This patch will upgrade Sudo version 1.6.8 patchlevel 4 to version 1.6.8 patchlevel 5. To apply: $ cd sudo-1.6.8p4 $ patch -p1 < sudo-1.6.8p5.patch diff sudo-1.6.8p4/CHANGES sudo-1.6.8p5/CHANGES --- sudo-1.6.8p4/CHANGES Wed Nov 17 09:34:18 2004 +++ sudo-1.6.8p5/CHANGES Fri Nov 26 13:07:10 2004 @@ -1751,3 +1751,16 @@ execution for password lookups that use GSSAPI. Sudo 1.6.8p4 released. + +553) Added a configure check for systems with a 2-argument version of + timespecsub (like BSD/OS). + +554) Added stub struct defintions to sudo.h to quiet compiler warnings + on some systems. + +555) In sudoers Defaults lines, tuples like "lecture" may now be used + without a value, restoring their old boolean-like nature. + +556) Invalid values for a tuple are now handled correctly. + +Sudo 1.6.8p5 released. diff sudo-1.6.8p4/Makefile.in sudo-1.6.8p5/Makefile.in --- sudo-1.6.8p4/Makefile.in Wed Nov 17 09:25:32 2004 +++ sudo-1.6.8p5/Makefile.in Thu Nov 25 10:27:00 2004 @@ -130,7 +130,7 @@ LIBOBJS = @LIBOBJS@ @ALLOCA@ -VERSION = 1.6.8p4 +VERSION = 1.6.8p5 DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \ LICENSE Makefile.in PORTING README README.LDAP RUNSON TODO \ diff sudo-1.6.8p4/config.h.in sudo-1.6.8p5/config.h.in --- sudo-1.6.8p4/config.h.in Wed Sep 8 09:49:26 2004 +++ sudo-1.6.8p5/config.h.in Thu Nov 25 10:31:54 2004 @@ -144,8 +144,8 @@ passwords) */ #undef HAVE_GETSPWUID -/* Define to 1 if you have the `getttimeofday' function. */ -#undef HAVE_GETTTIMEOFDAY +/* Define to 1 if you have the `gettimeofday' function. */ +#undef HAVE_GETTIMEOFDAY /* Define to 1 if your Kerberos is Heimdal. */ #undef HAVE_HEIMDAL @@ -352,6 +352,10 @@ /* Define to 1 if you have struct timespec in sys/time.h */ #undef HAVE_TIMESPEC + +/* Define to 1 if you have a timespecsub macro or function that takes + two arguments (not three) */ +#undef HAVE_TIMESPECSUB2 /* Define to 1 if you have the `tzset' function. */ #undef HAVE_TZSET diff sudo-1.6.8p4/configure sudo-1.6.8p5/configure --- sudo-1.6.8p4/configure Wed Sep 8 09:49:25 2004 +++ sudo-1.6.8p5/configure Fri Nov 26 13:04:30 2004 @@ -24675,8 +24675,9 @@ + for ac_func in strchr strrchr memchr memcpy memset sysconf tzset \ - strftime setrlimit initgroups fstat + strftime setrlimit initgroups fstat gettimeofday do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 @@ -26442,87 +26443,8 @@ fi done - -for ac_func in getttimeofday -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ -#ifdef __STDC__ -# include -#else -# include -#endif -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -{ -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -char (*f) () = $ac_func; -#endif -#ifdef __cplusplus -} -#endif - -int -main () -{ -return f != $ac_func; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - echo "$as_me:$LINENO: checking for struct stat.st_mtim" >&5 +if test X"$ac_cv_type_struct_timespec" != X"no"; then + echo "$as_me:$LINENO: checking for struct stat.st_mtim" >&5 echo $ECHO_N "checking for struct stat.st_mtim... $ECHO_C" >&6 if test "${ac_cv_member_struct_stat_st_mtim+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -26703,9 +26625,57 @@ fi -fi -done + echo "$as_me:$LINENO: checking for two-parameter timespecsub" >&5 +echo $ECHO_N "checking for two-parameter timespecsub... