Sudo Development Versions (obsolete)

Major changes between version 1.7.5b5 and 1.7.5rc1:

  • Fixed compilation issues on SVR5.

  • Added help text to -h option for sudo, visudo, and sudoreplay.

Major changes between version 1.7.5b4 and 1.7.5b5:

  • Fixed compilation on GNU/Hurd.

Major changes between version 1.7.5b3 and 1.7.5b4:

  • Fixed compilation on HP-UX with the bundled compiler.

  • Sudo now passes SIGUSR1 and SIGUSR2 through to the child process.

  • Cosmetic changes to reduce diffs between sudo 1.7.5 and 1.8.0.

Major changes between version 1.7.5b2 and 1.7.5b3:

  • Sudo will no longer refuse to run if the sudoers file is writable by root.

  • Sudo now performs command line escaping for "sudo -s" and "sudo -i" after validating the command so the sudoers entries do not need to include the backslashes.

  • Logging and email sending are now done in the locale specified by the "sudoers_locale" setting ("C" by default). Email send by sudo now includes MIME headers when "sudoers_locale" is not "C".

  • The configure script has a new option, --disable-env-reset, to allow one to change the default for the sudoers Default setting "env_reset" at compile time.

  • When logging "sudo -l command", sudo will now prepend "list " to the command in the log line to distinguish between an actual command invocation in the logs.

  • Double-quoted group and user names may now include escaped double quotes as part of the name. Previously this was a parse error.

  • Sudo once again restores the state of the signal handlers it modifies before executing the command. This allows sudo to be used with the nohup command.

  • Resuming a suspended shell now works properly when I/O logging is not enabled (the I/O logging case was already correct).

Major changes between version 1.7.5b1 and 1.7.5b2:

  • LDAP Sudoers entries may now specify a time period for which the entry is valid. This requires an updated sudoers schema that includes the sudoNotBefore and sudoNotAfter attributes. Support for timed entries must be explicitly enabled in the ldap.conf file. Based on changes from Andreas Mueller.

  • LDAP Sudoers entries may now specify a sudoOrder attribute that determines the order in which matching entries are applied; the first matching entry is used. This requires an updated sudoers schema that includes the sudoOrder attribute. Based on changes from Andreas Mueller.

  • When run as sudoedit, or when given the -e flag, sudo now treats command line arguments as pathnames. This means that slashes in the sudoers file entry must explicitly match slashes in the command line arguments. As a result, and entry such as:
    	user ALL = sudoedit /etc/*
    will allow editing of /etc/motd but not /etc/security/default.

  • NETWORK_TIMEOUT is now an alias for BIND_TIMELIMIT in ldap.conf for compatibility with OpenLDAP configuration files.

  • The LDAP API TIMEOUT parameter is now honored in ldap.conf.

Major changes between version 1.7.4 and 1.7.5b1:

  • The LOG_INPUT and LOG_OUTPUT tags in sudoers are now parsed correctly.

  • When using visudo in check mode, a file named "-" may be used to check sudoers data on the standard input.

  • Sudo now only fetches shadow password entries when using the password database directly for authentication.

  • Password and group entries are now cached using the same key that was used to look them up. This fixes a problem when looking up entries by name if the name in the retrieved entry does not match the name used to look it up. This may happen on some systems that do case insensitive lookups or that truncate long names.

  • GCC will no longer display warnings on glibc systems that use the warn_unused_result attribute for write(2) and other system calls.

  • If a PAM account management module denies access, sudo now prints a more useful error message and stops trying to validate the user.

  • Fixed a bug introduced in sudo 1.7.3 where the ticket file was not being honored when the "targetpw" sudoers Defaults option was enabled.

  • Fixed a potential hang on idle systems when the sudo-run process exits immediately.

  • Fixed a crash when Solaris project support was enabled and the -g flag was used.

  • Sudo no longer exits with an error when support for auditing is compiled in but auditing is not enabled.

  • Fixed a crash with "sudo -l" when auditing is enabled and the user is not allowed to run any commands on the host.

