MiscellaneousMirror.Org hosted in Germany by , , , ,

This site will look much better in a browser that supports web standards, but it is accessible to any browser or Internet device.

Beta Versions of Sudo

The current BETA version of sudo is . This is a release candidate.

If you plan to use a beta version of sudo, please subscribe to the sudo-workers mailing list so that you will receive updates on bug fixes and beta release announcements.


Major changes from version 1.6.9b5 to 1.6.9rc1:

  • The sudoers2ldif script now parses Runas users.

  • The -- flag on the command line now behaves as documented.


Major changes from version 1.6.9b4 to 1.6.9b5:

  • Added a SETENV tag and setenv sudoers options that allow users to specify environment variables on the command line.

  • Added a -E option to preserve the environment if the user has permission to change environment variables.


Major changes from version 1.6.9b3 to 1.6.9b4:

  • Moved LDAP schema data into separate files.

  • Sudo no longer assumes that gr_mem in struct group is non-NULL.


Major changes from version 1.6.9b2 to 1.6.9b3:

  • Added definition of _PATH_DEVNULL for systems without it.

  • Added support for Solaris 10 project resource limits.


Major changes from version 1.6.9b1 to 1.6.9b2:

  • Fixed problems with the included fnmatch() and glob() functions that resulted in a compilation failure on some systems.


Major changes from version 1.6.8p12 to 1.6.9b1:

  • Fixed a file descriptor leak when the lecture file option is enabled.

  • Added to the list of variables to remove from the environment.

  • Fixed a Kerberos V security issue that could allow a user to authenticate using a fake KDC.

  • Pulled in updated configure and libtool from sudo 1.7.

  • PAM is now the default on systems where it is supported.

  • Removed POSIX saved uid use; the stay_setuid option now requires the setreuid() or setresuid() functions to work.

  • Regenerated configure with up to date autoconf and libtool.

  • Fixed fd leak when lecture file option is enabled.

  • Removed used of POSIX saved uids. The stay_setuid option now requires setreuid() or setresuid().

  • PAM fixes. If the user enters ^C at the password prompt, abort instead of trying to authenticate with an empty password (which causes an annoying delay). Also Call pam_open_session() and pam_close_session() to give pam_limits a chance to run.

  • Security fix for Kerberos5. If we cannot get a valid service key using the default keytab it is a fatal error. Now uses krb5_verify_user() and krb5_init_secure_context() if they are available.

  • Fixed securid5 authentication.

  • Added fcntl F_CLOSEM support to closefrom().

  • Added NOEXEC support for AIX 5.3.

  • Sudo now uses the supplemental group vector for matching. This fixes problems with split group lines in /etc/group as well as multiple group sources in nsswitch.conf.

  • Added more environment variables to remove by default.

  • Mail from sudo now includes an Auto-Submitted: auto-generated header ala rfc 3834.

  • Reworked the environment handling code.

  • Remove the --with-execv option, it was not useful.

  • Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since some OSes have issues with TCSAFLUSH.

  • Use glob(3) instead of fnmatch(3) for matching pathnames and stat() each result that matches the basename of the user's command. This makes "cd /usr/bin ; sudo ./blah" work when sudoers allows /usr/bin/blah.

  • Reworked the syslog long line splitting code based on changes from Eygene Ryabinkin.

  • Sudo can now with deal more than 32 network interfaces on Solaris.

  • Visudo will now honor command line arguments in the EDITOR or VISUAL environment variables if env_editor is enabled.

  • LDAP now honors rootbinddn, timelimit and bind_timelimit in /etc/ldap.conf.

  • For LDAP, do a sub tree search instead of a base search (one level in the tree only) for sudo right objects. This allows system administrators to categorize the rights in a tree to make them easier to manage.

For full details view the commit logs from the anoncvs server.

Mirror hosted in Germany by - Sponsored by