[sudo-workers] sudo 1.8.23b2 released
Todd C. Miller
Todd.Miller at sudo.ws
Fri Mar 30 06:31:02 MDT 2018
The second beta version of sudo 1.8.23 is now available. In addition
to bug fixes, sudo 1.8.23 introduces the cvtsudoers utility which
can convert between sudoers formats and perform some basic filtering.
Source:
https://www.sudo.ws/sudo/dist/beta/sudo-1.8.23b2.tar.gz
ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.23b2.tar.gz
SHA256 checksum:
7a4e1caafea918eb51fc599d49c36090e13dfbf321bbe562b6290dbb89d049d7
MD5 checksum:
389e502e3ef3ac6aa1929dc1c2960acf
Binary packages:
https://www.sudo.ws/sudo/dist/beta/packages/index.html#binary
For a list of download mirror sites, see:
https://www.sudo.ws/sudo/download_mirrors.html
Sudo web site:
https://www.sudo.ws/sudo/
Sudo web site mirrors:
https://www.sudo.ws/sudo/mirrors.html
Major changes between sudo 1.8.23b2 and 1.8.23b1:
* Fixed a bug on some systems where sudo could hang on command
exit when I/O logging was enabled. Bug #826.
* The cvtsudoers utility has gained an option to control what type
of Defaults entries are translated.
* The sudoers.ldap manual now has a section on converting from
file-based sudoers to LDAP-based.
Major changes between sudo 1.8.23b1 and 1.8.22:
* PAM account management modules and BSD auto approval modules are
now run even when no password is required.
* For kernel-based time stamps, if no terminal is present, fall
back to parent-pid style time stamps.
* The new cvtsudoers utility replaces both the "sudoers2ldif" script
and the "visudo -x" functionality. It can read a file in either
sudoers or LDIF format and produce JSON, LDIF or sudoers output.
It is also possible to filter the generated output file by user,
group or host name.
* The file, ldap and sss sudoers backends now share a common set
of formatting functions for "sudo -l" output, which is also used
by the cvtsudoers utility.
* The /run directory is now used in preference to /var/run if it
exists. Bug #822.
* More accurate descriptions of the --with-rundir and --with-vardir
configure options. Bug #823.
* The setpassent() and setgroupent() functions are now used on systems
that support them to keep the passwd and group database open.
Sudo performs a lot of passwd and group lookups so it can be
beneficial to avoid opening and closing the files each time.
* The new case_insensitive_user and case_insensitive_group sudoers
options can be used to control whether sudo does case-sensitive
matching of users and groups in sudoers. Case insensitive
matching is now the default.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://www.sudo.ws/pipermail/sudo-workers/attachments/20180330/ac5fdb48/attachment.bin>
More information about the sudo-workers
mailing list