[sudo-workers] Sudo 1.7.4b5 available
Todd C. Miller
Todd.Miller at courtesan.com
Mon Jul 26 14:39:37 EDT 2010
The fifth and hopefully final beta release of Sudo version 1.7.4
is now available. I expect to have a release candidate of 1.7.4
prepared within the next few days.
Major changes between sudo 1.7.4b4 and 1.7.4b5:
* Fixed a build problem on Solaris.
* Fixed "sudo -i -u user" where user has no shell listed in the
* When logging I/O, sudo now handles pty read/write returning ENXIO,
as seen on FreeBSD when the login session has been killed.
Major changes between sudo 1.7.4b3 and 1.7.4b4:
* Documentation updates.
* If pam is in use, wait until the process has finished before closing
the PAM session.
* The WHATSNEW file has been renamed to NEWS.
* Compilation fix for mkstemps.c on some systems.
Major changes between sudo 1.7.4b2 and 1.7.4b3:
* The tty_tickets option is now on by default.
* Fixed a problem in the restoration of the AIX authdb registry setting.
Major changes between sudo 1.7.4b1 and 1.7.4b2:
* Visudo will now treat an unrecognized Defaults entry as a parse
error (sudo will warn but still run).
* The HOME and MAIL environment variables are now reset based on
the target user's password database entry when the env_reset
sudoers option is enabled (which is the case in the default
configuration). Users wishing to preserve the original values
should use a sudoers entry like:
Defaults env_keep += HOME
to preserve the old value of HOME and
Defaults env_keep += MAIL
to preserve the old value of MAIL.
* Fixed a build problem with boottime.c on some systems.
Major changes between sudo 1.7.3 and 1.7.4b1:
* Sudoedit will now preserve the file extension in the name of the
temporary file being edited. The extension is used by some
editors (such as emacs) to choose the editing mode.
* Time stamp files have moved from /var/run/sudo to either /var/db/sudo,
/var/lib/sudo or /var/adm/sudo. The directories are checked for
existence in that order. This prevents users from receiving the
sudo lecture every time the system reboots. Time stamp files older
than the boot time are ignored on systems where it is possible to
* Ancillary documentation (README files, LICENSE, etc) is now installed
in a sudo documentation directory.
* Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile"
* Defaults settings that are tied to a user, host or command may
now include the negation operator. For example:
will match any user but millert.
* The default PATH environment variable, used when no PATH variable
exists, now includes /usr/sbin and /sbin.
* Sudo now uses polypkg (http://rc.quest.com/topics/polypkg/)
for cross-platform packing.
* On Linux, sudo will now restore the nproc resource limit before
executing a command, unless the limit appears to have been modified
by pam_limits. This avoids a problem with bash scripts that open
more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX)
will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1).
More information about the sudo-workers