[sudo-workers] sudo 1.8.24b1 released

Todd C. Miller Todd.Miller at sudo.ws
Sun Jul 1 21:11:13 MDT 2018

The first beta release candidate version of sudo 1.8.24 is now
available.  Sudo 1.8.24 builds on the changes in 1.8.23 to merge
the LDAP/SSSD and file-based lookup code.  This has allowed the
removal almost 1,500 lines of code from the LDAP and SSSD backends.

If you rely on the LDAP or SSSD backends, please do give the 1.8.24
beta a try if you are able to.


SHA256 checksum:
MD5 checksum:

Binary packages:

For a list of download mirror sites, see:

Sudo web site:

Sudo web site mirrors:

Major changes between sudo 1.8.24 and 1.8.23:

 * The LDAP and SSS back-ends now use the same rule evaluation code
   as the sudoers file backend.  This builds on the work in sudo
   1.8.23 where the formatting functions for "sudo -l" output were
   shared.  The handling of negated commands in SSS and LDAP is

 * Fixed a regression introduced in 1.8.23 where "sudo -i" could
   not be used in conjunction with --preserve-env=VARIABLE.  Bug #835

 * cvtsudoers can now parse base64-encoded attributes in LDIF files.

 * Random insults are now more random.

 * Fixed the noexec wordexp(3) test on FreeBSD.

 * Added SUDO_CONV_PREFER_TTY flag for conversation function to
   tell sudo to try writing to /dev/tty first. Can be used in
   conjunction with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.

 * Sudo now supports an arbitrary number of groups per user on
   Solaris.  Previously, only the first 64 groups were found.
   This should remove the need to set "max_groups" in sudo.conf.

 * Fixed typos in the OpenLDAP sudo schema.  Bugs #839 and #840.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://www.sudo.ws/pipermail/sudo-workers/attachments/20180701/5902676b/attachment.bin>

More information about the sudo-workers mailing list