22 millert
* parse.lex, lex.yy.c: fix definition of OCTECT
1999-08-28 04:10 millert
* configure, configure.in: aix_auth.o not authenticate.o
1999-08-27 17:02 millert
* sudo.c: Only block SIGINT, SIGQUIT, SIGTSTP (which can be
generated from the keyboard). Since we run with ruid/euid == 0
the user can't really signal us in nasty ways.
1999-08-27 17:01 millert
* visudo.c: Don't need to worry about catching too many signals
since we do locking on the tmp file. If a lockfile is really
stale, it will be detected and overwritten.
1999-08-27 16:09 millert
* INSTALL, Makefile.in: include auth/API in tarball
1999-08-27 16:09 millert
* auth/sudo_auth.c: move memset() of plaintext pw outside of verify
loop and only do the memset if we are *not* in standalone mode.
1999-08-27 13:46 millert
* auth/: sudo_auth.c, sudo_auth.h: DCE is not a standalone method
1999-08-27 11:53 millert
* sudo.c: fix --enable-noargs-shell
1999-08-27 11:06 millert
* snprintf.c: "#ifdef __STDC__" not "#if __STDC__" (I missed one)
1999-08-27 10:54 millert
* auth/: fwtk.c, sia.c: _cleanup() function returns an int.
1999-08-27 10:50 millert
* auth/dce.c: there were still some return(0)'s hanging around,
make them AUTH_FAILURE
1999-08-27 10:39 millert
* parse.c: typo in comment
1999-08-27 10:03 millert
* version.c: add missing semicolon
1999-08-27 08:31 millert
* auth/sudo_auth.h: missing backslash
1999-08-26 17:24 millert
* CHANGES, config.h.in, configure, configure.in: Kill
_XOPEN_EXTENDED_SOURCE -- causes problems on some OSes
1999-08-26 09:21 millert
* Makefile.in: add parse.h to HDRS
1999-08-26 09:16 millert
* Makefile.in, configure, configure.in: Kill VISUDO_LIBS and
VISUDO_LDFLAGS. Add LIBS, NET_LIBS, and LDFLAGS. Common libs go
in LIBS, commong ld flags go in LDFLAGS and network libs like
-lsocket, -lnsl go in NET_LIBS. This allows testsudoers to build
on Solaris and is a bit cleaner in general.
1999-08-26 06:56 millert
* UPGRADE: mention ptmp -> sudoers.tmp
1999-08-26 06:12 millert
* configure.in, configure, config.h.in: Define
_XOPEN_SOURCE_EXTENDED not _XOPEN_SOURCE
1999-08-26 05:37 millert
* RUNSON: add 2 reports
1999-08-26 05:20 millert
* auth/kerb5.c: Minor changes, mostly cosmetic.
verify_krb_v5_tgt() changed to return a value more like a system
function
1999-08-26 05:19 millert
* auth/dce.c: Add an XXX
1999-08-26 05:19 millert
* TODO: more things todo!
1999-08-26 05:18 millert
* sample.sudoers: update based on what is in the man page
1999-08-26 05:10 millert
* parse.yacc: minor change to first line printed in -l mode
1999-08-26 05:10 millert
* sudo.cat, sudo.html, sudo.man, sudo.pod: rename "ENVIRONMENT
VARIABLES" section to "ENVIRONMENT" to be more standard and add
"EXAMPLES" section
1999-08-26 05:08 millert
* visudo.cat, visudo.html, visudo.man, visudo.pod: rename
"ENVIRONMENT VARIABLES" section to "ENVIRONMENT" to be more
standard
1999-08-26 05:06 millert
* logging.c, parse.c, sudo.h: add FLAG_NO_CHECK
1999-08-26 05:05 millert
* parse.lex, lex.yy.c: make an OCTET really be limited to 0-255
1999-08-26 05:04 millert
* UPGRADE: mention timestamp changes
1999-08-26 05:04 millert
* PORTING: cosmetic cleanup
1999-08-26 05:00 millert
* sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: new
sudoers(8) man page
1999-08-24 13:45 millert
* version.c: Update comments about syslog name tables
1999-08-24 13:37 millert
* CHANGES, LICENSE, Makefile.in, configure, strcasecmp.c,
configure.in, parse.yacc: include strcasecmp() for those without
it
1999-08-24 12:43 millert
* sample.sudoers: Use the : operator some more and fix a typo
1999-08-24 12:43 millert
* HISTORY: update the history of sudo
1999-08-24 12:42 millert
* parse.c, parse.lex, testsudoers.c: CIDR-style netmask support
1999-08-24 12:41 millert
* CHANGES: recent changes
1999-08-24 12:40 millert
* sudo.tab.h: these should be generated with byacc, not bison
1999-08-24 12:40 millert
* lex.yy.c: regen
1999-08-24 11:58 millert
* parse.h, parse.yacc, sudo.tab.h: In "sudo -l" mode, the type of
the stored (expanded) alias was not stored with the contents.
This could lead to incorrect output if the sudoers file had
different alias types with the same name. Normal parsing (ie:
not in '-l' mode) is unaffected.
1999-08-23 12:47 millert
* configure, configure.in: define _XOPEN_SOURCE to get at crypt()
proto on some systems
1999-08-22 13:10 millert
* snprintf.c: fix comment
1999-08-22 13:09 millert
* tgetpass.c: don't need limits.h
1999-08-22 07:36 millert
* snprintf.c: kill bogus reference to vfprintf
1999-08-22 07:26 millert
* sample.sudoers, sudoers: better examples
1999-08-22 07:23 millert
* snprintf.c: Add some const in the K&R defs. This is safe since
we define const away if the compiler doesn't grok it.
1999-08-22 07:22 millert
* aclocal.m4, configure: Better test for working long long support.
Ultrix compiler supports basic long long but not all operations
on them.
1999-08-22 05:59 millert
* aclocal.m4, config.h.in, configure, getspwuid.c, snprintf.c,
sudo.c, auth/secureware.c: Add check for LONG_IS_QUAD #undef
MAXINT before including hpsecurity.h to silence an HP-UX warning
Check for U?LONG_LONG_MAX in snprintf.c and use LONG_IS_QUAD
1999-08-21 15:00 millert
* LICENSE, aclocal.m4, config.h.in, configure, configure.in,
snprintf.c: UCB-derived snprintf + asprintf support. Supports
quads if the compiler does. No floating point yet, perhaps
later...
1999-08-20 16:37 millert
* check.c, find_path.c, goodpath.c, logging.c, parse.c, sudo.c,
auth/API, auth/sudo_auth.c, auth/sudo_auth.h: Run most of the
code as root, not the invoking user. It doesn't really gain us
anything to run as the user since an attacker can just have an
setuid(0) in their egg. Running as root solves potential
problems wrt signalling.
1999-08-19 13:45 millert
* logging.c, sudo.c: Don't wait for child to finish in log_error(),
let the signal handler get it if we are still running, else let
init reap it for us. The extra time it takes to wait lets the
user know that mail is being sent.
Install SIGCHLD handler in main() and for POSIX signals, block
everything *except* SIGCHLD.
1999-08-19 12:30 millert
* logging.c, parse.c, parse.yacc, sudo.c, configure, sudo.h,
INSTALL, config.h.in, configure.in: sudoers_lookup() now returns
a bitmap instead of an int. This makes it possible to express
things like "failed to validate because user not listed for this
host". Some thigns that were previously VALIDATE_FOO are now
FLAG_FOO. This may change later on.
Reorganized code in log_auth() and sudo.c to deal with above
changes.
Safer versions of push/pushcp with in the do { ... } while (0)
style
parse.yacc now saves info on the stack to allow parse.c to
determine if a user was listed, but not for the host he/she tried
to run on.
Added --with-mail-if-no-host option
1999-08-17 11:29 millert
* parse.yacc, sudo.h, visudo.c, visudo.cat, visudo.html,
visudo.man, visudo.pod: o NewArgv and NewArgc don't need to be
externally visible. o If pedantic > 1, it is a parse error. o
Add -s (strict) option to visudo which sets pedantic to 2.
1999-08-17 11:26 millert
* HISTORY, INSTALL: Just have sudo-bugs contact info in one place
1999-08-17 11:20 millert
* sudo.cat, sudo.html, sudo.man, sudo.pod: Add BUGS section
1999-08-17 10:29 millert
* configure, configure.in, Makefile.in: Add testsudoers to default
build target if --with-devel Don't clean generated parser files
unless "distclean".
1999-08-17 08:47 millert
* parse.yacc: In pedantic mode we need to save *all* the aliases,
not just those that match, or we get spurious warnings.
1999-08-17 05:32 millert
* TROUBLESHOOTING: reference samples.sylog.conf
1999-08-14 11:50 millert
* sample.syslog.conf: Sample entries for syslog.conf
1999-08-14 11:40 millert
* CHANGES: recent changes
1999-08-14 11:36 millert
* auth/: API, afs.c, aix_auth.c, dce.c, fwtk.c, kerb4.c, kerb5.c,
pam.c, passwd.c, rfc1938.c, secureware.c, securid.c, sia.c,
sudo_auth.c, sudo_auth.h: In struct sudo_auth, turn need_root and
configured into flags and add a flag to specify an auth method is
running alone (the only one). Pass auth methods their sudo_auth
pointer, not the data pointer. This allows us to get at the
flags and tell if we are the only auth method. That, in turn,
allows the method to be able to decide what should/should not be
a fatal error. Currently only rfc1938 uses it this way, which
allows us to kill the OTP_ONLY define and te hackery that went
with it. With access to the sudo_auth struct, methods can also
get at a string holding their cannonical name (useful in error
messages).
1999-08-14 11:34 millert
* Makefile.in, INSTALL, README, config.h.in, configure,
configure.in, getspwuid.c, lex.yy.c, parse.lex, parse.yacc,
sudo.tab.h: o --with-otp deprecated, use --without-passwd instead
o real dependencies in the Makefile o --with-devel option to
enable yacc, lex, and -Wall o style -- "foo -> bar" becomes
"foo->bar" o ALL goes back to being a token, not a string but
don't leak memory o rename hsotspec -> host in parse.yacc
1999-08-12 12:26 millert
* BUGS, CHANGES: recent changes
1999-08-12 12:24 millert
* configure, configure.in, interfaces.c, snprintf.c, sudo.c,
sudo.h, auth/sudo_auth.c: o Digital UNIX needs to check for
*snprintf() before -ldb is added to LIBS since -ldb includes a
bogus snprintf(). o Add forward refs for struct mbuf and struct
rtentry for Digital UNIX. o Reorder some functions in snprintf.c
to fix -Wall o Add missing includes to fix more -Wall
1999-08-12 10:37 millert
* INSTALL, check.c, config.h.in, configure, configure.in,
parse.yacc, testsudoers.c, version.c, visudo.c, auth/sudo_auth.c:
o Add a "pedentic" flag to the parser. This makes sudo warn in
cases where an alias may be used before it is defined. Only
turned on for visudo and testsudoers. o Add
--disable-authentication option that makes sudo not require
authentication by default. The PASSWD tag can be used to require
authentication for an entry. We no longer overload
--without-passwd.
1999-08-12 10:29 millert
* lex.yy.c, parse.lex: Break 'WORD' regexp def into HOSTNAME and
USERNAME. These days a username can contain just about anything
so be very permissive. Also drop the unused \. punctuation.
1999-08-09 18:25 millert
* parse.yacc: o add a 'val' element to aliasinfo struct and move ->
parse.h o find_alias() now returns an aliasinfo * instead of
boolean o add_alias() now takes a value parameter to store in the
aliasinfo.val o The cmnd, hostspec, runasuser, and user rules now
return: 1) positive match 0) negative match (due to '!') -1) no
match This means setting $$ explicitly in all cases, which I
should have done in the first place. It also means that we
always store a value that is != -1 and when we see a '!' we can
set *_matches to !rv if rv != -1. The upshot of all of this is
that '!' now works the way it should in lists and some of the
rules are more uniform and sensible.
1999-08-09 18:17 millert
* Makefile.in: add parse.h dependency
1999-08-09 18:17 millert
* parse.h: kill unused *_matched macros
1999-08-09 10:35 millert
* parse.yacc: Allow a list of users as the first thing in a user
spec, not just a single entry. This makes things more uniform,
though it does allow you to write user specs that are hard to
read.
1999-08-09 10:08 millert
* configure: regen
1999-08-09 10:08 millert
* configure.in: fix check for crypt() in libufc
1999-08-07 14:03 millert
* README: sudo-users list now exists
1999-08-07 07:46 millert
* INSTALL, PORTING, README, TODO, TROUBLESHOOTING: Update to
reality.
1999-08-07 05:59 millert
* CHANGES, Makefile.in, TODO, TROUBLESHOOTING, check.c, compat.h,
config.h.in, configure.in, logging.c, sudo.h, version.c,
visudo.c, configure, fileops.c: o Move lock_file() and touch()
into fileops.c so visudo can use them o Visudo now locks the
sudoers temp file instead of bailing when the temp file already
exists. This fixes the problem of stale temp files but it does
*require* that you not try to put the temp file in a
world-writable directory. This shoud not be an issue as the temp
file should live in the same dir as sudoers. o Visudo now only
installs the temp file as sudoers if it changed.
1999-08-06 09:49 millert
* logging.c: add fcntl locking
1999-08-06 09:33 millert
* configure, config.h.in, configure.in, logging.c: Lock the log
file.
1999-08-06 05:36 millert
* Makefile.in, TROUBLESHOOTING, parse.c, pathnames.h.in, sudo.c,
visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod: o
/etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow
temp file o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and
_PATH_SUDO_STMP -> _PATH_SUDOERS_TMP
1999-08-05 17:38 millert
* INSTALL, check.c, config.h.in, configure, configure.in,
version.c: o Kill *_MESSAGE and replace with NO_LECTURE o Add
more things to root sudo -V config reporting
1999-08-05 10:56 millert
* configure, configure.in: aix_auth.o not authenticate.o
1999-08-05 10:48 millert
* config.h.in: Add --with-goodpri and --with-badpri configure
options to specify the syslog priority to use.
1999-08-05 10:30 millert
* INSTALL, configure.in, logging.h, configure: Add --with-goodpri
and --with-badpri configure options to specify the syslog
priority to use.
1999-08-05 10:25 millert
* compat.h: kill crufty AIX stuff
1999-08-05 06:55 millert
* Makefile.in: Sigh, some versions of make (like Solaris's) don't
deal with $< like I would expect. Both GNU and BSD makes get
this right but... So, we just expand $< inline at the cost of
some ugliness.
1999-08-05 06:52 millert
* version.c: If the invoking user is root, sudo will now print
configure info in -V mode. Currently just prints logging info,
to be expanded later.
1999-08-05 06:51 millert
* logging.c, logging.h, sudo.c, sudo.h: o new defines for syslog
facility and priority o use new print_version() functino for -V
mode
1999-08-05 06:49 millert
* check.c: Don't need version.c
1999-08-05 06:21 millert
* configure, configure.in, aclocal.m4, config.h.in: Add check for
syslog facilities and priorities tables in syslog.h
1999-08-05 05:23 millert
* Makefile.in: o authenticate -> aix_auth o add version.c
1999-08-05 05:21 millert
* auth/sudo_auth.c: Missed a prompt -> user_prompt conversion
1999-08-04 13:32 millert
* TODO: sudo should lock its logfile
1999-08-04 13:28 millert
* parse.yacc: o Add '!' correctly when expanding Aliases. o Add
shortcut macros for append() to make things more readable. o The
separator in append() is now a string instead of a char. o In
append(), only prepend the separator if the last char is not a
'!'. This is a hack but it greatly simplifies '!' handling. o
In -l mode, Runas lists and NOPASSWD/PASSWD tags are now
inherited across entries in a list (matches current behavior).
o Fix formatting in -l mode such that items in a list are
separated by a space. Greatlt improves readability. o Space
for name field in struct aliasinfo is now allocated dyanically
instead of using a (big) buffer. o In add_alias(), only search
the list once (lsearch instead of lfind + lsearch)
1999-08-04 11:31 millert
* lex.yy.c, sudo.tab.h: regen
1999-08-04 10:54 millert
* configure, configure.in: Solais pam doesn't require anye xtra
setup
1999-08-04 05:35 millert
* parse.yacc: o Simpler '!' support now that the lexer deals with
multiple !'s for us. o In the case of opFOO, have FOO give a
boolean return value and set foo_matches in opFOO, not FOO. o
Treat 'ALL' as a string since it gets fill()'d in
parse.lex--fixes a small memory leak. In the long run it may
be better to just fix parse.lex and make ALL back into a token.
However, having it be a string is useful since it can be
easily passed back to the parent rule if we so desire.
1999-08-04 03:54 millert
* parse.lex: o Remove some unnecessary backslashes o collapse
multiple !'s by using !+ and checking if yyleng is even or odd.
this allows us to simplify ! handling in parse.yacc
1999-08-04 03:53 millert
* sudo.c: -u flag was being ignored
1999-08-01 13:04 millert
* Makefile.in: correct fix
1999-08-01 12:37 millert
* Makefile.in: work around pod2man stupididy
1999-08-01 12:35 millert
* Makefile.in: correct dependencies for .cat
1999-08-01 12:26 millert
* sudo.cat, sudo.man, visudo.cat, visudo.man: regen
1999-08-01 12:25 millert
* sudo.pod, visudo.pod: Add copyright Update to reality
1999-08-01 11:42 millert
* parse.c, sudo.c, sudo.h: rename validate() to the more
descriptive sudoers_lookup()
1999-08-01 06:49 millert
* auth/aix_auth.c: use tgetpass
1999-07-31 12:32 millert
* CHANGES: updates
1999-07-31 12:31 millert
* HISTORY, INSTALL, Makefile.in, README, RUNSON, TROUBLESHOOTING,
configure, configure.in, sudo.c: Sudo, not CU Sudo
1999-07-31 12:19 millert
* Makefile.in, alloc.c, check.c, compat.h, config.h.in,
find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h,
ins_csops.h, ins_goons.h, insults.h, interfaces.c, interfaces.h,
lex.yy.c, logging.c, logging.h, parse.c, parse.h, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strerror.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c, auth/afs.c, auth/aix_auth.c, auth/dce.c, auth/fwtk.c,
auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
auth/rfc1938.c, auth/secureware.c, auth/securid.c, auth/sia.c,
auth/sudo_auth.c, auth/sudo_auth.h, emul/search.h, emul/utime.h,
LICENSE: add 4th term to license similar to term 5 in the apache
license
1999-07-31 12:02 millert
* LICENSE, aclocal.m4, check.c, configure.in, insults.h, logging.c,
sudo.c, sudo.h, auth/rfc1938.c: there was a 1995 release too
1999-07-28 05:24 millert
* CHANGES: updates
1999-07-28 05:21 millert
* check.c: Use dirs instead of files for timestamp. This allows
tty and non-tty schemes to coexist reasonably. Note, however,
that when you update a tty ticket, the mtime on the user dir gets
updated as well.
1999-07-28 05:17 millert
* configure.in, configure: Fix getprpwnam() checking on SCO. Need
to link with "-lprot -lx" when linking test program, not just
-lprot. Also add check for getspnam(). The SCO docs indicate
that /etc/shadow can be used but this may be a lie.
1999-07-24 03:35 millert
* auth/API: first cut at auth API description
1999-07-22 15:48 millert
* auth/: fwtk.c, kerb4.c, kerb5.c, pam.c, rfc1938.c, secureware.c,
securid.c, sudo_auth.c, sudo_auth.h: auth API change. There is
now an init method that gets run before the main loop. This
allows auth routines to differentiate between initialization that
happens once vs. setup that needs to run each time through the
loop.
1999-07-22 12:23 millert
* logging.c, auth/kerb5.c: use easprintf() and evasprintf()
1999-07-22 12:22 millert
* alloc.c, sudo.h: add easprintf() and evasprintf(), error checking
versions of asprintf() and vasprintf()
1999-07-22 09:14 millert
* TODO: remove 2 items. One done, one won't do.
1999-07-22 09:10 millert
* sudo.man, visudo.man, sudo.cat, sudo.html, sudoers.html,
visudo.cat, visudo.html, configure, lex.yy.c: regen
1999-07-22 09:06 millert
* CHANGES: new changes
1999-07-22 09:01 millert
* sudo.pod: o Document -K flag and update meaning of -k flag. o
BSD-style copyright o Document clearing of BIND resolver
environment variables o Clarify bit about shared libs o suggest
rc files create /tmp/.odus if your OS gives away files
1999-07-22 08:59 millert
* visudo.pod: BSD license
1999-07-22 08:58 millert
* tgetpass.c: o BSD copyright o no need to block signals, we now do
that in main() o cosmetic changes
1999-07-22 08:57 millert
* testsudoers.c, visudo.c: o BSD-style copyright o Use "struct
sudo_user" instead of old globals. o some cometic cleanup
1999-07-22 08:56 millert
* sudo_setenv.c, version.h: BSD-style copyright
1999-07-22 08:56 millert
* sudo.h: o BSD copyright o logging and parser bits moved to their
own .h files o new "struct sudo_user" to encapsulate many of the
old globals.
1999-07-22 08:55 millert
* sudo.c: o no longer contains sudo 1.1/1.2 code o BSD copyright o
use new logging routines o simplified flow of control o BIND
resolver additions to badenv_table
1999-07-22 08:53 millert
* strerror.c: BSD-style copyright
1999-07-22 08:53 millert
* snprintf.c: Now compiles on more K&R compilers
1999-07-22 08:52 millert
* putenv.c: BSD-style copyright, cosmetic changes
1999-07-22 08:51 millert
* parse.c, parse.yacc, parse.h, parse.lex: BSD-style copyright.
Move parser-specific defines and structs into parse.h + other
cosmetic changes
1999-07-22 08:51 millert
* logging.h: defines for logging routines
1999-07-22 08:49 millert
* ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.h, pathnames.h.in: BSD-style copyright
1999-07-22 08:48 millert
* find_path.c, getspwuid.c, goodpath.c, interfaces.c: BSD-style
copyright, cosmetic changes
1999-07-22 08:46 millert
* configure.in: o tgetpass.c is no longer optional o kill DCE_OBJS,
add AUTH_OBJS o kill --disable-tgetpass o add --without-passwd o
changes to fill in AUTH_OBJS for new auth api o check for
strerror(), v?snprintf() and v?asprintf() o replace
--with-AuthSRV with --with-fwtk
1999-07-22 08:43 millert
* config.h.in: BSD-style copyright. Remove USE_GETPASS and
HAVE_UTIME_NULL. Add HAVE_FWTK, HAVE_STRERROR, HAVE_SNPRINTF,
HAVE_VSNPRINTF, HAVE_ASPRINTF, HAVE_VASPRINTF, WITHOUT_PASSWD and
NO_PASSWD
1999-07-22 08:42 millert
* compat.h: BSD-style copyright; Add S_IFLNK and MIN/MAX id they
are missing.
1999-07-22 08:39 millert
* alloc.c: BSD-style copyright
1999-07-22 08:38 millert
* TROUBLESHOOTING: no more --with-getpass
1999-07-22 08:34 millert
* TODO: Take out things I've done...
1999-07-22 08:34 millert
* README: Refer to LICENSE
1999-07-22 08:34 millert
* PORTING: --with-getpass no longer exists
1999-07-22 08:33 millert
* Makefile.in: BSD-style copyright. Update to reflect reality wrt
new files and new auth modules.
1999-07-22 08:32 millert
* INSTALL: Remove --with-AuthSRV and --disable-tgetpass. Add
--with-fwtk and --without-passwd.
1999-07-22 08:31 millert
* HISTORY: Update history a bit
1999-07-22 08:29 millert
* COPYING, LICENSE: Now distributed under a BSD-style license
1999-07-22 08:28 millert
* auth/sudo_auth.c: o BSD-style copyright o Add support for
NO_PASSWD/WITHOUT_PASSWD options. o skey/opie replaced by
rfc1938 code o new struct sudo_user global
1999-07-22 08:25 millert
* auth/: pam.c, sia.c: BSD-style copyright and use new log
functions
1999-07-22 08:24 millert
* auth/kerb5.c: o BSD-style copyright o Use new log functiongs o
Use asprintf() and snprintf() where sensible.
1999-07-22 08:19 millert
* check.c: Rewrote all the old sudo 1.1/1.2 code. Timestamp
handling is now done more reasonably--better sanity checks and
tty-based stamps are now done as files in a directory with the
same name as the invoking user, eg. /var/run/sudo/millert/ttyp1.
It is not currently possible to mix tty and non-tty based ticket
schemes but this may change in the future (it requires sudo to
use a directory instead of a file in the non-tty case). Also,
``sudo -k'' now sets the ticket back to the epoch and ``sudo -K''
really deletes the file. That way you don't get the lecture
again just because you killed your ticket in .logout. BSD-style
copyright now.
1999-07-22 08:13 millert
* logging.c: o rewritten logging routines. log_error() now takes
printf-style varargs and log_auth() for the return value of
validate(). o BSD-style copyright
1999-07-22 07:04 millert
* auth.c, check_sia.c, dce_pwent.c, secureware.c: superceded by new
auth API
1999-07-22 07:02 millert
* auth/fwtk.c: Use snprintf() where it makes sense and add a
BSD-style copyright
1999-07-22 07:00 millert
* auth/: afs.c, aix_auth.c, dce.c, passwd.c, rfc1938.c,
secureware.c, securid.c, sudo_auth.h, kerb4.c: BSD-style
copyright
1999-07-22 06:57 millert
* emul/utime.h, utime.c: BSD-style copyright
1999-07-22 06:57 millert
* emul/search.h: this has been rewritten so use my BSD-style
copyright
1999-07-15 11:21 millert
* snprintf.c: include malloc.h if no stdlib.h
1999-07-15 10:21 millert
* snprintf.c: KTH snprintf()/asprintf() for systems w/o them
1999-07-15 10:20 millert
* strerror.c: strerror() for systems w/o it
1999-07-12 06:53 millert
* visudo.c: stylistic changes
1999-07-12 06:25 millert
* parse.c, parse.lex, parse.yacc: Add contribution info in the main
comment
1999-07-11 16:10 millert
* auth/pam.c: remove missed ref to PAM_nullpw
1999-07-11 16:10 millert
* auth/sudo_auth.h: pasto
1999-07-11 15:19 millert
* auth/kerb5.c: more or less complete now--still untested
1999-07-11 15:09 millert
* auth/: afs.c, pam.c: don't use user_name macro, it will go away
1999-07-11 14:42 millert
* auth/: opie.c, rfc1938.c, sudo_auth.h, skey.c: combine skey/opie
code into rfc1938.c
1999-07-11 07:22 millert
* auth/: dce.c, sudo_auth.h: DCE authentication method; basically
unchanged from dce_pwent.c
1999-07-11 06:44 millert
* auth/: aix_auth.c, sudo_auth.h: AIX authenticate() support.
Could probably be much better
1999-07-11 06:43 millert
* auth/sia.c: Fix an uninitialized variable and some cleanup. Now
works (tested)
1999-07-11 05:37 millert
* auth/: sia.c, sudo_auth.h: SIA support for digital unix
1999-07-11 05:33 millert
* auth/pam.c: don't use prompt global, it will go away
1999-07-11 05:32 millert
* auth/secureware.c: correct copyright years
1999-07-10 20:32 millert
* auth/: afs.c, fwtk.c, kerb4.c, sudo_auth.h, kerb5.c, opie.c,
pam.c, passwd.c, secureware.c, securid.c, skey.c, sudo_auth.c:
New authentication API and methods
1999-07-08 06:46 millert
* parse.yacc: only save an entry if user_matches && host_matches,
even if the stack is empty (fix for previous commit)
1999-07-08 06:35 millert
* parse.yacc: 1) Always save an entry on the stack if it is empty.
This fixes the -l and -v flags that were broken by earlier parser
changes.
2) In a Runas list, don't negate FALSE -> TRUE since that would
make !foo match any time the user specified a runas user (via -u)
other than foo.
1999-07-08 05:45 millert
* testsudoers.c: interfaces and num_interfaces are now auto, not
extern
1999-07-07 14:09 millert
* auth.c: use a static global to keep stae about empty passwords
1999-07-07 14:08 millert
* check_sia.c: make PASSWORD_NOT_CORRECT logging consistent with
other modules
1999-07-05 16:53 millert
* auth.c: PAM prompt code was wrong, looks like we have to kludge
it after all.