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +int +main () +{ +struct timespec ts1, ts2; +ts1.tv_sec = 1; ts1.tv_nsec = 0; ts2.tv_sec = 0; ts2.tv_nsec = 0; +#ifndef timespecsub +#error missing timespecsub +#endif +timespecsub(&ts1, &ts2); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + cat >>confdefs.h <<\_ACEOF +#define HAVE_TIMESPECSUB2 1 +_ACEOF + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 +fi +rm -f conftest.$ac_objext conftest.$ac_ext +fi cat >conftest.$ac_ext <<_ACEOF #line $LINENO "configure" /* confdefs.h. */ @@ -31462,6 +31432,10 @@ ;; esac fi + + + + diff sudo-1.6.8p4/configure.in sudo-1.6.8p5/configure.in --- sudo-1.6.8p4/configure.in Wed Sep 8 09:49:25 2004 +++ sudo-1.6.8p5/configure.in Thu Nov 25 10:31:20 2004 @@ -1683,7 +1683,7 @@ dnl Function checks dnl AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \ - strftime setrlimit initgroups fstat) + strftime setrlimit initgroups fstat gettimeofday) AC_CHECK_FUNCS(seteuid, , [AC_DEFINE(NO_SAVED_IDS)]) if test -z "$SKIP_SETRESUID"; then AC_CHECK_FUNCS(setresuid, [SKIP_SETREUID=yes]) @@ -1709,7 +1709,19 @@ SUDO_FUNC_ISBLANK AC_REPLACE_FUNCS(strerror strcasecmp sigaction strlcpy strlcat closefrom) AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1]) -AC_CHECK_FUNCS(getttimeofday, [AC_CHECK_MEMBER([struct stat.st_mtim], AC_DEFINE(HAVE_ST_MTIM), [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])]) +if test X"$ac_cv_type_struct_timespec" != X"no"; then + AC_CHECK_MEMBER([struct stat.st_mtim], AC_DEFINE(HAVE_ST_MTIM), [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))]) + AC_MSG_CHECKING([for two-parameter timespecsub]) + AC_TRY_COMPILE([#include +#include ], [struct timespec ts1, ts2; +ts1.tv_sec = 1; ts1.tv_nsec = 0; ts2.tv_sec = 0; ts2.tv_nsec = 0; +#ifndef timespecsub +#error missing timespecsub +#endif +timespecsub(&ts1, &ts2);], + [AC_DEFINE(HAVE_TIMESPECSUB2) + AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no)]) +fi dnl dnl Check for the dirfd function/macro. If not found, look for dd_fd in DIR. dnl @@ -2257,6 +2269,7 @@ AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member]) AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the header file and the `tcgetattr' function.]) AH_TEMPLATE(HAVE_TIMESPEC, [Define to 1 if you have struct timespec in sys/time.h]) +AH_TEMPLATE(HAVE_TIMESPECSUB2, [Define to 1 if you have a timespecsub macro or function that takes two arguments (not three)]) AH_TEMPLATE(HAVE___PROGNAME, [Define to 1 if your crt0.o defines the __progname symbol for you.]) AH_TEMPLATE(HOST_IN_LOG, [Define to 1 if you want the hostname to be entered into the log file.]) AH_TEMPLATE(IGNORE_DOT_PATH, [Define to 1 if you want to ignore '.' and empty PATH elements]) diff sudo-1.6.8p4/def_data.c sudo-1.6.8p5/def_data.c --- sudo-1.6.8p4/def_data.c Thu Feb 12 19:08:27 2004 +++ sudo-1.6.8p5/def_data.c Mon Nov 29 10:32:44 2004 @@ -15,8 +15,8 @@ static struct def_values def_data_verifypw[] = { { "never", never }, - { "any", any }, { "all", all }, + { "any", any }, { "always", always }, { NULL, 0 }, }; diff sudo-1.6.8p4/def_data.h sudo-1.6.8p5/def_data.h --- sudo-1.6.8p4/def_data.h Thu Feb 12 19:08:27 2004 +++ sudo-1.6.8p5/def_data.h Mon Nov 29 10:32:44 2004 @@ -120,5 +120,5 @@ once, always, any, - all, + all }; diff sudo-1.6.8p4/def_data.in sudo-1.6.8p5/def_data.in --- sudo-1.6.8p4/def_data.in Thu Feb 12 19:08:27 2004 +++ sudo-1.6.8p5/def_data.in Sun Nov 28 14:05:13 2004 @@ -166,7 +166,7 @@ verifypw T_TUPLE|T_BOOL "When to require a password for 'verify' pseudocommand: %s" - never any all always + never all any always noexec T_FLAG "Preload