diff options
author | adam <adam@pkgsrc.org> | 2018-08-19 08:46:44 +0000 |
---|---|---|
committer | adam <adam@pkgsrc.org> | 2018-08-19 08:46:44 +0000 |
commit | d5dabceb78012d207160a35859cc836c7b1e82e3 (patch) | |
tree | a963540d369d86d879dc30410fcf4a71267b1f58 /security/sudo/patches | |
parent | 9a96465adcbc3d80870aa1f507cb84392b4aecae (diff) | |
download | pkgsrc-d5dabceb78012d207160a35859cc836c7b1e82e3.tar.gz |
sudo: updated to 1.8.24
Sudo 1.8.24
* The LDAP and SSS back-ends now use the same rule evaluation code
as the sudoers file backend. This builds on the work in sudo
1.8.23 where the formatting functions for "sudo -l" output were
shared. The handling of negated commands in SSS and LDAP is
unchanged.
* Fixed a regression introduced in 1.8.23 where "sudo -i" could
not be used in conjunction with --preserve-env=VARIABLE.
* cvtsudoers can now parse base64-encoded attributes in LDIF files.
* Random insults are now more random.
* Fixed the noexec wordexp(3) test on FreeBSD.
* Added SUDO_CONV_PREFER_TTY flag for conversation function to
tell sudo to try writing to /dev/tty first. Can be used in
conjunction with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.
* Sudo now supports an arbitrary number of groups per user on
Solaris. Previously, only the first 64 groups were found.
This should remove the need to set "max_groups" in sudo.conf.
* Fixed typos in the OpenLDAP sudo schema.
* Fixed a race condition when building with parallel make.
* Fixed a duplicate free when netgroup_base in ldap.conf is set
to an invalid value.
* Fixed a bug introduced in sudo 1.8.23 on AIX that could prevent
local users and groups from being resolved properly on systems
that have users stored in NIS, LDAP or AD.
* Added a workaround for an AIX bug exposed by a change in sudo
1.8.23 that prevents the terminal mode from being restored when
I/O logging is enabled.
* On systems using PAM, sudo now ignores the PAM_NEW_AUTHTOK_REQD
and PAM_AUTHTOK_EXPIRED errors from PAM account management if
authentication is disabled for the user. This fixes a regression
introduced in sudo 1.8.23.
* Fixed an ambiguity in the sudoers manual in the description and
definition of User, Runas, Host, and Cmnd Aliases.
* Fixed a bug that resulted in only the first window size change
event being logged.
* Fixed a bug on HP-UX systems introduced in sudo 1.8.22 that
caused sudo to prompt for a password every time when tty-based
time stamp files were in use.
* Fixed a compilation problem on systems that define O_PATH or
O_SEARCH in fnctl.h but do not define O_DIRECTORY.
Diffstat (limited to 'security/sudo/patches')
-rw-r--r-- | security/sudo/patches/patch-src_sudo__edit.c | 18 |
1 files changed, 0 insertions, 18 deletions
diff --git a/security/sudo/patches/patch-src_sudo__edit.c b/security/sudo/patches/patch-src_sudo__edit.c deleted file mode 100644 index 80fd3706b4a..00000000000 --- a/security/sudo/patches/patch-src_sudo__edit.c +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-src_sudo__edit.c,v 1.1 2016/09/16 11:50:38 jperkin Exp $ - -Don't assume O_SEARCH implies support for O_DIRECTORY. - ---- src/sudo_edit.c.orig 2016-06-18 02:44:21.000000000 +0000 -+++ src/sudo_edit.c -@@ -347,7 +347,11 @@ dir_is_writable(int dfd, struct user_det - * Use O_SEARCH/O_PATH and/or O_DIRECTORY where possible. - */ - #if defined(O_SEARCH) -+# if defined(O_DIRECTORY) - # define DIR_OPEN_FLAGS (O_SEARCH|O_DIRECTORY) -+# else -+# define DIR_OPEN_FLAGS (O_SEARCH) -+# endif - #elif defined(O_PATH) - # define DIR_OPEN_FLAGS (O_PATH|O_DIRECTORY) - #elif defined(O_DIRECTORY) |