[Midnightbsd-cvs] src [7028] trunk/contrib/sudo: sudo 1.7.8p2
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sat Jun 13 16:47:08 EDT 2015
Revision: 7028
http://svnweb.midnightbsd.org/src/?rev=7028
Author: laffer1
Date: 2015-06-13 16:47:07 -0400 (Sat, 13 Jun 2015)
Log Message:
-----------
sudo 1.7.8p2
Modified Paths:
--------------
trunk/contrib/sudo/ChangeLog
trunk/contrib/sudo/NEWS
trunk/contrib/sudo/check.c
trunk/contrib/sudo/config.h
trunk/contrib/sudo/configure
trunk/contrib/sudo/configure.in
trunk/contrib/sudo/sudo.c
trunk/contrib/sudo/sudo.pp
Modified: trunk/contrib/sudo/ChangeLog
===================================================================
--- trunk/contrib/sudo/ChangeLog 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/ChangeLog 2015-06-13 20:47:07 UTC (rev 7028)
@@ -1,3 +1,19 @@
+2012-01-13 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudo.pp:
+ Include parent directories in case they don't already exist. This
+ fixes a directory permissions problem with the AIX package when the
+ /usr/local directories don't already exist.
+ [94c64d964891] <1.7>
+
+2011-11-08 Todd C. Miller <Todd.Miller at courtesan.com>
+
+ * sudo.pp:
+ Mark libexec files as optional. If there is no support for noexec,
+ sudo will not build sudo_noexec.so. Fixes a packaging problem on
+ AIX 4.3
+ [b3b80e0ebeb2] <1.7>
+
2011-10-25 Todd C. Miller <Todd.Miller at courtesan.com>
* NEWS, match.c:
Modified: trunk/contrib/sudo/NEWS
===================================================================
--- trunk/contrib/sudo/NEWS 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/NEWS 2015-06-13 20:47:07 UTC (rev 7028)
@@ -1,3 +1,8 @@
+What's new in Sudo 1.7.8p2?
+
+ * Fixed a crash in the monitor process on Solaris when NOPASSWD
+ was specified or when authentication was disabled.
+
What's new in Sudo 1.7.8p1?
* Fixed matching of a Runas_Alias in the group section of a
Modified: trunk/contrib/sudo/check.c
===================================================================
--- trunk/contrib/sudo/check.c 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/check.c 2015-06-13 20:47:07 UTC (rev 7028)
@@ -106,8 +106,30 @@
char *timestampfile = NULL;
char *prompt;
struct stat sb;
- int status;
+ int status, need_pass = def_authenticate;
+ /* Init authentication system regardless of whether we need a password. */
+ auth_pw = get_authpw();
+ sudo_auth_init(auth_pw);
+
+ if (need_pass) {
+ /* Always need a password when -k was specified with the command. */
+ if (ISSET(mode, MODE_INVALIDATE)) {
+ SET(validated, FLAG_CHECK_USER);
+ } else {
+ /*
+ * Don't prompt for the root passwd or if the user is exempt.
+ * If the user is not changing uid/gid, no need for a password.
+ */
+ if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
+ (!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name)))
+ || user_is_exempt())
+ need_pass = FALSE;
+ }
+ }
+ if (!need_pass)
+ goto done;
+
/* Stash the tty's ctime for tty ticket comparison. */
if (def_tty_tickets && user_ttypath && stat(user_ttypath, &sb) == 0) {
tty_info.dev = sb.st_dev;
@@ -117,24 +139,6 @@
ctim_get(&sb, &tty_info.ctime);
}
- /* Init authentication system regardless of whether we need a password. */
- auth_pw = get_authpw();
- sudo_auth_init(auth_pw);
-
- /* Always prompt for a password when -k was specified with the command. */
- if (ISSET(mode, MODE_INVALIDATE)) {
- SET(validated, FLAG_CHECK_USER);
- } else {
- /*
- * Don't prompt for the root passwd or if the user is exempt.
- * If the user is not changing uid/gid, no need for a password.
- */
- if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
- (!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name))) ||
- user_is_exempt())
- goto done;
- }
-
build_timestamp(×tampdir, ×tampfile);
status = timestamp_status(timestampdir, timestampfile, user_name,
TS_MAKE_DIRS);
Modified: trunk/contrib/sudo/config.h
===================================================================
--- trunk/contrib/sudo/config.h 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/config.h 2015-06-13 20:47:07 UTC (rev 7028)
@@ -683,7 +683,7 @@
#define PACKAGE_NAME "sudo"
/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "sudo 1.7.8p1"
+#define PACKAGE_STRING "sudo 1.7.8p2"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "sudo"
@@ -692,7 +692,7 @@
#define PACKAGE_URL ""
/* Define to the version of this package. */
-#define PACKAGE_VERSION "1.7.8p1"
+#define PACKAGE_VERSION "1.7.8p2"
/* The default password prompt. */
#define PASSPROMPT "Password:"
Modified: trunk/contrib/sudo/configure
===================================================================
--- trunk/contrib/sudo/configure 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/configure 2015-06-13 20:47:07 UTC (rev 7028)
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for sudo 1.7.8p1.