1999-07-05 16:35 millert
* auth.c: In the PAM code, when a user hits return at the first
password prompt, exit without a warning just like the normal auth
code
1999-07-05 16:15 millert
* configure, configure.in: kludge around cross-compiler false
positives
1999-07-05 16:14 millert
* auth.c, check.c, check_sia.c, logging.c, sudo.h, tgetpass.c: New
(correct) PAM code Tgetpass now takes an echo flag for use with
PAM_PROMPT_ECHO_ON Block SIGINT and SIGTSTP during auth remove a
useless umask setting Change error from BAD_ALLOCATION ->
BAD_AUTH_INIT (for use with sia/PAM) Some cosmetic changes to
auth.c for consistency
1999-07-05 16:11 millert
* sudo.c: Some -Wall and kill some trailing spaces
1999-07-05 16:10 millert
* configure.in: define -D__EXTENSIONS__ for solaris so we get
crypt() proto
1999-06-22 09:42 millert
* RUNSON: add Dynix 4.4.4
1999-06-22 09:30 millert
* INSTALL, config.h.in, configure.in, configure: for kerberos V <
version, fall back on old kerb4 auth code
1999-06-22 06:41 millert
* INSTALL: clarify some things
1999-06-22 06:38 millert
* UPGRADE, sudoers.cat, sudoers.man, sudoers.pod: typos
1999-06-14 19:47 millert
* sudo.c: mention why DONT_LEAK_PATH_INFO is not the default
1999-06-03 12:34 millert
* tgetpass.c: Fix open(2) return value checking, was NULL for
fopen, should be -1 for open
1999-06-03 12:06 millert
* configure: regen
1999-06-03 12:06 millert
* configure.in: better wording for solaris pam notice
1999-06-03 11:52 millert
* CHANGES: document recent changes
1999-06-03 11:52 millert
* TROUBLESHOOTING: Update shadow password section
1999-06-03 11:51 millert
* auth.c: move authentication code from check.c to auth.c
1999-06-03 11:51 millert
* Makefile.in, check.c, sudo.h: move authentication code to auth.c
1999-05-16 21:36 millert
* Makefile.in, check.c, check_sia.c, compat.h, find_path.c,
getspwuid.c, goodpath.c, interfaces.c, interfaces.h, lex.yy.c,
logging.c, parse.c, parse.lex, parse.yacc, secureware.c, sudo.c,
sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, visudo.c: Move
interface-related defines to interfaces.h so we don't have to
include <netinet/in.h> everywhere.
1999-05-14 12:30 millert
* CHANGES, INSTALL, TODO, check.c, compat.h, getspwuid.c,
logging.c, parse.yacc, sudo.c, tgetpass.c: o Replace _PASSWD_LEN
braindeath with our own SUDO_MAX_PASS.
It turns out the old DES crypt does the right thing with
passwords
longert than 8 characters.
o Fix common typo (necesary -> necessary)
o Update TODO list
1999-05-03 12:00 millert
* sudo.c: set $LOGNAME when we set $USER
1999-04-27 00:00 millert
* INSTALL: add comment about digital unix and interfaces.c warning
with gcc
1999-04-15 01:12 millert
* sample.sudoers: use modern paths and give examples for some of
the new parser features
1999-04-10 13:03 millert
* parse.c: fix comment
1999-04-10 00:49 millert
* alloc.c, check.c, check_sia.c, dce_pwent.c, find_path.c,
getspwuid.c, goodpath.c, interfaces.c, lex.yy.c, logging.c,
parse.c, parse.lex, parse.yacc, putenv.c, secureware.c, sudo.c,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
Function names should be flush with the start of the line so they
can be found trivially in an editor and with grep
1999-04-10 00:40 millert
* find_path.c, interfaces.c, lex.yy.c, parse.c, parse.lex,
parse.yacc, sudo.c, testsudoers.c, tgetpass.c, visudo.c: free(3)
is already void, no need to cast it
1999-04-10 00:37 millert
* logging.c, sudo.c, sudo.h: catch case where cmnd_safe is not set
(this should not be possible)
1999-04-10 00:10 millert
* CHANGES, logging.c, parse.c, parse.yacc, sudo.c, sudo.h,
testsudoers.c, visudo.c: Stash the "safe" path (ie: the one
listed in sudoers) to the command instead of stashing the struct
stat. Should be safer.
1999-04-08 19:56 millert
* INSTALL, Makefile.in, UPGRADE: notes on updating from an earlier
release
1999-04-07 20:20 millert
* CHANGES: updated
1999-04-07 19:18 millert
* parse.yacc, sudo.tab.h, sudoers.cat, sudoers.html, sudoers.man,
sudoers.pod: You can now specifiy a host list instead of just a
host or alias. Ie: user = host1,host2,ALIAS,!host3 my_command
now works.
1999-04-07 02:59 millert
* testsudoers.c: Quiet -Wall
1999-04-07 02:50 millert
* parse.yacc: Move the push from the beginning of cmndspec to the
end. This means we no longer have to do a push at the end of
privilege, just reset some values.
1999-04-06 20:24 millert
* sudoers.cat, sudoers.html, sudoers.man, sudoers.pod: runas-lists
and NOPASSWD/PASSWD modifiers are now sticky and you can use "!"
most everywhere
1999-04-06 14:12 millert
* sudoers.pod: modernize paths and update su example based on
sample.sudoers one
1999-04-06 14:06 millert
* sample.sudoers: New runas semantics
1999-04-06 13:54 millert
* CHANGES, Makefile.in, alloc.c, config.h.in, configure,
configure.in, strdup.c, sudo.h: In estrdup(), do the malloc
ourselves so we don't need to rely on the system strdup(3) which
may or may not exist. There is now no need to provide strdup()
for those w/o it. Also, the prototype for estrdup() was wrong,
it returns char * and its param is const.
1999-04-06 13:40 millert
* getcwd.c: $Sudo tag
1999-04-06 13:20 millert
* check.c: buf should be prompt; Michael Robokoff
<mrobo@networkcs.com>
1999-04-06 01:40 millert
* CHANGES, TODO, parse.yacc: It is now possible to use the '!'
operator in a runas list as well as in a Cmnd_Alias, Host_Alias
and User_Alias.
1999-04-06 01:38 millert
* logging.c, sudo.h: Kill GLOBAL_NO_SPW_ENT (not used) and crank
GLOBAL_PROBLEM
1999-04-06 01:08 millert
* sudo.h: Definitions of *_matched were wrong--user top, not top-2
as subscript.
1999-04-06 01:00 millert
* logging.c, parse.c, parse.yacc, sudo.c, sudo.h: Add
VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a
command but the NOPASSWD flag was set. Make runasspec,
runaslist, runasuser, and nopasswd typeless in parse.yacc Add
support for '!' in the runas list Fix double printing of '%' and
'+' for groups and netgroups respectively Add *_matched macros
(no need for local stack variable). Should only be used directly
after a pop (since top must be >= 2).
1999-04-05 23:25 millert
* aclocal.m4, configure.in: Add copyright, somewhat silly
1999-04-05 16:57 millert
* BUGS, INSTALL, Makefile.in, README, alloc.c, check.c,
check_sia.c, compat.h, config.h.in, configure, configure.in,
dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc,
pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c,
sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat,
sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c, visudo.cat, visudo.man, emul/utime.h: Crank version to
1.6 and combine copyright statements
1999-04-05 16:30 millert
* sample.sudoers: Use ! not ^ to do negation
1999-04-05 16:29 millert
* lex.yy.c: regen
1999-04-05 16:28 millert
* parse.yacc, parse.lex: Make runas and NOPASSWD tags persistent
across entris in a command list. Add a PASSWD tag to reverse
NOPASSWD. When you override a runas or *PASSWD tag the value
given becomes the new default for the rest of the command list.
1999-04-02 16:03 millert
* CHANGES, RUNSON: update for 1.5.9
1999-04-02 16:02 millert
* visudo.c: Shift return value of system(3) by 8 to get real exit
value and if it is not 1 or 0 print the retval along with the
error message.
1999-03-30 16:45 millert
* Makefile.in: testsudoers needs LIBOBJS too
1999-03-30 12:17 millert
* parse.c, parse.yacc: Fix another parser bug. For a sudoers entry
like this: millert ALL=/bin/ls,(daemon) !/bin/ls sudo
would not allow millert to run ls as root.
1999-03-30 01:08 millert
* CHANGES: new change
1999-03-30 01:03 millert
* parse.yacc: Save entries that match a ! command on the matching
stack too
1999-03-30 01:01 millert
* sudo.c: Make sudo's usage info better when mutually exclusive
args are given and don't rely on argument order to detect this;
nick@zeta.org.au
1999-03-29 15:03 millert
* CHANGES, Makefile.in, RUNSON: updates from CU
1999-03-28 23:38 millert
* Makefile.in: use gzip
1999-03-28 23:31 millert
* parse.yacc: Fix off by one error introduced in *alloc changes
1999-03-28 23:05 millert
* BUGS, CHANGES, INSTALL, Makefile.in, README, alloc.c, check.c,
check_sia.c, compat.h, config.h.in, configure, configure.in,
dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc,
pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c,
sudo.cat, sudo.h, sudo.man, sudo_setenv.c, sudoers.cat,
sudoers.man, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c, visudo.cat, visudo.html, visudo.man, visudo.pod,
emul/utime.h: ++version
1999-03-28 21:59 millert
* Makefile.in, check.c, find_path.c, getspwuid.c, goodpath.c,
interfaces.c, lex.yy.c, logging.c, parse.c, parse.lex,
parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, utime.c, visudo.c: Use
emalloc/erealloc/estrdup
1999-03-28 20:29 millert
* alloc.c: error checking memory allocation routines
1999-03-28 19:23 millert
* parse.yacc: Still not right, this fixes it for real
1999-03-28 19:08 millert
* parse.yacc: Fix for previous commit
1999-03-28 19:05 millert
* CHANGES, INSTALL, parse.yacc: Fix a parser bug that was exposed
when mixing different runas specs and ! commands. For example:
millert ALL=(daemon) /usr/bin/whoami,!/bin/ls would
allow millert to run whoami as root as well as daemon when it
should just allow daemon. The problem was that comma-separated
commands in a list shared the same entry on the matching stack.
Now they get their own entry iff there is a full match. It may
be better to just make the runas spec persistent across all
commands in a list like the user and host entries of the matching
stack. However, since that is a fairly major change it should
gets its own minor rev increase.
1999-03-28 13:50 millert
* check.c, config.h.in: Simplify PAM code and fix a PAM-related
warning on Linux
1999-03-26 13:17 millert
* CHANGES: updates
1999-03-26 13:12 millert
* sample.sudoers: better su entry
1999-03-26 13:10 millert
* configure: regen
1999-03-26 13:09 millert
* check.c, configure.in: new pam code that works on solaris, should
work on linux too; aelberg@home.com
1999-03-19 14:44 millert
* RUNSON: more entries
1999-03-19 14:43 millert
* config.h.in: only include strings.h if there is no string.h
1999-03-17 15:25 millert
* config.guess: Sinix is now being called ReliantUNIX;
bjjackso@us.oracle.com
1999-03-13 13:37 millert
* sudo.c: shost must be set before log functions are called #ifdef
HOST_IN_LOG
1999-03-07 18:34 millert
* CHANGES, lex.yy.c, parse.lex: Fix a bug wrt quoting characters in
command args. Stop processing an arg when you hit a backslash so
the quoted-character detection can catch it.
1999-02-26 01:19 millert
* interfaces.c: include sys/time.h; aparently AIX needs it.
ppz@cdu.elektra.ru
1999-02-23 19:43 millert
* configure, configure.in: add missing case statement so
--without-sendmail works
1999-02-22 21:51 millert
* CHANGES: more
1999-02-22 15:10 millert
* configure, configure.in: only search for -lsun in irix <= 4.x
1999-02-22 15:01 millert
* configure, configure.in: back out last configure.in change now
that I've hacked autoconf to fix the real problem and add a
missing newline
1999-02-22 14:32 millert
* CHANGES: updated
1999-02-22 14:05 millert
* getcwd.c: add def of dirfd() for those without it
1999-02-22 10:58 millert
* configure.in, configure: When falling back to checking for
socket() when linking with "-lsocket -lnsl" check for main()
instead since autoconf has already cached the results of checking
for socket() in -lsocket. This is really an autoconf bug as it
should use the extra libs as part of the cache variable name.
1999-02-22 10:47 millert
* configure.in: typo
1999-02-21 15:18 millert
* configure.in: fix occurrence of $with_timeout that should be
$with_password_timeout;
Michael.Neef@neuroinformatik.ruhr-uni-bochum.de
1999-02-17 11:40 millert
* sudo.cat, sudo.html, sudo.man, sudo.pod: fix grammar;
espie@openbsd.org
1999-02-11 01:41 millert
* parse.yacc, sudo.c, testsudoers.c: add cast for strdup in places
it does not have it
1999-02-09 13:11 millert
* configure, configure.in: define for_BSD_TYPES irix
1999-02-06 19:47 millert
* Makefile.in, sudo.cat, sudo.html, sudo.man, sudo.pod: Make it
clear that it is the user's password, not root's, that we want.
1999-02-06 19:43 millert
* check.c, sudo.h: If the user enters an empty password and really
has no password, accept the empty password they entered.
Perviously, they could enter anything *but* an empty password.
Also, add GETPASS macro that calls either tgetpass() or getpass()
depending on how sudo was configured. Problem noted by
jdg@maths.qmw.ac.uk
1999-02-02 23:32 millert
* Makefile.in, check.c, check_sia.c, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in,
putenv.c, secureware.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c,
testsudoers.c, tgetpass.c, utime.c, version.h, visudo.c,
emul/utime.h: add explicate copyright
1999-02-02 23:16 millert
* CHANGES: mention -lsocket, -lnsl configure changes
1999-02-02 17:54 millert
* sudo.c: Don't clobber errno after calling check_sudoers().
1999-01-31 19:46 millert
* configure.in, configure: When linking with both -lsocket and
-lnsl be sure to do so in that order. Also, when we can't find
socket() or inet_addr() and have to try linking with both libs,
issue a warning.
1999-01-31 19:45 millert
* sudo.cat, sudo.man, sudo.pod: clarify bad timestamp and fmt
1999-01-23 12:18 millert
* INSTALL, RUNSON: be clear that pam is linux-only and add a RUNSON
entry
1999-01-22 13:13 millert
* configure, CHANGES, INSTALL, configure.in: fix and correctly
document --with-umask; problem noted by adap@adap.org
1999-01-19 20:38 millert
* configure.in, configure: only use /usr/{man,catman}/local to
store man pages if suer didn't override prefix or mandir
1999-01-19 20:24 millert
* configure, INSTALL, configure.in: fix typo, make --with-SecurID
take an arg
1999-01-18 21:53 millert
* RUNSON: updates from users
1999-01-18 21:04 millert
* CHANGES, INSTALL, check.c, configure, configure.in: FWTK
'authsrv' support from Kevin Kadow <kadow@MSG.NET>
1999-01-18 20:00 millert
* configure, configure.in: better fix for the problem of unresolved
symbols in -lnsl or -lsocket
1999-01-18 19:39 millert
* configure, configure.in: when checking for functions in -lnsl and
-lsocket link with both of them to avoid unresolved symbols on
some weirdo systems
1999-01-17 20:49 millert
* BUGS, CHANGES, RUNSON, TODO: old changes that didn't make it into
RCS before the RCS->CVS switch
1999-01-17 18:16 millert
* Makefile.in, check.c, check_sia.c, compat.h, config.h.in,
configure.in, dce_pwent.c, find_path.c, getspwuid.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, lex.yy.c, logging.c, lsearch.c, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, secureware.c, strdup.c,
sudo.c, sudo.pod, sudo_setenv.c, sudoers.pod, testsudoers.c,
tgetpass.c, utime.c, visudo.c, visudo.pod, emul/search.h,
emul/utime.h: add sudo tags
1999-01-17 17:53 millert
* version.h, sudo.h: testing Sudo tag
1999-01-17 17:40 millert
* BUGS, INSTALL, Makefile.in, README, check.c, check_sia.c,
compat.h, config.h.in, configure, configure.in, dce_pwent.c,
find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h,
ins_csops.h, ins_goons.h, insults.h, interfaces.c, lex.yy.c,
logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in,
putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, sudo.h,
sudo.man, sudo_setenv.c, sudoers.cat, sudoers.man, testsudoers.c,
tgetpass.c, utime.c, version.h, visudo.c, visudo.cat, visudo.man,
emul/utime.h: crank version and regen files
1999-01-17 17:27 millert
* Makefile.in: kill rcs goop in update_version and fix now that
version is a const
1999-01-17 17:08 millert
* INSTALL, check.c, config.h.in, configure, configure.in,
logging.c, sudo.c, sudo.h, sudo.pod: kerb5 support from
fcusack@iconnet.net
1999-01-17 16:45 millert
* realpath.c, sudo_realpath.c: we no longer use realpath
1999-01-17 16:44 millert
* qualify.c: replaced by find_path.c
1999-01-17 16:43 millert
* options.h: all options are now configure flags
1999-01-17 16:42 millert
* lex.yy.c: regen
1999-01-17 16:41 millert
* getwd.c: superceded by getcwd.c
1999-01-17 16:36 millert
* getpass.c: superceded by tgetpass.c
1999-01-17 16:36 millert
* SUPPORTED: superceded by RUNSON
1999-01-17 16:33 millert
* OPTIONS: No longer used now that we have configure options for
everything.
1999-01-17 16:32 millert
* configure: regen based on configure.in
1999-01-17 16:31 millert
* sudo.man, sudoers.man, visudo.man, sudo.cat, sudo.html,
sudoers.cat, visudo.cat, sudoers.html, visudo.html: regen based
on sudo.pod, sudoers.pod, and visudo.pod
1998-12-11 12:16 millert
* check.c: fix tty tickets in remove_timestamp (didn't use ':')
1998-12-07 16:16 millert
* interfaces.c: close sock when we are done with it
1998-11-27 19:37 millert
* parse.yacc: never say "error on line -1"
1998-11-23 23:38 millert
* configure.in: check for -lnsl before -lsocket
1998-11-23 23:29 millert
* configure.in: quote '[', ']' used in ranges correctly
1998-11-21 17:54 millert
* config.h.in: add missing NO_ROOT_SUDO noted by drno@tsd.edu
1998-11-20 18:33 millert
* version.h: 1.5.7
1998-11-20 18:33 millert
* INSTALL: more info for 1.5.7
1998-11-20 18:30 millert
* README: update for 1.5.7
1998-11-20 14:26 millert
* parse.yacc: make increases of cm_list_size and ga_list_size be
similar to increases of stacksize (ie: >= not > in initial
compare).
1998-11-20 14:22 millert
* parse.yacc: when we get a syntax error, report it for the
previous line since that's generally where the error occurred.
1998-11-18 15:31 millert
* config.h.in, configure.in, interfaces.c: add back check for
sys/sockio.h but only use it if SIOCGIFCONF is not defined
1998-11-18 15:25 millert
* config.h.in: define BSD_COMP for svr4
1998-11-17 23:16 millert
* check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c,
goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c,
parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c: more
-Wall
1998-11-17 23:10 millert
* configure.in: kill check for sockio,h
1998-11-17 23:10 millert
* config.h.in: no more HAVE_SYS_SOCKIO_H
1998-11-17 22:51 millert
* check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c,
goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c,
parse.lex, parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
-Wall
1998-11-16 17:38 millert
* sudo.c: add missing inform_user()
1998-11-13 19:21 millert
* find_path.c: return NOT_FOUND if given fully qualified path and
it does not exist previously it would perror(ENOENT) which
bypasses the option to not leak path info
1998-11-13 19:20 millert
* configure.in: for kerb5, check for -lkerb4, fall back on -lkrb
for kerb, check for -ldes
1998-11-13 14:19 millert
* INSTALL: tty tickets are user:tty now
1998-11-13 14:10 millert
* check.c: when using tty tickets make it user:tty not user.tty as
a username could have a '.' in it
1998-11-09 19:15 millert
* sudo.c: add "ignoring foo found in ." for auth successful case
1998-11-09 17:57 millert
* sudo.c: add missing printf param
1998-11-08 15:56 millert
* INSTALL, config.h.in, configure.in, find_path.c, sudo.c, sudo.h:
go back to printing "command not found" unless
--disable-path-info specified. Also, tell user when we ignore
'.' in their path and it would have been used but for
--with-ignore-dot.
1998-11-08 13:51 millert
* check.c, sudo.c: Only one space after a colon, not two, in
printf's
1998-11-05 12:59 millert
* sudo.pod: document setting $USER
1998-11-04 22:24 millert
* check.c: fix bugs with prompt expansion
1998-11-04 21:21 millert
* sudo.c: set $USER for root too
1998-11-04 17:13 millert
* getspwuid.c: typo
1998-11-04 17:07 millert
* configure.in: HP-UX's iscomsec is in -lsec, not libc
1998-11-03 22:24 millert
* configure.in: remove some entries in the OS case statement that
did nothing
1998-11-03 22:19 millert
* TROUBLESHOOTING: add "cd" section and flush out syslog section
1998-11-03 20:51 millert
* Makefile.in: no more sudo-lex.yy.c
1998-11-03 20:50 millert
* check_sia.c: add custom prompt support
1998-11-03 20:40 millert
* sudo.c: kill perror("malloc") since we already have a good error
messages pw_ent -> pw for brevity set $USER if -u specified
1998-11-03 20:39 millert
* parse.c: kill perror("malloc") since we already have a good error
messages pw_ent -> pw for brevity when checking if %group
matches, look up user in password file so that %groups works in a
RunAs spec.
1998-11-03 20:39 millert
* logging.c, parse.yacc: kill perror("malloc") since we already
have a good error messages
1998-11-03 20:38 millert
* check.c, getspwuid.c, interfaces.c, testsudoers.c: kill
perror("malloc") since we already have a good error messages
pw_ent -> pw for brevity
1998-11-03 15:03 millert
* tgetpass.c: the prompt is expanded before tgetpass is called
1998-11-03 15:03 millert
* sudo.h: tgetpass now has the same args as getpass again
1998-11-03 15:02 millert
* getspwuid.c: add iscomsec, issecure support
1998-11-03 15:02 millert
* check.c: we now expand any %h or %u in the prompt before passing
to tgetpass
1998-11-03 14:58 millert
* configure.in: add check for syslog(3) in -lsocket, -lnsl, -linet
1998-11-03 14:56 millert
* config.h.in: add HAVE_ISCOMSEC and HAVE_ISSECURE
1998-11-03 14:55 millert
* configure.in: add check for iscomsec in HP-UX
1998-11-03 14:51 millert
* configure.in: check for issecure if we have getpwanam on SunOS
some options are incompatible with DUNIX SIA check for dispcrypt
on DUNIX
1998-10-25 15:21 millert
* config.h.in: add HAVE_DISPCRYPT
1998-10-25 15:21 millert
* secureware.c: add back support for non-dispcrypt based checking
for older DUNIX
1998-10-25 00:51 millert
* INSTALL: sia changes
1998-10-25 00:48 millert
* configure.in: SIA becomes the default on Digital UNIX now havbe
--disable-sia to turn it off...
1998-10-24 23:52 millert
* check.c: move local includes after system ones
1998-10-24 19:28 millert
* check.c, check_sia.c, sudo.h: add pass_warn() which prints out
INCORRECT_PASSWORD or an insult to stderr
1998-10-24 19:07 millert
* check_sia.c: fix while loop in sia_attempt_auth() that checks the
password. Only the first iteration was working.
1998-10-21 21:00 millert
* aclocal.m4: don't trust UID_MAX or MAXUID
1998-10-21 20:35 millert
* configure.in: fix two pastos
1998-10-21 20:30 millert
* configure.in: fix typo
1998-10-21 20:19 millert
* getspwuid.c, secureware.c: init crypt_type to INT_MAX since it is
legal to be negative in DUNX 5.0
1998-10-21 20:15 millert
* configure.in: for secureware on dunix, use -lsecurity -ldb -laud
-lm but check for -ldb since DUNX < 4.0 lacks it
1998-10-21 19:50 millert
* check.c, compat.h, config.h.in, configure.in, getspwuid.c,
secureware.c, sudo.c, tgetpass.c: getprpwuid is broken in HP-UX
10.20 at least (it sleeps for 2 minutes if the shadow files don't
exist).
1998-10-20 17:22 millert
* INSTALL: updated --with-editor blurb
1998-10-20 17:21 millert
* TROUBLESHOOTING: tell how to put sudoers in a different dir
1998-10-20 16:22 millert
* configure.in: add missing quotes around $with_editor
1998-10-20 14:00 millert
* configure.in: typo in --with-editor bits
1998-10-20 01:24 millert
* INSTALL: I don't expect it to work on Solaris
1998-10-20 01:24 millert
* check.c: add back security/pam_misc.h
1998-10-19 17:13 millert
* INSTALL: remove dunix note since configure checks for this now
1998-10-19 16:30 millert
* configure.in: add check for broken dunix prot.h (4.0 < 4.0D is
bad)
1998-10-19 14:32 millert
* getspwuid.c, secureware.c, tgetpass.c: new dunix shadow code, use
dispcrypt(3)
1998-10-19 14:32 millert
* config.h.in: add HAVE_INITPRIVS
1998-10-19 14:31 millert
* sudo.c: call initprivs() if we have it for getprpwuid later on
1998-10-19 14:30 millert
* Makefile.in: clean pathnames.h too
1998-10-19 14:28 millert
* configure.in: quote "Sorry, try again." with [] since it has a
comma in it set LIBS when we add stuff to SUDO_LIBS set
SECUREWARE when we find getprpwuid() so we can check for
bigcrypt, set_auth_parameters, and initprivs later.
1998-10-19 13:48 millert
* INSTALL: update Digital UNIX note about acl.h
1998-10-18 20:26 millert
* INSTALL: add --with-sia --without-root-sudo ->
--disable-root-sudo some reordering
1998-10-18 20:22 millert
* secureware.c: add whitespace
1998-10-18 20:22 millert
* Makefile.in, check.c, config.h.in, configure.in, logging.c,
sudo.h: add SIA support
1998-10-18 20:21 millert
* check_sia.c: Initial revision
1998-10-18 19:42 millert
* configure.in: when checking for -lsocket, -lnsl, and -linet,
check for the specific functions we need from them.
1998-10-18 19:10 millert
* config.h.in, sudo.h: move Syslog_* defs into sudo.h
1998-10-18 18:15 millert
* sudo.h, Makefile.in: added check_secureware
1998-10-18 18:12 millert
* configure.in: finished adding AC_MSG_CHECKING and AC_MSG_RESULT
bits
1998-10-18 18:00 millert
* insults.h: don't define CLASSIC_INSULTS and CSOPS_INSULTS if no
other sets defined. configure now does that for us
1998-10-18 17:45 millert
* configure.in: move some --with options around change a bunch of
echo's to AC_MSG_CHECKING, AC_MSG_RESULT pairs
1998-10-18 01:09 millert
* configure.in: change $with_foo-bar -> $with_foo_bar kill extra "
that caused a syntax error add some echo verbage
1998-10-17 18:08 millert
* check.c: moved SecureWare stuff into secureware.c
1998-10-17 18:07 millert
* secureware.c: Initial revision
1998-10-17 17:02 millert
* INSTALL: update url to solaris gcc bins
1998-10-17 16:39 millert
* INSTALL: change option formatter and flesh out someentries
1998-10-17 16:18 millert
* sudo.pod, visudo.pod, TROUBLESHOOTING: environmental variable ->
environment variable
1998-10-17 16:01 millert
* BUGS: everything is now done via configure
1998-10-17 16:00 millert
* README: prev rev was 1.5.6
1998-10-17 00:33 millert
* Makefile.in: passing SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID
correctly
1998-10-17 00:32 millert
* config.h.in: SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID now come from
the Makefile
1998-10-17 00:31 millert
* Makefile.in: merge OSDEFS and OPTIONS into DEFS get sudoers_uid,
sudoers_gid, sudoers_mode from configure
1998-10-17 00:30 millert
* configure.in: SUDOERS_MODE, SUDOERS_UID, and SUDOERS_GID now get
substituted into the Makefile, not config.h
1998-10-17 00:30 millert
* INSTALL: document all --with/--enable options
1998-10-15 02:25 millert
* insults.h: options.h is no more
1998-10-15 02:25 millert
* config.h.in: assimilated options.h
1998-10-15 02:24 millert
* configure.in: moved options from options.h to configure
1998-10-15 01:41 millert
* check.c, find_path.c, getspwuid.c, goodpath.c, interfaces.c,
logging.c, parse.c, parse.lex, parse.yacc, sudo.c, sudo.pod,
sudo_setenv.c, visudo.c: no more options.h
1998-10-15 01:39 millert
* INSTALL, Makefile.in, PORTING, TROUBLESHOOTING: remove references
to options.h
1998-10-15 01:32 millert
* interfaces.c, dce_pwent.c, sudo.c: kill sys/time.h
1998-10-15 00:10 millert
* tgetpass.c: if select return < -1 still prompt for pw
1998-10-15 00:03 millert
* options.h: convert LOGGING, LOGFAC, MAXLOGFILELEN,
IGNORE_DOT_PATH into configure options
1998-10-14 23:57 millert
* parse.c: FAST_MATCH is no longer an optino
1998-10-14 23:52 millert
* check.c: remove_timestamp() if timestamp is preposterous
1998-10-14 23:36 millert
* options.h: convert more options to --with/--enable
1998-10-14 23:36 millert
* INSTALL, aclocal.m4: logfile -> logpath
1998-10-14 23:31 millert
* configure.in: convert more options into --with and --enable
1998-10-14 23:28 millert
* tgetpass.c: catch EINTR in select and restart
1998-10-14 23:15 millert
* logging.c: sys/errno -> errno
1998-09-24 11:40 millert
* sudo.c: UMASK -> SUDO_UMASK.
