[sudo-workers] sudo 1.8.5rc2 available
Todd C. Miller
Todd.Miller at courtesan.com
Mon Apr 16 14:58:42 EDT 2012
The second release candidate for sudo 1.8.5 is now available.
Source:
http://www.sudo.ws/sudo/dist/beta/sudo-1.8.5rc2.tar.gz
ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.5rc2.tar.gz
Binary packages:
http://www.sudo.ws/sudo/dist/beta/packages/index.html
Major changes between sudo 1.8.5rc2 and 1.8.5rc1:
* On Solaris, and possibly other SV4-derived systems, sudo now
uses the minor() function prototyped in mkdev.h instead of the
obsolete macro present in sysmacros.h.
Major changes between sudo 1.8.5rc1 and 1.8.5b8:
* The Linux tty lookup code now uses the /proc/pid/stat file when
possible.
* New Croatian and Galician translations from translationproject.org
* The process id, parent process id, process group id, session id and
terminal process group id are now passed in to the plugin.
Major changes between sudo 1.8.5b8 and 1.8.5b7:
* Check for SVR4-style struct psinfo.pr_ttydev and use that to
determine the tty if stdin/stdout/stderr are not ttys.
Major changes between sudo 1.8.5b7 and 1.8.5b6:
* Sudo now behaves better when select() fails due to the pty being
revoked. An error of EIO (seen on older versions of Solaris)
from select() is now treated the same as EBADF.
* Sudo now opens devices in non-blocking mode when trying to
determine the user's terminal.
* Fixed the AIX-specific permission setting code.
* The -k option may now be specified along with the -i or -s
options.
* Don't do tilde or brace expansion when glob() is in use. This
matches the historic behavior when fnmatch() was used.
* Fixed printing of the TSID field in sudoreplay -l output.
* The process ID is now included in the debug file output.
Major changes between sudo 1.8.5b6 and 1.8.5b5:
* Sudo now behaves properly on systems that send SIGTSTP before
SIGHUP when the user's pty is revoked. This can happen when the
window the session is running in is killed.
Major changes between sudo 1.8.5b5 and 1.8.5b4:
* Sudo can now detect when a user has logged out and back in
again on Solaris 11 when tty-based time stamps are in use.
* When debugging is enabled, calls to warning() or error() will
now log the error string to the debug file. The function, file
and line number are also logger for warning(), warningx(), error()
and errorx().
* Fixed a bug where sudo would exit before calling the plugin
close function when select() returns an error due to the
terminal device being invalidated when the session is closed.
This can happen when the window the session is running in is
killed.
Major changes between sudo 1.8.5b4 and 1.8.5b3:
* Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers
to sudo_noexec.c.
* Fix compat setutxent and endutxent macros for systems with
setutent() but not setutxent().
Major changes between sudo 1.8.5b3 and 1.8.5b2:
* Updated the bundled zlib to version 1.2.6.
* If the "timestampowner" user cannot be resolved, use ROOT_UID
instead of exiting with a fatal error.
* Fixed compiler warnings on some platforms.
* Fix parsing of Path askpass and Path noexec in sudo.conf.
* The cancel button on an askpass GUI program now exits the password
prompt loop on PAM systems.
* When initializing the environment for env_reset, start out with
the contents of /etc/environment on AIX and login.conf on BSD.
* Swedish sudo and sudoers translations from translationproject.org.
Major changes between sudo 1.8.5b2 and 1.8.5b1:
* Fixed a potential double free exposed by changes in 1.8.5b1.
Major changes between sudo 1.8.5b1 and 1.8.4p4:
* When "noexec" is enabled, sudo_noexec.so will now be prepended
to any existing LD_PRELOAD variable instead of replacing it.
* The user/group/mode checks on sudoers files have been relaxed.
As long as the file is owned by the sudoers uid, not world-writable
and not writable by a group other than the sudoers gid, the file
is considered OK. Note that visudo will still set the mode to
the value specified at configure time.
* It is now possible to specify the sudoers path, uid, gid and
file mode as options to the plugin in the sudo.conf file.
* Lithuanian and Vietnamese translations from translationproject.org.
* /etc/environment is no longer read directly on Linux systems
when PAM is used. Sudo now merges the PAM environment into the
user's environment which is typically set by the pam_env module.
* The plugin API has been extended in three ways. First, options
specified in sudo.conf after the plugin pathname are passed to
the plugin's open function. Second, sudo has limited support
for hooks that can be used by plugins. Currently, the hooks are
limited to environment handling functions. Third, the init_session
policy plugin function is passed a pointer to the user environment
which can be updated during session setup. The plugin API version
has been incremented to version 1.2. See the sudo_plugin manual
for more information.
More information about the sudo-workers
mailing list