+# Generated by GNU Autoconf 2.68 for sudo 1.7.8p2.
#
# Report bugs to <http://www.sudo.ws/bugs/>.
#
@@ -570,8 +570,8 @@
# Identity of this package.
PACKAGE_NAME='sudo'
PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.7.8p1'
-PACKAGE_STRING='sudo 1.7.8p1'
+PACKAGE_VERSION='1.7.8p2'
+PACKAGE_STRING='sudo 1.7.8p2'
PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/'
PACKAGE_URL=''
@@ -1434,7 +1434,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures sudo 1.7.8p1 to adapt to many kinds of systems.
+\`configure' configures sudo 1.7.8p2 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1499,7 +1499,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of sudo 1.7.8p1:";;
+ short | recursive ) echo "Configuration of sudo 1.7.8p2:";;
esac
cat <<\_ACEOF
@@ -1718,7 +1718,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-sudo configure 1.7.8p1
+sudo configure 1.7.8p2
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@@ -2422,7 +2422,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by sudo $as_me 1.7.8p1, which was
+It was created by sudo $as_me 1.7.8p2, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@@ -20431,7 +20431,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by sudo $as_me 1.7.8p1, which was
+This file was extended by sudo $as_me 1.7.8p2, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -20497,7 +20497,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-sudo config.status 1.7.8p1
+sudo config.status 1.7.8p2
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
Modified: trunk/contrib/sudo/configure.in
===================================================================
--- trunk/contrib/sudo/configure.in 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/configure.in 2015-06-13 20:47:07 UTC (rev 7028)
@@ -3,7 +3,7 @@
dnl
dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller <Todd.Miller at courtesan.com>
dnl
-AC_INIT([sudo], [1.7.8p1], [http://www.sudo.ws/bugs/], [sudo])
+AC_INIT([sudo], [1.7.8p2], [http://www.sudo.ws/bugs/], [sudo])
AC_CONFIG_HEADER(config.h pathnames.h zlib/zconf.h)
dnl
dnl Note: this must come after AC_INIT
Modified: trunk/contrib/sudo/sudo.c
===================================================================
--- trunk/contrib/sudo/sudo.c 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/sudo.c 2015-06-13 20:47:07 UTC (rev 7028)
@@ -424,8 +424,7 @@
rebuild_env(def_noexec);
/* Require a password if sudoers says so. */
- if (def_authenticate)
- check_user(validated, sudo_mode);
+ check_user(validated, sudo_mode);
/* If run as root with SUDO_USER set, set sudo_user.pw to that user. */
/* XXX - causes confusion when root is not listed in sudoers */
Modified: trunk/contrib/sudo/sudo.pp
===================================================================
--- trunk/contrib/sudo/sudo.pp 2015-06-13 20:43:00 UTC (rev 7027)
+++ trunk/contrib/sudo/sudo.pp 2015-06-13 20:47:07 UTC (rev 7028)
@@ -12,7 +12,7 @@
The basic philosophy is to give as few privileges as possible but \
still allow people to get their work done."
vendor="Todd C. Miller"
- copyright="(c) 1993-1996,1998-2011 Todd C. Miller"
+ copyright="(c) 1993-1996,1998-2012 Todd C. Miller"
%if [aix]
# AIX package summary is limited to 40 characters
@@ -176,12 +176,25 @@
EOF
%endif
+ # OS-level directories that should generally exist but might not.
+ extradirs=`echo ${pp_destdir}/${mandir}/[mc]* | sed "s#${pp_destdir}/##g"`
+ extradirs="$extradirs `dirname $docdir` `dirname $timedir`"
+ test -d ${pp_destdir}/etc/pam.d && extradirs="${extradirs} /etc/pam.d"
+ for dir in $bindir $sbindir $libexecdir $extradirs; do
+ while test "$dir" != "/"; do
+ osdirs="${osdirs}${osdirs+ }$dir/"
+ dir=`dirname $dir`
+ done
+ done
+ osdirs=`echo $osdirs | tr " " "\n" | sort -u`
+
%files
+ $osdirs -
$bindir/sudo 4111 root:
$bindir/sudoedit 4111 root:
$sbindir/visudo 0111
$bindir/sudoreplay 0111
- $libexecdir/*
+ $libexecdir/* optional
$sudoersdir/sudoers.d/ 0750 $sudoers_uid:$sudoers_gid
$timedir/ 0700 root:
$docdir/
More information about the Midnightbsd-cvs
mailing list