  • Sudo will now examine all matching LDAP entries when doing a lookup, even if there has already been a positive match. This catches negative matches that may exist in other entries and more closely match the sudoers file behavior.

  • Sudo now includes a copy of zlib that will be used on systems that do not have zlib installed.

  • The --with-umask-override configure flag has been added to enable the "umask_override" sudoers Defaults option at build time.

  • Sudo now unblocks all signals on startup to avoid problems caused by the parent process changing the default signal mask.

Major changes between version 1.7.4rc1 and 1.7.4rc2:

  • Packaging fixes.

  • Added support for Ubuntu-style admin flag dot files.

Major changes between version 1.7.4b5 and 1.7.4rc1:

  • Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file.

Major changes between version 1.7.4b4 and 1.7.4b5:

  • Fixed a build problem on Solaris.

  • Fixed "sudo -i -u user" where user has no shell listed in the password database.

  • When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed.

Major changes between version 1.7.4b3 and 1.7.4b4:

  • Documentation updates.

  • If pam is in use, wait until the process has finished before closing the PAM session.

  • The WHATSNEW file has been renamed NEWS.

  • Compilation fix for mkstemps.c on some systems.

Major changes between version 1.7.4b2 and 1.7.4b3:

  • The tty_tickets option is now on by default.

  • Fixed a problem in the restoration of the AIX authdb registry setting.

Major changes between version 1.7.4b1 and 1.7.4b2:

  • Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run).

  • The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like:
    	Defaults env_keep += HOME
    to preserve the old value of HOME and
    	Defaults env_keep += MAIL
    to preserve the old value of MAIL.

  • Fixed a build problem with boottime.c on some systems.

Major changes between version 1.7.3 and 1.7.4b1:

  • Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode.

  • Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this.

  • Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory.

  • Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf.

  • Defaults settings that are tied to a user, host or command may now include the negation operator. For example: Defaults:!millert lecture will match any user but millert.

  • The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin.

  • Sudo now uses polypkg ( for cross-platform packing.

  • On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1).

Major changes between version 1.7.3b4 and 1.7.3rc1:

  • Password and group name cache lookups are now done in a case insensitive fashion.

  • URI entries in ldap.conf may now be specified multiple times.

  • Fixed a problem with the environment handling on OpenBSD.

  • Sudo now supports AIX per-user password database sources via the registry parameter in /etc/security/user. In 1.7.3b4 sudo uses the SYSTEM parameter.

Major changes between version 1.7.3b3 and 1.7.3b4:

  • Sudo will now use the Linux audit system with configure with the --with-linux-audit flag.

  • When the tty_tickets sudoers option is enabled but there is no terminal device, sudo will no longer use or create a tty-based ticket file. Previously, sudo would use a tty name of "unknown". As a consequence, if a user has no terminal device, sudo will now always prompt for a password.

  • Negating the fqdn option in sudoers now works correctly when sudo is configured with the --with-fqdn option. In previous versions of sudo the fqdn was set before sudoers was parsed.

  • Repaired the -i optino which was broken in 1.7.3b3.

  • On AIX, sudo now sets the userinfo like login(1) does when running a command.

  • Sudo now supports AIX per-user password database sources via the SYSTEM parameter in /etc/security/user.

Major changes between version 1.7.2p7 and 1.7.3b3:

  • Support for logging I/O for the command being run. For more information, see the documentation for the log_input and log_output Defaults options in the sudoers manual. Also see the sudoreplay manual for how to replay I/O log sessions.

  • The use_pty sudoers option can be used to force a command to be run in a pseudo-pty, even when I/O logging is not enabled.

  • On some systems, sudo can now detect when a user has logged out and back in again when tty-based time stamps are in use. Supported systems include Solaris systems with the devices file system, Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys only).

  • Sudo's SELinux support should now function correctly when running commands as a non-root user and when one of stdin, stdout or stderr is not a terminal.

  • Sudo now uses mbr_check_membership() on systems that support it to determine group membership. Currently, only Darwin (Mac OS X) supports this.

  • The passwd_timeout and timestamp_timeout options may now be specified as floating point numbers for more granular timeout values.