From: Todd C. Miller Date: Sat, 15 Jun 1996 22:11:56 +0000 (+0000) Subject: updated X-Git-Tag: SUDO_1_5_0~162 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5e7c7dfb8a360761ebfa581d06996df557353504;p=sudo updated --- diff --git a/BUGS b/BUGS index 1efac89ed..f8d0ab554 100644 --- a/BUGS +++ b/BUGS @@ -3,12 +3,13 @@ Known bugs in sudo version 1.4 1) Sudo -l does not expand Command Aliases. -2) "make install-man" should substitute correct paths into man pages. +2) "make install-man" should substitute correct paths into the + man pages themselves. -3) When installing binaries and man pages, the Makefile should make the - directories if necesary. +3) Sudo should log when removing "dangerous" envariables. -4) Sudo should log when removing "dangerous" envariables. +4) User or host names that contain only uppercase alpha, numbers, and '_' + will be parsed as Aliases (Cmnd_Alias, Host_Alias, User_Alias). + There is no way to fix this in the current sudo. -5) Sudo cannot distinguish between an Alias name and an all-caps - host or user name. +5) '*' by itself in sudoers should not match an empty command list? diff --git a/TODO b/TODO index c7920b6dc..a5705eec4 100644 --- a/TODO +++ b/TODO @@ -50,5 +50,16 @@ TODO list 22) Sudo should not allow someone with a nil password to run commands. -23) configure should not check for -lcrypt if it has already been - added to SUDO_LIBS. +23) Overhaul testsudoers to use parse.o so we don't reimplement things. + +24) Make runas_user a struct "runas" with user and group components. + (make uid and gid too???) + +25) Make "sudo -l" output go into a dynamically-sized array that gets + printed if passwd is ok or none is required. + +26) Update docs wrt NOPASSWD, "runas" and wildcards in pathnames. + +27) Would be nice to use '!' in the runas list. + +28) Add -g group/gid option. diff --git a/TROUBLESHOOTING b/TROUBLESHOOTING index a0ccd3406..9022203f5 100644 --- a/TROUBLESHOOTING +++ b/TROUBLESHOOTING @@ -94,3 +94,16 @@ A) You need to uncomment the rule in Makefile (or Makefile.in) by default since sudo comes with a pre-flex'd parse.lex. May sure you are using flex version 2.5.2 or higher--the lex that came with your OS may not like parse.lex. + +Q) I have a user whose login name is all capital letters or + a mix or all capitals and numbers. When they try to run + sudo it says that they are not in the sudoers file but + they really are. What's wrong. +A) In sudo, a string consisting of all caps and numbers is + considered to be an Alias. Therefore, sudo will never treat + it as a username (or a hostname). There is no way to fix + this will the current sudoers syntax. + +Q) How keep sudo from asking for a password? +A) Use the 'NOPASSWD' reserved word right before the command list in + sudoers. See the sudoers man page and sample.sudoers for details.