pkgsrc/security/sudo, branch pkgsrc_2008Q2[no description]https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q22008-06-30T15:53:41ZUpdate sudo package to 1.6.9p17.2008-06-30T15:53:41Ztacataca2008-06-30T15:53:41Zurn:sha1:1390b17c14eafdbed53ae28d659869fe33b92722
660) The -i flag should imply resetting the environment, as it did in
sudo version prior to 1.6.9. Also, the -i and -E flags are
mutually exclusive.
661) Fixed the configure test for dirfd() under Linux.
662) Fixed test for whether -lintl is required to link.
663) Changed how sudo handles the child process when sending mail.
This fixes a problem on Linux with the mail_always option.
664) Fixed a problem with line continuation characters inside of
quoted strings.
Update security/seudo pacakge to 1.6.p16.2008-05-14T14:00:15Ztacataca2008-05-14T14:00:15Zurn:sha1:19ca56fc035530858863ca2c22a74e75334ff67f
Major changes since Sudo 1.6.9p15:
o There was missing whitespace before the ldap libraries in the Makefile
for some configurations.
o LDAPS_PORT may not be defined on older Solaris LDAP SDKs.
o If the LDAP server could not be contacted and the user was not present
in sudoers, a syntax error in sudoers was incorrectly reported.
Don't hardcode "0 0" for the root user and group -- use ${REAL_ROOT_USER}2008-04-02T15:06:07Zjlamjlam2008-04-02T15:06:07Zurn:sha1:97c8a8560dfe752b6aeffd85c14be07c0459f5b7
and ${REAL_ROOT_GROUP} instead. The pkginstall framework checks for
the name of the user and group, not the uid and gid, when comparing
permissions. This fixes the following spurious warning from appearing:
The following files are used by sudo-1.6.9p15 and have
the wrong ownership and/or permissions:
/usr/pkg/etc/sudoers (m=0440, o=0, g=0)
Update sudo package to 1.6.9p15.2008-03-29T14:16:58Ztacataca2008-03-29T14:16:58Zurn:sha1:23751ee0e0119a32bc8a77161b8d49c0975cbcd4
653) Fixed installation of sudo_noexec.so on AIX.
654) Updated libtool to version 1.5.26.
655) Fixed printing of default SELinux role and type in -V mode.
656) The HOME environment variable is once again preserved by default,
as per the documentation.
Update sudo package to 1.6.9p14.2008-03-11T15:52:51Ztacataca2008-03-11T15:52:51Zurn:sha1:488f4f2e96ffece02bead6a12adc75bfef47f097
pkgsrc changes:
- Explict to depends security/heimdal package when kerberos option is
specified. PR pkg/37999 should be fixed.
Change:
646) Sudo will now set the nproc resource limit to unlimited on Linux
systems to work around Linux's setuid() resource limit semantics.
On PAM systems the resource limits will be reset by pam_limits.so
before the command is executed.
647) SELinux support that can be used to implement role based access
control (RBAC). A role and (optional) type may be specified
in sudoers or on the command line. These are then used in the
security context that the command is run as.
648) Fixed a Kerberos 5 compilation problem with MIT Kerberos.
Sudo 1.6.9p13 released.
649) Fixed an invalid assumption in the PAM conversation function
introduced in version 1.6.9p9. The conversation function may
be called for non-password reading purposes as well.
650) Fixed freeing an uninitialized pointer in -l mode, introduced in
version 1.6.9p13.
651) Check /etc/sudoers after LDAP even if the user was found in LDAP.
This allows Defaults options in /etc/sudoers to take effect.
652) Add missing checks for enforcing mode in SELinux RBAC mode.
Sudo 1.6.9p14 released.
Distribution file was changed after sudo 1.6.9p12 was released. :-(2008-01-22T12:45:24Ztacataca2008-01-22T12:45:24Zurn:sha1:d06caec85965686883e9df2c2af86eb300b26ad7
config.h.in
configure
configure.in
ldap.c
Add DIST_SUBDIR to handle this situation.
Bump PKG_REVISION.
Update sudo package to 1.6.9p12.2008-01-21T16:38:57Ztacataca2008-01-21T16:38:57Zurn:sha1:d3eddf5a9d2975bcea246400cb48e0d236d387cd
Changes from 1.6.9p11:
641) Added a configure check for the ber_set_option() function.
642) Fixed a compilation problem with the HP-UX K&R C compiler.
643) Revamped the Kerberos 5 ticket verification code.
644) Added support for the checkpeer ldap.conf variable for
netscape-based LDAP SDKs.
645) Fixed a problem where an incomplete password could be echoed
to the screen if there was a read timeout.
Update sudo package to 1.6.9p11.2008-01-06T16:08:24Ztacataca2008-01-06T16:08:24Zurn:sha1:6734a4e91ddcc9eb60bd5445471137afaf4029af
637) Fixed a compilation problem on SCO related to how they
store the high resolution timestamps in struct stat.
638) Avoid checking the passwd file group multiple times
in the LDAP query when the user's passwd group is also
listed in the supplemental group vector.
639) The URI specifier can now be used in ldap.conf even when
the LDAP SDK doesn't support ldap_initialize().
640) New %p prompt escape that expands to the user whose password
is being prompted, as specified by the rootpw, targetpw and
runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.
Install the binaries readable for the owner, so that a package can be2008-01-03T23:17:47Zrilligrillig2008-01-03T23:17:47Zurn:sha1:2d46c3e557e38efeeca844eb5be573a813dcc65f
created in unprivileged pkgsrc mode. PKGREVISION++
Replaced outdated mirrors by working mirrors.2007-12-30T13:42:29Zheinzheinz2007-12-30T13:42:29Zurn:sha1:70732ea98a751e9f6d7bd0aa369ad62d8d3b5d02