From giulio.capitanio at gmail.com Tue Dec 1 11:21:34 2009 From: giulio.capitanio at gmail.com (giulio capitanio) Date: Tue, 1 Dec 2009 17:21:34 +0100 Subject: [sudo-announce] sudosh3 released Message-ID: Hi all, I'm glad to announce I've enhanced sudosh2 with sudosh3: take a look at http://sourceforge.net/projects/sudosh3. Ciao Giulio -------------- next part -------------- An HTML attachment was scrubbed... URL: From Todd.Miller at courtesan.com Mon Dec 7 14:05:50 2009 From: Todd.Miller at courtesan.com (Todd C. Miller) Date: Mon, 07 Dec 2009 14:05:50 -0500 Subject: [sudo-announce] sudo 1.7.2p2 released Message-ID: <200912071905.nB7J5o6e014753@core.courtesan.com> Sudo version 1.7.2p2 is now available. This is a bug fix release. Download links: http://www.sudo.ws/sudo/dist/sudo-1.7.2p2.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.7.2p2.tar.gz For a list of download mirror sites, see: http://www.sudo.ws/sudo/download.html Sudo web site: http://www.sudo.ws/sudo/ Sudo web site mirrors: http://www.sudo.ws/sudo/mirrors.html Major changes between sudo 1.7.2p1 and 1.7.2p2: * Fixed a a bug where the negation operator in a Cmnd_List was not being honored. * Sudo no longer produces a parse error when #includedir references a directory that contains no valid filenames. * The sudo.man.pl and sudoers.man.pl files are now included in the distribution for people who wish to regenerate the man pages. * Fixed the emulation of krb5_get_init_creds_opt_alloc() for MIT kerberos. * When authenticating via PAM, set PAM_RUSER and PAM_RHOST early so they can be used during authentication. Major changes between sudo 1.7.2 and 1.7.2p1: * Fixed the expansion of the %h escape in #include file names introduced in sudo 1.7.1. Major changes between sudo 1.7.1 and 1.7.2: * A new #includedir directive is available in sudoers. This can be used to implement an /etc/sudo.d directory. Files in an includedir are not edited by visudo unless they contain a syntax error. * The -g option did not work properly when only setting the group (and not the user). Also, in -l mode the wrong user was displayed for sudoers entries where only the group was allowed to be set. * Fixed a problem with the alias checking in visudo which could prevent visudo from exiting. * Sudo will now correctly parse the shell-style /etc/environment file format used by pam_env on Linux. * When doing password and group database lookups, sudo will only cache an entry by name or by id, depending on how the entry was looked up. Previously, sudo would cache by both name and id from a single lookup, but this breaks sites that have multiple password or group database names that map to the same uid or gid. * User and group names in sudoers may now be enclosed in double quotes to avoid having to escape special characters. * BSM audit fixes when changing to a non-root uid. * Experimental non-Unix group support. Currently only works with Quest Authorization Services and allows Active Directory groups fixes for Minix-3. * For Netscape/Mozilla-derived LDAP SDKs the certificate and key paths may be specified as a directory or a file. However, version 5.0 of the SDK only appears to support using a directory (despite documentation to the contrary). If SSL client initialization fails and the certificate or key paths look like they could be default file name, strip off the last path element and try again. * A setenv() compatibility fix for Linux systems, where a NULL value is treated the same as an empty string and the variable name is checked against the NULL pointer.