1998-09-24 11:36 millert
* check.c, logging.c: time.h, not sys/time.h
1998-09-21 19:52 millert
* logging.c: MAILER -> _PATH_SENDMAIL
1998-09-21 00:06 millert
* INSTALL, configure.in: no more --with-C2, now it is
--disable-shadow
1998-09-21 00:00 millert
* aclocal.m4, check.c, compat.h, config.h.in, configure.in,
getspwuid.c, sudo.c, tgetpass.c: new shadow password scheme.
Always include shadow support if the platform supports it and the
user did not disable it via configure
1998-09-20 19:48 millert
* configure.in: --with-getpass -> --{enable,disable}-tgetpass
1998-09-20 19:16 millert
* Makefile.in: pathnames.h -> pathnames.h.in
1998-09-20 19:14 millert
* check.c: fix version string
1998-09-20 19:12 millert
* check.c: move pam_conv to be static to auth function remove
pam_misc.h (solaris doesn't have one)
1998-09-20 19:10 millert
* aclocal.m4: _CONFIG_PATH_* -> _PATH_* or _PATH_SUDO_* kill
SUDO_PROG_PWD
1998-09-20 19:10 millert
* configure.in: munge pathnames.h.in -> pathnames.h kill
SUDO_PROG_PWD
1998-09-20 19:10 millert
* pathnames.h.in: convert to pathnames.h.in
1998-09-18 20:20 millert
* configure.in: fix typo in sysv4 matching case /.
1998-09-18 01:29 millert
* check.c: pam stuff needs to run as root, not user, for shadow
passwords
1998-09-17 12:26 millert
* Makefile.in, emul/utime.h, check.c, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
logging.c, options.h, parse.c, parse.lex, parse.yacc,
pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c,
BUGS, INSTALL, README, configure.in: updated version
1998-09-17 12:13 millert
* check.c: user version.h for long message
1998-09-17 11:53 millert
* check.c: this is version 1.5.6
1998-09-16 13:42 millert
* Makefile.in: remove errant backslash
1998-09-14 22:25 millert
* options.h, parse.yacc, pathnames.h.in: fix version string
1998-09-14 22:02 millert
* BUGS, CHANGES, TODO: updtaed for 1.5.6
1998-09-14 22:02 millert
* RUNSON: updated for 1.5.6
1998-09-14 11:48 millert
* interfaces.c: kill unused localhost_mask var copy if name to
ifr_tmp after we zero it
1998-09-13 15:50 millert
* INSTALL: Better description of new vs. old sudoers modes fix some
typos better description of /usr/ucb/cc gotchas on slowaris
1998-09-13 15:49 millert
* Makefile.in: add sample.pam
1998-09-13 15:32 millert
* sudo.c: set NewArgv[0] to user_shell, not basename(user_shell)
1998-09-12 11:10 millert
* README: mention TROUBLESHOOTING more fix some typos
1998-09-11 20:30 millert
* configure.in: move --enable/--disable to be after --with
1998-09-11 20:30 millert
* INSTALL: document --enable/--disable
1998-09-11 20:26 millert
* INSTALL: document --with-pam
1998-09-11 19:47 millert
* configure.in: Add message for pam users
1998-09-11 19:27 millert
* sample.pam: Initial revision
1998-09-11 19:23 millert
* config.h.in: fix HAVE_PAM
1998-09-11 19:19 millert
* check.c, config.h.in, configure.in: pam support, from Gary Calvin
<GCalvin@kenwoodusa.com>
1998-09-10 18:51 millert
* config.h.in: add HOST_IN_LOG and WRAP_LOG
1998-09-10 18:51 millert
* logging.c: add WRAP_LOG and HOST_IN_LOG
1998-09-10 18:37 millert
* configure.in: add --enable-log-host and --enable-log-wrap
1998-09-10 18:32 millert
* aclocal.m4: use AC_DEFINE_UNQUOTED for --with-logfile and
--with-timedir
1998-09-08 20:45 millert
* compat.h: add howmany macro
1998-09-08 20:43 millert
* tgetpass.c: include sys/param.h to get howmany macro
1998-09-07 20:42 millert
* OPTIONS, options.h, parse.yacc, sudo.c, testsudoers.c, visudo.c:
add RUNAS_DEFAULT
1998-09-07 12:51 millert
* fnmatch.c: bring in stdio.h for NULL
1998-09-07 12:50 millert
* aclocal.m4: allow /bin/{ksh,bach} and /usr/bin/{ksh,bash} as sh
1998-09-07 12:43 millert
* sudo.c: use HAVE_SET_AUTH_PARAMETERS
1998-09-07 12:42 millert
* config.h.in: add HAVE_SET_AUTH_PARAMETERS
1998-09-07 12:41 millert
* configure.in: add *-*-hiuxmpp* add test for set_auth_parameters()
if secureware
1998-09-07 12:39 millert
* config.sub: add support for HI-UX/MPP SR220001 02-03 0 SR2201
1998-09-07 12:06 millert
* interfaces.c: initialize previfname
1998-09-07 11:51 millert
* interfaces.c: Don't use SIOCGIFADDR, we don't need it Use
SIOCGIFFLAGS if we have it check ifr_flags against IFF_UP and
IFF_LOOPBACK instead of kludging it
1998-09-07 11:49 millert
* configure.in: typo
1998-09-07 00:01 millert
* Makefile.in: don't need special build line for sudo.tab.o
1998-09-06 23:58 millert
* Makefile.in: don't clean sudo.tab.[ch]
1998-09-06 23:48 millert
* sudo.c: Sudo should prompt for a password before telling the user
that a command could not be found.
1998-09-06 23:47 millert
* BUGS: for 1.5.6
1998-09-06 23:25 millert
* INSTALL, README: no longer require yacc
1998-09-06 23:19 millert
* Makefile.in: typo
1998-09-06 23:18 millert
* Makefile.in: y.tab -> sudo.tab include pre-yacc'd parse.yacc
1998-09-06 23:09 millert
* parse.lex: include sudo.tab.h, not y.tab.h don't break out of
command args if you get a '='
1998-09-06 22:59 millert
* insults.h: fix version ,
1998-09-06 22:57 millert
* compat.h, ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h:
fix version
1998-09-06 22:55 millert
* getcwd.c: getcwd(3) from OpenBSD for those without it.
1998-09-06 22:51 millert
* sudo.h: HAVE_GETWD -> HAVE_GETCWD
1998-09-06 22:49 millert
* configure.in: pretend sunos doesn't have getcwd(3) since it opens
a pipe to getpwd!
1998-09-06 22:41 millert
* parse.c: use NAMLEN() macro
1998-09-06 22:34 millert
* fnmatch.c: remove duplicate include of string.h
1998-09-06 22:28 millert
* configure.in: call SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T
1998-09-06 22:28 millert
* aclocal.m4: add SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T
1998-09-06 22:28 millert
* config.h.in: add dev_t and ino_t
1998-07-28 12:44 millert
* check.c: fix OTP_ONLY for opie
1998-06-24 12:22 millert
* testsudoers.c, tgetpass.c: include stdlib.h for malloc proto
1998-05-19 00:10 millert
* Makefile.in: make update_version saner
1998-05-18 23:32 millert
* config.h.in: add HAVE_WAITPID, HAVE_WAIT3, and sudo_waitpid()
1998-05-18 23:32 millert
* configure.in: check for waitpid and wait3 or no waitpid
1998-05-18 23:31 millert
* logging.c: used waitpid or wait3 if we have 'em
1998-05-02 14:16 millert
* visudo.c: fix some fprintf args, ariel@oz.engr.sgi.com (Ariel
Faigon)
1998-04-27 20:09 millert
* configure.in: don't need to explicately mention -lsocket -lnsl
for sequent
1998-04-25 01:56 millert
* configure.in: dynix should not link with -linet
1998-04-10 15:32 millert
* INSTALL: mention that HP-UX doesn't ship with yacc
1998-04-06 22:35 millert
* check.c: ignore kerberos if we can't get the local realm
1998-04-05 23:37 millert
* configure.in, BUGS, INSTALL, README: ++version
1998-04-05 23:36 millert
* version.h: ++
1998-04-05 23:35 millert
* Makefile.in, emul/utime.h, check.c, config.h.in, dce_pwent.c,
find_path.c, getspwuid.c, getcwd.c, goodpath.c, interfaces.c,
logging.c, parse.c, parse.lex, putenv.c, strdup.c, sudo.c,
sudo.h, sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c,
visudo.c: updated version
1998-04-05 23:34 millert
* check.c, sudo.h: fix version
1998-04-05 23:33 millert
* getcwd.c: don't use popen/pclose. Do it inline.
1998-04-05 23:25 millert
* lsearch.c: add rcsid
1998-04-05 23:21 millert
* sudo.c: typo
1998-04-05 23:17 millert
* sudo.h, pathnames.h.in, compat.h, options.h, ins_2001.h,
insults.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc,
check.c: updated version
1998-04-05 23:15 millert
* check.c, find_path.c, parse.c, sudo.c, testsudoers.c: MAX* + 1 ->
MAX*
1998-04-05 23:14 millert
* Makefile.in: getwd.c -> getcwd.c
1998-04-05 22:49 millert
* config.h.in: kill HAVE_GETWD
1998-04-05 22:49 millert
* configure.in: getcwd, not getwd
1998-04-05 22:48 millert
* getcwd.c: use MAX* not MAX* + 1 always run pwd as using getwd()
defeats the purpose
1998-03-31 00:15 millert
* OPTIONS, options.h: add STUB_LOAD_INTERFACES
1998-03-31 00:05 millert
* Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, logging.c, options.h, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
updated version
1998-03-30 23:54 millert
* configure.in: support *-ccur-sysv4 and fix two typos
1998-03-27 19:52 millert
* configure.in: don't echo about with_logfile and with_timedir
1998-03-27 19:49 millert
* INSTALL: document --with-logfile and --with-timedir
1998-03-27 19:46 millert
* aclocal.m4: support --with-logfile and --with-timedir
1998-03-27 19:46 millert
* configure.in: Add --with-logfile and --with-timedir
1998-03-27 19:27 millert
* sudo.c: change size computation of NewArgv for UNICOS
1998-02-18 20:10 millert
* configure.in: treate -*-sysv4* like *-*-svr4
1998-02-18 18:19 millert
* configure.in: fix spacing for --with-authenticate help
1998-02-18 16:39 millert
* Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, logging.c, options.h, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
updated version
1998-02-18 16:23 millert
* parse.yacc: fix off by one error in push macro
1998-02-17 01:15 millert
* configure.in: removed bogus alloca hack
1998-02-17 01:15 millert
* check.c: added AIX 4.x authenticate() support
1998-02-17 01:11 millert
* parse.yacc: include alloca.h if using bison and not gcc and it
exists. fixes an alloca problem on hpux 10.x
1998-02-17 00:39 millert
* INSTALL: mention --with-authenticate
1998-02-17 00:37 millert
* configure.in: added AIX authenticate() support
1998-02-17 00:22 millert
* config.h.in: add HAVE_AUTHENTICATE
1998-02-16 23:58 millert
* interfaces.c: dynamically size ifconf buffer
1998-02-16 23:56 millert
* configure.in: quote '[' and ']'
1998-02-16 21:42 millert
* Makefile.in, emul/utime.h, check.c, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
logging.c, options.h, parse.c, parse.lex, parse.yacc,
pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
updated version
1998-02-16 19:06 millert
* visudo.pod: add ERRORS section
1998-02-16 18:57 millert
* TROUBLESHOOTING: add busy stmp file explanation
1998-02-15 18:49 millert
* configure.in: the name of the cached var that signals whether or
not you are cross compiling changed. It is now
ac_cv_prog_cc_cross
1998-02-11 16:26 millert
* INSTALL: mention glibc 2.07 is fixed wrt lsearch()\.
1998-02-06 21:55 millert
* sample.sudoers, sudoers.pod: better example of su but not root su
1998-02-06 15:49 millert
* Makefile.in, check.c, emul/utime.h, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, logging.c, options.h, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, visudo.c:
updated version
1998-02-06 15:48 millert
* Makefile.in: correct regexp for updating version
1998-02-06 14:05 millert
* tgetpass.c: remove bogus flush of stderr spew prompt before
turning off echo. Seems to fix a weird problem where if sudo
complained about a bogus stamp file the user would sometimes not
have a chance to enter a password
1998-02-06 14:05 millert
* check.c: fix bogus flush of stderr
1998-02-05 19:19 millert
* sudo.c: close fd's <=2 not <=3 and move that chunk of code up
1998-02-05 19:18 millert
* configure.in: support hpux1[0-9] not just hpux10
1998-01-30 14:59 millert
* parse.c: set sudoers_fp to nil after closing
1998-01-24 01:05 millert
* config.guess, config.sub: updated from autoconf 2.12
1998-01-24 00:50 millert
* configure.in: add *-*-svr4 rule
1998-01-22 22:53 millert
* tgetpass.c: fix select usage for high fd's (dynamically allocate
readfds)
1998-01-22 22:49 millert
* check.c: kill extra whitespace
1998-01-22 19:28 millert
* sudo.c: do an initgroups() before running a command, unless the
target user is root.
1998-01-22 12:22 millert
* TROUBLESHOOTING: tell people to use tabs, not spaces, in
syslog.conf
1998-01-21 01:56 millert
* parse.lex, Makefile.in, config.h.in, getwd.c, strdup.c, putenv.c,
emul/utime.h, testsudoers.c, utime.c, dce_pwent.c: updated
version
1998-01-21 01:32 millert
* goodpath.c, sudo_setenv.c, interfaces.c, tgetpass.c, visudo.c:
updated version
1998-01-21 01:29 millert
* sudo.h, pathnames.h.in, options.h, compat.h, insults.h,
ins_2001.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc,
check.c, getspwuid.c, find_path.c, logging.c, parse.c, sudo.c:
updated version
1998-01-21 01:20 millert
* Makefile.in: more tweaks to update_version
1998-01-21 01:19 millert
* Makefile.in: fixed up update_version rule
1998-01-21 00:55 millert
* configure.in: ++version
1998-01-21 00:53 millert
* Makefile.in: removed supe of check.c
1998-01-21 00:51 millert
* INSTALL: ++version I missed
1998-01-21 00:51 millert
* RUNSON: updated
1998-01-21 00:48 millert
* Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c,
find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
logging.c, options.h, parse.c, parse.lex, parse.yacc,
pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c, emul/utime.h, BUGS, INSTALL, README: updated version
1998-01-21 00:47 millert
* CHANGES: updated for 1.5.5
1998-01-21 00:35 millert
* Makefile.in: add rules to update version stuff in files so I
don't need to do it by hand
1998-01-21 00:04 millert
* sudo.h: sudoers_fp is now extern
1998-01-21 00:03 millert
* sudo.c: in check_sudoers, cache the sudoers file handle in
sudoers_fp so we don't have to open it again in the parse. This
may help with weird solaris problems where EAGAIN sometime
occurrs.
1998-01-21 00:02 millert
* parse.c: sudoers file open is now done only in check_sudoers() so
we just do a rewind() instead of an open. May help people on
solaris who were getting EAGAIN.
1998-01-16 11:43 millert
* INSTALL: mention that newer glibc is fixed
1998-01-13 12:58 millert
* sudo.c: newer irix uses _RLDN32_* envariables for 32-bit binaries
so ignore _RLD* instead of _RLD_*
1998-01-13 10:32 millert
* parse.c: typo
1998-01-13 10:19 millert
* parse.c: fix that bug for real
1998-01-13 02:39 millert
* INSTALL: document Linux's libc6 brokenness.
1998-01-13 02:00 millert
* parse.yacc: -Wall
1998-01-13 01:22 millert
* RUNSON: updated
1998-01-13 00:50 millert
* TROUBLESHOOTING: remind people to HUP syslogd
1998-01-13 00:05 millert
* Makefile.in: add -O flag to tar
1998-01-13 00:00 millert
* TODO, RUNSON: updated
1998-01-12 23:59 millert
* sudo.pod: remove author's email addr. people should mail
sudo-bugs
1998-01-12 23:49 millert
* INSTALL: fix version
1998-01-12 23:48 millert
* README, check.c, compat.h, config.h.in, configure.in,
dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, logging.c, options.h, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c: ++version
1998-01-12 23:44 millert
* RUNSON: updated
1998-01-12 23:42 millert
* INSTALL, Makefile.in: ++version
1998-01-12 23:41 millert
* CHANGES: updated fort 1.5.4
1998-01-12 23:41 millert
* check.c: exit(1) if user enters no passwd
1998-01-12 23:37 millert
* BUGS: ++version
1998-01-12 23:10 millert
* parse.c: commands can start with ./* not just /* -- fixes a
serious security hole.
1997-12-21 18:17 millert
* sudo.c: Don't set the tty variable to NULL when we lack a tty,
leave it as "unknown".
1997-11-23 13:29 millert
* sample.sudoers: fix usage of (username) in conjunction with , and
!
1997-11-23 13:28 millert
* visudo.c: catch the case where the user is not in the passwd file
1997-11-23 13:24 millert
* tgetpass.c: use fileno(input) + 1 instead of getdtablesize() as
the nfds arg to select(2)
1997-11-23 01:53 millert
* sudo.c: define tty global to an initial value to avoid dumping
core in logging functions when passwd file is unavailable.
1997-11-23 01:51 millert
* sudo.c: do the set_perms(PERM_USER, sudo_mode) after we have
gotten the passwd entry
1997-11-23 00:21 millert
* sudo.pod: talk about problem of ALL
1997-10-10 00:54 millert
* README: new web location
1997-10-10 00:54 millert
* INSTALL: fdesc bug is fixed in Open/Net BSD
1997-10-10 00:52 millert
* HISTORY: updates from Nieusma
1997-10-09 18:37 millert
* dce_pwent.c: move compat.h after the system includes
1997-08-06 14:58 millert
* logging.c: save errno from being clobbered by wait(). From Theo
1997-05-21 11:57 millert
* compat.h: fix an occurence of setresuid -> setreuid (typo)
1997-03-19 17:45 millert
* install-sh: check for path to strip
1997-01-15 19:05 millert
* logging.c: deal with maxfilelen < 0 case
1997-01-15 19:05 millert
* OPTIONS: fixed descriptin
1996-12-11 23:10 millert
* sudo.c: correct error message if mode/owner wrong and not
statable by owner but is statable by root.
1996-11-23 02:18 millert
* config.guess, config.sub: autoconf 2.11
1996-11-16 14:42 millert
* CHANGES, RUNSON, TODO: sudo 1.5.3.
1996-11-14 15:08 millert
* sudo.h, parse.yacc: command_alias -> generic_alias
1996-11-13 22:50 millert
* sample.sudoers: added Runas_Alias example and fixed syntax errors
1996-11-13 22:50 millert
* OPTIONS, options.h: updated MAILSUBJECT
1996-11-13 22:49 millert
* logging.c: added %h expansion
1996-11-13 21:37 millert
* Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c,
find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h,
ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c,
logging.c, options.h, parse.c, parse.lex, parse.yacc,
pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c, INSTALL, README, configure.in: ++version
1996-11-13 20:01 millert
* emul/utime.h, BUGS: ++version
1996-11-13 19:45 millert
* sudoers.pod: document Runas_Alias
1996-11-13 19:22 millert
* visudo.pod: q (uid) -> Q
1996-11-13 19:21 millert
* visudo.c: buffer oflow checking q (uit) -> Q if yyparse() fails
drop into whatnow
1996-11-13 19:05 millert
* parse.yacc: add size params to sprintf
1996-11-13 19:04 millert
* parse.lex: allow trailing space after '\\' but before '\n'
1996-11-13 19:04 millert
* find_path.c: off by one error in path size check
1996-11-13 19:03 millert
* check.c: sprintf paranoia
1996-11-12 11:59 millert
* parse.yacc: fixed more_aliases
1996-11-12 11:58 millert
* visudo.c: now warns if killed by signal ./
1996-11-11 10:49 millert
* parse.yacc: fix Runas_Alias stuff Alias's in runas list now get
expanded (but it is gross)
1996-11-10 20:32 millert
* sudo.c: Can now deal with SUDOERS_UID == 0 and SUDOERS_MODE ==
0400
1996-11-10 20:08 millert
* parse.yacc: add Runas_Alias support change FOO to FOO_ALIAS (ie:
USER_ALIAS)
1996-11-10 20:02 millert
* parse.lex: Add Runas_Alias and simplify a rule.
1996-11-10 19:15 millert
* parse.yacc: always store User_Alias's since they can be used
inside of a runas list. Sigh. Really need a Runas_Alias
instead.
1996-10-30 18:04 millert
* visudo.c: deal with case where there is no sudoers file
1996-10-11 23:01 millert
* TROUBLESHOOTING: added one
1996-10-10 22:11 millert
* HISTORY, testsudoers.c: developement -> development
1996-10-10 22:08 millert
* INSTALL: added a note
1996-10-10 20:36 millert
* RUNSON: for 1.5.2
1996-10-10 20:36 millert
* CHANGES: updated
1996-10-10 00:56 millert
* PORTING: removed seteuid() notes
1996-10-09 13:37 millert
* compat.h: better seteuid() emulatino
1996-10-09 13:36 millert
* configure.in: added check for seteuid
1996-10-09 13:36 millert
* config.h.in: added HAVE_SETEUID
1996-10-08 19:22 millert
* configure.in: first stab at sequent support
1996-10-08 19:21 millert
* config.h.in: added HAVE_SYS_SELECT_H
1996-10-08 19:21 millert
* compat.h: sequent -> _SEQUENT_
1996-10-08 19:11 millert
* compat.h: added seteuid() macro for DYNIX
1996-10-08 18:54 millert
* tgetpass.c: _AIX -> HAVE_SYS_SELECT_H
1996-10-07 01:05 millert
* emul/utime.h, check.c, compat.h, dce_pwent.c, find_path.c,
getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
ins_csops.h, ins_goons.h, insults.h, interfaces.c, options.h,
pathnames.h.in, version.h, BUGS, INSTALL, Makefile.in, OPTIONS,
README, config.h.in, logging.c, parse.c, parse.lex, parse.yacc,
putenv.c, strdup.c, sudo_setenv.c, testsudoers.c, utime.c,
visudo.c, tgetpass.c: ++version
1996-10-07 00:59 millert
* sudo.pod: added -H and SUDO_PS1
1996-10-07 00:55 millert
* configure.in: use SUDO_FUNC_FNMATCH
1996-10-07 00:54 millert
* aclocal.m4: added SUDO_FUNC_FNMATCH
1996-10-07 00:53 millert
* sudo.c: added -H flag
1996-10-07 00:53 millert
* sudo.h: added MODE_RESET_HOME /
1996-10-05 00:00 millert
* INSTALL: mention OPIE
1996-10-04 23:59 millert
* configure.in: added opie support
1996-10-04 23:59 millert
* check.c: added HAVE_OPIE and changed to *_OTP_*
1996-10-04 23:58 millert
* compat.h, config.h.in: added HAVE_OPIE
1996-10-04 23:58 millert
* OPTIONS, options.h: SKEY -> OTP
1996-10-03 23:27 millert
* check.c: moved fclose() in skey stuff.
1996-10-03 19:53 millert
* putenv.c: index -> strchr remove unnecesary stuff
1996-10-03 19:43 millert
* check.c: now call skeychallenge() to get challenge instead of
making one up ourselves. this way, we get extra goodies in the
prompt.
1996-09-10 00:32 millert
* CHANGES: added one
1996-09-10 00:18 millert
* parse.lex: allow logins to start with a number (YUCK!)
1996-09-08 15:18 millert
* TROUBLESHOOTING: added soalris 2.5 vs 2.4 note
1996-09-08 15:15 millert
* configure.in: DUNIX doesn't need -lnsl
1996-09-07 20:22 millert
* CHANGES: [no log message]
1996-09-07 20:21 millert
* check.c, compat.h, config.h.in, dce_pwent.c, find_path.c,
getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c,
options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in,
putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
tgetpass.c, utime.c, version.h, visudo.c: courtesan
1996-09-07 20:13 millert
* TROUBLESHOOTING, INSTALL, Makefile.in, PORTING, RUNSON, README:
courtesan
1996-09-07 20:12 millert
* visudo.pod: [no log message]
1996-09-07 20:00 millert
* sudo.pod, visudo.pod: courtesan
1996-09-07 19:45 millert
* HISTORY: added courtesan ./
1996-09-06 00:12 millert
* sudo.c: added $SUDO_PROMPT support
1996-09-04 17:19 millert
* check.c: print long skey challemged to stderr, not stdout
1996-08-31 23:10 millert
* CHANGES: updated for 1.5.1
1996-08-31 23:07 millert
* emul/utime.h: ++version
1996-08-31 12:34 millert
* RUNSON: updated for 1.5.1
1996-08-30 10:49 millert
* check.c: use shost, not host for tgetpass
1996-08-30 00:21 millert
* OPTIONS, sudo.pod: documented %u and %h
1996-08-29 20:40 millert
* configure.in: fixed typo
1996-08-29 20:37 millert
* INSTALL, Makefile.in, README, check.c, compat.h, config.h.in,
dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, logging.c, options.h, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c: ++version
1996-08-29 20:30 millert
* BUGS: ++version
1996-08-29 18:32 millert
* configure.in, Makefile.in, version.h: ++version
1996-08-29 17:58 millert
* sudo.h: new tgetpass() params
1996-08-29 17:58 millert
* check.c: pass use and host to tgetpass
1996-08-29 17:57 millert
* tgetpass.c: added %u and %h escapes
1996-08-29 16:56 millert
* OPTIONS, options.h, check.c: added NO_MESSAGE
1996-08-29 16:23 millert
* configure.in: added cray (unicos) support
1996-08-27 11:36 millert
* OPTIONS, options.h, sudo.c: added SHELL_SETS_HOME
1996-08-25 17:56 millert
* INSTALL: added note about "make install"
1996-08-25 17:50 millert
* parse.yacc: changed length/size params from int to size_t
1996-08-25 13:35 millert
* OPTIONS: now get CSOPS insults as well by default
1996-08-25 13:33 millert
* insults.h: use csops insults too by default
1996-08-25 13:31 millert
* INSTALL, Makefile.in, README, config.h.in, configure.in,
version.h: version = 1.5
1996-08-25 13:27 millert
* sudo.c: added runas_homedir
1996-08-25 13:27 millert
* TODO: updated for 1.5
1996-08-25 13:23 millert
* RUNSON: updated for 1.5
1996-08-25 13:19 millert
* CHANGES: 1.5 release
1996-08-25 13:17 millert
* INSTALL: added "upgrading" notes
1996-08-22 14:00 millert
* visudo.c: now do chmod and chown after edit of temp file and
before rename
1996-08-18 12:52 millert
* Makefile.in: ++version added INSTALL.configure
1996-08-18 12:52 millert
* version.h, configure.in: ++version
1996-08-18 12:51 millert
* TROUBLESHOOTING: [no log message]
1996-08-18 12:50 millert
* parse.yacc: added missing cast
1996-08-17 20:37 millert
* sudo.c: sets $HOME to pw_dir of runas user
1996-08-17 20:02 millert
* sudo.pod: document $HOME change
1996-08-17 19:43 millert
* sudo.pod: fixed up some wording
1996-08-17 19:25 millert
* check.c, dce_pwent.c, find_path.c, getspwuid.c, getwd.c,
goodpath.c, interfaces.c, logging.c, parse.c, parse.lex,
parse.yacc, putenv.c, strdup.c, sudo.c, sudo_setenv.c,
testsudoers.c, tgetpass.c, utime.c, visudo.c: ++version
1996-08-17 19:19 millert
* emul/utime.h, compat.h, ins_2001.h, ins_classic.h, ins_csops.h,
ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h:
++version
1996-08-17 19:18 millert
* sudo.h: name nad type changes
1996-08-17 19:17 millert
* testsudoers.c: now works with new sudo
1996-08-17 19:07 millert
* parse.yacc: fixed some XXX
1996-08-17 18:52 millert
* parse.yacc: some variable name changes + comment headers for
functions.