the dummy exec functions contained in 'noexec_file'" diff sudo-1.6.8p4/defaults.c sudo-1.6.8p5/defaults.c --- sudo-1.6.8p4/defaults.c Sun Jun 6 17:58:10 2004 +++ sudo-1.6.8p5/defaults.c Fri Nov 26 12:22:43 2004 @@ -345,13 +345,10 @@ } break; case T_TUPLE: - if (!val) { - /* Check for bogus boolean usage or lack of a value. */ - if (!ISSET(cur->type, T_BOOL) || op != FALSE) { - warnx("no value specified for `%s' on line %d", - var, sudolineno); - return(FALSE); - } + if (!val && !ISSET(cur->type, T_BOOL)) { + warnx("no value specified for `%s' on line %d", + var, sudolineno); + return(FALSE); } if (!store_tuple(val, cur, op)) { warnx("value `%s' is invalid for option `%s'", val, var); @@ -564,16 +561,16 @@ * This does assume that the first entry in the tuple enum will * be the equivalent to a boolean "false". */ - if (op == FALSE) { - def->sd_un.ival = 0; + if (!val) { + def->sd_un.ival = (op == FALSE) ? 0 : 1; } else { - for (v = def->values; v != NULL; v++) { + for (v = def->values; v->sval != NULL; v++) { if (strcmp(v->sval, val) == 0) { def->sd_un.ival = v->ival; break; } } - if (v == NULL) + if (v->sval == NULL) return(FALSE); } if (def->callback) diff sudo-1.6.8p4/mkdefaults sudo-1.6.8p5/mkdefaults --- sudo-1.6.8p4/mkdefaults Fri Jan 16 16:02:18 2004 +++ sudo-1.6.8p5/mkdefaults Mon Nov 29 10:32:29 2004 @@ -109,8 +109,9 @@ # Print out def_tuple if (@tuple_values) { print HEADER "\nenum def_tupple {\n"; - foreach (@tuple_values) { - print HEADER "\t$_,\n"; + for ($i = 0; $i <= $#tuple_values; $i++) { + printf HEADER "\t%s%s\n", $tuple_values[$i], + $i != $#tuple_values ? "," : ""; } print HEADER "};\n"; } diff sudo-1.6.8p4/sudo.cat sudo-1.6.8p5/sudo.cat --- sudo-1.6.8p4/sudo.cat Wed Nov 17 09:23:12 2004 +++ sudo-1.6.8p5/sudo.cat Thu Nov 25 10:35:55 2004 @@ -61,7 +61,7 @@ -1.6.8p4 November 17, 2004 1 +1.6.8p5 November 26, 2004 1 @@ -127,7 +127,7 @@ -1.6.8p4 November 17, 2004 2 +1.6.8p5 November 26, 2004 2 @@ -193,7 +193,7 @@ -1.6.8p4 November 17, 2004 3 +1.6.8p5 November 26, 2004 3 @@ -259,7 +259,7 @@ -1.6.8p4 November 17, 2004 4 +1.6.8p5 November 26, 2004 4 @@ -325,7 +325,7 @@ -1.6.8p4 November 17, 2004 5 +1.6.8p5 November 26, 2004 5 @@ -391,7 +391,7 @@ -1.6.8p4 November 17, 2004 6 +1.6.8p5 November 26, 2004 6 @@ -457,7 +457,7 @@ -1.6.8p4 November 17, 2004 7 +1.6.8p5 November 26, 2004 7 @@ -523,7 +523,7 @@ -1.6.8p4 November 17, 2004 8 +1.6.8p5 November 26, 2004 8 @@ -589,6 +589,6 @@ -1.6.8p4 November 17, 2004 9 +1.6.8p5 November 26, 2004 9 diff sudo-1.6.8p4/sudo.h sudo-1.6.8p5/sudo.h --- sudo-1.6.8p4/sudo.h Wed Sep 8 09:48:23 2004 +++ sudo-1.6.8p5/sudo.h Thu Nov 25 10:34:44 2004 @@ -161,6 +161,10 @@ #define TGP_ECHO 0x01 /* leave echo on when reading passwd */ #define TGP_STDIN 0x02 /* read from stdin, not /dev/tty */ +struct passwd; +struct timespec; +struct timeval; + /* * Function prototypes */ diff sudo-1.6.8p4/sudo.man.in sudo-1.6.8p5/sudo.man.in --- sudo-1.6.8p4/sudo.man.in Wed Nov 17 09:22:25 2004 +++ sudo-1.6.8p5/sudo.man.in Thu Nov 25 10:35:09 2004 @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "November 17, 2004" "1.6.8p4" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "November 26, 2004" "1.6.8p5" "MAINTENANCE COMMANDS" .SH "NAME" sudo, sudoedit \- execute a command as another user .SH "SYNOPSIS" diff sudo-1.6.8p4/sudo_edit.c sudo-1.6.8p5/sudo_edit.c --- sudo-1.6.8p4/sudo_edit.c Wed Nov 17 08:42:32 2004 +++ sudo-1.6.8p5/sudo_edit.c Thu Nov 25 10:32:34 2004 @@ -293,7 +293,11 @@ * If mtime and size match but the user spent no measurable * time in the editor we can't tell if the file was changed. */ +#ifdef HAVE_TIMESPECSUB2 + timespecsub(&ts1, &ts2); +#else timespecsub(&ts1, &ts2, &ts2); +#endif if (timespecisset(&ts2)) { warnx("%s unchanged", tf[i].ofile); unlink(tf[i].tfile); Only in sudo-1.6.8p4: sudo_edit.c.rej diff sudo-1.6.8p4/sudoers.cat sudo-1.6.8p5/sudoers.cat --- sudo-1.6.8p4/sudoers.cat Wed Nov 17 09:23:37 2004 +++ sudo-1.6.8p5/sudoers.cat Sun Nov 28 14:13:36 2004 @@ -61,7 +61,7 @@ -1.6.8p4 November 17, 2004 1 +1.6.8p5 November 28, 2004 1 @@ -127,7 +127,7 @@ -1.6.8p4 November 17, 2004 2 +1.6.8p5 November 28, 2004 2 @@ -193,7 +193,7 @@ -1.6.8p4 November 17, 2004 3 +1.6.8p5 November 28, 2004 3 @@ -259,7 +259,7 @@ -1.6.8p4 November 17, 2004 4 +1.6.8p5 November 28, 2004 4 @@ -325,7 +325,7 @@ -1.6.8p4 November 17, 2004 5 +1.6.8p5 November 28, 2004 5 @@ -391,7 +391,7 @@ -1.6.8p4 November 17, 2004 6 +1.6.8p5 November 28, 2004 6 @@ -457,7 +457,7 @@ -1.6.8p4 November 17, 2004 7 +1.6.8p5 November 28, 2004 7 @@ -523,7 +523,7 @@ -1.6.8p4 November 17, 2004 8 +1.6.8p5 November 28, 2004 8 @@ -589,7 +589,7 @@ -1.6.8p4 November 17, 2004 9 +1.6.8p5 November 28, 2004 9 @@ -655,7 +655,7 @@ -1.6.8p4 November 17, 2004 10 +1.6.8p5 November 28, 2004 10 @@ -712,24 +712,29 @@ always Always lecture the user. - The default value is _o_n_c_e. + If no value is specified, a value of _o_n_c_e is + implied. Negating the option results in a + value of _n_e_v_e_r being used. The default value + is _o_n_c_e. - lecture_file - Path to a file containing an alternate sudo - lecture that will be used in place of the - standard lecture if the named file exists. -1.6.8p4 November 17, 2004 11 +1.6.8p5 November 28, 2004 11 + SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + lecture_file + Path to a file containing an alternate sudo + lecture that will be used in place of the + standard lecture if the named file exists. + logfile Path to the ssuuddoo log file (not the syslog log file). Setting a path turns on logging to a file; negating this option turns it off. @@ -774,27 +779,30 @@ always The user must always enter a password to use the --vv flag. - The default value is `all'. + If no value is specified, a value of _a_l_l is + implied. Negating the option results in a + value of _n_e_v_e_r being used. The default value + is _a_l_l. - listpw This option controls when a password will be - required when a user runs ssuuddoo with the --ll - flag. It has the following possible values: - all All the user's _s_u_d_o_e_r_s entries for the - current host must have the NOPASSWD - flag set to avoid entering a password. +1.6.8p5 November 28, 2004 12 -1.6.8p4 November 17, 2004 12 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + listpw This option controls when a password will be + required when a user runs ssuuddoo with the --ll + flag. It has the following possible values: + all All the user's _s_u_d_o_e_r_s entries for the + current host must have the NOPASSWD + flag set to avoid entering a password. any At least one of the user's _s_u_d_o_e_r_s entries for the current host must have @@ -807,7 +815,10 @@ always The user must always enter a password to use the --ll flag. - The default value is `any'. + If no value is specified, a value of _a_n_y is + implied. Negating the option results in a + value of _n_e_v_e_r being used. The default value + is _a_n_y. LLiissttss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: @@ -839,29 +850,29 @@ any setuid process (such as ssuuddoo). env_keep Environment variables to be preserved in the - user's environment when the _e_n_v___r_e_s_e_t option - is in effect. This allows fine-grained con­ - trol over the environment ssuuddoo-spawned pro­ - cesses will receive. The argument may be a - double-quoted, space-separated list or a sin­ - gle value without double-quotes. The list can - be replaced, added to, deleted from, or dis­ - abled by using the =, +=, -=, and ! operators - respectively. This list has no default mem­ - bers. +1.6.8p5 November 28, 2004 13 -1.6.8p4 November 17, 2004 13 - SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + user's environment when the _e_n_v___r_e_s_e_t option + is in effect. This allows fine-grained con­ + trol over the environment ssuuddoo-spawned pro­ + cesses will receive. The argument may be a + double-quoted, space-separated list or a sin­ + gle value without double-quotes. The list can + be replaced, added to, deleted from, or dis­ + abled by using the =, +=, -=, and ! operators + respectively. This list has no default mem­ + bers. + When logging via _s_y_s_l_o_g(3), ssuuddoo accepts the following values for the syslog facility (the value of the ssyysslloogg Parameter): aauutthhpprriivv (if your OS supports it), aauutthh, ddaaee­­ @@ -905,29 +916,28 @@ The user ddggbb may run _/_b_i_n_/_l_s, _/_b_i_n_/_k_i_l_l, and _/_u_s_r_/_b_i_n_/_l_p_r_m -- but only as ooppeerraattoorr. E.g., - $ sudo -u operator /bin/ls. - It is also possible to override a Runas_Spec later on in - an entry. If we modify the entry like so: - dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm - Then user ddggbb is now allowed to run _/_b_i_n_/_l_s as ooppeerraattoorr, - but _/_b_i_n_/_k_i_l_l and _/_u_s_r_/_b_i_n_/_l_p_r_m as rroooott. +1.6.8p5 November 28, 2004 14 -1.6.8p4 November 17, 2004 14 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + $ sudo -u operator /bin/ls. + It is also possible to override a Runas_Spec later on in + an entry. If we modify the entry like so: + dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Then user ddggbb is now allowed to run _/_b_i_n_/_l_s as ooppeerraattoorr, + but _/_b_i_n_/_k_i_l_l and _/_u_s_r_/_b_i_n_/_l_p_r_m as rroooott. - TTaagg__SSppeecc A command may have zero or more tags associated with it. @@ -972,28 +982,29 @@ If sudo has been compiled with _n_o_e_x_e_c support and the underlying operating system support it, the NOEXEC tag can be used to prevent a dynamically-linked executable from - running further commands itself. - In the following example, user aaaarroonn may run _/_u_s_r_/_b_i_n_/_m_o_r_e - and _/_u_s_r_/_b_i_n_/_v_i but shell escapes will be disabled. - aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi - See the "PREVENTING SHELL ESCAPES" section below for more - details on how _n_o_e_x_e_c works and whether or not it will - work on your system. +1.6.8p5 November 28, 2004 15 -1.6.8p4 November 17, 2004 15 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + running further commands itself. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + In the following example, user aaaarroonn may run _/_u_s_r_/_b_i_n_/_m_o_r_e + and _/_u_s_r_/_b_i_n_/_v_i but shell escapes will be disabled. + aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi + See the "PREVENTING SHELL ESCAPES" section below for more + details on how _n_o_e_x_e_c works and whether or not it will + work on your system. + WWiillddccaarrddss ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s (aka meta or glob char­ @@ -1037,29 +1048,28 @@ $ sudo w $ sudo /usr/bin/w - However, this will not: - $ cd /usr/bin - $ sudo ./w - For this reason you should only ggrraanntt access to commands - using wildcards and never rreessttrriicctt access using them. - This limitation will be removed in a future version of - ssuuddoo. +1.6.8p5 November 28, 2004 16 -1.6.8p4 November 17, 2004 16 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + However, this will not: + $ cd /usr/bin + $ sudo ./w -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + For this reason you should only ggrraanntt access to commands + using wildcards and never rreessttrriicctt access using them. + This limitation will be removed in a future version of + ssuuddoo. - EExxcceeppttiioonnss ttoo wwiillddccaarrdd rruulleess The following exceptions apply to the above rules: @@ -1103,21 +1113,11 @@ ('\') when used as part of a word (e.g. a username or hostname): '@', '!', '=', ':', ',', '(', ')', '\'. -FFIILLEESS - /etc/sudoers List of who can run what - /etc/group Local groups file - /etc/netgroup List of network groups -EEXXAAMMPPLLEESS - Since the _s_u_d_o_e_r_s file is parsed in a single pass, order - is important. In general, you should structure _s_u_d_o_e_r_s - such that the Host_Alias, User_Alias, and Cmnd_Alias spec­ - ifications come first, followed by any Default_Entry - lines, and finally the Runas_Alias and user -1.6.8p4 November 17, 2004 17 +1.6.8p5 November 28, 2004 17 @@ -1126,9 +1126,20 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - specifications. The basic rule of thumb is you cannot - reference an Alias that has not already been defined. +FFIILLEESS + /etc/sudoers List of who can run what + /etc/group Local groups file + /etc/netgroup List of network groups +EEXXAAMMPPLLEESS + Since the _s_u_d_o_e_r_s file is parsed in a single pass, order + is important. In general, you should structure _s_u_d_o_e_r_s + such that the Host_Alias, User_Alias, and Cmnd_Alias spec­ + ifications come first, followed by any Default_Entry + lines, and finally the Runas_Alias and user specifica­ + tions. The basic rule of thumb is you cannot reference an + Alias that has not already been defined. + Below are example _s_u_d_o_e_r_s entries. Admittedly, some of these are a bit contrived. First, we define our _a_l_i_a_s_e_s: @@ -1169,29 +1180,24 @@ in all cases. We don't want to subject the full time staff to the ssuuddoo lecture, user mmiilllleerrtt need not give a password, and we don't want to reset the LOGNAME or USER - environment variables when running commands as root. - Additionally, on the machines in the _S_E_R_V_E_R_S Host_Alias, - we keep an additional local log file and make sure we log - the year in each log line since the log entries will be - kept around for several years. +1.6.8p5 November 28, 2004 18 - -1.6.8p4 November 17, 2004 18 - - - - - SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + environment variables when running commands as root. + Additionally, on the machines in the _S_E_R_V_E_R_S Host_Alias, + we keep an additional local log file and make sure we log + the year in each log line since the log entries will be + kept around for several years. + # Override built-in defaults Defaults syslog=auth Defaults>root !set_logname @@ -1241,22 +1247,22 @@ killing processes, the printing system, shutting down the system, and any commands in the directory _/_u_s_r_/_o_p_e_r_/_b_i_n_/. - joe ALL = /usr/bin/su operator - The user jjooee may only _s_u(1) to operator. - pete HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root +1.6.8p5 November 28, 2004 19 -1.6.8p4 November 17, 2004 19 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + joe ALL = /usr/bin/su operator -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + The user jjooee may only _s_u(1) to operator. + pete HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root The user ppeettee is allowed to change anyone's password except for root on the _H_P_P_A machines. Note that this @@ -1306,24 +1312,25 @@ steve CSNETS = (operator) /usr/local/op_commands/ The user sstteevvee may run any command in the directory - /usr/local/op_commands/ but only as user operator. - matt valkyrie = KILL - On his personal workstation, valkyrie, mmaatttt needs to be - able to kill hung processes. +1.6.8p5 November 28, 2004 20 -1.6.8p4 November 17, 2004 20 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + /usr/local/op_commands/ but only as user operator. + matt valkyrie = KILL + On his personal workstation, valkyrie, mmaatttt needs to be + able to kill hung processes. + WEBMASTERS www = (www) ALL, (root) /usr/bin/su www On the host www, any user in the _W_E_B_M_A_S_T_E_R_S User_Alias @@ -1370,25 +1377,25 @@ ality can be used to prevent a program run by sudo from executing any other programs. Note, however, that this applies only to native dynamically-linked executables. - Statically-linked executables and foreign executables run­ - ning under binary emulation are not affected. + Statically-linked executables and foreign executables - To tell whether or not ssuuddoo supports _n_o_e_x_e_c, you can run - the following as root: - sudo -V | grep "dummy exec" +1.6.8p5 November 28, 2004 21 -1.6.8p4 November 17, 2004 21 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + running under binary emulation are not affected. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + To tell whether or not ssuuddoo supports _n_o_e_x_e_c, you can run + the following as root: + sudo -V | grep "dummy exec" If the resulting output contains a line that begins with: @@ -1437,25 +1444,24 @@ errors since ssuuddoo will not run with a syntactically incor­ rect _s_u_d_o_e_r_s file. - When using netgroups of machines (as opposed to users), if - you store fully qualified hostnames in the netgroup (as is - usually the case), you either need to have the machine's - hostname be fully qualified as returned by the hostname - command or use the _f_q_d_n option in _s_u_d_o_e_r_s. +1.6.8p5 November 28, 2004 22 -1.6.8p4 November 17, 2004 22 - - SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + When using netgroups of machines (as opposed to users), if + you store fully qualified hostnames in the netgroup (as is + usually the case), you either need to have the machine's + hostname be fully qualified as returned by the hostname + command or use the _f_q_d_n option in _s_u_d_o_e_r_s. + BBUUGGSS If you feel you have found a bug in ssuuddoo, please submit a bug report at http://www.sudo.ws/sudo/bugs/ @@ -1507,12 +1513,6 @@ - - - - - - -1.6.8p4 November 17, 2004 23 +1.6.8p5 November 28, 2004 23 diff sudo-1.6.8p4/sudoers.man.in sudo-1.6.8p5/sudoers.man.in --- sudo-1.6.8p4/sudoers.man.in Wed Nov 17 09:22:31 2004 +++ sudo-1.6.8p5/sudoers.man.in Sun Nov 28 14:13:35 2004 @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "November 17, 2004" "1.6.8p4" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "November 28, 2004" "1.6.8p5" "MAINTENANCE COMMANDS" .SH "NAME" sudoers \- list of which users may execute what .SH "DESCRIPTION" @@ -728,6 +728,8 @@ .RE .RS 12 .Sp +If no value is specified, a value of \fIonce\fR is implied. +Negating the option results in a value of \fInever\fR being used. The default value is \fI@lecture@\fR. .RE .IP "lecture_file" 12 @@ -780,7 +782,9 @@ .RE .RS 12 .Sp -The default value is `all'. +If no value is specified, a value of \fIall\fR is implied. +Negating the option results in a value of \fInever\fR being used. +The default value is \fIall\fR. .RE .IP "listpw" 12 .IX Item "listpw" @@ -804,7 +808,9 @@ .RE .RS 12 .Sp -The default value is `any'. +If no value is specified, a value of \fIany\fR is implied. +Negating the option results in a value of \fInever\fR being used. +The default value is \fIany\fR. .RE .PP \&\fBLists that can be used in a boolean context\fR: diff sudo-1.6.8p4/sudoers.pod sudo-1.6.8p5/sudoers.pod --- sudo-1.6.8p4/sudoers.pod Mon Sep 6 14:45:27 2004 +++ sudo-1.6.8p5/sudoers.pod Sun Nov 28 14:08:40 2004 @@ -633,6 +633,8 @@ =back +If no value is specified, a value of I is implied. +Negating the option results in a value of I being used. The default value is I<@lecture@>. =item lecture_file @@ -697,7 +699,9 @@ =back -The default value is `all'. +If no value is specified, a value of I is implied. +Negating the option results in a value of I being used. +The default value is I. =item listpw @@ -726,7 +730,9 @@ =back -The default value is `any'. +If no value is specified, a value of I is implied. +Negating the option results in a value of I being used. +The default value is I. =back diff sudo-1.6.8p4/version.h sudo-1.6.8p5/version.h --- sudo-1.6.8p4/version.h Wed Nov 17 09:25:27 2004 +++ sudo-1.6.8p5/version.h Thu Nov 25 10:27:02 2004 @@ -23,6 +23,6 @@ #ifndef _SUDO_VERSION_H #define _SUDO_VERSION_H -static const char version[] = "1.6.8p4"; +static const char version[] = "1.6.8p5"; #endif /* _SUDO_VERSION_H */ diff sudo-1.6.8p4/visudo.c sudo-1.6.8p5/visudo.c --- sudo-1.6.8p4/visudo.c Wed Sep 8 09:48:23 2004 +++ sudo-1.6.8p5/visudo.c Thu Nov 25 10:32:40 2004 @@ -437,7 +437,11 @@ * If mtime and size match but the user spent no measurable * time in the editor we can't tell if the file was changed. */ +#ifdef HAVE_TIMESPECSUB2 + timespecsub(&ts1, &ts2); +#else timespecsub(&ts1, &ts2, &ts2); +#endif if (timespecisset(&ts2)) { warnx("sudoers file unchanged"); Exit(0); diff sudo-1.6.8p4/visudo.cat sudo-1.6.8p5/visudo.cat --- sudo-1.6.8p4/visudo.cat Wed Nov 17 09:23:53 2004 +++ sudo-1.6.8p5/visudo.cat Thu Nov 25 10:36:28 2004 @@ -61,7 +61,7 @@ -1.6.8p4 November 17, 2004 1 +1.6.8p5 November 26, 2004 1 @@ -127,7 +127,7 @@ -1.6.8p4 November 17, 2004 2 +1.6.8p5 November 26, 2004 2 @@ -193,6 +193,6 @@ -1.6.8p4 November 17, 2004 3 +1.6.8p5 November 26, 2004 3 diff sudo-1.6.8p4/visudo.man.in sudo-1.6.8p5/visudo.man.in --- sudo-1.6.8p4/visudo.man.in Wed Nov 17 09:22:38 2004 +++ sudo-1.6.8p5/visudo.man.in Thu Nov 25 10:35:24 2004 @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "November 17, 2004" "1.6.8p4" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "November 26, 2004" "1.6.8p5" "MAINTENANCE COMMANDS" .SH "NAME" visudo \- edit the sudoers file .SH "SYNOPSIS"