authentication failure.
`+' prefix and checking whether the user is a member of any of
the returned netgroups.
+ * The mail_always sudoers option no longer sends mail for "sudo -l"
+ or "sudo -v" unless the user is unable to authenticate themselves.
+
What's new in Sudo 1.8.11p2
* Fixed a bug where dynamic shared objects loaded from a plugin
mail is configurable via the _\bm_\ba_\bi_\bl_\bt_\bo Defaults entry (described later) and
defaults to root.
- Note that mail will not be sent if an unauthorized user tries to run s\bsu\bud\bdo\bo
- with the -\b-l\bl or -\b-v\bv option. This allows users to determine for themselves
- whether or not they are allowed to use s\bsu\bud\bdo\bo.
+ Note that no mail will be sent if an unauthorized user tries to run s\bsu\bud\bdo\bo
+ with the -\b-l\bl or -\b-v\bv option unless there is an authentication error and
+ either the _\bm_\ba_\bi_\bl_\b__\ba_\bl_\bw_\ba_\by_\bs or _\bm_\ba_\bi_\bl_\b__\bb_\ba_\bd_\bp_\ba_\bs_\bs flags are enabled. This allows
+ users to determine for themselves whether or not they are allowed to use
+ s\bsu\bud\bdo\bo. All attempts to run s\bsu\bud\bdo\bo (successful or not) will be logged,
+ regardless of whether or not mail is sent.
If s\bsu\bud\bdo\bo is run by root and the SUDO_USER environment variable is set, the
_\bs_\bu_\bd_\bo_\be_\br_\bs policy will use this value to determine who the actual user is.
_\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt. The DISPLAY, PATH and TERM variables remain unchanged; HOME,
MAIL, SHELL, USER, and LOGNAME are set based on the target user. On AIX
(and Linux systems without PAM), the contents of _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt are
- also included. On BSD systems, if the _\bu_\bs_\be_\b__\bl_\bo_\bg_\bi_\bn_\bc_\bl_\ba_\bs_\bs option is enabled,
+ also included. On BSD systems, if the _\bu_\bs_\be_\b__\bl_\bo_\bg_\bi_\bn_\bc_\bl_\ba_\bs_\bs flag is enabled,
the _\bp_\ba_\bt_\bh and _\bs_\be_\bt_\be_\bn_\bv variables in _\b/_\be_\bt_\bc_\b/_\bl_\bo_\bg_\bi_\bn_\b._\bc_\bo_\bn_\bf are also applied. All
other environment variables are removed.
some people find it more convenient. This flag is _\bo_\bf_\bf
by default.
- mail_always Send mail to the _\bm_\ba_\bi_\bl_\bt_\bo user every time a user runs
- s\bsu\bud\bdo\bo. This flag is _\bo_\bf_\bf by default.
+ mail_always Send mail to the _\bm_\ba_\bi_\bl_\bt_\bo user every time a user attempts
+ to run a command via s\bsu\bud\bdo\bo. Mail will be sent for both
+ successful and unsuccessful attempts. No mail will be
+ sent if the user runs s\bsu\bud\bdo\bo with the -\b-l\bl or -\b-v\bv option
+ unless there is an authentication error. This flag is
+ _\bo_\bf_\bf by default.
mail_badpass Send mail to the _\bm_\ba_\bi_\bl_\bt_\bo user if the user running s\bsu\bud\bdo\bo
does not enter the correct password. If the command
file distributed with s\bsu\bud\bdo\bo or http://www.sudo.ws/license.html for
complete details.
-Sudo 1.8.12 December 4, 2014 Sudo 1.8.12
+Sudo 1.8.12 January 21, 2015 Sudo 1.8.12
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM sudoers.mdoc.in
.\"
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2014
+.\" Copyright (c) 1994-1996, 1998-2005, 2007-2015
.\" Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.TH "SUDOERS" "5" "December 4, 2014" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDOERS" "5" "January 21, 2015" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh
.if n .ad l
.SH "NAME"
(described later) and defaults to
\fR@mailto@\fR.
.PP
-Note that mail will not be sent if an unauthorized user tries to
-run
+Note that no mail will be sent if an unauthorized user tries to run
\fBsudo\fR
with the
\fB\-l\fR
or
\fB\-v\fR
-option.
+option unless there is an authentication error and
+either the
+\fImail_always\fR
+or
+\fImail_badpass\fR
+flags are enabled.
This allows users to
determine for themselves whether or not they are allowed to use
\fBsudo\fR.
+All attempts to run
+\fBsudo\fR
+(successful or not)
+will be logged, regardless of whether or not mail is sent.
.PP
If
\fBsudo\fR
included.
On BSD systems, if the
\fIuse_loginclass\fR
-option is
+flag is
enabled, the
\fIpath\fR
and
mail_always
Send mail to the
\fImailto\fR
-user every time a user runs
+user every time a user attempts to run a command via
\fBsudo\fR.
+Mail will be sent for both successful and unsuccessful attempts.
+No mail will be sent if the user runs
+\fBsudo\fR
+with the
+\fB\-l\fR
+or
+\fB\-v\fR
+option unless there is an authentication error.
This flag is
\fIoff\fR
by default.
.\"
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2014
+.\" Copyright (c) 1994-1996, 1998-2005, 2007-2015
.\" Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.Dd December 4, 2014
+.Dd January 21, 2015
.Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
(described later) and defaults to
.Li @mailto@ .
.Pp
-Note that mail will not be sent if an unauthorized user tries to
-run
+Note that no mail will be sent if an unauthorized user tries to run
.Nm sudo
with the
.Fl l
or
.Fl v
-option.
+option unless there is an authentication error and
+either the
+.Em mail_always
+or
+.Em mail_badpass
+flags are enabled.
This allows users to
determine for themselves whether or not they are allowed to use
.Nm sudo .
+All attempts to run
+.Nm sudo
+(successful or not)
+will be logged, regardless of whether or not mail is sent.
.Pp
If
.Nm sudo
included.
On BSD systems, if the
.Em use_loginclass
-option is
+flag is
enabled, the
.Em path
and
.It mail_always
Send mail to the
.Em mailto
-user every time a user runs
+user every time a user attempts to run a command via
.Nm sudo .
+Mail will be sent for both successful and unsuccessful attempts.
+No mail will be sent if the user runs
+.Nm sudo
+with the
+.Fl l
+or
+.Fl v
+option unless there is an authentication error.
This flag is
.Em off
by default.
SET(flags, SLOG_SEND_MAIL);
} else {
/* Command denied, auth failed; make sure we don't send mail twice. */
- if (def_mail_badpass && !should_mail(status))
+ if ((def_mail_badpass || def_mail_always) && !should_mail(status))
SET(flags, SLOG_SEND_MAIL);
/* Don't log the bad password message, we'll log a denial instead. */
SET(flags, SLOG_NO_LOG);
{
debug_decl(should_mail, SUDOERS_DEBUG_LOGGING)
+ /* Never send mail about the "sudo -l" and "sudo -v" pseudo-commands. */
+ if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST)))
+ debug_return_bool(false);
+
debug_return_bool(def_mail_always ||
(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
projects / sudo / commitdiff