1996-08-17 18:41 millert
* tgetpass.c: added extra paren's to make compilers happy
1996-08-17 18:34 millert
* sudo.c: [no log message]
1996-08-17 18:30 millert
* parse.c: now uses init_parser() if not in sudoers and tries
"list" or "validate" scold but don't be nasty.
1996-08-17 18:29 millert
* TROUBLESHOOTING: now can use upper case login names
1996-08-17 18:29 millert
* visudo.c: now uses init_parser()
1996-08-17 18:28 millert
* PORTING: added info about PASSWORD_TIMEOUT
1996-08-17 18:28 millert
* INSTALL, README: updated
1996-08-17 18:28 millert
* INSTALL.configure: Initial revision
1996-08-17 18:27 millert
* BUGS: fixed a bug ,
1996-08-17 18:27 millert
* parse.yacc: now dynamically allocates memory for the stacks -- no
more overflows!
1996-08-17 18:26 millert
* sudo.pod: -l now explands command aliases
1996-08-17 13:22 millert
* parse.yacc: hacks to expand command aliases for `sudo -l'
1996-08-17 13:22 millert
* sudo.c: remove $ENV and $BASH_ENV (dangerous in ksh, posix sh,
and bash)
1996-08-17 13:22 millert
* sudo.h: added struct command_alias
1996-08-17 13:20 millert
* sudo.pod: fixed a bug
1996-08-17 13:15 millert
* lsearch.c: in compar() key should be first arg
1996-08-15 15:48 millert
* BUGS: fixed some bugs
1996-08-15 15:47 millert
* parse.yacc: can now deal with upcase HOST and USER names
1996-08-15 15:47 millert
* sudo.c: don't yell too loudly at non-sudoers if they do "sudo -l"
1996-08-15 15:46 millert
* sudo.pod: fixed thinko
1996-08-15 15:46 millert
* parse.c: fix comment
1996-08-09 18:07 millert
* parse.c, parse.yacc: added support for new `sudo -l' stuff
1996-08-09 18:06 millert
* sudo.c: now uses list_matches()
1996-08-09 18:06 millert
* sudo.h: added struct sudo_match
1996-08-09 17:37 millert
* configure.in: now more -lgnumalloc
1996-08-01 13:12 millert
* install-sh: added more paths for chown and whoami
1996-07-31 10:41 millert
* check.c: typo
1996-07-30 13:45 millert
* aclocal.m4: fixed DUNIX check for shadow pw
1996-07-30 13:41 millert
* tgetpass.c: now only turn off echo if it is already on. this
fixes a race when you use sudo in a pipelin
1996-07-30 12:53 millert
* INSTALL: updated
1996-07-29 22:29 millert
* configure.in: changed "test -z $foo && do_this" to if; then
construct
1996-07-28 22:47 millert
* configure.in: added missing defines of SHADOW_TYPE
1996-07-26 14:10 millert
* check.c: protect AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT since
they are only in dunix 4.x
1996-07-26 14:09 millert
* getspwuid.c: added AUTH_CRYPT_C1CRYPT support
1996-07-26 13:23 millert
* parse.c: no longer return VALIDATE_NOT_OK if there was a runas
that didn't match. Now we can have runas stuff on more than one
line.
1996-07-25 23:45 millert
* configure.in: got rid of HAVE_C2_SECURITY SHADOW_TYPE is always
defined to something
1996-07-25 23:45 millert
* config.h.in: removed HAVE_C2_SECURITY added SPW_BSD
1996-07-25 23:44 millert
* compat.h, getspwuid.c, sudo.c, tgetpass.c: use SHADOW_TYPE
instead of HAVE_C2_SECURITY
1996-07-25 23:44 millert
* check.c: SHADOW_TYPE is always defined so just against its value
1996-07-25 23:44 millert
* aclocal.m4: added SUDO_CHECK_SHADOW_DUNIX
1996-07-25 18:47 millert
* sudoers.pod: * -> ?* in one example added another instance of
(runas) and one of NOPASSWD:
1996-07-24 13:02 millert
* configure.in: added back check for config.cache from other host
type
1996-07-24 12:49 millert
* parse.lex: removed an instance of \"
1996-07-24 12:49 millert
* sample.sudoers: added an example
1996-07-24 12:44 millert
* sudoers.pod: updated wrt new wildcard matching
1996-07-24 10:28 millert
* configure.in: new check for shadow passwords if we don't know
anything
1996-07-24 10:28 millert
* aclocal.m4: new SUDO_CHECK_SHADOW_GENERIC
1996-07-24 02:19 millert
* configure.in: added back check for -lsocket (oops)
1996-07-24 02:16 millert
* configure.in: better (working) check for shadow passwd type if we
know to use C2.
1996-07-24 01:59 millert
* configure.in: now uses AC_CANONICAL_HOST to figure out os type
1996-07-24 01:59 millert
* Makefile.in: added config.{guess,sub}
1996-07-24 01:58 millert
* aclocal.m4: removed unused stuff to figure out os type
1996-07-23 22:58 millert
* config.sub: added openbsd
1996-07-23 22:54 millert
* config.sub: Initial revision
1996-07-23 22:40 millert
* config.guess: Initial revision
1996-07-23 21:18 millert
* testsudoers.c: don't call fnmatch() with FNM_PATHNAME flag unless
it can only be a pathname. need to check against sudoers_args
even if user_args is nil
1996-07-23 21:18 millert
* parse.c: don't call fnmatch() with FNM_PATHNAME flag unless it
can only be a pathname need to check against sudoers_args even if
user_args is nil
1996-07-23 18:52 millert
* check.c: added support for AUTH_CRYPT_OLDCRYPT w/ DUNIX C2
1996-07-23 01:18 millert
* testsudoers.c: now takes command line args and uses cmnd_args
1996-07-23 01:10 millert
* parse.lex: fill_args was adding an extra leading space
1996-07-22 15:50 millert
* visudo.c: fixed dummy command_matches()
1996-07-22 15:50 millert
* parse.yacc: fixed prototype
1996-07-22 15:31 millert
* sudo.h: added cmnd_args
1996-07-22 15:31 millert
* parse.yacc: now uses flat args string
1996-07-22 15:30 millert
* parse.c, parse.lex: now uses flat arg string
1996-07-22 15:29 millert
* visudo.c: added cmnd_args def
1996-07-22 14:30 millert
* sudo.c: now sets cmnd_args global
1996-07-22 14:30 millert
* logging.c: cmnd_args is now exported from sudo.[ch]
1996-07-21 18:41 millert
* parse.yacc: can't rely on cmnd_matches as much as I thought --
added some $$ stuff back in to prevent namespace pollution
problems.
1996-07-21 18:01 millert
* parse.yacc: Simplified parse rules wrt runas and NOPASSWD (more
consistent).
1996-07-20 00:45 millert
* parse.lex: NOPASSWD may now have blanks before the ':' '(' only
starts a 'runas' if in the initial state to avoid collision with
command args
1996-07-20 00:23 millert
* configure.in: added checks for specific shadow passwd schemes
1996-07-20 00:18 millert
* aclocal.m4: added routines to check for specific shadow passwd
types
1996-07-18 18:27 millert
* configure.in: added support for ncr boxen
1996-07-18 18:26 millert
* aclocal.m4: added support for detecting ncr boxen
1996-07-16 14:57 millert
* configure.in: added sinix support
1996-07-13 22:29 millert
* TROUBLESHOOTING: added info about "config.cache from other other"
error.
1996-07-13 22:22 millert
* aclocal.m4: now makes sure you don't have a config.cache file
from another OS
1996-07-13 21:36 millert
* configure.in: now sets $LIBS when needed to configure links with
libs when doing tests hpux10 now uses SPW_SECUREWARE for C2 added
check for bigcrypt(3) if SPW_SECUREWARE
1996-07-13 21:30 millert
* getspwuid.c: fixed typo
1996-07-13 21:05 millert
* tgetpass.c: now include stuff for SPW_SECUREWARE to get
AUTH_MAX_PASSWD_LENGTH
1996-07-13 21:05 millert
* getspwuid.c: no more SPW_HPUX10
1996-07-13 21:04 millert
* config.h.in: no more SPW_HPUX10 added HAVE_BIGCRYPT
1996-07-13 21:04 millert
* compat.h: now uses AUTH_MAX_PASSWD_LENGTH if SPW_SECUREWARE
1996-07-13 21:04 millert
* check.c: SPW_SECUREWARE now uses bigcrypt
1996-07-13 18:24 millert
* sample.sudoers: fixed 2 syntax errors
1996-07-13 18:24 millert
* sudoers: root may now run ALL as ALL
1996-07-11 20:59 millert
* interfaces.c: fixed a typo/thinko that broke BSD's with sa_len
1996-07-08 16:08 millert
* check.c, configure.in: updated AFS support
1996-07-08 16:07 millert
* TROUBLESHOOTING: added entry about /usr/ucb/cc
1996-07-08 16:06 millert
* INSTALL: prep no longer holds gcc binaries
1996-07-08 15:48 millert
* INSTALL: updated AFS note
1996-07-08 15:43 millert
* Makefile.in: added @AFS_LIBS@
1996-07-08 15:33 millert
* compat.h: AFS allows long passwords
1996-07-08 14:16 millert
* testsudoers.c: fixed -u user support
1996-07-08 14:16 millert
* parse.c: sudo -v now groks VALIDATE_OK_NOPASS
1996-07-08 13:30 millert
* parse.yacc: fixed no_passwd vs. runas_matched
1996-07-08 10:30 millert
* TROUBLESHOOTING: took out stuff about NFS-mounting since it is no
longer an issue
1996-07-08 10:30 millert
* INSTALL: added --with-libraries > --with-libpath --with-incpath
1996-07-08 10:21 millert
* parse.yacc: was setting runas_matches to -1 in wrong place
1996-07-08 09:58 millert
* check.c: removed usersec.h which is not present in new AFS
versions
1996-07-08 09:55 millert
* tgetpass.c: now deals with timeout <= 0
1996-07-08 09:51 millert
* OPTIONS: updated
1996-07-08 00:04 millert
* configure.in: BSD/OS >= 2.0 now uses shlicc instead of just gcc
1996-07-07 22:30 millert
* sudo.c: fixed backwards compatibility with sudo 1.4 sudoers mode
for root readable/writable filesystems
1996-07-07 20:49 millert
* Makefile.in: now gives INSTALL -c flag
1996-07-07 20:34 millert
* parse.yacc: slightly simpler initialization of no_passwd and
runas_matches
1996-07-07 20:33 millert
* testsudoers.c: added -u username support
1996-07-07 20:32 millert
* configure.in: improved --with-libraries support
1996-07-07 16:27 millert
* configure.in: added --with-incpath, --with-libpath,
--with-libraries
1996-07-07 16:01 millert
* parse.yacc: now initializes some fields that weren't getting set
to -1 pretty gross -- need a rewrite.
1996-06-25 23:19 millert
* alloca.c: removed emacs'isms
1996-06-25 22:29 millert
* configure.in: no longer add -lPW to *_LIBS since we include
alloca.c
1996-06-25 22:29 millert
* config.h.in: added HAVE_ALLOCA_H
1996-06-25 22:28 millert
* Makefile.in: added alloca.c
1996-06-25 22:18 millert
* alloca.c: Initial revision
1996-06-25 21:58 millert
* configure.in: ++version
1996-06-25 19:32 millert
* sudo.c: now set uid to 1 instead of nobody for PERM_SUDOERS since
nobody is not always set to a valid uid.
1996-06-25 19:31 millert
* OPTIONS: fixed entry for SUDO_MODE
1996-06-25 18:02 millert
* sudo.c: Fixed NFS-mounted sudoers file under solaris both uid
*and* gid were being set to -2. Now beat NFS to the punch and
set uid to "nobody" ourselves, preserving group 0 to read
sudoers.
1996-06-25 18:02 millert
* parse.c: moved set_perms(PERM_ROOT) to be before yyparse()
1996-06-25 18:00 millert
* logging.c: fixed a typo
1996-06-25 18:00 millert
* configure.in: no longer need AC_PROG_INSTALL
1996-06-25 17:59 millert
* Makefile.in: always use install-sh to avoid install(1)'s that use
get{pw,gr}nam
1996-06-25 16:07 millert
* INSTALL: make clean -> make distclean
1996-06-20 01:17 millert
* parse.yacc: removed some unnecsary if's
1996-06-20 01:16 millert
* Makefile.in, version.h: ++version
1996-06-20 01:16 millert
* parse.c, testsudoers.c: now includes netgroup.h
1996-06-20 00:45 millert
* interfaces.c: removed cats of ioctl to int since they didn't shut
up -Wall
1996-06-20 00:43 millert
* interfaces.c: explicately cast ioctl() to int since it it not
always declared
1996-06-20 00:41 millert
* sudo.h: added declarations for yyparse() and yylex()
1996-06-20 00:27 millert
* parse.yacc: fixed an occurence of '==' -> '='
1996-06-20 00:22 millert
* config.h.in, configure.in: added check for netgroup.h
1996-06-20 00:20 millert
* sudo.c: fixed 2 compiler warnings
1996-06-20 00:08 millert
* sudo.c: SHELL_IF_NO_ARGS caused core dump since NewArg[cv]
weren't being initialized
1996-06-19 13:53 millert
* sudo.pod: fixed a typo
1996-06-17 12:19 millert
* parse.yacc: fixed a formatting thingie
1996-06-17 12:16 millert
* parse.c, parse.yacc: fixed -u support with multiple user lists on
a line
1996-06-17 10:23 millert
* configure.in: unixware needs -lgen
1996-06-17 10:23 millert
* README: updated ftp location
1996-06-17 00:08 millert
* sudoers.pod: add net_addr/netmask support
1996-06-17 00:07 millert
* sample.sudoers: added net_addr/mask example
1996-06-17 00:02 millert
* parse.lex, parse.c: added support for net_addr/netmask
1996-06-15 20:13 millert
* sudoers.pod: ^ -> !
1996-06-15 18:12 millert
* RUNSON: updated for 1.4.3
1996-06-15 18:12 millert
* CHANGES: udpated for 1.4.3
1996-06-15 18:11 millert
* TROUBLESHOOTING, TODO, BUGS: updated
1996-06-15 18:11 millert
* sample.sudoers: updated with examples of new stuff
1996-06-15 18:10 millert
* INSTALL, README: ++version
1996-06-15 18:01 millert
* sudoers.pod: updated wrt -u and NOPASSWD
1996-06-15 17:58 millert
* sudo.pod: updated wrt -u and CAVEATS
1996-06-08 23:15 millert
* sudo.c: fixed usage()
1996-06-08 22:57 millert
* parse.lex: now use :foo: character classes (makes no diff for
generated lexer)
1996-06-07 14:33 millert
* check.c: fixed LONG_SKEY_PROMPT stuff
1996-06-06 15:35 millert
* visudo.c: fixed a comment
1996-06-06 15:03 millert
* lsearch.c: make more like NetBSD one -- now compiles w/o warnings
1996-06-06 15:02 millert
* emul/search.h: fixed decls of lsearch()
1996-06-05 22:20 millert
* config.h.in, configure.in, getspwuid.c: added SPW_HPUX10
1996-06-05 22:20 millert
* check.c: hpux 10 uses bigcrypt() if C2
1996-06-04 19:57 millert
* parse.c: now always uses fnmatch to match args
1996-06-04 19:40 millert
* tgetpass.c: back to using stdio instead of raw i/o since that
caused some problems
1996-05-28 22:14 millert
* sudo.c: now give usage warning if use -l,-v,-k with args
1996-05-28 18:22 millert
* sudo.c: NewArgc is now set to 1 for -l, -v, -k
1996-05-28 12:50 millert
* sudo.c: now sets sudoers to correct group if mode is 0400
1996-05-28 12:02 millert
* install-sh: updated to version used by inn and bind
1996-05-28 00:08 millert
* configure.in: now uses -lgnumalloc if it exists
1996-05-28 00:02 millert
* Makefile.in: "make install" now sets uid/gid and mode on sudoers
if it exists
1996-05-28 00:01 millert
* sudo.c: rmeoved debugging statements
1996-05-28 00:00 millert
* parse.yacc: added a missing free()
1996-05-27 23:58 millert
* sudo.c: now uses user_gid instead of getegid (which was wrong
anyway) to set SUDO_GID Now sets command line args in
SUDO_COMMAND envariabled (logging.c depends on args being in the
environment)
1996-05-27 23:57 millert
* logging.c: now uses SUDO_COMMAND envariable to get command args
rather than building it up again.
1996-05-27 22:42 millert
* parse.c: now uses user_gid
1996-05-27 20:02 millert
* sudo.c: fixed off by one error in allocation NewArgv
1996-05-27 20:01 millert
* parse.c: in sudoers, 'command ""' now means command with no args
1996-05-27 20:01 millert
* configure.in: added check for fnmatch(3) and fnmatch.h
1996-05-27 20:01 millert
* config.h.in: added HAVE_FNMATCH
1996-05-27 20:00 millert
* Makefile.in: replaced wildcat.* with fnmatch.*
1996-05-27 20:00 millert
* testsudoers.c: now uses fnmatch()
1996-05-27 19:38 millert
* parse.c: now uses fnmatch() instead of wildmat a trailing star
(*) by itself now matches multiple args added support for
wildcards in the pathname in sudoers
1996-05-25 19:23 millert
* fnmatch.c: now includes compat.h and config.h
1996-05-25 18:09 millert
* config.h.in: added HAVE_FNMATCH_H
1996-05-25 18:07 millert
* configure.in: now checks for alloca() (if needed by bison or dce)
and links with -lPW if it contains alloca() and libv and compiler
do not.
1996-05-25 18:03 millert
* fnmatch.3, fnmatch.c, emul/fnmatch.h: Initial revision
1996-04-28 22:38 millert
* sudo.c: now fixes mode on sudoers if set to 0400 to aid in
upgrade
1996-04-28 17:44 millert
* Makefile.in: fixed pod2man usage
1996-04-28 17:40 millert
* configure.in, Makefile.in, version.h: ++version
1996-04-28 17:20 millert
* testsudoers.c, visudo.c: runas_user is now initialized to "root"
1996-04-28 17:20 millert
* sudo.h: removed PERM_FULL_ROOT
1996-04-28 17:18 millert
* sudo.c: runas_user defaults to "root" so no more need to
PERM_RUNAS
1996-04-28 17:16 millert
* parse.c: will now only running commands as root if there was no
runas list (or if root is in the runas list)
1996-04-28 17:15 millert
* logging.c: now logs "USER=%s"
1996-04-28 17:12 millert
* parse.yacc: runas_matches is now set to false if we get a
negative match
1996-04-28 15:01 millert
* parse.lex: make #uid work + some minor cleanup
1996-04-27 21:04 millert
* sample.sudoers: added support for NOPASSWD and "runas" from
garp@opustel.com /
1996-04-27 21:03 millert
* visudo.c: added support for "runas" from garp@opustel.com
replaced SUDOERS_OWNER with SUDOERS_UID, SUDOERS_GID added
support for SUDOERS_MODE
1996-04-27 21:03 millert
* testsudoers.c: added support for "runas" from garp@opustel.com
1996-04-27 21:02 millert
* sudo.h: added support for NO_PASSWD and runas from
garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and
SUDOERS_GID and added support fro SUDOERS_MODE
1996-04-27 21:00 millert
* sudo.c: added support for NO_PASSWD and runas from
garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and
SUDOERS_GID and added support fro SUDOERS_MODE
1996-04-27 21:00 millert
* parse.yacc: added support for NO_PASSWD and runas from
garp@opustel.com
1996-04-27 20:58 millert
* parse.c, parse.lex: added support for NO_PASSWD and runas from
garp@opustel.com
1996-04-27 20:56 millert
* logging.c: added support for SUDOERS_WRONG_MODE and "runas"
1996-04-27 20:40 millert
* configure.in: added --with-CC only link with -lshadow on linux
(with shadow pw) if libc lacks getspnam()
1996-04-27 20:39 millert
* OPTIONS, options.h: removed NO_PASSWD since it is not possible to
do this in the sudoers file itself. Replaced SUDOERS_OWNER with
SUDOERS_UID and SUDOERS_GID. Added SUDOERS_MODE.
1996-04-27 20:26 millert
* Makefile.in: now uses SUDOERS_UID and SUDOERS_GID
1996-04-27 11:20 millert
* INSTALL: added --with-CC
1996-04-06 16:31 millert
* parse.lex: added double quote support
1996-04-06 16:29 millert
* sudoers.pod: documented double quoting
1996-04-05 16:53 millert
* mkinstalldirs: Initial revision
1996-04-05 16:53 millert
* check.c: fixed some indentation
1996-04-05 16:48 millert
* Makefile.in: fixed a typo
1996-04-04 19:39 millert
* Makefile.in: added install-dirs .
1996-04-04 14:16 millert
* dce_pwent.c: new version from "Jeff A. Earickson"
<jaearick@colby.edu>
1996-04-03 13:40 millert
* configure.in: $CSOPS -> $with_csops (whoops, missed one)
1996-04-03 13:40 millert
* BUGS: updated
1996-04-03 13:36 millert
* parse.lex: FQHOST now has same constraints as non-FQHOST
1996-04-02 19:00 millert
* INSTALL: added note about OS's w/ shadow passwords turned on by
default
1996-04-02 18:58 millert
* configure.in: fixed a typo
1996-04-02 18:48 millert
* configure.in: added support for --without-THING sanitized shadow
pw situtation by adding support for --without-C2
1996-04-02 16:42 millert
* tgetpass.c: fixed a typo wrt placement of an end paren
1996-04-02 14:57 millert
* check.c: was closing an fd that may not have been opened
1996-03-21 19:55 millert
* sudo.c, OPTIONS, options.h: added NO_PASSWD
1996-03-19 19:40 millert
* configure.in: now always use shadow pw on some arches
1996-03-19 17:07 millert
* configure.in: added pyramid support
1996-03-19 17:04 millert
* configure.in: no longer check for C2 if alternate passwd method
is used no longer check for some libs twice
1996-03-19 17:00 millert
* parse.yacc: moved fqdn stuff into parse.lex (FQHOST)
1996-03-19 17:00 millert
* parse.lex: added FQHOST rules
1996-03-18 20:57 millert
* tgetpass.c: now define TCSASOFT in necesary
1996-03-18 20:31 millert
* tgetpass.c: now uses read/write instead of stdio string goop to
avoid problems with select(2)
1996-03-18 19:37 millert
* OPTIONS, find_path.c, options.h: -DNO_DOT_PATH ->
-DIGNORE_DOT_PATH
1996-03-17 16:18 millert
* INSTALL: added note about no shadow auto-detect if using
alternate auth schemes
1996-03-17 15:33 millert
* configure.in: don't check for C2 if AFS or DCE (unless they said
--with-C2)
1996-03-17 15:08 millert
* testsudoers.c: now groks shost
1996-03-17 15:01 millert
* options.h, OPTIONS, find_path.c: added NO_DOT_PATH
1996-03-16 14:43 millert
* find_path.c: checkdot now works correctly
1996-03-12 18:01 millert
* configure.in: can't have DCE and C2 passwords both...
1996-03-11 14:05 millert
* parse.yacc, sudo.c, sudo.h, visudo.c: now uses shost even if not
FQDN
1996-03-11 14:04 millert
* configure.in: now looks for skey in /usr/lib and doesn't require
libskey to be in /usr/local/lib just because skey.h is (for my
netbsd box :-)
1996-03-11 02:00 millert
* aclocal.m4, config.h.in, pathnames.h.in: _SUDO_PATH_ ->
_CONFIG_PATH_
1996-03-10 21:01 millert
* aclocal.m4, sudo.pod: /var/run/.odus -> /var/run/sudo
1996-03-10 20:59 millert
* pathnames.h.in: now uses _SUDO_PATH_TIMEDIR
1996-03-10 20:59 millert
* OPTIONS: udpated FQDN
1996-03-10 20:58 millert
* config.h.in: added _SUDO_PATH_TIMEDIR
1996-03-10 20:58 millert
* aclocal.m4, configure.in: added SUDO_TIMEDIR
1996-03-10 20:58 millert
* sudo.pod: updated wrt /var/run/sudo
1996-03-10 20:16 millert
* sudo.c, sudo.h: added support for shost if FQDN
1996-03-10 20:14 millert
* parse.yacc, visudo.c: now uses shost if FQDN
1996-03-10 20:12 millert
* check.c: Now use skeylookup() instead off skeychallenge()
1996-02-27 20:41 millert
* logging.c: mail_argv should not contain ALERTMAIL as it includes
"-t"
1996-02-22 17:06 millert
* INSTALL, Makefile.in, README, version.h, configure.in: ++version
1996-02-22 16:27 millert
* compat.h: added more _PASSWD_LEN stuff -- now uses PASS_MAX too
1996-02-22 16:27 millert
* tgetpass.c: now includes limits.h moved _PASSWD_LEN -> compat.h
1996-02-05 19:20 millert
* README, INSTALL: ++version
1996-02-05 19:20 millert
* Makefile.in: ++versoin
1996-02-05 19:16 millert
* Makefile.in: fixed a typo
1996-02-05 19:16 millert
* configure.in: ++version
1996-02-05 18:53 millert
* RUNSON: updated
1996-02-05 18:47 millert
* CHANGES: done for 1.4.1 (I hope)
1996-02-05 18:45 millert
* sudoers.pod: added info on wildcards
1996-02-05 18:39 millert
* sample.sudoers: added wildcard example
1996-02-05 17:03 millert
* Makefile.in: now uses *.pod to build *.man and *.cat & *.html
1996-02-05 17:03 millert
* configure.in: addedSUDO_PROG_BSHELL !ll
1996-02-05 16:10 millert
* visudo.pod: fixed up some formatting
1996-02-05 16:10 millert
* sudoers.pod: redid section describing sample sudoers stuff
1996-02-05 16:10 millert
* sudo.pod: fixed some formatting
1996-02-04 22:50 millert
* getspwuid.c: now treats "" as bourne shell
1996-02-04 22:49 millert
* Makefile.in: TESTOBJS nwo includes wildmat.o
1996-02-04 22:48 millert
* testsudoers.c: now works with NewArg[cv]
1996-02-04 21:59 millert
* sudo.c: removed an XXX (fixed it in getspwuid.c)
1996-02-04 21:58 millert
* aclocal.m4: added check for bourne shell
1996-02-04 21:58 millert
* pathnames.h.in: added _PATH_BSHELL
1996-02-04 21:58 millert
* config.h.in: added _SUDO_PATH_BSHELL
1996-02-04 16:36 millert
* visudo.c: unixware vi returns 256 instead of 0
1996-02-04 16:24 millert
* INSTALL: added Linux note
1996-02-04 16:13 millert
* logging.c: fixed up some XXX's. file log format now looks a
little more like real syslog(3) format.
