diff options
| author | hasso <hasso@pkgsrc.org> | 2009-08-02 07:39:27 +0000 |
|---|---|---|
| committer | hasso <hasso@pkgsrc.org> | 2009-08-02 07:39:27 +0000 |
| commit | 64ef0d1c464c069d711a6e7582f38c4cdc8d1b18 (patch) | |
| tree | 4769b73dad62104605d51afd57a1c595def85e72 /security/sudo/patches | |
| parent | 9b94afa45854b515c9b9f8d4831b383792446011 (diff) | |
| download | pkgsrc-64ef0d1c464c069d711a6e7582f38c4cdc8d1b18.tar.gz | |
Update to 1.7.2p1.
Changes in 1.7.2p1 since 1.7.2:
===============================
* Fixed the expansion of the %h escape in #include file names introduced in
sudo 1.7.1.
Changes in 1.7.2 since 1.7.1:
=============================
* A new #includedir directive is available in sudoers. This can be used to
implement an /etc/sudo.d directory. Files in an includedir are not edited
by visudo unless they contain a syntax error.
* The -g option did not work properly when only setting the group (and not
the user). Also, in -l mode the wrong user was displayed for sudoers
entries where only the group was allowed to be set.
* Fixed a problem with the alias checking in visudo which could prevent
visudo from exiting.
* Sudo will now correctly parse the shell-style /etc/environment file format
used by pam_env on Linux.
* When doing password and group database lookups, sudo will only cache an
entry by name or by id, depending on how the entry was looked up.
Previously, sudo would cache by both name and id from a single lookup, but
this breaks sites that have multiple password or group database names that
map to the same uid or gid.
* User and group names in sudoers may now be enclosed in double quotes to
avoid having to escape special characters.
* BSM audit fixes when changing to a non-root uid.
* Experimental non-Unix group support. Currently only works with Quest
Authorization Services and allows Active Directory groups fixes for
Minix-3.
* For Netscape/Mozilla-derived LDAP SDKs the certificate and key paths may
be specified as a directory or a file. However, version 5.0 of the SDK
only appears to support using a directory (despite documentation to the
contrary). If SSL client initialization fails and the certificate or key
paths look like they could be default file name, strip off the last path
element and try again.
* A setenv() compatibility fix for Linux systems, where a NULL value is
treated the same as an empty string and the variable name is checked
against the NULL pointer.
Diffstat (limited to 'security/sudo/patches')
| -rw-r--r-- | security/sudo/patches/patch-af | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/security/sudo/patches/patch-af b/security/sudo/patches/patch-af index ca9e8169052..0e5408ef696 100644 --- a/security/sudo/patches/patch-af +++ b/security/sudo/patches/patch-af @@ -1,8 +1,8 @@ -$NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $ +$NetBSD: patch-af,v 1.22 2009/08/02 07:39:27 hasso Exp $ ---- configure.in.orig 2008-12-10 06:13:01.000000000 +0900 -+++ configure.in -@@ -153,7 +153,6 @@ else +--- configure.in.orig 2009-07-20 16:34:37 +0300 ++++ configure.in 2009-08-01 22:19:54 +0300 +@@ -156,7 +156,6 @@ else fi test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin' test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin' @@ -10,11 +10,11 @@ $NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $ dnl dnl Deprecated --with options (these all warn or generate an error) -@@ -277,6 +276,19 @@ AC_ARG_WITH(csops, [ --with-csops +@@ -294,6 +293,19 @@ AC_ARG_WITH(csops, [AS_HELP_STRING([--wi ;; esac]) -+AC_ARG_WITH(nbsdops, [ --with-nbsdops add NetBSD standard options], ++AC_ARG_WITH(nbsdops, [AS_HELP_STRING([--with-nbsdops], [add NetBSD standard options])], +[case $with_nbsdops in + yes) echo 'Adding NetBSD standard options' + CHECKSIA=false @@ -27,10 +27,10 @@ $NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $ + ;; +esac]) + - AC_ARG_WITH(passwd, [ --without-passwd don't use passwd/shadow file for authentication], + AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])], [case $with_passwd in yes|no) AC_MSG_CHECKING(whether to use shadow/passwd file authentication) -@@ -1716,7 +1728,7 @@ fi +@@ -1790,7 +1802,7 @@ fi if test ${with_logincap-'no'} != "no"; then AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN="" case "$OS" in @@ -39,7 +39,7 @@ $NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $ ;; esac ]) -@@ -2148,6 +2160,8 @@ if test ${with_kerb5-'no'} != "no" -a -z +@@ -2237,6 +2249,8 @@ if test ${with_kerb5-'no'} != "no" -a -z AC_CHECK_LIB(krb5support, main, [SUDO_LIBS="${SUDO_LIBS} -lkrb5support,"]) ]) AUTH_OBJS="$AUTH_OBJS kerb5.o" |