1996-02-04 16:13 millert
* README, TROUBLESHOOTING: updated wrt lex/flex
1996-02-04 16:11 millert
* Makefile.in: commented out rule to build lex.yy.c from parse.lex
since we ship with a pre-flex'd parser
1996-02-04 16:09 millert
* parse.c, parse.yacc, visudo.c: path_matches -> command_matches
1996-02-04 02:28 millert
* logging.c: eliminated some strcat()'s
1996-02-04 02:10 millert
* configure.in: no longer checks for lex/flex (now assumes flex)
1996-02-04 02:08 millert
* configure.in: now checks for $kerb_dir_candidate/krb.h instead of
just kerb_dir_candidate
1996-02-02 20:48 millert
* parse.yacc: now use a 'hook' expression instead of an iffy one
:-)
1996-02-02 01:14 millert
* visudo.c: now works with new sudo arg stuff
1996-02-02 01:14 millert
* parse.yacc: fixed dereferencing deadbeef
1996-02-01 23:53 millert
* sudo.c: changed an occurrence of Argv to NewArgv
1996-02-01 23:53 millert
* parse.lex: took out support for quoted commands since there is no
need...
1996-02-01 23:52 millert
* parse.c: fixed a typo in a for() loop
1996-02-01 23:52 millert
* logging.c: protected against dereferencing rogue pointers
1996-02-01 22:34 millert
* sudo.c: now uses NewArgv amd NewArgc so cmnd_aegs is no longer
needed this also allows us to eliminate some kludges in
parse_args() and eliminate superfluous code.
1996-02-01 22:34 millert
* logging.c: no longer uses cmnd_args, now uses NewArgv instead.
1996-02-01 22:32 millert
* sudo.h: added struct sudo_command, NewArgc, and NewArgv removed
cmnd_args (no longer used)
1996-02-01 22:31 millert
* Makefile.in: added wildmat.c to SRCS & SUDOBJS
1996-02-01 22:30 millert
* parse.yacc: COMMAND is now a struct containing the path and args
1996-02-01 22:30 millert
* parse.lex: replaced append() with fill_cmnd() and fill_args.
command args from a sudoers entry are now stored in an arrary for
easy matching.
1996-02-01 22:28 millert
* parse.c: command line args from sudoers file are now in an array
like ones passed in from the command line
1996-01-31 20:59 millert
* parse.c: wildwat stuff now works
1996-01-29 00:44 millert
* version.h: ++version
1996-01-29 00:44 millert
* Makefile.in: ++version added wildmat.*
1996-01-28 17:55 millert
* parse.lex: added support for quoted commands (w/ or w/o args)
1996-01-22 01:55 millert
* sudo.pod, visudo.pod: cleaned up formatting
1996-01-21 20:53 millert
* sudo.pod, visudo.pod: Initial revision
1996-01-21 02:07 millert
* sudoers.pod: looks reasonable, could be mroe readable
1996-01-20 23:47 millert
* sudoers.pod: Initial revision
1996-01-16 14:38 millert
* RUNSON: updated
1996-01-16 14:37 millert
* OPTIONS: updated NO_ROOT_SUDO entry
1996-01-15 11:37 millert
* RUNSON: [no log message]
1996-01-15 11:34 millert
* sudo.c: fixed SECURE_PATH
1996-01-14 20:55 millert
* RUNSON: udpa`ted for 1.4
1996-01-14 20:52 millert
* configure.in: AIX aixcrypt.exp now uses $(srcdir)
1996-01-14 20:32 millert
* TROUBLESHOOTING: added entry for anal ansi compilers
1996-01-14 16:13 millert
* INSTALL: added info on libcrypt_i for SCO
1996-01-14 16:05 millert
* TODO: [no log message]
1996-01-14 15:39 millert
* sample.sudoers: added comments
1996-01-14 15:25 millert
* TODO: 1.4 release
1996-01-14 15:22 millert
* README, config.h.in, configure.in, CHANGES: ++version
1996-01-14 15:21 millert
* BUGS: ++version and fixed ISC
1996-01-14 15:19 millert
* check.c, compat.h, dce_pwent.c, find_path.c, getspwuid.c,
getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h,
ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h,
logging.c, putenv.c, strdup.c, sudo.c, sudo_setenv.c,
testsudoers.c, tgetpass.c, utime.c, visudo.c, INSTALL, OPTIONS:
++version
1996-01-14 15:16 millert
* interfaces.c: added STUB_LOAD_INTERFACES ++version
1996-01-14 15:14 millert
* Makefile.in, version.h, parse.c, parse.lex, parse.yacc,
emul/utime.h: ++version
1996-01-14 15:13 millert
* PORTING: added info about fd_set in tgetpass added info on
interfaces.c
1996-01-11 13:22 millert
* dce_pwent.c: added sudo header
1996-01-11 13:04 millert
* tgetpass.c: fixed a typo
1996-01-11 13:01 millert
* Makefile.in: tgetpass.o is now only linked in with sudo (not
visudo)
1996-01-09 12:56 millert
* BUGS, INSTALL, OPTIONS, README, Makefile.in, config.h.in,
configure.in: ++version
1996-01-09 12:54 millert
* emul/utime.h: added copyright notice
1996-01-09 12:52 millert
* check.c, compat.h, find_path.c, getspwuid.c, getwd.c, goodpath.c,
ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h,
interfaces.c, logging.c, options.h, parse.c, parse.lex,
parse.yacc, pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h,
sudo_setenv.c, testsudoers.c, tgetpass.c, utime.c, version.h,
visudo.c: ++version
1996-01-09 12:46 millert
* tgetpass.c: minor cleanup and now includes sys/bsdtypes for
svr4'ish boxen
1996-01-09 12:42 millert
* configure.in: ISC now gets -lcrypt now check for sys/bsdtypes.h
1996-01-09 12:41 millert
* config.h.in: added check for sys/bsdtypes.h
1996-01-07 16:00 millert
* parse.yacc: removed debugging stuff (setting freed ptr to NULL)
1996-01-07 15:55 millert
* TROUBLESHOOTING: added 2 entries
1996-01-07 15:55 millert
* Makefile.in: added FAQ
1996-01-07 14:26 millert
* TROUBLESHOOTING: added section on syslog
1996-01-07 14:25 millert
* configure.in: added AC_ISC_POSIX for better ISC support
1996-01-07 14:25 millert
* config.h.in: fixed typo
1996-01-07 14:25 millert
* config.h.in: added define for _POSIX_SOURCE
1996-01-04 00:41 millert
* configure.in: fixed check for lsearch()
1995-12-21 21:53 millert
* interfaces.c: fixed for AIX now deal if num_interfaces == 0
(should not happen)
1995-12-20 17:02 millert
* configure.in: now only define HAVE_LSEARCH if there is a
corresponding search.h
1995-12-20 15:52 millert
* interfaces.c: works on ISC again
1995-12-18 17:36 millert
* configure.in: now define HAVE_LSEARCH if we find lsearch() in
libcompat
1995-12-18 17:32 millert
* lsearch.c: char * -> const char *
1995-12-18 17:29 millert
* configure.in: now looks in -lcompat for lsearch()
1995-12-18 17:23 millert
* Makefile.in: remove sudo.core visudo.core for clan target
1995-12-17 22:53 millert
* aclocal.m4: added UID_MAX support in check for MAX_UID_T_LEN
1995-12-17 22:36 millert
* Makefile.in: fixed another occurence of sudo_getpwuid.*
1995-12-17 22:30 millert
* getspwuid.c, Makefile.in: sudo_getpwuid.c -> getspwuid.c
1995-12-17 22:22 millert
* configure.in: moved the "echo"
1995-12-17 22:09 millert
* CHANGES, BUGS, INSTALL, Makefile.in, OPTIONS, README, check.c,
compat.h, config.h.in, configure.in, find_path.c, getspwuid.c,
getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h,
ins_goons.h, insults.h, interfaces.c, logging.c, options.h,
parse.c, parse.lex, parse.yacc, pathnames.h.in, putenv.c,
strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
tgetpass.c, utime.c, version.h, visudo.c: ++version
1995-12-17 22:04 millert
* testsudoers.c: added group support
1995-12-17 22:00 millert
* sample.sudoers: added group entry
1995-12-17 21:59 millert
* sudoers.man: documented group support
1995-12-17 21:50 millert
* parse.c, parse.lex, visudo.c, parse.yacc: added group support
1995-12-15 17:45 millert
* check.c: tkfile was too short and overflowed the kerberos realm
1995-12-11 17:09 millert
* sudo.c: now copy command args directly from Argv
1995-12-11 15:55 millert
* sudo.c: replaced code to copy cmnd_args so that is does not use
realloc since most realloc()'s really stink
1995-12-08 14:11 millert
* configure.in: syslog() fixed in hpux 10.01
1995-12-06 17:45 millert
* configure.in: AC_CHECK_LIB() now sets SUDO_LIBS (and VISUDO_LIBS
if appropriate)
1995-12-06 17:30 millert
* configure.in: better error if cannot find skey incs or libs
1995-12-06 17:26 millert
* aclocal.m4: now use a temp file for determining max len of uid_t
in string form. the old hacky way broke on netbsd
1995-12-05 19:02 millert
* sudo.c: added set of parens and a space
1995-12-05 18:58 millert
* dce_pwent.c: fixes from Jeff Earickson <jaearick@colby.edu> ,
1995-12-05 18:58 millert
* check.c: modified a comment
1995-12-05 18:57 millert
* Makefile.in: fixed up testsudoers target
1995-12-05 18:56 millert
* configure.in: DCE changes from Jeff Earickson
<jaearick@colby.edu> LIBS -> SUDO_LIBS and VISUDO_LIBS LDFLAGS ->
SUDO_FDFLAGS and VISUDO_LDFLAGS
1995-12-05 18:17 millert
* Makefile.in: LIBS -> SUDO_LIBS , VISUDO_LIBS LDFLAGS ->
SUDO_LDFLAGS, VISUDO_LDFLAGS
1995-11-27 23:32 millert
* configure.in: fix for C2 on hpux 10 now uses -linet if it exists
1995-11-27 23:17 millert
* check.c: LONG_SKEY_PROMPT is less of a klusge /
1995-11-27 23:17 millert
* configure.in: fixed typos w/ dce stuff
1995-11-27 23:14 millert
* Makefile.in: added dce_pwent.c
1995-11-26 13:48 millert
* INSTALL: amended section on combining authentication mechanisms
1995-11-26 13:48 millert
* PORTING: minor updates for 1.3.6
1995-11-26 13:47 millert
* TROUBLESHOOTING: added 2 more entries
1995-11-26 13:39 millert
* BUGS: updated for 1.3.6
1995-11-26 13:39 millert
* README: overhauled
1995-11-25 21:23 millert
* INSTALL: rewrote for sudo 1.3.6
1995-11-25 21:23 millert
* TROUBLESHOOTING: added 3 entries
1995-11-25 13:53 millert
* find_path.c, getspwuid.c, sudo.c: added explict casts for strdup
since many includes don't prototype it. gag me.
1995-11-25 13:23 millert
* sudo.h: removed prototype for sudo_getpwuid() since convex C
compiler choked on it.
1995-11-25 13:23 millert
* sudo.c: added prototype for sudo_getpwuid()
1995-11-25 13:23 millert
* lsearch.c: now compiles on strict ANSI compilers
1995-11-24 23:56 millert
* check.c: added LONG_SKEY_PROMPT support
1995-11-24 23:55 millert
* Makefile.in: added extra $'s for make to eat up, yum.
1995-11-24 23:38 millert
* OPTIONS, options.h: added LONG_SKEY_PROMPT
1995-11-24 18:48 millert
* check.c: s/key support now works with normal s/key as well as
logdaemon
1995-11-24 18:46 millert
* options.h, OPTIONS: added SKEY_ONLY
1995-11-24 18:46 millert
* compat.h: set _PASSWD_LEN to 256 for any of KERB4, DCE, SKEY
1995-11-24 00:42 millert
* INSTALL: added DCE note added more AIX notes
1995-11-24 00:39 millert
* sudo.c: now include pthread.h for DCE support
1995-11-23 22:22 millert
* check.c: dce_pwent() is ok after all .,
1995-11-23 22:21 millert
* logging.c: now uses SYSLOG() macro that equates to either
syslog() or syslog_wrapper
1995-11-23 21:44 millert
* dce_pwent.c: minor formatting changes. renamed check() to
somthing less generic
1995-11-23 21:27 millert
* check.c, logging.c, parse.yacc, sudo.c, sudo.h, testsudoers.c,
visudo.c: now uses user_pw_ent and simple macros to get at the
contents
1995-11-22 20:35 millert
* check.c: simpler dec unix C2 support
1995-11-22 20:35 millert
* getspwuid.c: now sets crypt_type for DEC unix C2
1995-11-21 18:00 millert
* configure.in: added csops paths for skey
1995-11-21 16:27 millert
* getspwuid.c: now includes string.h for strdup() prototype
1995-11-21 01:47 millert
* getspwuid.c: fixed a few typos
1995-11-20 22:59 millert
* check.c: now includes skey.h
1995-11-20 22:10 millert
* getspwuid.c: fixed up comments
1995-11-20 22:04 millert
* check.c: moved a lot of the shadow passwd crap to sudo_getpwuid()
1995-11-20 22:01 millert
* sudo.c: now uses sudo_pw_ent
1995-11-20 21:50 millert
* testsudoers.c: now uses sudo_pw_ent
1995-11-20 21:40 millert
* visudo.c: now sets sudo_pw_ent
1995-11-20 21:28 millert
* getspwuid.c: Initial revision
1995-11-20 21:28 millert
* tgetpass.c: moved dce stuff into compat.h
1995-11-20 21:27 millert
* sudo.h, logging.c: now uses sudo_pw_ent
1995-11-20 21:27 millert
* Makefile.in: added sudo_getpwuid.c
1995-11-20 21:25 millert
* compat.h: added dce support
1995-11-20 21:13 millert
* parse.yacc: now uses sudo_pw_ent
1995-11-20 14:40 millert
* check.c: fixed exempt_group stuff for OS's that don't put base
gid in group vector
1995-11-20 01:39 millert
* check.c: S/Key support now works with sunos4 shadow passwords
1995-11-19 22:31 millert
* Makefile.in: fixed clean rule
1995-11-19 22:31 millert
* config.h.in, configure.in: added DCE support
1995-11-19 22:30 millert
* tgetpass.c: DCE & KERB support
1995-11-19 22:30 millert
* check.c: first stab at dce support
1995-11-19 22:24 millert
* dce_pwent.c: now smells like sudo
1995-11-19 22:11 millert
* dce_pwent.c: Initial revision
1995-11-19 21:36 millert
* check.c: skey'd sudo now works w/ normal password as well
1995-11-19 18:37 millert
* Makefile.in, OPTIONS, check.c, compat.h, config.h.in,
find_path.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h,
ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c,
options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in,
putenv.c, strdup.c, sudo.c, sudo.h, sudo_setenv.c, testsudoers.c,
tgetpass.c, utime.c, version.h, visudo.c: updated version number
1995-11-19 18:32 millert
* README: updated to reflect version change
1995-11-19 18:27 millert
* configure.in: --with options now line up ++version
1995-11-19 18:26 millert
* sudo.h: removed unecesary S/Key stuff
1995-11-19 18:25 millert
* configure.in: fixed S/Key support
1995-11-19 18:24 millert
* Makefile.in: -I stuff now goes in CPPFLAGS
1995-11-19 18:23 millert
* check.c: fixed SKey support
1995-11-19 15:23 millert
* README: updated version
1995-11-19 13:59 millert
* OPTIONS: fixed description of EXEMPTGROUP
1995-11-19 10:47 millert
* sudo.c: more people use _RLD_ than just alphas...
1995-11-18 21:35 millert
* Makefile.in: replaced $man_prefix with $mandir
1995-11-18 21:30 millert
* configure.in: fixed a typo
1995-11-18 21:28 millert
* Makefile.in: now use more GNU'ish dir names
1995-11-18 21:27 millert
* configure.in: now set *dir correctly (can override from command
line)
1995-11-18 19:17 millert
* sudo.c: now deal with situations where we getwd() fails
1995-11-17 00:37 millert
* Makefile.in: added etc_dir, bin_dir, sbin_dir
1995-11-17 00:37 millert
* configure.in: added sbin_dir
1995-11-16 21:28 millert
* Makefile.in: now ship a flex-generated lex.yy.c
1995-11-16 21:09 millert
* Makefile.in: now sets _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP,
SUDOERS_OWNER
1995-11-16 21:06 millert
* pathnames.h.in: _PATH_SUDO_SUDOERS & _PATH_SUDO_STMP are now
overridden via Makefile
1995-11-16 21:05 millert
* options.h: no more error for redefining SUDOERS_OWNER
1995-11-16 21:05 millert
* OPTIONS: expanded SUDOERS_OWNER section
1995-11-16 03:05 millert
* visudo.c: now warn if chown(2) failed
1995-11-16 02:55 millert
* logging.c: better default warning for NO_SUDOERS_FILE
1995-11-16 02:54 millert
* sudo.c: added missing set_perms() no more cryptic message if the
sudoers file is zero length, now just give a parse error
1995-11-16 02:42 millert
* logging.c: better diagnostics if NO_SUDOERS_FILE
1995-11-16 02:41 millert
* sudo.c: check_sudoers() now catches sudoers files that are not
readable (but are stat'able).
1995-11-13 01:12 millert
* configure.in: now add -D__STDC__ for convex cc (not gcc)
1995-11-13 00:52 millert
* configure.in: MAN_PREFIX -> man_prefix now sets prefix and
exec_prefix
1995-11-13 00:52 millert
* Makefile.in: now uses exec_prefix & prefix from configure
1995-11-13 00:16 millert
* find_path.c, getwd.c, goodpath.c, interfaces.c, logging.c,
parse.c, parse.lex, parse.yacc, sudo.c, sudo.h, sudo_setenv.c,
tgetpass.c, utime.c, visudo.c: options.h is now <> instead of ""
so shadow build trees can have a custom copy of options.h
1995-11-13 00:15 millert
* check.c: user_is_exempt() is no longer a hack, it now uses
getgrnam()
1995-11-12 23:56 millert
* options.h: EXEMPTGROUP is now "sudo"
1995-11-12 22:25 millert
* configure.in: MAN_POSTINSTALL now contains a leading space
1995-11-12 22:25 millert
* Makefile.in: removed leading tab if @MAN_POSTINSTALL@ not defined
now removes testsudoers in clean:
1995-11-12 22:24 millert
* tgetpass.c: includes pwd.h to get _PASSWD_LEN definition
1995-10-30 15:51 millert
* sudo.c: unset the KRB_CONF envariable if using kerberos so we
don't get spoofed into using a bogus server
1995-09-29 17:50 millert
* parse.yacc: now explicately initialize match[] tp be FALSE
1995-09-23 16:48 millert
* sudo.c: removed unused variable now passes -Wall
1995-09-23 16:48 millert
* parse.yacc: yyerror and dumpaliases are now void's now passes
-Wall
1995-09-23 16:48 millert
* parse.lex: added prototype for yyerror
1995-09-23 16:47 millert
* interfaces.c: rmeoved unused cruft now passes -Wall
1995-09-23 16:47 millert
* check.c, logging.c, parse.c: now passes -Wall
1995-09-23 16:46 millert
* Makefile.in: fixed headers that moved to emul dir
1995-09-23 12:05 millert
* logging.c: fixed deref of nil pointer if no args
1995-09-15 19:18 millert
* OPTIONS: added a caveat to FQDN section
1995-09-13 19:48 millert
* Makefile.in: more $srcdir support for install targets
1995-09-13 17:17 millert
* find_path.c, interfaces.c, parse.c, parse.lex, parse.yacc,
putenv.c, strdup.c, sudo.c, sudo_setenv.c, testsudoers.c,
visudo.c: don't include malloc.h if we include stdlib.h
1995-09-12 21:44 millert
* parse.yacc: local search.h now lives in emul
1995-09-12 21:41 millert
* lsearch.c: local search.h now lives in emul
1995-09-12 21:41 millert
* check.c, utime.c: local utime.h now lives in emul dir
1995-09-12 21:38 millert
* Makefile.in: added support for building in other than the
sourcedir
1995-09-10 14:01 millert
* OPTIONS: annotated CSOPS_INSULTS option
1995-09-10 13:56 millert
* TROUBLESHOOTING: updated shadow passwords blurb
1995-09-09 21:00 millert
* sudo.c: if SHELL_IF_NO_ARGS is set, "sudo -- foo" now runs a
shell and passes along foo as the arguments
1995-09-09 18:52 millert
* parse.lex: collapsed pathname and dir sections into one -- its
now less expensive
1995-09-09 18:34 millert
* parse.lex: fixed spacing quoting [,:\\=] now works correctly
append() and fill() now take args to make the above work
1995-09-08 20:51 millert
* sudo.c: fixed a typo that caused commands with no tty on fd 0 but
a tty on fd 1 to erroneously have "none" as their tty
1995-09-04 15:35 millert
* check.c: timestampfile is now a global static removed decl of
timestampfile in remove_timestamp since we can just use the
global one
1995-09-04 15:28 millert
* check.c: created touch() to update timestamps added
USE_TTY_TICKETS support (bit of a kludge)
1995-09-04 15:28 millert
* compat.h: added _S_IFDIR and S_ISDIR
1995-09-04 15:22 millert
* OPTIONS, options.h: added USE_TTY_TICKETS
1995-09-04 00:38 millert
* parse.yacc: removed const from casts for lsearch() & lfind() to
placate irix 4.x C compiler
1995-09-03 14:12 millert
* sudo.c: now only strip '/dev/' off of a tty if it starts with
'/dev/'
1995-09-03 14:12 millert
* pathnames.h.in: added _PATH_DEV
1995-09-03 14:11 millert
* configure.in: AC_HAVE_HEADERS -> AC_CHECK_HEADERS now check for
tcgetattr only if have termios.h
1995-09-03 14:09 millert
* tgetpass.c: fixed incorrect #ifdef termio uses "unsigned short"
not int for c_?flag
1995-09-03 13:19 millert
* parse.lex, parse.yacc: fixed a spelling error
1995-09-03 13:17 millert
* Makefile.in: fixed typo
1995-09-02 12:55 millert
* Makefile.in: fixed a comment
1995-09-02 12:54 millert
* parse.yacc: added dotcat() to cat 2 strings w/ a dot effeciently
now that we dynamically allocate strings they need to be free()'d
1995-09-02 12:46 millert
* parse.lex: dynamically allocates space for strings
1995-09-02 12:34 millert
* sudo.h: no more MAXCOMMANDLENGTH
1995-09-01 22:25 millert
* sudo.h: added decl of tty
1995-09-01 22:25 millert
* logging.c, sudo.c: moved tty stuff into sudo.c
1995-09-01 14:18 millert
* parse.c: fixed a logic bug. Was denying a command if user gave
command line args but there were none in the sudoers file which
is wrong.
1995-09-01 01:18 millert
* sudo.h: MAXCOMMMANDLEN dropped down to 1K
1995-09-01 01:13 millert
* parse.lex: return foo; -> return(foo);
1995-09-01 01:03 millert
* parse.yacc: fixed netgr_matches() prototype
1995-09-01 01:02 millert
* parse.lex: added support for escaping "termination" characters
1995-09-01 00:55 millert
* parse.c: buf is now of size MAXPATHLEN+1 since it never holds
command args
1995-09-01 00:50 millert
* sudo.c: fixed comments
1995-09-01 00:49 millert
* goodpath.c: fixed negation problem (doh!)
1995-09-01 00:25 millert
* parse.yacc: fixed 2nd parameter to lfind()
1995-09-01 00:24 millert
* parse.lex: now do bounds checking in fill() and append()
1995-09-01 00:23 millert
* sudo.c: include netdb.h as we should added a missing void cast
added SHELL_IF_NO_ARGS support now use realloc() properly. would
fail if realloc actually moved the string instead of shrinking it
1995-09-01 00:17 millert
* sample.sudoers: updated with examples of new features
1995-09-01 00:05 millert
* goodpath.c: now set errno to EACCES if not a regular file or not
executable
1995-09-01 00:04 millert
* find_path.c: if given a fully-qualified or relative path we now
check it with sudo_goodpath() and error out with the appropriate
error message if the file does not exist or is not executable
1995-09-01 00:03 millert
* lsearch.c, emul/search.h: now use correct args for lfind
1995-09-01 00:03 millert
* logging.c: added a comment
1995-08-31 23:52 millert
* insults.h: added in CSOps insults
1995-08-31 23:51 millert
* ins_csops.h: Initial revision
1995-08-31 23:35 millert
* tgetpass.c: added RCS id
1995-08-31 22:56 millert
* sudo.h: increased MAXCOMMANDLENGTH to 8k HAVE_GETCWD ->
HAVE_GETWD
1995-08-31 22:55 millert
* OPTIONS: added CLASSIC_INSULTS, CSOPS_INSULTS, SHELL_IF_NO_ARGS
1995-08-31 22:54 millert
* sudo.c: fixed -k load_interfaces() now gets called if FQDN is set
-p now works with -s
1995-08-31 22:54 millert
* parse.c: don't try to stat() "pseudo commands" like "validate"
1995-08-31 22:53 millert
* options.h: added CLASSIC_INSULTS added CSOPS_INSULTS added
SHELL_IF_NO_ARGS
1995-08-31 22:53 millert
* configure.in: added SecurID support added other insults to
--with-csops
1995-08-31 22:52 millert
* config.h.in: added HAVE_SECURID
1995-08-31 22:52 millert
* Makefile.in: added clobber target added ins_csops.h now gets
CFLAGS from configure
1995-08-31 22:46 millert
* aclocal.m4: relaxed SUDO_FULL_VOID
1995-08-31 22:44 millert
* visudo.c: function comment blocks are now in same style as rest
of code
1995-08-31 22:44 millert
* testsudoers.c: added support for command line args in
/etc/sudoers
1995-08-31 22:43 millert
* sudoers.man: updated to have command args in the sudoers file
1995-08-31 22:42 millert
* sudo.man: added -s and -- flags added SHELL to ENVIRONMENT
VARIABLES section
1995-08-19 19:32 millert
* parse.yacc: PATH renamed to COMMAND
1995-08-19 19:31 millert
* parse.lex: it is now a parse error for directories to have args
attached to them
1995-08-19 19:30 millert
* logging.c: now say command args if telling user to buzz off
1995-08-19 19:30 millert
* sudo.c: -s no longer indicates end of args sped up loading on
cmnd_args in load_cmnd()
1995-08-19 19:29 millert
* parse.c: removed an unreachable statement
1995-08-19 17:53 millert
* parse.lex: made more efficient by pulling out the terminators
when in GOTCMND state and making them their own rule
1995-08-14 00:07 millert
* sudo.h: removed MAXLOGLEN since it is no longer used
1995-08-14 00:07 millert
* parse.lex: now allows command args
1995-08-14 00:06 millert
* parse.c: now groks command arguments
1995-08-13 23:39 millert
* logging.c: now sets tty correctly when piped input
1995-08-13 23:35 millert
* sudo.c: fixed loading of cmnd_args (was including command name
too)
1995-08-13 23:34 millert
* logging.c: fixed a core dump due to incorrect if construct
1995-08-13 00:33 millert
* configure.in: only add -lsun is irix < 5 don't look for -lnsl or
-lsocket if irix
1995-08-13 00:33 millert
* aclocal.m4: fixed check for ISC
1995-08-13 00:32 millert
* sudo.c: now sets cmnd_args used by log_error() and that will be
used by the parse to check against command args
1995-08-13 00:32 millert
* sudo.h: added cmnd_args
1995-08-13 00:31 millert
* logging.c: now dynamically allocate logline since we can guess at
its size
1995-08-05 13:52 millert
* logging.c: cleaned up a bunch of unnecesary #ifdef's eliminated a
buffer remove "register" since the compiler knows more than I do
now do a "basename" of the tty
1995-07-31 18:20 millert
* configure.in: ++version
1995-07-30 22:37 millert
* sudo.h: added shell extern changed MODE_* to be bit masks to
allow for several options together
1995-07-30 22:36 millert
* sudo.c: added -s (shell) option made MODE_* masks so we can do
bitwise & and | to see if multiple flags are set.
1995-07-30 22:01 millert
* check.c: added securid support
1995-07-30 14:38 millert
* logging.c: removed a bunch of unnecesary strncpy()'s and replaced
with strcat()
1995-07-29 17:17 millert
* Makefile.in, version.h: ++version
1995-07-27 06:52 millert
* parse.yacc: fixed free() of an uninitialized pointer (yuck)
1995-07-26 22:00 millert
* testsudoers.c: added netgr_matches
1995-07-26 21:29 millert
* parse.c: cleaned up netgr_matches
1995-07-26 00:26 millert
* RUNSON: updated for 1.3.4
1995-07-24 21:51 millert
* Makefile.in: now installs sudoers.man -- really should clean this
up though.
1995-07-24 21:18 millert
* Makefile.in: added sudoers.cat and sudoers.man
1995-07-24 21:15 millert
* sudo.man: pulled out stuff on the sudoers file format into a
separate man page
1995-07-24 21:14 millert
* sudoers.man: Initial revision
1995-07-24 21:04 millert
* HISTORY: fixed up my email address
1995-07-24 20:03 millert
* configure.in: added checks for innetgr and getdomainname
1995-07-24 20:02 millert
* visudo.c: added dummy netgr_matches function
1995-07-24 20:01 millert
* parse.c: added netgr_matches
1995-07-24 20:01 millert
* parse.lex, parse.yacc: added NETGROUP support
1995-07-24 20:01 millert
* config.h.in: added HAVE_INNETGR & HAVE_GETDOMAINNAME
1995-07-24 18:07 millert
* sudo.c: rewrote clean_env() that has rm_env() builtin
1995-07-23 19:58 millert
* check.c: now cast uid to long in sprintf
1995-07-23 19:58 millert
* OPTIONS: added _INSULTS suffix to HAL & GOONS end
1995-07-23 19:57 millert
* options.h: added _INSULTS suffix to HAL & GOONS
1995-07-23 19:35 millert
* ins_2001.h, ins_classic.h, ins_goons.h, insults.h: converted to
new scheme of insult "unions" end
1995-07-23 17:48 millert
* sudo.c: now uses MAX_UID_T_LEN
1995-07-23 17:48 millert
* configure.in: added SUDO_UID_T_LEN !l
1995-07-23 17:48 millert
* config.h.in: added MAX_UID_T_LEN
1995-07-23 17:47 millert
* check.c: now use MAX_UID_T_LEN
1995-07-23 17:47 millert
* aclocal.m4: added check for max len of uid_t fixed sco vs. isc
check
1995-07-19 19:05 millert
* configure.in: corrected version
1995-07-19 17:29 millert
* configure.in: added sco support
1995-07-19 17:29 millert
* aclocal.m4: hack to check for sco
1995-07-18 21:27 millert
* interfaces.c: removed #include <net/route.h> since it was hosing
some OS's
1995-07-18 13:35 millert
* find_path.c: fixed prreadlink() prototype
1995-07-17 23:54 millert
* check.c: added parens in #if's
1995-07-17 23:53 millert
* configure.in: added SPW_ prefix
1995-07-17 23:20 millert
* sudo.h: moved SPW_* to config.h.in
1995-07-17 23:19 millert
* sudo.c: added a set of parens
1995-07-17 23:19 millert
* config.h.in: added SPW_*
1995-07-17 22:50 millert
* sudo.h: added SPW_* reordered error codes
1995-07-17 22:49 millert
* check.c: moved SPW_* to sudo.h
1995-07-17 14:29 millert
* logging.c: GLOBAL_NO_AUTH_ENT -> GLOBAL_NO_SPW_ENT
1995-07-17 14:29 millert
* configure.in: AUTH -> SECUREWARE
1995-07-17 14:29 millert
* check.c, sudo.c: SPW_AUTH -> SPW_SECUREWARE
1995-07-17 00:22 millert
* check.c: now uses SHADOW_TYPE to make shadow pw support more
readable and modular. It's a start...
1995-07-17 00:21 millert
* configure.in: added autodetection of shadow passwords
1995-07-17 00:20 millert
* sudo.c: now uses SHADOW_TYPE define
1995-07-17 00:19 millert
* config.h.in: added SHADOW_TYPE which replaces SUNOS4 & __svr4__
defines
1995-07-17 00:19 millert
* aclocal.m4: added SUDO_CHECK_SHADOW
1995-07-12 17:09 millert
* configure.in: define SVR4 for ISC define BROKEN_SYSLOG for hpux
took out test for memmove() since we dno longer use it...
1995-07-12 17:08 millert
* CHANGES: updated
1995-07-12 17:05 millert
* logging.c: added BROKEN_SYSLOG support
1995-07-12 17:05 millert
* config.h.in: added BROKEN_SYSLOG
1995-07-12 17:04 millert
* check.c: now only bitch it timestamp > time_now + 2 * timeout to
allow for a machine udpating its time from a server
1995-07-12 17:04 millert
* sudo.man: added 2 security notes updated Nieusma's email addr
1995-07-12 14:18 millert
* lsearch.c: changed a memmove() to memcpy() since we don't have to
worry about overlapping segments.
1995-07-11 15:41 millert
* interfaces.c: cleanup up the loop when interfaces are groped in
so that it is readable
1995-07-11 14:52 millert
* Makefile.in, version.h: ++version
1995-07-09 18:17 millert
* CHANGES: annotated 124-126
1995-07-07 16:06 millert
* check.c: fixed permissions check on /tmp/.odus
1995-07-06 19:35 millert
* check.c: fixed some comments
1995-07-06 14:49 millert
* check.c: now checks owner & mode of timedir also checks for bogus
dates on timestamp file
1995-07-06 14:49 millert
* OPTIONS: updated TIMEOUT info
1995-07-06 14:48 millert
* logging.c, sudo.h: added BAD_STAMPDIR and BAD_STAMPFILE
1995-07-06 14:47 millert
* compat.h: added definition of S_IRWXU
1995-07-06 14:47 millert
* CHANGES: updated
1995-07-03 14:16 millert
* interfaces.c: added #ifdef to make it compile on strange arches
1995-07-02 18:13 millert
* aclocal.m4: fixed check for fulkl void impl.
1995-07-02 09:56 millert
* check.c: added mssing "static"
1995-07-01 20:41 millert
* insults.h: replaced #elif with #else #if constructs for ancient C
compilers
1995-07-01 20:18 millert
* INSTALL: updated irix c2 & kerb5 info
1995-07-01 20:15 millert
* configure.in: added shadow pw support for irix
1995-07-01 16:07 millert
* CHANGES: last changes for sudo 1.3.3
1995-07-01 16:07 millert
* TODO, BUGS: updated
1995-07-01 16:04 millert
* configure.in: now calls SUDO_SOCK_SA_LEN
1995-07-01 16:04 millert
* config.h.in: added HAVE_SA_LEN
1995-07-01 16:04 millert
* aclocal.m4: added SUDO_SOCK_SA_LEN
1995-07-01 15:49 millert
* interfaces.c: now works with ip implementations that use sa_len
in sockaddr
1995-07-01 14:26 millert
* INSTALL: added note about buggy AIX compiler
1995-07-01 14:24 millert
* interfaces.c: now include sys/time.h for AIX
1995-06-27 22:35 millert
* Makefile.in: getcwd -> getwd
1995-06-27 21:28 millert
* interfaces.c: now works for ISC and others. yay.
1995-06-26 14:24 millert
* Makefile.in, version.h: version++
1995-06-22 20:26 millert
* aclocal.m4: fixed test for full void impl
1995-06-22 20:25 millert
* sudo.c: now check to see that st_dev is non-zero before assuming
that we are being spoofed
1995-06-20 16:56 millert
* aclocal.m4, configure.in: SUDO_FUNC_UTIME_NULL ->
AC_FUNC_UTIME_NULL
1995-06-19 16:32 millert
* aclocal.m4: fixed include file order for SUDO_FUNC_UTIME_POSIX
1995-06-19 16:10 millert
* logging.c: added cast for ttyname()
1995-06-19 15:23 millert
* configure.in: fixed typo
1995-06-19 15:19 millert
* check.c: now deal correctly with all known variation of utime()
-- yippe
1995-06-19 15:19 millert
* configure.in: added SUDO_FUNC_UTIME_POSIX
1995-06-19 15:19 millert
* aclocal.m4: added SUDO_FUNC_UTIME_NULL and SUDO_FUNC_UTIME_POSIX
1995-06-19 15:14 millert
* config.h.in: added HAVE_UTIME_POSIX
1995-06-19 13:38 millert
* check.c: fixed a typo
1995-06-19 13:29 millert
* check.c: no longer assume !HAVE_UTIME_NULL means old BSD utime()
1995-06-19 13:20 millert
* check.c: fixed fascist C compiler warning
1995-06-18 23:14 millert
* interfaces.c: now set strioctl.ic_timout in STRSET() now
initialize num_interfaces to 0 (just to be anal)
1995-06-18 18:06 millert
* sudo.h: increaed MAXLOGLEN by MAXPATHLEN to account for ttyname
1995-06-18 18:05 millert
* logging.c: added tty logging
1995-06-18 16:04 millert
* interfaces.c: reworked the ISC code
1995-06-18 15:27 millert
* Makefile.in, version.h: updated version
1995-06-18 15:24 millert
* check.c: now expect old-style utime(3) if utime() can't take NULL
as an arg
1995-06-18 15:08 millert
* configure.in: added check for utime.h
1995-06-18 15:08 millert
* config.h.in: added HAVE_UTIME_H
1995-06-18 14:48 millert
* Makefile.in: added CPPFLAGS STATIC_FLAGS -> LDFLAGS
1995-06-18 13:58 millert
* configure.in: now search for kerb libs and includes
1995-06-18 13:03 millert
* check.c: added support for utime(2)'s that can't take a NULL
parameter
1995-06-18 13:03 millert
* utime.c: moved HAVE_UTIME_NULL stuff to update_timestamp() where
t belongs
1995-06-17 20:46 millert
* configure.in: added utime(s) stuff
1995-06-17 20:46 millert
* check.c: now use utime()
1995-06-17 20:46 millert
* config.h.in: added HAVE_UTIME and HAVE_UTIME_NULL
1995-06-17 19:12 millert
* utime.c: now use HAVE_UTIME_NULL
1995-06-17 19:02 millert
* utime.c, emul/utime.h: Initial revision
1995-06-17 18:24 millert
* check.c: need to setuid(0) to make kerb4 stuff work.
1995-06-17 18:14 millert
* tgetpass.c: no more special case for kerberos
1995-06-17 18:13 millert
* config.h.in: took out setreuid and setresuid stuff added kerb5
stuff (use kerb4 emulation)
1995-06-17 18:13 millert
* compat.h: no longer need setreuid() emulation now set _PASSWD_LEN
to 128 if kerberos
1995-06-17 18:12 millert
* check.c: now use private ticket file for kerberos support to
avoid trouncing on system one
1995-06-15 00:48 millert
* sudo.h: added SPOOF_ATTEMPT & cmnd_st
1995-06-15 00:47 millert
* sudo.c: added anti-spoofing support
1995-06-15 00:47 millert
* parse.c: now use global cmnd_st
1995-06-15 00:47 millert
* logging.c: added SPOOF_ATTEMPT suypport
1995-06-14 23:41 millert
* testsudoers.c, visudo.c: added void casts where appropriate
1995-06-14 23:40 millert
* parse.yacc: fixed up spacing and added void casts where
appropriate
1995-06-14 23:27 millert
* sudo.c: fixed problem with "-p prompt" but no args
1995-06-14 04:43 millert
* sudo.man: added BUGS and annotated -l description
1995-06-14 04:43 millert
* sudo.h: validate() now takes a flag
1995-06-14 04:43 millert
* sudo.c: validate() now takes a flag added -l
1995-06-14 04:42 millert
* parse.yacc: added support for -l
1995-06-14 04:41 millert
* parse.c: validate() now takes a flag that says whether or not to
check the command
1995-06-07 21:36 millert
* logging.c: now deals with Argv == 1
1995-06-07 21:34 millert
* sudo.man: added -p option
1995-06-07 21:27 millert
* sudo.c: added prompt support reworked parse_args()
1995-06-07 20:49 millert
* sudo.h: added prompt
1995-06-07 20:49 millert
* options.h: added PASSPROMPT
1995-06-07 20:48 millert
* check.c: now use BUFSIZ as length of kerb password added kpass so
pass is always a char * now use prompt global when asking for a
password
1995-06-07 20:47 millert
* tgetpass.c: now use BUFSIZ as _PASSWD_LEN if using kerberos
1995-06-07 20:43 millert
* OPTIONS: added PASSPROMPT
1995-06-07 01:44 millert
* configure.in: only look for -lufc or -lcrypt if crypt() not in
libc
1995-06-07 01:43 millert
* check.c: don't exit on kerb error, just warn if k_errno ==
KDC_PR_UNKNOWN (unknown user) silently fail
1995-06-06 22:44 millert
* INSTALL: added kerb4 note
1995-06-06 22:43 millert
* tgetpass.c: HAVE_KERBEROS -> HAVE_KERB4
1995-06-06 22:41 millert
* check.c: removed debugging printf
1995-06-06 22:33 millert
* configure.in: KERBEROS -> KERB4 added checks for setreuid &
setresuid
1995-06-06 22:32 millert
* config.h.in: HAVE_KERBEROS -> HAVE_KERB4 added HAVE_SETREUID and
HAVE_SETRESUID
1995-06-06 22:32 millert
* compat.h: added deif of UID_NO_CHANGE & GID_NO_CHANGE added
setreuid emulation with setresuid if applic
1995-06-06 22:31 millert
* check.c: HAVE_KERBEROS -> HAVE_KERB4 now only do the stupid
chown() hack if no setreuid() or a broken one
1995-06-05 23:44 millert
* config.h.in: added HAVE_KERBEROS
1995-06-05 23:43 millert
* tgetpass.c: added KERBEROS support (long passwords)
1995-06-05 23:42 millert
* check.c, configure.in: added kerberos support
1995-06-03 19:36 millert
* sudo.h: added MODE_BACKGROUND
1995-06-03 19:36 millert
* sudo.man: escaped dashes added -b option
1995-06-03 19:34 millert
* sudo.c: added -b option
1995-06-03 18:52 millert
* check.c: added crypt() for osf/1 3.x enhanced secuiry
1995-06-03 18:18 millert
* configure.in: now check for -lcrypt
1995-06-03 18:00 millert
* interfaces.c: added ENXIO like EADDRNOTAVAIL
1995-05-07 23:14 millert
* configure.in: now emulate getwd(), not getcwd()
1995-05-07 23:13 millert
* sudo.c: getcwd() -> getwd()
1995-05-07 23:12 millert
* getwd.c: getcwd -> getwd
1995-05-02 01:34 millert
* ins_2001.h, ins_classic.h, ins_goons.h: Initial revision
1995-05-02 01:34 millert
* insults.h: broke out insults into separate include files
1995-05-02 01:32 millert
* options.h, OPTIONS: added GOONS
1995-05-02 01:32 millert
* Makefile.in: added ins_2001.h ins_classic.h ins_goons.h
1995-05-01 23:34 millert
* Makefile.in, version.h: ++version
1995-05-01 23:34 millert
* visudo.c: moved signal handler setup to setup_signals()
1995-05-01 23:33 millert
* sudo.h: added load_interfaces()
1995-05-01 23:33 millert
* sudo.c: moved load_interfaces to interfaces.c
1995-05-01 23:33 millert
* parse.yacc: added clearaliases
1995-05-01 23:33 millert
* OPTIONS, options.h: added FAST_MATCH
1995-05-01 23:32 millert
* parse.lex: now uses clearaliases variable
1995-05-01 23:31 millert
* interfaces.c: Initial revision
1995-05-01 23:31 millert
* Makefile.in: added interfaces.[co]
1995-05-01 23:30 millert
* testsudoers.c: now uses ip addrs and netmasks via
load_interfaces()
1995-05-01 22:47 millert
* sudo.c: now remove IFS instead of setting to "sane" value
1995-05-01 16:30 millert
* parse.c: added FAST_MATCH
1995-04-29 20:19 millert
* Makefile.in: sudo_goodpath.c-> goodpath.c
1995-04-29 20:15 millert
* sudo.c: added Andy's new ISC changes
1995-04-14 14:06 millert
* OPTIONS: added a sentence to SECURE_PATH info
1995-04-14 13:57 millert
* BUGS: added one
1995-04-14 13:54 millert
* RUNSON, CHANGES: updated
1995-04-13 17:04 millert
* RUNSON: updated for beta3
1995-04-13 14:32 millert
* Makefile.in, version.h: ++version
1995-04-13 13:56 millert
* aclocal.m4: sendmail is now looked for in /usr/ucblib
1995-04-13 13:54 millert
* sudo.c: fixed indentation
1995-04-13 13:35 millert
* aclocal.m4: fixed a typo
1995-04-13 13:19 millert
* sudo.c: updated ISC mods
1995-04-13 13:19 millert
* configure.in: added unixware case
1995-04-13 13:19 millert
* check.c: user_is_exempt is no longer hidden
1995-04-13 13:19 millert
* RUNSON: updated
1995-04-13 13:19 millert
* aclocal.m4: isc and riscos changes
1995-04-13 13:18 millert
* OPTIONS: added NOTE about new interaction of EXEMPTGROUP and
SECURE_PATH
1995-04-13 13:18 millert
* Makefile.in: fixed a typo and added testsudoers stuff
1995-04-13 12:34 millert
* testsudoers.c: Initial revision
1995-04-12 19:31 millert
* parse.yacc: applied fixed patch from Chris
1995-04-11 14:30 millert
* Makefile.in: fixed a typo
1995-04-11 14:14 millert
* parse.yacc: added a set of braces for bison
1995-04-11 14:01 millert
* parse.yacc: merged in Chris' changes to dekludge the parser.
1995-04-11 00:38 millert
* logging.c: send_mail() was calling find_path() which is wrong
since find_path() stores cmnd in a static var. Anyhow, it
doesn't make much sense since MAILER should always be fully
qualified
1995-04-10 19:51 millert
* sample.sudoers: added User_Alias stuff
1995-04-10 19:50 millert
* aclocal.m4: SUDO_NEXT now looks for
/usr/lib/NextStep/software_version
1995-04-10 19:50 millert
* RUNSON: added DEC UNIX 3.0 w/ gcc
1995-04-10 19:49 millert
* visudo.c: Exit was being used in places where exit should be used
1995-04-10 19:44 millert
* sudoers: added "User alias specification"
1995-04-10 18:04 millert
* parse.yacc: fixed probs caused by making nslots and naliases a
size_t
1995-04-10 15:09 millert
* RUNSON: added KSR, upped rev to 1.3.1b2
1995-04-10 15:07 millert
* logging.c, parse.yacc: 1024 -> BUFSIZ
1995-04-10 15:05 millert
* parse.yacc: void * -> VOID * naliases and nslots are now size_t
to appease lsearch on 64-bit machines
1995-04-09 19:30 millert
* TODO: did a bunch of things and added a bunch :-)
1995-04-09 19:30 millert
* PORTING: updated
1995-04-09 19:24 millert
* visudo.man: closer to BSD manpage style
1995-04-09 19:15 millert
* sudo.man: closer to standard BSD man format
1995-04-09 18:58 millert
* compat.h, config.h.in, insults.h, options.h, pathnames.h.in,
sudo.h, version.h, emul/search.h: added RCS id
1995-04-09 17:35 millert
* sudo.h: removed crufty #defines that are no longer used
1995-04-09 17:13 millert
* BUGS: fixed a bug
1995-04-09 17:12 millert
* sudo.man: updated based on sudo changes
1995-04-09 17:11 millert
* parse.yacc: now allow ALL keyword in User_Aliases now allow ALL
keyword as well as a NAME or ALIAS
1995-04-09 17:11 millert
* CHANGES: updated
1995-04-09 17:04 millert
* sudo.c: now sets SUDO_COMMAND and SUDO_GID envariables.
1995-04-09 15:24 millert
* aclocal.m4: fixed bug with full void impl check
1995-04-08 23:11 millert
* parse.yacc: fixed User_Alias supoprt
1995-04-08 22:27 millert
* parse.yacc: added stubs for User_Alias support
1995-04-08 22:27 millert
* sudo.c: now sets removes # bogus interfaces from num_interfaces
1995-04-08 22:26 millert
* parse.lex: added User_Alias support
1995-04-07 21:10 millert
* Makefile.in: removed extraneous TODO
1995-04-07 19:48 millert
* visudo.c: ntwk_matches -> addr_matches
1995-04-07 15:38 millert
* parse.yacc: ntwk_matches -> addr_matches
1995-04-07 15:37 millert
* parse.c: ntwk_matches -> addr_matches now use inet_addr() not
inet_network() (which expects octet boundaries) fixes for OSF
(sizeof(int) != sizeof(long))
1995-04-07 15:08 millert
* sudo.c: took out debugging info
1995-04-06 23:45 millert
* aclocal.m4: OS was being set to unknown before non-uname based
host checks. This caused no checks to happen since $OS was not
zero-length.
1995-04-06 23:30 millert
* sudo.c: fixed loading of interfaces struct still has debugging
info in though
1995-04-06 22:23 millert
* parse.c: fixed typo
1995-04-06 16:17 millert
* Makefile.in: ++version
1995-04-06 16:16 millert
* version.h: ++
1995-04-06 16:16 millert
* visudo.c: removed extraneous extern decl of "top
1995-04-06 16:14 millert
* visudo.c: now zeros "top"
1995-04-06 16:13 millert
* parse.yacc: removed parser_cleanup (no need for it now)
1995-04-06 16:13 millert
* parse.lex: now calls reset_aliases() directly
1995-04-04 18:21 millert
* OPTIONS: added a sentence to SECURE_PATH description
1995-04-04 18:17 millert
* parse.c: fixed my stupid bug where I used NAMLEN on something I
wanted to just get the name from. argh.
1995-04-03 16:58 millert
* lsearch.c: fixed argument order of memmove() that i hosed when
converting from bcopy(). arghh.
1995-04-03 15:33 millert
* Makefile.in: finally fixed DISTFILES line
1995-04-03 15:21 millert
* Makefile.in: tabs -> spaces
1995-04-03 15:15 millert
* Makefile.in: added missing files to DISTFILES
1995-04-03 14:50 millert
* Makefile.in: SUPPORTED -> RUNSON
1995-04-01 03:12 millert
* TODO: updated
1995-04-01 01:54 millert
* RUNSON: updated for pl5b1 release
1995-04-01 01:53 millert
* BUGS, TODO: updated
1995-04-01 01:52 millert
* check.c: fixed bug where if you hit return at first sudo prompt
it would still log as a failure
1995-04-01 01:29 millert
* CHANGES: updated
1995-04-01 01:25 millert
* aclocal.m4: better test for bogus void * implementation
1995-03-31 20:33 millert
* logging.c: added PASSWORDS_NOT_CORRECT
1995-03-31 20:32 millert
* check.c: added PASSWORDS_NOT_CORRECT stuff]
1995-03-31 20:30 millert
* sudo.h: added PASSWORDS_NOT_CORRECT
1995-03-31 19:16 millert
* tgetpass.c: moved pathnames.h
1995-03-31 19:16 millert
* sudo.c: removed some unused vars and fixed up uid2str
1995-03-31 19:15 millert
* putenv.c: moved compat.h
1995-03-31 19:14 millert
* getcwd.c, getwd.c: added pathnames.h
1995-03-31 18:18 millert
* parse.yacc: fixed a typo I introduced in the last checkin :-(
1995-03-31 18:11 millert
* parse.lex: can't have #ifdef's where N is defined so just do this
the broken way for AIX
1995-03-31 18:08 millert
* parse.yacc: better hack from Chris (but still a hack)
1995-03-31 18:05 millert
* parse.lex: stupid hack for broken aix lex
1995-03-31 17:47 millert
* tgetpass.c: now includes compat.h
1995-03-31 17:27 millert
* visudo.c: now includes fcntl.h
1995-03-31 17:27 millert
* compat.h: added FD_SET and FD_ZERO for 4.2BSD
1995-03-31 16:12 millert
* parse.yacc: dirty hack to fix parser bug. i don't really like
this but it works for now...
1995-03-31 16:12 millert
* sudo.c: uid2str is now static like the prototype says
1995-03-29 23:48 millert
* RUNSON: Initial revision
1995-03-29 23:47 millert
* TODO, CHANGES, SUPPORTED, TROUBLESHOOTING: updated
1995-03-29 23:46 millert
* sudo.c: check_sudoers now returns an error code and sudo calls
inform_user and log_error based on the return value.
1995-03-29 23:45 millert
* logging.c, sudo.h: added entries for new errors
1995-03-29 23:03 millert
* parse.c: now set uid to that of SUDOERS_OWNER while parsing
sudoers file
1995-03-29 22:52 millert
* Makefile.in: took out testsudoers
1995-03-29 22:36 millert
* sudo.c: now explicately checks that it is setuid root
1995-03-29 22:28 millert
* sudo.c: If a user has no passwd entry sudo would segv (writing to
a garbage pointer). Now allocate space before writing :-)
1995-03-29 22:06 millert
* configure.in: reordered AC_CHECK_FUNCS
1995-03-29 22:06 millert
* config.h.in: fixed memset macro
1995-03-29 21:47 millert
* logging.c: bzero -> memset when a parse error is logged the line
number of the error is now logged too
1995-03-29 21:46 millert
* tgetpass.c, visudo.c: bzero -> memset
1995-03-29 21:46 millert
* INSTALL: added Sunos to blurb about c2 security
1995-03-29 21:45 millert
* configure.in: added a SUN4 define for C2 security
1995-03-29 21:44 millert
* config.h.in: bcopy -> memmove bzero -> memset
1995-03-29 21:43 millert
* lsearch.c: bcopy -> memmove char * -> VOID *
1995-03-29 21:30 millert
* check.c: added support for sunos with C2 security
1995-03-29 21:12 millert
* OPTIONS, options.h: reordered
1995-03-29 21:12 millert
* pathnames.h.in: _PATH_SUDO_LOGFILE now set based on configure
1995-03-29 21:12 millert
* configure.in: added SUDO_LOGFILE and SUDO_TYPE_SIZE_T
1995-03-29 21:12 millert
* config.h.in: added _SUDO_PATH_LOGFILE
1995-03-29 21:11 millert
* aclocal.m4: added SUDO_LOGFILE to find where to put sudo.log
added SUDO_CHECK_TYPE (just AC_CHECK_TYPE but checks unistd.h
too) added SUDO_TYPE_SIZE_T (calls SUDO_CHECK_TYPE)
1995-03-29 18:17 millert
* TROUBLESHOOTING: Initial revision
1995-03-29 17:59 millert
* sudo.c: now do set_perms(PERM_ROOT) before the getpwuid() in
load_global() to work around a problem is trusted hpux shadow
passwords. yuck.
1995-03-29 17:41 millert
* parse.yacc: backed out a change in malloc/realloc
1995-03-29 17:38 millert
* parse.yacc: now include stdlib.h
1995-03-29 17:22 millert
* visudo.c: now do an freopen() of the stmp file so that yyin will
always point to the same thing. This is important for flex since
we are doing a YY_NEWFILE
1995-03-29 17:20 millert
* parse.yacc: replaced yywrap() with parser_cleanup() since
yywrap() needs to be in parse.lex to be able to use YY_NEW_FILE.
sigh.
1995-03-29 17:18 millert
* parse.lex: now have a rule that matches anything that doesn't
match an explicite rule. well, you know what i mean (. matches
anything not yet matched). However, this means that there is
input still queued up so we need to do a YY_NEW_FILE; in yywrap.
So, yywrap has moved into parse.lex and it calls parser_cleanup()
which is most of the old yywrap() sigh.
1995-03-29 17:17 millert
* SUPPORTED: no longer used
1995-03-29 16:13 millert
* getcwd.c, getwd.c: moved compat.h to be the last include file
1995-03-29 16:11 millert
* parse.yacc: fixed type of aliascmp() args
1995-03-29 15:58 millert
* find_path.c: NULL -> '\0'
1995-03-29 15:42 millert
* parse.yacc: added casts to lfind and lsearch args for irix
1995-03-29 08:20 millert
* Makefile.in: bsdinstall -> install-sh
1995-03-29 08:20 millert
* INSTALL: added info about make realclean
1995-03-29 08:17 millert
* Makefile.in: updated VERSION added dependencies for visudo.cat
1995-03-29 08:17 millert
* version.h: -> pl5b1
1995-03-29 08:16 millert
* sudo.c: took out -l
1995-03-29 00:03 millert
* Makefile.in: now there is a real visudo.man and visudo.cat
1995-03-28 23:54 millert
* sudo.man: took out visudo stuff
1995-03-28 23:54 millert
* visudo.man: Initial revision
1995-03-28 23:12 millert
* parse.c, parse.lex, parse.yacc: updated copyright
1995-03-28 23:05 millert
* README: updated for pl5
1995-03-28 20:02 millert
* sudo.man: updated Nieusma & Hieb email addresses
1995-03-28 19:57 millert
* INSTALL: updated to include options.h and OPTIONS
1995-03-28 19:35 millert
* CHANGES, TODO: updated
1995-03-28 19:35 millert
* BUGS: eliminated bug #1 (yay)
1995-03-28 19:31 millert
* configure.in: sunos no longer gets linked statically
1995-03-28 18:58 millert
* parse.lex: prototype now uses __P()
1995-03-28 18:49 millert
* parse.lex: make fill() non-ansi
1995-03-28 15:26 millert
* parse.c: made -v (validate) work
1995-03-28 15:26 millert
* logging.c: now gives host
1995-03-28 10:34 millert
* find_path.c: don't check for execute/statable if fq or relative
path given
1995-03-28 01:07 millert
* parse.c: added a cast
1995-03-28 00:49 millert
* visudo.c: now include ctype.h for islower and tolower macros
1995-03-28 00:48 millert
* goodpath.c: moved _S_IFMT & _S_ISREG to compat.h
1995-03-28 00:48 millert
* sudo.c: moved a set of parens
1995-03-28 00:48 millert
* strdup.c: now include compat.h
1995-03-28 00:47 millert
* parse.yacc: now cast malloc & realloc return vals added search
for HAVE_LSEARCH now use strcmp if no strcasecmp available
1995-03-28 00:46 millert
* lsearch.c, emul/search.h: void * -> VOID *
1995-03-28 00:45 millert
* config.h.in: removed HAVE_FLEX added VOID added HAVE_DIRENT_H,
HAVE_SYS_NDIR_H, HAVE_SYS_DIR_H, HAVE_NDIR_H added HAVE_LSEARCH
1995-03-28 00:44 millert
* compat.h: added _S_IFMT, _S_IFREG, and S_ISREG
1995-03-28 00:44 millert
* aclocal.m4: took out SUDO_PROG_INSTALL 1.x to 2.x changes added
echo and results to most SUDO_* macros
1995-03-28 00:43 millert
* Makefile.in: no more -I.
1995-03-28 00:22 millert
* configure.in: various 1.x ro 2.x autoconf changes now check for
strcasecmp now use AC_INSTALL_PROG instead of custom one added
check for fully woorking void implementation
1995-03-28 00:02 millert
* Makefile.in: added lsearch & search.h visudo links into
$(LIBOBJS)
1995-03-27 23:43 millert
* aclocal.m4: partial 1.x to 2.x changes added SUDO_FULL_VOID
1995-03-27 23:40 millert
* visudo.c: whatnow_help was prototyped to be static be was not
declared as such
1995-03-27 21:15 millert
* configure.in: autoconf 2.x changes took out HAVE_FLEX (no longer
used) added check for dirent/dir/ndir.h
1995-03-27 21:09 millert
* parse.c: now use groovy gnu autoconf macro AC_HEADER_DIRENT
1995-03-27 20:38 millert
* getcwd.c, getwd.c: MAXPATHLEN -> MAXPATHLEN+1
1995-03-27 20:23 millert
* emul/search.h, lsearch.c: Initial revision
1995-03-27 18:26 millert
* parse.yacc: eliminated bison warnings
1995-03-27 17:10 millert
* parse.lex: added missing case
1995-03-27 17:04 millert
* visudo.c: now iincludes signal.h
1995-03-27 15:16 millert
* parse.yacc: only clear data structures on a parse error
1995-03-27 15:01 millert
* visudo.c: whatnow() now gives help on invalid input
1995-03-27 14:54 millert
* visudo.c: added a whatnow() function (sort of like mh)
1995-03-27 14:53 millert
* parse.yacc: kill_aliases -> reset_aliases yywrap() now cleans up
by calling reset_aliases() and clearing top took reset stuff out
of yyerror() since it doesn't beling there (and doesn't work
anyway). errorlineno is now initially set to -1 so we can set it
to the first error that occurrs (it was getting set to the last)
1995-03-27 14:53 millert
* parse.lex: added a void cast
1995-03-27 13:26 millert
* visudo.c: rewrote from scratch based on 4.3BSD vipw.c
1995-03-26 01:33 millert
* sudo.c, sudo.h: removed ocmnd
1995-03-26 01:19 millert
* sudo.h: no more sudo_realpath() and find_path() changed params
1995-03-26 01:19 millert
* sudo.c: find_path() changed since no more realpath()
1995-03-26 01:18 millert
* parse.yacc: on error, errorlineno is set to the line where the
error occurred added kill_aliases() to free the aliases struct
now clean up in yyerror() so we can reparse cleanly
1995-03-26 01:17 millert
* logging.c: changed to use new find_path()
1995-03-26 01:17 millert
* options.h, parse.c: no more USE_REALPATH
1995-03-26 01:16 millert
* find_path.c: removed all the realpath() stuff
1995-03-26 01:16 millert
* Makefile.in: sudo_realpath.c -> sudo_goodpath.c
1995-03-26 01:12 millert
* visudo.c: now works correctly with utk parser
1995-03-26 00:04 millert
* goodpath.c: Initial revision
1995-03-25 23:23 millert
* sudo_realpath.c: eliminated a compiler warning
1995-03-25 21:56 millert
* sudo.c: elinated compiler warning
1995-03-25 20:40 millert
* sudo_realpath.c: added sudo_goodpath()
1995-03-25 20:40 millert
* sudo.h: added prototype for sudo_goodpath
1995-03-25 20:39 millert
* parse.c: added support for /sys/dir.h
1995-03-25 20:39 millert
* options.h: USE_REALPATH turned off
1995-03-25 20:39 millert
* find_path.c: added calls to sudo_goodpath()
1995-03-25 20:39 millert
* configure.in: added check for dirent.h
1995-03-25 20:38 millert
* config.h.in: added HAVE_DIRENT_H
1995-03-25 19:27 millert
* configure.in: added in linux shadow pass stuff
1995-03-24 14:43 millert
* visudo.c: added back host, user, cmnd, parse_error
1995-03-24 14:19 millert
* visudo.c: added in utk changes plus some minor cosmetic changes
1995-03-24 14:17 millert
* sudo.c, sudo_realpath.c: added void casts for printf's
1995-03-24 14:17 millert
* options.h: added a define of USE_REALPATH
1995-03-24 14:17 millert
* configure.in: there is no more visudoers/Makefile
1995-03-24 14:16 millert
* Makefile.in: added in utk changes (visudo is now built from the
toplevel)
1995-03-24 14:15 millert
* find_path.c: added (void) casts to printf's
1995-03-23 22:32 millert
* parse.c, parse.lex, parse.yacc, sudo.h, sudo_realpath.c: merged
in utk changes
1995-03-22 23:13 millert
* find_path.c: now check to see that what we are trying to run is a
file (or a link to a file, we do a stat(2) so there is no diff)
1995-03-13 15:56 millert
* CHANGES: updated
1995-03-13 15:56 millert
* Makefile.in: aclocal.m4 -> acsite.m4 make realclean updated for
new autoconf
1995-03-13 15:11 millert
* sudo.man: added myself as maintainer
1995-02-16 23:31 millert
* sudo.c: changed setegid -> setgid
1995-02-06 17:43 millert
* configure.in: fixed the test for irix 5.x to skip bad libs
1995-02-06 17:43 millert
* aclocal.m4: now initialize OS and OSREV
1995-01-26 20:52 millert
* configure.in: irix5 changes
1995-01-26 20:28 millert
* configure.in: AC_WITH -> AC_ARG_WITH changes other misc changes
for autoconf 2.1 compatibility
1995-01-18 19:49 millert
* visudo.c: use YY_NEW_FILE, not yyrestart since OSF flex doesn't
do the righ thing wrt yyrestart (grrrr)
1995-01-16 18:44 millert
* Makefile.in: added visudoers/compat.h to DISTFILES
1995-01-16 17:01 millert
* configure.in: fixed an echo
1995-01-16 16:36 millert
* sudo.c: added ocmnd declaration adjusted for find_path()'s new
parameters
1995-01-16 16:35 millert
* sudo.h: added ocmnd extern adjusted find_path() prototype
1995-01-16 16:34 millert
* parse.c: cmndcmp() now takes 3 arguments and checks against the
qualified as well as the unqualified pathname. more code that
should use cmndcmp() but did not, now does
1995-01-16 16:34 millert
* options.h: added to a comment
1995-01-16 16:33 millert
* logging.c: changed to use new find_path() parameter passing
1995-01-16 16:32 millert
* find_path.c: find_path() now takes 2 copyout parameters (one for
the qualified pathname and one for the unqualified pathname).
The third parameter may be NULL.
1995-01-16 16:31 millert
* configure.in: no longer munge pathnames.h
1995-01-16 16:30 millert
* pathnames.h.in: changed _PATH_* to use _SUDO_PATH_* (which are
defined in config.h) as a result, pathnames.h does not need to be
run through configure and the user can override the configured
values easily.
1995-01-16 16:30 millert
* config.h.in: added _SUDO_PATH_* entries
1995-01-16 16:30 millert
* aclocal.m4: _PATH* -> _SUDO_PATH_*
1995-01-16 16:28 millert
* Makefile.in: updated DISTFILES and HDRS .o's now depend on
config.h
1995-01-13 12:52 millert
* compat.h: removed extraneous #endif
1995-01-13 12:48 millert
* aclocal.m4: added SUDO_PROG_MV
1995-01-13 12:47 millert
* configure.in: added SUDO_PROG_MV added riscos and isc os types
took out -DSHORT_MESSAGE from --with-csops since it is now the
default
1995-01-13 12:46 millert
* sudo.c: move the include of id.h to compat.h now includes
options.h
1995-01-13 12:45 millert
* sudo.h: moved compatibility #defines to compat.h
1995-01-13 12:45 millert
* pathnames.h.in: added _PATH_MV
1995-01-13 12:43 millert
* config.h.in: move __P to compat.h
1995-01-13 12:39 millert
* getcwd.c, getwd.c, putenv.c: now includes compat.h
1995-01-13 12:39 millert
* compat.h: Initial revision
1995-01-11 19:11 millert
* sudo.h: pull user-configurable stuff out and put in options.h
1995-01-11 18:43 millert
* check.c, find_path.c, logging.c, parse.c, sudo_realpath.c,
sudo_setenv.c, parse.lex, parse.yacc, visudo.c: now includes
options.h
1995-01-11 18:41 millert
* Makefile.in: added visudoers/options.h
1995-01-11 18:40 millert
* options.h, OPTIONS: Initial revision
1995-01-11 18:39 millert
* Makefile.in: added OPTIONS and options.h
1995-01-11 18:36 millert
* logging.c: changed #ifdef's to use LOGGING and
SLOG_SYSLOG/SLOG_FILE
1995-01-11 11:02 millert
* check.c, sudo.h: changed PASSWORD_TIMEOUT to minutes
1994-12-17 18:18 millert
* visudo.c: now only do Editor +line_num if line_num != 0
1994-12-15 21:06 millert
* visudo.c: now use mv if rename(2) fails
1994-12-15 20:32 millert
* BUGS: added a visudo bug
1994-12-15 19:46 millert
* check.c: expanded comment
1994-11-12 18:33 millert
* check.c: fixed user_is_exempt to return 0 if EXEMPTGROUP is not
set
1994-11-09 19:49 millert
* sudo.c: added mips & isc support
1994-11-09 19:49 millert
* parse.c: added support for non-root owned sudoers file
1994-11-09 19:48 millert
* check.c: added exempt group support
1994-11-09 19:47 millert
* sudo.h: added set_perms() support added SUDOERS_OWNER so can have
non-root own sudoers file added exempt group support added isc
support
1994-11-09 19:46 millert
* visudo.c: now copy sudoers to temp file via read/write (not
stdio) now chown new sudoers file to SUDOERS_OWNER
1994-11-07 20:40 millert
* configure.in: added skey support
1994-11-07 20:39 millert
* sudo.h: fixed typo added set_perms support added skey support
added seteuid()/setegid() emulation for AIX
1994-11-07 20:38 millert
* sudo.c: be_* -> setperms() now check to make sure sudoers file is
owned by root nread/write by only root
1994-11-07 20:38 millert
* logging.c, parse.c, sudo_realpath.c: be_* -> setperms()
1994-11-07 20:38 millert
* check.c: be_* -> set_perms() added skey support
1994-11-06 18:59 millert
* Makefile.in: ++version
1994-11-06 18:59 millert
* version.h: ++
1994-10-21 13:16 millert
* sudo.c: now sets IFS
1994-10-21 12:02 millert
* insults.h: fixed typo
1994-10-15 15:48 millert
* config.h.in: added HAVE_SKEY
1994-10-04 13:00 millert
* CHANGES: updated
1994-10-04 12:57 millert
* Makefile.in: ++version
1994-10-04 12:57 millert
* version.h: ++
1994-10-04 12:56 millert
* sudo.c: now bail if ARgv[1] > MAXPATHLEN
1994-10-04 12:56 millert
* configure.in: added function check for tcgetattr(3)
1994-10-04 12:55 millert
* config.h.in: only define HAVE_TERMIOS_H if you have tcgetattr(3)
1994-10-04 12:53 millert
* config.h.in: added check for tcgetattr
1994-09-26 17:38 millert
* CHANGES: updated
1994-09-22 13:30 millert
* parse.lex: now only include unistd.h for linux
1994-09-21 14:29 millert
* Makefile.in: added visudo.8 generation
1994-09-21 14:07 millert
* configure.in: added -Wl,-bI:./aixcrypt.exp to aix flags
1994-09-20 19:39 millert
* BUGS: added one
1994-09-20 19:39 millert
* CHANGES: updated
1994-09-20 19:38 millert
* README: added mailing list info
1994-09-20 19:37 millert
* parse.yacc: now use sudolineno instead of yylineno fixed bison
warnings
1994-09-20 19:37 millert
* configure.in: now use -no_library_replacement for osf don't make
a static binary for hpux >= 9.0
1994-09-20 19:21 millert
* tgetpass.c: added string.h/strings.h inclusion
1994-09-20 19:21 millert
* config.h.in: added ssize_t def
1994-09-20 19:18 millert
* parse.lex: added inclusion of string.h/strings.h
1994-09-20 18:48 millert
* aclocal.m4: fixed uname | sed (needed to quote the '[')
1994-09-20 18:42 millert
* parse.lex: replaced yylineno with sudolineno fixed bison syntax
errors
1994-09-20 18:13 millert
* visudo.c: changed yylineno to sudolineno since yylineno cannot be
counted upon.
1994-09-20 18:10 millert
* TODO: updated
1994-09-20 17:52 millert
* parse.c: added code to support command listings
1994-09-20 17:36 millert
* sudo.c: added code for -l flag
1994-09-20 17:35 millert
* sudo.man: fixed typo added info for -l flag
1994-09-20 14:45 millert
* configure.in: AC_SSIZE_T -> SUDO_SSIZE_T
1994-09-20 14:45 millert
* aclocal.m4: added SUDO_SSIZE_T
1994-09-20 14:44 millert
* sudo.h: added MODE_LIST
1994-09-20 14:43 millert
* configure.in: added AC_SSIZE_T
1994-09-19 20:53 millert
* find_path.c, sudo_realpath.c: readlink() is now declared as
returning ssize~_t
1994-09-19 20:44 millert
* configure.in: added -laud for OSF c2
1994-09-02 15:55 millert
* config.h.in, parse.lex, parse.yacc, pathnames.h.in, visudo.c,
Makefile.in: changed sudo-bugs.cs.colorado.edu ->
sudo-bugs@cs.colorado.edu
1994-09-02 15:54 millert
* check.c, find_path.c, getcwd.c, getwd.c, insults.h, logging.c,
parse.c, putenv.c, strdup.c, sudo.c, sudo.h, sudo_realpath.c,
sudo_setenv.c, tgetpass.c, version.h: changed
sudo-bugs.cs.colorado.edu -> sudo-bugs@cs.colorado.ed
1994-09-01 15:56 millert
* Makefile.in: ++version
1994-09-01 15:55 millert
* version.h: ++
1994-09-01 15:55 millert
* logging.c: added host to alertmail messages
1994-09-01 15:55 millert
* CHANGES, TODO: udpated
1994-09-01 15:26 millert
* logging.c: fixed logging problem where mail would not say which
user it was
1994-09-01 13:45 millert
* configure.in: added -laud for gcc if osf & c2
1994-09-01 13:39 millert
* check.c: moved set_auth_parameters to sudo.c
1994-09-01 13:38 millert
* sudo.c: added set_auth_parameters for osf
1994-09-01 13:22 millert
* configure.in: cleaned up -static stuff
1994-09-01 13:15 millert
* Makefile.in: ++version
1994-09-01 13:15 millert
* version.h: ++
1994-09-01 13:15 millert
* sudo.c: changed setenv() to sudo_setenv()
1994-09-01 13:12 millert
* check.c: fixed osf problem
1994-08-31 22:17 millert
* configure.in: added OSF C2 stuff
1994-08-31 22:00 millert
* CHANGES: updated
1994-08-31 21:56 millert
* check.c: added osf auth support & removed some extra spaces
1994-08-31 21:52 millert
* INSTALL, SUPPORTED: added osf C2 stuff
1994-08-31 19:52 millert
* TODO: added 2 suggestions
1994-08-31 19:33 millert
* Makefile.in: removed README.v1.3.1 and added VERSION stuff
1994-08-31 18:48 millert
* version.h: pl1
1994-08-30 18:31 millert
* version.h: 1.3.1final
1994-08-30 18:30 millert
* Makefile.in: added HISTORY
1994-08-30 18:30 millert
* sudo.man: mention HISTPRY file
1994-08-30 18:30 millert
* sudo.c: use sizeof instead of a constant in 1 place
1994-08-30 18:30 millert
* parse.yacc: added unistd.h
1994-08-30 18:29 millert
* parse.lex: added unistd.h
1994-08-30 18:27 millert
* README: udpated
1994-08-30 18:15 millert
* HISTORY: Initial revision
1994-08-17 12:45 millert
* version.h: ++
1994-08-17 12:39 millert
* CHANGES: updated
1994-08-17 12:36 millert
* sudo_setenv.c: added unistd.h include
1994-08-16 15:46 millert
* sudo.c: added sys/time.h for AIX
1994-08-14 21:22 millert
* configure.in: added check for -lsocket and sys/sockio.h
1994-08-14 21:21 millert
* config.h.in: took out libshadow check and added in sys/sockio.h
check
1994-08-14 21:21 millert
* sudo.c: now include sockio.h instead of ioctl.h if it exists
"sudo -" now gets a better error message
1994-08-14 20:47 millert
* sample.sudoers: now has a dir and subnet entry
1994-08-13 18:15 millert
* sudo.c: removed if_ether.h
1994-08-13 17:16 millert
* TODO: added an item
1994-08-13 17:15 millert
* sudo.man: added network and ip addresses to man page
1994-08-13 17:09 millert
* sudo.c: no error if can't get interfaces or netmask since
networking may not be in the kernel.
1994-08-13 17:08 millert
* parse.c: nwo check for interfaces == NULL
1994-08-12 21:22 millert
* parse.c: fixed a bug that caused directory specs in a Cmnd_Alias
to fail if the last entry in the spec failed (ie: it was only
looking at the last entry). CLeaned things up by adding the
cmndcmp() function--all neat & tidy
1994-08-12 21:21 millert
* CHANGES: added one
1994-08-11 23:42 millert
* sudo.c: now do two passes to skip bogus interfaces (lo0, etc)
1994-08-11 21:58 millert
* logging.c, sudo_realpath.c, sudo_setenv.c: added ninclude of
netinet/in.h
1994-08-11 21:58 millert
* check.c, find_path.c, getcwd.c, getwd.c, parse.lex, parse.yacc,
visudo.c: added include of netinet/in.h
1994-08-11 21:57 millert
* version.h: ++
1994-08-11 21:57 millert
* sudo.h: added interfaces global
1994-08-11 21:56 millert
* parse.c: now uses new interfaces global
1994-08-11 21:56 millert
* sudo.c: now ip addresses are gleaned fw/o dns
1994-08-10 19:21 millert
* sudo.c: added load_ip_addrs() to load the ip_addrs global var
1994-08-10 19:21 millert
* parse.c: added hostcmp() to compare hostnames, ip addrs, and
network addrs
1994-08-10 19:20 millert
* sudo.h: added ip_addrs def added load_ip_addrs prototype
1994-08-08 16:03 millert
* CHANGES: updated
1994-08-08 15:57 millert
* Makefile.in: removed multiple entries in DISTFILES
1994-08-08 13:05 millert
* visudo.c: ansified the !STDC_HEADERS decls
1994-08-08 13:05 millert
* find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c: don't do
malloc decl if gnuc
1994-08-08 13:04 millert
* sudo.c: can't use getopt(3) since it munges args to the command
to be run as root don't do malloc decl if gnuc
1994-08-08 00:41 millert
* find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c, sudo.c,
sudo_realpath.c, sudo_setenv.c: ansi-fied !STDC_HEADER function
prottypes
1994-08-08 00:27 millert
* getcwd.c, getwd.c: added missing paren
1994-08-08 00:23 millert
* Makefile.in: added putenv.c to DISTFILES
1994-08-08 00:08 millert
* sudo_setenv.c: added params to func decls when STDC_HEADERS is
not defined now can count on putenv() being there
1994-08-08 00:08 millert
* sudo_realpath.c: took out errno decl since sudo.h does it for us
fixed up a next cc warning added params to func decls when
STDC_HEADERS is not defined
1994-08-08 00:07 millert
* sudo.h: took out environ extern added local declaratio of
putenv() if local version is needed
1994-08-08 00:05 millert
* find_path.c, getcwd.c, getwd.c, strdup.c, sudo.c: added params to
func decls when STDC_HEADERS is not defined
1994-08-08 00:04 millert
* config.h.in: added memcpy check check to see that ansi vs bsd
macros are ntot already defiend before defining (ie: avoid
redefinition)
1994-08-08 00:03 millert
* configure.in: removed fluff setenv check plus check w/ replace
for putenv if also no setenv
1994-08-08 00:01 millert
* putenv.c: Initial revision
1994-08-06 19:19 millert
* sudo_setenv.c: Initial revision
1994-08-06 19:19 millert
* sudo.h: rm'd s realp[ath added sudo_realpath and sudo_setenv
1994-08-06 19:19 millert
* sudo.c: now use sudo_setenvc
1994-08-06 19:18 millert
* configure.in: added puteenv and setenv, removed realpath
1994-08-06 19:18 millert
* config.h.in: added putenv & setenv
1994-08-06 19:18 millert
* Makefile.in: added sudo_setenv
1994-08-06 19:16 millert
* version.h: ++
1994-08-05 19:43 millert
* configure.in: added MAN_POSTINSTALL and /usr/share/catman for
irix
1994-08-05 19:43 millert
* Makefile.in: added MAN_POSTINSTALL
1994-08-05 19:43 millert
* CHANGES: added
1994-08-05 19:10 millert
* sudo.man: added SUDO_* plus new options
1994-08-05 19:10 millert
* CHANGES: added one
1994-08-05 19:07 millert
* configure.in: took out shadow lib
1994-08-05 18:35 millert
* TODO: adde done
1994-08-05 17:52 millert
* visudo.c: now use yyrestart() if flex now reset yylineno to 0
1994-08-05 17:49 millert
* Makefile.in: support for installing a cat page instead of a man
page if no nroff
1994-08-05 17:48 millert
* configure.in: now defines HAVE_FLEX fixed up man stuff so that it
looks for nroff to determine whether or not to install a cat or
man page
1994-08-05 17:48 millert
* config.h.in: added HAVE_FLEX
1994-08-05 16:14 millert
* sudo.c: not set ret to MODE_RUN initially
1994-08-05 16:12 millert
* find_path.c: made command (and therefor cmnd dynamically
allocated)
1994-08-04 20:25 millert
* TODO: did #8
1994-08-04 20:24 millert
* version.h: ++
1994-08-04 20:24 millert
* sudo_realpath.c: changed bufs from MAXPATHLEN to MAXPATHLEN+1
1994-08-04 20:24 millert
* sudo.h: added MODE_ removed validate_only and added
remove_timestamp()
1994-08-04 20:22 millert
* sudo.c: usage() now takes an int (exit value) added parse_args()
to parse command line arguments moved call to find_path() from
load_globals to new function load_cmnd() removed validate_only
global -- now use the concept of "modes" added -h and -k options
1994-08-04 20:21 millert
* parse.c: no longer use global validate_only now checks for
command called "validate" removed check for non-fully qualified
commands since that is done by find_path
1994-08-04 20:20 millert
* find_path.c: changed MAXPATHLEN r to MAXPATHLEN+1
1994-08-04 20:17 millert
* find_path.c: fixed off by one error with MAXPATHLEN and fixed a
comment
1994-08-04 20:17 millert
* check.c: check_timestamp no longer runs reminder(), it is implied
in the return val added remove_timestamp()
1994-08-04 20:16 millert
* CHANGES: updated
1994-08-04 16:38 millert
* BUGS: fixed on
1994-08-04 16:38 millert
* sudo_realpath.c: took out old_errno
1994-08-04 16:37 millert
* CHANGES: updated
1994-08-03 12:08 millert
* logging.c: moved send_mail to after syslog
1994-08-02 22:41 millert
* sudo.c: now set SUDO_ envariables
1994-08-01 13:40 millert
* version.h: ++
1994-08-01 13:39 millert
* sudo_realpath.c: now print error if chdir fails
1994-08-01 13:39 millert
* find_path.c: removed an XXX
1994-07-25 20:40 millert
* CHANGES: updated
1994-07-25 20:36 millert
* configure.in: no more static binaries for aix
1994-07-25 18:37 millert
* INSTALL: fixed typo
1994-07-25 18:33 millert
* sudo_realpath.c: took out stuff not needed for sudo now does
be_root/be_user itself now uses cwd global
1994-07-25 18:32 millert
* version.h: +=2
1994-07-25 18:31 millert
* logging.c, sudo.c: be_root/be_user is now down in sudo_realpath()
1994-07-25 18:26 millert
* logging.c, sudo.h: now works with 4.2BSD syslog (blech)
1994-07-25 18:25 millert
* find_path.c: now use sudo_realpath()
1994-07-25 18:25 millert
* config.h.in: took out realpth() stuff since we now use
sudo_realpath()
1994-07-25 18:25 millert
* configure.in: ultrix enhanced sec
1994-07-25 18:25 millert
* SUPPORTED: added ultrix enhanced sec.
1994-07-25 18:24 millert
* INSTALL: updated
1994-07-25 18:21 millert
* check.c: ultrix enhanced security suport
1994-07-25 18:20 millert
* Makefile.in: added sudo_realpath.c
1994-07-25 18:18 millert
* CHANGES: updated
1994-07-25 14:28 millert
* tgetpass.c: increased passwd len to 24 for c2 security
1994-07-25 13:17 millert
* BUGS: updated BUGS
1994-07-15 11:49 millert
* check.c: now use user global var
1994-07-15 11:48 millert
* configure.in: took out -ls
1994-07-14 19:11 millert
* configure.in: added AFS libs
1994-07-14 17:45 millert
* sudo.h: user is now a char * added epasswd
1994-07-14 17:43 millert
* sudo.c: added tzset() to load_globals added epasswd (encrypted
password) global made user dynamically allocated
1994-07-14 17:43 millert
* configure.in: added tzset test
1994-07-14 17:43 millert
* config.h.in: added HAVE_TZSET
1994-07-14 17:42 millert
* check.c: cleaned up encrypted passwd grab somewhat
1994-07-14 12:34 millert
* configure.in: fixed AFS typo
1994-07-14 12:34 millert
* INSTALL: added AFS not
1994-07-14 12:34 millert
* CHANGES: udpated
1994-07-14 12:33 millert
* logging.c: can now log to both syslog & a file
1994-07-14 12:12 millert
* sudo.h: added BOTH_LOGS
1994-07-14 11:34 millert
* CHANGES: updated
1994-07-14 11:32 millert
* configure.in: --with-AFS
1994-07-14 11:32 millert
* config.h.in: added HAVE_AFS
1994-07-14 11:31 millert
* check.c: added afs changes
1994-07-14 11:21 millert
* sudo.h: removed AFS stuff :-)
1994-07-14 11:19 millert
* tgetpass.c: include sys/select for AIX
1994-07-14 11:17 millert
* sudo.h: added AFS
1994-07-14 11:16 millert
* version.h: ++
1994-07-07 14:45 millert
* SUPPORTED, CHANGES: updated
1994-07-07 14:44 millert
* logging.c: can now have MAILER undefined
1994-07-07 14:37 millert
* INSTALL: new sub-note about MAILER
1994-07-06 23:11 millert
* sudo.man: added blurb about password timeout
1994-07-06 20:52 millert
* configure.in: convex c2 changes
1994-07-06 20:52 millert
* aclocal.m4: took out duplicate define of _CONVEX_SOURCE
1994-07-06 20:51 millert
* Makefile.in: added OSDEFS
1994-07-06 20:46 millert
* config.h.in: added spaces
1994-07-06 20:08 millert
* tgetpass.c: added a goto if fgets fails
1994-07-06 20:08 millert
* sudo.h: use __hpux not hpux convex c2 stuff
1994-07-06 20:08 millert
* sudo.c: use __hpux not hpux
1994-07-06 20:08 millert
* logging.c: convex c2 stuff
1994-07-06 20:07 millert
* config.h.in: define ansi-ish cpp os defines if non-ansi are
defined for hpux & convex
1994-07-06 20:07 millert
* INSTALL: updated to say we support sonvex C2
1994-07-06 20:05 millert
* check.c: added convex c2 support
1994-07-01 12:06 millert
* tgetpass.c: no more ioctl never returns NULL uses fgets() and
select() to timeout
1994-06-29 17:04 millert
* configure.in: things were testing -n "$GCC" instead of -z "$GCC"
1994-06-29 16:39 millert
* tgetpass.c: now works + uses fgets()
1994-06-28 18:25 millert
* tgetpass.c: select doesn't seem to recognize a single '\n' as
input waiting so we can;t use it, sigh.
1994-06-26 16:38 millert
* PORTING: updated tgetpass() blurb
1994-06-26 16:35 millert
* configure.in: added --with-getpass
1994-06-26 16:35 millert
* Makefile.in: added tgetpass stuff
1994-06-26 15:25 millert
* tgetpass.c: now uses stdio
1994-06-26 15:17 millert
* version.h: ++
1994-06-24 19:48 millert
* PORTING: updated ,.
1994-06-24 19:46 millert
* config.h.in: added USE_GETPASS && HAVE_C2_SECURITY
1994-06-24 19:45 millert
* configure.in: fixed a test aded --with-C2 and --with-tgetpass
1994-06-24 19:45 millert
* check.c: added hpux C2 shit
1994-06-24 19:45 millert
* Makefile.in: took out tgetpass.*
1994-06-24 19:45 millert
* INSTALL: added C2 blurb
1994-06-13 15:54 millert
* configure.in: no termio(s) for ultrix since it is broken
1994-06-13 15:41 millert
* check.c: added a space (yeah, anal)
1994-06-13 15:17 millert
* realpath.c, sudo_realpath.c: fixed it (duh, rtfm)
1994-06-08 14:34 millert
* config.h.in: took out bsd signal stuff for irix
1994-06-08 14:26 millert
* visudo.c: comments in #endif
1994-06-08 14:09 millert
* configure.in: don't define BSD signals for irix
1994-06-08 12:57 millert
* TODO: did some...
1994-06-08 12:57 millert
* CHANGES: updated
1994-06-08 12:56 millert
* realpath.c, sudo_realpath.c: took out unneeded code by changing
where a strings was terminated
1994-06-07 19:21 millert
* realpath.c, sudo_realpath.c: fix bug where /dirname would return
NULL
1994-06-07 17:40 millert
* sudo.h: move __P to config.h
1994-06-07 17:40 millert
* getcwd.c, getwd.c, realpath.c, sudo_realpath.c: added errno
definition
1994-06-07 17:40 millert
* config.h.in: added __P
1994-06-07 17:21 millert
* config.h.in: added HAVE_FCHDIR
1994-06-07 17:18 millert
* strdup.c: now include stdio
1994-06-07 14:55 millert
* realpath.c, sudo_realpath.c: now works if no fchdir
1994-06-07 14:55 millert
* visudo.c: define SA_RESETHAND to null if not defined
1994-06-07 14:54 millert
* configure.in: added check & replace
1994-06-06 20:05 millert
* configure.in: took out -static for nextstep -- it doesn't work
1994-06-06 19:59 millert
* logging.c: moved #endif to where it belongs
1994-06-06 19:54 millert
* SUPPORTED: correction
1994-06-06 19:42 millert
* configure.in: now checks for strdup realpath getcwd bzero
1994-06-06 19:31 millert
* config.h.in: emulate bzero
1994-06-06 16:57 millert
* visudo.c: added posic signals
1994-06-06 16:57 millert
* tgetpass.c: bzero cast
1994-06-06 16:57 millert
* logging.c: added posix signals
1994-06-06 16:56 millert
* configure.in: removed BROKEN_GETPASS added new srcs toreplace
missing functions
1994-06-06 16:56 millert
* config.h.in: added posix signal stuff
1994-06-06 16:56 millert
* Makefile.in: added new srcs
1994-06-06 12:53 millert
* visudo.c: updated useag
1994-06-06 12:39 millert
* tgetpass.c: now uses posix signals
1994-06-05 20:17 millert
* PORTING: updated sto reflect major changes
1994-06-05 20:05 millert
* TODO, CHANGES: updated
1994-06-05 20:04 millert
* tgetpass.c: uses sysconf() if available
1994-06-05 20:04 millert
* sudo.h: added PASSWORD_TIMEOUT + prototypes for new functions
1994-06-05 20:04 millert
* realpath.c, sudo_realpath.c: for those w/o this in libc
1994-06-05 20:03 millert
* getcwd.c, getwd.c: Initial revision
1994-06-05 20:03 millert
* find_path.c: rewrote to use realpath(3) - nis now all my code
1994-06-05 20:02 millert
* config.h.in: added HAVE_REALPATH
1994-06-05 20:02 millert
* check.c: now use tgetpass
1994-06-05 20:02 millert
* Makefile.in: added LIBOBJS use tgetpass.c
1994-06-05 18:55 millert
* tgetpass.c: works now :-)
1994-06-05 18:27 millert
* tgetpass.c: Initial revision
1994-06-05 17:17 millert
* pathnames.h.in: added /dev/tty
1994-06-04 17:12 millert
* version.h: incremented
1994-06-04 15:29 millert
* sudo.c: always use getcwd
1994-06-04 14:49 millert
* config.h.in: added check for getwd
1994-06-04 14:48 millert
* configure.in: replace strdup & realpath & getcwd if missing
1994-06-04 14:47 millert
* pathnames.h.in: added _PATH_PWD
1994-06-04 14:46 millert
* aclocal.m4: added SUDO_PROG_PWD
1994-06-04 14:37 millert
* realpath.c, sudo_realpath.c, strdup.c: Initial revision
1994-06-03 11:31 millert
* configure.in: quoted quare brackets
1994-06-02 17:49 millert
* sudo.c: no need to strdup() a constant
1994-06-02 15:45 millert
* CHANGES: updated
1994-06-02 15:44 millert
* sudo.man: added validate
1994-06-02 15:42 millert
* sudo.c: added -v to usage
1994-06-02 15:41 millert
* parse.c, sudo.c, sudo.h: added validate_only stuff
1994-05-29 21:29 millert
* configure.in: now finds sed
1994-05-29 21:28 millert
* aclocal.m4: $OSREV is now an int
1994-05-29 19:13 millert
* configure.in: added mtxinu to caser
1994-05-29 18:37 millert
* sudo.h: added EXEC macro
1994-05-29 18:36 millert
* sudo.c: now use the EXEC nmacro now only do a gethostbyname() if
FQDN is set
1994-05-29 18:36 millert
* logging.c: changed mail_argv[] def now use EXEC() macro
1994-05-29 18:35 millert
* check.c: took out crypt() definition
1994-05-29 17:23 millert
* version.h: upped the version
1994-05-29 15:52 millert
* configure.in: always look for -lnsl
1994-05-29 15:29 millert
* aclocal.m4: added an echo
1994-05-29 15:25 millert
* sudo.h: SHORT_MESSAGE is now the default
1994-05-29 15:18 millert
* config.h.in: fixed typo
1994-05-29 01:29 millert
* configure.in: added missing AC_DEFINE(SVR4) for solaris
1994-05-28 20:42 millert
* sudo.man: documented the -v flag
1994-05-28 20:34 millert
* SUPPORTED: updated
1994-05-28 20:31 millert
* check.c: proto-ized crypt()
1994-05-28 20:28 millert
* config.h.in: added LIBSHADOW undef
1994-05-28 20:18 millert
* configure.in: nwo set OS to be lowercase
1994-05-28 19:36 millert
* configure.in: now use SUDO_OSTYPE to set $OS
1994-05-28 19:36 millert
* aclocal.m4: now use uname to determine os
1994-05-28 16:23 millert
* visudo.c: added prototypes & moved sig handler around
1994-05-28 15:13 millert
* sudo.h: added prototyppes
1994-05-28 15:13 millert
* parse.c: added comment
1994-05-28 15:12 millert
* config.h.in: nwo use _BSD_SIGNALS not _BSD_COMPAT
1994-05-28 15:11 millert
* check.c, logging.c, sudo.c: added prototypes
1994-05-28 15:11 millert
* aixcrypt.exp: Initial revision
1994-05-28 15:11 millert
* Makefile.in: added aixcrypt.exp
1994-05-28 13:21 millert
* parse.lex, parse.yacc: moved config.h to top of includes
1994-05-25 15:48 millert
* find_path.c: now don't bitch if get EACCESS (treat like EPERM)
1994-05-24 23:08 millert
* visudo.c: added -v flag and usage()
1994-05-24 23:08 millert
* version.h: fixed a typo
1994-05-24 23:08 millert
* sudo.c: cast Argv to a const for exec added -v flag
1994-05-24 23:07 millert
* logging.c: mail_argv is now a const
1994-05-24 23:07 millert
* configure.in: only set RETSIGTYPE if it is not set already
1994-05-24 23:07 millert
* aclocal.m4: now defines & STDC_HEADERS for Irix
1994-05-24 23:07 millert
* Makefile.in: added version.h
1994-05-24 21:25 millert
* insults.h, sudo.h: prevent multiple inclusion
1994-05-24 21:20 millert
* version.h: Initial revision
1994-05-24 21:09 millert
* parse.lex, parse.yacc: now includes config.h
1994-05-24 20:54 millert
* aclocal.m4: now talks about sunos 4.x
1994-05-24 20:23 millert
* visudo.c: calls to Exit now pass an arg
1994-05-24 18:00 millert
* visudo.c: signal handler now takes an int argument
1994-05-24 18:00 millert
* CHANGES: updated
1994-05-24 17:44 millert
* sudo.c: ok, the getcwd() is now *really* done as the user
1994-05-24 17:44 millert
* configure.in: changed AIX STATIC_FLAGS
1994-05-24 16:27 millert
* aclocal.m4: solaris now defines SVR4
1994-05-24 16:18 millert
* sudo.h: added cwd and fixed stupid core dump that makes no sense.
sigh.
1994-05-24 16:18 millert
* sudo.c: moved getcwd stuff into load_globals
1994-05-24 16:18 millert
* parse.c: took out externs that are in suod.h
1994-05-24 16:18 millert
* logging.c: moved cwd into load_globals
1994-05-24 16:17 millert
* find_path.c: moved cwd stuff
1994-05-24 15:55 millert
* Makefile.in: fixed make distclean & realclean
1994-05-24 12:51 millert
* TODO: updated .,
1994-05-24 12:51 millert
* CHANGES: added solaris changes
1994-05-24 12:51 millert
* aclocal.m4: added solaris changes, need to rework
1994-05-24 12:50 millert
* configure.in: cleaned up for solaris
1994-05-24 12:13 millert
* logging.c: reinstall reapchild signal handler for non-bsd signals
1994-05-24 12:03 millert
* sudo.h: took out getdtablesize() emulation for HP-UX (no longer
needed)
1994-05-24 12:03 millert
* sudo.c: support for HAVE_SYSCONF
1994-05-24 12:02 millert
* visudo.c: added <fcntl.h> for solaris & reorg'd the includes +
minor prettying up /
1994-05-23 20:26 millert
* config.h.in: added HAVE_SYSCONF
1994-05-16 18:57 millert
* configure.in: now tells you what os you are running /.
1994-05-16 18:56 millert
* aclocal.m4: took out extra ','
1994-05-14 17:56 millert
* config.h.in: added _BSD_COMPAT
1994-05-14 17:56 millert
* aclocal.m4: fixed for irix5
1994-05-14 17:55 millert
* CHANGES: updated
1994-05-14 17:27 millert
* sudo.c: uid seinitialized to -2
1994-04-28 12:36 millert
* sudo.c: now removes LIBPATH for AIX
1994-03-12 20:41 millert
* configure.in: now uses ufc if it finds it
1994-03-12 17:42 millert
* sudo.h: no longer define yyval & yylval since yacc does it
1994-03-12 17:42 millert
* parse.lex: now defines yylval as extenr
1994-03-12 17:41 millert
* configure.in: BROKEN_GETPASS is now an OPTION
1994-03-12 17:41 millert
* config.h.in: took out BROKEN_GETPASS
1994-03-12 17:20 millert
* Makefile.in: took out big comment
1994-03-12 16:24 millert
* README: updated
1994-03-12 16:20 millert
* Makefile.in: took out README.beta
1994-03-12 16:19 millert
* SUPPORTED: Initial revision
1994-03-12 16:19 millert
* INSTALL: now reference SUPPORTED .,
1994-03-12 16:17 millert
* config.h.in: now check for convex OR __convex__
1994-03-12 16:16 millert
* aclocal.m4: now check for convex or __convex__
1994-03-12 16:15 millert
* Makefile.in: added dist target
1994-03-12 15:19 millert
* aclocal.m4: use __convex__
1994-03-12 14:33 millert
* find_path.c: now use _S_* stat stuff to be ansi-like
1994-03-12 14:11 millert
* INSTALL: updated for configure directions
1994-03-12 14:05 millert
* Makefile.in: distclean now removes config.h and pathnames.h
1994-03-12 14:03 millert
* CHANGES: updated
1994-03-12 14:00 millert
* TODO: fixed typoe
1994-03-12 13:57 millert
* Makefile.in, visudo.c: updated version
1994-03-12 13:57 millert
* config.h.in, pathnames.h.in: added copyright header
1994-03-12 13:55 millert
* check.c, find_path.c, insults.h, logging.c, parse.c, parse.lex,
parse.yacc, sudo.c, sudo.h: udpated version
1994-03-12 13:39 millert
* visudo.c: udpated to use configure + pathnames.h
1994-03-12 13:37 millert
* Makefile.in, config.h.in, configure.in, aclocal.m4: updated
1994-03-12 13:37 millert
* sudo.h: now works with configure
1994-03-12 13:36 millert
* check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c:
updated to work with configure + pathnames.h
1994-03-12 10:40 millert
* Makefile.in: added LEXLIB
1994-03-10 03:18 millert
* COPYING: updated gnu general licence to versio 2
1994-03-10 02:44 millert
* pathnames.h.in, config.h.in: Initial revision
1994-03-10 01:43 millert
* sudo.h: changed to work with configure
1994-03-09 18:51 millert
* Makefile.in, aclocal.m4, configure.in: Initial revision
1994-03-09 17:36 millert
* visudo.c: now uses defines used by configure
1994-03-01 16:31 millert
* find_path.c: sudo won't bitch about EPERM now, for real
1994-02-28 00:36 millert
* logging.c: renamed exec_argv to eliminate a libc name clash with
ksros
1994-02-28 00:28 millert
* CHANGES: corrected
1994-02-28 00:27 millert
* logging.c, sudo.c, sudo.h: execve -> execv
1994-02-27 23:27 millert
* TODO: upated
1994-02-27 23:19 millert
* PORTING: added 2 mroe items
1994-02-27 23:12 millert
* CHANGES: updated
1994-02-27 23:11 millert
* sudo.h: added UMASK and mode_t declaration
1994-02-27 23:11 millert
* sudo.c: added UMASK
1994-02-27 20:55 millert
* logging.c: now opens log file with mode 077
1994-02-27 20:55 millert
* check.c: saved current umask ans restores it
1994-02-27 20:36 millert
* sudo.h: added MAXLOGFILELEN
1994-02-27 20:35 millert
* logging.c: split long log lines. FOr syslog, split into multiple
entries, for a log file, indent the extra for readability
1994-02-27 17:22 millert
* CHANGES: added changes
1994-02-27 17:18 millert
* sudo.h: MAXLOGLEN & MAXSYSLOGLEN are now different (as they
should be)
1994-02-25 16:04 millert
* TODO: added input from Brett M Hogden <hogden@rge.com>
1994-02-16 13:35 millert
* sudo.c: added rmenv() to remove stuff from environ. can now uses
execvp() OR execve() becuase of this.
1994-02-16 13:35 millert
* logging.c: now uses execvp() OR execve()
1994-02-16 13:31 millert
* sudo.h: added USE_EXECVE
1994-02-16 13:27 millert
* sudo.h: added environ
1994-02-16 12:53 millert
* find_path.c: now ignore EPERM
1994-02-15 23:52 millert
* sudo.h: moved some func decls out of sudo.h and into sudo.c as
statics /.
1994-02-15 23:52 millert
* CHANGES: updated
1994-02-15 23:40 millert
* sudo.h: took out Envp
1994-02-14 12:28 millert
* BUGS: Initial revision
1994-02-10 14:29 millert
* sudo.c, sudo.h, CHANGES: added SECURE_PATH
1994-02-10 14:05 millert
* sudo.h: added SECURE_PATH
1994-02-10 13:50 millert
* INSTALL: added sample.sudoers note
1994-02-10 13:47 millert
* sudoers: Initial revision
1994-02-09 14:54 millert
* find_path.c: fixed typo
1994-02-08 23:06 millert
* PORTING: took out SAVED_UID garbage
1994-02-08 22:55 millert
* INSTALL: mentioned HAL
1994-02-08 22:50 millert
* sudo.h: added HAL line
1994-02-08 22:48 millert
* insults.h: added HAL insults
1994-02-08 22:48 millert
* TODO: updated
1994-02-08 22:02 millert
* logging.c: more verbose error if mailer not found
1994-02-08 22:02 millert
* check.c: now do getpwent as root for soem shadow password systems
(bsdi)
1994-02-08 13:22 millert
* sudo.h: took out SAVED_UID garbade
1994-02-08 13:21 millert
* sudo.c: took out SAVED_UID garbage since it don't work
1994-02-06 17:43 millert
* README: updated
1994-02-06 17:40 millert
* insults.h: added a missing space :-)
1994-02-05 19:48 millert
* sudo.c, sudo.h: took out multimax cruft
1994-02-05 19:30 millert
* INSTALL: minor update
1994-02-05 19:30 millert
* PORTING: finished
1994-02-05 19:19 millert
* sudo.c: fixed a typo + indentation
1994-02-05 18:43 millert
* sudo.h: took outumoved some defines to the config file ,. ,.
1994-02-05 15:17 millert
* PORTING: Initial revision
1994-02-05 15:17 millert
* TODO: did #6
1994-02-05 15:16 millert
* sudo.h: added HAS_SAVED_UID
1994-02-05 15:16 millert
* sudo.c: put back AIX cruft
1994-02-03 00:44 millert
* sudo.c: aix changes
1994-02-02 01:31 millert
* CHANGES: updated
1994-02-02 01:30 millert
* check.c, logging.c, parse.c, sudo.c, sudo.h: now is only root
when abs necesary
1994-02-01 22:21 millert
* check.c: added missing %s\n
1994-01-31 02:06 millert
* install-sh: Initial revision
1994-01-31 01:58 millert
* CHANGES, TODO: updated
1994-01-31 01:56 millert
* sudo.c: now removed _RLD_* for alphas
1994-01-31 01:50 millert
* INSTALL: updated for new config scheme
1994-01-30 19:42 millert
* find_path.c: more verbose eror messages
1994-01-27 14:08 millert
* TODO: now have solaris
1994-01-27 14:07 millert
* sudo.h: define __svr4__ for SOLARIS
1994-01-27 14:07 millert
* check.c: added svr4 junk for shadow pws for solaris 2.x
1994-01-27 13:19 millert
* check.c, sudo.c: took out setuid(0) and setreuid(udi) garbage.
Its not needed since we start out setuid with the correct perms.
1994-01-26 19:51 millert
* check.c, sudo.c, sudo.h: now use setreuid()
1994-01-26 18:58 millert
* sudo.man: revised AUTHORS secrtion & added ENV_EDITOR stuff to
VARIABLES sectoin
1994-01-26 18:52 millert
* visudo.c: now uses ENV_EDITOR if you want to use the EDITOR envar
1994-01-26 18:52 millert
* sudo.h: now uses ENV_EDITOR if you want to use the EDITOR envar
>> .
1993-12-07 01:33 millert
* README: minor update + spell fix
1993-12-07 01:33 millert
* INSTALL: rewrote most of this
1993-12-07 01:13 millert
* sudo.h: added all options that are in the Makefile
1993-12-07 00:23 millert
* getpass.c: now use USE_TERMIO #define for sgi & hpux
1993-12-06 23:19 millert
* TODO: todo: posix sigs
1993-12-06 01:12 millert
* check.c, find_path.c: always include strings.h
1993-12-05 20:34 millert
* visudo.c: added STATICEDITOR
1993-12-05 20:30 millert
* sudo.h: sgi has vi in /usr/bin too
1993-12-05 20:23 millert
* sudo.man: added VISUAL
1993-12-02 22:20 millert
* sudo.h: sue /usr/bin/vi on some systems
1993-12-02 22:19 millert
* sudo.c: fixed warning (include strings.h)
1993-12-02 22:06 millert
* sudo.man: added John_Rouillard@dl5000.bc.edu's changes (new
features)
1993-12-02 21:38 millert
* CHANGES: changes from John_Rouillard@dl5000.bc.edu
1993-12-02 21:35 millert
* visudo.c: added EDITOR envar
1993-12-02 21:34 millert
* check.c, find_path.c, parse.c, sudo.c: added patches from
John_Rouillard directory spec uses EDITOR
1993-12-01 19:32 millert
* getpass.c: added flush for hpux
1993-11-30 13:37 millert
* sudo.c: no longer assume malloc returns a char *
1993-11-29 20:35 millert
* sudo.c: alpha change to remove LD_-like thing fixed SHLIB_PATH
stuff -- now gets removed correctly
1993-11-29 19:31 millert
* sudo.h: added STD_HEADERS macro
1993-11-29 19:14 millert
* sudo.c: now uses STD_HEADERS macor for ansi
1993-11-29 19:14 millert
* find_path.c: now uses STD_HEADERS macro
1993-11-29 19:13 millert
* check.c: niceties for C compiler bitches -- no real change
1993-11-29 13:04 millert
* visudo.c: now doesn't fclose a file never opened.
1993-11-28 16:35 millert
* sudo.man: added visudo line
1993-11-28 16:31 millert
* sudo.man: added error stuff added me in there...
1993-11-28 03:12 millert
* CHANGES: noted insults
1993-11-28 03:01 millert
* INSTALL: added blurb about reading stuff
1993-11-28 03:00 millert
* sudo.h: added insults
1993-11-28 03:00 millert
* insults.h: corrected somments and removed newlines
1993-11-28 03:00 millert
* check.c: now uses insults
1993-11-28 02:45 millert
* insults.h: Initial revision
1993-11-27 19:46 millert
* INSTALL: added dec syslog note
1993-11-27 19:25 millert
* sample.sudoers: added real stuff in there
1993-11-27 19:24 millert
* TODO: added a todo
1993-11-27 19:10 millert
* TODO: added one
1993-11-27 18:59 millert
* sample.sudoers: Initial revision
1993-11-27 18:59 millert
* sudo.man: updated with changes
1993-11-27 18:52 millert
* sudo.man: Initial revision
1993-11-27 18:48 millert
* CHANGES, COPYING, INSTALL, README, TODO, indent.pro: Initial
revision
1993-11-27 18:46 millert
* visudo.c: updated version number and took out jeff's old addr
since it is no good
1993-11-27 18:42 millert
* sudo.h, check.c, find_path.c, logging.c, parse.c, parse.lex,
parse.yacc, sudo.c: updated version number and took out jeff's
email (since it is invalid)
1993-10-28 09:36 millert
* check.c: added fflush()
1993-10-22 20:46 millert
* find_path.c: now return NULL instead pfof exiting for
nopnn-fatal errors
1993-10-21 16:57 millert
* check.c: new banner
1993-10-21 16:42 millert
* parse.lex: now sudo.h gets included first
1993-10-17 20:31 millert
* parse.lex: now can use flex
1993-10-17 20:31 millert
* sudo.h: linux patch
1993-10-17 20:30 millert
* sudo.c: hpux 9 fix, removes SHLIB_PATH linux patch
1993-10-17 20:30 millert
* check.c: linux diff
1993-10-15 16:03 millert
* find_path.c: stat now ignores EINVAL
1993-10-05 21:48 millert
* find_path.c, sudo.c: now declare strdup as extern
1993-10-04 15:23 millert
* visudo.c: reformatted with indent + by hand
1993-10-04 15:10 millert
* check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c,
sudo.h: used indent to "fix" coding style
1993-10-03 20:12 millert
* find_path.c: now checks '.' or '.' or '' in PATH -- but does it
LAST should maybe move the code that does this into the loop
body. makes it messier tho. hmmm.
1993-09-08 11:53 millert
* find_path.c: redid the fix for non-executable files in an easier
to read way plus some minor aethetic changes
1993-09-08 11:39 millert
* find_path.c: fixed bug with non-executable tings of same name in
path introduced by checkig errno after stat(2).
1993-09-05 10:02 millert
* sudo.c: fixed off by one error
1993-09-05 09:55 millert
* find_path.c: now handles decending below '/' correctly
1993-09-05 08:35 millert
* sudo.c: now actually builds Envp instead of munging envp
1993-09-04 15:42 millert
* parse.yacc: now includes sys/param.h
1993-09-04 15:41 millert
* visudo.c: now includes sys/param.h
1993-09-04 15:30 millert
* sudo.h: fixed ifndef -> ifdef
1993-09-04 15:19 millert
* qualify.c: make more like find_path.c
1993-09-04 15:18 millert
* find_path.c: rewritten by millert
1993-09-04 15:17 millert
* sudo.h: fixed MAXCOMMANDLENGTH now uses USE_CWD and NEED_STRDUP
added info about new defines in the comment
1993-09-04 15:15 millert
* logging.c: now uses USE_CWD
1993-09-04 14:10 millert
* sudo.h: added delc for clean_envp() and Envp
1993-09-04 14:09 millert
* sudo.c: now rips LD_* env vars out of envp and passed sanitized
Envp to exec
1993-09-04 14:09 millert
* logging.c: now uses execve()
1993-09-04 14:08 millert
* find_path.c: ENOTDIR is ok now too (in case part of the path is
bogus)
1993-09-04 08:17 millert
* qualify.c: now works correctly (ttaltotal rewrite)
1993-09-04 07:59 millert
* parse.lex: now includes sys/param.h didn't match trailing / --
fix from rouilj@cs.umb.edu
1993-06-11 18:04 millert
* sudo.c: moved around the #ifndef _AIX
1993-06-11 18:03 millert
* check.c, logging.c, parse.c: Initial revision
1993-03-20 07:57 millert
* qualify.c: Initial revision
1993-03-13 15:09 millert
* find_path.c: now works if you do sudo bin/test
1993-03-13 14:20 millert
* find_path.c: works
1993-03-02 18:28 millert
* sudo.h: Initial revision
1993-03-02 11:35 millert
* visudo.c: Initial revision
1993-03-02 11:32 millert
* parse.lex, parse.yacc: Initial revision
1993-02-16 13:24 millert
* sudo.c: took out errno.h
1993-02-16 13:22 millert
* sudo.c: now spews error if exec fails and exits with -1
1993-02-16 12:07 millert
* sudo.c: Initial revision
1993-02-15 22:27 millert
* find_path.c: now only execs files with (an) executable bit set.
1993-02-15 22:01 millert
* find_path.c: Initial revision
1993-02-15 14:32 millert
* getpass.c: added nice comment
1993-02-15 14:19 millert
* getpass.c: now works on sgi's
1993-02-15 13:57 millert
* getpass.c: Initial revision